/**
* Called by JNI when the Chromium HTTP stack gets an invalid certificate chain.
*
* <p>We delegate the request to CallbackProxy, and route its response to {@link
* #nativeSslCertErrorProceed(int)} or {@link #nativeSslCertErrorCancel(int, int)}.
*/
private void reportSslCertError(
final int handle, final int certError, byte certDER[], String url) {
final SslError sslError;
try {
X509Certificate cert = new X509CertImpl(certDER);
SslCertificate sslCert = new SslCertificate(cert);
sslError = SslError.SslErrorFromChromiumErrorCode(certError, sslCert, url);
} catch (IOException e) {
// Can't get the certificate, not much to do.
Log.e(LOGTAG, "Can't get the certificate from WebKit, canceling");
nativeSslCertErrorCancel(handle, certError);
return;
}
if (SslCertLookupTable.getInstance().isAllowed(sslError)) {
nativeSslCertErrorProceed(handle);
mCallbackProxy.onProceededAfterSslError(sslError);
return;
}
SslErrorHandler handler =
new SslErrorHandler() {
@Override
public void proceed() {
SslCertLookupTable.getInstance().setIsAllowed(sslError);
nativeSslCertErrorProceed(handle);
}
@Override
public void cancel() {
nativeSslCertErrorCancel(handle, certError);
}
};
mCallbackProxy.onReceivedSslError(handler, sslError);
}
