1 /* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package libcore.net; 18 19 import static android.annotation.SystemApi.Client.MODULE_LIBRARIES; 20 21 import android.annotation.SystemApi; 22 import android.compat.annotation.UnsupportedAppUsage; 23 24 /** 25 * Network security policy for this process/application. 26 * 27 * <p>Network stacks/components are expected to honor this policy. Components which can use the 28 * Android framework API should be accessing this policy via the framework's 29 * {@code android.security.NetworkSecurityPolicy} instead of via this class. 30 * 31 * <p>The policy can be determined by the {@link #isCleartextTrafficPermitted()}, 32 * {@link #isCleartextTrafficPermitted(String)} and 33 * {@link #isCertificateTransparencyVerificationRequired(String)} methods. 34 * 35 * @hide 36 */ 37 @SystemApi(client = MODULE_LIBRARIES) 38 @libcore.api.IntraCoreApi 39 public abstract class NetworkSecurityPolicy { 40 41 private static volatile NetworkSecurityPolicy instance = new DefaultNetworkSecurityPolicy(); 42 43 /** 44 * Constructs a default {@code NetworkSecurityPolicy}. 45 * 46 * @see {@link #DefaultNetworkSecurityPolicy}. 47 * 48 * @hide 49 */ 50 @SystemApi(client = MODULE_LIBRARIES) 51 @libcore.api.IntraCoreApi NetworkSecurityPolicy()52 public NetworkSecurityPolicy() { 53 } 54 55 /** 56 * Gets current singleton {@code NetworkSecurityPolicy} instance. 57 * 58 * @return the current {@code NetworkSecurityPolicy}. 59 * 60 * @hide 61 */ 62 @SystemApi(client = MODULE_LIBRARIES) 63 @libcore.api.IntraCoreApi getInstance()64 public static NetworkSecurityPolicy getInstance() { 65 return instance; 66 } 67 68 /** 69 * Sets current singleton instance 70 * 71 * @param policy new {@code NetworlSecurityPolicy} instance. 72 * 73 * @hide 74 */ 75 @SystemApi(client = MODULE_LIBRARIES) setInstance(NetworkSecurityPolicy policy)76 public static void setInstance(NetworkSecurityPolicy policy) { 77 if (policy == null) { 78 throw new NullPointerException("policy == null"); 79 } 80 instance = policy; 81 } 82 83 /** 84 * Returns {@code true} if cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- 85 * without TLS or STARTTLS) is permitted for all network communications of this process. 86 * 87 * <p>{@link #isCleartextTrafficPermitted(String)} should be used to determine if cleartext 88 * traffic is permitted for a specific host. 89 * 90 * <p>When cleartext network traffic is not permitted, the platform's components (e.g. HTTP 91 * stacks, {@code WebView}, {@code MediaPlayer}) will refuse this process's requests to use 92 * cleartext traffic. Third-party libraries are encouraged to do the same. 93 * 94 * <p>This flag is honored on a best effort basis because it's impossible to prevent all 95 * cleartext traffic from an application given the level of access provided to applications on 96 * Android. For example, there's no expectation that {@link java.net.Socket} API will honor this 97 * flag. Luckily, most network traffic from apps is handled by higher-level network stacks which 98 * can be made to honor this flag. Platform-provided network stacks (e.g. HTTP and FTP) honor 99 * this flag from day one, and well-established third-party network stacks will eventually 100 * honor it. 101 * 102 * @return {@code true} if cleartext traffic is permitted and {@code false} otherwise. 103 * 104 * @hide 105 */ 106 @UnsupportedAppUsage 107 @SystemApi(client = MODULE_LIBRARIES) isCleartextTrafficPermitted()108 public abstract boolean isCleartextTrafficPermitted(); 109 110 /** 111 * Returns {@code true} if cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- 112 * without TLS or STARTTLS) is permitted for communicating with {@code hostname} for this 113 * process. 114 * 115 * <p>See {@link #isCleartextTrafficPermitted} for more details. 116 * 117 * @param hostname hostname to check if cleartext traffic is permitted for 118 * @return {@code true} if cleartext traffic is permitted and {@code false} otherwise 119 * 120 * @hide 121 */ 122 @SystemApi(client = MODULE_LIBRARIES) isCleartextTrafficPermitted(String hostname)123 public abstract boolean isCleartextTrafficPermitted(String hostname); 124 125 /** 126 * Returns {@code true} if Certificate Transparency information is required to be presented by 127 * the server and verified by the client in TLS connections to {@code hostname}. 128 * 129 * <p>See RFC6962 section 3.3 for more details. 130 * 131 * @param hostname hostname to check whether certificate transparency verification 132 * is required 133 * @return {@code true} if certificate transparency verification is required and 134 * {@code false} otherwise 135 * 136 * @hide 137 */ 138 @SystemApi(client = MODULE_LIBRARIES) 139 @libcore.api.IntraCoreApi isCertificateTransparencyVerificationRequired(String hostname)140 public abstract boolean isCertificateTransparencyVerificationRequired(String hostname); 141 142 /** 143 * Default network security policy that allows cleartext traffic and does not require 144 * certificate transparency verification. 145 * 146 * @hide 147 */ 148 public static final class DefaultNetworkSecurityPolicy extends NetworkSecurityPolicy { 149 @Override isCleartextTrafficPermitted()150 public boolean isCleartextTrafficPermitted() { 151 return true; 152 } 153 154 @Override isCleartextTrafficPermitted(String hostname)155 public boolean isCleartextTrafficPermitted(String hostname) { 156 return isCleartextTrafficPermitted(); 157 } 158 159 @Override isCertificateTransparencyVerificationRequired(String hostname)160 public boolean isCertificateTransparencyVerificationRequired(String hostname) { 161 return false; 162 } 163 } 164 } 165