Chromium Code Reviews Chromium Code Reviews
Issue 1631123002:
The key conversion algorithm for Token binding (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java |
| diff --git a/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java b/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java |
| index 3f2f6955739da68c98305628391f7a7ebb82c823..c26d3b31b887851c5f8c1d45b6c4915ac0be5a2e 100644 |
| --- a/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java |
| +++ b/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java |
| @@ -7,11 +7,27 @@ package org.chromium.android_webview; |
| import android.net.Uri; |
| import android.webkit.ValueCallback; |
| +import org.chromium.base.Log; |
| import org.chromium.base.annotations.CalledByNative; |
| import org.chromium.base.annotations.JNINamespace; |
| +import java.io.IOException; |
| +import java.security.InvalidAlgorithmParameterException; |
| +import java.security.InvalidKeyException; |
| +import java.security.Key; |
| +import java.security.KeyFactory; |
| import java.security.KeyPair; |
| -import java.security.spec.AlgorithmParameterSpec; |
| +import java.security.NoSuchAlgorithmException; |
| +import java.security.PrivateKey; |
| +import java.security.PublicKey; |
| +import java.security.spec.InvalidKeySpecException; |
| +import java.security.spec.X509EncodedKeySpec; |
| + |
| +import javax.crypto.Cipher; |
| +import javax.crypto.EncryptedPrivateKeyInfo; |
| +import javax.crypto.NoSuchPaddingException; |
| +import javax.crypto.SecretKeyFactory; |
| +import javax.crypto.spec.PBEKeySpec; |
| /** |
| * AwTokenBindingManager manages the token binding protocol. |
| @@ -25,11 +41,14 @@ import java.security.spec.AlgorithmParameterSpec; |
| */ |
| @JNINamespace("android_webview") |
| public final class AwTokenBindingManager { |
| + private static final String TAG = "TokenBindingManager"; |
| + private static final String PASSWORD = ""; |
|
boliu
2016/01/26 01:50:19
not used?
boliu
2016/01/26 01:51:22
Err, never mind, line wrap at 80 :( shame
|
| + |
| public void enableTokenBinding() { |
| nativeEnableTokenBinding(); |
| } |
| - public void getKey(Uri origin, AlgorithmParameterSpec[] spec, ValueCallback<KeyPair> callback) { |
| + public void getKey(Uri origin, String[] spec, ValueCallback<KeyPair> callback) { |
| if (callback == null) { |
| throw new IllegalArgumentException("callback can't be null"); |
| } |
| @@ -50,8 +69,30 @@ public final class AwTokenBindingManager { |
| } |
| @CalledByNative |
| - private static void onKeyReady(ValueCallback<KeyPair> callback) { |
| - callback.onReceiveValue(null); |
| + private static void onKeyReady( |
| + ValueCallback<KeyPair> callback, byte[] privateKeyBytes, byte[] publicKeyBytes) { |
| + KeyPair keyPair = null; |
| + if (privateKeyBytes != null && publicKeyBytes != null) { |
|
mnaganov (inactive)
2016/01/26 01:37:02
I think it makes sense to make an early return her
sgurun-gerrit only
2016/01/26 01:57:03
Done.
|
| + try { |
| + String algorithm = "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"; |
|
mnaganov (inactive)
2016/01/26 01:37:02
Should this be a static constant in the class?
sgurun-gerrit only
2016/01/26 01:57:03
Done.
|
| + EncryptedPrivateKeyInfo epkInfo = new EncryptedPrivateKeyInfo(privateKeyBytes); |
| + SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(algorithm); |
| + Key key = secretKeyFactory.generateSecret(new PBEKeySpec(PASSWORD.toCharArray())); |
| + Cipher cipher = Cipher.getInstance(algorithm); |
| + cipher.init(Cipher.DECRYPT_MODE, key, epkInfo.getAlgParameters()); |
| + |
| + KeyFactory factory = KeyFactory.getInstance("EC"); |
|
mnaganov (inactive)
2016/01/26 01:37:02
It's not clear what "EC" is. I recommend making th
sgurun-gerrit only
2016/01/26 01:57:03
Done.
|
| + PrivateKey privateKey = factory.generatePrivate(epkInfo.getKeySpec(cipher)); |
| + PublicKey publicKey = |
| + factory.generatePublic(new X509EncodedKeySpec(publicKeyBytes)); |
| + keyPair = new KeyPair(publicKey, privateKey); |
| + } catch (NoSuchAlgorithmException | InvalidKeySpecException | IOException |
| + | NoSuchPaddingException | InvalidKeyException |
| + | InvalidAlgorithmParameterException ex) { |
| + Log.e(TAG, "Failed converting key " + ex); |
|
mnaganov (inactive)
2016/01/26 01:37:02
"ex" should be the third argument.
sgurun-gerrit only
2016/01/26 01:57:03
Done.
|
| + } |
| + } |
| + callback.onReceiveValue(keyPair); |
| } |
| @CalledByNative |
