1 /* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.webkit; 18 19 import android.os.Handler; 20 import java.security.PrivateKey; 21 import java.security.cert.CertificateEncodingException; 22 import java.security.cert.X509Certificate; 23 import org.apache.harmony.xnet.provider.jsse.NativeCrypto; 24 25 /** 26 * ClientCertRequestHandler: class responsible for handling client 27 * certificate requests. This class is passed as a parameter to 28 * BrowserCallback.displayClientCertRequestDialog and is meant to 29 * receive the user's response. 30 * 31 * @hide 32 */ 33 public final class ClientCertRequestHandler extends Handler { 34 35 private final BrowserFrame mBrowserFrame; 36 private final int mHandle; 37 private final String mHostAndPort; 38 private final SslClientCertLookupTable mTable; 39 ClientCertRequestHandler(BrowserFrame browserFrame, 40 int handle, 41 String host_and_port, 42 SslClientCertLookupTable table) { 43 mBrowserFrame = browserFrame; 44 mHandle = handle; 45 mHostAndPort = host_and_port; 46 mTable = table; 47 } 48 49 /** 50 * Proceed with the specified private key and client certificate chain. 51 */ 52 public void proceed(PrivateKey privateKey, X509Certificate[] chain) { 53 final byte[] privateKeyBytes = privateKey.getEncoded(); 54 final byte[][] chainBytes; 55 try { 56 chainBytes = NativeCrypto.encodeCertificates(chain); 57 mTable.Allow(mHostAndPort, privateKeyBytes, chainBytes); 58 post(new Runnable() { 59 public void run() { 60 mBrowserFrame.nativeSslClientCert(mHandle, privateKeyBytes, chainBytes); 61 } 62 }); 63 } catch (CertificateEncodingException e) { 64 post(new Runnable() { 65 public void run() { 66 mBrowserFrame.nativeSslClientCert(mHandle, null, null); 67 return; 68 } 69 }); 70 } 71 } 72 73 /** 74 * Igore the request for now, the user may be prompted again. 75 */ 76 public void ignore() { 77 post(new Runnable() { 78 public void run() { 79 mBrowserFrame.nativeSslClientCert(mHandle, null, null); 80 } 81 }); 82 } 83 84 /** 85 * Cancel this request, remember the users negative choice. 86 */ 87 public void cancel() { 88 mTable.Deny(mHostAndPort); 89 post(new Runnable() { 90 public void run() { 91 mBrowserFrame.nativeSslClientCert(mHandle, null, null); 92 } 93 }); 94 } 95 } 96