java source code of ServerCertificateManager

revolution-irc-master
- gradle.properties
- gradle
  - wrapper
    - gradle-wrapper.properties
- gradlew.bat
- LICENSE
- gradlew
- build.gradle
- README.md
- .idea
  - codeStyles
    - Project.xml
  - modules.xml
  - misc.xml
  - runConfigurations.xml
  - vcs.xml
  - copyright
    - profiles_settings.xml
  - gradle.xml
- app
  - src
    - main
      - res
        xml
        file_provider_paths.xml
        drawable-mdpi
        mipmap-xhdpi
        layout
        dialog_bottom_user_header.xml
        dialog_font_size.xml
        dialog_search_item.xml
        settings_list_checkbox_entry_compact.xml
        chat_expandable_message.xml
        color_list_reset_color.xml
        settings_notifications_rule.xml
        settings_storage_chat_logs_summary.xml
        settings_storage_limit_dialog.xml
        simple_list_item.xml
        activity_edit_notification_settings.xml
        server_list_header.xml
        activity_edit_ignore_entry.xml
        notification_settings_add_rule.xml
        drawer_channel_item.xml
        activity_certificate_manager.xml
        dcc_transfer_pending_item.xml
        settings_reconnect_dialog.xml
        server_list_connected_server.xml
        chat_messages_fragment.xml
        chat_topic.xml
        activity_edit_server.xml
        dialog_color_picker.xml
        activity_setup_big_header.xml
        chat_message.xml
        dialog_material_color_picker.xml
        activity_setup_big_header_appbar.xml
        settings_storage_limits_content.xml
        activity_theme_editor.xml
        notification_layout.xml
        settings_category_item.xml
        activity_setup_progress_content.xml
        activity_edit_command_alias.xml
        simple_spinner_item.xml
        chat_day_marker.xml
        drawer_divider.xml
        dialog_interval.xml
        dialog_search.xml
        notification_settings_rule.xml
        activity_settings.xml
        activity_backup_password_content.xml
        dialog_chip_edit_text.xml
        settings_notifications_rule_default.xml
        settings_storage_chat_logs_entry.xml
        chip.xml
        simple_list_with_fab.xml
        notification_settings_match_message.xml
        certificate_manager_item.xml
        dialog_color_picker_item.xml
        activity_channel_list.xml
        activity_message_format_settings_preset.xml
        server_command_error_item.xml
        format_bar.xml
        dialog_edit_text.xml
        notification_layout_collapsed.xml
        notification_settings_basic.xml
        dialog_bottom_user_entry.xml
        chat_fragment_content.xml
        activity_main.xml
        settings_theme_option.xml
        drawer_server_item.xml
        drawer_menu_item.xml
        chat_new_messages_marker.xml
        bad_certificate_layout.xml
        settings_list_checkbox_entry.xml
        server_list_divider.xml
        drawer_header.xml
        server_list_fragment.xml
        settings_list_entry_color_compact.xml
        chat_info_header.xml
        chat_member.xml
        server_list_server.xml
        chat_tab.xml
        settings_reconnect_rule.xml
        dcc_transfer_active_item.xml
        settings_storage_configuration_summary.xml
        dialog_bottom_user.xml
        settings_list_entry_color.xml
        settings_storage_limits.xml
        color_list_add_color.xml
        activity_backup_complete.xml
        irc_link_header_text_item.xml
        chat_fragment.xml
        settings_list_header.xml
        activity_message_format_settings.xml
        settings_command_alias_item.xml
        simple_list.xml
        dialog_bottom_menu_item.xml
        settings_list_tip.xml
        simple_list_item_with_icon.xml
        dialog_bottom_menu_header.xml
        settings_list_entry_color_expanded.xml
        activity_backup.xml
        channel_list_item.xml
        dialog_please_wait.xml
        settings_list_entry.xml
        notification_settings_rule_collapsed.xml
        settings_list_entry_compact.xml
        drawable-xhdpi
        values-v21
        styles.xml
        values-w820dp
        dimens.xml
        menu
        menu_format_add_chip.xml
        menu_settings_theme.xml
        menu_settings_interface.xml
        menu_dcc_transfers.xml
        menu_reconnect_rule.xml
        menu_channel_list.xml
        menu_server_list.xml
        menu_context_messages.xml
        menu_edit_only_done.xml
        menu_chat.xml
        menu_context_messages_full.xml
        mipmap-xxxhdpi
        drawable-v21
        format_item_background.xml
        format_item_background_active.xml
        drawable-xxhdpi
        values-night
        styles.xml
        colors.xml
        mipmap-xxhdpi
        mipmap-hdpi
        drawable-hdpi
        color
        recyclerview_scrollbar_tint_list.xml
        values
        live_theme_helper.xml
        styles.xml
        attr.xml
        colors.xml
        material_colors.xml
        dimens.xml
        strings.xml
        color_picker.xml
        values.xml
        values-v17
        styles.xml
        mipmap-mdpi
        drawable
        ic_settings_backup.xml
        ic_add_circle_outline.xml
        ic_reorder.xml
        ic_close_16dp.xml
