Provide Browser implementation of WebViewClient.onReceivedClientCertRequest

Following the example of onReceivedSslError, implement onReceivedClientCertRequest

ERROR CASE                                              CLIENT CERT CASE
<... From frameworks/base ...>                          <... From frameworks/base ...>
Tab.SubWindowClient.onReceivedSslError                  Tab.SubWindowClient.onReceivedClientCertRequest
Tab.mWebViewClient.onReceivedSslError			Tab.mWebViewClient.onReceivedClientCertRequest
<... ssl_warnings dialog ...>                           <... KeyChain.choosePrivateKeyAlias/KeyChainLookup ...>
SslErrorHandler.proceed (with SslCertLookupTable)       ClientCertRequestHandler.proceed (with SslClientCertLookupTable)
<... To frameworks/base ...>                            <... To frameworks/base ...>

Change-Id: I3ed3789c4efc97c87ab4773cdaed3e654a1fd1e3

2 files changed, 81 insertions, 0 deletions

diff --git a/src/com/android/browser/KeyChainLookup.java b/src/com/android/browser/KeyChainLookup.java
new file mode 100644
index 0000000..7f236e5
--- /dev/null
+++ b/src/com/android/browser/KeyChainLookup.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 201 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.browser;
+
+import android.content.Context;
+import android.os.AsyncTask;
+import android.os.RemoteException;
+import android.security.KeyChain;
+import android.webkit.ClientCertRequestHandler;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+
+final class KeyChainLookup extends AsyncTask<Void, Void, Void> {
+    private final Context mContext;
+    private final ClientCertRequestHandler mHandler;
+    private final String mAlias;
+    KeyChainLookup(Context context, ClientCertRequestHandler handler, String alias) {
+        mContext = context;
+        mHandler = handler;
+        mAlias = alias;
+    }
+    @Override protected Void doInBackground(Void... params) {
+        PrivateKey privateKey;
+        X509Certificate[] certificateChain;
+        try {
+            privateKey = KeyChain.getPrivateKey(mContext, mAlias);
+            certificateChain = KeyChain.getCertificateChain(mContext, mAlias);
+        } catch (InterruptedException e) {
+            mHandler.ignore();
+            return null;
+        } catch (RemoteException e) {
+            mHandler.ignore();
+            return null;
+        }
+        mHandler.proceed(privateKey, certificateChain);
+        return null;
+    }
+}
diff --git a/src/com/android/browser/Tab.java b/src/com/android/browser/Tab.java
index 95c7850..e517d76 100644
--- a/src/com/android/browser/Tab.java
+++ b/src/com/android/browser/Tab.java
@@ -32,12 +32,15 @@ import android.net.http.SslError;
 import android.os.Bundle;
 import android.os.Message;
 import android.os.SystemClock;
+import android.security.KeyChain;
+import android.security.KeyChainAliasResponse;
 import android.speech.RecognizerResultsIntent;
 import android.util.Log;
 import android.view.KeyEvent;
 import android.view.LayoutInflater;
 import android.view.View;
 import android.view.ViewStub;
+import android.webkit.ClientCertRequestHandler;
 import android.webkit.ConsoleMessage;
 import android.webkit.DownloadListener;
 import android.webkit.GeolocationPermissions;
@@ -791,6 +794,27 @@ class Tab {
         }
 
         /**
+         * Displays client certificate request to the user.
+         */
+        @Override
+        public void onReceivedClientCertRequest(final WebView view,
+                final ClientCertRequestHandler handler, final String host_and_port) {
+            if (!mInForeground) {
+                handler.ignore();
+                return;
+            }
+            KeyChain.choosePrivateKeyAlias(mActivity, new KeyChainAliasResponse() {
+                @Override public void alias(String alias) {
+                    if (alias == null) {
+                        handler.cancel();
+                        return;
+                    }
+                    new KeyChainLookup(mActivity, handler, alias).execute();
+                }
+            });
+        }
+
+        /**
          * Handles an HTTP authentication request.
          *
          * @param handler The authentication handler
@@ -1232,6 +1256,11 @@ class Tab {
             mClient.onReceivedSslError(view, handler, error);
         }
         @Override
+        public void onReceivedClientCertRequest(WebView view,
+                ClientCertRequestHandler handler, String host_and_port) {
+            mClient.onReceivedClientCertRequest(view, handler, host_and_port);
+        }
+        @Override
         public void onReceivedHttpAuthRequest(WebView view,
                 HttpAuthHandler handler, String host, String realm) {
             mClient.onReceivedHttpAuthRequest(view, handler, host, realm);