/* * Copyright (C) 2015 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.webkit; import android.annotation.SystemApi; import android.net.Uri; import java.security.KeyPair; import java.security.spec.AlgorithmParameterSpec; /** * Enables the token binding procotol, and provides access to the keys. See * https://tools.ietf.org/html/draft-ietf-tokbind-protocol-03 * * All methods are required to be called on the UI thread where WebView is * attached to the View hierarchy. * @hide */ @SystemApi public abstract class TokenBindingService { public static final String KEY_ALGORITHM_RSA2048_PKCS_1_5 = "RSA2048_PKCS_1.5"; public static final String KEY_ALGORITHM_RSA2048_PSS = "RSA2048PSS"; public static final String KEY_ALGORITHM_ECDSAP256 = "ECDSAP256"; /** * Provides the KeyPair information. */ public static abstract class TokenBindingKey { /** * The public, private key pair. */ public abstract KeyPair getKeyPair(); /** * The algorithm that is used to generate the key pair. */ public abstract String getAlgorithm(); } /** * Returns the default TokenBinding service instance. At present there is * only one token binding service instance for all WebView instances, * however this restriction may be relaxed in the future. * * @return The default TokenBindingService instance. */ public static TokenBindingService getInstance() { return WebViewFactory.getProvider().getTokenBindingService(); } /** * Enables the token binding protocol. The token binding protocol * has to be enabled before creating any WebViews. * * @throws IllegalStateException if a WebView was already created. */ public abstract void enableTokenBinding(); /** * Retrieves the key pair for a given origin from the internal * TokenBinding key store asynchronously. * * The user can provide a list of acceptable algorithms for the retrieved * key pair. If a key pair exists and it is in the list of algorithms, then * the key is returned. If it is not in the list, no key is returned. * * If no key pair exists, WebView chooses an algorithm from the list, in * the order given, to generate a key. * * The user can pass a null if any algorithm is acceptable. * * @param origin The origin for the server. * @param algorithm The list of algorithms. Can be null. An * IllegalArgumentException is thrown if array is empty. * @param callback The callback that will be called when key is available. * Cannot be null. */ public abstract void getKey(Uri origin, String[] algorithm, ValueCallback callback); /** * Deletes specified key (for use when associated cookie is cleared). * * @param origin The origin of the server. * @param callback The callback that will be called when key is deleted. The * callback parameter (Boolean) will indicate if operation is * successful or if failed. The callback can be null. */ public abstract void deleteKey(Uri origin, ValueCallback callback); /** * Deletes all the keys (for use when cookies are cleared). * * @param callback The callback that will be called when keys are deleted. * The callback parameter (Boolean) will indicate if operation is * successful or if failed. The callback can be null. */ public abstract void deleteAllKeys(ValueCallback callback); }