        transparent_chip_background.xml
        ic_pin.xml
        ic_notification_upload.xml
        format_item_background.xml
        ic_direct_share.xml
        ic_file_download_white_16dp.xml
        ic_format_italic.xml
        ic_delete_white.xml
        ic_format_underlined.xml
        color_picker_circle.xml
        ic_palette.xml
        ic_message.xml
        color_circle.xml
        ic_open_in_new.xml
        ic_format_color_fill.xml
        ic_notifications.xml
        ic_format_clear.xml
        chip_background.xml
        ic_notification_message.xml
        ic_warning.xml
        ic_translate.xml
        color_list_color.xml
        ic_server_password.xml
        ic_expand.xml
        ic_format_indent.xml
        ic_reply.xml
        ic_text_format.xml
        ic_storage.xml
        ic_sort_white.xml
        chat_tab_notification_icon.xml
        server_list_circle.xml
        ic_copy_white.xml
        ic_keyboard.xml
        ic_keyboard_tab.xml
        ic_format_color_color.xml
        ic_file_upload_white_16dp.xml
        ic_server_connected.xml
        ic_more_vert.xml
        ic_done_white.xml
        ic_appearance.xml
        recyclerview_scrollbar_letter.xml
        ic_delete.xml
        ic_send.xml
        ic_user.xml
        ic_format_bold.xml
        ic_share_white.xml
        ic_notification_download.xml
        recyclerview_scrollbar.xml
        ic_refresh.xml
        ic_list.xml
        ic_save.xml
        ic_close.xml
        ic_backspace.xml
        ic_lock_small.xml
        ic_edit.xml
        ic_history.xml
        ic_search_white.xml
        ic_server_ssl.xml
        format_item_background_active.xml
        ic_settings.xml
        ic_content_copy.xml
        ic_add_white.xml
        ic_server_address.xml
        edit_text_readonly.xml
        pin_icon_background.xml
        ic_server_name.xml
        ic_format_color_text.xml
        anim
        slide_enter.xml
        slide_exit.xml
        slide_rtl_enter.xml
        slide_rtl_exit.xml
      - AndroidManifest.xml
      - java
        io
        mrarm
        irc
        ServerConnectionInfo.java
        IgnoreListActivity.java
        dialog
        StorageLimitsDialog.java
        UserBottomSheetDialog.java
        ProperHeightBottomSheetDialog.java
        ServerStorageLimitDialog.java
        UserSearchDialog.java
        MenuBottomSheetDialog.java
        ChannelSearchDialog.java
        SearchDialog.java
        ColorListPickerDialog.java
        MaterialColorPickerDialog.java
        StatusBarColorBottomSheetDialog.java
        SettingsActivity.java
        IRCChooserTargetService.java
        ServerConnectionManager.java
        IRCLinkActivity.java
        MainActivity.java
        ShareTargetActivity.java
        ThemedActivity.java
        IgnoreListAdapter.java
        setting
        EditTextSetting.java
        SimpleSetting.java
        SettingsHeader.java
        fragment
        SettingsListFragment.java
        NotificationSettingsFragment.java
        AutocompletePreferenceFragment.java
        InterfaceSettingsFragment.java
        theme
        ChatThemeSettings.java
        CommonThemeSettings.java
        BaseThemeEditorFragment.java
        ExpandableColorSetting.java
        NamedSettingsFragment.java
        StorageSettingsFragment.java
        UserSettingsFragment.java
        ReconnectSettingsFragment.java
        CommandSettingsFragment.java
        MaterialColorSetting.java
        ClickableSetting.java
        CheckBoxSetting.java
        ListSetting.java
        ColorListSetting.java
        ReconnectIntervalSetting.java
        RadioButtonSetting.java
        SettingsCategoriesFragment.java
        SettingsListAdapter.java
        FontSizeSetting.java
        ListWithCustomSetting.java
        ChipsEditTextSetting.java
        IntervalSetting.java
        RingtoneSetting.java
        setup
        BackupCompleteActivity.java
        SetupActivity.java
        SetupBigHeaderActivity.java
        BackupActivity.java
        SetupProgressActivity.java
        BackupPasswordActivity.java
        BackupProgressActivity.java
        ServerListAdapter.java
        NotificationManager.java
        drawer
        DrawerHelper.java
        DrawerNavigationView.java
        DrawerMenuItem.java
        DrawerMenuListAdapter.java
        chat
        ChatMessagesAdapter.java
        ChatMessagesFragment.java
        ChannelInfoAdapter.java
        ChatFragmentSendMessageHelper.java
        ChatPagerAdapter.java
        ChatUIData.java
        ServerStatusMessagesAdapter.java
        ChannelUIData.java
        SendMessageHelper.java
        ChatServerMessagesAdapter.java
        ChatFragment.java
        ChatSelectTouchListener.java
        CommandListSuggestionsAdapter.java
        ChatSuggestionsAdapter.java
        DCCHistory.java
        IRCApplication.java
        DCCTransferListAdapter.java
        StorageSettingsActivity.java
        ChannelListActivity.java
        DCCManager.java
        util
        SimpleRecyclerViewAdapter.java
        LinkHelper.java
        MessageBuilder.java
        SimpleWildcardPattern.java
        SpacingItemDecorator.java
        FormatUtils.java
