* commit '105c47924f7af9319ec9242b952b4bf074585229': Verify certificates
This commit is contained in:
Marco Nelissen
Android Git Automerger
@ -49,6 +49,8 @@ import android.database.ContentObserver;
|
||||
import android.media.MediaPlayer.OnCompletionListener;
|
||||
import android.media.MediaPlayer.OnErrorListener;
|
||||
import android.net.Uri;
|
||||
import android.net.http.CertificateChainValidator;
|
||||
import android.net.http.SslError;
|
||||
import android.os.Binder;
|
||||
import android.os.Build;
|
||||
import android.os.Bundle;
|
||||
@ -81,10 +83,12 @@ import com.android.internal.util.XmlUtils;
|
||||
|
||||
import org.xmlpull.v1.XmlPullParserException;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.FileDescriptor;
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
import java.lang.reflect.Field;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.util.ArrayList;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
import java.util.HashMap;
|
||||
@ -116,6 +120,8 @@ public class AudioService extends IAudioService.Stub {
|
||||
protected static final boolean DEBUG_RC = false;
|
||||
/** Debug volumes */
|
||||
protected static final boolean DEBUG_VOL = false;
|
||||
/** Debug cert verification */
|
||||
private static final boolean DEBUG_CERTS = false;
|
||||
|
||||
/** How long to delay before persisting a change in volume/ringer mode. */
|
||||
private static final int PERSIST_DELAY = 500;
|
||||
@ -4581,6 +4587,43 @@ public class AudioService extends IAudioService.Stub {
|
||||
}
|
||||
}
|
||||
|
||||
public int verifyX509CertChain(int numcerts, byte [] chain, String domain, String authType) {
|
||||
|
||||
if (DEBUG_CERTS) {
|
||||
Log.v(TAG, "java side verify for "
|
||||
+ numcerts + " certificates (" + chain.length + " bytes"
|
||||
+ ")for "+ domain + "/" + authType);
|
||||
}
|
||||
|
||||
byte[][] certChain = new byte[numcerts][];
|
||||
|
||||
ByteBuffer buf = ByteBuffer.wrap(chain);
|
||||
for (int i = 0; i < numcerts; i++) {
|
||||
int certlen = buf.getInt();
|
||||
if (DEBUG_CERTS) {
|
||||
Log.i(TAG, "cert " + i +": " + certlen);
|
||||
}
|
||||
certChain[i] = new byte[certlen];
|
||||
buf.get(certChain[i]);
|
||||
}
|
||||
|
||||
try {
|
||||
SslError err = CertificateChainValidator.verifyServerCertificates(certChain,
|
||||
domain, authType);
|
||||
if (DEBUG_CERTS) {
|
||||
Log.i(TAG, "verified: " + err);
|
||||
}
|
||||
if (err == null) {
|
||||
return -1;
|
||||
} else {
|
||||
return err.getPrimaryError();
|
||||
}
|
||||
} catch (Exception e) {
|
||||
Log.e(TAG, "failed to verify chain: " + e);
|
||||
}
|
||||
return SslError.SSL_INVALID;
|
||||
}
|
||||
|
||||
|
||||
//==========================================================================================
|
||||
// Camera shutter sound policy.
|
||||
|
||||
@ -35,6 +35,8 @@ import android.view.KeyEvent;
|
||||
*/
|
||||
interface IAudioService {
|
||||
|
||||
int verifyX509CertChain(int chainsize, in byte[] chain, String host, String authtype);
|
||||
|
||||
void adjustVolume(int direction, int flags, String callingPackage);
|
||||
|
||||
boolean isLocalOrRemoteMusicActive();
|
||||
@ -236,4 +238,5 @@ interface IAudioService {
|
||||
AudioRoutesInfo startWatchingRoutes(in IAudioRoutesObserver observer);
|
||||
|
||||
boolean isCameraSoundForced();
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user