kadu/gotify-android-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement optional mTLS via client certificate option

Browse Source
This commit is contained in:
Niko Diamadis
2024-04-19 02:15:06 +02:00
parent 8a1802e5ed
commit 23ef899564
7 changed files with 272 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/src/main/kotlin/com/github/gotify/SSLSettings.kt
View File

@@ -1,3 +1,8 @@
package com.github.gotify package com.github.gotify
internal class SSLSettings(val validateSSL: Boolean, val cert: String?) internal class SSLSettings(
val validateSSL: Boolean,
val caCertPath: String?,
val clientCertPath: String?,
val clientCertPassword: String?
)

27
app/src/main/kotlin/com/github/gotify/Settings.kt
View File

@@ -26,12 +26,21 @@ internal class Settings(context: Context) {
var serverVersion: String var serverVersion: String
get() = sharedPreferences.getString("version", "UNKNOWN")!! get() = sharedPreferences.getString("version", "UNKNOWN")!!
set(value) = sharedPreferences.edit().putString("version", value).apply() set(value) = sharedPreferences.edit().putString("version", value).apply()
var cert: String? var caCertPath: String?
get() = sharedPreferences.getString("cert", null) get() = sharedPreferences.getString("caCertPath", null)
set(value) = sharedPreferences.edit().putString("cert", value).apply() set(value) = sharedPreferences.edit().putString("caCertPath", value).apply()
var caCertCN: String?
get() = sharedPreferences.getString("caCertCN", null)
set(value) = sharedPreferences.edit().putString("caCertCN", value).apply()
var validateSSL: Boolean var validateSSL: Boolean
get() = sharedPreferences.getBoolean("validateSSL", true) get() = sharedPreferences.getBoolean("validateSSL", true)
set(value) = sharedPreferences.edit().putBoolean("validateSSL", value).apply() set(value) = sharedPreferences.edit().putBoolean("validateSSL", value).apply()
var clientCertPath: String?
get() = sharedPreferences.getString("clientCertPath", null)
set(value) = sharedPreferences.edit().putString("clientCertPath", value).apply()
var clientCertPassword: String?
get() = sharedPreferences.getString("clientCertPass", null)
set(value) = sharedPreferences.edit().putString("clientCertPass", value).apply()
init { init {
sharedPreferences = context.getSharedPreferences("gotify", Context.MODE_PRIVATE) sharedPreferences = context.getSharedPreferences("gotify", Context.MODE_PRIVATE)
@@ -43,7 +52,10 @@ internal class Settings(context: Context) {
url = "" url = ""
token = null token = null
validateSSL = true validateSSL = true
cert = null caCertPath = null
caCertCN = null
clientCertPath = null
clientCertPassword = null
} }
fun setUser(name: String?, admin: Boolean) { fun setUser(name: String?, admin: Boolean) {
@@ -51,6 +63,11 @@ internal class Settings(context: Context) {
} }
fun sslSettings(): SSLSettings { fun sslSettings(): SSLSettings {
return SSLSettings(validateSSL, cert) return SSLSettings(
validateSSL,
caCertPath,
clientCertPath,
clientCertPassword
)
} }
} }