        CommandAliasSyntaxParser.java
        RecyclerViewScrollerRunnable.java
        AppCompatViewFactory.java
        SavedColorListAdapter.java
        PoolSerialExecutor.java
        ExpandIconStateHelper.java
        UserAutoRunCommandHelper.java
        SimpleTextWatcher.java
        DrawableWrapper.java
        ImageViewTintUtils.java
        NightModeRecreateHelper.java
        ListAdapterWrapper.java
        ScrollPosLinearLayoutManager.java
        AdvancedDividerItemDecoration.java
        SelectableRecyclerViewAdapter.java
        IRCColorUtils.java
        IgnoreListMessageFilter.java
        ColoredTextBuilder.java
        TextSelectionHandlePopup.java
        SimpleTextVariableList.java
        ColorFilterWorkaroundDrawable.java
        theme
        ThemeAttrMapping.java
        live
        ThemedTextInputEditText.java
        ThemedView.java
        AndroidArrayUtils.java
        ThemedAlertDialog.java
        ThemedAppBarLayout.java
        LiveThemeUtils.java
        LiveThemeManager.java
        ThemedTextView.java
        LiveThemeViewFactory.java
        ThemedEditText.java
        ThemedCheckBox.java
        LiveThemeComponent.java
        ThemedButton.java
        ThemedCheckedTextView.java
        ThemedTabLayout.java
        ThemedColorStateList.java
        ThemedToolbar.java
        ThemedTextInputLayout.java
        ThemeInfo.java
        ThemeResourceFileBuilder.java
        ThemeManager.java
        WarningHelper.java
        LongPressSelectTouchListener.java
        FixedWidthTimestampSpan.java
        SimpleChipDrawable.java
        PEMParser.java
        TextSelectionHelper.java
        SpannableStringHelper.java
        StubMessageStorageApi.java
        SettableFuture.java
        AlignToPointSpan.java
        SimpleChipSpan.java
        SimpleCounter.java
        StyledAttributesHelper.java
        AutoMultilineTextListener.java
        EntryRecyclerViewAdapter.java
        ClickableRecyclerViewAdapter.java
        job
        ServerPingScheduler.java
        ServerPingTask.java
        ServerPingBroadcastReceiver.java
        ServerPingJobService.java
        EditCommandAliasActivity.java
        CertificateManagerActivity.java
        config
        AppSettingsHelper.java
        SettingChangeCallback.java
        NotificationRule.java
        NotificationRuleManager.java
        ServerConfigData.java
        CommandAliasManager.java
        ServerConfigManager.java
        NotificationSettings.java
        NotificationCountStorage.java
        ChatSettingsHelper.java
        MessageFormatSettings.java
        BackupManager.java
        UiSettingChangeCallback.java
        SettingsHelper.java
        ServerCertificateManager.java
        EditServerActivity.java
        UserKeyManager.java
        upnp
        UPnPTypes.java
        PortMapper.java
        SSDPDiscovery.java
        XMLParseHelper.java
        UPnPDeviceDescription.java
        UPnPServiceControlDescription.java
        rpc
        DeletePortMappingCall.java
        AddAnyPortMappingResponse.java
        AddAnyPortMappingCall.java
        BaseAddPortMappingCall.java
        GetExternalIPAddressResponse.java
        AddPortMappingCall.java
        GetExternalIPAddressCall.java
        UPnPRemoteCall.java
        UPnPRPCError.java
        ServerListFragment.java
        view
        ProgressBar.java
        MessageFormatSettingsFormatBar.java
        ColorHuePicker.java
        ChatAutoCompleteEditText.java
        TextFormatBar.java
        RecyclerViewScrollbar.java
        ColorPicker.java
        LabelLayout.java
        ColorSlider.java
        TextSelectionHandleView.java
        ChipsEditText.java
        RecyclerViewScrollbarLayout.java
        AutoResizeSpinner.java
        AutoRunCommandListEditText.java
        SimpleBarChart.java
        BackButtonListenerEditText.java
        ColorAlphaPicker.java
        StaticLabelTextInputLayout.java
        FormattableEditText.java
        OpaqueStatusBarRelativeLayout.java
        InsetNavigationView.java
        LockableDrawerLayout.java
        MaterialColorPicker.java
        ListSearchView.java
        CommandAliasesAdapter.java
        ThemeEditorActivity.java
        DCCActivity.java
        EditNotificationSettingsActivity.java
        ChannelNotificationManager.java
        DCCNotificationManager.java
        ChatLogStorageManager.java
        UserOverrideTrustManager.java
        NotificationRulesAdapter.java
        StorageSettingsAdapter.java
        EditIgnoreEntryActivity.java
        IRCService.java
        MessageFormatSettingsActivity.java
    - androidTest
      - java
        io
        mrarm
        irc
        ExampleInstrumentedTest.java
    - test
      - java
        io
        mrarm
        irc
        ExampleUnitTest.java
  - proguard-rules.pro
  - settings.yml
  - build.gradle
  - buildSrc
    - src
      - main
        java
        io
        mrarm
        irc
        build
        SettingsBuilder.java
        groovy
        io
        mrarm
        irc
        build
        SettingsBuilderPlugin.groovy
    - build.gradle
    - settings.gradle
    - .gitignore
  - .gitignore
- settings.gradle
- .gitignore

