Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b17cf207 authored by Marco Nelissen's avatar Marco Nelissen Committed by Android Git Automerger
Browse files

am 9ee72b65: am 665b0757: am 81fbdade: resolved conflicts for merge of 534f3e94 to jb-mr1-dev 

* commit '9ee72b65':
  Verify certificates
parents 6b96ecca 9ee72b65

media/java/android/media/AudioService.java

+43 −0
Original line number Diff line number Diff line
@@ -45,6 +45,8 @@ import android.content.res.Configuration; 
import android.database.ContentObserver;

import android.media.MediaPlayer.OnCompletionListener;

import android.media.MediaPlayer.OnErrorListener;

import android.net.http.CertificateChainValidator;

import android.net.http.SslError;

import android.os.Binder;

import android.os.Bundle;

import android.os.Environment;
@@ -72,9 +74,11 @@ import android.view.VolumePanel; 


import com.android.internal.telephony.ITelephony;



import java.io.ByteArrayInputStream;

import java.io.FileDescriptor;

import java.io.IOException;

import java.io.PrintWriter;

import java.nio.ByteBuffer;

import java.util.ArrayList;

import java.util.concurrent.ConcurrentHashMap;

import java.util.HashMap;
@@ -105,6 +109,8 @@ public class AudioService extends IAudioService.Stub implements OnFinished { 
    protected static final boolean DEBUG_RC = false;

    /** Debug volumes */

    protected static final boolean DEBUG_VOL = false;

    /** Debug cert verification */

    private static final boolean DEBUG_CERTS = false;



    /** How long to delay before persisting a change in volume/ringer mode. */

    private static final int PERSIST_DELAY = 500;
@@ -6018,6 +6024,43 @@ public class AudioService extends IAudioService.Stub implements OnFinished { 
        pw.println(Integer.toHexString(mRingerModeMutedStreams));

    }



    public int verifyX509CertChain(int numcerts, byte [] chain, String domain, String authType) {



        if (DEBUG_CERTS) {

            Log.v(TAG, "java side verify for "

                    + numcerts + " certificates (" + chain.length + " bytes"

                            + ")for "+ domain + "/" + authType);

        }



        byte[][] certChain = new byte[numcerts][];



        ByteBuffer buf = ByteBuffer.wrap(chain);

        for (int i = 0; i < numcerts; i++) {

            int certlen = buf.getInt();

            if (DEBUG_CERTS) {

                Log.i(TAG, "cert " + i +": " + certlen);

            }

            certChain[i] = new byte[certlen];

            buf.get(certChain[i]);

        }



        try {

            SslError err = CertificateChainValidator.verifyServerCertificates(certChain,

                    domain, authType);

            if (DEBUG_CERTS) {

                Log.i(TAG, "verified: " + err);

            }

            if (err == null) {

                return -1;

            } else {

                return err.getPrimaryError();

            }

        } catch (Exception e) {

            Log.e(TAG, "failed to verify chain: " + e);

        }

        return SslError.SSL_INVALID;

    }



    @Override

    protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {

        mContext.enforceCallingOrSelfPermission(android.Manifest.permission.DUMP, TAG);

media/java/android/media/IAudioService.aidl

+2 −0
Original line number Diff line number Diff line
@@ -34,6 +34,8 @@ import android.view.KeyEvent; 
 */

interface IAudioService {

    

    int verifyX509CertChain(int chainsize, in byte[] chain, String host, String authtype);



    void adjustVolume(int direction, int flags);



    oneway void adjustLocalOrRemoteStreamVolume(int streamType, int direction);