X509CertImpl.java revision f33eae7e84eb6d3b0f4e86b59605bb3de73009f3
1adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/* 2adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Licensed to the Apache Software Foundation (ASF) under one or more 3adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * contributor license agreements. See the NOTICE file distributed with 4adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * this work for additional information regarding copyright ownership. 5adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASF licenses this file to You under the Apache License, Version 2.0 6adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * (the "License"); you may not use this file except in compliance with 7adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the License. You may obtain a copy of the License at 8adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 9adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 10adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 11adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Unless required by applicable law or agreed to in writing, software 12adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 13adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * See the License for the specific language governing permissions and 15adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * limitations under the License. 16adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 17adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 18adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 19adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project* @author Alexander Y. Kleymenov 20adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project* @version $Revision$ 21adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project*/ 22adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 23adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpackage org.apache.harmony.security.provider.cert; 24adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 25adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.IOException; 26adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.InputStream; 27adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.math.BigInteger; 28adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.InvalidKeyException; 29adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.NoSuchAlgorithmException; 30adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.NoSuchProviderException; 31adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.Principal; 32adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.PublicKey; 33adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.Signature; 34adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.SignatureException; 35adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateEncodingException; 36adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateException; 37adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateExpiredException; 38adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateNotYetValidException; 39adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateParsingException; 40adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.X509Certificate; 41adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Collection; 42adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Date; 43adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.List; 44adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Set; 45adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 46adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.security.auth.x500.X500Principal; 47adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 48adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.internal.nls.Messages; 49adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.utils.AlgNameMapper; 50adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.Certificate; 51adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.Extension; 52adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.Extensions; 53adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.x509.TBSCertificate; 54adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 55adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project// BEGIN android-added 56adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.interfaces.RSAPublicKey; 573e24c53ecc31b840e51869c295785d5a2f8b31ebBrian Carlstromimport org.apache.harmony.xnet.provider.jsse.NativeCrypto; 58adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project// END android-added 59adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 60adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 61adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This class is an implementation of X509Certificate. It wraps 62adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the instance of org.apache.harmony.security.x509.Certificate 63adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * built on the base of provided ASN.1 DER encoded form of 64adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Certificate structure (as specified in RFC 3280 65adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.ietf.org/rfc/rfc3280.txt). 66adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see org.apache.harmony.security.x509.Certificate 67adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate 68adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 69adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpublic class X509CertImpl extends X509Certificate { 70adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 71adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 72adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @serial 73adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 74adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private static final long serialVersionUID = 2972248729446736154L; 75adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 76adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // the core object to be wrapped in X509Certificate 77adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private final Certificate certificate; 78adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 79adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // to speed up access to the info, the following fields 80adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // cache values retrieved from the certificate object 81adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private final TBSCertificate tbsCert; 82adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private final Extensions extensions; 83adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private long notBefore = -1; 84adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private long notAfter; 85adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private BigInteger serialNumber; 86adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private X500Principal issuer; 87adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private X500Principal subject; 88adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private byte[] tbsCertificate; 89adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private byte[] signature; 90adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private String sigAlgName; 91adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private String sigAlgOID; 92adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private byte[] sigAlgParams; 93adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // indicates whether the signature algorithm parameters are null 94adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private boolean nullSigAlgParams; 95adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private PublicKey publicKey; 96adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 97adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // encoding of the certificate 985bd2429e5d62e7885c717bda72e789f2649837beBob Lee// BEGIN android-changed 995bd2429e5d62e7885c717bda72e789f2649837beBob Lee private volatile byte[] encoding; 1005bd2429e5d62e7885c717bda72e789f2649837beBob Lee// END android-changed 101adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 102adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 103adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ---------------------- Constructors ------------------------------- 104adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 105adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 106adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 107adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Constructs the instance on the base of ASN.1 encoded 108adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * form of X.509 certificate provided via stream parameter. 109adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param in input stream containing ASN.1 encoded form of certificate. 110adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateException if some decoding problems occur. 111adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 112adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X509CertImpl(InputStream in) throws CertificateException { 113adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 114adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // decode the Certificate object 115adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.certificate = (Certificate) Certificate.ASN1.decode(in); 116adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // cache the values of TBSCertificate and Extensions 117adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.tbsCert = certificate.getTbsCertificate(); 118adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.extensions = tbsCert.getExtensions(); 119adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 120adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateException(e); 121adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 122adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 123adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 124adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 125adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Constructs the instance on the base of existing Certificate object to 126adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * be wrapped. 127adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 128adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X509CertImpl(Certificate certificate) { 129adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.certificate = certificate; 130adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // cache the values of TBSCertificate and Extensions 131adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.tbsCert = certificate.getTbsCertificate(); 132adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this.extensions = tbsCert.getExtensions(); 133adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 134adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 135adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 136adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Constructs the instance on the base of ASN.1 encoded 137adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * form of X.509 certificate provided via array of bytes. 138adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param encoding byte array containing ASN.1 encoded form of certificate. 139adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException if some decoding problems occur. 140adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 141adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X509CertImpl(byte[] encoding) throws IOException { 142adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project this((Certificate) Certificate.ASN1.decode(encoding)); 143adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 144adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 145adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 146adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ----------------- Public methods implementations ------------------ 147adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 148adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 149adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 150adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#checkValidity() 151adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 152adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 153adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void checkValidity() throws CertificateExpiredException, 154adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project CertificateNotYetValidException { 155adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 156adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve and cache the value of validity period 157adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 158adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 159adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 160adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project long time = System.currentTimeMillis(); 161adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time < notBefore) { 162adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateNotYetValidException(); 163adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 164adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time > notAfter) { 165adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateExpiredException(); 166adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 167adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 168adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 169adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 170adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#checkValidity(Date) 171adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 172adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 173adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void checkValidity(Date date) 174adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateExpiredException, 175adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project CertificateNotYetValidException { 176adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 177adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve and cache the value of validity period 178adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 179adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 180adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 181adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project long time = date.getTime(); 182adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time < notBefore) { 183adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-changed 184adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateNotYetValidException("current time: " + date 185adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + ", validation time: " + new Date(notBefore)); 186adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-changed 187adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 188adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (time > notAfter) { 189adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-changed 190adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateExpiredException("current time: " + date 191adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + ", expiration time: " + new Date(notAfter)); 192adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-changed 193adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 194adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 195adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 196adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 197adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getVersion() 198adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 199adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 200adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public int getVersion() { 201adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return tbsCert.getVersion() + 1; 202adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 203adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 204adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 205adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSerialNumber() 206adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 207adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 208adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public BigInteger getSerialNumber() { 209adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (serialNumber == null) { 210adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project serialNumber = tbsCert.getSerialNumber(); 211adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 212adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return serialNumber; 213adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 214adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 215adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 216adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerDN() 217adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 218adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 219adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Principal getIssuerDN() { 220adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (issuer == null) { 221adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the issuer's principal 222adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project issuer = tbsCert.getIssuer().getX500Principal(); 223adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 224adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return issuer; 225adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 226adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 227adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 228adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerX500Principal() 229adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 230adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 231adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X500Principal getIssuerX500Principal() { 232adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (issuer == null) { 233adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the issuer's principal 234adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project issuer = tbsCert.getIssuer().getX500Principal(); 235adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 236adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return issuer; 237adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 238adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 239adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 240adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectDN() 241adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 242adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 243adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Principal getSubjectDN() { 244adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (subject == null) { 245adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the subject's principal 246adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project subject = tbsCert.getSubject().getX500Principal(); 247adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 248adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return subject; 249adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 250adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 251adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 252adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectX500Principal() 253adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 254adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 255adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X500Principal getSubjectX500Principal() { 256adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (subject == null) { 257adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the subject's principal 258adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project subject = tbsCert.getSubject().getX500Principal(); 259adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 260adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return subject; 261adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 262adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 263adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 264adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getNotBefore() 265adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 266adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 267adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Date getNotBefore() { 268adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 269adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // the value was not retrieved from the certificate, do it: 270adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 271adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 272adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 273adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return new Date(notBefore); 274adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 275adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 276adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 277adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getNotAfter() 278adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 279adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 280adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Date getNotAfter() { 281adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (notBefore == -1) { 282adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // the value was not retrieved from the certificate, do it: 283adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notBefore = tbsCert.getValidity().getNotBefore().getTime(); 284adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project notAfter = tbsCert.getValidity().getNotAfter().getTime(); 285adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 286adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return new Date(notAfter); 287adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 288adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 289adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 290adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getTBSCertificate() 291adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 292adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 293adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getTBSCertificate() 294adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateEncodingException { 295adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 296adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the encoded form of the TBSCertificate structure 297adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 298adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 299adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] result = new byte[tbsCertificate.length]; 300adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project System.arraycopy(tbsCertificate, 0, result, 0, tbsCertificate.length); 301adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return result; 302adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 303adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 304adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 305adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSignature() 306adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 307adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 308adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getSignature() { 309adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (signature == null) { 310adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the value of the signature 311adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature = certificate.getSignatureValue(); 312adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 313adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] result = new byte[signature.length]; 314adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project System.arraycopy(signature, 0, result, 0, signature.length); 315adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return result; 316adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 317adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 318adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 319adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgName() 320adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 321adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 322adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String getSigAlgName() { 323adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgOID == null) { 324adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if info was not retrieved (and cached), do it: 325adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgOID = tbsCert.getSignature().getAlgorithm(); 326adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the name of the signing algorithm 327adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = AlgNameMapper.map2AlgName(sigAlgOID); 328adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgName == null) { 329adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if could not be found, use OID as a name 330adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = sigAlgOID; 331adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 332adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 333adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return sigAlgName; 334adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 335adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 336adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 337adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgOID() 338adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 339adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 340adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String getSigAlgOID() { 341adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgOID == null) { 342adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if info was not retrieved (and cached), do it: 343adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgOID = tbsCert.getSignature().getAlgorithm(); 344adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the name of the signing algorithm 345adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = AlgNameMapper.map2AlgName(sigAlgOID); 346adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgName == null) { 347adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // if could not be found, use OID as a name 348adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgName = sigAlgOID; 349adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 350adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 351adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return sigAlgOID; 352adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 353adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 354adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 355adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSigAlgParams() 356adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 357adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 358adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getSigAlgParams() { 359adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (nullSigAlgParams) { 360adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 361adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 362adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgParams == null) { 363adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project sigAlgParams = tbsCert.getSignature().getParameters(); 364adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (sigAlgParams == null) { 365adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project nullSigAlgParams = true; 366adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 367adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 368adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 369adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return sigAlgParams; 370adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 371adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 372adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 373adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerUniqueID() 374adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 375adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 376adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean[] getIssuerUniqueID() { 377adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return tbsCert.getIssuerUniqueID(); 378adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 379adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 380adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 381adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectUniqueID() 382adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 383adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 384adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean[] getSubjectUniqueID() { 385adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return tbsCert.getSubjectUniqueID(); 386adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 387adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 388adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 389adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getKeyUsage() 390adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 391adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 392adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean[] getKeyUsage() { 393adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 394adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 395adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 396adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfKeyUsage(); 397adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 398adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 399adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 400adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getExtendedKeyUsage() 401adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 402adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 403adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public List/*<String>*/ getExtendedKeyUsage() 404adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateParsingException { 405adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 406adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 407adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 408adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 409adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfExtendedKeyUsage(); 410adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 411adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateParsingException(e); 412adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 413adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 414adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 415adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 416adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getBasicConstraints() 417adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 418adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 419adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public int getBasicConstraints() { 420adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 421adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return Integer.MAX_VALUE; 422adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 423adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfBasicConstrains(); 424adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 425adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 426adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 427adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getSubjectAlternativeNames() 428adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 429adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 430adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Collection/*<List<?>>*/ getSubjectAlternativeNames() 431adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateParsingException { 432adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 433adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 434adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 435adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 436adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // Retrieve the extension value from the cached extensions object 437adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // This extension is not checked for correctness during 438adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // certificate generation, so now it can throw exception 439adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfSubjectAlternativeName(); 440adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 441adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateParsingException(e); 442adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 443adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 444adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 445adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 446adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Certificate#getIssuerAlternativeNames() 447adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 448adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 449adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Collection/*FIXME <List<?>>*/ getIssuerAlternativeNames() 450adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateParsingException { 451adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 452adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 453adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 454adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 455adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // Retrieve the extension value from the cached extensions object 456adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // This extension is not checked for correctness during 457adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // certificate generation, so now it can throw exception 458adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.valueOfIssuerAlternativeName(); 459adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (IOException e) { 460adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateParsingException(e); 461adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 462adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 463adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 464adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 465adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ----- java.security.cert.Certificate methods implementations ------ 466adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 467adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 468adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 469adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#getEncoded() 470adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 471adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 472adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getEncoded() throws CertificateEncodingException { 473adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (encoding == null) { 474adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project encoding = certificate.getEncoded(); 475adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 476adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] result = new byte[encoding.length]; 477adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project System.arraycopy(encoding, 0, result, 0, encoding.length); 478adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return result; 479adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 480adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 481adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 482adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#getPublicKey() 483adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 484adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 485adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public PublicKey getPublicKey() { 486adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (publicKey == null) { 487adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the public key from SubjectPublicKeyInfo 488adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // substructure of X.509 certificate 489adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project publicKey = tbsCert.getSubjectPublicKeyInfo().getPublicKey(); 490adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 491adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return publicKey; 492adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 493adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 494adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 495adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#toString() 496adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 497adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 498adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String toString() { 499adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return certificate.toString(); 500adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 501adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 502adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 503adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Verifies the signature of the certificate. 504adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#verify(PublicKey) 505adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 506adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 507adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void verify(PublicKey key) 508adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException, NoSuchAlgorithmException, 509adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project InvalidKeyException, NoSuchProviderException, 510adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project SignatureException { 511adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 512adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-added 513adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (getSigAlgName().endsWith("withRSA")) { 514adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project fastVerify(key); 515adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return; 516adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 517adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-added 518adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 519adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Signature signature = Signature.getInstance(getSigAlgName()); 520adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.initVerify(key); 521adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the encoding of the TBSCertificate structure 522adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 523adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 524adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 525adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // compute and verify the signature 526adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.update(tbsCertificate, 0, tbsCertificate.length); 527adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (!signature.verify(certificate.getSignatureValue())) { 528f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes throw new SignatureException(Messages.getString("security.15C")); 529adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 530adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 531adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 532adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 533adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Verifies the signature of the certificate. 534adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.Certificate#verify(PublicKey,String) 535adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 536adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 537adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void verify(PublicKey key, String sigProvider) 538adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException, NoSuchAlgorithmException, 539adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project InvalidKeyException, NoSuchProviderException, 540adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project SignatureException { 541f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes 542adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-added 543adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (getSigAlgName().endsWith("withRSA")) { 544adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project fastVerify(key); 545adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return; 546adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 547adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-added 548f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes 549adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Signature signature = 550adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Signature.getInstance(getSigAlgName(), sigProvider); 551adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.initVerify(key); 552adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the encoding of the TBSCertificate structure 553adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 554adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 555adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 556adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // compute and verify the signature 557adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project signature.update(tbsCertificate, 0, tbsCertificate.length); 558adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (!signature.verify(certificate.getSignatureValue())) { 559f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes throw new SignatureException(Messages.getString("security.15C")); 560adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 561adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 562adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 563adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // BEGIN android-added 564adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 565adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Implements a faster RSA verification method that delegates to OpenSSL 566adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * native code. In all other aspects it behaves just like the ordinary 567adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@link verify} method. 568f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * 569adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param key The RSA public key to use 570f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * 571adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SignatureException If the verification fails. 572f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * @throws InvalidKeyException 573adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 574adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private void fastVerify(PublicKey key) throws SignatureException, 57587eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob InvalidKeyException, NoSuchAlgorithmException { 576adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (!(key instanceof RSAPublicKey)) { 577adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new InvalidKeyException(Messages.getString("security.15C1")); 578adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 579adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project RSAPublicKey rsaKey = (RSAPublicKey) key; 580f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes 581adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project String algorithm = getSigAlgName(); 58287eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob 58387eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob // We don't support MD2 anymore. This needs to also check for aliases 58487eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob // and OIDs. 58587eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob if ("MD2withRSA".equalsIgnoreCase(algorithm) || 58687eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob "MD2withRSAEncryption".equalsIgnoreCase(algorithm) || 58787eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob "1.2.840.113549.1.1.2".equalsIgnoreCase(algorithm) || 58887eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob "MD2/RSA".equalsIgnoreCase(algorithm)) { 58987eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob throw new NoSuchAlgorithmException(algorithm); 59087eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob } 59187eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob 592adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project int i = algorithm.indexOf("with"); 593adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project algorithm = algorithm.substring(i + 4) + "-" + algorithm.substring(0, i); 594f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes 595adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (tbsCertificate == null) { 596adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project tbsCertificate = tbsCert.getEncoded(); 597adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 598adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 599adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project byte[] sig = certificate.getSignatureValue(); 6003e24c53ecc31b840e51869c295785d5a2f8b31ebBrian Carlstrom if (!NativeCrypto.verifySignature(tbsCertificate, sig, algorithm, rsaKey)) { 601f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes throw new SignatureException(Messages.getString("security.15C")); 602adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 603adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 604adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // END android-added 605adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 606adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 607adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // ----- java.security.cert.X509Extension methods implementations ---- 608adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // 609adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 610adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 611adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#getNonCriticalExtensionOIDs() 612adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 613adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 614adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Set getNonCriticalExtensionOIDs() { 615adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 616adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 617adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 618adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 619adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.getNonCriticalExtensions(); 620adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 621adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 622adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 623adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#getCriticalExtensionOIDs() 624adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 625adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 626adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Set getCriticalExtensionOIDs() { 627adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 628adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 629adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 630adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 631adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.getCriticalExtensions(); 632adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 633adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 634adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 635adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#getExtensionValue(String) 636adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 637adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 638adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getExtensionValue(String oid) { 639adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 640adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return null; 641adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 642adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 643adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Extension ext = extensions.getExtensionByOID(oid); 644adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return (ext == null) ? null : ext.getRawExtnValue(); 645adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 646adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 647adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 648adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see java.security.cert.X509Extension#hasUnsupportedCriticalExtension() 649adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * method documentation for more information. 650adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 651adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public boolean hasUnsupportedCriticalExtension() { 652adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (extensions == null) { 653adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return false; 654adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 655adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project // retrieve the info from the cached extensions object 656adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return extensions.hasUnsupportedCritical(); 657adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 658adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 659adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project} 660adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 661