package io.mrarm.irc.config;

import android.content.Context;
import android.graphics.Typeface;
import android.text.SpannableString;
import android.text.TextUtils;
import android.text.style.StyleSpan;
import android.util.Log;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.ref.WeakReference;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;

import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

import io.mrarm.irc.util.ColoredTextBuilder;

public class ServerCertificateManager {

    private static final String TAG = "CertificateManager";

    private static final Map<String, WeakReference<ServerCertificateManager>> mInstances = new HashMap<>();

    public static ServerCertificateManager get(File file) {
        synchronized (mInstances) {
            WeakReference<ServerCertificateManager> instance = mInstances.get(file.getAbsolutePath());
            if (instance != null) {
                ServerCertificateManager helper = instance.get();
                if (helper != null)
                    return helper;
            }
            ServerCertificateManager ret = new ServerCertificateManager(file);
            mInstances.put(file.getAbsolutePath(), new WeakReference<>(ret));
            return ret;
        }
    }

    public static ServerCertificateManager get(Context context, UUID serverUUID) {
        return get(ServerConfigManager.getInstance(context).getServerSSLCertsFile(serverUUID));
    }

    private File mKeyStoreFile;
    private KeyStore mKeyStore;
    private X509TrustManager mKeyStoreTrustManager;

    private ServerCertificateManager(File keyStoreFile) {
        mKeyStoreFile = keyStoreFile;
        if (keyStoreFile != null && keyStoreFile.exists()) {
            try {
                loadKeyStore(new FileInputStream(mKeyStoreFile));
            } catch (Exception e) {
                Log.w(TAG, "Failed to load keystore");
                mKeyStore = null;
            }
        }
    }

    @Override
    protected void finalize() throws Throwable {
        synchronized (mInstances) {
            String path = mKeyStoreFile.getAbsolutePath();
            if (mInstances.containsKey(path)) {
                if (mInstances.get(path).get() == this)
                    mInstances.remove(path);
            }
        }
        super.finalize();
    }

    public void loadKeyStore(InputStream stream) throws KeyStoreException, IOException,
            CertificateException, NoSuchAlgorithmException {
        synchronized (this) {
            mKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            mKeyStore.load(stream, null);
        }
    }

    private void createKeyStoreIfNull() throws KeyStoreException, IOException, CertificateException,
            NoSuchAlgorithmException {
        synchronized (this) {
            if (mKeyStore == null) {
                mKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                mKeyStore.load(null, null);
            }
        }
    }

    public void saveKeyStore(OutputStream stream) throws KeyStoreException, IOException,
            CertificateException, NoSuchAlgorithmException {
        synchronized (this) {
            createKeyStoreIfNull();
            mKeyStore.store(stream, null);
        }
    }

