Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge change 25706 into eclair

Browse Source 
* changes:
  WebKit: switch to java-based CertTool.
This commit is contained in:
Android (Google) Code Review
2009-09-18 00:45:09 -04:00
parent f0580b980b 41d8565e81
commit 794d36c6c6
4 changed files with 102 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/java/android/webkit/BrowserFrame.java
View File

@@ -103,7 +103,7 @@ class BrowserFrame extends Handler {
// Create a global JWebCoreJavaBridge to handle timers and
// cookies in the WebCore thread.
if (sJavaBridge == null) {
sJavaBridge = new JWebCoreJavaBridge();
sJavaBridge = new JWebCoreJavaBridge(context);
// set WebCore native cache size
sJavaBridge.setCacheSize(4 * 1024 * 1024);
// initialize CacheManager

68
core/java/android/webkit/CertTool.java Normal file
View File

@@ -0,0 +1,68 @@
/*
* Copyright (C) 2009 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.webkit;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.jce.netscape.NetscapeCertRequest;
import org.bouncycastle.util.encoders.Base64;
import android.content.ActivityNotFoundException;
import android.content.Context;
import android.content.Intent;
import android.security.Credentials;
import android.util.Log;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
class CertTool {
private static final String LOGTAG = "CertTool";
private static final AlgorithmIdentifier MD5_WITH_RSA =
new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption);
static final String[] KEY_STRENGTH_LIST = {"High Grade", "Medium Grade"};
static final String CERT = Credentials.CERTIFICATE;
static final String PKCS12 = Credentials.PKCS12;
static String getSignedPublicKey(Context context, int index, String challenge) {
try {
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
generator.initialize((index == 0) ? 2048 : 1024);
KeyPair pair = generator.genKeyPair();
NetscapeCertRequest request = new NetscapeCertRequest(challenge,
MD5_WITH_RSA, pair.getPublic());
request.sign(pair.getPrivate());
byte[] signed = request.toASN1Object().getDEREncoded();
Credentials.getInstance().install(context, pair);
return new String(Base64.encode(signed));
} catch (Exception e) {
Log.w(LOGTAG, e);
}
return null;
}
static void addCertificate(Context context, String type, byte[] value) {
Credentials.getInstance().install(context, type, value);
}
private CertTool() {}
}

11
core/java/android/webkit/JWebCoreJavaBridge.java
View File

@@ -16,9 +16,9 @@
package android.webkit;
import android.content.Context;
import android.os.Handler;
import android.os.Message;
import android.security.CertTool;
import android.util.Log;
final class JWebCoreJavaBridge extends Handler {
@@ -41,6 +41,8 @@ final class JWebCoreJavaBridge extends Handler {
private boolean mTimerPaused;
private boolean mHasDeferredTimers;
private Context mContext;
/* package */
static final int REFRESH_PLUGINS = 100;
@@ -48,7 +50,8 @@ final class JWebCoreJavaBridge extends Handler {
* Construct a new JWebCoreJavaBridge to interface with
* WebCore timers and cookies.
*/
public JWebCoreJavaBridge() {
public JWebCoreJavaBridge(Context context) {
mContext = context;
nativeConstructor();
}
@@ -230,12 +233,12 @@ final class JWebCoreJavaBridge extends Handler {
}
private String[] getKeyStrengthList() {
return CertTool.getInstance().getSupportedKeyStrenghs();
return CertTool.KEY_STRENGTH_LIST;
}
private String getSignedPublicKey(int index, String challenge, String url) {
// generateKeyPair expects organizations which we don't have. Ignore url.
return CertTool.getInstance().generateKeyPair(index, challenge, null);
return CertTool.getSignedPublicKey(mContext, index, challenge);
}
private native void nativeConstructor();

52
core/java/android/webkit/LoadListener.java
View File

@@ -28,7 +28,6 @@ import android.net.http.SslError;
import android.os.Handler;
import android.os.Message;
import android.security.CertTool;
import android.util.Log;
import android.webkit.CacheManager.CacheResult;
@@ -37,7 +36,6 @@ import com.android.internal.R;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Vector;
import java.util.regex.Pattern;
@@ -70,12 +68,12 @@ class LoadListener extends Handler implements EventHandler {
private static final int HTTP_NOT_FOUND = 404;
private static final int HTTP_PROXY_AUTH = 407;
private static HashSet<String> sCertificateMimeTypeMap;
private static HashMap<String, String> sCertificateTypeMap;
static {
sCertificateMimeTypeMap = new HashSet<String>();
sCertificateMimeTypeMap.add("application/x-x509-ca-cert");
sCertificateMimeTypeMap.add("application/x-x509-user-cert");
sCertificateMimeTypeMap.add("application/x-pkcs12");
sCertificateTypeMap = new HashMap<String, String>();
sCertificateTypeMap.put("application/x-x509-ca-cert", CertTool.CERT);
sCertificateTypeMap.put("application/x-x509-user-cert", CertTool.CERT);
sCertificateTypeMap.put("application/x-pkcs12", CertTool.PKCS12);
}
private static int sNativeLoaderCount;
@@ -964,9 +962,9 @@ class LoadListener extends Handler implements EventHandler {
// This commits the headers without checking the response status code.
private void commitHeaders() {
if (mIsMainPageLoader && sCertificateMimeTypeMap.contains(mMimeType)) {
if (mIsMainPageLoader && sCertificateTypeMap.containsKey(mMimeType)) {
// In the case of downloading certificate, we will save it to the
// Keystore in commitLoad. Do not call webcore.
// KeyStore in commitLoad. Do not call webcore.
return;
}
@@ -1009,26 +1007,28 @@ class LoadListener extends Handler implements EventHandler {
private void commitLoad() {
if (mCancelled) return;
if (mIsMainPageLoader && sCertificateMimeTypeMap.contains(mMimeType)) {
// In the case of downloading certificate, we will save it to the
// Keystore and stop the current loading so that it will not
// generate a new history page
byte[] cert = new byte[mDataBuilder.getByteSize()];
int position = 0;
ByteArrayBuilder.Chunk c;
while (true) {
c = mDataBuilder.getFirstChunk();
if (c == null) break;
if (mIsMainPageLoader) {
String type = sCertificateTypeMap.get(mMimeType);
if (type != null) {
// In the case of downloading certificate, we will save it to
// the KeyStore and stop the current loading so that it will not
// generate a new history page
byte[] cert = new byte[mDataBuilder.getByteSize()];
int offset = 0;
while (true) {
ByteArrayBuilder.Chunk c = mDataBuilder.getFirstChunk();
if (c == null) break;
if (c.mLength != 0) {
System.arraycopy(c.mArray, 0, cert, position, c.mLength);
position += c.mLength;
if (c.mLength != 0) {
System.arraycopy(c.mArray, 0, cert, offset, c.mLength);
offset += c.mLength;
}
mDataBuilder.releaseChunk(c);
}
mDataBuilder.releaseChunk(c);
CertTool.addCertificate(mContext, type, cert);
mBrowserFrame.stopLoading();
return;
}
CertTool.getInstance().addCertificate(cert, mContext);
mBrowserFrame.stopLoading();
return;
}
// Give the data to WebKit now