1// Copyright 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5package org.chromium.android_webview; 6 7import android.net.http.SslCertificate; 8import android.net.http.SslError; 9import android.util.Log; 10 11import org.chromium.net.NetError; 12import org.chromium.net.X509Util; 13 14import java.security.KeyStoreException; 15import java.security.NoSuchAlgorithmException; 16import java.security.cert.CertificateException; 17import java.security.cert.X509Certificate; 18 19public class SslUtil { 20 private static final String TAG = "SslUtil"; 21 22 /** 23 * Creates an SslError object from a chromium net error code. 24 */ 25 public static SslError sslErrorFromNetErrorCode(int error, SslCertificate cert, String url) { 26 assert (error >= NetError.ERR_CERT_END && error <= NetError.ERR_CERT_COMMON_NAME_INVALID); 27 switch(error) { 28 case NetError.ERR_CERT_COMMON_NAME_INVALID: 29 return new SslError(SslError.SSL_IDMISMATCH, cert, url); 30 case NetError.ERR_CERT_DATE_INVALID: 31 return new SslError(SslError.SSL_DATE_INVALID, cert, url); 32 case NetError.ERR_CERT_AUTHORITY_INVALID: 33 return new SslError(SslError.SSL_UNTRUSTED, cert, url); 34 default: 35 break; 36 } 37 // Map all other codes to SSL_INVALID. 38 return new SslError(SslError.SSL_INVALID, cert, url); 39 } 40 41 public static SslCertificate getCertificateFromDerBytes(byte[] derBytes) { 42 if (derBytes == null) { 43 return null; 44 } 45 46 try { 47 X509Certificate x509Certificate = 48 X509Util.createCertificateFromBytes(derBytes); 49 return new SslCertificate(x509Certificate); 50 } catch (CertificateException e) { 51 // A SSL related exception must have occured. This shouldn't happen. 52 Log.w(TAG, "Could not read certificate: " + e); 53 } catch (KeyStoreException e) { 54 // A SSL related exception must have occured. This shouldn't happen. 55 Log.w(TAG, "Could not read certificate: " + e); 56 } catch (NoSuchAlgorithmException e) { 57 // A SSL related exception must have occured. This shouldn't happen. 58 Log.w(TAG, "Could not read certificate: " + e); 59 } 60 return null; 61 } 62}