Home | History | Annotate | Download | only in jsse 
      1 /*
      2  * Copyright (C) 2013 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 package org.apache.harmony.xnet.provider.jsse;
     18 
     19 import java.io.ByteArrayOutputStream;
     20 import java.math.BigInteger;
     21 import java.security.cert.CRLException;
     22 import java.security.cert.X509CRLEntry;
     23 import java.util.Arrays;
     24 import java.util.Calendar;
     25 import java.util.Date;
     26 import java.util.HashSet;
     27 import java.util.Set;
     28 import java.util.TimeZone;
     29 
     30 public class OpenSSLX509CRLEntry extends X509CRLEntry {
     31     private final long mContext;
     32 
     33     OpenSSLX509CRLEntry(long ctx) {
     34         mContext = ctx;
     35     }
     36 
     37     @Override
     38     public Set<String> getCriticalExtensionOIDs() {
     39         String[] critOids =
     40                 NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
     41                         NativeCrypto.EXTENSION_TYPE_CRITICAL);
     42 
     43         /*
     44          * This API has a special case that if there are no extensions, we
     45          * should return null. So if we have no critical extensions, we'll check
     46          * non-critical extensions.
     47          */
     48         if ((critOids.length == 0)
     49                 && (NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
     50                         NativeCrypto.EXTENSION_TYPE_NON_CRITICAL).length == 0)) {
     51             return null;
     52         }
     53 
     54         return new HashSet<String>(Arrays.asList(critOids));
     55     }
     56 
     57     @Override
     58     public byte[] getExtensionValue(String oid) {
     59         return NativeCrypto.X509_REVOKED_get_ext_oid(mContext, oid);
     60     }
     61 
     62     @Override
     63     public Set<String> getNonCriticalExtensionOIDs() {
     64         String[] critOids =
     65                 NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
     66                         NativeCrypto.EXTENSION_TYPE_NON_CRITICAL);
     67 
     68         /*
     69          * This API has a special case that if there are no extensions, we
     70          * should return null. So if we have no non-critical extensions, we'll
     71          * check critical extensions.
     72          */
     73         if ((critOids.length == 0)
     74                 && (NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
     75                         NativeCrypto.EXTENSION_TYPE_CRITICAL).length == 0)) {
     76             return null;
     77         }
     78 
     79         return new HashSet<String>(Arrays.asList(critOids));
     80     }
     81 
     82     @Override
     83     public boolean hasUnsupportedCriticalExtension() {
     84         final String[] criticalOids =
     85                 NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
     86                         NativeCrypto.EXTENSION_TYPE_CRITICAL);
     87         for (String oid : criticalOids) {
     88             final long extensionRef = NativeCrypto.X509_REVOKED_get_ext(mContext, oid);
     89             if (NativeCrypto.X509_supported_extension(extensionRef) != 1) {
     90                 return true;
     91             }
     92         }
     93 
     94         return false;
     95     }
     96 
     97     @Override
     98     public byte[] getEncoded() throws CRLException {
     99         return NativeCrypto.i2d_X509_REVOKED(mContext);
    100     }
    101 
    102     @Override
    103     public BigInteger getSerialNumber() {
    104         return new BigInteger(NativeCrypto.X509_REVOKED_get_serialNumber(mContext));
    105     }
    106 
    107     @Override
    108     public Date getRevocationDate() {
    109         Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
    110         calendar.set(Calendar.MILLISECOND, 0);
    111         NativeCrypto.ASN1_TIME_to_Calendar(NativeCrypto.get_X509_REVOKED_revocationDate(mContext),
    112                 calendar);
    113         return calendar.getTime();
    114     }
    115 
    116     @Override
    117     public boolean hasExtensions() {
    118         return (NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
    119                 NativeCrypto.EXTENSION_TYPE_NON_CRITICAL).length != 0)
    120                 || (NativeCrypto.get_X509_REVOKED_ext_oids(mContext,
    121                         NativeCrypto.EXTENSION_TYPE_CRITICAL).length != 0);
    122     }
    123 
    124     @Override
    125     public String toString() {
    126         ByteArrayOutputStream os = new ByteArrayOutputStream();
    127         long bioCtx = NativeCrypto.create_BIO_OutputStream(os);
    128         try {
    129             NativeCrypto.X509_REVOKED_print(bioCtx, mContext);
    130             return os.toString();
    131         } finally {
    132             NativeCrypto.BIO_free(bioCtx);
    133         }
    134     }
    135 }
    136