15a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker/* 25a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * Copyright (C) 2015 The Android Open Source Project 35a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * 45a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * Licensed under the Apache License, Version 2.0 (the "License"); 55a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * you may not use this file except in compliance with the License. 65a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * You may obtain a copy of the License at 75a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * 85a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * http://www.apache.org/licenses/LICENSE-2.0 95a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * 105a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * Unless required by applicable law or agreed to in writing, software 115a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * distributed under the License is distributed on an "AS IS" BASIS, 125a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 135a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * See the License for the specific language governing permissions and 145a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker * limitations under the License. 155a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker */ 165a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 175a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerpackage android.security.net.config; 185a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 19fd0d31a3f44b89ec64a0b2e3670fb676b9a3b83eChad Brubakerimport android.content.Context; 20fd0d31a3f44b89ec64a0b2e3670fb676b9a3b83eChad Brubakerimport java.security.Security; 215a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerimport java.security.Provider; 225a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 235a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker/** @hide */ 245a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubakerpublic final class NetworkSecurityConfigProvider extends Provider { 25fd0d31a3f44b89ec64a0b2e3670fb676b9a3b83eChad Brubaker private static final String PREFIX = 265a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker NetworkSecurityConfigProvider.class.getPackage().getName() + "."; 275a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker 285a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker public NetworkSecurityConfigProvider() { 295a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker // TODO: More clever name than this 305a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker super("AndroidNSSP", 1.0, "Android Network Security Policy Provider"); 315a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker put("TrustManagerFactory.PKIX", PREFIX + "RootTrustManagerFactorySpi"); 325a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker put("Alg.Alias.TrustManagerFactory.X509", "PKIX"); 335a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker } 34fd0d31a3f44b89ec64a0b2e3670fb676b9a3b83eChad Brubaker 35c3a6c78feddd53241ea64d8aae1867235e043a75Chad Brubaker public static void install(Context context) { 36c3a6c78feddd53241ea64d8aae1867235e043a75Chad Brubaker ApplicationConfig config = new ApplicationConfig(new ManifestConfigSource(context)); 37fd0d31a3f44b89ec64a0b2e3670fb676b9a3b83eChad Brubaker ApplicationConfig.setDefaultInstance(config); 38fd0d31a3f44b89ec64a0b2e3670fb676b9a3b83eChad Brubaker int pos = Security.insertProviderAt(new NetworkSecurityConfigProvider(), 1); 39fd0d31a3f44b89ec64a0b2e3670fb676b9a3b83eChad Brubaker if (pos != 1) { 40fd0d31a3f44b89ec64a0b2e3670fb676b9a3b83eChad Brubaker throw new RuntimeException("Failed to install provider as highest priority provider." 41fd0d31a3f44b89ec64a0b2e3670fb676b9a3b83eChad Brubaker + " Provider was installed at position " + pos); 42fd0d31a3f44b89ec64a0b2e3670fb676b9a3b83eChad Brubaker } 43c136cb0abd2c5f876f68c5ed1858b08976f540c5Chad Brubaker libcore.net.NetworkSecurityPolicy.setInstance(new ConfigNetworkSecurityPolicy(config)); 44fd0d31a3f44b89ec64a0b2e3670fb676b9a3b83eChad Brubaker } 455a1078f40dd511901c33ccf78be6e2d5081d6637Chad Brubaker} 46