ui: Add feedback when choosing crt file

This commit introduces security check when user chooses a certificate, displaying an icon showing test result (passed/failed) Refs #45008

ui: Add feedback when choosing crt file
1e61e309 · Alexandre Lision · 7e348c76 · 1e61e309 · 1e61e309 · 1e61e309
Commit 1e61e309 authored 10 years ago by Alexandre Lision
--- a/res/drawable-hdpi/ic_error.png
+++ b/res/drawable-hdpi/ic_error.png
--- a/res/drawable-hdpi/ic_good.png
+++ b/res/drawable-hdpi/ic_good.png
--- a/res/drawable-hdpi/ic_warning.png
+++ b/res/drawable-hdpi/ic_warning.png
--- a/res/drawable-mdpi/ic_error.png
+++ b/res/drawable-mdpi/ic_error.png
--- a/res/drawable-mdpi/ic_good.png
+++ b/res/drawable-mdpi/ic_good.png
--- a/res/drawable-mdpi/ic_warning.png
+++ b/res/drawable-mdpi/ic_warning.png
--- a/res/drawable-xhdpi/ic_error.png
+++ b/res/drawable-xhdpi/ic_error.png
--- a/res/drawable-xhdpi/ic_good.png
+++ b/res/drawable-xhdpi/ic_good.png
--- a/res/drawable-xhdpi/ic_warning.png
+++ b/res/drawable-xhdpi/ic_warning.png
--- a/res/drawable-xxhdpi/ic_error.png
+++ b/res/drawable-xxhdpi/ic_error.png
--- a/res/drawable-xxhdpi/ic_good.png
+++ b/res/drawable-xxhdpi/ic_good.png
--- a/res/drawable-xxhdpi/ic_warning.png
+++ b/res/drawable-xxhdpi/ic_warning.png
--- a/res/xml/account_tls.xml
+++ b/res/xml/account_tls.xml
@@ -60,6 +60,7 @@ as that of the covered work.
        android:key="TLS.certificateListFile"
        android:persistent="false"
        android:title="@string/account_tls_certificate_list_label" />
+
    <Preference
        android:id="@+id/account_tls_certificate_file"
        android:key="TLS.certificateFile"
@@ -95,10 +96,10 @@ as that of the covered work.
        android:title="@string/account_tls_server_name_label" />

    <EditTextPreference
-            android:id="@+id/account_tls_timeout_sec"
-            android:key="TLS.negotiationTimeoutSec"
-            android:persistent="false"
-            android:title="@string/account_tls_negotiation_timeout_sec" />
+        android:id="@+id/account_tls_timeout_sec"
+        android:key="TLS.negotiationTimeoutSec"
+        android:persistent="false"
+        android:title="@string/account_tls_negotiation_timeout_sec" />

    <CheckBoxPreference
        android:id="@+id/account_tls_verify_server"

--- a/src/org/sflphone/account/TLSManager.java
+++ b/src/org/sflphone/account/TLSManager.java
@@ -40,16 +40,55 @@ import android.preference.Preference.OnPreferenceChangeListener;
 import android.preference.Preference.OnPreferenceClickListener;
 import android.preference.PreferenceScreen;
 import android.util.Log;
+import org.sflphone.R;
 import org.sflphone.fragments.NestedSettingsFragment;
 import org.sflphone.model.Account;

 import java.io.File;

 public class TLSManager {
+    private static final String TAG = TLSManager.class.getSimpleName();
+    private static final int SELECT_CA_LIST_RC = 42;
+    private static final int SELECT_PRIVATE_KEY_RC = 43;
+    private static final int SELECT_CERTIFICATE_RC = 44;
+    private OnPreferenceClickListener filePickerListener = new OnPreferenceClickListener() {
+        @Override
+        public boolean onPreferenceClick(Preference preference) {
+            if (preference.getKey().contentEquals(AccountDetailTls.CONFIG_TLS_CA_LIST_FILE)) {
+                performFileSearch(SELECT_CA_LIST_RC);
+            }
+            if (preference.getKey().contentEquals(AccountDetailTls.CONFIG_TLS_PRIVATE_KEY_FILE)) {
+                performFileSearch(SELECT_PRIVATE_KEY_RC);
+            }
+            if (preference.getKey().contentEquals(AccountDetailTls.CONFIG_TLS_CERTIFICATE_FILE)) {
+                performFileSearch(SELECT_CERTIFICATE_RC);
+            }
+            return true;
+        }
+    };
    PreferenceScreen mScreen;
    private Account mAccount;
    private NestedSettingsFragment mFrag;
-    private static final String TAG = TLSManager.class.getSimpleName();
+    private OnPreferenceChangeListener tlsListener = new OnPreferenceChangeListener() {
+
+        @Override
+        public boolean onPreferenceChange(Preference preference, Object newValue) {
+            Log.i("TLS", "Setting " + preference.getKey() + " to" + newValue);
+
+            if (preference.getKey().contentEquals("TLS.enable")) {
+                togglePreferenceScreen((Boolean) newValue);
+            }
+
+            if (preference instanceof CheckBoxPreference) {
+                mAccount.getTlsDetails().setDetailString(preference.getKey(), Boolean.toString((Boolean) newValue));
+            } else {
+                preference.setSummary((String) newValue);
+                mAccount.getTlsDetails().setDetailString(preference.getKey(), (String) newValue);
+            }
+            mAccount.notifyObservers();
+            return true;
+        }
+    };

