1 /** 2 * Copyright (c) 2015, The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security; 18 19 import android.annotation.FlaggedApi; 20 import android.annotation.NonNull; 21 import android.content.Context; 22 import android.content.pm.PackageManager; 23 import android.security.net.config.ApplicationConfig; 24 import android.security.net.config.ManifestConfigSource; 25 26 /** 27 * Network security policy. 28 * 29 * <p>Network stacks/components should honor this policy to make it possible to centrally control 30 * the relevant aspects of network security behavior. 31 */ 32 public class NetworkSecurityPolicy { 33 34 private static final NetworkSecurityPolicy INSTANCE = new NetworkSecurityPolicy(); 35 NetworkSecurityPolicy()36 private NetworkSecurityPolicy() {} 37 38 /** 39 * Gets the policy for this process. 40 * 41 * <p>It's fine to cache this reference. Any changes to the policy will be immediately visible 42 * through the reference. 43 */ getInstance()44 public static NetworkSecurityPolicy getInstance() { 45 return INSTANCE; 46 } 47 48 /** 49 * Returns whether cleartext network traffic (e.g. HTTP, FTP, WebSockets, XMPP, IMAP, SMTP -- 50 * without TLS or STARTTLS) is permitted for all network communication from this process. 51 * 52 * <p>When cleartext network traffic is not permitted, the platform's components (e.g. HTTP and 53 * FTP stacks, {@link android.app.DownloadManager}, {@link android.media.MediaPlayer}) will 54 * refuse this process's requests to use cleartext traffic. Third-party libraries are strongly 55 * encouraged to honor this setting as well. 56 * 57 * <p>This flag is honored on a best effort basis because it's impossible to prevent all 58 * cleartext traffic from Android applications given the level of access provided to them. For 59 * example, there's no expectation that the {@link java.net.Socket} API will honor this flag 60 * because it cannot determine whether its traffic is in cleartext. However, most network 61 * traffic from applications is handled by higher-level network stacks/components which can 62 * honor this aspect of the policy. 63 * 64 * <p>NOTE: {@link android.webkit.WebView} honors this flag for applications targeting API level 65 * 26 and up. 66 */ isCleartextTrafficPermitted()67 public boolean isCleartextTrafficPermitted() { 68 return libcore.net.NetworkSecurityPolicy.getInstance().isCleartextTrafficPermitted(); 69 } 70 71 /** 72 * Returns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without 73 * TLS or STARTTLS) is permitted for communicating with {@code hostname} for this process. 74 * 75 * @see #isCleartextTrafficPermitted() 76 */ isCleartextTrafficPermitted(String hostname)77 public boolean isCleartextTrafficPermitted(String hostname) { 78 return libcore.net.NetworkSecurityPolicy.getInstance() 79 .isCleartextTrafficPermitted(hostname); 80 } 81 82 /** 83 * Sets whether cleartext network traffic is permitted for this process. 84 * 85 * <p>This method is used by the platform early on in the application's initialization to set 86 * the policy. 87 * 88 * @hide 89 */ setCleartextTrafficPermitted(boolean permitted)90 public void setCleartextTrafficPermitted(boolean permitted) { 91 FrameworkNetworkSecurityPolicy policy = new FrameworkNetworkSecurityPolicy(permitted); 92 libcore.net.NetworkSecurityPolicy.setInstance(policy); 93 } 94 95 /** 96 * Returns {@code true} if Certificate Transparency information is required to be verified by 97 * the client in TLS connections to {@code hostname}. 98 * 99 * <p>See RFC6962 section 3.3 for more details. 100 * 101 * @param hostname hostname to check whether certificate transparency verification is required 102 * @return {@code true} if certificate transparency verification is required and {@code false} 103 * otherwise 104 */ 105 @FlaggedApi(Flags.FLAG_CERTIFICATE_TRANSPARENCY_CONFIGURATION) isCertificateTransparencyVerificationRequired(@onNull String hostname)106 public boolean isCertificateTransparencyVerificationRequired(@NonNull String hostname) { 107 return libcore.net.NetworkSecurityPolicy.getInstance() 108 .isCertificateTransparencyVerificationRequired(hostname); 109 } 110 111 /** 112 * Handle an update to the system or user certificate stores. 113 * @hide 114 */ handleTrustStorageUpdate()115 public void handleTrustStorageUpdate() { 116 ApplicationConfig config = ApplicationConfig.getDefaultInstance(); 117 if (config != null) { 118 config.handleTrustStorageUpdate(); 119 } 120 } 121 122 /** 123 * Returns an {@link ApplicationConfig} based on the configuration for {@code packageName}. 124 * 125 * @hide 126 */ getApplicationConfigForPackage(Context context, String packageName)127 public static ApplicationConfig getApplicationConfigForPackage(Context context, 128 String packageName) throws PackageManager.NameNotFoundException { 129 Context appContext = context.createPackageContext(packageName, 0); 130 ManifestConfigSource source = new ManifestConfigSource(appContext); 131 return new ApplicationConfig(source); 132 } 133 } 134