Package org.conscrypt
Class OpenSSLX509Certificate
- java.lang.Object
-
- java.security.cert.Certificate
-
- java.security.cert.X509Certificate
-
- org.conscrypt.OpenSSLX509Certificate
-
- All Implemented Interfaces:
java.io.Serializable
,java.security.cert.X509Extension
@Internal public final class OpenSSLX509Certificate extends java.security.cert.X509Certificate
An implementation ofX509Certificate
based on BoringSSL.- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description private long
mContext
private java.lang.Integer
mHashCode
private java.util.Date
notAfter
private java.util.Date
notBefore
private static long
serialVersionUID
-
Constructor Summary
Constructors Modifier Constructor Description (package private)
OpenSSLX509Certificate(long ctx)
private
OpenSSLX509Certificate(long ctx, java.util.Date notBefore, java.util.Date notAfter)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private static java.util.Collection<java.util.List<?>>
alternativeNameArrayToList(java.lang.Object[][] altNameArray)
void
checkValidity()
void
checkValidity(java.util.Date date)
boolean
equals(java.lang.Object other)
protected void
finalize()
static OpenSSLX509Certificate
fromCertificate(java.security.cert.Certificate cert)
static java.util.List<OpenSSLX509Certificate>
fromPkcs7DerInputStream(java.io.InputStream is)
static java.util.List<OpenSSLX509Certificate>
fromPkcs7PemInputStream(java.io.InputStream is)
static OpenSSLX509Certificate
fromX509Der(byte[] encoded)
static OpenSSLX509Certificate
fromX509DerInputStream(java.io.InputStream is)
static OpenSSLX509Certificate
fromX509PemInputStream(java.io.InputStream is)
int
getBasicConstraints()
long
getContext()
Returns the raw pointer to the X509 context for use in JNI calls.java.util.Set<java.lang.String>
getCriticalExtensionOIDs()
byte[]
getEncoded()
java.util.List<java.lang.String>
getExtendedKeyUsage()
byte[]
getExtensionValue(java.lang.String oid)
java.util.Collection<java.util.List<?>>
getIssuerAlternativeNames()
java.security.Principal
getIssuerDN()
boolean[]
getIssuerUniqueID()
javax.security.auth.x500.X500Principal
getIssuerX500Principal()
boolean[]
getKeyUsage()
java.util.Set<java.lang.String>
getNonCriticalExtensionOIDs()
java.util.Date
getNotAfter()
java.util.Date
getNotBefore()
java.security.PublicKey
getPublicKey()
java.math.BigInteger
getSerialNumber()
java.lang.String
getSigAlgName()
java.lang.String
getSigAlgOID()
byte[]
getSigAlgParams()
byte[]
getSignature()
java.util.Collection<java.util.List<?>>
getSubjectAlternativeNames()
java.security.Principal
getSubjectDN()
boolean[]
getSubjectUniqueID()
javax.security.auth.x500.X500Principal
getSubjectX500Principal()
byte[]
getTBSCertificate()
int
getVersion()
int
hashCode()
boolean
hasUnsupportedCriticalExtension()
private static java.util.Date
toDate(long asn1time)
java.lang.String
toString()
void
verify(java.security.PublicKey key)
void
verify(java.security.PublicKey key, java.lang.String sigProvider)
void
verify(java.security.PublicKey key, java.security.Provider sigProvider)
private void
verifyInternal(java.security.PublicKey key, java.lang.String sigProvider)
private void
verifyOpenSSL(OpenSSLKey pkey)
OpenSSLX509Certificate
withDeletedExtension(java.lang.String oid)
Delete an extension.
