From: Soren Stoutner <soren@stoutner.com>
Date: Fri, 21 Apr 2017 19:58:16 +0000 (-0700)
Subject: Display the package signature in About → Version.  Implements https://redmine.stoutne... 
X-Git-Tag: v2.2~9
X-Git-Url: https://gitweb.stoutner.com/?p=PrivacyBrowserAndroid.git;a=commitdiff_plain;h=3e3248fff3064cf70fc3680314bbd71bb8c72193

Display the package signature in About → Version.  Implements https://redmine.stoutner.com/issues/115.
---

diff --git a/app/src/free/assets/it/about_privacy_policy.html b/app/src/free/assets/it/about_privacy_policy.html
index 3ffe7bc9..4c85e37e 100644
--- a/app/src/free/assets/it/about_privacy_policy.html
+++ b/app/src/free/assets/it/about_privacy_policy.html
@@ -111,7 +111,7 @@
         <p>E' possibile inviare comunicazioni dirette a Stoutner, ad esempio email o commenti su <a href="https://www.stoutner.com/">stoutner.com</a>.</p>
 
 
-        <h3>Use of Information</h3>
+        <h3>Utilizzo delle informazioni</h3>
         <p><strong class="red">Stoutner si riserva l'utilizzo di queste informazioni come supporto per lo sviluppo di Privacy Browser, ovvero per la correzione di bug o lo sviluppo di nuove funzionalit&agrave;,
             con la possibilit&agrave; di condividerle con terze parti che forniscano assistenza per queste attivit&agrave;</strong>.
             <strong class="blue">Stoutner non rivender&agrave; o comunque non trasferir&agrave; mai nessuna informazione a terze parti che potrebbero utilizzarle a scopi pubblicitari o di marketing</strong>.</p>
diff --git a/app/src/main/assets/it/about_privacy_policy.html b/app/src/main/assets/it/about_privacy_policy.html
index 8384f223..ca728656 100644
--- a/app/src/main/assets/it/about_privacy_policy.html
+++ b/app/src/main/assets/it/about_privacy_policy.html
@@ -97,7 +97,7 @@
         <p>E' possibile inviare comunicazioni dirette a Stoutner, ad esempio email o commenti su <a href="https://www.stoutner.com/">stoutner.com</a>.</p>
 
 
-        <h3>Use of Information</h3>
+        <h3>Utilizzo delle informazioni</h3>
         <p><strong class="red">Stoutner si riserva l'utilizzo di queste informazioni come supporto per lo sviluppo di Privacy Browser, ovvero per la correzione di bug o lo sviluppo di nuove funzionalit&agrave;,
             con la possibilit&agrave; di condividerle con terze parti che forniscano assistenza per queste attivit&agrave;</strong>.
             <strong class="blue">Stoutner non rivender&agrave; o comunque non trasferir&agrave; mai nessuna informazione a terze parti che potrebbero utilizzarle a scopi pubblicitari o di marketing</strong>.</p>
diff --git a/app/src/main/java/com/stoutner/privacybrowser/fragments/AboutTabFragment.java b/app/src/main/java/com/stoutner/privacybrowser/fragments/AboutTabFragment.java
index fec8d70c..ad0708de 100644
--- a/app/src/main/java/com/stoutner/privacybrowser/fragments/AboutTabFragment.java
+++ b/app/src/main/java/com/stoutner/privacybrowser/fragments/AboutTabFragment.java
@@ -19,6 +19,9 @@
 
 package com.stoutner.privacybrowser.fragments;
 
+import android.annotation.SuppressLint;
+import android.content.pm.PackageManager;
+import android.content.pm.Signature;
 import android.os.Build;
 import android.os.Bundle;
 import android.support.v4.app.Fragment;
@@ -34,6 +37,16 @@ import android.widget.TextView;
 import com.stoutner.privacybrowser.BuildConfig;
 import com.stoutner.privacybrowser.R;
 
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.math.BigInteger;
+import java.security.Principal;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.text.DateFormat;
+import java.util.Date;
+
 public class AboutTabFragment extends Fragment {
     private int tabNumber;
 
@@ -77,7 +90,14 @@ public class AboutTabFragment extends Fragment {
             TextView versionBuildTextView = (TextView) tabLayout.findViewById(R.id.about_version_build);
             TextView versionSecurityPatchTextView = (TextView) tabLayout.findViewById(R.id.about_version_securitypatch);
             TextView versionWebKitTextView = (TextView) tabLayout.findViewById(R.id.about_version_webkit);
-            TextView versionChromeText = (TextView) tabLayout.findViewById(R.id.about_version_chrome);
+            TextView versionChromeTextView = (TextView) tabLayout.findViewById(R.id.about_version_chrome);
+            TextView certificateIssuerDNTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_issuer_dn);
+            TextView certificateSubjectDNTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_subject_dn);
+            TextView certificateStartDateTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_start_date);
+            TextView certificateEndDateTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_end_date);
+            TextView certificateVersionTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_version);
+            TextView certificateSerialNumberTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_serial_number);
+            TextView certificateSignatureAlgorithmTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_signature_algorithm);
 
