1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/browser/ui/android/ssl_client_certificate_request.h" 6 7 #include "base/android/jni_array.h" 8 #include "base/android/jni_string.h" 9 #include "base/android/scoped_java_ref.h" 10 #include "base/bind.h" 11 #include "base/callback_helpers.h" 12 #include "base/compiler_specific.h" 13 #include "base/logging.h" 14 #include "chrome/browser/ssl/ssl_client_certificate_selector.h" 15 #include "content/public/browser/browser_thread.h" 16 #include "jni/SSLClientCertificateRequest_jni.h" 17 #include "net/android/keystore_openssl.h" 18 #include "net/base/host_port_pair.h" 19 #include "net/cert/x509_certificate.h" 20 #include "net/ssl/openssl_client_key_store.h" 21 #include "net/ssl/ssl_cert_request_info.h" 22 #include "net/ssl/ssl_client_cert_type.h" 23 24 namespace chrome { 25 26 namespace { 27 28 typedef net::OpenSSLClientKeyStore::ScopedEVP_PKEY ScopedEVP_PKEY; 29 30 // Must be called on the I/O thread to record a client certificate 31 // and its private key in the OpenSSLClientKeyStore. 32 void RecordClientCertificateKey( 33 const scoped_refptr<net::X509Certificate>& client_cert, 34 ScopedEVP_PKEY private_key) { 35 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); 36 net::OpenSSLClientKeyStore::GetInstance()->RecordClientCertPrivateKey( 37 client_cert.get(), private_key.get()); 38 } 39 40 void StartClientCertificateRequest( 41 const net::SSLCertRequestInfo* cert_request_info, 42 const chrome::SelectCertificateCallback& callback) { 43 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); 44 45 // Ensure that callback(NULL) is posted as a task on the UI thread 46 // in case of an error. 47 base::Closure post_task_closure = base::Bind( 48 base::IgnoreResult(&content::BrowserThread::PostTask), 49 content::BrowserThread::UI, 50 FROM_HERE, 51 base::Bind(callback, scoped_refptr<net::X509Certificate>())); 52 53 base::ScopedClosureRunner guard(post_task_closure); 54 55 // Build the |key_types| JNI parameter, as a String[] 56 std::vector<std::string> key_types; 57 for (size_t n = 0; n < cert_request_info->cert_key_types.size(); ++n) { 58 switch (cert_request_info->cert_key_types[n]) { 59 case net::CLIENT_CERT_RSA_SIGN: 60 key_types.push_back("RSA"); 61 break; 62 case net::CLIENT_CERT_DSS_SIGN: 63 key_types.push_back("DSA"); 64 break; 65 case net::CLIENT_CERT_ECDSA_SIGN: 66 key_types.push_back("ECDSA"); 67 break; 68 default: 69 // Ignore unknown types. 70 break; 71 } 72 } 73 74 JNIEnv* env = base::android::AttachCurrentThread(); 75 ScopedJavaLocalRef<jobjectArray> key_types_ref = 76 base::android::ToJavaArrayOfStrings(env, key_types); 77 if (key_types_ref.is_null()) { 78 LOG(ERROR) << "Could not create key types array (String[])"; 79 return; 80 } 81 82 // Build the |encoded_principals| JNI parameter, as a byte[][] 83 ScopedJavaLocalRef<jobjectArray> principals_ref = 84 base::android::ToJavaArrayOfByteArray( 85 env, cert_request_info->cert_authorities); 86 if (principals_ref.is_null()) { 87 LOG(ERROR) << "Could not create principals array (byte[][])"; 88 return; 89 } 90 91 // Build the |host_name| and |port| JNI parameters, as a String and 92 // a jint. 93 net::HostPortPair host_and_port = 94 net::HostPortPair::FromString(cert_request_info->host_and_port); 95 96 ScopedJavaLocalRef<jstring> host_name_ref = 97 base::android::ConvertUTF8ToJavaString(env, host_and_port.host()); 98 if (host_name_ref.is_null()) { 99 LOG(ERROR) << "Could not extract host name from: '" 100 << cert_request_info->host_and_port << "'"; 101 return; 102 } 103 104 // Create a copy of the callback on the heap so that its address 105 // and ownership can be passed through and returned from Java via JNI. 106 scoped_ptr<chrome::SelectCertificateCallback> request( 107 new chrome::SelectCertificateCallback(callback)); 108 109 jint request_id = reinterpret_cast<jint>(request.get()); 110 111 if (!chrome::android:: 112 Java_SSLClientCertificateRequest_selectClientCertificate( 113 env, request_id, key_types_ref.obj(), principals_ref.obj(), 114 host_name_ref.obj(), host_and_port.port())) { 115 return; 116 } 117 118 guard.Release(); 119 120 // Ownership was transferred to Java. 121 chrome::SelectCertificateCallback* ALLOW_UNUSED dummy = 122 request.release(); 123 } 124 125 } // namespace 126 127 namespace android { 128 129 // Called from JNI on request completion/result. 