-
-
-
Field Detail
-
serialVersionUID
private static final long serialVersionUID
- See Also:
- Constant Field Values
-
mContext
private final transient long mContext
-
mHashCode
private transient java.lang.Integer mHashCode
-
notBefore
private final java.util.Date notBefore
-
notAfter
private final java.util.Date notAfter
-
-
Constructor Detail
-
OpenSSLX509Certificate
OpenSSLX509Certificate(long ctx) throws OpenSSLX509CertificateFactory.ParsingException
-
OpenSSLX509Certificate
private OpenSSLX509Certificate(long ctx, java.util.Date notBefore, java.util.Date notAfter)
-
-
Method Detail
-
toDate
private static java.util.Date toDate(long asn1time) throws OpenSSLX509CertificateFactory.ParsingException
-
fromX509DerInputStream
public static OpenSSLX509Certificate fromX509DerInputStream(java.io.InputStream is) throws OpenSSLX509CertificateFactory.ParsingException
-
fromX509Der
public static OpenSSLX509Certificate fromX509Der(byte[] encoded) throws java.security.cert.CertificateEncodingException
- Throws:
java.security.cert.CertificateEncodingException
-
fromPkcs7DerInputStream
public static java.util.List<OpenSSLX509Certificate> fromPkcs7DerInputStream(java.io.InputStream is) throws OpenSSLX509CertificateFactory.ParsingException
-
fromX509PemInputStream
public static OpenSSLX509Certificate fromX509PemInputStream(java.io.InputStream is) throws OpenSSLX509CertificateFactory.ParsingException
-
fromPkcs7PemInputStream
public static java.util.List<OpenSSLX509Certificate> fromPkcs7PemInputStream(java.io.InputStream is) throws OpenSSLX509CertificateFactory.ParsingException
-
fromCertificate
public static OpenSSLX509Certificate fromCertificate(java.security.cert.Certificate cert) throws java.security.cert.CertificateEncodingException
- Throws:
java.security.cert.CertificateEncodingException
-
getCriticalExtensionOIDs
public java.util.Set<java.lang.String> getCriticalExtensionOIDs()
-
getExtensionValue
public byte[] getExtensionValue(java.lang.String oid)
-
getNonCriticalExtensionOIDs
public java.util.Set<java.lang.String> getNonCriticalExtensionOIDs()
-
hasUnsupportedCriticalExtension
public boolean hasUnsupportedCriticalExtension()
-
checkValidity
public void checkValidity() throws java.security.cert.CertificateExpiredException, java.security.cert.CertificateNotYetValidException
- Specified by:
checkValidity
in classjava.security.cert.X509Certificate
- Throws:
java.security.cert.CertificateExpiredException
java.security.cert.CertificateNotYetValidException
-
checkValidity
public void checkValidity(java.util.Date date) throws java.security.cert.CertificateExpiredException, java.security.cert.CertificateNotYetValidException
- Specified by:
checkValidity
in classjava.security.cert.X509Certificate
- Throws:
java.security.cert.CertificateExpiredException
java.security.cert.CertificateNotYetValidException
-
getVersion
public int getVersion()
- Specified by:
getVersion
in classjava.security.cert.X509Certificate
-
getSerialNumber
public java.math.BigInteger getSerialNumber()
- Specified by:
getSerialNumber
in classjava.security.cert.X509Certificate
-
getIssuerDN
public java.security.Principal getIssuerDN()
- Specified by:
getIssuerDN
in classjava.security.cert.X509Certificate
-
getSubjectDN
public java.security.Principal getSubjectDN()
- Specified by:
getSubjectDN
in classjava.security.cert.X509Certificate
-
getNotBefore
public java.util.Date getNotBefore()
- Specified by:
getNotBefore
in classjava.security.cert.X509Certificate
-
getNotAfter
public java.util.Date getNotAfter()
- Specified by:
getNotAfter
in classjava.security.cert.X509Certificate
-
getTBSCertificate
public byte[] getTBSCertificate() throws java.security.cert.CertificateEncodingException
- Specified by:
getTBSCertificate
in classjava.security.cert.X509Certificate
- Throws:
java.security.cert.CertificateEncodingException
-
getSignature
public byte[] getSignature()
- Specified by:
getSignature
in classjava.security.cert.X509Certificate
-
getSigAlgName
public java.lang.String getSigAlgName()
- Specified by:
getSigAlgName
in classjava.security.cert.X509Certificate
-
getSigAlgOID
public java.lang.String getSigAlgOID()
- Specified by:
getSigAlgOID
in classjava.security.cert.X509Certificate
-
getSigAlgParams
public byte[] getSigAlgParams()
- Specified by:
getSigAlgParams
in classjava.security.cert.X509Certificate
-
getIssuerUniqueID
public boolean[] getIssuerUniqueID()
- Specified by:
getIssuerUniqueID
