diff options
| author | Chad Brubaker <cbrubaker@google.com> | 2016-04-26 10:03:05 -0700 |
|---|---|---|
| committer | Chad Brubaker <cbrubaker@google.com> | 2016-08-02 07:57:01 -0700 |
| commit | 88e73140702b45b792f91edddfe41ca3e9310c04 (patch) | |
| tree | 29ff04f524142ce78dfa540672013e706c6f054f | |
| parent | 7d524b17a71fae405aabbc1dd58919af8df3ad74 (diff) | |
Expose CT enforcement through NetworkSecurityPolicy
Bug: 28746284
Change-Id: I8b7f567554ea2ceec012b75220ab5487d347b565
| -rw-r--r-- | luni/src/main/java/libcore/net/NetworkSecurityPolicy.java | 13 | ||||
| -rw-r--r-- | luni/src/test/java/libcore/net/NetworkSecurityPolicyTest.java | 5 |
2 files changed, 18 insertions, 0 deletions
diff --git a/luni/src/main/java/libcore/net/NetworkSecurityPolicy.java b/luni/src/main/java/libcore/net/NetworkSecurityPolicy.java index 56b1b6a87b..d9c87a4176 100644 --- a/luni/src/main/java/libcore/net/NetworkSecurityPolicy.java +++ b/luni/src/main/java/libcore/net/NetworkSecurityPolicy.java @@ -71,6 +71,14 @@ public abstract class NetworkSecurityPolicy { */ public abstract boolean isCleartextTrafficPermitted(String hostname); + /** + * Returns {@code true} if Certificate Transparency information is required to be presented by + * the server and verified by the client in TLS connections to {@code hostname}. + * + * <p>See RFC6962 section 3.3 for more details. + */ + public abstract boolean isCertificateTransparencyVerificationRequired(String hostname); + public static final class DefaultNetworkSecurityPolicy extends NetworkSecurityPolicy { @Override public boolean isCleartextTrafficPermitted() { @@ -81,5 +89,10 @@ public abstract class NetworkSecurityPolicy { public boolean isCleartextTrafficPermitted(String hostname) { return isCleartextTrafficPermitted(); } + + @Override + public boolean isCertificateTransparencyVerificationRequired(String hostname) { + return false; + } } } diff --git a/luni/src/test/java/libcore/net/NetworkSecurityPolicyTest.java b/luni/src/test/java/libcore/net/NetworkSecurityPolicyTest.java index 7a57ac19d7..fc312fc033 100644 --- a/luni/src/test/java/libcore/net/NetworkSecurityPolicyTest.java +++ b/luni/src/test/java/libcore/net/NetworkSecurityPolicyTest.java @@ -359,5 +359,10 @@ public class NetworkSecurityPolicyTest extends TestCase { return isCleartextTrafficPermitted(); } + + @Override + public boolean isCertificateTransparencyVerificationRequired(String hostname) { + return false; + } } } |