Home | History | Annotate | Download | only in conscrypt 
      1 /* GENERATED SOURCE. DO NOT MODIFY. */
      2 /*
      3  * Copyright (C) 2013 The Android Open Source Project
      4  *
      5  * Licensed under the Apache License, Version 2.0 (the "License");
      6  * you may not use this file except in compliance with the License.
      7  * You may obtain a copy of the License at
      8  *
      9  *      http://www.apache.org/licenses/LICENSE-2.0
     10  *
     11  * Unless required by applicable law or agreed to in writing, software
     12  * distributed under the License is distributed on an "AS IS" BASIS,
     13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     14  * See the License for the specific language governing permissions and
     15  * limitations under the License.
     16  */
     17 
     18 package com.android.org.conscrypt;
     19 
     20 import java.io.ByteArrayOutputStream;
     21 import java.math.BigInteger;
     22 import java.security.cert.CRLException;
     23 import java.security.cert.X509CRLEntry;
     24 import java.util.Arrays;
     25 import java.util.Date;
     26 import java.util.HashSet;
     27 import java.util.Set;
     28 import com.android.org.conscrypt.OpenSSLX509CertificateFactory.ParsingException;
     29 
     30 /**
     31  * An implementation of {@link X509CRLEntry} based on BoringSSL.
     32  */
     33 final class OpenSSLX509CRLEntry extends X509CRLEntry {
     34     private final long mContext;
     35     private final Date revocationDate;
     36 
     37     OpenSSLX509CRLEntry(long ctx) throws ParsingException {
     38         mContext = ctx;
     39         // The legacy X509 OpenSSL APIs don't validate ASN1_TIME structures until access, so
     40         // parse them here because this is the only time we're allowed to throw ParsingException
     41         revocationDate = OpenSSLX509CRL.toDate(NativeCrypto.get_X509_REVOKED_revocationDate(mContext));
     42     }
     43 
     44     @Override
     45     public Set<String> getCriticalExtensionOIDs() {
     46         String[] critOids =
     47                 NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
     48                         NativeCrypto.EXTENSION_TYPE_CRITICAL);
     49 
     50         /*
     51          * This API has a special case that if there are no extensions, we
     52          * should return null. So if we have no critical extensions, we'll check
     53          * non-critical extensions.
     54          */
     55         if ((critOids.length == 0)
     56                 && (NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
     57                         NativeCrypto.EXTENSION_TYPE_NON_CRITICAL).length == 0)) {
     58             return null;
     59         }
     60 
     61         return new HashSet<String>(Arrays.asList(critOids));
     62     }
     63 
     64     @Override
     65     public byte[] getExtensionValue(String oid) {
     66         return NativeCrypto.X509_REVOKED_get_ext_oid(mContext, oid);
     67     }
     68 
     69     @Override
     70     public Set<String> getNonCriticalExtensionOIDs() {
     71         String[] critOids =
     72                 NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
     73                         NativeCrypto.EXTENSION_TYPE_NON_CRITICAL);
     74 
     75         /*
     76          * This API has a special case that if there are no extensions, we
     77          * should return null. So if we have no non-critical extensions, we'll
     78          * check critical extensions.
     79          */
     80         if ((critOids.length == 0)
     81                 && (NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
     82                         NativeCrypto.EXTENSION_TYPE_CRITICAL).length == 0)) {
     83             return null;
     84         }
     85 
     86         return new HashSet<String>(Arrays.asList(critOids));
     87     }
     88 
     89     @Override
     90     public boolean hasUnsupportedCriticalExtension() {
     91         final String[] criticalOids =
     92                 NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
     93                         NativeCrypto.EXTENSION_TYPE_CRITICAL);
     94         for (String oid : criticalOids) {
     95             final long extensionRef = NativeCrypto.X509_REVOKED_get_ext(mContext, oid);
     96             if (NativeCrypto.X509_supported_extension(extensionRef) != 1) {
     97                 return true;
     98             }
     99         }
    100 
    101         return false;
    102     }
    103 
    104     @Override
    105     public byte[] getEncoded() throws CRLException {
    106         return NativeCrypto.i2d_X509_REVOKED(mContext);
    107     }
    108 
    109     @Override
    110     public BigInteger getSerialNumber() {
    111         return new BigInteger(NativeCrypto.X509_REVOKED_get_serialNumber(mContext));
    112     }
    113 
    114     @Override
    115     public Date getRevocationDate() {
    116         return (Date) revocationDate.clone();
    117     }
    118 
    119     @Override
    120     public boolean hasExtensions() {
    121         return (NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
    122                 NativeCrypto.EXTENSION_TYPE_NON_CRITICAL).length != 0)
    123                 || (NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
    124                         NativeCrypto.EXTENSION_TYPE_CRITICAL).length != 0);
    125     }
    126 
    127     @Override
    128     public String toString() {
    129         ByteArrayOutputStream os = new ByteArrayOutputStream();
    130         long bioCtx = NativeCrypto.create_BIO_OutputStream(os);
    131         try {
    132             NativeCrypto.X509_REVOKED_print(bioCtx, mContext);
    133             return os.toString();
    134         } finally {
    135             NativeCrypto.BIO_free_all(bioCtx);
    136         }
    137     }
    138 }
    139