All geek questions in one place

Android Control WebView onReceivedClientCertRequest

I am developing an Android application using client certificate authentication in WebView. The certificate (cert.pfx) and password are built into the application.

When executing a client certificate authentication request using an ajax call, the following function is called in WebView:

@Override public void onReceivedClientCertRequest(WebView view, final ClientCertRequest request) {}

As I understand it, I need to call:

 request.proceed(PrivateKey privateKey, X509Certificate[] chain)

Any idea of ​​creating PrivateKey and X509Certificate objects from a built-in certificate to continue the request. By the way, is this the right way to implement client certificate authentication in an Android app? if not, please advice.

+5
source share
1 answer

Solved it using KeyStore to get PrivateKey and X509Certificate objects:

  private X509Certificate[] mCertificates; private PrivateKey mPrivateKey; private void loadCertificateAndPrivateKey() { try { InputStream certificateFileStream = getClass().getResourceAsStream("/assets/cert.pfx"); KeyStore keyStore = KeyStore.getInstance("PKCS12"); String password = "password"; keyStore.load(certificateFileStream, password != null ? password.toCharArray() : null); Enumeration<String> aliases = keyStore.aliases(); String alias = aliases.nextElement(); Key key = keyStore.getKey(alias, password.toCharArray()); if (key instanceof PrivateKey) { mPrivateKey = (PrivateKey)key; Certificate cert = keyStore.getCertificate(alias); mCertificates = new X509Certificate[1]; mCertificates[0] = (X509Certificate)cert; } certificateFileStream.close(); } catch (Exception e) { Log.e(TAG, e.getMessage()); } } private WebViewClient mWebViewClient = new WebViewClient() { @Override public boolean shouldOverrideUrlLoading(WebView view, String url) { view.loadUrl(url); return false; } @Override public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { handler.proceed(); } @Override public void onReceivedClientCertRequest(WebView view, final ClientCertRequest request) { if (mCertificates == null || mPrivateKey == null) { loadCertificateAndPrivateKey(); } request.proceed(mPrivateKey, mCertificates); } };
+8
source

Source: https://habr.com/ru/post/1242015/

More articles:


All Articles