    public void onCreate(NestedSettingsFragment con, PreferenceScreen preferenceScreen, Account acc) {
        mFrag = con;
@@ -70,8 +109,10 @@ public class TLSManager {
                        mScreen.getPreference(i).getKey()));
            } else {
                if (current.getKey().contentEquals(AccountDetailTls.CONFIG_TLS_CA_LIST_FILE)) {
-                    current.setSummary(new File(mAccount.getTlsDetails().getDetailString(AccountDetailTls.CONFIG_TLS_CA_LIST_FILE)).getName());
+                    File crt = new File(mAccount.getTlsDetails().getDetailString(AccountDetailTls.CONFIG_TLS_CA_LIST_FILE));
+                    current.setSummary(crt.getName());
                    current.setOnPreferenceClickListener(filePickerListener);
+                    setFeedbackIcon(crt.getAbsolutePath());
                } else if (current.getKey().contentEquals(AccountDetailTls.CONFIG_TLS_PRIVATE_KEY_FILE)) {
                    current.setSummary(new File(mAccount.getTlsDetails().getDetailString(AccountDetailTls.CONFIG_TLS_PRIVATE_KEY_FILE)).getName());
                    current.setOnPreferenceClickListener(filePickerListener);
@@ -94,21 +135,13 @@ public class TLSManager {
        }
    }

-    private OnPreferenceClickListener filePickerListener = new OnPreferenceClickListener() {
-        @Override
-        public boolean onPreferenceClick(Preference preference) {
-            if (preference.getKey().contentEquals(AccountDetailTls.CONFIG_TLS_CA_LIST_FILE)) {
-                performFileSearch(SELECT_CA_LIST_RC);
-            }
-            if (preference.getKey().contentEquals(AccountDetailTls.CONFIG_TLS_PRIVATE_KEY_FILE)) {
-                performFileSearch(SELECT_PRIVATE_KEY_RC);
-            }
-            if (preference.getKey().contentEquals(AccountDetailTls.CONFIG_TLS_CERTIFICATE_FILE)) {
-                performFileSearch(SELECT_CERTIFICATE_RC);
-            }
-            return true;
+    private void setFeedbackIcon(String crtPath) {
+        if(!mFrag.checkCertificate(crtPath)){
+            mScreen.findPreference(AccountDetailTls.CONFIG_TLS_CA_LIST_FILE).setIcon(R.drawable.ic_error);
+        } else {
+            mScreen.findPreference(AccountDetailTls.CONFIG_TLS_CA_LIST_FILE).setIcon(R.drawable.ic_good);
        }
-    };
+    }

    public void setTLSListener() {
        for (int i = 0; i < mScreen.getPreferenceCount(); ++i) {
@@ -116,39 +149,12 @@ public class TLSManager {
        }
    }

-    private OnPreferenceChangeListener tlsListener = new OnPreferenceChangeListener() {
-
-        @Override
-        public boolean onPreferenceChange(Preference preference, Object newValue) {
-            Log.i("TLS", "Setting " + preference.getKey() + " to" + newValue);
-
-            if (preference.getKey().contentEquals("TLS.enable")) {
-                togglePreferenceScreen((Boolean) newValue);
-            }
-
-            if (preference instanceof CheckBoxPreference) {
-                mAccount.getTlsDetails().setDetailString(preference.getKey(), Boolean.toString((Boolean) newValue));
-            } else {
-                preference.setSummary((String) newValue);
-                mAccount.getTlsDetails().setDetailString(preference.getKey(), (String) newValue);
-            }
-
-
-            mAccount.notifyObservers();
-            return true;
-        }
-    };
-
    private void togglePreferenceScreen(Boolean state) {
        for (int i = 1; i < mScreen.getPreferenceCount(); ++i) {
            mScreen.getPreference(i).setEnabled(state);
        }
    }

