1f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project/* 2f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * Licensed to the Apache Software Foundation (ASF) under one or more 3f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * contributor license agreements. See the NOTICE file distributed with 4f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * this work for additional information regarding copyright ownership. 5f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * The ASF licenses this file to You under the Apache License, Version 2.0 6f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * (the "License"); you may not use this file except in compliance with 7f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * the License. You may obtain a copy of the License at 8f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * 9f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 10f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * 11f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * Unless required by applicable law or agreed to in writing, software 12f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 13f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * See the License for the specific language governing permissions and 15f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * limitations under the License. 16f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 17f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 18f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project/** 19f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project* @author Alexander Y. Kleymenov 20f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project* @version $Revision$ 21f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project*/ 22f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 23f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectpackage org.apache.harmony.security.provider.cert; 24f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 25f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.io.IOException; 26f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.io.InputStream; 27f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.math.BigInteger; 28f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.InvalidKeyException; 29f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.NoSuchAlgorithmException; 30f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.NoSuchProviderException; 31f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.Principal; 32f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.PublicKey; 33f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.Signature; 34f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.SignatureException; 35f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.cert.CertificateEncodingException; 36f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.cert.CertificateException; 37f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.cert.CertificateExpiredException; 38f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.cert.CertificateNotYetValidException; 39f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.cert.CertificateParsingException; 40f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.cert.X509Certificate; 41f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.util.Collection; 42f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.util.Date; 43f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.util.List; 44f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.util.Set; 45f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 46f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport javax.security.auth.x500.X500Principal; 47f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 48f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport org.apache.harmony.security.internal.nls.Messages; 49f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport org.apache.harmony.security.utils.AlgNameMapper; 50f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport org.apache.harmony.security.x509.Certificate; 51f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport org.apache.harmony.security.x509.Extension; 52f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport org.apache.harmony.security.x509.Extensions; 53f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport org.apache.harmony.security.x509.TBSCertificate; 54f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 55f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project// BEGIN android-added 56f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport java.security.interfaces.RSAPublicKey; 57f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectimport org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl; 58f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project// END android-added 59f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 60f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project/** 61f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * This class is an implementation of X509Certificate. It wraps 62f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * the instance of org.apache.harmony.security.x509.Certificate 63f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * built on the base of provided ASN.1 DER encoded form of 64f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * Certificate structure (as specified in RFC 3280 65f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * http://www.ietf.org/rfc/rfc3280.txt). 66f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see org.apache.harmony.security.x509.Certificate 67f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate 68f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 69f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Projectpublic class X509CertImpl extends X509Certificate { 70f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 71f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 72f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @serial 73f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 74f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private static final long serialVersionUID = 2972248729446736154L; 75f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 76f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // the core object to be wrapped in X509Certificate 77f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private final Certificate certificate; 78f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 79f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // to speed up access to the info, the following fields 80f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // cache values retrieved from the certificate object 81f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private final TBSCertificate tbsCert; 82f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private final Extensions extensions; 83f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private long notBefore = -1; 84f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private long notAfter; 85f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private BigInteger serialNumber; 86f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private X500Principal issuer; 87f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private X500Principal subject; 88f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private byte[] tbsCertificate; 89f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private byte[] signature; 90f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private String sigAlgName; 91f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private String sigAlgOID; 92f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private byte[] sigAlgParams; 93f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // indicates whether the signature algorithm parameters are null 94f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private boolean nullSigAlgParams; 95f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private PublicKey publicKey; 96f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 97f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // encoding of the certificate 98dfd0afbcb08b871e224a28ecb4ed427a7693545cBob Lee// BEGIN android-changed 99dfd0afbcb08b871e224a28ecb4ed427a7693545cBob Lee private volatile byte[] encoding; 100dfd0afbcb08b871e224a28ecb4ed427a7693545cBob Lee// END android-changed 101f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 102f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // 103f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // ---------------------- Constructors ------------------------------- 104f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // 105f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 106f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 107f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * Constructs the instance on the base of ASN.1 encoded 108f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * form of X.509 certificate provided via stream parameter. 109f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @param in input stream containing ASN.1 encoded form of certificate. 110f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @throws CertificateException if some decoding problems occur. 111f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 112f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public X509CertImpl(InputStream in) throws CertificateException { 113f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project try { 114f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // decode the Certificate object 115f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project this.certificate = (Certificate) Certificate.ASN1.decode(in); 116f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // cache the values of TBSCertificate and Extensions 117f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project this.tbsCert = certificate.getTbsCertificate(); 118f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project this.extensions = tbsCert.getExtensions(); 119f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } catch (IOException e) { 120f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new CertificateException(e); 121f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 122f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 123f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 124f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 125f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * Constructs the instance on the base of existing Certificate object to 126f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * be wrapped. 