From: Dan Breslau <dbreslau@painless-security.com>
Date: Mon, 24 Oct 2016 22:17:37 +0000 (-0400)
Subject: If the server's fingerprint doesn't match the expected fingerprint, warn the user... 
X-Git-Tag: v0.9.6~6
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=moonshot-ui.git;a=commitdiff_plain;h=4769d205d26666af11c7d62d246115f4d46bd82b

If the server's fingerprint doesn't match the expected fingerprint, warn the user and ask if we should continue
---

diff --git a/src/moonshot-trust-anchor-dialog.vala b/src/moonshot-trust-anchor-dialog.vala
index 28169d2..a4210ab 100644
--- a/src/moonshot-trust-anchor-dialog.vala
+++ b/src/moonshot-trust-anchor-dialog.vala
@@ -86,7 +86,7 @@ public class TrustAnchorConfirmationRequest : GLib.Object {
             return false;
         }
 
-        var dialog = new TrustAnchorDialog(userid, realm, ca_hash);
+        var dialog = new TrustAnchorDialog(card, userid, realm, ca_hash);
         var response = dialog.run();
         dialog.destroy();
         bool is_confirmed = (response == ResponseType.OK);
@@ -132,10 +132,13 @@ class TrustAnchorDialog : Dialog
 
     public bool complete = false;
 
-    public TrustAnchorDialog(string userid,
+    public TrustAnchorDialog(IdCard card,
+                             string userid,
                              string realm,
                              string ca_hash)
     {
+        string server_ta_label_text = null;
+
         this.set_title(_("Trust Anchor"));
         this.set_modal(true);
 //        this.set_transient_for(parent);
@@ -153,7 +156,18 @@ class TrustAnchorDialog : Dialog
         Label dialog_label = new Label("");
         dialog_label.set_alignment(0, 0);
 
-        string label_markup = "<span font-weight='heavy'>" + _("You are using this identity for the first time with the following trust anchor:") + "</span>";
+        string label_markup;
+        if (card.trust_anchor.server_cert == "") {
+            label_markup = "<span font-weight='heavy'>" + _("You are using this identity for the first time with the following trust anchor:") + "</span>";
+        }
+        else {
+            // The server's fingerprint isn't what we're expecting this server to provide.
+            label_markup = "<span font-weight='heavy'>" + _("WARNING: This connection may not be secure! ")
+            + _("The server's trust anchor does not match the expected trust anchor for this server.")
+            + "</span>";
+
+            server_ta_label_text = _("Server's trust anchor (SHA-256 fingerprint) :");
+        }
 
         dialog_label.set_markup(label_markup);
         dialog_label.set_line_wrap(true);
@@ -168,7 +182,7 @@ class TrustAnchorDialog : Dialog
         Label confirm_label = new Label(_("Please confirm that this is the correct trust anchor."));
         confirm_label.set_alignment(0, 0.5f);
 
-        var trust_anchor_display = make_ta_fingerprint_widget(ca_hash);
+        var trust_anchor_display = make_ta_fingerprint_widget(ca_hash, server_ta_label_text);
 
         var vbox = new VBox(false, 0);
         vbox.set_border_width(6);
@@ -178,6 +192,12 @@ class TrustAnchorDialog : Dialog
         vbox.pack_start(trust_anchor_display, true, true, 0);
         vbox.pack_start(confirm_label, true, true, 12);
 
+        if (card.trust_anchor.server_cert != "") {
+            var expected_ta_display = make_ta_fingerprint_widget(card.trust_anchor.server_cert, 
+                                                                 _("Expected trust anchor (SHA-256 fingerprint) :"));
+            vbox.pack_start(expected_ta_display, true, true, 0);
+        }
+
         ((Container) content_area).add(vbox);
 
         this.set_border_width(6);
diff --git a/src/moonshot-utils.vala b/src/moonshot-utils.vala
index bebcd58..7652469 100644
--- a/src/moonshot-utils.vala
+++ b/src/moonshot-utils.vala
@@ -124,32 +124,32 @@ internal void set_atk_relation(Widget widget, Widget target_widget, Atk.Relation
 }
 
