X509CertImpl.java revision adc854b798c1cfe3bfd4c27d68d5cee38ca617da
1adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/* 2adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Licensed to the Apache Software Foundation (ASF) under one or more 3adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * contributor license agreements. See the NOTICE file distributed with 4adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * this work for additional information regarding copyright ownership. 5adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASF licenses this file to You under the Apache License, Version 2.0 6adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * (the "License"); you may not use this file except in compliance with 7adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the License. You may obtain a copy of the License at 8adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 9adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 10adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 11adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Unless required by applicable law or agreed to in writing, software 12adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 13adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * See the License for the specific language governing permissions and 15adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * limitations under the License. 16adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 17adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 18adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 19adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project* @author Alexander Y. Kleymenov 20adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project* @version $Revision$ 21adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project*/ 22adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 23adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpackage org.apache.harmony.security.provider.cert; 24adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 25adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.IOException; 26adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.InputStream; 27adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.math.BigInteger; 28adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.InvalidKeyException; 29adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.NoSuchAlgorithmException; 30adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.NoSuchProviderException; 31adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.Principal; 32adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.PublicKey; 33adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.Signature; 34adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.SignatureException; 35adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateEncodingException; 36adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateException; 37adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateExpiredException; 38adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateNotYetValidException; 39adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateParsingException; 40adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.X509Certificate; 41adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Collection; 42adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Date; 43adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.List; 44adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Set; 45adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 46adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.security.auth.x500.X500Principal; 47adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 48adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.internal.nls.Messages; 49adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.utils.AlgNameMapper; 50adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.Certificate; 51adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.Extension; 52adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.Extensions; 53adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.TBSCertificate; 54adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 55adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project// BEGIN android-added 56adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.interfaces.RSAPublicKey; 57adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl; 58adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project// END android-added 59adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 60adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 61adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This class is an implementation of X509Certificate. It wraps 62adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the instance of org.apache.harmony.security.x509.Certificate 63adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * built on the base of provided ASN.1 DER encoded form of 64adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Certificate structure (as specified in RFC 3280 65adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.ietf.org/rfc/rfc3280.txt). 66adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see org.apache.harmony.security.x509.Certificate 67adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate 68adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 69adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpublic class X509CertImpl extends X509Certificate { 70adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 71adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 72adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @serial 73adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 74adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private static final long serialVersionUID = 2972248729446736154L; 75adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 76adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // the core object to be wrapped in X509Certificate 77adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private final Certificate certificate; 78adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 79adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // to speed up access to the info, the following fields 80adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // cache values retrieved from the certificate object 81adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private final TBSCertificate tbsCert; 82adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private final Extensions extensions; 83adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private long notBefore = -1; 84adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private long notAfter; 85adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private BigInteger serialNumber; 86adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private X500Principal issuer; 87adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private X500Principal subject; 88adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private byte[] tbsCertificate; 89adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private byte[] signature; 90adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private String sigAlgName; 91adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private String sigAlgOID; 92adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private byte[] sigAlgParams; 93adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // indicates whether the signature algorithm parameters are null 94adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private boolean nullSigAlgParams; 95adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private PublicKey publicKey; 96adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 97adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // encoding of the certificate 98adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private byte[] encoding; 99adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 100adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 101adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ---------------------- Constructors ------------------------------- 102adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 103adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 104adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 105adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Constructs the instance on the base of ASN.1 encoded 106adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * form of X.509 certificate provided via stream parameter. 107adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param in input stream containing ASN.1 encoded form of certificate. 108adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateException if some decoding problems occur. 109adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 110adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X509CertImpl(InputStream in) throws CertificateException { 111adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 112adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // decode the Certificate object 113adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.certificate = (Certificate) Certificate.ASN1.decode(in); 114adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // cache the values of TBSCertificate and Extensions 115adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.tbsCert = certificate.getTbsCertificate(); 116adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.extensions = tbsCert.getExtensions(); 117adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 118adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateException(e); 119adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 120adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 121adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 122adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 123adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Constructs the instance on the base of existing Certificate object to 124adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * be wrapped. 125adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 126adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X509CertImpl(Certificate certificate) { 127adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.certificate = certificate; 128adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // cache the values of TBSCertificate and Extensions 129adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.tbsCert = certificate.getTbsCertificate(); 130adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.extensions = tbsCert.getExtensions(); 131adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 132adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 133adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 134adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Constructs the instance on the base of ASN.1 encoded 135adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * form of X.509 certificate provided via array of bytes. 136adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param encoding byte array containing ASN.1 encoded form of certificate. 137adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException if some decoding problems occur. 138adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 139adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X509CertImpl(byte[] encoding) throws IOException { 140adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this((Certificate) Certificate.ASN1.decode(encoding)); 141adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 142adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 143adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 144adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ----------------- Public methods implementations ------------------ 145adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 146adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 147adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 148adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#checkValidity() 149adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 150adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 151adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void checkValidity() throws CertificateExpiredException, 152adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project CertificateNotYetValidException { 153adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 154adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve and cache the value of validity period 155adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 156adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 157adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 158adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project long time = System.currentTimeMillis(); 159adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time < notBefore) { 160adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateNotYetValidException(); 161adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 162adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time > notAfter) { 163adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateExpiredException(); 164adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 165adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 166adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 167adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 168adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#checkValidity(Date) 169adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 170adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 171adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void checkValidity(Date date) 172adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateExpiredException, 173adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project CertificateNotYetValidException { 174adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 175adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve and cache the value of validity period 176adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 177adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 178adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 179adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project long time = date.getTime(); 180adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time < notBefore) { 181adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-changed 182adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateNotYetValidException("current time: " + date 183adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + ", validation time: " + new Date(notBefore)); 184adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-changed 185adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 186adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time > notAfter) { 187adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-changed 188adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateExpiredException("current time: " + date 189adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + ", expiration time: " + new Date(notAfter)); 190adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-changed 191adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 192adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 193adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 194adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 195adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getVersion() 196adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 197adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 198adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public int getVersion() { 199adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return tbsCert.getVersion() + 1; 200adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 201adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 202adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 203adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSerialNumber() 204adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 205adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 206adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public BigInteger getSerialNumber() { 207adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (serialNumber == null) { 208adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project serialNumber = tbsCert.getSerialNumber(); 209adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 210adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return serialNumber; 211adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 212adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 213adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 214adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerDN() 215adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 216adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 217adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Principal getIssuerDN() { 218adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (issuer == null) { 219adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the issuer's principal 220adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project issuer = tbsCert.getIssuer().getX500Principal(); 221adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 222adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return issuer; 223adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 224adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 225adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 226adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerX500Principal() 227adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 228adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 229adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X500Principal getIssuerX500Principal() { 230adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (issuer == null) { 231adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the issuer's principal 232adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project issuer = tbsCert.getIssuer().getX500Principal(); 233adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 234adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return issuer; 235adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 236adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 237adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 238adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectDN() 239adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 240adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 241adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Principal getSubjectDN() { 242adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (subject == null) { 243adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the subject's principal 244adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project subject = tbsCert.getSubject().getX500Principal(); 245adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 246adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return subject; 247adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 248adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 249adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 250adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectX500Principal() 251adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 252adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 253adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X500Principal getSubjectX500Principal() { 254adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (subject == null) { 255adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the subject's principal 256adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project subject = tbsCert.getSubject().getX500Principal(); 257adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 258adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return subject; 259adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 260adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 261adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 262adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getNotBefore() 263adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 264adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 265adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Date getNotBefore() { 266adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 267adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // the value was not retrieved from the certificate, do it: 268adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 269adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 270adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 271adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return new Date(notBefore); 272adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 273adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 274adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 275adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getNotAfter() 276adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 277adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 278adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Date getNotAfter() { 279adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 280adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // the value was not retrieved from the certificate, do it: 281adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 282adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 283adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 284adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return new Date(notAfter); 285adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 286adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 287adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 288adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getTBSCertificate() 289adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 290adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 291adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getTBSCertificate() 292adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateEncodingException { 293adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 294adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the encoded form of the TBSCertificate structure 295adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 296adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 297adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] result = new byte[tbsCertificate.length]; 298adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project System.arraycopy(tbsCertificate, 0, result, 0, tbsCertificate.length); 299adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return result; 300adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 301adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 302adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 303adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSignature() 304adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 305adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 306adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getSignature() { 307adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (signature == null) { 308adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the value of the signature 309adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature = certificate.getSignatureValue(); 310adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 311adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] result = new byte[signature.length]; 312adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project System.arraycopy(signature, 0, result, 0, signature.length); 313adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return result; 314adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 315adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 316adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 317adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgName() 318adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 319adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 320adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String getSigAlgName() { 321adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgOID == null) { 322adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if info was not retrieved (and cached), do it: 323adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgOID = tbsCert.getSignature().getAlgorithm(); 324adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the name of the signing algorithm 325adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = AlgNameMapper.map2AlgName(sigAlgOID); 326adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgName == null) { 327adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if could not be found, use OID as a name 328adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = sigAlgOID; 329adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 330adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 331adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return sigAlgName; 332adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 333adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 334adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 335adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgOID() 336adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 337adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 338adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String getSigAlgOID() { 339adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgOID == null) { 340adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if info was not retrieved (and cached), do it: 341adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgOID = tbsCert.getSignature().getAlgorithm(); 342adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the name of the signing algorithm 343adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = AlgNameMapper.map2AlgName(sigAlgOID); 344adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgName == null) { 345adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if could not be found, use OID as a name 346adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = sigAlgOID; 347adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 348adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 349adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return sigAlgOID; 350adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 351adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 352adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 353adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgParams() 354adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 355adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 356adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getSigAlgParams() { 357adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (nullSigAlgParams) { 358adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 359adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 360adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgParams == null) { 361adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgParams = tbsCert.getSignature().getParameters(); 362adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgParams == null) { 363adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project nullSigAlgParams = true; 364adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 365adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 366adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 367adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return sigAlgParams; 368adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 369adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 370adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 371adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerUniqueID() 372adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 373adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 374adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean[] getIssuerUniqueID() { 375adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return tbsCert.getIssuerUniqueID(); 376adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 377adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 378adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 379adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectUniqueID() 380adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 381adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 382adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean[] getSubjectUniqueID() { 383adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return tbsCert.getSubjectUniqueID(); 384adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 385adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 386adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 387adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getKeyUsage() 388adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 389adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 390adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean[] getKeyUsage() { 391adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 392adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 393adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 394adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfKeyUsage(); 395adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 396adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 397adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 398adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getExtendedKeyUsage() 399adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 400adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 401adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public List/*<String>*/ getExtendedKeyUsage() 402adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateParsingException { 403adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 404adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 405adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 406adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 407adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfExtendedKeyUsage(); 408adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 409adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateParsingException(e); 410adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 411adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 412adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 413adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 414adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getBasicConstraints() 415adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 416adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 417adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public int getBasicConstraints() { 418adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 419adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return Integer.MAX_VALUE; 420adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 421adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfBasicConstrains(); 422adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 423adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 424adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 425adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectAlternativeNames() 426adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 427adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 428adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Collection/*<List<?>>*/ getSubjectAlternativeNames() 429adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateParsingException { 430adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 431adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 432adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 433adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 434adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // Retrieve the extension value from the cached extensions object 435adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // This extension is not checked for correctness during 436adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // certificate generation, so now it can throw exception 437adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfSubjectAlternativeName(); 438adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 439adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateParsingException(e); 440adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 441adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 442adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 443adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 444adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerAlternativeNames() 445adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 446adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 447adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Collection/*FIXME <List<?>>*/ getIssuerAlternativeNames() 448adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateParsingException { 449adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 450adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 451adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 452adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 453adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // Retrieve the extension value from the cached extensions object 454adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // This extension is not checked for correctness during 455adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // certificate generation, so now it can throw exception 456adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfIssuerAlternativeName(); 457adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 458adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateParsingException(e); 459adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 460adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 461adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 462adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 463adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ----- java.security.cert.Certificate methods implementations ------ 464adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 465adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 466adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 467adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#getEncoded() 468adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 469adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 470adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getEncoded() throws CertificateEncodingException { 471adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (encoding == null) { 472adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project encoding = certificate.getEncoded(); 473adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 474adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] result = new byte[encoding.length]; 475adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project System.arraycopy(encoding, 0, result, 0, encoding.length); 476adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return result; 477adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 478adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 479adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 480adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#getPublicKey() 481adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 482adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 483adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public PublicKey getPublicKey() { 484adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (publicKey == null) { 485adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the public key from SubjectPublicKeyInfo 486adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // substructure of X.509 certificate 487adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project publicKey = tbsCert.getSubjectPublicKeyInfo().getPublicKey(); 488adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 489adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return publicKey; 490adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 491adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 492adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 493adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#toString() 494adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 495adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 496adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String toString() { 497adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return certificate.toString(); 498adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 499adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 500adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 501adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Verifies the signature of the certificate. 502adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#verify(PublicKey) 503adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 504adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 505adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void verify(PublicKey key) 506adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException, NoSuchAlgorithmException, 507adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project InvalidKeyException, NoSuchProviderException, 508adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project SignatureException { 509adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 510adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-added 511adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (getSigAlgName().endsWith("withRSA")) { 512adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project fastVerify(key); 513adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return; 514adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 515adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-added 516adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 517adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Signature signature = Signature.getInstance(getSigAlgName()); 518adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.initVerify(key); 519adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the encoding of the TBSCertificate structure 520adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 521adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 522adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 523adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // compute and verify the signature 524adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.update(tbsCertificate, 0, tbsCertificate.length); 525adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (!signature.verify(certificate.getSignatureValue())) { 526adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new SignatureException(Messages.getString("security.15C")); //$NON-NLS-1$ 527adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 528adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 529adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 530adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 531adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Verifies the signature of the certificate. 532adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#verify(PublicKey,String) 533adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 534adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 535adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void verify(PublicKey key, String sigProvider) 536adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException, NoSuchAlgorithmException, 537adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project InvalidKeyException, NoSuchProviderException, 538adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project SignatureException { 539adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 540adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-added 541adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (getSigAlgName().endsWith("withRSA")) { 542adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project fastVerify(key); 543adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return; 544adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 545adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-added 546adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 547adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Signature signature = 548adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Signature.getInstance(getSigAlgName(), sigProvider); 549adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.initVerify(key); 550adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the encoding of the TBSCertificate structure 551adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 552adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 553adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 554adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // compute and verify the signature 555adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.update(tbsCertificate, 0, tbsCertificate.length); 556adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (!signature.verify(certificate.getSignatureValue())) { 557adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new SignatureException(Messages.getString("security.15C")); //$NON-NLS-1$ 558adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 559adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 560adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 561adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-added 562adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 563adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Implements a faster RSA verification method that delegates to OpenSSL 564adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * native code. In all other aspects it behaves just like the ordinary 565adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@link verify} method. 566adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 567adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param key The RSA public key to use 568adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 569adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SignatureException If the verification fails. 570adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws InvalidKeyException 571adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 572adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private void fastVerify(PublicKey key) throws SignatureException, 573adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project InvalidKeyException { 574adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (!(key instanceof RSAPublicKey)) { 575adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new InvalidKeyException(Messages.getString("security.15C1")); 576adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 577adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project RSAPublicKey rsaKey = (RSAPublicKey) key; 578adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 579adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project String algorithm = getSigAlgName(); 580adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project int i = algorithm.indexOf("with"); 581adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project algorithm = algorithm.substring(i + 4) + "-" + algorithm.substring(0, i); 582adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 583adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 584adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 585adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 586adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 587adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] sig = certificate.getSignatureValue(); 588adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (!OpenSSLSocketImpl.verifySignature(tbsCertificate, sig, algorithm, rsaKey)) { 589adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new SignatureException(Messages.getString("security.15C")); //$NON-NLS-1$ 590adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 591adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 592adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-added 593adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 594adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 595adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ----- java.security.cert.X509Extension methods implementations ---- 596adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 597adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 598adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 599adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#getNonCriticalExtensionOIDs() 600adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 601adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 602adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Set getNonCriticalExtensionOIDs() { 603adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 604adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 605adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 606adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 607adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.getNonCriticalExtensions(); 608adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 609adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 610adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 611adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#getCriticalExtensionOIDs() 612adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 613adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 614adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Set getCriticalExtensionOIDs() { 615adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 616adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 617adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 618adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 619adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.getCriticalExtensions(); 620adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 621adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 622adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 623adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#getExtensionValue(String) 624adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 625adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 626adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getExtensionValue(String oid) { 627adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 628adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 629adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 630adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 631adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Extension ext = extensions.getExtensionByOID(oid); 632adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return (ext == null) ? null : ext.getRawExtnValue(); 633adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 634adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 635adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 636adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#hasUnsupportedCriticalExtension() 637adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 638adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 639adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean hasUnsupportedCriticalExtension() { 640adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 641adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return false; 642adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 643adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 644adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.hasUnsupportedCritical(); 645adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 646adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 647adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project} 648adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 649