130 // |env| is the current thread's JNIEnv. 131 // |clazz| is the SSLClientCertificateRequest JNI class reference. 132 // |request_id| is the id passed to 133 // Java_SSLClientCertificateRequest_selectClientCertificate() in Start(). 134 // |encoded_chain_ref| is a JNI reference to a Java array of byte arrays, 135 // each item holding a DER-encoded X.509 certificate. 136 // |private_key_ref| is the platform PrivateKey object JNI reference for 137 // the client certificate. 138 // Note: both |encoded_chain_ref| and |private_key_ref| will be NULL if 139 // the user didn't select a certificate. 140 static void OnSystemRequestCompletion( 141 JNIEnv* env, 142 jclass clazz, 143 jint request_id, 144 jobjectArray encoded_chain_ref, 145 jobject private_key_ref) { 146 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); 147 148 // Take back ownership of the request object. 149 scoped_ptr<chrome::SelectCertificateCallback> callback( 150 reinterpret_cast<chrome::SelectCertificateCallback*>(request_id)); 151 152 // Ensure that callback(NULL) is called in case of an error. 153 base::Closure null_closure = 154 base::Bind(*callback, scoped_refptr<net::X509Certificate>()); 155 156 base::ScopedClosureRunner guard(null_closure); 157 158 if (encoded_chain_ref == NULL || private_key_ref == NULL) { 159 LOG(ERROR) << "Client certificate request cancelled"; 160 return; 161 } 162 163 // Convert the encoded chain to a vector of strings. 164 std::vector<std::string> encoded_chain_strings; 165 if (encoded_chain_ref) { 166 base::android::JavaArrayOfByteArrayToStringVector( 167 env, encoded_chain_ref, &encoded_chain_strings); 168 } 169 170 std::vector<base::StringPiece> encoded_chain; 171 for (size_t n = 0; n < encoded_chain_strings.size(); ++n) 172 encoded_chain.push_back(encoded_chain_strings[n]); 173 174 // Create the X509Certificate object from the encoded chain. 175 scoped_refptr<net::X509Certificate> client_cert( 176 net::X509Certificate::CreateFromDERCertChain(encoded_chain)); 177 if (!client_cert.get()) { 178 LOG(ERROR) << "Could not decode client certificate chain"; 179 return; 180 } 181 182 // Create an EVP_PKEY wrapper for the private key JNI reference. 183 ScopedEVP_PKEY private_key( 184 net::android::GetOpenSSLPrivateKeyWrapper(private_key_ref)); 185 if (!private_key.get()) { 186 LOG(ERROR) << "Could not create OpenSSL wrapper for private key"; 187 return; 188 } 189 190 guard.Release(); 191 192 // RecordClientCertificateKey() must be called on the I/O thread, 193 // before the callback is called with the selected certificate on 194 // the UI thread. 195 content::BrowserThread::PostTaskAndReply( 196 content::BrowserThread::IO, 197 FROM_HERE, 198 base::Bind(&RecordClientCertificateKey, 199 client_cert, 200 base::Passed(&private_key)), 201 base::Bind(*callback, client_cert)); 202 } 203 204 bool RegisterSSLClientCertificateRequestAndroid(JNIEnv* env) { 205 return RegisterNativesImpl(env); 206 } 207 208 } // namespace android 209 210 void ShowSSLClientCertificateSelector( 211 content::WebContents* contents, 212 const net::HttpNetworkSession* network_session, 213 net::SSLCertRequestInfo* cert_request_info, 214 const chrome::SelectCertificateCallback& callback) { 215 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); 216 StartClientCertificateRequest(cert_request_info, callback); 217 } 218 219 } // namespace chrome 220
