Adds SSLCertificateVerifier to the Java API.
The native API supports setting an SSLCertificateVerifier that can be used
to provide a custom certificate verifier for incoming SSL certificates. This
change provides this functionality to the Java API so that a Java implementation
can also be provided. It is expected this will only be used in specialized
circumstances and most users will not hit this code path.
Bug: webrtc:9541
Change-Id: Id3c75b8f288333b53edc2959bac533e3ec614978
Reviewed-on: https://webrtc-review.googlesource.com/89500
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24057}diff --git a/sdk/android/api/org/webrtc/SSLCertificateVerifier.java b/sdk/android/api/org/webrtc/SSLCertificateVerifier.java
new file mode 100644
index 0000000..461cd3b
--- /dev/null
+++ b/sdk/android/api/org/webrtc/SSLCertificateVerifier.java
@@ -0,0 +1,27 @@
+/*
+ * Copyright 2018 The WebRTC project authors. All Rights Reserved.
+ *
+ * Use of this source code is governed by a BSD-style license
+ * that can be found in the LICENSE file in the root of the source
+ * tree. An additional intellectual property rights grant can be found
+ * in the file PATENTS. All contributing project authors may
+ * be found in the AUTHORS file in the root of the source tree.
+ */
+
+package org.webrtc;
+
+/**
+ * The SSLCertificateVerifier interface allows API users to provide custom
+ * logic to verify certificates.
+ */
+public interface SSLCertificateVerifier {
+ /**
+ * Implementations of verify allow applications to provide custom logic for
+ * verifying certificates. This is not required by default and should be used
+ * with care.
+ *
+ * @param certificate A byte array containing a DER encoded X509 certificate.
+ * @return True if the certificate is verified and trusted else false.
+ */
+ @CalledByNative boolean verify(byte[] certificate);
+}