1ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu/*
2ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * Copyright (C) 2010 The Android Open Source Project
3ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu *
4ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * Licensed under the Apache License, Version 2.0 (the "License");
5ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * you may not use this file except in compliance with the License.
6ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * You may obtain a copy of the License at
7ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu *
8ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu *      http://www.apache.org/licenses/LICENSE-2.0
9ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu *
10ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * Unless required by applicable law or agreed to in writing, software
11ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * distributed under the License is distributed on an "AS IS" BASIS,
12ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * See the License for the specific language governing permissions and
14ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu * limitations under the License.
15ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu */
16ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu
17ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wupackage android.webkit;
18ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu
19ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wuimport android.os.Bundle;
20ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wuimport android.net.http.SslError;
21ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu
22fa03f9a3460a695337231df3195271060a1b4a06Steve Blockimport java.net.MalformedURLException;
23fa03f9a3460a695337231df3195271060a1b4a06Steve Blockimport java.net.URL;
24fa03f9a3460a695337231df3195271060a1b4a06Steve Block
25a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom/**
26200ff0a7b1ab14a9a1dfb6ac5bbc7b72e0b14273Steve Block * Stores the user's decision of whether to allow or deny an invalid certificate.
27200ff0a7b1ab14a9a1dfb6ac5bbc7b72e0b14273Steve Block *
28bf52c0ea10482ad761e4fbc8ce07e9517b8541f6Steve Block * This class is not threadsafe. It is used only on the WebCore thread. Also, it
29bf52c0ea10482ad761e4fbc8ce07e9517b8541f6Steve Block * is used only by the Chromium HTTP stack.
30ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu */
31a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstromfinal class SslCertLookupTable {
32ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu    private static SslCertLookupTable sTable;
33f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block    // We store the most severe error we're willing to allow for each host.
34ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu    private final Bundle table;
35ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu
36200ff0a7b1ab14a9a1dfb6ac5bbc7b72e0b14273Steve Block    public static SslCertLookupTable getInstance() {
37ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu        if (sTable == null) {
38ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu            sTable = new SslCertLookupTable();
39ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu        }
40ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu        return sTable;
41ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu    }
42ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu
43ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu    private SslCertLookupTable() {
44ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu        table = new Bundle();
45ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu    }
46ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu
47bf52c0ea10482ad761e4fbc8ce07e9517b8541f6Steve Block    public void setIsAllowed(SslError sslError) {
48f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block        String host;
49f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block        try {
50f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block            host = new URL(sslError.getUrl()).getHost();
51f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block        } catch(MalformedURLException e) {
52f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block            return;
53fa03f9a3460a695337231df3195271060a1b4a06Steve Block        }
54f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block        table.putInt(host, sslError.getPrimaryError());
55ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu    }
56ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu
57f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block    // We allow the decision to be re-used if it's for the same host and is for
58f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block    // an error of equal or greater severity than this error.
59200ff0a7b1ab14a9a1dfb6ac5bbc7b72e0b14273Steve Block    public boolean isAllowed(SslError sslError) {
60fa03f9a3460a695337231df3195271060a1b4a06Steve Block        String host;
61fa03f9a3460a695337231df3195271060a1b4a06Steve Block        try {
62f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block            host = new URL(sslError.getUrl()).getHost();
63fa03f9a3460a695337231df3195271060a1b4a06Steve Block        } catch(MalformedURLException e) {
64f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block            return false;
65fa03f9a3460a695337231df3195271060a1b4a06Steve Block        }
66f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block        return table.containsKey(host) && sslError.getPrimaryError() <= table.getInt(host);
67f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block    }
68f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block
69f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block    public void clear() {
70f219f23aec8ef65cca70cd038cb9b77212cf9435Steve Block        table.clear();
71fa03f9a3460a695337231df3195271060a1b4a06Steve Block    }
72ad053cebc82cbdd7534fcdef095fe79396da3100Huahui Wu}
73