-    private static final int SELECT_CA_LIST_RC = 42;
-    private static final int SELECT_PRIVATE_KEY_RC = 43;
-    private static final int SELECT_CERTIFICATE_RC = 44;
-
    public void performFileSearch(int requestCodeToSet) {

        // ACTION_OPEN_DOCUMENT is the intent to choose a file via the system's file
@@ -173,13 +179,14 @@ public class TLSManager {
        if (resultCode == Activity.RESULT_CANCELED)
            return;

-        File myFile = new File(data.getData().toString());
+        File myFile = new File(data.getData().getEncodedPath());
        Log.i(TAG, "file selected:" + data.getData());
        switch (requestCode) {
            case SELECT_CA_LIST_RC:
                mScreen.findPreference(AccountDetailTls.CONFIG_TLS_CA_LIST_FILE).setSummary(myFile.getName());
                mAccount.getTlsDetails().setDetailString(AccountDetailTls.CONFIG_TLS_CA_LIST_FILE, myFile.getAbsolutePath());
                mAccount.notifyObservers();
+                setFeedbackIcon(myFile.getAbsolutePath());
                break;
            case SELECT_PRIVATE_KEY_RC:
                mScreen.findPreference(AccountDetailTls.CONFIG_TLS_PRIVATE_KEY_FILE).setSummary(myFile.getName());

--- a/src/org/sflphone/client/CallActivity.java
+++ b/src/org/sflphone/client/CallActivity.java
@@ -182,8 +182,6 @@ public class CallActivity extends FragmentActivity implements IMFragment.Callbac
            if (u != null) {
                CallContact c = CallContact.ContactBuilder.buildUnknownContact(u.getSchemeSpecificPart());
                try {
-                    mService.destroyNotification();
-
                    String accountID = (String) mService.getAccountList().get(1); // We use the first account to place outgoing calls
                    HashMap<String, String> details = (HashMap<String, String>) mService.getAccountDetails(accountID);
                    ArrayList<HashMap<String, String>> credentials = (ArrayList<HashMap<String, String>>) mService.getCredentials(accountID);
@@ -219,7 +217,6 @@ public class CallActivity extends FragmentActivity implements IMFragment.Callbac
                    IMBundle.putParcelableArrayList("messages", new ArrayList<SipMessage>());
                    mIMFragment.setArguments(IMBundle);
                }
-
            }

            mSlidingPaneLayout.setCurFragment(mCurrentCallFragment);

--- a/src/org/sflphone/client/HomeActivity.java
+++ b/src/org/sflphone/client/HomeActivity.java
@@ -116,8 +116,6 @@ public class HomeActivity extends FragmentActivity implements DialingFragment.Ca
    @Override
    protected void onSaveInstanceState(Bundle bundle) {
        super.onSaveInstanceState(bundle);
-        getFragmentManager().putFragment(bundle, "ContactsListFragment", mContactsFragment);
-        Log.w(TAG, "onSaveInstanceState()");
    }

    @Override
@@ -133,13 +131,8 @@ public class HomeActivity extends FragmentActivity implements DialingFragment.Ca
            bindService(intent, mConnection, Context.BIND_AUTO_CREATE);
        }

-        if (savedInstanceState != null) {
-            mContactsFragment = (ContactListFragment) getFragmentManager().getFragment(savedInstanceState, "ContactsListFragment");
-        }
-        if (mContactsFragment == null) {
-            mContactsFragment = new ContactListFragment();
-            getFragmentManager().beginTransaction().replace(R.id.contacts_frame, mContactsFragment).commit();
-        }
+        mContactsFragment = new ContactListFragment();
+        getFragmentManager().beginTransaction().replace(R.id.contacts_frame, mContactsFragment).commit();

        mContactDrawer = (SlidingUpPanelLayout) findViewById(R.id.contact_panel);
        // mContactDrawer.setShadowDrawable(getResources().getDrawable(R.drawable.above_shadow));
@@ -259,8 +252,8 @@ public class HomeActivity extends FragmentActivity implements DialingFragment.Ca
    }

    private static boolean copyAsset(AssetManager assetManager, String fromAssetPath, String toPath) {
-        InputStream in = null;
-        OutputStream out = null;
+        InputStream in;
+        OutputStream out;
        try {
            in = assetManager.open(fromAssetPath);
            new File(toPath).createNewFile();
@@ -382,14 +375,9 @@ public class HomeActivity extends FragmentActivity implements DialingFragment.Ca
        @Override
        public void onServiceConnected(ComponentName className, IBinder binder) {
            service = ISipService.Stub.asInterface(binder);
-            try {
-                fMenu = new MenuFragment();
-                fContent = new HomeFragment();
-                getSupportFragmentManager().beginTransaction().replace(R.id.left_drawer, fMenu).replace(R.id.main_frame, fContent, "Home").addToBackStack("Home").commit();
-                service.destroyNotification();
-            } catch (RemoteException e) {
-                Log.e(TAG, e.toString());
-            }
+            fMenu = new MenuFragment();
+            fContent = new HomeFragment();
+            getSupportFragmentManager().beginTransaction().replace(R.id.left_drawer, fMenu).replace(R.id.main_frame, fContent, "Home").addToBackStack("Home").commit();
            mBound = true;
            Log.d(TAG, "Service connected service=" + service);
        }