85
app/src/main/kotlin/com/github/gotify/api/CertUtils.kt
View File

@@ -2,14 +2,17 @@ package com.github.gotify.api
import android.annotation.SuppressLint import android.annotation.SuppressLint
import com.github.gotify.SSLSettings import com.github.gotify.SSLSettings
import com.github.gotify.Utils import java.io.File
import java.io.IOException import java.io.FileInputStream
import java.io.InputStream
import java.security.GeneralSecurityException import java.security.GeneralSecurityException
import java.security.KeyStore import java.security.KeyStore
import java.security.SecureRandom import java.security.SecureRandom
import java.security.cert.Certificate import java.security.cert.Certificate
import java.security.cert.CertificateFactory import java.security.cert.CertificateFactory
import java.security.cert.X509Certificate import java.security.cert.X509Certificate
import javax.net.ssl.KeyManager
import javax.net.ssl.KeyManagerFactory
import javax.net.ssl.SSLContext import javax.net.ssl.SSLContext
import javax.net.ssl.TrustManager import javax.net.ssl.TrustManager
import javax.net.ssl.TrustManagerFactory import javax.net.ssl.TrustManagerFactory
@@ -18,6 +21,9 @@ import okhttp3.OkHttpClient
import org.tinylog.kotlin.Logger import org.tinylog.kotlin.Logger
internal object CertUtils { internal object CertUtils {
const val CA_CERT_NAME = "ca-cert.crt"
const val CLIENT_CERT_NAME = "client-cert.p12"
@SuppressLint("CustomX509TrustManager") @SuppressLint("CustomX509TrustManager")
private val trustAll = object : X509TrustManager { private val trustAll = object : X509TrustManager {
@SuppressLint("TrustAllX509TrustManager") @SuppressLint("TrustAllX509TrustManager")
@@ -31,10 +37,10 @@ internal object CertUtils {
override fun getAcceptedIssuers() = arrayOf<X509Certificate>() override fun getAcceptedIssuers() = arrayOf<X509Certificate>()
} }
fun parseCertificate(cert: String): Certificate { fun parseCertificate(inputStream: InputStream): Certificate {
try { try {
val certificateFactory = CertificateFactory.getInstance("X509") val certificateFactory = CertificateFactory.getInstance("X509")
return certificateFactory.generateCertificate(Utils.stringToInputStream(cert)) return certificateFactory.generateCertificate(inputStream)
} catch (e: Exception) { } catch (e: Exception) {
throw IllegalArgumentException("certificate is invalid") throw IllegalArgumentException("certificate is invalid")
} }
@@ -43,25 +49,37 @@ internal object CertUtils {
fun applySslSettings(builder: OkHttpClient.Builder, settings: SSLSettings) { fun applySslSettings(builder: OkHttpClient.Builder, settings: SSLSettings) {
// Modified from ApiClient.applySslSettings in the client package. // Modified from ApiClient.applySslSettings in the client package.
try { try {
if (!settings.validateSSL) { var customManagers = false
val context = SSLContext.getInstance("TLS") var trustManagers: Array<TrustManager>? = null
context.init(arrayOf(), arrayOf<TrustManager>(trustAll), SecureRandom()) var keyManagers: Array<KeyManager>? = null
builder.sslSocketFactory(context.socketFactory, trustAll) if (settings.caCertPath != null) {
builder.hostnameVerifier { _, _ -> true } val tempTrustManagers = certToTrustManager(settings.caCertPath)
return if (tempTrustManagers.isNotEmpty()) {
