app/src/main/java/com/stoutner/privacybrowser/helpers/CheckPinnedMismatchHelper.kt

   1 /*
   2  * Copyright © 2018-2019,2021-2022 Soren Stoutner <soren@stoutner.com>.
   3  *
   4  * This file is part of Privacy Browser Android <https://www.stoutner.com/privacy-browser-android>.
   5  *
   6  * Privacy Browser Android is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * Privacy Browser Android is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with Privacy Browser Android.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19 package com.stoutner.privacybrowser.helpers
  20
  21 import android.app.Activity
  22
  23 import androidx.fragment.app.DialogFragment
  24 import androidx.fragment.app.FragmentManager
  25
  26 import com.stoutner.privacybrowser.R
  27 import com.stoutner.privacybrowser.activities.MainWebViewActivity
  28 import com.stoutner.privacybrowser.dataclasses.PendingDialog
  29 import com.stoutner.privacybrowser.dialogs.PinnedMismatchDialog.Companion.displayDialog
  30 import com.stoutner.privacybrowser.views.NestedScrollWebView
  31
  32 import java.lang.Exception
  33
  34 import java.util.Date
  35
  36 object CheckPinnedMismatchHelper {
  37     @JvmStatic
  38     fun checkPinnedMismatch(activity: Activity, fragmentManager: FragmentManager, nestedScrollWebView: NestedScrollWebView) {
  39         // Initialize the current SSL certificate variables.
  40         var currentWebsiteIssuedToCName = ""
  41         var currentWebsiteIssuedToOName = ""
  42         var currentWebsiteIssuedToUName = ""
  43         var currentWebsiteIssuedByCName = ""
  44         var currentWebsiteIssuedByOName = ""
  45         var currentWebsiteIssuedByUName = ""
  46         var currentWebsiteSslStartDate: Date? = null
  47         var currentWebsiteSslEndDate: Date? = null
  48
  49         // Initialize the pinned SSL certificate variables.
  50         var pinnedSslIssuedToCName = ""
  51         var pinnedSslIssuedToOName = ""
  52         var pinnedSslIssuedToUName = ""
  53         var pinnedSslIssuedByCName = ""
  54         var pinnedSslIssuedByOName = ""
  55         var pinnedSslIssuedByUName = ""
  56         var pinnedSslStartDate: Date? = null
  57         var pinnedSslEndDate: Date? = null
  58
  59         // Get the current website SSL certificate.
  60         val currentWebsiteSslCertificate = nestedScrollWebView.certificate
  61
  62         // Extract the individual pieces of information from the current website SSL certificate if it is not null.
  63         if (currentWebsiteSslCertificate != null) {
  64             currentWebsiteIssuedToCName = currentWebsiteSslCertificate.issuedTo.cName
  65             currentWebsiteIssuedToOName = currentWebsiteSslCertificate.issuedTo.oName
  66             currentWebsiteIssuedToUName = currentWebsiteSslCertificate.issuedTo.uName
  67             currentWebsiteIssuedByCName = currentWebsiteSslCertificate.issuedBy.cName
  68             currentWebsiteIssuedByOName = currentWebsiteSslCertificate.issuedBy.oName
  69             currentWebsiteIssuedByUName = currentWebsiteSslCertificate.issuedBy.uName
  70             currentWebsiteSslStartDate = currentWebsiteSslCertificate.validNotBeforeDate
  71             currentWebsiteSslEndDate = currentWebsiteSslCertificate.validNotAfterDate
  72         }
  73
  74         // Get the pinned SSL certificate information if it exists.
  75         if (nestedScrollWebView.hasPinnedSslCertificate()) {
  76             // Get the pinned SSL certificate.
  77             val pinnedSslCertificatePair = nestedScrollWebView.getPinnedSslCertificate()
  78
  79             // Extract the arrays from the array list.
  80             val pinnedSslCertificateStringArray = pinnedSslCertificatePair.first
  81             val pinnedSslCertificateDateArray = pinnedSslCertificatePair.second
  82
  83             // Populate the pinned SSL certificate string variables.
  84             pinnedSslIssuedToCName = pinnedSslCertificateStringArray[0]
  85             pinnedSslIssuedToOName = pinnedSslCertificateStringArray[1]
  86             pinnedSslIssuedToUName = pinnedSslCertificateStringArray[2]
  87             pinnedSslIssuedByCName = pinnedSslCertificateStringArray[3]
  88             pinnedSslIssuedByOName = pinnedSslCertificateStringArray[4]
  89             pinnedSslIssuedByUName = pinnedSslCertificateStringArray[5]
  90
  91             // Populate the pinned SSL certificate date variables.
  92             pinnedSslStartDate = pinnedSslCertificateDateArray[0]
  93             pinnedSslEndDate = pinnedSslCertificateDateArray[1]
  94         }
  95
  96         // Initialize string variables to store the SSL certificate dates.  Strings are needed to compare the values below, which doesn't work with dates if the first one is null.
  97         var currentWebsiteSslStartDateString = ""
  98         var currentWebsiteSslEndDateString = ""
  99         var pinnedSslStartDateString = ""
 100         var pinnedSslEndDateString = ""
 101
 102         // Convert the dates to strings if they are not null.
 103         if (currentWebsiteSslStartDate != null) {
 104             currentWebsiteSslStartDateString = currentWebsiteSslStartDate.toString()
 105         }
 106         if (currentWebsiteSslEndDate != null) {
 107             currentWebsiteSslEndDateString = currentWebsiteSslEndDate.toString()
 108         }
 109         if (pinnedSslStartDate != null) {
 110             pinnedSslStartDateString = pinnedSslStartDate.toString()
 111         }
 112         if (pinnedSslEndDate != null) {
 113             pinnedSslEndDateString = pinnedSslEndDate.toString()
 114         }
 115
 116         // Check to see if the pinned information matches the current information.
 117         if (((nestedScrollWebView.pinnedIpAddresses != "") && (nestedScrollWebView.currentIpAddresses != nestedScrollWebView.pinnedIpAddresses)) ||
 118             (nestedScrollWebView.hasPinnedSslCertificate() && ((currentWebsiteIssuedToCName != pinnedSslIssuedToCName) ||
 119                     (currentWebsiteIssuedToOName != pinnedSslIssuedToOName) || (currentWebsiteIssuedToUName != pinnedSslIssuedToUName) ||
 120                     (currentWebsiteIssuedByCName != pinnedSslIssuedByCName) || (currentWebsiteIssuedByOName != pinnedSslIssuedByOName) ||
 121                     (currentWebsiteIssuedByUName != pinnedSslIssuedByUName) || (currentWebsiteSslStartDateString != pinnedSslStartDateString) ||
 122                     (currentWebsiteSslEndDateString != pinnedSslEndDateString)))) {
 123             // Get a handle for the pinned mismatch alert dialog.
 124             val pinnedMismatchDialogFragment: DialogFragment = displayDialog(nestedScrollWebView.webViewFragmentId)
 125
 126             // Try to show the dialog.  Sometimes the window is not active.
 127             try {
 128                 // Show the pinned mismatch alert dialog.
 129                 pinnedMismatchDialogFragment.show(fragmentManager, activity.getString(R.string.pinned_mismatch))
 130             } catch (exception: Exception) {
 131                 // Add the dialog to the pending dialog array list.  It will be displayed in `onStart()`.
 132                 MainWebViewActivity.pendingDialogsArrayList.add(PendingDialog(pinnedMismatchDialogFragment, activity.getString(R.string.pinned_mismatch)))
 133             }
 134         }
 135     }
 136 }