127f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 128f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public X509CertImpl(Certificate certificate) { 129f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project this.certificate = certificate; 130f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // cache the values of TBSCertificate and Extensions 131f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project this.tbsCert = certificate.getTbsCertificate(); 132f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project this.extensions = tbsCert.getExtensions(); 133f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 134f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 135f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 136f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * Constructs the instance on the base of ASN.1 encoded 137f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * form of X.509 certificate provided via array of bytes. 138f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @param encoding byte array containing ASN.1 encoded form of certificate. 139f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @throws IOException if some decoding problems occur. 140f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 141f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public X509CertImpl(byte[] encoding) throws IOException { 142f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project this((Certificate) Certificate.ASN1.decode(encoding)); 143f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 144f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 145f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // 146f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // ----------------- Public methods implementations ------------------ 147f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // 148f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 149f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 150f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#checkValidity() 151f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 152f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 153f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public void checkValidity() throws CertificateExpiredException, 154f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project CertificateNotYetValidException { 155f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (notBefore == -1) { 156f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve and cache the value of validity period 157f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 158f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 159f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 160f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project long time = System.currentTimeMillis(); 161f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (time < notBefore) { 162f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new CertificateNotYetValidException(); 163f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 164f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (time > notAfter) { 165f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new CertificateExpiredException(); 166f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 167f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 168f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 169f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 170f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#checkValidity(Date) 171f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 172f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 173f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public void checkValidity(Date date) 174f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throws CertificateExpiredException, 175f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project CertificateNotYetValidException { 176f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (notBefore == -1) { 177f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve and cache the value of validity period 178f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 179f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 180f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 181f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project long time = date.getTime(); 182f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (time < notBefore) { 183f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // BEGIN android-changed 184f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new CertificateNotYetValidException("current time: " + date 185f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project + ", validation time: " + new Date(notBefore)); 186f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // END android-changed 187f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 188f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (time > notAfter) { 189f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // BEGIN android-changed 190f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new CertificateExpiredException("current time: " + date 191f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project + ", expiration time: " + new Date(notAfter)); 192f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // END android-changed 193f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 194f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 195f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 196f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 197f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getVersion() 198f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 199f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 200f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public int getVersion() { 201f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return tbsCert.getVersion() + 1; 202f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 203f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 204f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 205f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getSerialNumber() 206f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 207f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 208f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public BigInteger getSerialNumber() { 209f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (serialNumber == null) { 210f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project serialNumber = tbsCert.getSerialNumber(); 211f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 212f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return serialNumber; 213f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 214f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 215f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 216f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerDN() 217f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 218f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 219f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public Principal getIssuerDN() { 220f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (issuer == null) { 221f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the issuer's principal 222f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project issuer = tbsCert.getIssuer().getX500Principal(); 223f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 224f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return issuer; 225f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 226f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 227f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 228f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerX500Principal() 229f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 230f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 231f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public X500Principal getIssuerX500Principal() { 232f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (issuer == null) { 233f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the issuer's principal 234f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project issuer = tbsCert.getIssuer().getX500Principal(); 235f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 236f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return issuer; 237f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 238f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 239f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 240f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectDN() 241f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 242f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 243f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public Principal getSubjectDN() { 244f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (subject == null) { 245f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the subject's principal 246f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project subject = tbsCert.getSubject().getX500Principal(); 247f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 248f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return subject; 249f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 250f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 251f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 252f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectX500Principal() 253f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 254f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 255f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public X500Principal getSubjectX500Principal() { 256f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (subject == null) { 257f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the subject's principal 258f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project subject = tbsCert.getSubject().getX500Principal(); 