diff options
author | sgurun <sgurun@chromium.org> | 2016-01-25 18:39:04 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-01-26 02:41:02 +0000 |
commit | 0905e04fc78ee84151ef48171d275ae61adc040f (patch) | |
tree | dd17bec671ba2ff881d8ffffab97225171d52908 /android_webview/java/src/org | |
parent | 5383b5d07fb0e418f13907874d801662e9668733 (diff) | |
download | chromium_src-0905e04fc78ee84151ef48171d275ae61adc040f.zip chromium_src-0905e04fc78ee84151ef48171d275ae61adc040f.tar.gz chromium_src-0905e04fc78ee84151ef48171d275ae61adc040f.tar.bz2 |
The key conversion algorithm for Token binding
BUG=576874
Convert the keys from native format to Java.
Review URL: https://codereview.chromium.org/1631123002
Cr-Commit-Position: refs/heads/master@{#371430}
Diffstat (limited to 'android_webview/java/src/org')
-rw-r--r-- | android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java | 51 |
1 files changed, 47 insertions, 4 deletions
diff --git a/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java b/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java index 3f2f695..a622781 100644 --- a/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java +++ b/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java @@ -7,11 +7,27 @@ package org.chromium.android_webview; import android.net.Uri; import android.webkit.ValueCallback; +import org.chromium.base.Log; import org.chromium.base.annotations.CalledByNative; import org.chromium.base.annotations.JNINamespace; +import java.io.IOException; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.KeyFactory; import java.security.KeyPair; -import java.security.spec.AlgorithmParameterSpec; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.X509EncodedKeySpec; + +import javax.crypto.Cipher; +import javax.crypto.EncryptedPrivateKeyInfo; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; /** * AwTokenBindingManager manages the token binding protocol. @@ -25,11 +41,16 @@ import java.security.spec.AlgorithmParameterSpec; */ @JNINamespace("android_webview") public final class AwTokenBindingManager { + private static final String TAG = "TokenBindingManager"; + private static final String PASSWORD = ""; + private static final String ALGORITHM = "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"; + private static final String ELLIPTIC_CURVE = "EC"; + public void enableTokenBinding() { nativeEnableTokenBinding(); } - public void getKey(Uri origin, AlgorithmParameterSpec[] spec, ValueCallback<KeyPair> callback) { + public void getKey(Uri origin, String[] spec, ValueCallback<KeyPair> callback) { if (callback == null) { throw new IllegalArgumentException("callback can't be null"); } @@ -50,8 +71,30 @@ public final class AwTokenBindingManager { } @CalledByNative - private static void onKeyReady(ValueCallback<KeyPair> callback) { - callback.onReceiveValue(null); + private static void onKeyReady( + ValueCallback<KeyPair> callback, byte[] privateKeyBytes, byte[] publicKeyBytes) { + if (privateKeyBytes == null || publicKeyBytes == null) { + callback.onReceiveValue(null); + return; + } + KeyPair keyPair = null; + try { + EncryptedPrivateKeyInfo epkInfo = new EncryptedPrivateKeyInfo(privateKeyBytes); + SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(ALGORITHM); + Key key = secretKeyFactory.generateSecret(new PBEKeySpec(PASSWORD.toCharArray())); + Cipher cipher = Cipher.getInstance(ALGORITHM); + cipher.init(Cipher.DECRYPT_MODE, key, epkInfo.getAlgParameters()); + KeyFactory factory = KeyFactory.getInstance(ELLIPTIC_CURVE); + PrivateKey privateKey = factory.generatePrivate(epkInfo.getKeySpec(cipher)); + PublicKey publicKey = + factory.generatePublic(new X509EncodedKeySpec(publicKeyBytes)); + keyPair = new KeyPair(publicKey, privateKey); + } catch (NoSuchAlgorithmException | InvalidKeySpecException | IOException + | NoSuchPaddingException | InvalidKeyException + | InvalidAlgorithmParameterException ex) { + Log.e(TAG, "Failed converting key ", ex); + } + callback.onReceiveValue(keyPair); } @CalledByNative |