/**
* Called by JNI when the native HTTPS stack gets a client certificate request.
*
* <p>We delegate the request to CallbackProxy, and route its response to {@link
* #nativeSslClientCert(int, X509Certificate)}.
*/
private void requestClientCert(int handle, String hostAndPort) {
SslClientCertLookupTable table = SslClientCertLookupTable.getInstance();
if (table.IsAllowed(hostAndPort)) {
// previously allowed
nativeSslClientCert(
handle, table.PrivateKey(hostAndPort), table.CertificateChain(hostAndPort));
} else if (table.IsDenied(hostAndPort)) {
// previously denied
nativeSslClientCert(handle, null, null);
} else {
// previously ignored or new
mCallbackProxy.onReceivedClientCertRequest(
new ClientCertRequestHandler(this, handle, hostAndPort, table), hostAndPort);
}
}
/** Igore the request for now, the user may be prompted again. */
@DSGenerator(
tool_name = "Doppelganger",
tool_version = "2.0",
generated_on = "2013-12-30 12:32:39.628 -0500",
hash_original_method = "FA404A4E1A97322F22CB23ECA9545548",
hash_generated_method = "3AADC2C31F442BC0C036CF279DEA7EC9")
public void ignore() {
mBrowserFrame.nativeSslClientCert(mHandle, null, null);
}
/** Proceed with the specified private key and client certificate chain. */
@DSGenerator(
tool_name = "Doppelganger",
tool_version = "2.0",
generated_on = "2013-12-30 12:32:39.625 -0500",
hash_original_method = "FD9D9C54290793DEF25EE96780FA43D9",
hash_generated_method = "0D823BB8817086852D9CC56BB148DF51")
public void proceed(PrivateKey privateKey, X509Certificate[] chain) {
byte[] privateKeyBytes = privateKey.getEncoded();
byte[][] chainBytes;
try {
chainBytes = NativeCrypto.encodeCertificates(chain);
} catch (CertificateEncodingException e) {
mBrowserFrame.nativeSslClientCert(mHandle, null, null);
return;
}
mTable.Allow(mHostAndPort, privateKeyBytes, chainBytes);
mBrowserFrame.nativeSslClientCert(mHandle, privateKeyBytes, chainBytes);
}
/** Cancel this request, remember the users negative choice. */
@DSGenerator(
tool_name = "Doppelganger",
tool_version = "2.0",
generated_on = "2013-12-30 12:32:39.630 -0500",
hash_original_method = "E250E51CEC55FC558312A1D8553D2784",
hash_generated_method = "16E4B6B0FCD735FE4AE16227A8A11C24")
public void cancel() {
mTable.Deny(mHostAndPort);
mBrowserFrame.nativeSslClientCert(mHandle, null, null);
}
/**
* Called by JNI when the native HTTPS stack gets a client certificate request.
*
* <p>We delegate the request to CallbackProxy, and route its response to {@link
* #nativeSslClientCert(int, X509Certificate)}.
*/
private void requestClientCert(int handle, String hostAndPort) {
SslClientCertLookupTable table = SslClientCertLookupTable.getInstance();
if (table.IsAllowed(hostAndPort)) {
// previously allowed
PrivateKey pkey = table.PrivateKey(hostAndPort);
if (pkey instanceof OpenSSLKeyHolder) {
OpenSSLKey sslKey = ((OpenSSLKeyHolder) pkey).getOpenSSLKey();
nativeSslClientCert(handle, sslKey.getPkeyContext(), table.CertificateChain(hostAndPort));
} else {
nativeSslClientCert(handle, pkey.getEncoded(), table.CertificateChain(hostAndPort));
}
} else if (table.IsDenied(hostAndPort)) {
// previously denied
nativeSslClientCert(handle, 0, null);
} else {
// previously ignored or new
mCallbackProxy.onReceivedClientCertRequest(
new ClientCertRequestHandler(this, handle, hostAndPort, table), hostAndPort);
}
}