 
-internal Widget make_ta_fingerprint_widget(string server_cert)
+internal Widget make_ta_fingerprint_widget(string server_cert, string? label_text = null)
 {
-        var fingerprint_label = new Label(_("SHA-256 fingerprint:"));
-        fingerprint_label.set_alignment(0, 0.5f);
-
-        var fingerprint = new TextView();
-        var fontdesc = FontDescription.from_string("monospace 10");
-        fingerprint.modify_font(fontdesc);
-        fingerprint.set_editable(false);
-        fingerprint.set_left_margin(3);
-        var buffer = fingerprint.get_buffer();
-        buffer.set_text(colonize(server_cert, 16), -1);
-        fingerprint.wrap_mode = Gtk.WrapMode.WORD_CHAR;
-
-        set_atk_relation(fingerprint_label, fingerprint, Atk.RelationType.LABEL_FOR);
-
-        var fingerprint_width_constraint = new ScrolledWindow(null, null);
-        fingerprint_width_constraint.set_policy(PolicyType.NEVER, PolicyType.NEVER);
-        fingerprint_width_constraint.set_shadow_type(ShadowType.IN);
-        fingerprint_width_constraint.set_size_request(360, 60);
-        fingerprint_width_constraint.add_with_viewport(fingerprint);
-
-        var vbox = new VBox(false, 0);
-        vbox.pack_start(fingerprint_label, true, true, 2);
-        vbox.pack_start(fingerprint_width_constraint, true, true, 2);
-        return vbox;
+    var fingerprint_label = new Label(label_text ?? _("SHA-256 fingerprint:"));
+    fingerprint_label.set_alignment(0, 0.5f);
+
+    var fingerprint = new TextView();
+    var fontdesc = FontDescription.from_string("monospace 10");
+    fingerprint.modify_font(fontdesc);
+    fingerprint.set_editable(false);
+    fingerprint.set_left_margin(3);
+    var buffer = fingerprint.get_buffer();
+    buffer.set_text(colonize(server_cert, 16), -1);
+    fingerprint.wrap_mode = Gtk.WrapMode.WORD_CHAR;
+
+    set_atk_relation(fingerprint_label, fingerprint, Atk.RelationType.LABEL_FOR);
+
+    var fingerprint_width_constraint = new ScrolledWindow(null, null);
+    fingerprint_width_constraint.set_policy(PolicyType.NEVER, PolicyType.NEVER);
+    fingerprint_width_constraint.set_shadow_type(ShadowType.IN);
+    fingerprint_width_constraint.set_size_request(360, 60);
+    fingerprint_width_constraint.add_with_viewport(fingerprint);
+
+    var vbox = new VBox(false, 0);
+    vbox.pack_start(fingerprint_label, true, true, 2);
+    vbox.pack_start(fingerprint_width_constraint, true, true, 2);
+    return vbox;
 }
 
     // Yeah, it doesn't mean "colonize" the way you might think... :-)
@@ -175,11 +175,19 @@ internal static string colonize(string input, int bytes_per_line) {
 }
 
 internal static void clear_password_entry(Entry entry) {
-    string r = "[@R@Fid#4LPu6es@Mqteb<VqK?m%O}dW-:-4`oufKv24l6=k-*q_by*K&j)ftVF";
+    
+    // Overwrite the entry with random data
     var len = entry.get_text().length;
-    r = r.slice(0, len);
+    var random_chars = new char[len + 1];
+    for (int i = 0; i < len; i++) {
+        random_chars[i] = (char) Random.int_range(40, 127);
+    }
+    random_chars[len] = 0;
+    string r = (string) random_chars;
     var buf = entry.get_buffer();
     buf.set_text(r.data);
+
+    // Now delete the data
     buf.delete_text(0, len);
 }