15a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker/* 25a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * Copyright (C) 2015 The Android Open Source Project 35a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * 45a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * Licensed under the Apache License, Version 2.0 (the "License"); 55a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * you may not use this file except in compliance with the License. 65a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * You may obtain a copy of the License at 75a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * 85a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * http://www.apache.org/licenses/LICENSE-2.0 95a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * 105a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * Unless required by applicable law or agreed to in writing, software 115a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * distributed under the License is distributed on an "AS IS" BASIS, 125a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 135a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * See the License for the specific language governing permissions and 145a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * limitations under the License. 155a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker */ 165a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 175a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerpackage android.security.net.config; 185a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 195a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport android.util.Pair; 205a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport java.security.InvalidAlgorithmParameterException; 215a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport java.security.InvalidParameterException; 225a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport java.security.KeyStore; 235a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport java.security.KeyStoreException; 245a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport java.security.NoSuchAlgorithmException; 255a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport java.security.Provider; 265a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport java.security.Security; 275a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport java.util.Set; 285a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport javax.net.ssl.ManagerFactoryParameters; 295a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport javax.net.ssl.TrustManager; 305a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport javax.net.ssl.TrustManagerFactory; 315a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport javax.net.ssl.TrustManagerFactorySpi; 325a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 335a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport com.android.internal.annotations.VisibleForTesting; 345a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 355a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker/** @hide */ 365a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerpublic class RootTrustManagerFactorySpi extends TrustManagerFactorySpi { 375a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker private ApplicationConfig mApplicationConfig; 385a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker private NetworkSecurityConfig mConfig; 395a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 405a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker @Override 415a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker public void engineInit(ManagerFactoryParameters spec) 425a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker throws InvalidAlgorithmParameterException { 435a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker if (!(spec instanceof ApplicationConfigParameters)) { 445a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker throw new InvalidAlgorithmParameterException("Unsupported spec: " + spec + ". Only " 455a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker + ApplicationConfigParameters.class.getName() + " supported"); 465a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 475a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker } 485a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker mApplicationConfig = ((ApplicationConfigParameters) spec).config; 495a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker } 505a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 515a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker @Override 525a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker public void engineInit(KeyStore ks) throws KeyStoreException { 535a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker if (ks != null) { 545a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker mApplicationConfig = new ApplicationConfig(new KeyStoreConfigSource(ks)); 555a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker } else { 565a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker mApplicationConfig = ApplicationConfig.getDefaultInstance(); 575a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker } 585a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker } 595a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 605a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker @Override 615a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker public TrustManager[] engineGetTrustManagers() { 625a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker if (mApplicationConfig == null) { 635a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker throw new IllegalStateException("TrustManagerFactory not initialized"); 645a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker } 655a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker return new TrustManager[] { mApplicationConfig.getTrustManager() }; 665a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker } 675a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 685a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker @VisibleForTesting 695a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker public static final class ApplicationConfigParameters implements ManagerFactoryParameters { 705a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker public final ApplicationConfig config; 715a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker public ApplicationConfigParameters(ApplicationConfig config) { 725a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker this.config = config; 735a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker } 745a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker } 755a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker} 76