Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 263650e3 authored by Thiébaud Weksteen's avatar Thiébaud Weksteen Committed by Android (Google) Code Review
Browse files

Merge "Implement getCertificateTransparencyVerificationReason for... 

Merge "Implement getCertificateTransparencyVerificationReason for ConfigNetworkSecurityPolicy" into main
parents 477bf18f 14efdf35

packages/NetworkSecurityConfig/platform/src/android/security/net/config/ApplicationConfig.java

+18 −0
Original line number Diff line number Diff line
@@ -18,6 +18,11 @@ package android.security.net.config; 


import static android.security.Flags.certificateTransparencyConfiguration;



import static libcore.net.NetworkSecurityPolicy.CERTIFICATE_TRANSPARENCY_REASON_APP_OPT_IN;

import static libcore.net.NetworkSecurityPolicy.CERTIFICATE_TRANSPARENCY_REASON_DOMAIN_OPT_IN;

import static libcore.net.NetworkSecurityPolicy.CERTIFICATE_TRANSPARENCY_REASON_SDK_TARGET_DEFAULT_ENABLED;

import static libcore.net.NetworkSecurityPolicy.CERTIFICATE_TRANSPARENCY_REASON_UNKNOWN;



import android.annotation.NonNull;

import android.util.Pair;
@@ -177,6 +182,19 @@ public final class ApplicationConfig { 
                : NetworkSecurityConfig.certificateTransparencyVerificationRequiredDefault();

    }



    int getCertificateTransparencyVerificationReason(@NonNull String hostname) {

        if (NetworkSecurityConfig.certificateTransparencyVerificationRequiredDefault()) {

            return CERTIFICATE_TRANSPARENCY_REASON_SDK_TARGET_DEFAULT_ENABLED;

        }

        if (getConfigForHostname(null).isCertificateTransparencyVerificationRequired()) {

            return CERTIFICATE_TRANSPARENCY_REASON_APP_OPT_IN;

        }

        if (getConfigForHostname(hostname).isCertificateTransparencyVerificationRequired()) {

            return CERTIFICATE_TRANSPARENCY_REASON_DOMAIN_OPT_IN;

        }

        return CERTIFICATE_TRANSPARENCY_REASON_UNKNOWN;

    }



    public void handleTrustStorageUpdate() {

        synchronized(mLock) {

            // If the config is uninitialized then there is no work to be done to handle an update,

packages/NetworkSecurityConfig/platform/src/android/security/net/config/ConfigNetworkSecurityPolicy.java

+5 −0
Original line number Diff line number Diff line
@@ -42,4 +42,9 @@ public class ConfigNetworkSecurityPolicy extends libcore.net.NetworkSecurityPoli 
    public boolean isCertificateTransparencyVerificationRequired(String hostname) {

        return mConfig.isCertificateTransparencyVerificationRequired(hostname);

    }



    @Override

    public int getCertificateTransparencyVerificationReason(String hostname) {

        return mConfig.getCertificateTransparencyVerificationReason(hostname);

    }

}