diff options
author | changwan <changwan@chromium.org> | 2015-12-01 22:44:01 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-12-02 06:45:01 +0000 |
commit | e04b8f5353ab621c48b90bb46fee24fd0c0f4a29 (patch) | |
tree | 6d80b323584175f5a13cb2218d2ee0e97687ab35 /android_webview/java | |
parent | 59ad222308710efe119bfcadd7d07868efd351be (diff) | |
download | chromium_src-e04b8f5353ab621c48b90bb46fee24fd0c0f4a29.zip chromium_src-e04b8f5353ab621c48b90bb46fee24fd0c0f4a29.tar.gz chromium_src-e04b8f5353ab621c48b90bb46fee24fd0c0f4a29.tar.bz2 |
Remove Android support for out-of-process KeyStores
Support for out-of-process KeyStores was added to Chrome for Android
builds to support certain OEM-specific functionality. It worked by binding
to a service that implemented the RemoteAndroidKeyStoreInterface, and
using that for private key operations, rather than the default in-process
KeyStore.
However, support for this functionality in Chrome is being retired;
device manufacturers wishing to offer this functionality to Chrome
users can simply fall back to the default KeyStore implementation.
As such, remove the code and service descriptors; only local,
in-process KeyStores will be supported.
BUG=560614
Review URL: https://codereview.chromium.org/1474603004
Cr-Commit-Position: refs/heads/master@{#362649}
Diffstat (limited to 'android_webview/java')
4 files changed, 18 insertions, 37 deletions
diff --git a/android_webview/java/src/org/chromium/android_webview/AwBrowserContext.java b/android_webview/java/src/org/chromium/android_webview/AwBrowserContext.java index 9925882..244dfed 100644 --- a/android_webview/java/src/org/chromium/android_webview/AwBrowserContext.java +++ b/android_webview/java/src/org/chromium/android_webview/AwBrowserContext.java @@ -8,7 +8,6 @@ import android.content.Context; import android.content.SharedPreferences; import org.chromium.content.browser.ContentViewStatics; -import org.chromium.net.DefaultAndroidKeyStore; /** * Java side of the Browser Context: contains all the java side objects needed to host one @@ -20,12 +19,11 @@ import org.chromium.net.DefaultAndroidKeyStore; public class AwBrowserContext { private static final String HTTP_AUTH_DATABASE_FILE = "http_auth.db"; - private SharedPreferences mSharedPreferences; + private final SharedPreferences mSharedPreferences; private AwGeolocationPermissions mGeolocationPermissions; private AwFormDatabase mFormDatabase; private HttpAuthDatabase mHttpAuthDatabase; - private DefaultAndroidKeyStore mLocalKeyStore; private AwMessagePortService mMessagePortService; public AwBrowserContext(SharedPreferences sharedPreferences, Context applicationContext) { @@ -53,13 +51,6 @@ public class AwBrowserContext { return mHttpAuthDatabase; } - public DefaultAndroidKeyStore getKeyStore() { - if (mLocalKeyStore == null) { - mLocalKeyStore = new DefaultAndroidKeyStore(); - } - return mLocalKeyStore; - } - public AwMessagePortService getMessagePortService() { if (mMessagePortService == null) { mMessagePortService = new AwMessagePortService(); diff --git a/android_webview/java/src/org/chromium/android_webview/AwContents.java b/android_webview/java/src/org/chromium/android_webview/AwContents.java index fb2391a..ca80b7e 100644 --- a/android_webview/java/src/org/chromium/android_webview/AwContents.java +++ b/android_webview/java/src/org/chromium/android_webview/AwContents.java @@ -710,7 +710,7 @@ public class AwContents implements SmartClipProvider, mWebContentsDelegate = new AwWebContentsDelegateAdapter( this, contentsClient, mContentViewClient, mContext, mContainerView); mContentsClientBridge = new AwContentsClientBridge(mContext, contentsClient, - mBrowserContext.getKeyStore(), AwContentsStatics.getClientCertLookupTable()); + AwContentsStatics.getClientCertLookupTable()); mZoomControls = new AwZoomControls(this); mBackgroundThreadClient = new BackgroundThreadClientImpl(); mIoThreadClient = new IoThreadClientImpl(); diff --git a/android_webview/java/src/org/chromium/android_webview/AwContentsClientBridge.java b/android_webview/java/src/org/chromium/android_webview/AwContentsClientBridge.java index c1b03a1..efca3d0 100644 --- a/android_webview/java/src/org/chromium/android_webview/AwContentsClientBridge.java +++ b/android_webview/java/src/org/chromium/android_webview/AwContentsClientBridge.java @@ -13,8 +13,6 @@ import android.webkit.ValueCallback; import org.chromium.base.ThreadUtils; import org.chromium.base.annotations.CalledByNative; import