From f8932f11321fe2fac70edc9827f6a3517ee990c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Fri, 27 Jun 2014 19:51:57 +0200
Subject: Download certificate if expired.

---
 .../main/java/se/leap/bitmaskclient/Dashboard.java | 17 +++++++++-
 app/src/main/java/se/leap/bitmaskclient/EIP.java   | 25 +++++++++++++++
 .../se/leap/bitmaskclient/EipServiceFragment.java  | 36 +++++++++++++++++++---
 app/src/main/res/values/strings.xml                |  1 +
 4 files changed, 73 insertions(+), 6 deletions(-)

diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
index cb451b86..117e45d8 100644
--- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
+++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
@@ -472,9 +472,12 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf
 		} else if(resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE) {
         	setResult(RESULT_OK);
     		changeStatusMessage(resultCode);
-        	mProgressBar.setVisibility(ProgressBar.GONE);
+		if(mProgressBar != null)
+		    mProgressBar.setVisibility(ProgressBar.GONE);
 		if(EipServiceFragment.isEipSwitchChecked())
 		    eipStart();
+		else
+		    eipStatus.setText(R.string.eip_state_not_connected);
 		} else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) {
         	setResult(RESULT_CANCELED);
     		changeStatusMessage(resultCode);
@@ -570,4 +573,16 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf
 	startService(eip_intent);
 
     }
+
+    protected void setProgressBarVisibility(int visibility) {
+	if(mProgressBar == null)
+	    mProgressBar = (ProgressBar) findViewById(R.id.eipProgress);	    
+	mProgressBar.setVisibility(visibility);
+    }
+
+    protected void setEipStatus(int status) {
+	if(eipStatus == null)
+	    eipStatus = (TextView) findViewById(R.id.eipStatus);
+	eipStatus.setText(status);
+    }
 }
diff --git a/app/src/main/java/se/leap/bitmaskclient/EIP.java b/app/src/main/java/se/leap/bitmaskclient/EIP.java
index 21a573fe..ea5d7ab6 100644
--- a/app/src/main/java/se/leap/bitmaskclient/EIP.java
+++ b/app/src/main/java/se/leap/bitmaskclient/EIP.java
@@ -27,6 +27,9 @@ import java.util.NoSuchElementException;
 import java.util.Set;
 import java.util.TreeMap;
 import java.util.Vector;
+import java.security.cert.X509Certificate;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateNotYetValidException;
 
 import org.json.JSONArray;
 import org.json.JSONException;
@@ -72,6 +75,7 @@ import android.util.Log;
 public final class EIP extends IntentService {
 	
 	public final static String AUTHED_EIP = "authed eip";
+	public final static String ACTION_CHECK_CERT_VALIDITY = "se.leap.bitmaskclient.CHECK_CERT_VALIDITY";
 	public final static String ACTION_START_EIP = "se.leap.bitmaskclient.START_EIP";
 	public final static String ACTION_STOP_EIP = "se.leap.bitmaskclient.STOP_EIP";
 	public final static String ACTION_UPDATE_EIP_SERVICE = "se.leap.bitmaskclient.UPDATE_EIP_SERVICE";
@@ -138,6 +142,8 @@ public final class EIP extends IntentService {
 			this.startEIP();
 		else if ( action == ACTION_STOP_EIP )
 			this.stopEIP();
+		else if ( action == ACTION_CHECK_CERT_VALIDITY )
+			this.checkCertValidity();
 	}
 	
 	/**
@@ -408,6 +414,25 @@ public final class EIP extends IntentService {
 		getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putInt(PARSED_SERIAL, eipDefinition.optInt(Provider.API_RETURN_SERIAL)).commit();
 	}
 
+    private void checkCertValidity() {
+	Log.d(TAG, "check cert validity");
+	String certificate_string = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getString(CERTIFICATE, "");
+	X509Certificate certificate_x509 = ConfigHelper.parseX509CertificateFromString(certificate_string);
+	// Fetch a new certificate if the current one is going to expire in less than 7 days
+	Calendar offset_date = Calendar.getInstance();
+	offset_date.add(Calendar.DATE, 10);
+	Bundle result_data = new Bundle();
+	result_data.putString(REQUEST_TAG, ACTION_CHECK_CERT_VALIDITY);
+	try {
+	    certificate_x509.checkValidity(offset_date.getTime());
+	    mReceiver.send(Activity.RESULT_OK, result_data);
+	} catch(CertificateExpiredException e) {
+	    mReceiver.send(Activity.RESULT_CANCELED, result_data);
+	} catch(CertificateNotYetValidException e) {
+	    mReceiver.send(Activity.RESULT_CANCELED, result_data);
+	}
+    }
+
 	/**
 	 * OVPNGateway provides objects defining gateways and their options and metadata.
 	 * Each instance contains a VpnProfile for OpenVPN specific data and member
diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java
index 299d89a4..ef367a17 100644
--- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java
+++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java
@@ -1,6 +1,10 @@
 package se.leap.bitmaskclient;
 
