Display the package signature in About → Version. Implements https://redmine.stoutne...
[PrivacyBrowser.git] / app / src / main / java / com / stoutner / privacybrowser / fragments / AboutTabFragment.java
1 /*
2  * Copyright 2016-2017 Soren Stoutner <soren@stoutner.com>.
3  *
4  * This file is part of Privacy Browser <https://www.stoutner.com/privacy-browser>.
5  *
6  * Privacy Browser is free software: you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation, either version 3 of the License, or
9  * (at your option) any later version.
10  *
11  * Privacy Browser is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with Privacy Browser.  If not, see <http://www.gnu.org/licenses/>.
18  */
19
20 package com.stoutner.privacybrowser.fragments;
21
22 import android.annotation.SuppressLint;
23 import android.content.pm.PackageManager;
24 import android.content.pm.Signature;
25 import android.os.Build;
26 import android.os.Bundle;
27 import android.support.v4.app.Fragment;
28 import android.text.SpannableStringBuilder;
29 import android.text.Spanned;
30 import android.text.style.ForegroundColorSpan;
31 import android.view.LayoutInflater;
32 import android.view.View;
33 import android.view.ViewGroup;
34 import android.webkit.WebView;
35 import android.widget.TextView;
36
37 import com.stoutner.privacybrowser.BuildConfig;
38 import com.stoutner.privacybrowser.R;
39
40 import java.io.ByteArrayInputStream;
41 import java.io.InputStream;
42 import java.math.BigInteger;
43 import java.security.Principal;
44 import java.security.cert.CertificateException;
45 import java.security.cert.CertificateFactory;
46 import java.security.cert.X509Certificate;
47 import java.text.DateFormat;
48 import java.util.Date;
49
50 public class AboutTabFragment extends Fragment {
51     private int tabNumber;
52
53     // `AboutTabFragment.createTab` stores the tab number in the bundle arguments so it can be referenced from `onCreate()`.
54     public static AboutTabFragment createTab(int tab) {
55         Bundle thisTabArguments = new Bundle();
56         thisTabArguments.putInt("Tab", tab);
57
58         AboutTabFragment thisTab = new AboutTabFragment();
59         thisTab.setArguments(thisTabArguments);
60         return thisTab;
61     }
62
63     @Override
64     public void onCreate(Bundle savedInstanceState) {
65         super.onCreate(savedInstanceState);
66
67         // Store the tab number in `tabNumber`.
68         tabNumber = getArguments().getInt("Tab");
69     }
70
71     @Override
72     public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) {
73         View tabLayout;
74
75         // Load the tabs.  Tab numbers start at 0.
76         if (tabNumber == 0) {  // Load the about tab.
77             // Setting false at the end of inflater.inflate does not attach the inflated layout as a child of container.
78             // The fragment will take care of attaching the root automatically.
79             tabLayout = inflater.inflate(R.layout.about_tab_version, container, false);
80
81             // Get handles for the `TextViews`.
82             TextView versionNumberTextView = (TextView) tabLayout.findViewById(R.id.about_version_number);
83             TextView versionBrandTextView = (TextView) tabLayout.findViewById(R.id.about_version_brand);
84             TextView versionManufacturerTextView = (TextView) tabLayout.findViewById(R.id.about_version_manufacturer);
85             TextView versionModelTextView = (TextView) tabLayout.findViewById(R.id.about_version_model);
86             TextView versionDeviceTextView = (TextView) tabLayout.findViewById(R.id.about_version_device);
87             TextView versionBootloaderTextView = (TextView) tabLayout.findViewById(R.id.about_version_bootloader);
88             TextView versionRadioTextView = (TextView) tabLayout.findViewById(R.id.about_version_radio);
89             TextView versionAndroidTextView = (TextView) tabLayout.findViewById(R.id.about_version_android);
90             TextView versionBuildTextView = (TextView) tabLayout.findViewById(R.id.about_version_build);
91             TextView versionSecurityPatchTextView = (TextView) tabLayout.findViewById(R.id.about_version_securitypatch);
92             TextView versionWebKitTextView = (TextView) tabLayout.findViewById(R.id.about_version_webkit);
93             TextView versionChromeTextView = (TextView) tabLayout.findViewById(R.id.about_version_chrome);
94             TextView certificateIssuerDNTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_issuer_dn);
95             TextView certificateSubjectDNTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_subject_dn);
96             TextView certificateStartDateTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_start_date);
97             TextView certificateEndDateTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_end_date);
98             TextView certificateVersionTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_version);
99             TextView certificateSerialNumberTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_serial_number);
100             TextView certificateSignatureAlgorithmTextView = (TextView) tabLayout.findViewById(R.id.about_version_certificate_signature_algorithm);
101
102             // Setup the labels.