} trustManagers = tempTrustManagers
val cert = settings.cert customManagers = true
if (cert != null) {
val trustManagers = certToTrustManager(cert)
if (trustManagers.isNotEmpty()) {
val context = SSLContext.getInstance("TLS")
context.init(arrayOf(), trustManagers, SecureRandom())
builder.sslSocketFactory(
context.socketFactory,
trustManagers[0] as X509TrustManager
)
} }
} }
if (settings.clientCertPath != null) {
val tempKeyManagers = certToKeyManager(
settings.clientCertPath,
settings.clientCertPassword
)
if (tempKeyManagers.isNotEmpty()) {
keyManagers = tempKeyManagers
}
}
if (!settings.validateSSL) {
trustManagers = arrayOf(trustAll)
builder.hostnameVerifier { _, _ -> true }
}
if (customManagers || !settings.validateSSL) {
val context = SSLContext.getInstance("TLS")
context.init(keyManagers, trustManagers, SecureRandom())
builder.sslSocketFactory(
context.socketFactory,
trustManagers!![0] as X509TrustManager
)
}
} catch (e: Exception) { } catch (e: Exception) {
// We shouldn't have issues since the cert is verified on login. // We shouldn't have issues since the cert is verified on login.
Logger.error(e, "Failed to apply SSL settings") Logger.error(e, "Failed to apply SSL settings")
@@ -69,12 +87,13 @@ internal object CertUtils {
} }
@Throws(GeneralSecurityException::class) @Throws(GeneralSecurityException::class)
private fun certToTrustManager(cert: String): Array<TrustManager> { private fun certToTrustManager(certPath: String): Array<TrustManager> {
val certificateFactory = CertificateFactory.getInstance("X.509") val certificateFactory = CertificateFactory.getInstance("X.509")
val certificates = certificateFactory.generateCertificates(Utils.stringToInputStream(cert)) val inputStream = FileInputStream(File(certPath))
val certificates = certificateFactory.generateCertificates(inputStream)
require(certificates.isNotEmpty()) { "expected non-empty set of trusted certificates" } require(certificates.isNotEmpty()) { "expected non-empty set of trusted certificates" }
val caKeyStore = newEmptyKeyStore() val caKeyStore = KeyStore.getInstance(KeyStore.getDefaultType()).apply { load(null) }
certificates.forEachIndexed { index, certificate -> certificates.forEachIndexed { index, certificate ->
val certificateAlias = "ca$index" val certificateAlias = "ca$index"
caKeyStore.setCertificateEntry(certificateAlias, certificate) caKeyStore.setCertificateEntry(certificateAlias, certificate)
@@ -86,13 +105,15 @@ internal object CertUtils {
} }
@Throws(GeneralSecurityException::class) @Throws(GeneralSecurityException::class)
private fun newEmptyKeyStore(): KeyStore { private fun certToKeyManager(certPath: String, certPassword: String?): Array<KeyManager> {
return try { require(certPassword != null) { "empty client certificate password" }
val keyStore = KeyStore.getInstance(KeyStore.getDefaultType())
keyStore.load(null, null) val keyStore = KeyStore.getInstance("PKCS12")
keyStore val inputStream = FileInputStream(File(certPath))
} catch (e: IOException) { keyStore.load(inputStream, certPassword.toCharArray())
throw AssertionError(e) val keyManagerFactory =
} KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm())
keyManagerFactory.init(keyStore, certPassword.toCharArray())
return keyManagerFactory.keyManagers
} }
} }

