X-Git-Url: https://gitweb.stoutner.com/?p=PrivacyBrowserAndroid.git;a=blobdiff_plain;f=app%2Fsrc%2Fmain%2Fjava%2Fcom%2Fstoutner%2Fprivacybrowser%2Fdialogs%2FViewSslCertificateDialog.java;h=90a13271993f2cd24759d7a38c9535c69b833309;hp=67395b829f32853168b82e7d94a649a8e9744e70;hb=0a5d2eabceeafb49a957598538aa74d4f11dfce0;hpb=5bcf4ca90f27512b94fb7aca4fad37b4e4774655 diff --git a/app/src/main/java/com/stoutner/privacybrowser/dialogs/ViewSslCertificateDialog.java b/app/src/main/java/com/stoutner/privacybrowser/dialogs/ViewSslCertificateDialog.java index 67395b82..90a13271 100644 --- a/app/src/main/java/com/stoutner/privacybrowser/dialogs/ViewSslCertificateDialog.java +++ b/app/src/main/java/com/stoutner/privacybrowser/dialogs/ViewSslCertificateDialog.java @@ -1,5 +1,5 @@ /* - * Copyright © 2016-2017 Soren Stoutner . + * Copyright © 2016-2018 Soren Stoutner . * * This file is part of Privacy Browser . * @@ -25,12 +25,14 @@ import android.app.Dialog; import android.app.DialogFragment; import android.graphics.drawable.BitmapDrawable; import android.graphics.drawable.Drawable; +import android.net.Uri; import android.net.http.SslCertificate; import android.os.Bundle; import android.text.SpannableStringBuilder; import android.text.Spanned; import android.text.style.ForegroundColorSpan; import android.view.LayoutInflater; +import android.view.WindowManager; import android.widget.TextView; import com.stoutner.privacybrowser.activities.MainWebViewActivity; @@ -50,7 +52,7 @@ public class ViewSslCertificateDialog extends DialogFragment { // Create a drawable version of the favorite icon. Drawable favoriteIconDrawable = new BitmapDrawable(getResources(), MainWebViewActivity.favoriteIconBitmap); - // Use `AlertDialog.Builder` to create the `AlertDialog`. + // Use a builder to create the alert dialog. AlertDialog.Builder dialogBuilder; // Set the style according to the theme. @@ -63,7 +65,7 @@ public class ViewSslCertificateDialog extends DialogFragment { // Set the icon. dialogBuilder.setIcon(favoriteIconDrawable); - // Set an `onClick` listener on the negative button. Using `null` closes the dialog without doing anything else. + // Set a listener on the negative button. Using `null` as the listener closes the dialog without doing anything else. dialogBuilder.setNegativeButton(R.string.close, null); // Check to see if the website is encrypted. @@ -74,11 +76,17 @@ public class ViewSslCertificateDialog extends DialogFragment { // Set the Layout. The parent view is `null` because it will be assigned by `AlertDialog`. dialogBuilder.setView(layoutInflater.inflate(R.layout.unencrypted_website, null)); - // Create an `AlertDialog` from the `AlertDialog.Builder` + // Create an alert dialog from the alert dialog builder. final AlertDialog alertDialog = dialogBuilder.create(); - // Show `alertDialog`. - alertDialog.show(); + // Disable screenshots if not allowed. + if (!MainWebViewActivity.allowScreenshots) { + // Remove the warning below that `getWindow()` might be null. + assert alertDialog.getWindow() != null; + + // Disable screenshots. + alertDialog.getWindow().addFlags(WindowManager.LayoutParams.FLAG_SECURE); + } // `onCreateDialog` requires the return of an `AlertDialog`. return alertDialog; @@ -90,29 +98,46 @@ public class ViewSslCertificateDialog extends DialogFragment { // Set the layout. The parent view is `null` because it will be assigned by `AlertDialog`. dialogBuilder.setView(layoutInflater.inflate(R.layout.view_ssl_certificate, null)); - // Create an `AlertDialog` from the `AlertDialog.Builder` + // Create an alert dialog from the builder. final AlertDialog alertDialog = dialogBuilder.create(); - // We need to show the `AlertDialog` before we can modify items in the layout. + // Disable screenshots if not allowed. + if (!MainWebViewActivity.allowScreenshots) { + // Remove the warning below that `getWindow()` might be null. + assert alertDialog.getWindow() != null; + + // Disable screenshots. + alertDialog.getWindow().addFlags(WindowManager.LayoutParams.FLAG_SECURE); + } + + // The alert dialog must be shown before items in the layout can be modified. alertDialog.show(); // Get handles for the `TextViews`. - TextView issuedToCNameTextView = (TextView) alertDialog.findViewById(R.id.issued_to_cname); - TextView issuedToONameTextView = (TextView) alertDialog.findViewById(R.id.issued_to_oname); - TextView issuedToUNameTextView = (TextView) alertDialog.findViewById(R.id.issued_to_uname); - TextView issuedByCNameTextView = (TextView) alertDialog.findViewById(R.id.issued_by_cname); - TextView issuedByONameTextView = (TextView) alertDialog.findViewById(R.id.issued_by_oname); - TextView issuedByUNameTextView = (TextView) alertDialog.findViewById(R.id.issued_by_uname); - TextView startDateTextView = (TextView) alertDialog.findViewById(R.id.start_date); - TextView endDateTextView = (TextView) alertDialog.findViewById(R.id.end_date); + TextView domainTextView = alertDialog.findViewById(R.id.domain); + TextView issuedToCNameTextView = alertDialog.findViewById(R.id.issued_to_cname); + TextView issuedToONameTextView = alertDialog.findViewById(R.id.issued_to_oname); + TextView issuedToUNameTextView = alertDialog.findViewById(R.id.issued_to_uname); + TextView issuedByCNameTextView = alertDialog.findViewById(R.id.issued_by_cname); + TextView issuedByONameTextView = alertDialog.findViewById(R.id.issued_by_oname); + TextView issuedByUNameTextView = alertDialog.findViewById(R.id.issued_by_uname); + TextView startDateTextView = alertDialog.findViewById(R.id.start_date); + TextView endDateTextView = alertDialog.findViewById(R.id.end_date); // Setup the labels. + String domainLabel = getString(R.string.domain_label) + " "; String cNameLabel = getString(R.string.common_name) + " "; String oNameLabel = getString(R.string.organization) + " "; String uNameLabel = getString(R.string.organizational_unit) + " "; String startDateLabel = getString(R.string.start_date) + " "; String endDateLabel = getString(R.string.end_date) + " "; + // Parse `formattedUrlString` to a `URI`. + Uri uri = Uri.parse(MainWebViewActivity.formattedUrlString); + + // Extract the domain name from `uri`. + String domainString = uri.getHost(); + // Get the SSL certificate. SslCertificate sslCertificate = MainWebViewActivity.sslCertificate; @@ -127,6 +152,7 @@ public class ViewSslCertificateDialog extends DialogFragment { Date endDate = sslCertificate.getValidNotAfterDate(); // Create a `SpannableStringBuilder` for each `TextView` that needs multiple colors of text. + SpannableStringBuilder domainStringBuilder = new SpannableStringBuilder(domainLabel + domainString); SpannableStringBuilder issuedToCNameStringBuilder = new SpannableStringBuilder(cNameLabel + issuedToCNameString); SpannableStringBuilder issuedToONameStringBuilder = new SpannableStringBuilder(oNameLabel + issuedToONameString); SpannableStringBuilder issuedToUNameStringBuilder = new SpannableStringBuilder(uNameLabel + issuedToUNameString); @@ -151,8 +177,49 @@ public class ViewSslCertificateDialog extends DialogFragment { blueColorSpan = new ForegroundColorSpan(getResources().getColor(R.color.blue_700)); } - // Setup the spans to display the certificate information in blue. `SPAN_INCLUSIVE_INCLUSIVE` allows the span to grow in either direction. - issuedToCNameStringBuilder.setSpan(blueColorSpan, cNameLabel.length(), issuedToCNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); + // Formet the `domainString` and `issuedToCName` colors. + if (domainString.equals(issuedToCNameString)) { // `domainString` and `issuedToCNameString` match. + // Set the strings to be blue. + domainStringBuilder.setSpan(blueColorSpan, domainLabel.length(), domainStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); + issuedToCNameStringBuilder.setSpan(blueColorSpan, cNameLabel.length(), issuedToCNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); + } else if(issuedToCNameString.startsWith("*.")){ // `issuedToCNameString` begins with a wildcard. + // Remove the initial `*.`. + String baseCertificateDomain = issuedToCNameString.substring(2); + + // Setup a copy of `domainString` to test subdomains. + String domainStringSubdomain = domainString; + + // Initialize `domainNamesMatch`. + boolean domainNamesMatch = false; + + // Check all the subdomains in `domainStringSubdomain` against `baseCertificateDomain`. + while (!domainNamesMatch && domainStringSubdomain.contains(".")) { // Stop checking if we know that `domainNamesMatch` is `true` or if we run out of `.`. + // Test the `domainStringSubdomain` against `baseCertificateDomain`. + if (domainStringSubdomain.equals(baseCertificateDomain)) { + domainNamesMatch = true; + } + + // Strip out the lowest subdomain of `certificateCommonNameSubdomain`. + domainStringSubdomain = domainStringSubdomain.substring(domainStringSubdomain.indexOf(".") + 1); + } + + // Format the domain and issued to Common Name according to `domainNamesMatch`. + if (domainNamesMatch) { // `domainString` is a subdomain of the wildcard `issuedToCNameString`. + // Set the strings to be blue. + domainStringBuilder.setSpan(blueColorSpan, domainLabel.length(), domainStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); + issuedToCNameStringBuilder.setSpan(blueColorSpan, cNameLabel.length(), issuedToCNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); + } else { // `domainString` is not a subdomain of the wildcard `issuedToCNameString`. + // Set the string to be red. + domainStringBuilder.setSpan(redColorSpan, domainLabel.length(), domainStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); + issuedToCNameStringBuilder.setSpan(redColorSpan, cNameLabel.length(), issuedToCNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); + } + } else { // The strings do not match and `issuedToCNameString` does not begin with a wildcard. + // Set the strings to be red. + domainStringBuilder.setSpan(redColorSpan, domainLabel.length(), domainStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); + issuedToCNameStringBuilder.setSpan(redColorSpan, cNameLabel.length(), issuedToCNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); + } + + // Setup the issued to and issued by spans to display the certificate information in blue. `SPAN_INCLUSIVE_INCLUSIVE` allows the span to grow in either direction. issuedToONameStringBuilder.setSpan(blueColorSpan, oNameLabel.length(), issuedToONameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); issuedToUNameStringBuilder.setSpan(blueColorSpan, uNameLabel.length(), issuedToUNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); issuedByCNameStringBuilder.setSpan(blueColorSpan, cNameLabel.length(), issuedByCNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE); @@ -176,6 +243,7 @@ public class ViewSslCertificateDialog extends DialogFragment { } // Display the strings. + domainTextView.setText(domainStringBuilder); issuedToCNameTextView.setText(issuedToCNameStringBuilder); issuedToONameTextView.setText(issuedToONameStringBuilder); issuedToUNameTextView.setText(issuedToUNameStringBuilder);