OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 package org.chromium.net; | 5 package org.chromium.net; |
6 | 6 |
7 import android.util.Log; | 7 import android.util.Log; |
8 | 8 |
9 import java.lang.reflect.Method; | 9 import java.lang.reflect.Method; |
10 import java.security.NoSuchAlgorithmException; | 10 import java.security.NoSuchAlgorithmException; |
(...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
160 try { | 160 try { |
161 superClass = Class.forName( | 161 superClass = Class.forName( |
162 "org.apache.harmony.xnet.provider.jsse.OpenSSLRSAPrivateKey"
); | 162 "org.apache.harmony.xnet.provider.jsse.OpenSSLRSAPrivateKey"
); |
163 } catch (Exception e) { | 163 } catch (Exception e) { |
164 // This may happen if the target device has a completely different | 164 // This may happen if the target device has a completely different |
165 // implementation of the java.security APIs, compared to vanilla | 165 // implementation of the java.security APIs, compared to vanilla |
166 // Android. Highly unlikely, but still possible. | 166 // Android. Highly unlikely, but still possible. |
167 Log.e(TAG, "Cannot find system OpenSSLRSAPrivateKey class: " + e); | 167 Log.e(TAG, "Cannot find system OpenSSLRSAPrivateKey class: " + e); |
168 return 0; | 168 return 0; |
169 } | 169 } |
170 if (!superClass.isInstance(key)) { | 170 if (!superClass.isInstance(javaKey)) { |
171 // This may happen if the PrivateKey was not created by the "Android
OpenSSL" | 171 // This may happen if the PrivateKey was not created by the "Android
OpenSSL" |
172 // provider, which should be the default. That could happen if an OE
M decided | 172 // provider, which should be the default. That could happen if an OE
M decided |
173 // to implement a different default provider. Also highly unlikely. | 173 // to implement a different default provider. Also highly unlikely. |
174 Log.e(TAG, "Private key is not an OpenSSLRSAPrivateKey instance, its
class name is:" + | 174 Log.e(TAG, "Private key is not an OpenSSLRSAPrivateKey instance, its
class name is:" + |
175 javaKey.getClass().getCanonicalName()); | 175 javaKey.getClass().getCanonicalName()); |
176 return 0; | 176 return 0; |
177 } | 177 } |
178 | 178 |
179 try { | 179 try { |
180 // Use reflection to invoke the 'getOpenSSLKey()' method on | 180 // Use reflection to invoke the 'getOpenSSLKey()' method on |
181 // the private key. This returns another Java object that wraps | 181 // the private key. This returns another Java object that wraps |
182 // a native EVP_PKEY. Note that the method is final, so calling | 182 // a native EVP_PKEY. Note that the method is final, so calling |
183 // the superclass implementation is ok. | 183 // the superclass implementation is ok. |
184 Method getKey = superClass.getDeclaredMethod("getOpenSSLKey"); | 184 Method getKey = superClass.getDeclaredMethod("getOpenSSLKey"); |
185 getKey.setAccessible(true); | 185 getKey.setAccessible(true); |
186 Object opensslKey = null; | 186 Object opensslKey = null; |
187 try { | 187 try { |
188 opensslKey = getKey.invoke(javaKey); | 188 opensslKey = getKey.invoke(javaKey); |
189 } finally { | 189 } finally { |
190 getKey.setAccessible(false); | 190 getKey.setAccessible(false); |
191 } | 191 } |
192 if (opensslKey == null) { | 192 if (opensslKey == null) { |
193 // Bail when detecting OEM "enhancement". | 193 // Bail when detecting OEM "enhancement". |
194 Log.e(TAG, "getOpenSSLKey() returned null"); | 194 Log.e(TAG, "getOpenSSLKey() returned null"); |
195 return 0; | 195 return 0; |
196 } | 196 } |
197 | 197 |
198 // Use reflection to invoke the 'getPkeyContext' method on the | 198 // Use reflection to invoke the 'getPkeyContext' method on the |
199 // result of the getOpenSSLKey(). This is an 32-bit integer | 199 // result of the getOpenSSLKey(). This is an 32-bit integer |
200 // which is the address of an EVP_PKEY object. | 200 // which is the address of an EVP_PKEY object. Note that this |
| 201 // method these days returns a 64-bit long, but since this code |
| 202 // path is used for older Android versions, it may still return |
| 203 // a 32-bit int here. To be on the safe side, we cast the return |
| 204 // value via Number rather than directly to Integer or Long. |
201 Method getPkeyContext; | 205 Method getPkeyContext; |
202 try { | 206 try { |
203 getPkeyContext = opensslKey.getClass().getDeclaredMethod("getPke
yContext"); | 207 getPkeyContext = opensslKey.getClass().getDeclaredMethod("getPke
yContext"); |
204 } catch (Exception e) { | 208 } catch (Exception e) { |
205 // Bail here too, something really not working as expected. | 209 // Bail here too, something really not working as expected. |
206 Log.e(TAG, "No getPkeyContext() method on OpenSSLKey member:" +
e); | 210 Log.e(TAG, "No getPkeyContext() method on OpenSSLKey member:" +
e); |
207 return 0; | 211 return 0; |
208 } | 212 } |
209 getPkeyContext.setAccessible(true); | 213 getPkeyContext.setAccessible(true); |
210 long evp_pkey = 0; | 214 long evp_pkey = 0; |
211 try { | 215 try { |
212 evp_pkey = (Long) getPkeyContext.invoke(opensslKey); | 216 evp_pkey = ((Number) getPkeyContext.invoke(opensslKey)).longValu
e(); |
213 } finally { | 217 } finally { |
214 getPkeyContext.setAccessible(false); | 218 getPkeyContext.setAccessible(false); |
215 } | 219 } |
216 if (evp_pkey == 0) { | 220 if (evp_pkey == 0) { |
217 // The PrivateKey is probably rotten for some reason. | 221 // The PrivateKey is probably rotten for some reason. |
218 Log.e(TAG, "getPkeyContext() returned null"); | 222 Log.e(TAG, "getPkeyContext() returned null"); |
219 } | 223 } |
220 return evp_pkey; | 224 return evp_pkey; |
221 | 225 |
222 } catch (Exception e) { | 226 } catch (Exception e) { |
223 Log.e(TAG, "Exception while trying to retrieve system EVP_PKEY handl
e: " + e); | 227 Log.e(TAG, "Exception while trying to retrieve system EVP_PKEY handl
e: " + e); |
224 return 0; | 228 return 0; |
225 } | 229 } |
226 } | 230 } |
227 | 231 |
228 @Override | 232 @Override |
229 public void releaseKey(AndroidPrivateKey key) { | 233 public void releaseKey(AndroidPrivateKey key) { |
230 // no-op for in-process. GC will handle key collection | 234 // no-op for in-process. GC will handle key collection |
231 } | 235 } |
232 } | 236 } |
OLD | NEW |