X-Git-Url: https://gitweb.stoutner.com/?p=PrivacyBrowserAndroid.git;a=blobdiff_plain;f=app%2Fsrc%2Fmain%2Fjava%2Fcom%2Fstoutner%2Fprivacybrowser%2Fhelpers%2FCheckPinnedMismatchHelper.kt;fp=app%2Fsrc%2Fmain%2Fjava%2Fcom%2Fstoutner%2Fprivacybrowser%2Fhelpers%2FCheckPinnedMismatchHelper.kt;h=8fa8369fc365e0ae192d60655e6c8a948c662888;hp=0000000000000000000000000000000000000000;hb=38919c77d15eeacbee96ab337afc62b30ddc74ca;hpb=333ec579b52efbfbad89e0150c7c320822ba9ecf diff --git a/app/src/main/java/com/stoutner/privacybrowser/helpers/CheckPinnedMismatchHelper.kt b/app/src/main/java/com/stoutner/privacybrowser/helpers/CheckPinnedMismatchHelper.kt new file mode 100644 index 00000000..8fa8369f --- /dev/null +++ b/app/src/main/java/com/stoutner/privacybrowser/helpers/CheckPinnedMismatchHelper.kt @@ -0,0 +1,136 @@ +/* + * Copyright © 2018-2019,2021-2022 Soren Stoutner . + * + * This file is part of Privacy Browser Android . + * + * Privacy Browser Android is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Privacy Browser Android is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Privacy Browser Android. If not, see . + */ +package com.stoutner.privacybrowser.helpers + +import android.app.Activity + +import androidx.fragment.app.DialogFragment +import androidx.fragment.app.FragmentManager + +import com.stoutner.privacybrowser.R +import com.stoutner.privacybrowser.activities.MainWebViewActivity +import com.stoutner.privacybrowser.dataclasses.PendingDialog +import com.stoutner.privacybrowser.dialogs.PinnedMismatchDialog.Companion.displayDialog +import com.stoutner.privacybrowser.views.NestedScrollWebView + +import java.lang.Exception + +import java.util.Date + +object CheckPinnedMismatchHelper { + @JvmStatic + fun checkPinnedMismatch(activity: Activity, fragmentManager: FragmentManager, nestedScrollWebView: NestedScrollWebView) { + // Initialize the current SSL certificate variables. + var currentWebsiteIssuedToCName = "" + var currentWebsiteIssuedToOName = "" + var currentWebsiteIssuedToUName = "" + var currentWebsiteIssuedByCName = "" + var currentWebsiteIssuedByOName = "" + var currentWebsiteIssuedByUName = "" + var currentWebsiteSslStartDate: Date? = null + var currentWebsiteSslEndDate: Date? = null + + // Initialize the pinned SSL certificate variables. + var pinnedSslIssuedToCName = "" + var pinnedSslIssuedToOName = "" + var pinnedSslIssuedToUName = "" + var pinnedSslIssuedByCName = "" + var pinnedSslIssuedByOName = "" + var pinnedSslIssuedByUName = "" + var pinnedSslStartDate: Date? = null + var pinnedSslEndDate: Date? = null + + // Get the current website SSL certificate. + val currentWebsiteSslCertificate = nestedScrollWebView.certificate + + // Extract the individual pieces of information from the current website SSL certificate if it is not null. + if (currentWebsiteSslCertificate != null) { + currentWebsiteIssuedToCName = currentWebsiteSslCertificate.issuedTo.cName + currentWebsiteIssuedToOName = currentWebsiteSslCertificate.issuedTo.oName + currentWebsiteIssuedToUName = currentWebsiteSslCertificate.issuedTo.uName + currentWebsiteIssuedByCName = currentWebsiteSslCertificate.issuedBy.cName + currentWebsiteIssuedByOName = currentWebsiteSslCertificate.issuedBy.oName + currentWebsiteIssuedByUName = currentWebsiteSslCertificate.issuedBy.uName + currentWebsiteSslStartDate = currentWebsiteSslCertificate.validNotBeforeDate + currentWebsiteSslEndDate = currentWebsiteSslCertificate.validNotAfterDate + } + + // Get the pinned SSL certificate information if it exists. + if (nestedScrollWebView.hasPinnedSslCertificate()) { + // Get the pinned SSL certificate. + val pinnedSslCertificatePair = nestedScrollWebView.getPinnedSslCertificate() + + // Extract the arrays from the array list. + val pinnedSslCertificateStringArray = pinnedSslCertificatePair.first + val pinnedSslCertificateDateArray = pinnedSslCertificatePair.second + + // Populate the pinned SSL certificate string variables. + pinnedSslIssuedToCName = pinnedSslCertificateStringArray[0] + pinnedSslIssuedToOName = pinnedSslCertificateStringArray[1] + pinnedSslIssuedToUName = pinnedSslCertificateStringArray[2] + pinnedSslIssuedByCName = pinnedSslCertificateStringArray[3] + pinnedSslIssuedByOName = pinnedSslCertificateStringArray[4] + pinnedSslIssuedByUName = pinnedSslCertificateStringArray[5] + + // Populate the pinned SSL certificate date variables. + pinnedSslStartDate = pinnedSslCertificateDateArray[0] + pinnedSslEndDate = pinnedSslCertificateDateArray[1] + } + + // Initialize string variables to store the SSL certificate dates. Strings are needed to compare the values below, which doesn't work with dates if the first one is null. + var currentWebsiteSslStartDateString = "" + var currentWebsiteSslEndDateString = "" + var pinnedSslStartDateString = "" + var pinnedSslEndDateString = "" + + // Convert the dates to strings if they are not null. + if (currentWebsiteSslStartDate != null) { + currentWebsiteSslStartDateString = currentWebsiteSslStartDate.toString() + } + if (currentWebsiteSslEndDate != null) { + currentWebsiteSslEndDateString = currentWebsiteSslEndDate.toString() + } + if (pinnedSslStartDate != null) { + pinnedSslStartDateString = pinnedSslStartDate.toString() + } + if (pinnedSslEndDate != null) { + pinnedSslEndDateString = pinnedSslEndDate.toString() + } + + // Check to see if the pinned information matches the current information. + if (((nestedScrollWebView.pinnedIpAddresses != "") && (nestedScrollWebView.currentIpAddresses != nestedScrollWebView.pinnedIpAddresses)) || + (nestedScrollWebView.hasPinnedSslCertificate() && ((currentWebsiteIssuedToCName != pinnedSslIssuedToCName) || + (currentWebsiteIssuedToOName != pinnedSslIssuedToOName) || (currentWebsiteIssuedToUName != pinnedSslIssuedToUName) || + (currentWebsiteIssuedByCName != pinnedSslIssuedByCName) || (currentWebsiteIssuedByOName != pinnedSslIssuedByOName) || + (currentWebsiteIssuedByUName != pinnedSslIssuedByUName) || (currentWebsiteSslStartDateString != pinnedSslStartDateString) || + (currentWebsiteSslEndDateString != pinnedSslEndDateString)))) { + // Get a handle for the pinned mismatch alert dialog. + val pinnedMismatchDialogFragment: DialogFragment = displayDialog(nestedScrollWebView.webViewFragmentId) + + // Try to show the dialog. Sometimes the window is not active. + try { + // Show the pinned mismatch alert dialog. + pinnedMismatchDialogFragment.show(fragmentManager, activity.getString(R.string.pinned_mismatch)) + } catch (exception: Exception) { + // Add the dialog to the pending dialog array list. It will be displayed in `onStart()`. + MainWebViewActivity.pendingDialogsArrayList.add(PendingDialog(pinnedMismatchDialogFragment, activity.getString(R.string.pinned_mismatch))) + } + } + } +} \ No newline at end of file