Home | History | Annotate | Download | only in webkit 
      1 /*
      2  * Copyright (C) 2011 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 package android.webkit;
     18 
     19 import android.os.Handler;
     20 import java.security.PrivateKey;
     21 import java.security.cert.CertificateEncodingException;
     22 import java.security.cert.X509Certificate;
     23 import org.apache.harmony.xnet.provider.jsse.NativeCrypto;
     24 
     25 /**
     26  * ClientCertRequestHandler: class responsible for handling client
     27  * certificate requests.  This class is passed as a parameter to
     28  * BrowserCallback.displayClientCertRequestDialog and is meant to
     29  * receive the user's response.
     30  *
     31  * @hide
     32  */
     33 public final class ClientCertRequestHandler extends Handler {
     34 
     35     private final BrowserFrame mBrowserFrame;
     36     private final int mHandle;
     37     private final String mHostAndPort;
     38     private final SslClientCertLookupTable mTable;
     39     ClientCertRequestHandler(BrowserFrame browserFrame,
     40                              int handle,
     41                              String host_and_port,
     42                              SslClientCertLookupTable table) {
     43         mBrowserFrame = browserFrame;
     44         mHandle = handle;
     45         mHostAndPort = host_and_port;
     46         mTable = table;
     47     }
     48 
     49     /**
     50      * Proceed with the specified private key and client certificate chain.
     51      */
     52     public void proceed(PrivateKey privateKey, X509Certificate[] chain) {
     53         final byte[] privateKeyBytes = privateKey.getEncoded();
     54         final byte[][] chainBytes;
     55         try {
     56             chainBytes = NativeCrypto.encodeCertificates(chain);
     57             mTable.Allow(mHostAndPort, privateKeyBytes, chainBytes);
     58             post(new Runnable() {
     59                     public void run() {
     60                         mBrowserFrame.nativeSslClientCert(mHandle, privateKeyBytes, chainBytes);
     61                     }
     62                 });
     63         } catch (CertificateEncodingException e) {
     64             post(new Runnable() {
     65                     public void run() {
     66                         mBrowserFrame.nativeSslClientCert(mHandle, null, null);
     67                         return;
     68                     }
     69                 });
     70         }
     71     }
     72 
     73     /**
     74      * Igore the request for now, the user may be prompted again.
     75      */
     76     public void ignore() {
     77         post(new Runnable() {
     78                 public void run() {
     79                     mBrowserFrame.nativeSslClientCert(mHandle, null, null);
     80                 }
     81             });
     82     }
     83 
     84     /**
     85      * Cancel this request, remember the users negative choice.
     86      */
     87     public void cancel() {
     88         mTable.Deny(mHostAndPort);
     89         post(new Runnable() {
     90                 public void run() {
     91                     mBrowserFrame.nativeSslClientCert(mHandle, null, null);
     92                 }
     93             });
     94     }
     95 }
     96