    public void saveKeyStore() throws KeyStoreException, IOException, CertificateException,
            NoSuchAlgorithmException {
        saveKeyStore(new FileOutputStream(mKeyStoreFile));
    }

    public void addCertificateException(X509Certificate certificate) {
        synchronized (this) {
            try {
                createKeyStoreIfNull();
                mKeyStore.setCertificateEntry("cert-" + UUID.randomUUID(), certificate);
                if (mKeyStoreFile != null)
                    saveKeyStore();
            } catch (Exception e) {
                Log.e(TAG, "Failed to add certificate exception");
                e.printStackTrace();
            }
        }
    }

    public void removeCertificate(String alias) {
        synchronized (this) {
            if (mKeyStore == null)
                return;
            try {
                mKeyStore.deleteEntry(alias);
                if (mKeyStoreFile != null)
                    saveKeyStore();
            } catch (Exception e) {
                Log.e(TAG, "Failed to remove certificate");
                e.printStackTrace();
            }
        }
    }

    public List<String> getCertificateAliases() {
        synchronized (this) {
            if (mKeyStore == null)
                return null;
            try {
                return Collections.list(mKeyStore.aliases());
            } catch (KeyStoreException e) {
                return null;
            }
        }
    }

    public X509Certificate getCertificate(String alias) {
        synchronized (this) {
            try {
                return (X509Certificate) mKeyStore.getCertificate(alias);
            } catch (KeyStoreException e) {
                return null;
            }
        }
    }

    public boolean hasCertificate(Certificate certificate) throws KeyStoreException {
        synchronized (this) {
            return mKeyStore.getCertificateAlias(certificate) != null;
        }
    }

    public void checkServerTrusted(X509Certificate[] chain, String authType)
            throws CertificateException {
        synchronized (this) {
            if (mKeyStoreTrustManager == null && mKeyStore != null)
                mKeyStoreTrustManager = createKeyStoreTrustManager(mKeyStore);
            if (mKeyStoreTrustManager == null)
                    throw new CertificateException("Key store is null");
            mKeyStoreTrustManager.checkServerTrusted(chain, authType);
        }
    }

    public static SpannableString buildCertOverviewString(X509Certificate cert) {
        String sha1Fingerprint;
        try {
            StringBuilder builder = new StringBuilder();
            MessageDigest digest = MessageDigest.getInstance("SHA-1");
            byte[] bytes = digest.digest(cert.getEncoded());
            for (byte b : bytes)
                builder.append(String.format("%02x ", b));
            sha1Fingerprint = builder.toString();
        } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
            throw new RuntimeException(e);
        }

        ColoredTextBuilder builder = new ColoredTextBuilder();
        builder.append("Subject: ", new StyleSpan(Typeface.BOLD));
        builder.append(cert.getSubjectX500Principal().getName().replace(",", ",\u200B"));
        builder.append("\nApplies to: ", new StyleSpan(Typeface.BOLD));
        builder.append(buildCertAppliesToString(cert));
        builder.append("\nIssuer: ", new StyleSpan(Typeface.BOLD));
        builder.append(cert.getIssuerDN().toString().replace(",", ",\u200B"));
        builder.append("\nSHA1 fingerprint:\n", new StyleSpan(Typeface.BOLD));
        builder.append(sha1Fingerprint);
        return SpannableString.valueOf(builder.getSpannable());
    }

    public static String buildCertAppliesToString(X509Certificate cert) {
        List<String> elements = new ArrayList<>();
        try {
            Collection<List<?>> altNames = cert.getSubjectAlternativeNames();
            if (altNames != null) {
                for (List<?> altName : altNames) {
                    Integer altNameType = (Integer) altName.get(0);
                    if (altNameType != 2 && altNameType != 7) // dns or ip
                        continue;
                    elements.add((String) altName.get(1));
                }
            }
        } catch (CertificateParsingException ignored) {
        }

        if (elements.size() == 0)
            return "none";
        return TextUtils.join(",", elements.toArray());
    }

    public static X509TrustManager createKeyStoreTrustManager(KeyStore keyStore) {
        try {
            TrustManagerFactory factory = TrustManagerFactory.getInstance(
                    TrustManagerFactory.getDefaultAlgorithm());
            factory.init(keyStore);
            for (TrustManager manager : factory.getTrustManagers()) {
                if (manager instanceof X509TrustManager)
                    return (X509TrustManager) manager;
            }
        } catch (NoSuchAlgorithmException | KeyStoreException e) {
            throw new RuntimeException(e);
        }
        return null;
    }

}