| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "android_webview/native/aw_contents_client_bridge.h" | 5 #include "android_webview/native/aw_contents_client_bridge.h" |
| 6 | 6 |
| 7 #include "android_webview/common/devtools_instrumentation.h" | 7 #include "android_webview/common/devtools_instrumentation.h" |
| 8 #include "android_webview/native/aw_contents.h" | 8 #include "android_webview/native/aw_contents.h" |
| 9 #include "base/android/jni_android.h" | 9 #include "base/android/jni_android.h" |
| 10 #include "base/android/jni_array.h" | 10 #include "base/android/jni_array.h" |
| 11 #include "base/android/jni_string.h" | 11 #include "base/android/jni_string.h" |
| 12 #include "base/callback_helpers.h" | 12 #include "base/callback_helpers.h" |
| 13 #include "base/macros.h" | 13 #include "base/macros.h" |
| 14 #include "content/public/browser/browser_thread.h" | 14 #include "content/public/browser/browser_thread.h" |
| 15 #include "content/public/browser/client_certificate_delegate.h" | 15 #include "content/public/browser/client_certificate_delegate.h" |
| 16 #include "content/public/browser/render_process_host.h" | 16 #include "content/public/browser/render_process_host.h" |
| 17 #include "content/public/browser/render_view_host.h" | 17 #include "content/public/browser/render_view_host.h" |
| 18 #include "content/public/browser/web_contents.h" | 18 #include "content/public/browser/web_contents.h" |
| 19 #include "crypto/scoped_openssl_types.h" | 19 #include "crypto/scoped_openssl_types.h" |
| 20 #include "jni/AwContentsClientBridge_jni.h" | 20 #include "jni/AwContentsClientBridge_jni.h" |
| 21 #include "net/android/keystore_openssl.h" | 21 #include "net/android/keystore_openssl.h" |
| 22 #include "net/cert/x509_certificate.h" | 22 #include "net/cert/x509_certificate.h" |
| 23 #include "net/ssl/openssl_client_key_store.h" | |
| 24 #include "net/ssl/ssl_cert_request_info.h" | 23 #include "net/ssl/ssl_cert_request_info.h" |
| 25 #include "net/ssl/ssl_client_cert_type.h" | 24 #include "net/ssl/ssl_client_cert_type.h" |
| 25 #include "net/ssl/ssl_platform_key.h" |
| 26 #include "net/ssl/ssl_private_key.h" |
| 26 #include "url/gurl.h" | 27 #include "url/gurl.h" |
| 27 | 28 |
| 28 using base::android::AttachCurrentThread; | 29 using base::android::AttachCurrentThread; |
| 29 using base::android::ConvertJavaStringToUTF16; | 30 using base::android::ConvertJavaStringToUTF16; |
| 30 using base::android::ConvertUTF8ToJavaString; | 31 using base::android::ConvertUTF8ToJavaString; |
| 31 using base::android::ConvertUTF16ToJavaString; | 32 using base::android::ConvertUTF16ToJavaString; |
| 32 using base::android::JavaRef; | 33 using base::android::JavaRef; |
| 33 using base::android::ScopedJavaLocalRef; | 34 using base::android::ScopedJavaLocalRef; |
| 34 using content::BrowserThread; | 35 using content::BrowserThread; |
| 35 | 36 |
| 36 namespace android_webview { | 37 namespace android_webview { |
| 37 | 38 |
| 38 namespace { | |
| 39 | |
| 40 // Must be called on the I/O thread to record a client certificate | |
| 41 // and its private key in the OpenSSLClientKeyStore. | |
| 42 void RecordClientCertificateKey( | |
| 43 const scoped_refptr<net::X509Certificate>& client_cert, | |
| 44 crypto::ScopedEVP_PKEY private_key) { | |
| 45 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); | |
| 46 net::OpenSSLClientKeyStore::GetInstance()->RecordClientCertPrivateKey( | |
| 47 client_cert.get(), private_key.get()); | |
| 48 } | |
| 49 | |
| 50 } // namespace | |
| 51 | |
| 52 AwContentsClientBridge::AwContentsClientBridge(JNIEnv* env, jobject obj) | 39 AwContentsClientBridge::AwContentsClientBridge(JNIEnv* env, jobject obj) |
| 53 : java_ref_(env, obj) { | 40 : java_ref_(env, obj) { |
| 54 DCHECK(obj); | 41 DCHECK(obj); |
| 55 Java_AwContentsClientBridge_setNativeContentsClientBridge( | 42 Java_AwContentsClientBridge_setNativeContentsClientBridge( |
| 56 env, obj, reinterpret_cast<intptr_t>(this)); | 43 env, obj, reinterpret_cast<intptr_t>(this)); |
| 57 } | 44 } |
| 58 | 45 |
| 59 AwContentsClientBridge::~AwContentsClientBridge() { | 46 AwContentsClientBridge::~AwContentsClientBridge() { |
| 60 JNIEnv* env = AttachCurrentThread(); | 47 JNIEnv* env = AttachCurrentThread(); |
| 61 | 48 |
| (...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 203 const JavaRef<jobject>& private_key_ref) { | 190 const JavaRef<jobject>& private_key_ref) { |
| 204 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 191 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 205 | 192 |
| 206 content::ClientCertificateDelegate* delegate = | 193 content::ClientCertificateDelegate* delegate = |
| 207 pending_client_cert_request_delegates_.Lookup(request_id); | 194 pending_client_cert_request_delegates_.Lookup(request_id); |
| 208 DCHECK(delegate); | 195 DCHECK(delegate); |
| 209 | 196 |