68
app/src/main/kotlin/com/github/gotify/login/AdvancedDialog.kt
View File

@@ -15,6 +15,9 @@ internal class AdvancedDialog(
private var onCheckedChangeListener: CompoundButton.OnCheckedChangeListener? = null private var onCheckedChangeListener: CompoundButton.OnCheckedChangeListener? = null
private lateinit var onClickSelectCaCertificate: Runnable private lateinit var onClickSelectCaCertificate: Runnable
private lateinit var onClickRemoveCaCertificate: Runnable private lateinit var onClickRemoveCaCertificate: Runnable
private lateinit var onClickSelectClientCertificate: Runnable
private lateinit var onClickRemoveClientCertificate: Runnable
private lateinit var onClose: (password: String) -> Unit
fun onDisableSSLChanged( fun onDisableSSLChanged(
onCheckedChangeListener: CompoundButton.OnCheckedChangeListener? onCheckedChangeListener: CompoundButton.OnCheckedChangeListener?
@@ -33,35 +36,82 @@ internal class AdvancedDialog(
return this return this
} }
fun show(disableSSL: Boolean, selectedCertificate: String?): AdvancedDialog { fun onClickSelectClientCertificate(onClickSelectClientCertificate: Runnable): AdvancedDialog {
this.onClickSelectClientCertificate = onClickSelectClientCertificate
return this
}
fun onClickRemoveClientCertificate(onClickRemoveClientCertificate: Runnable): AdvancedDialog {
this.onClickRemoveClientCertificate = onClickRemoveClientCertificate
return this
}
fun onClose(onClose: (passworrd: String) -> Unit): AdvancedDialog {
this.onClose = onClose
return this
}
fun show(
disableSSL: Boolean,
caCertPath: String? = null,
caCertCN: String?,
clientCertPath: String? = null,
clientCertPassword: String?
): AdvancedDialog {
binding = AdvancedSettingsDialogBinding.inflate(layoutInflater) binding = AdvancedSettingsDialogBinding.inflate(layoutInflater)
binding.disableSSL.isChecked = disableSSL binding.disableSSL.isChecked = disableSSL
binding.disableSSL.setOnCheckedChangeListener(onCheckedChangeListener) binding.disableSSL.setOnCheckedChangeListener(onCheckedChangeListener)
if (selectedCertificate == null) { if (caCertPath == null) {
showSelectCACertificate() showSelectCaCertificate()
} else { } else {
showRemoveCACertificate(selectedCertificate) showRemoveCaCertificate(caCertCN!!)
}
if (clientCertPath == null) {
showSelectClientCertificate()
} else {
showRemoveClientCertificate()
}
if (!clientCertPassword.isNullOrEmpty()) {
binding.clientCertPasswordEdittext.setText(clientCertPassword)
} }
MaterialAlertDialogBuilder(context) MaterialAlertDialogBuilder(context)
.setView(binding.root) .setView(binding.root)
.setTitle(R.string.advanced_settings) .setTitle(R.string.advanced_settings)
.setPositiveButton(context.getString(R.string.done), null) .setPositiveButton(context.getString(R.string.done), null)
.setOnDismissListener {
onClose(binding.clientCertPasswordEdittext.text.toString())
}
.show() .show()
return this return this
} }
private fun showSelectCACertificate() { private fun showSelectCaCertificate() {
binding.toggleCaCert.setText(R.string.select_ca_certificate) binding.toggleCaCert.setText(R.string.select_ca_certificate)
binding.toggleCaCert.setOnClickListener { onClickSelectCaCertificate.run() } binding.toggleCaCert.setOnClickListener { onClickSelectCaCertificate.run() }
binding.selecetedCaCert.setText(R.string.no_certificate_selected) binding.selectedCaCert.setText(R.string.no_certificate_selected)
} }
fun showRemoveCACertificate(certificate: String) { fun showRemoveCaCertificate(certificateCN: String) {
binding.toggleCaCert.setText(R.string.remove_ca_certificate) binding.toggleCaCert.setText(R.string.remove_ca_certificate)
binding.toggleCaCert.setOnClickListener { binding.toggleCaCert.setOnClickListener {
showSelectCACertificate() showSelectCaCertificate()
onClickRemoveCaCertificate.run() onClickRemoveCaCertificate.run()
} }
binding.selecetedCaCert.text = certificate binding.selectedCaCert.text = certificateCN
}
private fun showSelectClientCertificate() {
binding.toggleClientCert.setText(R.string.select_client_certificate)
binding.toggleClientCert.setOnClickListener { onClickSelectClientCertificate.run() }
binding.selectedClientCert.setText(R.string.no_certificate_selected)
}
fun showRemoveClientCertificate() {
binding.toggleClientCert.setText(R.string.remove_client_certificate)
binding.toggleClientCert.setOnClickListener {
showSelectClientCertificate()
onClickRemoveClientCertificate.run()
}
binding.selectedClientCert.setText(R.string.certificate_found)
} }
} }

