/** * Called by JNI when the native HTTPS stack gets a client certificate request. * * <p>We delegate the request to CallbackProxy, and route its response to {@link * #nativeSslClientCert(int, X509Certificate)}. */ private void requestClientCert(int handle, String hostAndPort) { SslClientCertLookupTable table = SslClientCertLookupTable.getInstance(); if (table.IsAllowed(hostAndPort)) { // previously allowed nativeSslClientCert( handle, table.PrivateKey(hostAndPort), table.CertificateChain(hostAndPort)); } else if (table.IsDenied(hostAndPort)) { // previously denied nativeSslClientCert(handle, null, null); } else { // previously ignored or new mCallbackProxy.onReceivedClientCertRequest( new ClientCertRequestHandler(this, handle, hostAndPort, table), hostAndPort); } }
/** Igore the request for now, the user may be prompted again. */ @DSGenerator( tool_name = "Doppelganger", tool_version = "2.0", generated_on = "2013-12-30 12:32:39.628 -0500", hash_original_method = "FA404A4E1A97322F22CB23ECA9545548", hash_generated_method = "3AADC2C31F442BC0C036CF279DEA7EC9") public void ignore() { mBrowserFrame.nativeSslClientCert(mHandle, null, null); }
/** Proceed with the specified private key and client certificate chain. */ @DSGenerator( tool_name = "Doppelganger", tool_version = "2.0", generated_on = "2013-12-30 12:32:39.625 -0500", hash_original_method = "FD9D9C54290793DEF25EE96780FA43D9", hash_generated_method = "0D823BB8817086852D9CC56BB148DF51") public void proceed(PrivateKey privateKey, X509Certificate[] chain) { byte[] privateKeyBytes = privateKey.getEncoded(); byte[][] chainBytes; try { chainBytes = NativeCrypto.encodeCertificates(chain); } catch (CertificateEncodingException e) { mBrowserFrame.nativeSslClientCert(mHandle, null, null); return; } mTable.Allow(mHostAndPort, privateKeyBytes, chainBytes); mBrowserFrame.nativeSslClientCert(mHandle, privateKeyBytes, chainBytes); }
/** Cancel this request, remember the users negative choice. */ @DSGenerator( tool_name = "Doppelganger", tool_version = "2.0", generated_on = "2013-12-30 12:32:39.630 -0500", hash_original_method = "E250E51CEC55FC558312A1D8553D2784", hash_generated_method = "16E4B6B0FCD735FE4AE16227A8A11C24") public void cancel() { mTable.Deny(mHostAndPort); mBrowserFrame.nativeSslClientCert(mHandle, null, null); }
/** * Called by JNI when the native HTTPS stack gets a client certificate request. * * <p>We delegate the request to CallbackProxy, and route its response to {@link * #nativeSslClientCert(int, X509Certificate)}. */ private void requestClientCert(int handle, String hostAndPort) { SslClientCertLookupTable table = SslClientCertLookupTable.getInstance(); if (table.IsAllowed(hostAndPort)) { // previously allowed PrivateKey pkey = table.PrivateKey(hostAndPort); if (pkey instanceof OpenSSLKeyHolder) { OpenSSLKey sslKey = ((OpenSSLKeyHolder) pkey).getOpenSSLKey(); nativeSslClientCert(handle, sslKey.getPkeyContext(), table.CertificateChain(hostAndPort)); } else { nativeSslClientCert(handle, pkey.getEncoded(), table.CertificateChain(hostAndPort)); } } else if (table.IsDenied(hostAndPort)) { // previously denied nativeSslClientCert(handle, 0, null); } else { // previously ignored or new mCallbackProxy.onReceivedClientCertRequest( new ClientCertRequestHandler(this, handle, hostAndPort, table), hostAndPort); } }