SslError.java revision 3015516a4611db23ce56ae057d281c9328cfdf24
1/* 2 * Copyright (C) 2006 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package android.net.http; 18 19import java.security.cert.X509Certificate; 20 21/** 22 * One or more individual SSL errors and the associated SSL certificate 23 */ 24public class SslError { 25 26 /** 27 * Individual SSL errors (in the order from the least to the most severe): 28 */ 29 30 /** 31 * The certificate is not yet valid 32 */ 33 public static final int SSL_NOTYETVALID = 0; 34 /** 35 * The certificate has expired 36 */ 37 public static final int SSL_EXPIRED = 1; 38 /** 39 * Hostname mismatch 40 */ 41 public static final int SSL_IDMISMATCH = 2; 42 /** 43 * The certificate authority is not trusted 44 */ 45 public static final int SSL_UNTRUSTED = 3; 46 47 48 /** 49 * The number of different SSL errors (update if you add a new SSL error!!!) 50 */ 51 public static final int SSL_MAX_ERROR = 4; 52 53 /** 54 * The SSL error set bitfield (each individual error is an bit index; 55 * multiple individual errors can be OR-ed) 56 */ 57 int mErrors; 58 59 /** 60 * The SSL certificate associated with the error set 61 */ 62 final SslCertificate mCertificate; 63 64 /** 65 * The URL associated with the error set. 66 */ 67 final String mUrl; 68 69 /** 70 * Creates a new SSL error set object 71 * @param error The SSL error 72 * @param certificate The associated SSL certificate 73 * @deprecated Use {@link #SslError(int, SslCertificate, String)} 74 */ 75 @Deprecated 76 public SslError(int error, SslCertificate certificate) { 77 addError(error); 78 if (certificate == null) { 79 throw new NullPointerException("certificate is null."); 80 } 81 mCertificate = certificate; 82 mUrl = ""; 83 } 84 85 /** 86 * Creates a new SSL error set object 87 * @param error The SSL error 88 * @param certificate The associated SSL certificate 89 * @deprecated Use {@link #SslError(int, X509Certificate, String)} 90 */ 91 @Deprecated 92 public SslError(int error, X509Certificate certificate) { 93 addError(error); 94 if (certificate == null) { 95 throw new NullPointerException("certificate is null."); 96 } 97 mCertificate = new SslCertificate(certificate); 98 mUrl = ""; 99 } 100 101 /** 102 * Creates a new SSL error set object 103 * @param error The SSL error 104 * @param certificate The associated SSL certificate 105 * @param url The associated URL. 106 */ 107 public SslError(int error, SslCertificate certificate, String url) { 108 addError(error); 109 if (certificate == null) { 110 throw new NullPointerException("certificate is null."); 111 } 112 mCertificate = certificate; 113 if (url == null) { 114 throw new NullPointerException("url is null."); 115 } 116 mUrl = url; 117 } 118 119 /** 120 * Creates a new SSL error set object 121 * @param error The SSL error 122 * @param certificate The associated SSL certificate 123 * @param url The associated URL. 124 */ 125 public SslError(int error, X509Certificate certificate, String url) { 126 addError(error); 127 if (certificate == null) { 128 throw new NullPointerException("certificate is null."); 129 } 130 mCertificate = new SslCertificate(certificate); 131 if (url == null) { 132 throw new NullPointerException("url is null."); 133 } 134 mUrl = url; 135 } 136 137 /** 138 * @return The SSL certificate associated with the error set, non-null. 139 */ 140 public SslCertificate getCertificate() { 141 return mCertificate; 142 } 143 144 /** 145 * @return The URL associated with the error set, non-null. 146 * "" if one of the deprecated constructors is used. 147 */ 148 public String getUrl() { 149 return mUrl; 150 } 151 152 /** 153 * Adds the SSL error to the error set 154 * @param error The SSL error to add 155 * @return True iff the error being added is a known SSL error 156 */ 157 public boolean addError(int error) { 158 boolean rval = (0 <= error && error < SslError.SSL_MAX_ERROR); 159 if (rval) { 160 mErrors |= (0x1 << error); 161 } 162 163 return rval; 164 } 165 166 /** 167 * @param error The SSL error to check 168 * @return True iff the set includes the error 169 */ 170 public boolean hasError(int error) { 171 boolean rval = (0 <= error && error < SslError.SSL_MAX_ERROR); 172 if (rval) { 173 rval = ((mErrors & (0x1 << error)) != 0); 174 } 175 176 return rval; 177 } 178 179 /** 180 * @return The primary, most severe, SSL error in the set 181 */ 182 public int getPrimaryError() { 183 if (mErrors != 0) { 184 // go from the most to the least severe errors 185 for (int error = SslError.SSL_MAX_ERROR - 1; error >= 0; --error) { 186 if ((mErrors & (0x1 << error)) != 0) { 187 return error; 188 } 189 } 190 } 191 192 return 0; 193 } 194 195 /** 196 * @return A String representation of this SSL error object 197 * (used mostly for debugging). 198 */ 199 public String toString() { 200 return "primary error: " + getPrimaryError() + 201 " certificate: " + getCertificate() + 202 " on URL: " + getUrl(); 203 } 204} 205