1 /*
2  * Copyright (C) 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.webkit;
18 
19 import android.annotation.NonNull;
20 import android.annotation.Nullable;
21 import android.annotation.SystemApi;
22 import android.net.Uri;
23 
24 import java.security.KeyPair;
25 
26 /**
27  * Enables the token binding procotol, and provides access to the keys. See
28  * https://tools.ietf.org/html/draft-ietf-tokbind-protocol-03
29  *
30  * All methods are required to be called on the UI thread where WebView is
31  * attached to the View hierarchy.
32  * @hide
33  */
34 @SystemApi
35 public abstract class TokenBindingService {
36 
37     public static final String KEY_ALGORITHM_RSA2048_PKCS_1_5 = "RSA2048_PKCS_1.5";
38     public static final String KEY_ALGORITHM_RSA2048_PSS = "RSA2048PSS";
39     public static final String KEY_ALGORITHM_ECDSAP256 = "ECDSAP256";
40 
41     /**
42      * Provides the KeyPair information.
43      */
44     public static abstract class TokenBindingKey {
45         /**
46          * The public, private key pair.
47          */
getKeyPair()48         public abstract KeyPair getKeyPair();
49 
50         /**
51          * The algorithm that is used to generate the key pair.
52          */
getAlgorithm()53         public abstract String getAlgorithm();
54     }
55 
56     /**
57      * Returns the default TokenBinding service instance. At present there is
58      * only one token binding service instance for all WebView instances,
59      * however this restriction may be relaxed in the future.
60      *
61      * @return The default TokenBindingService instance.
62      */
getInstance()63     public static TokenBindingService getInstance() {
64         return WebViewFactory.getProvider().getTokenBindingService();
65     }
66 
67     /**
68      * Enables the token binding protocol. The token binding protocol
69      * has to be enabled before creating any WebViews.
70      *
71      * @throws IllegalStateException if a WebView was already created.
72      */
enableTokenBinding()73     public abstract void enableTokenBinding();
74 
75     /**
76      * Retrieves the key pair for a given origin from the internal
77      * TokenBinding key store asynchronously.
78      *
79      * The user can provide a list of acceptable algorithms for the retrieved
80      * key pair. If a key pair exists and it is in the list of algorithms, then
81      * the key is returned. If it is not in the list, no key is returned.
82      *
83      * If no key pair exists, WebView chooses an algorithm from the list, in
84      * the order given, to generate a key.
85      *
86      * The user can pass {@code null} if any algorithm is acceptable.
87      *
88      * @param origin The origin for the server.
89      * @param algorithm The list of algorithms. An IllegalArgumentException is thrown if array is
90      *                  empty.
91      * @param callback The callback that will be called when key is available.
92      */
getKey(Uri origin, @Nullable String[] algorithm, @NonNull ValueCallback<TokenBindingKey> callback)93     public abstract void getKey(Uri origin,
94                                 @Nullable String[] algorithm,
95                                 @NonNull ValueCallback<TokenBindingKey> callback);
96     /**
97      * Deletes specified key (for use when associated cookie is cleared).
98      *
99      * @param origin The origin of the server.
100      * @param callback The callback that will be called when key is deleted. The
101      *        callback parameter (Boolean) will indicate if operation is
102      *        successful or if failed.
103      */
deleteKey(Uri origin, @Nullable ValueCallback<Boolean> callback)104     public abstract void deleteKey(Uri origin,
105                                    @Nullable ValueCallback<Boolean> callback);
106 
107      /**
108       * Deletes all the keys (for use when cookies are cleared).
109       *
110       * @param callback The callback that will be called when keys are deleted.
111       *        The callback parameter (Boolean) will indicate if operation is
112       *        successful or if failed.
113       */
deleteAllKeys(@ullable ValueCallback<Boolean> callback)114     public abstract void deleteAllKeys(@Nullable ValueCallback<Boolean> callback);
115 }
116