--- a/src/org/sflphone/fragments/NestedSettingsFragment.java
+++ b/src/org/sflphone/fragments/NestedSettingsFragment.java
@@ -88,6 +88,15 @@ public class NestedSettingsFragment extends PreferenceFragment {
        return results;
    }

+    public boolean checkCertificate(String crt) {
+        try {
+             return mCallbacks.getService().checkCertificateValidity(crt);
+        } catch (RemoteException e) {
+            e.printStackTrace();
+        }
+        return false;
+    }
+
    public interface Callbacks {

        public Account getAccount();

--- a/src/org/sflphone/service/ISipService.aidl
+++ b/src/org/sflphone/service/ISipService.aidl
@@ -30,15 +30,15 @@ interface ISipService {
    String getCurrentAudioCodecName(in String callID);
    void setActiveCodecList(in List codecs, in String accountID);
    Map getRingtoneList();
+
+    boolean checkForPrivateKey(in String pemPath);
+    boolean checkCertificateValidity(in String pemPath);
+    boolean checkHostnameCertificate(in String certificatePath, in String host, in String port);
    
    
    // FIXME
    void toggleSpeakerPhone(in boolean toggle);

-    /* Notification */
-    void createNotification();
-    void destroyNotification();
-
    /* Recording */
    void setRecordPath(in String path);
    String getRecordPath();

--- a/src/org/sflphone/service/SipService.java
+++ b/src/org/sflphone/service/SipService.java
@@ -1073,6 +1073,63 @@ public class SipService extends Service {
            return null;
        }

+        @Override
+        public boolean checkForPrivateKey(final String pemPath) throws RemoteException {
+            class hasPrivateKey extends SipRunnableWithReturn {
+
+                @Override
+                protected Boolean doRun() throws SameThreadException {
+                    Log.i(TAG, "SipService.isCaptureMuted() thread running...");
+                    return configurationManagerJNI.checkForPrivateKey(pemPath);
+                }
+            }
+
+            hasPrivateKey runInstance = new hasPrivateKey();
+            getExecutor().execute(runInstance);
+            while (!runInstance.isDone()) {
+            }
+
+            return (Boolean) runInstance.getVal();
+        }
+
+        @Override
+        public boolean checkCertificateValidity(final String pemPath) throws RemoteException {
+            class isValid extends SipRunnableWithReturn {
+
+                @Override
+                protected Boolean doRun() throws SameThreadException {
+                    Log.i(TAG, "SipService.isCaptureMuted() thread running...");
+                    return configurationManagerJNI.checkCertificateValidity(pemPath);
+                }
+            }
+
+            isValid runInstance = new isValid();
+            getExecutor().execute(runInstance);
+            while (!runInstance.isDone()) {
+            }
+
+            return (Boolean) runInstance.getVal();
+        }
+
+        @Override
+        public boolean checkHostnameCertificate(final String certificatePath, final String host, final String port) throws RemoteException {
+            class isValid extends SipRunnableWithReturn {
+
+                @Override
+                protected Boolean doRun() throws SameThreadException {
+                    Log.i(TAG, "SipService.isCaptureMuted() thread running...");
+                    return configurationManagerJNI.checkHostnameCertificate(certificatePath, host, port);
+                }
+            }
+
+            isValid runInstance = new isValid();
+            getExecutor().execute(runInstance);
+            while (!runInstance.isDone()) {
+            }
+
+            return (Boolean) runInstance.getVal();
+        }
+
        @Override
        public void setActiveCodecList(final List codecs, final String accountID) throws RemoteException {
            getExecutor().execute(new SipRunnable() {
@@ -1088,18 +1145,6 @@ public class SipService extends Service {
            });
        }

-        /***********************
-         * Notification API
-         ***********************/
-        @Override
-        public void createNotification() throws RemoteException {
-
-        }
-
-        @Override
-        public void destroyNotification() throws RemoteException {
-
-        }

        @Override
        public Conference getCurrentCall() throws RemoteException {