Merge "Revert "Act on credential storage updates.""

Author: Selim Gurun

core/java/android/net/http/CertificateChainValidator.java

@@ -25,17 +25,15 @@
 import javax.net.ssl.SSLHandshakeException;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.SSLSocket;
-import javax.net.ssl.X509TrustManager;
 import org.apache.harmony.security.provider.cert.X509CertImpl;
 import org.apache.harmony.xnet.provider.jsse.SSLParametersImpl;
-import org.apache.harmony.xnet.provider.jsse.TrustManagerImpl;
 
 /**
  * Class responsible for all server certificate validation functionality
  *
  * {@hide}
  */
-public class CertificateChainValidator {
+class CertificateChainValidator {
 
     /**
      * The singleton instance of the certificate chain validator
@@ -123,18 +121,6 @@ public static SslError verifyServerCertificates(
         return verifyServerDomainAndCertificates(serverCertificates, domain, authType);
     }
 
-    /**
-     * Handles updates to credential storage.
-     */
-    public static void handleTrustStorageUpdate() {
-
-        X509TrustManager x509TrustManager = SSLParametersImpl.getDefaultTrustManager();
-        if( x509TrustManager instanceof TrustManagerImpl ) {
-            TrustManagerImpl trustManager = (TrustManagerImpl) x509TrustManager;
-            trustManager.handleTrustStorageUpdate();
-        }
-    }
-
     /**
      * Common code of doHandshakeAndValidateServerCertificates and verifyServerCertificates.
      * Calls DomainNamevalidator to verify the domain, and TrustManager to verify the certs.

core/java/android/webkit/WebView.java

@@ -59,7 +59,6 @@
 import android.os.StrictMode;
 import android.os.SystemClock;
 import android.provider.Settings;
-import android.security.KeyChain;
 import android.speech.tts.TextToSpeech;
 import android.text.Editable;
 import android.text.InputType;
@@ -1304,7 +1303,6 @@ protected WebView(Context context, AttributeSet attrs, int defStyle,
         init();
         setupPackageListener(context);
         setupProxyListener(context);
-        setupTrustStorageListener(context);
         updateMultiTouchSupport(context);
 
         if (privateBrowsing) {
@@ -1314,41 +1312,6 @@ protected WebView(Context context, AttributeSet attrs, int defStyle,
         mAutoFillData = new WebViewCore.AutoFillData();
     }
 
-    private static class TrustStorageListener extends BroadcastReceiver {
-        @Override
-        public void onReceive(Context context, Intent intent) {
-            if (intent.getAction().equals(KeyChain.ACTION_STORAGE_CHANGED)) {
-                handleCertTrustChanged();
-            }
-        }
-    }
-    private static TrustStorageListener sTrustStorageListener;
-
-    /**
-     * Handles update to the trust storage.
-     */
-    private static void handleCertTrustChanged() {
-        // send a message for indicating trust storage change
-        WebViewCore.sendStaticMessage(EventHub.TRUST_STORAGE_UPDATED, null);
-    }
-
-    /*
-     * @param context This method expects this to be a valid context.
-     */
-    private static void setupTrustStorageListener(Context context) {
-        if (sTrustStorageListener != null ) {
-            return;
-        }
-        IntentFilter filter = new IntentFilter();
-        filter.addAction(KeyChain.ACTION_STORAGE_CHANGED);
-        sTrustStorageListener = new TrustStorageListener();
-        Intent current = 
-            context.getApplicationContext().registerReceiver(sTrustStorageListener, filter);
-        if (current != null) {
-            handleCertTrustChanged();
-        }
-    }
-
     private static class ProxyReceiver extends BroadcastReceiver {
         @Override
         public void onReceive(Context context, Intent intent) {

core/java/android/webkit/WebViewCore.java

@@ -26,7 +26,6 @@
 import android.media.MediaFile;
 import android.net.ProxyProperties;
 import android.net.Uri;
-import android.net.http.CertificateChainValidator;
 import android.os.Bundle;
 import android.os.Handler;
 import android.os.Looper;
@@ -776,11 +775,6 @@ public void handleMessage(Message msg) {
                                 Message m = (Message)msg.obj;
                                 m.sendToTarget();
                                 break;
-                            case EventHub.TRUST_STORAGE_UPDATED:
-                                // post a task to network thread for updating trust manager
-                                nativeCertTrustChanged();
-                                CertificateChainValidator.handleTrustStorageUpdate();
-                                break;
                         }
                     }
                 };
@@ -1139,9 +1133,6 @@ public class EventHub {
         static final int SELECT_WORD_AT = 214;
         static final int SELECT_ALL = 215;
 
-        // for updating state on trust storage change
-        static final int TRUST_STORAGE_UPDATED = 220;
-
         // Private handler for WebCore messages.
         private Handler mHandler;
         // Message queue for containing messages before the WebCore thread is
@@ -3091,6 +3082,4 @@ private native void nativeSelectText(int nativeClass,
     private native void nativeClearTextSelection(int nativeClass);
     private native void nativeSelectWordAt(int nativeClass, int x, int y);
     private native void nativeSelectAll(int nativeClass);
-
-    private static native void nativeCertTrustChanged();
 }

keystore/java/android/security/KeyChain.java

@@ -124,7 +124,7 @@ public final class KeyChain {
     public static final String EXTRA_SENDER = "sender";
 
     /**
-     * Action to bring up the CertInstaller.
+     * Action to bring up the CertInstaller
      */
     private static final String ACTION_INSTALL = "android.credentials.INSTALL";
 
@@ -167,22 +167,6 @@ public final class KeyChain {
     // Compatible with old android.security.Credentials.PKCS12
     public static final String EXTRA_PKCS12 = "PKCS12";
 
-
-    /**
-     * @hide TODO This is temporary and will be removed
-     * Broadcast Action: Indicates the trusted storage has changed. Sent when
-     * one of this happens:
-     *
-     * <ul>
-     * <li>a new CA is added,
-     * <li>an existing CA is removed or disabled,
-     * <li>a disabled CA is enabled,
-     * <li>trusted storage is reset (all user certs are cleared),
-     * <li>when permission to access a private key is changed.
-     * </ul>
-     */
-    public static final String ACTION_STORAGE_CHANGED = "android.security.STORAGE_CHANGED";
-
     /**
      * Returns an {@code Intent} that can be used for credential
      * installation. The intent may be used without any extras, in