103             String version = getString(R.string.version) + " " + BuildConfig.VERSION_NAME + " (" + getString(R.string.version_code) + " " + Integer.toString(BuildConfig.VERSION_CODE) + ")";
104             String brandLabel = getString(R.string.brand) + "  ";
105             String manufacturerLabel = getString(R.string.manufacturer) + "  ";
106             String modelLabel = getString(R.string.model) + "  ";
107             String deviceLabel = getString(R.string.device) + "  ";
108             String bootloaderLabel = getString(R.string.bootloader) + "  ";
109             String androidLabel = getString(R.string.android) + "  ";
110             String buildLabel = getString(R.string.build) + "  ";
111             String webKitLabel = getString(R.string.webkit) + "  ";
112             String chromeLabel = getString(R.string.chrome) + "  ";
113             String issuerDNLabel = getString(R.string.issuer_dn) + "  ";
114             String subjectDNLabel = getString(R.string.subject_dn) + "  ";
115             String startDateLabel = getString(R.string.start_date) + "  ";
116             String endDateLabel = getString(R.string.end_date) + "  ";
117             String certificateVersionLabel = getString(R.string.certificate_version) + "  ";
118             String serialNumberLabel = getString(R.string.serial_number) + "  ";
119             String signatureAlgorithmLabel = getString(R.string.signature_algorithm) + "  ";
120
121             // `webViewLayout` is only used to get the default user agent from `bare_webview`.  It is not used to render content on the screen.
122             View webViewLayout = inflater.inflate(R.layout.bare_webview, container, false);
123             WebView tabLayoutWebView = (WebView) webViewLayout.findViewById(R.id.bare_webview);
124             String userAgentString =  tabLayoutWebView.getSettings().getUserAgentString();
125
126             // Get the device's information and store it in strings.
127             String brand = Build.BRAND;
128             String manufacturer = Build.MANUFACTURER;
129             String model = Build.MODEL;
130             String device = Build.DEVICE;
131             String bootloader = Build.BOOTLOADER;
132             String radio = Build.getRadioVersion();
133             String android = Build.VERSION.RELEASE + " (" + getString(R.string.api) + " " + Integer.toString(Build.VERSION.SDK_INT) + ")";
134             String build = Build.DISPLAY;
135             // Select the substring that begins after "Safari/" and goes to the end of the string.
136             String webKit = userAgentString.substring(userAgentString.indexOf("Safari/") + 7);
137             // Select the substring that begins after "Chrome/" and goes until the next " ".
138             String chrome = userAgentString.substring(userAgentString.indexOf("Chrome/") + 7, userAgentString.indexOf(" ", userAgentString.indexOf("Chrome/")));
139
140             // Create a `SpannableStringBuilder` for each `TextView` that needs multiple colors of text.
141             SpannableStringBuilder brandStringBuilder = new SpannableStringBuilder(brandLabel + brand);
142             SpannableStringBuilder manufacturerStringBuilder = new SpannableStringBuilder(manufacturerLabel + manufacturer);
143             SpannableStringBuilder modelStringBuilder = new SpannableStringBuilder(modelLabel + model);
144             SpannableStringBuilder deviceStringBuilder = new SpannableStringBuilder(deviceLabel + device);
145             SpannableStringBuilder bootloaderStringBuilder = new SpannableStringBuilder(bootloaderLabel + bootloader);
146             SpannableStringBuilder androidStringBuilder = new SpannableStringBuilder(androidLabel + android);
147             SpannableStringBuilder buildStringBuilder = new SpannableStringBuilder(buildLabel + build);
148             SpannableStringBuilder webKitStringBuilder = new SpannableStringBuilder(webKitLabel + webKit);
149             SpannableStringBuilder chromeStringBuilder = new SpannableStringBuilder(chromeLabel + chrome);
150
151             // Create a blue `ForegroundColorSpan`.  We have to use the deprecated `getColor` until API >= 23.
152             @SuppressWarnings("deprecation") ForegroundColorSpan blueColorSpan = new ForegroundColorSpan(getResources().getColor(R.color.blue_700));
153
154             // Setup the spans to display the device information in blue.  `SPAN_INCLUSIVE_INCLUSIVE` allows the span to grow in either direction.
