141d8565e816a29192d966f271c06bee91272087cChia-chi Yeh/*
241d8565e816a29192d966f271c06bee91272087cChia-chi Yeh * Copyright (C) 2009 The Android Open Source Project
341d8565e816a29192d966f271c06bee91272087cChia-chi Yeh *
441d8565e816a29192d966f271c06bee91272087cChia-chi Yeh * Licensed under the Apache License, Version 2.0 (the "License");
541d8565e816a29192d966f271c06bee91272087cChia-chi Yeh * you may not use this file except in compliance with the License.
641d8565e816a29192d966f271c06bee91272087cChia-chi Yeh * You may obtain a copy of the License at
741d8565e816a29192d966f271c06bee91272087cChia-chi Yeh *
841d8565e816a29192d966f271c06bee91272087cChia-chi Yeh *      http://www.apache.org/licenses/LICENSE-2.0
941d8565e816a29192d966f271c06bee91272087cChia-chi Yeh *
1041d8565e816a29192d966f271c06bee91272087cChia-chi Yeh * Unless required by applicable law or agreed to in writing, software
1141d8565e816a29192d966f271c06bee91272087cChia-chi Yeh * distributed under the License is distributed on an "AS IS" BASIS,
1241d8565e816a29192d966f271c06bee91272087cChia-chi Yeh * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1341d8565e816a29192d966f271c06bee91272087cChia-chi Yeh * See the License for the specific language governing permissions and
1441d8565e816a29192d966f271c06bee91272087cChia-chi Yeh * limitations under the License.
1541d8565e816a29192d966f271c06bee91272087cChia-chi Yeh */
1641d8565e816a29192d966f271c06bee91272087cChia-chi Yeh
1741d8565e816a29192d966f271c06bee91272087cChia-chi Yehpackage android.webkit;
1841d8565e816a29192d966f271c06bee91272087cChia-chi Yeh
190efca17105d112a0ff568602831b22bdafa00433Brian Carlstromimport com.android.org.bouncycastle.asn1.ASN1Encoding;
204140faeebbfa23d56068c1862b2913fb62145f4fBrian Carlstromimport com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
214140faeebbfa23d56068c1862b2913fb62145f4fBrian Carlstromimport com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
224140faeebbfa23d56068c1862b2913fb62145f4fBrian Carlstromimport com.android.org.bouncycastle.jce.netscape.NetscapeCertRequest;
234140faeebbfa23d56068c1862b2913fb62145f4fBrian Carlstromimport com.android.org.bouncycastle.util.encoders.Base64;
2441d8565e816a29192d966f271c06bee91272087cChia-chi Yeh
2541d8565e816a29192d966f271c06bee91272087cChia-chi Yehimport android.content.Context;
2641d8565e816a29192d966f271c06bee91272087cChia-chi Yehimport android.security.Credentials;
27a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstromimport android.security.KeyChain;
2841d8565e816a29192d966f271c06bee91272087cChia-chi Yehimport android.util.Log;
2941d8565e816a29192d966f271c06bee91272087cChia-chi Yeh
3041d8565e816a29192d966f271c06bee91272087cChia-chi Yehimport java.security.KeyPair;
3141d8565e816a29192d966f271c06bee91272087cChia-chi Yehimport java.security.KeyPairGenerator;
32c7939b1750ba98ab745110a138209d8b981fdc21Huahui Wuimport java.util.HashMap;
3341d8565e816a29192d966f271c06bee91272087cChia-chi Yeh
34a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstromfinal class CertTool {
3541d8565e816a29192d966f271c06bee91272087cChia-chi Yeh    private static final String LOGTAG = "CertTool";
3641d8565e816a29192d966f271c06bee91272087cChia-chi Yeh
3741d8565e816a29192d966f271c06bee91272087cChia-chi Yeh    private static final AlgorithmIdentifier MD5_WITH_RSA =
3841d8565e816a29192d966f271c06bee91272087cChia-chi Yeh            new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption);
3941d8565e816a29192d966f271c06bee91272087cChia-chi Yeh
40c7939b1750ba98ab745110a138209d8b981fdc21Huahui Wu    private static HashMap<String, String> sCertificateTypeMap;