259f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 260f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return subject; 261f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 262f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 263f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 264f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getNotBefore() 265f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 266f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 267f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public Date getNotBefore() { 268f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (notBefore == -1) { 269f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // the value was not retrieved from the certificate, do it: 270f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 271f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 272f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 273f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return new Date(notBefore); 274f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 275f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 276f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 277f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getNotAfter() 278f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 279f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 280f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public Date getNotAfter() { 281f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (notBefore == -1) { 282f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // the value was not retrieved from the certificate, do it: 283f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 284f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 285f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 286f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return new Date(notAfter); 287f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 288f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 289f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 290f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getTBSCertificate() 291f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 292f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 293f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public byte[] getTBSCertificate() 294f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throws CertificateEncodingException { 295f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (tbsCertificate == null) { 296f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the encoded form of the TBSCertificate structure 297f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 298f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 299f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project byte[] result = new byte[tbsCertificate.length]; 300f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project System.arraycopy(tbsCertificate, 0, result, 0, tbsCertificate.length); 301f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return result; 302f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 303f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 304f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 305f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getSignature() 306f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 307f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 308f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public byte[] getSignature() { 309f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (signature == null) { 310f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the value of the signature 311f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project signature = certificate.getSignatureValue(); 312f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 313f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project byte[] result = new byte[signature.length]; 314f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project System.arraycopy(signature, 0, result, 0, signature.length); 315f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return result; 316f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 317f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 318f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 319f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgName() 320f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 321f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 322f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public String getSigAlgName() { 323f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (sigAlgOID == null) { 324f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // if info was not retrieved (and cached), do it: 325f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project sigAlgOID = tbsCert.getSignature().getAlgorithm(); 326f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the name of the signing algorithm 327f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project sigAlgName = AlgNameMapper.map2AlgName(sigAlgOID); 328f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (sigAlgName == null) { 329f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // if could not be found, use OID as a name 330f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project sigAlgName = sigAlgOID; 331f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 332f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 333f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return sigAlgName; 334f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 335f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 336f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 337f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgOID() 338f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 339f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 340f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public String getSigAlgOID() { 341f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (sigAlgOID == null) { 342f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // if info was not retrieved (and cached), do it: 343f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project sigAlgOID = tbsCert.getSignature().getAlgorithm(); 344f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the name of the signing algorithm 345f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project sigAlgName = AlgNameMapper.map2AlgName(sigAlgOID); 346f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (sigAlgName == null) { 347f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // if could not be found, use OID as a name 348f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project sigAlgName = sigAlgOID; 349f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 350f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 351f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return sigAlgOID; 352f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 353f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 354f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 355f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgParams() 356f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 357f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 358f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public byte[] getSigAlgParams() { 359f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (nullSigAlgParams) { 360f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return null; 361f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 362f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (sigAlgParams == null) { 363f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project sigAlgParams = tbsCert.getSignature().getParameters(); 364f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (sigAlgParams == null) { 365f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project nullSigAlgParams = true; 366f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return null; 367f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 368f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 369f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return sigAlgParams; 370f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 371f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 372f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 373f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerUniqueID() 374f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 375f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 376f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public boolean[] getIssuerUniqueID() { 377f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return tbsCert.getIssuerUniqueID(); 378f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 379f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 380f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 381f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectUniqueID() 382f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 383f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 384f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public boolean[] getSubjectUniqueID() { 385f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return tbsCert.getSubjectUniqueID(); 386f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 387f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 388f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 389f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getKeyUsage() 390f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 391f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 392f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public boolean[] getKeyUsage() { 393f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (extensions == null) { 394f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return null; 395f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 396f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return extensions.valueOfKeyUsage(); 397f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 398f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 399f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 400f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getExtendedKeyUsage() 401f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 