X509CertImpl.java revision 897538a36c18f4db8f9f68ee566aec0bda842e9f
1adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/* 2adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Licensed to the Apache Software Foundation (ASF) under one or more 3adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * contributor license agreements. See the NOTICE file distributed with 4adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * this work for additional information regarding copyright ownership. 5adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASF licenses this file to You under the Apache License, Version 2.0 6adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * (the "License"); you may not use this file except in compliance with 7adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the License. You may obtain a copy of the License at 8adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 9adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 10adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 11adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Unless required by applicable law or agreed to in writing, software 12adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 13adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * See the License for the specific language governing permissions and 15adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * limitations under the License. 16adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 17adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 18adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 19adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project* @author Alexander Y. Kleymenov 20adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project* @version $Revision$ 21adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project*/ 22adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 23adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpackage org.apache.harmony.security.provider.cert; 24adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 25adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.IOException; 26adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.InputStream; 27adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.math.BigInteger; 28adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.InvalidKeyException; 29adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.NoSuchAlgorithmException; 30adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.NoSuchProviderException; 31adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.Principal; 32adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.PublicKey; 33adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.Signature; 34adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.SignatureException; 35adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateEncodingException; 36adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateException; 37adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateExpiredException; 38adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateNotYetValidException; 39adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateParsingException; 40adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.X509Certificate; 41adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Collection; 42adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Date; 43adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.List; 44adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Set; 45adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 46adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.security.auth.x500.X500Principal; 47adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 48adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.utils.AlgNameMapper; 49adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.Certificate; 50adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.Extension; 51adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.Extensions; 52adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.TBSCertificate; 53adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 54adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project// BEGIN android-added 55adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.interfaces.RSAPublicKey; 563e24c53ecc31b840e51869c295785d5a2f8b31ebBrian Carlstromimport org.apache.harmony.xnet.provider.jsse.NativeCrypto; 57adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project// END android-added 58adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 59adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 60adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This class is an implementation of X509Certificate. It wraps 61adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the instance of org.apache.harmony.security.x509.Certificate 62adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * built on the base of provided ASN.1 DER encoded form of 63adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Certificate structure (as specified in RFC 3280 64adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.ietf.org/rfc/rfc3280.txt). 65adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see org.apache.harmony.security.x509.Certificate 66adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate 67adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 68adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpublic class X509CertImpl extends X509Certificate { 69adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 70adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 71adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @serial 72adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 73adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private static final long serialVersionUID = 2972248729446736154L; 74adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 75adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // the core object to be wrapped in X509Certificate 76adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private final Certificate certificate; 77adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 78adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // to speed up access to the info, the following fields 79adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // cache values retrieved from the certificate object 80adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private final TBSCertificate tbsCert; 81adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private final Extensions extensions; 82adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private long notBefore = -1; 83adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private long notAfter; 84adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private BigInteger serialNumber; 85adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private X500Principal issuer; 86adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private X500Principal subject; 87adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private byte[] tbsCertificate; 88adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private byte[] signature; 89adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private String sigAlgName; 90adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private String sigAlgOID; 91adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private byte[] sigAlgParams; 92adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // indicates whether the signature algorithm parameters are null 93adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private boolean nullSigAlgParams; 94adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private PublicKey publicKey; 95adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 96adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // encoding of the certificate 975bd2429e5d62e7885c717bda72e789f2649837beBob Lee// BEGIN android-changed 985bd2429e5d62e7885c717bda72e789f2649837beBob Lee private volatile byte[] encoding; 995bd2429e5d62e7885c717bda72e789f2649837beBob Lee// END android-changed 100adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 101adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 102adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ---------------------- Constructors ------------------------------- 103adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 104adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 105adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 106adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Constructs the instance on the base of ASN.1 encoded 107adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * form of X.509 certificate provided via stream parameter. 108adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param in input stream containing ASN.1 encoded form of certificate. 109adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateException if some decoding problems occur. 110adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 111adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X509CertImpl(InputStream in) throws CertificateException { 112adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 113adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // decode the Certificate object 114adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.certificate = (Certificate) Certificate.ASN1.decode(in); 115adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // cache the values of TBSCertificate and Extensions 116adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.tbsCert = certificate.getTbsCertificate(); 117adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.extensions = tbsCert.getExtensions(); 118adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 119adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateException(e); 120adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 121adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 122adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 123adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 124adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Constructs the instance on the base of existing Certificate object to 125adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * be wrapped. 126adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 127adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X509CertImpl(Certificate certificate) { 128adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.certificate = certificate; 129adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // cache the values of TBSCertificate and Extensions 130adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.tbsCert = certificate.getTbsCertificate(); 131adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.extensions = tbsCert.getExtensions(); 132adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 133adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 134adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 135adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Constructs the instance on the base of ASN.1 encoded 136adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * form of X.509 certificate provided via array of bytes. 137adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param encoding byte array containing ASN.1 encoded form of certificate. 138adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException if some decoding problems occur. 139adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 140adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X509CertImpl(byte[] encoding) throws IOException { 141adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this((Certificate) Certificate.ASN1.decode(encoding)); 142adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 143adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 144adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 145adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ----------------- Public methods implementations ------------------ 146adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 147adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 148adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 149adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#checkValidity() 150adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 151adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 152adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void checkValidity() throws CertificateExpiredException, 153adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project CertificateNotYetValidException { 154adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 155adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve and cache the value of validity period 156adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 157adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 158adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 159adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project long time = System.currentTimeMillis(); 160adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time < notBefore) { 161adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateNotYetValidException(); 162adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 163adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time > notAfter) { 164adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateExpiredException(); 165adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 166adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 167adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 168adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 169adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#checkValidity(Date) 170adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 171adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 172adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void checkValidity(Date date) 173adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateExpiredException, 174adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project CertificateNotYetValidException { 175adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 176adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve and cache the value of validity period 177adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 178adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 179adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 180adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project long time = date.getTime(); 181adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time < notBefore) { 182adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-changed 183adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateNotYetValidException("current time: " + date 184adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + ", validation time: " + new Date(notBefore)); 185adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-changed 186adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 187adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time > notAfter) { 188adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-changed 189adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateExpiredException("current time: " + date 190adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + ", expiration time: " + new Date(notAfter)); 191adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-changed 192adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 193adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 194adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 195adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 196adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getVersion() 197adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 198adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 199adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public int getVersion() { 200adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return tbsCert.getVersion() + 1; 201adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 202adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 203adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 204adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSerialNumber() 205adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 206adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 207adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public BigInteger getSerialNumber() { 208adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (serialNumber == null) { 209adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project serialNumber = tbsCert.getSerialNumber(); 210adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 211adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return serialNumber; 212adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 213adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 214adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 215adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerDN() 216adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 217adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 218adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Principal getIssuerDN() { 219adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (issuer == null) { 220adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the issuer's principal 221adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project issuer = tbsCert.getIssuer().getX500Principal(); 222adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 223adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return issuer; 224adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 225adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 226adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 227adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerX500Principal() 228adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 229adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 230adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X500Principal getIssuerX500Principal() { 231adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (issuer == null) { 232adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the issuer's principal 233adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project issuer = tbsCert.getIssuer().getX500Principal(); 234adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 235adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return issuer; 236adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 237adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 238adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 239adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectDN() 240adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 241adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 242adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Principal getSubjectDN() { 243adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (subject == null) { 244adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the subject's principal 245adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project subject = tbsCert.getSubject().getX500Principal(); 246adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 247adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return subject; 248adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 249adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 250adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 251adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectX500Principal() 252adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 253adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 254adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X500Principal getSubjectX500Principal() { 255adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (subject == null) { 256adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the subject's principal 257adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project subject = tbsCert.getSubject().getX500Principal(); 258adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 259adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return subject; 260adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 261adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 262adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 263adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getNotBefore() 264adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 265adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 266adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Date getNotBefore() { 267adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 268adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // the value was not retrieved from the certificate, do it: 269adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 270adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 271adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 272adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return new Date(notBefore); 273adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 274adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 275adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 276adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getNotAfter() 277adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 278adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 279adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Date getNotAfter() { 280adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 281adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // the value was not retrieved from the certificate, do it: 282adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 283adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 284adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 285adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return new Date(notAfter); 286adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 287adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 288adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 289adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getTBSCertificate() 290adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 291adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 292adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getTBSCertificate() 293adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateEncodingException { 294adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 295adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the encoded form of the TBSCertificate structure 296adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 297adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 298adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] result = new byte[tbsCertificate.length]; 299adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project System.arraycopy(tbsCertificate, 0, result, 0, tbsCertificate.length); 300adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return result; 301adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 302adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 303adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 304adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSignature() 305adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 306adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 307adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getSignature() { 308adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (signature == null) { 309adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the value of the signature 310adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature = certificate.getSignatureValue(); 311adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 312adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] result = new byte[signature.length]; 313adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project System.arraycopy(signature, 0, result, 0, signature.length); 314adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return result; 315adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 316adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 317adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 318adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgName() 319adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 320adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 321adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String getSigAlgName() { 322adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgOID == null) { 323adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if info was not retrieved (and cached), do it: 324adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgOID = tbsCert.getSignature().getAlgorithm(); 325adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the name of the signing algorithm 326adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = AlgNameMapper.map2AlgName(sigAlgOID); 327adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgName == null) { 328adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if could not be found, use OID as a name 329adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = sigAlgOID; 330adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 331adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 332adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return sigAlgName; 333adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 334adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 335adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 336adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgOID() 337adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 338adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 339adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String getSigAlgOID() { 340adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgOID == null) { 341adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if info was not retrieved (and cached), do it: 342adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgOID = tbsCert.getSignature().getAlgorithm(); 343adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the name of the signing algorithm 344adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = AlgNameMapper.map2AlgName(sigAlgOID); 345adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgName == null) { 346adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if could not be found, use OID as a name 347adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = sigAlgOID; 348adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 349adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 350adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return sigAlgOID; 351adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 352adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 353adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 354adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgParams() 355adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 356adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 357adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getSigAlgParams() { 358adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (nullSigAlgParams) { 359adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 360adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 361adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgParams == null) { 362adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgParams = tbsCert.getSignature().getParameters(); 363adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgParams == null) { 364adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project nullSigAlgParams = true; 365adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 366adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 367adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 368adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return sigAlgParams; 369adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 370adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 371adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 372adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerUniqueID() 373adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 374adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 375adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean[] getIssuerUniqueID() { 376adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return tbsCert.getIssuerUniqueID(); 377adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 378adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 379adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 380adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectUniqueID() 381adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 382adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 383adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean[] getSubjectUniqueID() { 384adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return tbsCert.getSubjectUniqueID(); 385adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 386adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 387adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 388adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getKeyUsage() 389adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 390adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 391adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean[] getKeyUsage() { 392adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 393adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 394adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 395adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfKeyUsage(); 396adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 397adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 398adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 399adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getExtendedKeyUsage() 400adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 401adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 402adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public List/*<String>*/ getExtendedKeyUsage() 403adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateParsingException { 404adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 405adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 406adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 407adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 408adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfExtendedKeyUsage(); 409adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 410adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateParsingException(e); 411adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 412adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 413adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 414adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 415adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getBasicConstraints() 416adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 417adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 418adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public int getBasicConstraints() { 419adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 420adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return Integer.MAX_VALUE; 421adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 422adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfBasicConstrains(); 423adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 424adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 425adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 426adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectAlternativeNames() 427adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 428adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 429adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Collection/*<List<?>>*/ getSubjectAlternativeNames() 430adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateParsingException { 431adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 432adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 433adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 434adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 435adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // Retrieve the extension value from the cached extensions object 436adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // This extension is not checked for correctness during 437adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // certificate generation, so now it can throw exception 438adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfSubjectAlternativeName(); 439adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 440adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateParsingException(e); 441adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 442adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 443adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 444adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 445adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerAlternativeNames() 446adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 447adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 448adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Collection/*FIXME <List<?>>*/ getIssuerAlternativeNames() 449adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateParsingException { 450adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 451adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 452adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 453adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 454adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // Retrieve the extension value from the cached extensions object 455adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // This extension is not checked for correctness during 456adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // certificate generation, so now it can throw exception 457adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfIssuerAlternativeName(); 458adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 459adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateParsingException(e); 460adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 461adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 462adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 463adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 464adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ----- java.security.cert.Certificate methods implementations ------ 465adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 466adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 467adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 468adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#getEncoded() 469adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 470adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 471adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getEncoded() throws CertificateEncodingException { 472adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (encoding == null) { 473adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project encoding = certificate.getEncoded(); 474adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 475adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] result = new byte[encoding.length]; 476adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project System.arraycopy(encoding, 0, result, 0, encoding.length); 477adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return result; 478adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 479adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 480adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 481adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#getPublicKey() 482adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 483adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 484adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public PublicKey getPublicKey() { 485adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (publicKey == null) { 486adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the public key from SubjectPublicKeyInfo 487adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // substructure of X.509 certificate 488adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project publicKey = tbsCert.getSubjectPublicKeyInfo().getPublicKey(); 489adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 490adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return publicKey; 491adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 492adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 493adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 494adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#toString() 495adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 496adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 497adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String toString() { 498adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return certificate.toString(); 499adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 500adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 501adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 502adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Verifies the signature of the certificate. 503adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#verify(PublicKey) 504adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 505adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 506adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void verify(PublicKey key) 507adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException, NoSuchAlgorithmException, 508adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project InvalidKeyException, NoSuchProviderException, 509adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project SignatureException { 510adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 511adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-added 512adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (getSigAlgName().endsWith("withRSA")) { 513adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project fastVerify(key); 514adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return; 515adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 516adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-added 517adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 518adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Signature signature = Signature.getInstance(getSigAlgName()); 519adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.initVerify(key); 520adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the encoding of the TBSCertificate structure 521adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 522adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 523adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 524adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // compute and verify the signature 525adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.update(tbsCertificate, 0, tbsCertificate.length); 526adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (!signature.verify(certificate.getSignatureValue())) { 527897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes throw new SignatureException("Signature was not verified"); 528adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 529adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 530adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 531adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 532adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Verifies the signature of the certificate. 533adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#verify(PublicKey,String) 534adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 535adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 536adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void verify(PublicKey key, String sigProvider) 537adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException, NoSuchAlgorithmException, 538adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project InvalidKeyException, NoSuchProviderException, 539adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project SignatureException { 540f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes 541adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-added 542adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (getSigAlgName().endsWith("withRSA")) { 543adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project fastVerify(key); 544adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return; 545adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 546adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-added 547f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes 548adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Signature signature = 549adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Signature.getInstance(getSigAlgName(), sigProvider); 550adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.initVerify(key); 551adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the encoding of the TBSCertificate structure 552adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 553adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 554adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 555adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // compute and verify the signature 556adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.update(tbsCertificate, 0, tbsCertificate.length); 557adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (!signature.verify(certificate.getSignatureValue())) { 558897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes throw new SignatureException("Signature was not verified"); 559adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 560adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 561adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 562adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-added 563adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 564adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Implements a faster RSA verification method that delegates to OpenSSL 565adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * native code. In all other aspects it behaves just like the ordinary 566adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@link verify} method. 567f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * 568adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param key The RSA public key to use 569f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * 570adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SignatureException If the verification fails. 571f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * @throws InvalidKeyException 572adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 573adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private void fastVerify(PublicKey key) throws SignatureException, 57487eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob InvalidKeyException, NoSuchAlgorithmException { 575adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (!(key instanceof RSAPublicKey)) { 576897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes throw new InvalidKeyException("key is not an instance of RSAPublicKey"); 577adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 578adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project RSAPublicKey rsaKey = (RSAPublicKey) key; 579f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes 580adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project String algorithm = getSigAlgName(); 58187eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob 58287eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob // We don't support MD2 anymore. This needs to also check for aliases 58387eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob // and OIDs. 58487eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob if ("MD2withRSA".equalsIgnoreCase(algorithm) || 58587eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob "MD2withRSAEncryption".equalsIgnoreCase(algorithm) || 58687eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob "1.2.840.113549.1.1.2".equalsIgnoreCase(algorithm) || 58787eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob "MD2/RSA".equalsIgnoreCase(algorithm)) { 58887eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob throw new NoSuchAlgorithmException(algorithm); 58987eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob } 59087eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob 591adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project int i = algorithm.indexOf("with"); 592adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project algorithm = algorithm.substring(i + 4) + "-" + algorithm.substring(0, i); 593f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes 594adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 595adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 596adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 597adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 598adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] sig = certificate.getSignatureValue(); 5993e24c53ecc31b840e51869c295785d5a2f8b31ebBrian Carlstrom if (!NativeCrypto.verifySignature(tbsCertificate, sig, algorithm, rsaKey)) { 600897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes throw new SignatureException("Signature was not verified"); 601adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 602adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 603adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-added 604adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 605adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 606adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ----- java.security.cert.X509Extension methods implementations ---- 607adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 608adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 609adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 610adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#getNonCriticalExtensionOIDs() 611adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 612adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 613adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Set getNonCriticalExtensionOIDs() { 614adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 615adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 616adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 617adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 618adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.getNonCriticalExtensions(); 619adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 620adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 621adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 622adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#getCriticalExtensionOIDs() 623adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 624adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 625adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Set getCriticalExtensionOIDs() { 626adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 627adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 628adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 629adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 630adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.getCriticalExtensions(); 631adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 632adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 633adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 634adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#getExtensionValue(String) 635adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 636adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 637adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getExtensionValue(String oid) { 638adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 639adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 640adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 641adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 642adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Extension ext = extensions.getExtensionByOID(oid); 643adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return (ext == null) ? null : ext.getRawExtnValue(); 644adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 645adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 646adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 647adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#hasUnsupportedCriticalExtension() 648adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 649adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 650adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean hasUnsupportedCriticalExtension() { 651adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 652adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return false; 653adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 654adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 655adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.hasUnsupportedCritical(); 656adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 657adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 658adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project} 659