Info Call to Android Security API

Description

List of all API calls to the Android Keystore and Keychain API.

Recommendation

This entry is informative, no recommendations applicable.

Technical details

Method com.microsoft.aad.adal.AuthenticationActivity$CustomWebViewClient.onReceivedClientCertRequest() calling method android.security.KeyChain.choosePrivateKeyAlias()


    public void onReceivedClientCertRequest(android.webkit.WebView p10, android.webkit.ClientCertRequest p11)
    {
        com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "Webview receives client TLS request.");
        String v10_2 = p11.getPrincipals();
        if (v10_2 != null) {
            int v1 = 0;
            while (v1 < v10_2.length) {
                if (!v10_2[v1].getName().contains("CN=MS-Organization-Access")) {
                    v1++;
                } else {
                    com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "Cancelling the TLS request, not respond to TLS challenge triggered by device authentication.");
                    p11.cancel();
                    return;
                }
            }
        }
        android.security.KeyChain.choosePrivateKeyAlias(this.this$0, new com.microsoft.aad.adal.AuthenticationActivity$CustomWebViewClient$1(this, p11), p11.getKeyTypes(), p11.getPrincipals(), p11.getHost(), p11.getPort(), 0);
        return;
    }

Method com.microsoft.aad.adal.AuthenticationActivity$CustomWebViewClient$1.alias() calling method android.security.KeyChain.getCertificateChain()


    public void alias(String p4)
    {
        if (p4 != null) {
            try {
                String v0_6 = android.security.KeyChain.getCertificateChain(this.this$1.this$0.getApplicationContext(), p4);
                android.webkit.ClientCertRequest v4_1 = android.security.KeyChain.getPrivateKey(this.this$1.getCallingContext(), p4);
                com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "Certificate is chosen by user, proceed with TLS request.");
                this.val$request.proceed(v4_1, v0_6);
                return;
            } catch (android.webkit.ClientCertRequest v4_3) {
                com.microsoft.aad.adal.Logger.e("AuthenticationActivity:onReceivedClientCertRequest", "KeyChain exception", v4_3);
                this.val$request.cancel();
                return;
            } catch (android.webkit.ClientCertRequest v4_2) {
                com.microsoft.aad.adal.Logger.e("AuthenticationActivity:onReceivedClientCertRequest", "InterruptedException exception", v4_2);
                this.val$request.cancel();
                return;
            }
        } else {
            com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "No certificate chosen by user, cancelling the TLS request.");
            this.val$request.cancel();
            return;
        }
    }

Method com.microsoft.aad.adal.AuthenticationActivity$CustomWebViewClient$1.alias() calling method android.security.KeyChain.getPrivateKey()


    public void alias(String p4)
    {
        if (p4 != null) {
            try {
                String v0_6 = android.security.KeyChain.getCertificateChain(this.this$1.this$0.getApplicationContext(), p4);
                android.webkit.ClientCertRequest v4_1 = android.security.KeyChain.getPrivateKey(this.this$1.getCallingContext(), p4);
                com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "Certificate is chosen by user, proceed with TLS request.");
                this.val$request.proceed(v4_1, v0_6);
                return;
            } catch (android.webkit.ClientCertRequest v4_3) {
                com.microsoft.aad.adal.Logger.e("AuthenticationActivity:onReceivedClientCertRequest", "KeyChain exception", v4_3);
                this.val$request.cancel();
                return;
            } catch (android.webkit.ClientCertRequest v4_2) {
                com.microsoft.aad.adal.Logger.e("AuthenticationActivity:onReceivedClientCertRequest", "InterruptedException exception", v4_2);
                this.val$request.cancel();
                return;
            }
        } else {
            com.microsoft.aad.adal.Logger.v("AuthenticationActivity:onReceivedClientCertRequest", "No certificate chosen by user, cancelling the TLS request.");
            this.val$request.cancel();
            return;
        }
    }