net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java - Issue 11260015: Fix Android cryptographic key pair storage.

Side by Side Diff: net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java

Issue 11260015: Fix Android cryptographic key pair storage. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master

Patch Set: Created 8 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 package org.chromium.net;	5 package org.chromium.net;

6	6

7 import android.content.ActivityNotFoundException;	7 import android.content.ActivityNotFoundException;

8 import android.content.Context;	8 import android.content.Context;

9 import android.content.Intent;	9 import android.content.Intent;

	10 import android.security.KeyChain;

10 import android.util.Log;	11 import android.util.Log;

11	12

12 import org.chromium.base.CalledByNative;	13 import org.chromium.base.CalledByNative;

13 import org.chromium.base.CalledByNativeUnchecked;	14 import org.chromium.base.CalledByNativeUnchecked;

14	15

15 import java.net.Inet6Address;	16 import java.net.Inet6Address;

16 import java.net.InetAddress;	17 import java.net.InetAddress;

17 import java.net.NetworkInterface;	18 import java.net.NetworkInterface;

18 import java.net.SocketException;	19 import java.net.SocketException;

19 import java.net.URLConnection;	20 import java.net.URLConnection;

20 import java.security.KeyStoreException;	21 import java.security.KeyStoreException;

21 import java.security.NoSuchAlgorithmException;	22 import java.security.NoSuchAlgorithmException;

22 import java.security.cert.CertificateException;	23 import java.security.cert.CertificateException;

23 import java.util.Enumeration;	24 import java.util.Enumeration;

24	25

25 /**	26 /**

26 * This class implements net utilities required by the net component.	27 * This class implements net utilities required by the net component.

27 */	28 */

28 class AndroidNetworkLibrary {	29 class AndroidNetworkLibrary {

29	30

30 private static final String TAG = AndroidNetworkLibrary.class.getName();	31 private static final String TAG = AndroidNetworkLibrary.class.getName();

31	32

32 /**	33 /**

33 * Stores the key pair into the CertInstaller application.	34 * Stores the key pair through the CertInstaller activity.

	35 * @param context: current activity context.
	joth 2012/10/24 19:40:28 question: I think native code normally passes over question: I think native code normally passes over the application not activity context? digit1 2012/10/25 14:34:32 That's correct, updated. That's correct, updated.
	36 * @param public_key: The public key bytes as DER-encoded SubjectPublicKeyIn fo (X.509)

	37 * @param private_key: The private key as DER-encoded PrivateKeyInfo (PKCS#8 ).

	38 * @return: true on success, false on failure.

	39 *

	40 * Note that failure means that the function could not launch the CertInstal ler

	41 * activity. Whether the keys are valid or properly installed will be indica ted

	42 * by the CertInstaller UI itself.

34 */	43 */

35 @CalledByNative	44 @CalledByNative

36 static public boolean storeKeyPair(Context context, byte[] public_key, byte[ ] private_key) {	45 static public boolean storeKeyPair(Context context,

37 // This is based on android.security.Credentials.install()	46 byte[] public_key,

38 // TODO(joth): Use KeyChain API instead of hard-coding constants here:	47 byte[] private_key) {
	joth 2012/10/24 19:40:28 nit: java style param wrap is double indent (not a nit: java style param wrap is double indent (not alighn with paren) and bunch up multiple params per line. digit1 2012/10/25 14:34:32 Done. Show quoted text On 2012/10/24 19:40:28, joth wrote: > nit: java style param wrap is double indent (not alighn with paren) and bunch up > multiple params per line. Done.
39 // http://crbug.com/124660	48 // TODO(digit): Use KeyChain official extra values to pass the public an d private

	49 // keys when they're available. The "KEY" and "PKEY" hard-coded constant s were taken

	50 // from the platform sources, since there are no official KeyChain.EXTRA _XXX definitions

	51 // for them. b/5859651

40 try {	52 try {

41 Intent intent = new Intent("android.credentials.INSTALL");	53 Intent intent = KeyChain.createInstallIntent();

42 intent.setClassName("com.android.certinstaller",	54 intent.putExtra("PKEY", private_key);

43 "com.android.certinstaller.CertInstallerMain");	55 intent.putExtra("KEY", public_key);

44 intent.putExtra("KEY", private_key);

45 intent.putExtra("PKEY", public_key);

46 intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);	56 intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);

47 context.startActivity(intent);	57 context.startActivity(intent);

48 return true;	58 return true;

49 } catch (ActivityNotFoundException e) {	59 } catch (ActivityNotFoundException e) {

50 Log.w(TAG, "could not store certificate: " + e);	60 Log.w(TAG, "could not store key pair: " + e);

51 }	61 }

52 return false;	62 return false;

53 }	63 }

54	64

55 /**	65 /**

56 * @return the mime type (if any) that is associated with the file	66 * @return the mime type (if any) that is associated with the file

57 * extension. Returns null if no corresponding mime type exists.	67 * extension. Returns null if no corresponding mime type exists.

58 */	68 */

59 @CalledByNative	69 @CalledByNative

60 static public String getMimeTypeFromExtension(String extension) {	70 static public String getMimeTypeFromExtension(String extension) {

(...skipping 90 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
151 * on error initializing the TrustManager or reading the	161 * on error initializing the TrustManager or reading the

152 * certChain	162 * certChain

153 */	163 */

154 @CalledByNativeUnchecked	164 @CalledByNativeUnchecked

155 public static boolean verifyServerCertificates(byte[][] certChain, String au thType)	165 public static boolean verifyServerCertificates(byte[][] certChain, String au thType)

156 throws CertificateException, KeyStoreException, NoSuchAlgorithmExcep tion {	166 throws CertificateException, KeyStoreException, NoSuchAlgorithmExcep tion {

157 return X509Util.verifyServerCertificates(certChain, authType);	167 return X509Util.verifyServerCertificates(certChain, authType);

158 }	168 }

159	169

160 }	170 }

OLD	NEW

« no previous file with comments | « no previous file | net/android/network_library.h » ('j') | net/base/openssl_private_key_store_android.cc » ('J')