The key conversion algorithm for Token binding

BUG=576874

Convert the keys from native format to Java.

Review URL: https://codereview.chromium.org/1631123002

Cr-Commit-Position: refs/heads/master@{#371430}

1 files changed, 47 insertions, 4 deletions

diff --git a/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java b/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java
index 3f2f695..a622781 100644
--- a/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java
+++ b/android_webview/java/src/org/chromium/android_webview/AwTokenBindingManager.java
@@ -7,11 +7,27 @@ package org.chromium.android_webview;
 import android.net.Uri;
 import android.webkit.ValueCallback;
 
+import org.chromium.base.Log;
 import org.chromium.base.annotations.CalledByNative;
 import org.chromium.base.annotations.JNINamespace;
 
+import java.io.IOException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.KeyFactory;
 import java.security.KeyPair;
-import java.security.spec.AlgorithmParameterSpec;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.X509EncodedKeySpec;
+
+import javax.crypto.Cipher;
+import javax.crypto.EncryptedPrivateKeyInfo;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
 
 /**
  * AwTokenBindingManager manages the token binding protocol.
@@ -25,11 +41,16 @@ import java.security.spec.AlgorithmParameterSpec;
  */
 @JNINamespace("android_webview")
 public final class AwTokenBindingManager {
+    private static final String TAG = "TokenBindingManager";
+    private static final String PASSWORD = "";
+    private static final String ALGORITHM = "PBEWITHSHAAND3-KEYTRIPLEDES-CBC";
+    private static final String ELLIPTIC_CURVE = "EC";
+
     public void enableTokenBinding() {
         nativeEnableTokenBinding();
     }
 
-    public void getKey(Uri origin, AlgorithmParameterSpec[] spec, ValueCallback<KeyPair> callback) {
+    public void getKey(Uri origin, String[] spec, ValueCallback<KeyPair> callback) {
         if (callback == null) {
             throw new IllegalArgumentException("callback can't be null");
         }
@@ -50,8 +71,30 @@ public final class AwTokenBindingManager {
     }
 
     @CalledByNative
-    private static void onKeyReady(ValueCallback<KeyPair> callback) {
-        callback.onReceiveValue(null);
+    private static void onKeyReady(
+            ValueCallback<KeyPair> callback, byte[] privateKeyBytes, byte[] publicKeyBytes) {
+        if (privateKeyBytes == null || publicKeyBytes == null) {
+            callback.onReceiveValue(null);
+            return;
+        }
+        KeyPair keyPair = null;
+        try {
+            EncryptedPrivateKeyInfo epkInfo = new EncryptedPrivateKeyInfo(privateKeyBytes);
+            SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(ALGORITHM);
+            Key key = secretKeyFactory.generateSecret(new PBEKeySpec(PASSWORD.toCharArray()));
+            Cipher cipher = Cipher.getInstance(ALGORITHM);
+            cipher.init(Cipher.DECRYPT_MODE, key, epkInfo.getAlgParameters());
+            KeyFactory factory = KeyFactory.getInstance(ELLIPTIC_CURVE);
+            PrivateKey privateKey = factory.generatePrivate(epkInfo.getKeySpec(cipher));
+            PublicKey publicKey =
+                    factory.generatePublic(new X509EncodedKeySpec(publicKeyBytes));
+            keyPair = new KeyPair(publicKey, privateKey);
+        } catch (NoSuchAlgorithmException | InvalidKeySpecException | IOException
+                | NoSuchPaddingException | InvalidKeyException
+                | InvalidAlgorithmParameterException ex) {
+            Log.e(TAG, "Failed converting key ", ex);
+        }
+        callback.onReceiveValue(keyPair);
     }
 
     @CalledByNative