1a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom/* 2a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * Copyright (C) 2011 The Android Open Source Project 3a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * 4a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * Licensed under the Apache License, Version 2.0 (the "License"); 5a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * you may not use this file except in compliance with the License. 6a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * You may obtain a copy of the License at 7a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * 8a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * http://www.apache.org/licenses/LICENSE-2.0 9a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * 10a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * Unless required by applicable law or agreed to in writing, software 11a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * distributed under the License is distributed on an "AS IS" BASIS, 12a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * See the License for the specific language governing permissions and 14a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * limitations under the License. 15a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom */ 16a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom 17a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrompackage android.webkit; 18a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom 19275fce8a2ca45e640abf451552dd1bdbbc0cb54cSelim Gurunimport java.security.PrivateKey; 20a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstromimport java.util.HashMap; 21a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstromimport java.util.HashSet; 22a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstromimport java.util.Map; 23a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstromimport java.util.Set; 24a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom 25a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom/** 26a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom * A simple class to store client certificates that user has chosen. 27a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom */ 28a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstromfinal class SslClientCertLookupTable { 29a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom private static SslClientCertLookupTable sTable; 30275fce8a2ca45e640abf451552dd1bdbbc0cb54cSelim Gurun private final Map<String, PrivateKey> privateKeys; 31a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom private final Map<String, byte[][]> certificateChains; 32a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom private final Set<String> denied; 33a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom 34a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom public static synchronized SslClientCertLookupTable getInstance() { 35a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom if (sTable == null) { 36a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom sTable = new SslClientCertLookupTable(); 37a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom } 38a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom return sTable; 39a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom } 40a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom 41a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom private SslClientCertLookupTable() { 42275fce8a2ca45e640abf451552dd1bdbbc0cb54cSelim Gurun privateKeys = new HashMap<String, PrivateKey>(); 43a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom certificateChains = new HashMap<String, byte[][]>(); 44a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom denied = new HashSet<String>(); 45a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom } 46a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom 47275fce8a2ca45e640abf451552dd1bdbbc0cb54cSelim Gurun public void Allow(String host_and_port, PrivateKey privateKey, byte[][] chain) { 48a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom privateKeys.put(host_and_port, privateKey); 49a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom certificateChains.put(host_and_port, chain); 50a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom denied.remove(host_and_port); 51a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom } 52a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom 53a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom public void Deny(String host_and_port) { 54a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom privateKeys.remove(host_and_port); 55a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom certificateChains.remove(host_and_port); 56a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom denied.add(host_and_port); 57a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom } 58a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom 59a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom public boolean IsAllowed(String host_and_port) { 60a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom return privateKeys.containsKey(host_and_port); 61a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom } 62a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom 63a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom public boolean IsDenied(String host_and_port) { 64a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom return denied.contains(host_and_port); 65a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom } 66a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom 67275fce8a2ca45e640abf451552dd1bdbbc0cb54cSelim Gurun public PrivateKey PrivateKey(String host_and_port) { 68a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom return privateKeys.get(host_and_port); 69a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom } 70a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom 71a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom public byte[][] CertificateChain(String host_and_port) { 72a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom return certificateChains.get(host_and_port); 73a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom } 74a14775949c97a616196f5293209b092ee3d4e9a9Brian Carlstrom} 75