41c7939b1750ba98ab745110a138209d8b981fdc21Huahui Wu    static {
42c7939b1750ba98ab745110a138209d8b981fdc21Huahui Wu        sCertificateTypeMap = new HashMap<String, String>();
43a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom        sCertificateTypeMap.put("application/x-x509-ca-cert", KeyChain.EXTRA_CERTIFICATE);
44a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom        sCertificateTypeMap.put("application/x-x509-user-cert", KeyChain.EXTRA_CERTIFICATE);
45a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom        sCertificateTypeMap.put("application/x-pkcs12", KeyChain.EXTRA_PKCS12);
46c7939b1750ba98ab745110a138209d8b981fdc21Huahui Wu    }
47c7939b1750ba98ab745110a138209d8b981fdc21Huahui Wu
48c633253bef85252e44ffb86500b50943a024246cChia-chi Yeh    static String[] getKeyStrengthList() {
49c633253bef85252e44ffb86500b50943a024246cChia-chi Yeh        return new String[] {"High Grade", "Medium Grade"};
50c633253bef85252e44ffb86500b50943a024246cChia-chi Yeh    }
51c633253bef85252e44ffb86500b50943a024246cChia-chi Yeh
5241d8565e816a29192d966f271c06bee91272087cChia-chi Yeh    static String getSignedPublicKey(Context context, int index, String challenge) {
5341d8565e816a29192d966f271c06bee91272087cChia-chi Yeh        try {
5441d8565e816a29192d966f271c06bee91272087cChia-chi Yeh            KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
5541d8565e816a29192d966f271c06bee91272087cChia-chi Yeh            generator.initialize((index == 0) ? 2048 : 1024);
5641d8565e816a29192d966f271c06bee91272087cChia-chi Yeh            KeyPair pair = generator.genKeyPair();
5741d8565e816a29192d966f271c06bee91272087cChia-chi Yeh
5841d8565e816a29192d966f271c06bee91272087cChia-chi Yeh            NetscapeCertRequest request = new NetscapeCertRequest(challenge,
5941d8565e816a29192d966f271c06bee91272087cChia-chi Yeh                    MD5_WITH_RSA, pair.getPublic());
6041d8565e816a29192d966f271c06bee91272087cChia-chi Yeh            request.sign(pair.getPrivate());
610efca17105d112a0ff568602831b22bdafa00433Brian Carlstrom            byte[] signed = request.toASN1Primitive().getEncoded(ASN1Encoding.DER);
6241d8565e816a29192d966f271c06bee91272087cChia-chi Yeh
6341d8565e816a29192d966f271c06bee91272087cChia-chi Yeh            Credentials.getInstance().install(context, pair);
6441d8565e816a29192d966f271c06bee91272087cChia-chi Yeh            return new String(Base64.encode(signed));
6541d8565e816a29192d966f271c06bee91272087cChia-chi Yeh        } catch (Exception e) {
6641d8565e816a29192d966f271c06bee91272087cChia-chi Yeh            Log.w(LOGTAG, e);
6741d8565e816a29192d966f271c06bee91272087cChia-chi Yeh        }
6841d8565e816a29192d966f271c06bee91272087cChia-chi Yeh        return null;
6941d8565e816a29192d966f271c06bee91272087cChia-chi Yeh    }
7041d8565e816a29192d966f271c06bee91272087cChia-chi Yeh
7141d8565e816a29192d966f271c06bee91272087cChia-chi Yeh    static void addCertificate(Context context, String type, byte[] value) {
7241d8565e816a29192d966f271c06bee91272087cChia-chi Yeh        Credentials.getInstance().install(context, type, value);
7341d8565e816a29192d966f271c06bee91272087cChia-chi Yeh    }
7441d8565e816a29192d966f271c06bee91272087cChia-chi Yeh
75c7939b1750ba98ab745110a138209d8b981fdc21Huahui Wu    static String getCertType(String mimeType) {
76c7939b1750ba98ab745110a138209d8b981fdc21Huahui Wu        return sCertificateTypeMap.get(mimeType);
77a00a2b33ccc6bc079c3ee57a938f62947b48a001Brian Carlstrom    }
78c7939b1750ba98ab745110a138209d8b981fdc21Huahui Wu
7941d8565e816a29192d966f271c06bee91272087cChia-chi Yeh    private CertTool() {}
8041d8565e816a29192d966f271c06bee91272087cChia-chi Yeh}
81