SX_Cloud
/
space-android


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186
							/* ownCloud Android client application
 *   Copyright (C) 2011  Bartek Przybylski
 *
 *   This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 */
package com.owncloud.android.ui.dialog;

import java.io.IOException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import android.app.Dialog;
import android.content.Context;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.view.Window;
import android.widget.TextView;

import com.owncloud.android.R;
import com.owncloud.android.network.CertificateCombinedException;
import com.owncloud.android.network.OwnCloudClientUtils;
import com.owncloud.android.operations.RemoteOperationResult;

/**
 * Dialog to request the user about a certificate that could not be validated with the certificates store in the system.
 * 
 * @author David A. Velasco
 */
public class SslValidatorDialog extends Dialog {

    private final static String TAG = SslValidatorDialog.class.getSimpleName();

    private OnSslValidatorListener mListener;
    private CertificateCombinedException mException = null;
    private View mView;
    
    
    /**
     * Creates a new SslValidatorDialog to ask the user if an untrusted certificate from a server should
     * be trusted.
     * 
     * @param context       Android context where the dialog will live.
     * @param result        Result of a failed remote operation.
     * @param listener      Object to notice when the server certificate was added to the local certificates store.
     * @return              A new SslValidatorDialog instance, or NULL if the operation can not be recovered
     *                      by setting the certificate as reliable.
     */
    public static SslValidatorDialog newInstance(Context context, RemoteOperationResult result, OnSslValidatorListener listener) {
        if (result.isSslRecoverableException()) {
            SslValidatorDialog dialog = new SslValidatorDialog(context, listener);
            return dialog;
        } else {
            return null;
        }
    }

    /**
     * Private constructor. 
     * 
     * Instances have to be created through static {@link SslValidatorDialog#newInstance}.
     * 
     * @param context       Android context where the dialog will live
     * @param e             Exception causing the need of prompt the user about the server certificate.
     * @param listener      Object to notice when the server certificate was added to the local certificates store.
     */
    private SslValidatorDialog(Context context, OnSslValidatorListener listener) {
        super(context);
        mListener = listener;
    }
    
    
    /**
     * {@inheritDoc}
     */
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        requestWindowFeature(Window.FEATURE_NO_TITLE);
        mView = getLayoutInflater().inflate(R.layout.ssl_validator_layout, null);
        setContentView(mView); 
        
        mView.findViewById(R.id.ok).setOnClickListener( 
                new View.OnClickListener() {
                    @Override
                    public void onClick(View v) {
                        try {
                            saveServerCert();
                            dismiss();
                            if (mListener != null)
                                mListener.onSavedCertificate();
                            else
                                Log.d(TAG, "Nobody there to notify the certificate was saved");
                            
                        } catch (Exception e) {
                            dismiss();
                            if (mListener != null)
                                mListener.onFailedSavingCertificate();
                            Log.e(TAG, "Server certificate could not be saved in the known servers trust store ", e);
                        }
                    }
                });
        
        mView.findViewById(R.id.cancel).setOnClickListener(
                new View.OnClickListener() {
                    @Override
                    public void onClick(View v) {
                        cancel();
                    }
                });
    }
    
    
    public void updateResult(RemoteOperationResult result) {
        if (result.isSslRecoverableException()) {
            mException = (CertificateCombinedException) result.getException();
            
            /// clean
            ((TextView)mView.findViewById(R.id.reason_cert_not_trusted)).setVisibility(View.GONE);
            ((TextView)mView.findViewById(R.id.reason_cert_expired)).setVisibility(View.GONE);
            ((TextView)mView.findViewById(R.id.reason_cert_not_yet_valid)).setVisibility(View.GONE);
            ((TextView)mView.findViewById(R.id.reason_hostname_not_verified)).setVisibility(View.GONE);
            ((TextView)mView.findViewById(R.id.subject)).setVisibility(View.GONE);

            /// refresh
            if (mException.getCertPathValidatorException() != null) {
                ((TextView)mView.findViewById(R.id.reason_cert_not_trusted)).setVisibility(View.VISIBLE);
            }
            
            if (mException.getCertificateExpiredException() != null) {
                ((TextView)mView.findViewById(R.id.reason_cert_expired)).setVisibility(View.VISIBLE);
            }
            
            if (mException.getCertificateNotYetValidException() != null) {
                ((TextView)mView.findViewById(R.id.reason_cert_not_yet_valid)).setVisibility(View.VISIBLE);
            } 

            if (mException.getSslPeerUnverifiedException() != null ) {
                ((TextView)mView.findViewById(R.id.reason_hostname_not_verified)).setVisibility(View.VISIBLE);
            }
            
            
            showCertificateData(mException.getServerCertificate());
        }
        
    }
    
    private void showCertificateData(X509Certificate cert) {
        TextView subject = (TextView)mView.findViewById(R.id.subject);
        if (cert != null) {
            String text = cert.getSubjectDN().getName();
            text = text.substring(text.indexOf(",") + 1);
            subject.setVisibility(View.VISIBLE);
            subject.setText(text);
        } else {
            // this should not happen
            subject.setText(R.string.ssl_validator_certificate_not_available);
        }
    }

    private void saveServerCert() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        if (mException.getServerCertificate() != null) {
            OwnCloudClientUtils.addCertToKnownServersStore(mException.getServerCertificate(), getContext());
        }
    }

    
    public interface OnSslValidatorListener {
        public void onSavedCertificate();
        public void onFailedSavingCertificate();
    }
}