105
app/src/main/kotlin/com/github/gotify/login/LoginActivity.kt
View File

@@ -8,7 +8,9 @@ import android.os.Bundle
import android.text.Editable import android.text.Editable
import android.text.TextWatcher import android.text.TextWatcher
import android.view.View import android.view.View
import androidx.activity.result.ActivityResultLauncher
import androidx.activity.result.contract.ActivityResultContracts import androidx.activity.result.contract.ActivityResultContracts
import androidx.annotation.StringRes
import androidx.appcompat.app.AppCompatActivity import androidx.appcompat.app.AppCompatActivity
import com.github.gotify.R import com.github.gotify.R
import com.github.gotify.SSLSettings import com.github.gotify.SSLSettings
@@ -31,6 +33,10 @@ import com.github.gotify.log.LogsActivity
import com.github.gotify.log.UncaughtExceptionHandler import com.github.gotify.log.UncaughtExceptionHandler
import com.google.android.material.dialog.MaterialAlertDialogBuilder import com.google.android.material.dialog.MaterialAlertDialogBuilder
import com.google.android.material.textfield.TextInputEditText import com.google.android.material.textfield.TextInputEditText
import java.io.File
import java.io.FileInputStream
import java.io.FileOutputStream
import java.io.InputStream
import java.security.cert.X509Certificate import java.security.cert.X509Certificate
import okhttp3.HttpUrl import okhttp3.HttpUrl
import org.tinylog.kotlin.Logger import org.tinylog.kotlin.Logger
@@ -40,10 +46,13 @@ internal class LoginActivity : AppCompatActivity() {
private lateinit var settings: Settings private lateinit var settings: Settings
private var disableSslValidation = false private var disableSslValidation = false
private var caCertContents: String? = null private var caCertCN: String? = null
private var caCertPath: String? = null
private var clientCertPath: String? = null
private var clientCertPassword: String? = null
private lateinit var advancedDialog: AdvancedDialog private lateinit var advancedDialog: AdvancedDialog
private val certificateDialogResultLauncher = private val caDialogResultLauncher =
registerForActivityResult(ActivityResultContracts.StartActivityForResult()) { result -> registerForActivityResult(ActivityResultContracts.StartActivityForResult()) { result ->
try { try {
require(result.resultCode == RESULT_OK) { "result was ${result.resultCode}" } require(result.resultCode == RESULT_OK) { "result was ${result.resultCode}" }
@@ -52,18 +61,38 @@ internal class LoginActivity : AppCompatActivity() {
val uri = result.data!!.data ?: throw IllegalArgumentException("file path was null") val uri = result.data!!.data ?: throw IllegalArgumentException("file path was null")
val fileStream = contentResolver.openInputStream(uri) val fileStream = contentResolver.openInputStream(uri)
?: throw IllegalArgumentException("file path was invalid") ?: throw IllegalArgumentException("file path was invalid")
val destinationFile = File(filesDir, CertUtils.CA_CERT_NAME)
copyStreamToFile(fileStream, destinationFile)
val content = Utils.readFileFromStream(fileStream) // temporarily store it (don't store to settings until they decide to login)
val name = getNameOfCertContent(content) caCertCN = getNameOfCertContent(destinationFile)!!
caCertPath = destinationFile.absolutePath
// temporarily set the contents (don't store to settings until they decide to login) advancedDialog.showRemoveCaCertificate(caCertCN!!)
caCertContents = content
advancedDialog.showRemoveCACertificate(name)
} catch (e: Exception) { } catch (e: Exception) {
Utils.showSnackBar(this, getString(R.string.select_ca_failed, e.message)) Utils.showSnackBar(this, getString(R.string.select_ca_failed, e.message))
} }
} }
private val clientCertDialogResultLauncher =
registerForActivityResult(ActivityResultContracts.StartActivityForResult()) { result ->
try {
require(result.resultCode == RESULT_OK) { "result was ${result.resultCode}" }
requireNotNull(result.data) { "file path was null" }
val uri = result.data!!.data ?: throw IllegalArgumentException("file path was null")
val fileStream = contentResolver.openInputStream(uri)
?: throw IllegalArgumentException("file path was invalid")
val destinationFile = File(filesDir, CertUtils.CLIENT_CERT_NAME)
copyStreamToFile(fileStream, destinationFile)
// temporarily store it (don't store to settings until they decide to login)