402f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 403f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public List/*<String>*/ getExtendedKeyUsage() 404f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throws CertificateParsingException { 405f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (extensions == null) { 406f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return null; 407f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 408f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project try { 409f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return extensions.valueOfExtendedKeyUsage(); 410f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } catch (IOException e) { 411f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new CertificateParsingException(e); 412f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 413f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 414f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 415f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 416f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getBasicConstraints() 417f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 418f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 419f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public int getBasicConstraints() { 420f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (extensions == null) { 421f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return Integer.MAX_VALUE; 422f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 423f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return extensions.valueOfBasicConstrains(); 424f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 425f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 426f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 427f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectAlternativeNames() 428f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 429f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 430f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public Collection/*<List<?>>*/ getSubjectAlternativeNames() 431f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throws CertificateParsingException { 432f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (extensions == null) { 433f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return null; 434f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 435f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project try { 436f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // Retrieve the extension value from the cached extensions object 437f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // This extension is not checked for correctness during 438f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // certificate generation, so now it can throw exception 439f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return extensions.valueOfSubjectAlternativeName(); 440f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } catch (IOException e) { 441f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new CertificateParsingException(e); 442f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 443f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 444f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 445f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 446f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerAlternativeNames() 447f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 448f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 449f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public Collection/*FIXME <List<?>>*/ getIssuerAlternativeNames() 450f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throws CertificateParsingException { 451f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (extensions == null) { 452f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return null; 453f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 454f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project try { 455f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // Retrieve the extension value from the cached extensions object 456f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // This extension is not checked for correctness during 457f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // certificate generation, so now it can throw exception 458f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return extensions.valueOfIssuerAlternativeName(); 459f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } catch (IOException e) { 460f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new CertificateParsingException(e); 461f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 462f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 463f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 464f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // 465f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // ----- java.security.cert.Certificate methods implementations ------ 466f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // 467f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 468f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 469f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.Certificate#getEncoded() 470f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 471f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 472f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public byte[] getEncoded() throws CertificateEncodingException { 473f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (encoding == null) { 474f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project encoding = certificate.getEncoded(); 475f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 476f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project byte[] result = new byte[encoding.length]; 477f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project System.arraycopy(encoding, 0, result, 0, encoding.length); 478f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return result; 479f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 480f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 481f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 482f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.Certificate#getPublicKey() 483f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 484f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 485f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public PublicKey getPublicKey() { 486f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (publicKey == null) { 487f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the public key from SubjectPublicKeyInfo 488f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // substructure of X.509 certificate 489f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project publicKey = tbsCert.getSubjectPublicKeyInfo().getPublicKey(); 490f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 491f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return publicKey; 492f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 493f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 494f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 495f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.Certificate#toString() 496f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 497f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 498f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public String toString() { 499f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return certificate.toString(); 500f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 501f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 502f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 503f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * Verifies the signature of the certificate. 504f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.Certificate#verify(PublicKey) 505f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 506f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 507f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public void verify(PublicKey key) 508f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throws CertificateException, NoSuchAlgorithmException, 509f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project InvalidKeyException, NoSuchProviderException, 510f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project SignatureException { 511f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 512f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // BEGIN android-added 513f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (getSigAlgName().endsWith("withRSA")) { 514f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project fastVerify(key); 515f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return; 516f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 517f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // END android-added 518f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 519f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project Signature signature = Signature.getInstance(getSigAlgName()); 520f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project signature.initVerify(key); 521f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the encoding of the TBSCertificate structure 522f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (tbsCertificate == null) { 523f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 524f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 525f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // compute and verify the signature 526f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project signature.update(tbsCertificate, 0, tbsCertificate.length); 527f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (!signature.verify(certificate.getSignatureValue())) { 528f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new SignatureException(Messages.getString("security.15C")); //$NON-NLS-1$ 529f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 530f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 531f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 532f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 533f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * Verifies the signature of the certificate. 