org.chromium.base.annotations.JNINamespace; -import org.chromium.net.AndroidPrivateKey; -import org.chromium.net.DefaultAndroidKeyStore; import java.security.Principal; import java.security.PrivateKey; @@ -39,23 +37,18 @@ public class AwContentsClientBridge { // The native peer of this object. private long mNativeContentsClientBridge; - private DefaultAndroidKeyStore mLocalKeyStore; - - private ClientCertLookupTable mLookupTable; + private final ClientCertLookupTable mLookupTable; // Used for mocking this class in tests. - protected AwContentsClientBridge(DefaultAndroidKeyStore keyStore, - ClientCertLookupTable table) { - mLocalKeyStore = keyStore; + protected AwContentsClientBridge(ClientCertLookupTable table) { mLookupTable = table; } public AwContentsClientBridge(Context context, AwContentsClient client, - DefaultAndroidKeyStore keyStore, ClientCertLookupTable table) { + ClientCertLookupTable table) { assert client != null; mContext = context; mClient = client; - mLocalKeyStore = keyStore; mLookupTable = table; } @@ -67,9 +60,9 @@ public class AwContentsClientBridge { */ public class ClientCertificateRequestCallback { - private int mId; - private String mHost; - private int mPort; + private final int mId; + private final String mHost; + private final int mPort; private boolean mIsCalled; public ClientCertificateRequestCallback(int id, String host, int port) { @@ -109,9 +102,7 @@ public class AwContentsClientBridge { private void proceedOnUiThread(PrivateKey privateKey, X509Certificate[] chain) { checkIfCalled(); - AndroidPrivateKey key = mLocalKeyStore.createKey(privateKey); - - if (key == null || chain == null || chain.length == 0) { + if (privateKey == null || chain == null || chain.length == 0) { Log.w(TAG, "Empty client certificate chain?"); provideResponse(null, null); return; @@ -127,8 +118,8 @@ public class AwContentsClientBridge { provideResponse(null, null); return; } - mLookupTable.allow(mHost, mPort, key, encodedChain); - provideResponse(key, encodedChain); + mLookupTable.allow(mHost, mPort, privateKey, encodedChain); + provideResponse(privateKey, encodedChain); } private void ignoreOnUiThread() { @@ -149,10 +140,10 @@ public class AwContentsClientBridge { mIsCalled = true; } - private void provideResponse(AndroidPrivateKey androidKey, byte[][] certChain) { + private void provideResponse(PrivateKey privateKey, byte[][] certChain) { if (mNativeContentsClientBridge == 0) return; nativeProvideClientCertificateResponse(mNativeContentsClientBridge, mId, - certChain, androidKey); + certChain, privateKey); } } @@ -275,7 +266,7 @@ public class AwContentsClientBridge { private native void nativeProceedSslError(long nativeAwContentsClientBridge, boolean proceed, int id); private native void nativeProvideClientCertificateResponse(long nativeAwContentsClientBridge, - int id, byte[][] certChain, AndroidPrivateKey androidKey); + int id, byte[][] certChain, PrivateKey androidKey); private native void nativeConfirmJsResult(long nativeAwContentsClientBridge, int id, String prompt); diff --git a/android_webview/java/src/org/chromium/android_webview/ClientCertLookupTable.java b/android_webview/java/src/org/chromium/android_webview/ClientCertLookupTable.java index 88e6ed1..388f19d 100644 --- a/android_webview/java/src/org/chromium/android_webview/ClientCertLookupTable.java +++ b/android_webview/java/src/org/chromium/android_webview/ClientCertLookupTable.java @@ -4,8 +4,7 @@ package org.chromium.android_webview; -import org.chromium.net.AndroidPrivateKey; - +import java.security.PrivateKey; import java.util.Arrays; import java.util.HashMap; import java.util.HashSet; @@ -22,9 +21,9 @@ public class ClientCertLookupTable { * A container for the certificate data. */ public static class Cert { - AndroidPrivateKey mPrivateKey; + PrivateKey mPrivateKey; byte[][] mCertChain; - public Cert(AndroidPrivateKey privateKey, byte[][] certChain) { + public Cert(PrivateKey privateKey, byte[][] certChain) { this.mPrivateKey = privateKey; byte[][] newChain = new byte[certChain.length][]; for (int i = 0; i < certChain.length; i++) { @@ -48,7 +47,7 @@ public class ClientCertLookupTable { mDenieds = new HashSet<String>(); } - public void allow(String host, int port, AndroidPrivateKey privateKey, byte[][] chain) { + public void allow(String host, int port, PrivateKey privateKey, byte[][] chain) { String host_and_port = hostAndPort(host, port); mCerts.put(host_and_port, new Cert(privateKey, chain)); mDenieds.remove(host_and_port); |