155             brandStringBuilder.setSpan(blueColorSpan, brandLabel.length(), brandStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
156             manufacturerStringBuilder.setSpan(blueColorSpan, manufacturerLabel.length(), manufacturerStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
157             modelStringBuilder.setSpan(blueColorSpan, modelLabel.length(), modelStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
158             deviceStringBuilder.setSpan(blueColorSpan, deviceLabel.length(), deviceStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
159             bootloaderStringBuilder.setSpan(blueColorSpan, bootloaderLabel.length(), bootloaderStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
160             androidStringBuilder.setSpan(blueColorSpan, androidLabel.length(), androidStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
161             buildStringBuilder.setSpan(blueColorSpan, buildLabel.length(), buildStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
162             webKitStringBuilder.setSpan(blueColorSpan, webKitLabel.length(), webKitStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
163             chromeStringBuilder.setSpan(blueColorSpan, chromeLabel.length(), chromeStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
164
165             // Display the strings in the text boxes.
166             versionNumberTextView.setText(version);
167             versionBrandTextView.setText(brandStringBuilder);
168             versionManufacturerTextView.setText(manufacturerStringBuilder);
169             versionModelTextView.setText(modelStringBuilder);
170             versionDeviceTextView.setText(deviceStringBuilder);
171             versionBootloaderTextView.setText(bootloaderStringBuilder);
172             versionAndroidTextView.setText(androidStringBuilder);
173             versionBuildTextView.setText(buildStringBuilder);
174             versionWebKitTextView.setText(webKitStringBuilder);
175             versionChromeTextView.setText(chromeStringBuilder);
176
177             // Build.VERSION.SECURITY_PATCH is only available for SDK_INT >= 23.
178             if (Build.VERSION.SDK_INT >= 23) {
179                 String securityPatchLabel = getString(R.string.security_patch) + "  ";
180                 String securityPatch = Build.VERSION.SECURITY_PATCH;
181                 SpannableStringBuilder securityPatchStringBuilder = new SpannableStringBuilder(securityPatchLabel + securityPatch);
182                 securityPatchStringBuilder.setSpan(blueColorSpan, securityPatchLabel.length(), securityPatchStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
183                 versionSecurityPatchTextView.setText(securityPatchStringBuilder);
184             } else { // Hide `versionSecurityPatchTextView`.
185                 versionSecurityPatchTextView.setVisibility(View.GONE);
186             }
187
188             // Only populate `versionRadioTextView` if there is a radio in the device.
189             if (!radio.equals("")) {
190                 String radioLabel = getString(R.string.radio) + "  ";
191                 SpannableStringBuilder radioStringBuilder = new SpannableStringBuilder(radioLabel + radio);
192                 radioStringBuilder.setSpan(blueColorSpan, radioLabel.length(), radioStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
193                 versionRadioTextView.setText(radioStringBuilder);
194             } else { // Hide `versionRadioTextView`.
195                 versionRadioTextView.setVisibility(View.GONE);
196             }
197
198             // Display the package signature.
199             try {
200                 // Get the first package signature.  Suppress the lint warning about the need to be careful in implementing comparison of certificates for security purposes.
201                 @SuppressLint("PackageManagerGetSignatures") Signature packageSignature = getContext().getPackageManager().getPackageInfo(getContext().getPackageName(), PackageManager.GET_SIGNATURES).signatures[0];
202
203                 // Convert the signature to a `byte[]` `InputStream`.
204                 InputStream certificateByteArrayInputStream = new ByteArrayInputStream(packageSignature.toByteArray());
205
206                 // Display the certificate information on the screen.
207                 try {
208                     // Instantiate a `CertificateFactory`.
209                     CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
210
211                     // Generate an `X509Certificate`.
212                     X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(certificateByteArrayInputStream);
213
214                     // Store the individual sections of the certificate that we are interested in.
215                     Principal issuerDNPrincipal = x509Certificate.getIssuerDN();
216                     Principal subjectDNPrincipal = x509Certificate.getSubjectDN();
217                     Date startDate = x509Certificate.getNotBefore();
218                     Date endDate = x509Certificate.getNotAfter();
219                     int certificateVersion = x509Certificate.getVersion();
220                     BigInteger serialNumberBigInteger = x509Certificate.getSerialNumber();
221                     String signatureAlgorithmNameString = x509Certificate.getSigAlgName();
222
223                     // Create a `SpannableStringBuilder` for each `TextView` that needs multiple colors of text.