 import se.leap.bitmaskclient.R;
+import se.leap.bitmaskclient.ProviderAPIResultReceiver;
+import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver;
+import se.leap.bitmaskclient.Dashboard;
+
 import de.blinkt.openvpn.activities.LogWindow;
 import de.blinkt.openvpn.core.VpnStatus;
 import de.blinkt.openvpn.core.VpnStatus.ConnectionStatus;
@@ -21,6 +25,7 @@ import android.view.View.OnClickListener;
 import android.view.ViewGroup;
 import android.widget.CompoundButton.OnCheckedChangeListener;
 import android.widget.CompoundButton;
+import android.widget.ProgressBar;
 import android.widget.RelativeLayout;
 import android.widget.Switch;
 import android.widget.TextView;
@@ -37,7 +42,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
 
 	private boolean eipAutoSwitched = true;
 	
-	private boolean mEipStartPending = false;
+ 	private boolean mEipStartPending = false;
 
     private boolean set_switch_off = false;
 
@@ -100,6 +105,8 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
 		    eipSwitch.setChecked(false);
 		    set_switch_off = false;
 		}
+		
+		eipCommand(EIP.ACTION_CHECK_CERT_VALIDITY);
 	}
 
     protected void setSwitchOff(boolean value) {
@@ -198,9 +205,10 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
 	 */
 	private void eipCommand(String action){
 		// TODO validate "action"...how do we get the list of intent-filters for a class via Android API?
-		Intent vpnIntent = new Intent(action);
-		vpnIntent.putExtra(EIP.RECEIVER_TAG, mEIPReceiver);
-		getActivity().startService(vpnIntent);
+	    Intent vpn_intent = new Intent(getActivity().getApplicationContext(), EIP.class);
+	    vpn_intent.setAction(action);
+	    vpn_intent.putExtra(EIP.RECEIVER_TAG, mEIPReceiver);
+	    getActivity().startService(vpn_intent);
 	}
 	
 	@Override
@@ -256,7 +264,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
 		@Override
 		protected void onReceiveResult(int resultCode, Bundle resultData) {
 			super.onReceiveResult(resultCode, resultData);
-			
+		
 			String request = resultData.getString(EIP.REQUEST_TAG);
 			boolean checked = false;
 			
@@ -298,6 +306,24 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
 					checked = false;
 					break;
 				}
+			} else if (request == EIP.ACTION_CHECK_CERT_VALIDITY) {
+			    switch (resultCode) {
+			    case Activity.RESULT_OK:
+				break;
+			    case Activity.RESULT_CANCELED:
+				Dashboard dashboard = (Dashboard) getActivity();
+				dashboard.setProgressBarVisibility(ProgressBar.VISIBLE);
+				dashboard.setEipStatus(R.string.updating_certificate_message);
+				ProviderAPIResultReceiver providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler());
+				providerAPI_result_receiver.setReceiver((Receiver)getActivity());
+				
+				Intent provider_API_command = new Intent(getActivity(), ProviderAPI.class);
+				provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE);
+				provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver);
+		
+				getActivity().startService(provider_API_command);
+				break;
+			    }
 			}
 			
 			eipAutoSwitched = true;
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index c928f001..1dbe8fee 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -54,6 +54,7 @@
     <string name="service_is_down_error">Service is down.</string>
     <string name="configuring_provider">Configuring provider</string>
     <string name="incorrectly_downloaded_certificate_message">Your anon cert was not downloaded</string>
+    <string name="updating_certificate_message">Updating EIP certificate</string>
     <string name="authenticating_message">Logging in</string>
     <string name="signingup_message">Signing up</string>
     <string name="logout_message">Logging out from this session.</string>
-- 
cgit v1.2.3