src/com/owncloud/android/ui/dialog/SslValidatorDialog.java

   1 /* ownCloud Android client application
   2  *   Copyright (C) 2011  Bartek Przybylski
   3  *
   4  *   This program is free software: you can redistribute it and/or modify
   5  *   it under the terms of the GNU General Public License as published by
   6  *   the Free Software Foundation, either version 3 of the License, or
   7  *   (at your option) any later version.
   8  *
   9  *   This program is distributed in the hope that it will be useful,
  10  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  *   GNU General Public License for more details.
  13  *
  14  *   You should have received a copy of the GNU General Public License
  15  *   along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16  *
  17  */
  18 package com.owncloud.android.ui.dialog;
  19
  20 import java.io.IOException;
  21 import java.security.KeyStoreException;
  22 import java.security.NoSuchAlgorithmException;
  23 import java.security.cert.CertificateException;
  24 import java.security.cert.X509Certificate;
  25
  26 import android.app.Dialog;
  27 import android.content.Context;
  28 import android.os.Bundle;
  29 import android.util.Log;
  30 import android.view.View;
  31 import android.view.Window;
  32 import android.widget.TextView;
  33
  34 import com.owncloud.android.R;
  35 import com.owncloud.android.network.CertificateCombinedException;
  36 import com.owncloud.android.network.OwnCloudClientUtils;
  37 import com.owncloud.android.operations.RemoteOperationResult;
  38
  39 /**
  40  * Dialog to request the user about a certificate that could not be validated with the certificates store in the system.
  41  *
  42  * @author David A. Velasco
  43  */
  44 public class SslValidatorDialog extends Dialog {
  45
  46     private final static String TAG = SslValidatorDialog.class.getSimpleName();
  47
  48     private OnSslValidatorListener mListener;
  49     private CertificateCombinedException mException = null;
  50     private View mView;
  51
  52
  53     /**
  54      * Creates a new SslValidatorDialog to ask the user if an untrusted certificate from a server should
  55      * be trusted.
  56      *
  57      * @param context       Android context where the dialog will live.
  58      * @param result        Result of a failed remote operation.
  59      * @param listener      Object to notice when the server certificate was added to the local certificates store.
  60      * @return              A new SslValidatorDialog instance, or NULL if the operation can not be recovered
  61      *                      by setting the certificate as reliable.
  62      */
  63     public static SslValidatorDialog newInstance(Context context, RemoteOperationResult result, OnSslValidatorListener listener) {
  64         if (result.isSslRecoverableException()) {
  65             SslValidatorDialog dialog = new SslValidatorDialog(context, listener);
  66             return dialog;
  67         } else {
  68             return null;
  69         }
  70     }
  71
  72     /**
  73      * Private constructor.
  74      *
  75      * Instances have to be created through static {@link SslValidatorDialog#newInstance}.
  76      *
  77      * @param context       Android context where the dialog will live
  78      * @param e             Exception causing the need of prompt the user about the server certificate.
  79      * @param listener      Object to notice when the server certificate was added to the local certificates store.
  80      */
  81     private SslValidatorDialog(Context context, OnSslValidatorListener listener) {
  82         super(context);
  83         mListener = listener;
  84     }
  85
  86
  87     /**
  88      * {@inheritDoc}
  89      */
  90     protected void onCreate(Bundle savedInstanceState) {
  91         super.onCreate(savedInstanceState);
  92         requestWindowFeature(Window.FEATURE_NO_TITLE);
  93         mView = getLayoutInflater().inflate(R.layout.ssl_validator_layout, null);
  94         setContentView(mView);
  95
  96         mView.findViewById(R.id.ok).setOnClickListener(
  97                 new View.OnClickListener() {
  98                     @Override
  99                     public void onClick(View v) {
 100                         try {
 101                             saveServerCert();
 102                             dismiss();
 103                             if (mListener != null)
 104                                 mListener.onSavedCertificate();
 105                             else
 106                                 Log.d(TAG, "Nobody there to notify the certificate was saved");
 107
 108                         } catch (Exception e) {
 109                             dismiss();
 110                             if (mListener != null)
 111                                 mListener.onFailedSavingCertificate();
 112                             Log.e(TAG, "Server certificate could not be saved in the known servers trust store ", e);
 113                         }
 114                     }
 115                 });
 116
 117         mView.findViewById(R.id.cancel).setOnClickListener(
 118                 new View.OnClickListener() {
 119                     @Override
 120                     public void onClick(View v) {
 121                         cancel();
 122                     }
 123                 });
 124     }
 125
 126
 127     public void updateResult(RemoteOperationResult result) {
 128         mException = result.getSslRecoverableException();
 129         if (mException != null) {
 130             // "clean" view
 131             ((TextView)mView.findViewById(R.id.reason_cert_not_trusted)).setVisibility(View.GONE);
 132             ((TextView)mView.findViewById(R.id.reason_cert_expired)).setVisibility(View.GONE);
 133             ((TextView)mView.findViewById(R.id.reason_cert_not_yet_valid)).setVisibility(View.GONE);
 134             ((TextView)mView.findViewById(R.id.reason_hostname_not_verified)).setVisibility(View.GONE);
 135             ((TextView)mView.findViewById(R.id.subject)).setVisibility(View.GONE);
 136
 137             if (mException.getCertPathValidatorException() != null) {
 138                 ((TextView)mView.findViewById(R.id.reason_cert_not_trusted)).setVisibility(View.VISIBLE);
 139             }
 140
 141             if (mException.getCertificateExpiredException() != null) {
 142                 ((TextView)mView.findViewById(R.id.reason_cert_expired)).setVisibility(View.VISIBLE);
 143             }
 144
 145             if (mException.getCertificateNotYetValidException() != null) {
 146                 ((TextView)mView.findViewById(R.id.reason_cert_not_yet_valid)).setVisibility(View.VISIBLE);
 147             }
 148
 149             if (mException.getSslPeerUnverifiedException() != null ) {
 150                 ((TextView)mView.findViewById(R.id.reason_hostname_not_verified)).setVisibility(View.VISIBLE);
 151             }
 152
 153
 154             showCertificateData(mException.getServerCertificate());
 155         }
 156
 157     }
 158
 159     private void showCertificateData(X509Certificate cert) {
 160         TextView subject = (TextView)mView.findViewById(R.id.subject);
 161         if (cert != null) {
 162             String text = cert.getSubjectDN().getName();
 163             text = text.substring(text.indexOf(",") + 1);
 164             subject.setVisibility(View.VISIBLE);
 165             subject.setText(text);
 166         }
 167     }
 168
 169     private void saveServerCert() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
 170         if (mException.getServerCertificate() != null) {
 171             OwnCloudClientUtils.addCertToKnownServersStore(mException.getServerCertificate(), getContext());
 172         }
 173     }
 174
 175
 176     public interface OnSslValidatorListener {
 177         public void onSavedCertificate();
 178         public void onFailedSavingCertificate();
 179     }
 180 }
 181