| 210 if (encoded_chain_ref.is_null() || private_key_ref.is_null()) { | 197 if (encoded_chain_ref.is_null() || private_key_ref.is_null()) { |
| 211 LOG(ERROR) << "No client certificate selected"; | 198 LOG(ERROR) << "No client certificate selected"; |
| 212 pending_client_cert_request_delegates_.Remove(request_id); | 199 pending_client_cert_request_delegates_.Remove(request_id); |
| 213 delegate->ContinueWithCertificate(nullptr); | 200 delegate->ContinueWithCertificate(nullptr, nullptr); |
| 214 delete delegate; | 201 delete delegate; |
| 215 return; | 202 return; |
| 216 } | 203 } |
| 217 | 204 |
| 218 // Make sure callback is run on error. | 205 // Make sure callback is run on error. |
| 219 base::ScopedClosureRunner guard(base::Bind( | 206 base::ScopedClosureRunner guard(base::Bind( |
| 220 &AwContentsClientBridge::HandleErrorInClientCertificateResponse, | 207 &AwContentsClientBridge::HandleErrorInClientCertificateResponse, |
| 221 base::Unretained(this), | 208 base::Unretained(this), |
| 222 request_id)); | 209 request_id)); |
| 223 | 210 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 241 } | 228 } |
| 242 | 229 |
| 243 // Create an EVP_PKEY wrapper for the private key JNI reference. | 230 // Create an EVP_PKEY wrapper for the private key JNI reference. |
| 244 crypto::ScopedEVP_PKEY private_key( | 231 crypto::ScopedEVP_PKEY private_key( |
| 245 net::android::GetOpenSSLPrivateKeyWrapper(private_key_ref.obj())); | 232 net::android::GetOpenSSLPrivateKeyWrapper(private_key_ref.obj())); |
| 246 if (!private_key.get()) { | 233 if (!private_key.get()) { |
| 247 LOG(ERROR) << "Could not create OpenSSL wrapper for private key"; | 234 LOG(ERROR) << "Could not create OpenSSL wrapper for private key"; |
| 248 return; | 235 return; |
| 249 } | 236 } |
| 250 | 237 |
| 238 scoped_refptr<net::SSLPrivateKey> client_private_key = |
| 239 net::WrapOpenSSLPrivateKey(std::move(private_key)); |
| 240 |
| 251 // Release the guard and |pending_client_cert_request_delegates_| references | 241 // Release the guard and |pending_client_cert_request_delegates_| references |
| 252 // to |delegate|. | 242 // to |delegate|. |
| 253 pending_client_cert_request_delegates_.Remove(request_id); | 243 pending_client_cert_request_delegates_.Remove(request_id); |
| 254 ignore_result(guard.Release()); | 244 ignore_result(guard.Release()); |
| 255 | 245 |
| 256 // RecordClientCertificateKey() must be called on the I/O thread, | 246 // RecordClientCertificateKey() must be called on the I/O thread, |
| 257 // before the delegate is called with the selected certificate on | 247 // before the delegate is called with the selected certificate on |
| 258 // the UI thread. | 248 // the UI thread. |
| 259 content::BrowserThread::PostTaskAndReply( | 249 content::BrowserThread::PostTask( |
| 260 content::BrowserThread::IO, FROM_HERE, | 250 content::BrowserThread::IO, FROM_HERE, |
| 261 base::Bind(&RecordClientCertificateKey, client_cert, | |
| 262 base::Passed(&private_key)), | |
| 263 base::Bind(&content::ClientCertificateDelegate::ContinueWithCertificate, | 251 base::Bind(&content::ClientCertificateDelegate::ContinueWithCertificate, |
| 264 base::Owned(delegate), client_cert)); | 252 base::Owned(delegate), client_cert, client_private_key)); |
| 265 } | 253 } |
| 266 | 254 |
| 267 void AwContentsClientBridge::RunJavaScriptDialog( | 255 void AwContentsClientBridge::RunJavaScriptDialog( |
| 268 content::JavaScriptMessageType message_type, | 256 content::JavaScriptMessageType message_type, |
| 269 const GURL& origin_url, | 257 const GURL& origin_url, |
| 270 const base::string16& message_text, | 258 const base::string16& message_text, |
| 271 const base::string16& default_prompt_text, | 259 const base::string16& default_prompt_text, |
| 272 const content::JavaScriptDialogManager::DialogClosedCallback& callback) { | 260 const content::JavaScriptDialogManager::DialogClosedCallback& callback) { |
| 273 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 261 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 274 JNIEnv* env = AttachCurrentThread(); | 262 JNIEnv* env = AttachCurrentThread(); |
| (...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 397 pending_client_cert_request_delegates_.Remove(request_id); | 385 pending_client_cert_request_delegates_.Remove(request_id); |
| 398 | 386 |
| 399 delete delegate; | 387 delete delegate; |
| 400 } | 388 } |
| 401 | 389 |
| 402 bool RegisterAwContentsClientBridge(JNIEnv* env) { | 390 bool RegisterAwContentsClientBridge(JNIEnv* env) { |
| 403 return RegisterNativesImpl(env); | 391 return RegisterNativesImpl(env); |
| 404 } | 392 } |
| 405 | 393 |
| 406 } // namespace android_webview | 394 } // namespace android_webview |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1304143010:
Plumbing SSLPrivateKey
Base URL: https://chromium.googlesource.com/chromium/src.git@master