/** * Called by JNI when the Chromium HTTP stack gets an invalid certificate chain. * * <p>We delegate the request to CallbackProxy, and route its response to {@link * #nativeSslCertErrorProceed(int)} or {@link #nativeSslCertErrorCancel(int, int)}. */ private void reportSslCertError( final int handle, final int certError, byte certDER[], String url) { final SslError sslError; try { X509Certificate cert = new X509CertImpl(certDER); SslCertificate sslCert = new SslCertificate(cert); sslError = SslError.SslErrorFromChromiumErrorCode(certError, sslCert, url); } catch (IOException e) { // Can't get the certificate, not much to do. Log.e(LOGTAG, "Can't get the certificate from WebKit, canceling"); nativeSslCertErrorCancel(handle, certError); return; } if (SslCertLookupTable.getInstance().isAllowed(sslError)) { nativeSslCertErrorProceed(handle); mCallbackProxy.onProceededAfterSslError(sslError); return; } SslErrorHandler handler = new SslErrorHandler() { @Override public void proceed() { SslCertLookupTable.getInstance().setIsAllowed(sslError); nativeSslCertErrorProceed(handle); } @Override public void cancel() { nativeSslCertErrorCancel(handle, certError); } }; mCallbackProxy.onReceivedSslError(handler, sslError); }