1/*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package android.webkit;
18
19import android.annotation.NonNull;
20import android.annotation.Nullable;
21import android.annotation.SystemApi;
22import android.net.Uri;
23
24import java.security.KeyPair;
25
26/**
27 * Enables the token binding procotol, and provides access to the keys. See
28 * https://tools.ietf.org/html/draft-ietf-tokbind-protocol-03
29 *
30 * All methods are required to be called on the UI thread where WebView is
31 * attached to the View hierarchy.
32 * @hide
33 */
34@SystemApi
35public abstract class TokenBindingService {
36
37    public static final String KEY_ALGORITHM_RSA2048_PKCS_1_5 = "RSA2048_PKCS_1.5";
38    public static final String KEY_ALGORITHM_RSA2048_PSS = "RSA2048PSS";
39    public static final String KEY_ALGORITHM_ECDSAP256 = "ECDSAP256";
40
41    /**
42     * Provides the KeyPair information.
43     */
44    public static abstract class TokenBindingKey {
45        /**
46         * The public, private key pair.
47         */
48        public abstract KeyPair getKeyPair();
49
50        /**
51         * The algorithm that is used to generate the key pair.
52         */
53        public abstract String getAlgorithm();
54    }
55
56    /**
57     * Returns the default TokenBinding service instance. At present there is
58     * only one token binding service instance for all WebView instances,
59     * however this restriction may be relaxed in the future.
60     *
61     * @return The default TokenBindingService instance.
62     */
63    public static TokenBindingService getInstance() {
64        return WebViewFactory.getProvider().getTokenBindingService();
65    }
66
67    /**
68     * Enables the token binding protocol. The token binding protocol
69     * has to be enabled before creating any WebViews.
70     *
71     * @throws IllegalStateException if a WebView was already created.
72     */
73    public abstract void enableTokenBinding();
74
75    /**
76     * Retrieves the key pair for a given origin from the internal
77     * TokenBinding key store asynchronously.
78     *
79     * The user can provide a list of acceptable algorithms for the retrieved
80     * key pair. If a key pair exists and it is in the list of algorithms, then
81     * the key is returned. If it is not in the list, no key is returned.
82     *
83     * If no key pair exists, WebView chooses an algorithm from the list, in
84     * the order given, to generate a key.
85     *
86     * The user can pass {@code null} if any algorithm is acceptable.
87     *
88     * @param origin The origin for the server.
89     * @param algorithm The list of algorithms. An IllegalArgumentException is thrown if array is
90     *                  empty.
91     * @param callback The callback that will be called when key is available.
92     */
93    public abstract void getKey(Uri origin,
94                                @Nullable String[] algorithm,
95                                @NonNull ValueCallback<TokenBindingKey> callback);
96    /**
97     * Deletes specified key (for use when associated cookie is cleared).
98     *
99     * @param origin The origin of the server.
100     * @param callback The callback that will be called when key is deleted. The
101     *        callback parameter (Boolean) will indicate if operation is
102     *        successful or if failed.
103     */
104    public abstract void deleteKey(Uri origin,
105                                   @Nullable ValueCallback<Boolean> callback);
106
107     /**
108      * Deletes all the keys (for use when cookies are cleared).
109      *
110      * @param callback The callback that will be called when keys are deleted.
111      *        The callback parameter (Boolean) will indicate if operation is
112      *        successful or if failed.
113      */
114    public abstract void deleteAllKeys(@Nullable ValueCallback<Boolean> callback);
115}
116