534f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.Certificate#verify(PublicKey,String) 535f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 536f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 537f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public void verify(PublicKey key, String sigProvider) 538f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throws CertificateException, NoSuchAlgorithmException, 539f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project InvalidKeyException, NoSuchProviderException, 540f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project SignatureException { 541f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 542f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // BEGIN android-added 543f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (getSigAlgName().endsWith("withRSA")) { 544f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project fastVerify(key); 545f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return; 546f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 547f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // END android-added 548f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 549f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project Signature signature = 550f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project Signature.getInstance(getSigAlgName(), sigProvider); 551f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project signature.initVerify(key); 552f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the encoding of the TBSCertificate structure 553f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (tbsCertificate == null) { 554f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 555f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 556f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // compute and verify the signature 557f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project signature.update(tbsCertificate, 0, tbsCertificate.length); 558f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (!signature.verify(certificate.getSignatureValue())) { 559f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new SignatureException(Messages.getString("security.15C")); //$NON-NLS-1$ 560f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 561f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 562f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 563f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // BEGIN android-added 564f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 565f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * Implements a faster RSA verification method that delegates to OpenSSL 566f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * native code. In all other aspects it behaves just like the ordinary 567f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * {@link verify} method. 568f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * 569f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @param key The RSA public key to use 570f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * 571f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @throws SignatureException If the verification fails. 572f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @throws InvalidKeyException 573f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 574f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project private void fastVerify(PublicKey key) throws SignatureException, 5752932648271e72bad181b293e1fa5945265c7dbedUrs Grob InvalidKeyException, NoSuchAlgorithmException { 576f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (!(key instanceof RSAPublicKey)) { 577f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new InvalidKeyException(Messages.getString("security.15C1")); 578f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 579f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project RSAPublicKey rsaKey = (RSAPublicKey) key; 580f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 581f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project String algorithm = getSigAlgName(); 5822932648271e72bad181b293e1fa5945265c7dbedUrs Grob 5832932648271e72bad181b293e1fa5945265c7dbedUrs Grob // We don't support MD2 anymore. This needs to also check for aliases 5842932648271e72bad181b293e1fa5945265c7dbedUrs Grob // and OIDs. 5852932648271e72bad181b293e1fa5945265c7dbedUrs Grob if ("MD2withRSA".equalsIgnoreCase(algorithm) || 5862932648271e72bad181b293e1fa5945265c7dbedUrs Grob "MD2withRSAEncryption".equalsIgnoreCase(algorithm) || 5872932648271e72bad181b293e1fa5945265c7dbedUrs Grob "1.2.840.113549.1.1.2".equalsIgnoreCase(algorithm) || 5882932648271e72bad181b293e1fa5945265c7dbedUrs Grob "MD2/RSA".equalsIgnoreCase(algorithm)) { 5892932648271e72bad181b293e1fa5945265c7dbedUrs Grob throw new NoSuchAlgorithmException(algorithm); 5902932648271e72bad181b293e1fa5945265c7dbedUrs Grob } 5912932648271e72bad181b293e1fa5945265c7dbedUrs Grob 592f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project int i = algorithm.indexOf("with"); 593f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project algorithm = algorithm.substring(i + 4) + "-" + algorithm.substring(0, i); 594f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 595f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (tbsCertificate == null) { 596f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 597f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 598f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 599f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project byte[] sig = certificate.getSignatureValue(); 600f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (!OpenSSLSocketImpl.verifySignature(tbsCertificate, sig, algorithm, rsaKey)) { 601f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project throw new SignatureException(Messages.getString("security.15C")); //$NON-NLS-1$ 602f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 603f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 604f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // END android-added 605f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 606f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // 607f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // ----- java.security.cert.X509Extension methods implementations ---- 608f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // 609f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 610f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 611f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Extension#getNonCriticalExtensionOIDs() 612f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 613f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 614f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public Set getNonCriticalExtensionOIDs() { 615f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (extensions == null) { 616f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return null; 617f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 618f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the info from the cached extensions object 619f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return extensions.getNonCriticalExtensions(); 620f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 621f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 622f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 623f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Extension#getCriticalExtensionOIDs() 624f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 625f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 626f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public Set getCriticalExtensionOIDs() { 627f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (extensions == null) { 628f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return null; 629f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 630f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the info from the cached extensions object 631f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return extensions.getCriticalExtensions(); 632f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 633f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 634f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 635f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Extension#getExtensionValue(String) 636f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 637f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 638f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public byte[] getExtensionValue(String oid) { 639f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (extensions == null) { 640f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return null; 641f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 642f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the info from the cached extensions object 643f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project Extension ext = extensions.getExtensionByOID(oid); 644f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return (ext == null) ? null : ext.getRawExtnValue(); 645f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 646f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 647f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project /** 648f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * @see java.security.cert.X509Extension#hasUnsupportedCriticalExtension() 649f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project * method documentation for more information. 650f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project */ 651f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project public boolean hasUnsupportedCriticalExtension() { 652f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project if (extensions == null) { 653f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return false; 654f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 655f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project // retrieve the info from the cached extensions object 656f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project return extensions.hasUnsupportedCritical(); 657f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project } 658f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 659f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project} 660f6c387128427e121477c1b32ad35cdcaa5101ba3The Android Open Source Project 661