1 /* GENERATED SOURCE. DO NOT MODIFY. */ 2 /* 3 * Copyright (C) 2013 The Android Open Source Project 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 package com.android.org.conscrypt; 19 20 import java.io.ByteArrayOutputStream; 21 import java.math.BigInteger; 22 import java.security.cert.CRLException; 23 import java.security.cert.X509CRLEntry; 24 import java.util.Arrays; 25 import java.util.Date; 26 import java.util.HashSet; 27 import java.util.Set; 28 import com.android.org.conscrypt.OpenSSLX509CertificateFactory.ParsingException; 29 30 /** 31 * An implementation of {@link X509CRLEntry} based on BoringSSL. 32 */ 33 final class OpenSSLX509CRLEntry extends X509CRLEntry { 34 private final long mContext; 35 private final Date revocationDate; 36 37 OpenSSLX509CRLEntry(long ctx) throws ParsingException { 38 mContext = ctx; 39 // The legacy X509 OpenSSL APIs don't validate ASN1_TIME structures until access, so 40 // parse them here because this is the only time we're allowed to throw ParsingException 41 revocationDate = OpenSSLX509CRL.toDate(NativeCrypto.get_X509_REVOKED_revocationDate(mContext)); 42 } 43 44 @Override 45 public Set<String> getCriticalExtensionOIDs() { 46 String[] critOids = 47 NativeCrypto.get_X509_REVOKED_ext_oids(mContext, 48 NativeCrypto.EXTENSION_TYPE_CRITICAL); 49 50 /* 51 * This API has a special case that if there are no extensions, we 52 * should return null. So if we have no critical extensions, we'll check 53 * non-critical extensions. 54 */ 55 if ((critOids.length == 0) 56 && (NativeCrypto.get_X509_REVOKED_ext_oids(mContext, 57 NativeCrypto.EXTENSION_TYPE_NON_CRITICAL).length == 0)) { 58 return null; 59 } 60 61 return new HashSet<String>(Arrays.asList(critOids)); 62 } 63 64 @Override 65 public byte[] getExtensionValue(String oid) { 66 return NativeCrypto.X509_REVOKED_get_ext_oid(mContext, oid); 67 } 68 69 @Override 70 public Set<String> getNonCriticalExtensionOIDs() { 71 String[] critOids = 72 NativeCrypto.get_X509_REVOKED_ext_oids(mContext, 73 NativeCrypto.EXTENSION_TYPE_NON_CRITICAL); 74 75 /* 76 * This API has a special case that if there are no extensions, we 77 * should return null. So if we have no non-critical extensions, we'll 78 * check critical extensions. 79 */ 80 if ((critOids.length == 0) 81 && (NativeCrypto.get_X509_REVOKED_ext_oids(mContext, 82 NativeCrypto.EXTENSION_TYPE_CRITICAL).length == 0)) { 83 return null; 84 } 85 86 return new HashSet<String>(Arrays.asList(critOids)); 87 } 88 89 @Override 90 public boolean hasUnsupportedCriticalExtension() { 91 final String[] criticalOids = 92 NativeCrypto.get_X509_REVOKED_ext_oids(mContext, 93 NativeCrypto.EXTENSION_TYPE_CRITICAL); 94 for (String oid : criticalOids) { 95 final long extensionRef = NativeCrypto.X509_REVOKED_get_ext(mContext, oid); 96 if (NativeCrypto.X509_supported_extension(extensionRef) != 1) { 97 return true; 98 } 99 } 100 101 return false; 102 } 103 104 @Override 105 public byte[] getEncoded() throws CRLException { 106 return NativeCrypto.i2d_X509_REVOKED(mContext); 107 } 108 109 @Override 110 public BigInteger getSerialNumber() { 111 return new BigInteger(NativeCrypto.X509_REVOKED_get_serialNumber(mContext)); 112 } 113 114 @Override 115 public Date getRevocationDate() { 116 return (Date) revocationDate.clone(); 117 } 118 119 @Override 120 public boolean hasExtensions() { 121 return (NativeCrypto.get_X509_REVOKED_ext_oids(mContext, 122 NativeCrypto.EXTENSION_TYPE_NON_CRITICAL).length != 0) 123 || (NativeCrypto.get_X509_REVOKED_ext_oids(mContext, 124 NativeCrypto.EXTENSION_TYPE_CRITICAL).length != 0); 125 } 126 127 @Override 128 public String toString() { 129 ByteArrayOutputStream os = new ByteArrayOutputStream(); 130 long bioCtx = NativeCrypto.create_BIO_OutputStream(os); 131 try { 132 NativeCrypto.X509_REVOKED_print(bioCtx, mContext); 133 return os.toString(); 134 } finally { 135 NativeCrypto.BIO_free_all(bioCtx); 136 } 137 } 138 } 139