             // Setup the labels.
             String version = getString(R.string.version) + " " + BuildConfig.VERSION_NAME + " (" + getString(R.string.version_code) + " " + Integer.toString(BuildConfig.VERSION_CODE) + ")";
@@ -90,6 +110,13 @@ public class AboutTabFragment extends Fragment {
             String buildLabel = getString(R.string.build) + "  ";
             String webKitLabel = getString(R.string.webkit) + "  ";
             String chromeLabel = getString(R.string.chrome) + "  ";
+            String issuerDNLabel = getString(R.string.issuer_dn) + "  ";
+            String subjectDNLabel = getString(R.string.subject_dn) + "  ";
+            String startDateLabel = getString(R.string.start_date) + "  ";
+            String endDateLabel = getString(R.string.end_date) + "  ";
+            String certificateVersionLabel = getString(R.string.certificate_version) + "  ";
+            String serialNumberLabel = getString(R.string.serial_number) + "  ";
+            String signatureAlgorithmLabel = getString(R.string.signature_algorithm) + "  ";
 
             // `webViewLayout` is only used to get the default user agent from `bare_webview`.  It is not used to render content on the screen.
             View webViewLayout = inflater.inflate(R.layout.bare_webview, container, false);
@@ -135,7 +162,7 @@ public class AboutTabFragment extends Fragment {
             webKitStringBuilder.setSpan(blueColorSpan, webKitLabel.length(), webKitStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
             chromeStringBuilder.setSpan(blueColorSpan, chromeLabel.length(), chromeStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
 
-            // Display the strings.
+            // Display the strings in the text boxes.
             versionNumberTextView.setText(version);
             versionBrandTextView.setText(brandStringBuilder);
             versionManufacturerTextView.setText(manufacturerStringBuilder);
@@ -145,7 +172,7 @@ public class AboutTabFragment extends Fragment {
             versionAndroidTextView.setText(androidStringBuilder);
             versionBuildTextView.setText(buildStringBuilder);
             versionWebKitTextView.setText(webKitStringBuilder);
-            versionChromeText.setText(chromeStringBuilder);
+            versionChromeTextView.setText(chromeStringBuilder);
 
             // Build.VERSION.SECURITY_PATCH is only available for SDK_INT >= 23.
             if (Build.VERSION.SDK_INT >= 23) {
@@ -167,6 +194,64 @@ public class AboutTabFragment extends Fragment {
             } else { // Hide `versionRadioTextView`.
                 versionRadioTextView.setVisibility(View.GONE);
             }
+
+            // Display the package signature.
+            try {
+                // Get the first package signature.  Suppress the lint warning about the need to be careful in implementing comparison of certificates for security purposes.
+                @SuppressLint("PackageManagerGetSignatures") Signature packageSignature = getContext().getPackageManager().getPackageInfo(getContext().getPackageName(), PackageManager.GET_SIGNATURES).signatures[0];
+
+                // Convert the signature to a `byte[]` `InputStream`.
+                InputStream certificateByteArrayInputStream = new ByteArrayInputStream(packageSignature.toByteArray());
+
+                // Display the certificate information on the screen.
+                try {
+                    // Instantiate a `CertificateFactory`.
+                    CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
+
+                    // Generate an `X509Certificate`.
+                    X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(certificateByteArrayInputStream);
+
+                    // Store the individual sections of the certificate that we are interested in.
+                    Principal issuerDNPrincipal = x509Certificate.getIssuerDN();
+                    Principal subjectDNPrincipal = x509Certificate.getSubjectDN();
+                    Date startDate = x509Certificate.getNotBefore();
+                    Date endDate = x509Certificate.getNotAfter();
+                    int certificateVersion = x509Certificate.getVersion();
+                    BigInteger serialNumberBigInteger = x509Certificate.getSerialNumber();
+                    String signatureAlgorithmNameString = x509Certificate.getSigAlgName();
+
+                    // Create a `SpannableStringBuilder` for each `TextView` that needs multiple colors of text.
+                    SpannableStringBuilder issuerDNStringBuilder = new SpannableStringBuilder(issuerDNLabel + issuerDNPrincipal.toString());
+                    SpannableStringBuilder subjectDNStringBuilder = new SpannableStringBuilder(subjectDNLabel + subjectDNPrincipal.toString());
+                    SpannableStringBuilder startDateStringBuilder = new SpannableStringBuilder(startDateLabel + DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.LONG).format(startDate));
+                    SpannableStringBuilder endDataStringBuilder = new SpannableStringBuilder(endDateLabel + DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.LONG).format(endDate));
+                    SpannableStringBuilder certificateVersionStringBuilder = new SpannableStringBuilder(certificateVersionLabel + certificateVersion);
+                    SpannableStringBuilder serialNumberStringBuilder = new SpannableStringBuilder(serialNumberLabel + serialNumberBigInteger);
+                    SpannableStringBuilder signatureAlgorithmStringBuilder = new SpannableStringBuilder(signatureAlgorithmLabel + signatureAlgorithmNameString);
+
+                    // Setup the spans to display the device information in blue.  `SPAN_INCLUSIVE_INCLUSIVE` allows the span to grow in either direction.
+                    issuerDNStringBuilder.setSpan(blueColorSpan, issuerDNLabel.length(), issuerDNStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
+                    subjectDNStringBuilder.setSpan(blueColorSpan, subjectDNLabel.length(), subjectDNStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
+                    startDateStringBuilder.setSpan(blueColorSpan, startDateLabel.length(), startDateStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
+                    endDataStringBuilder.setSpan(blueColorSpan, endDateLabel.length(), endDataStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
+                    certificateVersionStringBuilder.setSpan(blueColorSpan, certificateVersionLabel.length(), certificateVersionStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
+                    serialNumberStringBuilder.setSpan(blueColorSpan, serialNumberLabel.length(), serialNumberStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
+                    signatureAlgorithmStringBuilder.setSpan(blueColorSpan, signatureAlgorithmLabel.length(), signatureAlgorithmStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
+
+                    // Display the strings in the text boxes.
+                    certificateIssuerDNTextView.setText(issuerDNStringBuilder);
+                    certificateSubjectDNTextView.setText(subjectDNStringBuilder);
+                    certificateStartDateTextView.setText(startDateStringBuilder);
+                    certificateEndDateTextView.setText(endDataStringBuilder);
+                    certificateVersionTextView.setText(certificateVersionStringBuilder);
+                    certificateSerialNumberTextView.setText(serialNumberStringBuilder);
+                    certificateSignatureAlgorithmTextView.setText(signatureAlgorithmStringBuilder);
+                } catch (CertificateException e) {
+                    // Do nothing if there is a certificate error.
+                }
+            } catch (PackageManager.NameNotFoundException e) {
+                // Do nothing if `PackageManager` says Privacy Browser isn't installed.
+            }
         } else { // load a WebView for all the other tabs.  Tab numbers start at 0.
             // Setting false at the end of inflater.inflate does not attach the inflated layout as a child of container.
             // The fragment will take care of attaching the root automatically.
diff --git a/app/src/main/res/layout/about_tab_version.xml b/app/src/main/res/layout/about_tab_version.xml
index 586014d0..b94a7eda 100644
--- a/app/src/main/res/layout/about_tab_version.xml
+++ b/app/src/main/res/layout/about_tab_version.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 
 <!--
-  Copyright 2016 Soren Stoutner <soren@stoutner.com>.
+  Copyright 2016-2017 Soren Stoutner <soren@stoutner.com>.
 
