Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(50)

Unified Diff: net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java

Issue 11266008: Fix certificate and keychain installation on Android. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: Created 8 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java
diff --git a/net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java b/net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java
index 28208a76bdbdfb58be8baf453894798a362f66ff..e0c1d737b545d275b734e4acc303d6381d45a202 100644
--- a/net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java
+++ b/net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java
@@ -7,6 +7,7 @@ package org.chromium.net;
import android.content.ActivityNotFoundException;
import android.content.Context;
import android.content.Intent;
+import android.security.KeyChain;
import android.util.Log;
import org.chromium.base.CalledByNative;
@@ -29,6 +30,18 @@ class AndroidNetworkLibrary {
private static final String TAG = AndroidNetworkLibrary.class.getName();
+ // These values MUST match those defined in net/base/mime_utils.h
+ private static final int CERTIFICATE_TYPE_UNKNOWN = 0;
+
+ // The file is a DER-encoded X509 User certificate.
+ private static final int CERTIFICATE_TYPE_X509_USER_CERT = 2;
+
+ // The file is a DER-encoded X509 CA certificate.
+ private static final int CERTIFICATE_TYPE_X509_CA_CERT = 3;
+
+ // The file is a PKCS#12 keychain.
+ private static final int CERTIFICATE_TYPE_PKCS12 = 4;
+
/**
* Stores the key pair into the CertInstaller application.
*/
@@ -53,6 +66,47 @@ class AndroidNetworkLibrary {
}
/**
+ * Adds a cryptographic file (User certificate, a CA certificate or
+ * PKCS#12 keychain) through the system's CertInstaller activity.
+ *
+ * @param context: current application context.
+ * @param file_type: cryptographic file type. E.g. CERTIFICATE_TYPE_X509_USER_CERT.
+ * @param data: certificate/keychain data bytes.
+ * @return true on success, false on failure.
+ *
+ * Note that failure only indicates that the function couldn't launch the
+ * CertInstaller activity, not that the certificate/keychain was properly
+ * installed to the keystore.
+ */
+ @CalledByNative
+ static public boolean storeCertificate(Context context, int cert_type, byte[] data) {
+ try {
+ Intent intent = KeyChain.createInstallIntent();
+ intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
+
+ switch (cert_type) {
+ case CERTIFICATE_TYPE_X509_USER_CERT:
+ case CERTIFICATE_TYPE_X509_CA_CERT:
+ intent.putExtra(KeyChain.EXTRA_CERTIFICATE, data);
+ break;
+
+ case CERTIFICATE_TYPE_PKCS12:
+ intent.putExtra(KeyChain.EXTRA_PKCS12, data);
+ break;
+
+ default:
+ Log.w(TAG, "invalid certificate type: " + cert_type);
+ return false;
+ }
+ context.startActivity(intent);
+ return true;
+ } catch (ActivityNotFoundException e) {
+ Log.w(TAG, "could not store crypto file: " + e);
+ }
+ return false;
+ }
+
+ /**
* @return the mime type (if any) that is associated with the file
* extension. Returns null if no corresponding mime type exists.
*/

Powered by Google App Engine
This is Rietveld 408576698