224                     SpannableStringBuilder issuerDNStringBuilder = new SpannableStringBuilder(issuerDNLabel + issuerDNPrincipal.toString());
225                     SpannableStringBuilder subjectDNStringBuilder = new SpannableStringBuilder(subjectDNLabel + subjectDNPrincipal.toString());
226                     SpannableStringBuilder startDateStringBuilder = new SpannableStringBuilder(startDateLabel + DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.LONG).format(startDate));
227                     SpannableStringBuilder endDataStringBuilder = new SpannableStringBuilder(endDateLabel + DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.LONG).format(endDate));
228                     SpannableStringBuilder certificateVersionStringBuilder = new SpannableStringBuilder(certificateVersionLabel + certificateVersion);
229                     SpannableStringBuilder serialNumberStringBuilder = new SpannableStringBuilder(serialNumberLabel + serialNumberBigInteger);
230                     SpannableStringBuilder signatureAlgorithmStringBuilder = new SpannableStringBuilder(signatureAlgorithmLabel + signatureAlgorithmNameString);
231
232                     // Setup the spans to display the device information in blue.  `SPAN_INCLUSIVE_INCLUSIVE` allows the span to grow in either direction.
233                     issuerDNStringBuilder.setSpan(blueColorSpan, issuerDNLabel.length(), issuerDNStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
234                     subjectDNStringBuilder.setSpan(blueColorSpan, subjectDNLabel.length(), subjectDNStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
235                     startDateStringBuilder.setSpan(blueColorSpan, startDateLabel.length(), startDateStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
236                     endDataStringBuilder.setSpan(blueColorSpan, endDateLabel.length(), endDataStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
237                     certificateVersionStringBuilder.setSpan(blueColorSpan, certificateVersionLabel.length(), certificateVersionStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
238                     serialNumberStringBuilder.setSpan(blueColorSpan, serialNumberLabel.length(), serialNumberStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
239                     signatureAlgorithmStringBuilder.setSpan(blueColorSpan, signatureAlgorithmLabel.length(), signatureAlgorithmStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
240
241                     // Display the strings in the text boxes.
242                     certificateIssuerDNTextView.setText(issuerDNStringBuilder);
243                     certificateSubjectDNTextView.setText(subjectDNStringBuilder);
244                     certificateStartDateTextView.setText(startDateStringBuilder);
245                     certificateEndDateTextView.setText(endDataStringBuilder);
246                     certificateVersionTextView.setText(certificateVersionStringBuilder);
247                     certificateSerialNumberTextView.setText(serialNumberStringBuilder);
248                     certificateSignatureAlgorithmTextView.setText(signatureAlgorithmStringBuilder);
249                 } catch (CertificateException e) {
250                     // Do nothing if there is a certificate error.
251                 }
252             } catch (PackageManager.NameNotFoundException e) {
253                 // Do nothing if `PackageManager` says Privacy Browser isn't installed.
254             }
255         } else { // load a WebView for all the other tabs.  Tab numbers start at 0.
256             // Setting false at the end of inflater.inflate does not attach the inflated layout as a child of container.
257             // The fragment will take care of attaching the root automatically.
258             tabLayout = inflater.inflate(R.layout.bare_webview, container, false);
259             WebView tabWebView = (WebView) tabLayout;
260
261             switch (tabNumber) {
262                 case 1:
263                     tabWebView.loadUrl("file:///android_asset/" + getString(R.string.android_asset_path) + "/about_permissions.html");
264                     break;
265
266                 case 2:
267                     tabWebView.loadUrl("file:///android_asset/" + getString(R.string.android_asset_path) + "/about_privacy_policy.html");
268                     break;
269
270                 case 3:
271                     tabWebView.loadUrl("file:///android_asset/" + getString(R.string.android_asset_path) + "/about_changelog.html");
272                     break;
273
274                 case 4:
275                     tabWebView.loadUrl("file:///android_asset/" + getString(R.string.android_asset_path) + "/about_licenses.html");
276                     break;
277
278                 case 5:
279                     tabWebView.loadUrl("file:///android_asset/" + getString(R.string.android_asset_path) + "/about_contributors.html");
280                     break;
281
282                 case 6:
283                     tabWebView.loadUrl("file:///android_asset/" + getString(R.string.android_asset_path) + "/about_links.html");
284                     break;
285
286                 default:
287                     break;
288             }
289         }
290
291         return tabLayout;
292     }
293 }