   This file is part of Privacy Browser <https://www.stoutner.com/privacy-browser>.
 
@@ -148,6 +148,51 @@
                 android:id="@+id/about_version_chrome"
                 android:layout_width="wrap_content"
                 android:layout_height="wrap_content" />
+
+            <!-- Package Signature. -->
+            <TextView
+                android:layout_height="wrap_content"
+                android:layout_width="wrap_content"
+                android:text="@string/package_signature"
+                android:textStyle="bold"
+                android:textSize="18sp"
+                android:textColor="@color/blue_900"
+                android:paddingTop="12dp" />
+
+            <TextView
+                android:id="@+id/about_version_certificate_issuer_dn"
+                android:layout_height="wrap_content"
+                android:layout_width="wrap_content"/>
+
+            <TextView
+                android:id="@+id/about_version_certificate_subject_dn"
+                android:layout_height="wrap_content"
+                android:layout_width="wrap_content"/>
+
+            <TextView
+                android:id="@+id/about_version_certificate_start_date"
+                android:layout_height="wrap_content"
+                android:layout_width="wrap_content"/>
+
+            <TextView
+                android:id="@+id/about_version_certificate_end_date"
+                android:layout_height="wrap_content"
+                android:layout_width="wrap_content"/>
+
+            <TextView
+                android:id="@+id/about_version_certificate_version"
+                android:layout_height="wrap_content"
+                android:layout_width="wrap_content"/>
+
+            <TextView
+                android:id="@+id/about_version_certificate_serial_number"
+                android:layout_height="wrap_content"
+                android:layout_width="wrap_content"/>
+
+            <TextView
+                android:id="@+id/about_version_certificate_signature_algorithm"
+                android:layout_height="wrap_content"
+                android:layout_width="wrap_content"/>
         </LinearLayout>
     </LinearLayout>
 </ScrollView>
\ No newline at end of file
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 0366367c..f8dcdb2f 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -377,6 +377,12 @@
             <string name="security_patch">Security Patch:</string>
             <string name="webkit">WebKit:</string>
             <string name="chrome">Chrome:</string>
+        <string name="package_signature">Package Signature</string>
+            <string name="issuer_dn">Issuer DN:</string>
+            <string name="subject_dn">Subject DN:</string>
+            <string name="certificate_version">Certificate Version:</string>
+            <string name="serial_number">Serial Number:</string>
+            <string name="signature_algorithm">Signature Algorithm:</string>
     <string name="permissions">Permissions</string>
     <string name="privacy_policy">Privacy Policy</string>
     <string name="changelog">Changelog</string>