1ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu/* 2ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * Copyright (C) 2010 The Android Open Source Project 3ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * 4ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * Licensed under the Apache License, Version 2.0 (the "License"); 5ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * you may not use this file except in compliance with the License. 6ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * You may obtain a copy of the License at 7ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * 8ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * http://www.apache.org/licenses/LICENSE-2.0 9ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * 10ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * Unless required by applicable law or agreed to in writing, software 11ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * distributed under the License is distributed on an "AS IS" BASIS, 12ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * See the License for the specific language governing permissions and 14ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * limitations under the License. 15ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu */ 16ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu 17ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wupackage android.webkit; 18ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu 19ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wuimport android.os.Bundle; 20ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wuimport android.net.http.SslError; 21ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu 22fa03f9a3460a695337231df3195271060a1b4a06Steve Blockimport java.net.MalformedURLException; 23fa03f9a3460a695337231df3195271060a1b4a06Steve Blockimport java.net.URL; 24fa03f9a3460a695337231df3195271060a1b4a06Steve Block 25a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom/** 26200ff0a7b1ab14a9a1dfb6ac5bbc7b72e0b14273Steve Block * Stores the user's decision of whether to allow or deny an invalid certificate. 27200ff0a7b1ab14a9a1dfb6ac5bbc7b72e0b14273Steve Block * 28bf52c0ea10482ad761e4fbc8ce07e9517b8541f6Steve Block * This class is not threadsafe. It is used only on the WebCore thread. Also, it 29bf52c0ea10482ad761e4fbc8ce07e9517b8541f6Steve Block * is used only by the Chromium HTTP stack. 30ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu */ 31a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstromfinal class SslCertLookupTable { 32ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu private static SslCertLookupTable sTable; 33f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block // We store the most severe error we're willing to allow for each host. 34ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu private final Bundle table; 35ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu 36200ff0a7b1ab14a9a1dfb6ac5bbc7b72e0b14273Steve Block public static SslCertLookupTable getInstance() { 37ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu if (sTable == null) { 38ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu sTable = new SslCertLookupTable(); 39ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu } 40ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu return sTable; 41ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu } 42ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu 43ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu private SslCertLookupTable() { 44ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu table = new Bundle(); 45ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu } 46ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu 47bf52c0ea10482ad761e4fbc8ce07e9517b8541f6Steve Block public void setIsAllowed(SslError sslError) { 48f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block String host; 49f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block try { 50f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block host = new URL(sslError.getUrl()).getHost(); 51f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block } catch(MalformedURLException e) { 52f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block return; 53fa03f9a3460a695337231df3195271060a1b4a06Steve Block } 54f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block table.putInt(host, sslError.getPrimaryError()); 55ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu } 56ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu 57f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block // We allow the decision to be re-used if it's for the same host and is for 58f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block // an error of equal or greater severity than this error. 59200ff0a7b1ab14a9a1dfb6ac5bbc7b72e0b14273Steve Block public boolean isAllowed(SslError sslError) { 60fa03f9a3460a695337231df3195271060a1b4a06Steve Block String host; 61fa03f9a3460a695337231df3195271060a1b4a06Steve Block try { 62f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block host = new URL(sslError.getUrl()).getHost(); 63fa03f9a3460a695337231df3195271060a1b4a06Steve Block } catch(MalformedURLException e) { 64f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block return false; 65fa03f9a3460a695337231df3195271060a1b4a06Steve Block } 66f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block return table.containsKey(host) && sslError.getPrimaryError() <= table.getInt(host); 67f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block } 68f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block 69f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block public void clear() { 70f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block table.clear(); 71fa03f9a3460a695337231df3195271060a1b4a06Steve Block } 72ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu} 73