clientCertPath = destinationFile.absolutePath
advancedDialog.showRemoveClientCertificate()
} catch (e: Exception) {
Utils.showSnackBar(this, getString(R.string.select_client_failed, e.message))
}
}
override fun onCreate(savedInstanceState: Bundle?) { override fun onCreate(savedInstanceState: Bundle?) {
super.onCreate(savedInstanceState) super.onCreate(savedInstanceState)
UncaughtExceptionHandler.registerCurrentThread() UncaughtExceptionHandler.registerCurrentThread()
@@ -140,12 +169,6 @@ internal class LoginActivity : AppCompatActivity() {
} }
private fun toggleShowAdvanced() { private fun toggleShowAdvanced() {
val selectedCertName = if (caCertContents != null) {
getNameOfCertContent(caCertContents!!)
} else {
null
}
advancedDialog = AdvancedDialog(this, layoutInflater) advancedDialog = AdvancedDialog(this, layoutInflater)
.onDisableSSLChanged { _, disable -> .onDisableSSLChanged { _, disable ->
invalidateUrl() invalidateUrl()
@@ -153,33 +176,51 @@ internal class LoginActivity : AppCompatActivity() {
} }
.onClickSelectCaCertificate { .onClickSelectCaCertificate {
invalidateUrl() invalidateUrl()
doSelectCACertificate() doSelectCertificate(caDialogResultLauncher, R.string.select_ca_file)
} }
.onClickRemoveCaCertificate { .onClickRemoveCaCertificate {
invalidateUrl() invalidateUrl()
caCertContents = null caCertPath = null
} }
.show(disableSslValidation, selectedCertName) .onClickSelectClientCertificate {
invalidateUrl()
doSelectCertificate(clientCertDialogResultLauncher, R.string.select_client_file)
}
.onClickRemoveClientCertificate {
invalidateUrl()
clientCertPath = null
}
.onClose { newPassword ->
clientCertPassword = newPassword
}
.show(
disableSslValidation,
caCertPath,
caCertCN,
clientCertPath,
clientCertPassword
)
} }
private fun doSelectCACertificate() { private fun doSelectCertificate(
resultLauncher: ActivityResultLauncher<Intent>,
@StringRes descriptionId: Int
) {
val intent = Intent(Intent.ACTION_OPEN_DOCUMENT) val intent = Intent(Intent.ACTION_OPEN_DOCUMENT)
// we don't really care what kind of file it is as long as we can parse it // we don't really care what kind of file it is as long as we can parse it
intent.type = "*/*" intent.type = "*/*"
intent.addCategory(Intent.CATEGORY_OPENABLE) intent.addCategory(Intent.CATEGORY_OPENABLE)
try { try {
certificateDialogResultLauncher.launch( resultLauncher.launch(Intent.createChooser(intent, getString(descriptionId)))
Intent.createChooser(intent, getString(R.string.select_ca_file))
)
} catch (e: ActivityNotFoundException) { } catch (e: ActivityNotFoundException) {
// case for user not having a file browser installed // case for user not having a file browser installed
Utils.showSnackBar(this, getString(R.string.please_install_file_browser)) Utils.showSnackBar(this, getString(R.string.please_install_file_browser))
} }
} }
private fun getNameOfCertContent(content: String): String { private fun getNameOfCertContent(file: File): String? {
val ca = CertUtils.parseCertificate(content) val ca = CertUtils.parseCertificate(FileInputStream(file))
return (ca as X509Certificate).subjectDN.name return (ca as X509Certificate).subjectDN.name
} }
@@ -265,7 +306,10 @@ internal class LoginActivity : AppCompatActivity() {
private fun onCreatedClient(client: Client) { private fun onCreatedClient(client: Client) {
settings.token = client.token settings.token = client.token
settings.validateSSL = !disableSslValidation settings.validateSSL = !disableSslValidation
settings.cert = caCertContents settings.caCertCN = caCertCN
settings.caCertPath = caCertPath
settings.clientCertPath = clientCertPath
settings.clientCertPassword = clientCertPassword
Utils.showSnackBar(this, getString(R.string.created_client)) Utils.showSnackBar(this, getString(R.string.created_client))
startActivity(Intent(this, InitializationActivity::class.java)) startActivity(Intent(this, InitializationActivity::class.java))
@@ -288,6 +332,17 @@ internal class LoginActivity : AppCompatActivity() {
} }
private fun tempSslSettings(): SSLSettings { private fun tempSslSettings(): SSLSettings {
return SSLSettings(!disableSslValidation, caCertContents) return SSLSettings(
!disableSslValidation,
caCertPath,
clientCertPath,
clientCertPassword
)
}
private fun copyStreamToFile(inputStream: InputStream, file: File) {
FileOutputStream(file).use {
inputStream.copyTo(it)
}
} }
} }

