Implement android.webkit.BrowserFrame.requestClientCert

Following the example of reportSslCertError, implement requestClientCert

ERROR CASE                                              CLIENT CERT CASE
<... From external/webkit ...>                          <... From external/webkit ...>
android.webkit.BrowserFrame.reportSslCertError          android.webkit.BrowserFrame.requestClientCert
CallbackProxy.onReceivedSslError                        CallbackProxy.onReceivedClientCertRequest
WebViewClient.onReceivedSslError                        WebViewClient.onReceivedClientCertRequest
<... See packages/apps/Browser ...>                     <... See packages/apps/Browser ...>
SslErrorHandler.proceed (with SslCertLookupTable)       ClientCertRequestHandler.proceed (with SslClientCertLookupTable)
android.webkit.BrowserFrame.nativeSslCertErrorProceed   android.webkit.BrowserFrame.nativeSslClientCert
<... To external/webkit ...>                            <... To external/webkit ...>

Change-Id: I2ba6007ad9b2ee520a0a6b17f3a767679b1664de

1 files changed, 78 insertions, 0 deletions

diff --git a/core/java/android/webkit/ClientCertRequestHandler.java b/core/java/android/webkit/ClientCertRequestHandler.java
new file mode 100644
index 000000000000..3a71e7e5bc33
--- /dev/null
+++ b/core/java/android/webkit/ClientCertRequestHandler.java
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2011 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.webkit;
+
+import java.security.PrivateKey;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+import org.apache.harmony.xnet.provider.jsse.NativeCrypto;
+
+/**
+ * ClientCertRequestHandler: class responsible for handling client
+ * certificate requests.  This class is passed as a parameter to
+ * BrowserCallback.displayClientCertRequestDialog and is meant to
+ * receive the user's response.
+ *
+ * @hide
+ */
+public final class ClientCertRequestHandler {
+
+    private final BrowserFrame mBrowserFrame;
+    private final int mHandle;
+    private final String mHostAndPort;
+    private final SslClientCertLookupTable mTable;
+    ClientCertRequestHandler(BrowserFrame browserFrame,
+                             int handle,
+                             String host_and_port,
+                             SslClientCertLookupTable table) {
+        mBrowserFrame = browserFrame;
+        mHandle = handle;
+        mHostAndPort = host_and_port;
+        mTable = table;
+    }
+
+    /**
+     * Proceed with the specified private key and client certificate chain.
+     */
+    public void proceed(PrivateKey privateKey, X509Certificate[] chain) {
+        byte[] privateKeyBytes = privateKey.getEncoded();
+        byte[][] chainBytes;
+        try {
+            chainBytes = NativeCrypto.encodeCertificates(chain);
+        } catch (CertificateEncodingException e) {
+            mBrowserFrame.nativeSslClientCert(mHandle, null, null);
+            return;
+        }
+        mTable.Allow(mHostAndPort, privateKeyBytes, chainBytes);
+        mBrowserFrame.nativeSslClientCert(mHandle, privateKeyBytes, chainBytes);
+    }
+
+    /**
+     * Igore the request for now, the user may be prompted again.
+     */
+    public void ignore() {
+        mBrowserFrame.nativeSslClientCert(mHandle, null, null);
+    }
+
+    /**
+     * Cancel this request, remember the users negative choice.
+     */
+    public void cancel() {
+        mTable.Deny(mHostAndPort);
+        mBrowserFrame.nativeSslClientCert(mHandle, null, null);
+    }
+}