Info Call to Android Security API

Description

List of all API calls to the Android Keystore and Keychain API.

Recommendation

This entry is informative, no recommendations applicable.

Technical details

Method com.microsoft.aad.adal.AuthenticationActivity$CustomWebViewClient.onReceivedClientCertRequest() calling method android.security.KeyChain.choosePrivateKeyAlias()


    public void onReceivedClientCertRequest(android.webkit.WebView p12, android.webkit.ClientCertRequest p13)
    {
        com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "Webview receives client TLS request.");
        java.security.Principal[] v1_1 = p13.getPrincipals();
        if (v1_1 != null) {
            int v3_0 = 0;
            while (v3_0 < v1_1.length) {
                if (!v1_1[v3_0].getName().contains("CN=MS-Organization-Access")) {
                    v3_0++;
                } else {
                    com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "Cancelling the TLS request, not respond to TLS challenge triggered by device authentication.");
                    p13.cancel();
                    return;
                }
            }
        }
        android.security.KeyChain.choosePrivateKeyAlias(this.this$0, new com.microsoft.aad.adal.AuthenticationActivity$CustomWebViewClient$1(this, p13), p13.getKeyTypes(), p13.getPrincipals(), p13.getHost(), p13.getPort(), 0);
        return;
    }

Method com.microsoft.aad.adal.AuthenticationActivity$CustomWebViewClient$1.alias() calling method android.security.KeyChain.getCertificateChain()


    public void alias(String p5)
    {
        if (p5 != null) {
            try {
                android.webkit.ClientCertRequest v0_8 = android.security.KeyChain.getCertificateChain(this.this$1.this$0.getApplicationContext(), p5);
                String v1_0 = android.security.KeyChain.getPrivateKey(this.this$1.getCallingContext(), p5);
                com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "Certificate is chosen by user, proceed with TLS request.");
                this.val$request.proceed(v1_0, v0_8);
                return;
            } catch (android.webkit.ClientCertRequest v0_3) {
                com.microsoft.aad.adal.Logger.e("AuthenticationActivity:onReceivedClientCertRequest", "KeyChain exception", v0_3);
                this.val$request.cancel();
                return;
            } catch (android.webkit.ClientCertRequest v0_1) {
                com.microsoft.aad.adal.Logger.e("AuthenticationActivity:onReceivedClientCertRequest", "InterruptedException exception", v0_1);
                this.val$request.cancel();
                return;
            }
        } else {
            com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "No certificate chosen by user, cancelling the TLS request.");
            this.val$request.cancel();
            return;
        }
    }

Method com.microsoft.aad.adal.AuthenticationActivity$CustomWebViewClient$1.alias() calling method android.security.KeyChain.getPrivateKey()


    public void alias(String p5)
    {
        if (p5 != null) {
            try {
                android.webkit.ClientCertRequest v0_8 = android.security.KeyChain.getCertificateChain(this.this$1.this$0.getApplicationContext(), p5);
                String v1_0 = android.security.KeyChain.getPrivateKey(this.this$1.getCallingContext(), p5);
                com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "Certificate is chosen by user, proceed with TLS request.");
                this.val$request.proceed(v1_0, v0_8);
                return;
            } catch (android.webkit.ClientCertRequest v0_3) {
                com.microsoft.aad.adal.Logger.e("AuthenticationActivity:onReceivedClientCertRequest", "KeyChain exception", v0_3);
                this.val$request.cancel();
                return;
            } catch (android.webkit.ClientCertRequest v0_1) {
                com.microsoft.aad.adal.Logger.e("AuthenticationActivity:onReceivedClientCertRequest", "InterruptedException exception", v0_1);
                this.val$request.cancel();
                return;
            }
        } else {
            com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "No certificate chosen by user, cancelling the TLS request.");
            this.val$request.cancel();
            return;
        }
    }