47
app/src/main/res/layout/advanced_settings_dialog.xml
View File

@@ -1,6 +1,8 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" <LinearLayout
android:orientation="vertical" android:layout_width="match_parent" xmlns:android="http://schemas.android.com/apk/res/android"
android:orientation="vertical"
android:layout_width="match_parent"
android:layout_height="match_parent" android:layout_height="match_parent"
android:padding="20dp"> android:padding="20dp">
@@ -18,8 +20,47 @@
android:text="@string/select_ca_certificate" /> android:text="@string/select_ca_certificate" />
<com.google.android.material.textview.MaterialTextView <com.google.android.material.textview.MaterialTextView
android:id="@+id/seleceted_ca_cert" android:id="@+id/selected_ca_cert"
android:layout_width="match_parent" android:layout_width="match_parent"
android:layout_height="wrap_content" android:layout_height="wrap_content"
android:text="@string/no_certificate_selected" /> android:text="@string/no_certificate_selected" />
<com.google.android.material.divider.MaterialDivider
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:layout_marginTop="20dp" />
<com.google.android.material.button.MaterialButton
android:id="@+id/toggle_client_cert"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:layout_marginTop="20dp"
android:textColor="@android:color/white"
android:text="@string/select_client_certificate" />
<com.google.android.material.textview.MaterialTextView
android:id="@+id/selected_client_cert"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:text="@string/no_certificate_selected" />
<com.google.android.material.textfield.TextInputLayout
android:id="@+id/client_cert_password"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:layout_marginTop="20dp"
android:maxWidth="280dp"
android:ems="10">
<com.google.android.material.textfield.TextInputEditText
android:id="@+id/client_cert_password_edittext"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:singleLine="true"
android:inputType="textPassword"
android:importantForAutofill="no"
android:hint="@string/client_cert_password" />
</com.google.android.material.textfield.TextInputLayout>
</LinearLayout> </LinearLayout>

10
app/src/main/res/values/strings.xml
View File

@@ -40,9 +40,14 @@
<string name="password">Password</string> <string name="password">Password</string>
<string name="disabled_validate_ssl">Disable SSL Validation</string> <string name="disabled_validate_ssl">Disable SSL Validation</string>
<string name="select_ca_certificate">Select CA Certificate</string> <string name="select_ca_certificate">Select CA Certificate</string>
<string name="select_ca_file">Select a Certificate File</string> <string name="select_client_certificate">Select Client Certificate (PKCS#12)</string>
<string name="select_ca_file">Select a CA Certificate File</string>
<string name="select_client_file">Select a Client Certificate File</string>
<string name="client_cert_password">Certificate Password</string>
<string name="please_install_file_browser">Please install a file browser</string> <string name="please_install_file_browser">Please install a file browser</string>
<string name="select_ca_failed">Failed to read CA: %s</string> <string name="select_ca_failed">Failed to read CA cert: %s</string>
<string name="select_client_failed">Failed to read client cert: %s</string>
<string name="certificate_found">Certificate found</string>
<string name="login">Login</string> <string name="login">Login</string>
<string name="check_url">Check URL</string> <string name="check_url">Check URL</string>
<string name="permissions_dialog_grant">Grant</string> <string name="permissions_dialog_grant">Grant</string>
@@ -65,6 +70,7 @@
<string name="done">Done</string> <string name="done">Done</string>
<string name="no_certificate_selected">No certificate selected</string> <string name="no_certificate_selected">No certificate selected</string>
<string name="remove_ca_certificate">Remove CA Certificate</string> <string name="remove_ca_certificate">Remove CA Certificate</string>
<string name="remove_client_certificate">Remove Client Certificate</string>
<string name="warning">Warning</string> <string name="warning">Warning</string>
<string name="http_warning">Using HTTP is insecure and it\'s recommend to use HTTPS instead. Use your favorite search engine to get more information about this topic.</string> <string name="http_warning">Using HTTP is insecure and it\'s recommend to use HTTPS instead. Use your favorite search engine to get more information about this topic.</string>
<string name="i_understand">I Understand</string> <string name="i_understand">I Understand</string>