in classjava.security.cert.X509Certificate
-
getSubjectUniqueID
public boolean[] getSubjectUniqueID()
- Specified by:
getSubjectUniqueID
in classjava.security.cert.X509Certificate
-
getKeyUsage
public boolean[] getKeyUsage()
- Specified by:
getKeyUsage
in classjava.security.cert.X509Certificate
-
getBasicConstraints
public int getBasicConstraints()
- Specified by:
getBasicConstraints
in classjava.security.cert.X509Certificate
-
getEncoded
public byte[] getEncoded() throws java.security.cert.CertificateEncodingException
- Specified by:
getEncoded
in classjava.security.cert.Certificate
- Throws:
java.security.cert.CertificateEncodingException
-
verifyOpenSSL
private void verifyOpenSSL(OpenSSLKey pkey) throws java.security.cert.CertificateException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, java.security.SignatureException
- Throws:
java.security.cert.CertificateException
java.security.NoSuchAlgorithmException
java.security.InvalidKeyException
java.security.SignatureException
-
verifyInternal
private void verifyInternal(java.security.PublicKey key, java.lang.String sigProvider) throws java.security.cert.CertificateException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, java.security.NoSuchProviderException, java.security.SignatureException
- Throws:
java.security.cert.CertificateException
java.security.NoSuchAlgorithmException
java.security.InvalidKeyException
java.security.NoSuchProviderException
java.security.SignatureException
-
verify
public void verify(java.security.PublicKey key) throws java.security.cert.CertificateException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, java.security.NoSuchProviderException, java.security.SignatureException
- Specified by:
verify
in classjava.security.cert.Certificate
- Throws:
java.security.cert.CertificateException
java.security.NoSuchAlgorithmException
java.security.InvalidKeyException
java.security.NoSuchProviderException
java.security.SignatureException
-
verify
public void verify(java.security.PublicKey key, java.lang.String sigProvider) throws java.security.cert.CertificateException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, java.security.NoSuchProviderException, java.security.SignatureException
- Specified by:
verify
in classjava.security.cert.Certificate
- Throws:
java.security.cert.CertificateException
java.security.NoSuchAlgorithmException
java.security.InvalidKeyException
java.security.NoSuchProviderException
java.security.SignatureException
-
verify
public void verify(java.security.PublicKey key, java.security.Provider sigProvider) throws java.security.cert.CertificateException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, java.security.SignatureException
- Overrides:
verify
in classjava.security.cert.X509Certificate
- Throws:
java.security.cert.CertificateException
java.security.NoSuchAlgorithmException
java.security.InvalidKeyException
java.security.SignatureException
-
toString
public java.lang.String toString()
- Specified by:
toString
in classjava.security.cert.Certificate
-
getPublicKey
public java.security.PublicKey getPublicKey()
- Specified by:
getPublicKey
in classjava.security.cert.Certificate
-
getIssuerX500Principal
public javax.security.auth.x500.X500Principal getIssuerX500Principal()
- Overrides:
getIssuerX500Principal
in classjava.security.cert.X509Certificate
-
getSubjectX500Principal
public javax.security.auth.x500.X500Principal getSubjectX500Principal()
- Overrides:
getSubjectX500Principal
in classjava.security.cert.X509Certificate
-
getExtendedKeyUsage
public java.util.List<java.lang.String> getExtendedKeyUsage() throws java.security.cert.CertificateParsingException
- Overrides:
getExtendedKeyUsage
in classjava.security.cert.X509Certificate
- Throws:
java.security.cert.CertificateParsingException
-
alternativeNameArrayToList
private static java.util.Collection<java.util.List<?>> alternativeNameArrayToList(java.lang.Object[][] altNameArray)
-
getSubjectAlternativeNames
public java.util.Collection<java.util.List<?>> getSubjectAlternativeNames() throws java.security.cert.CertificateParsingException
- Overrides:
getSubjectAlternativeNames
in classjava.security.cert.X509Certificate
- Throws:
java.security.cert.CertificateParsingException
-
getIssuerAlternativeNames
public java.util.Collection<java.util.List<?>> getIssuerAlternativeNames() throws java.security.cert.CertificateParsingException
- Overrides:
getIssuerAlternativeNames
in classjava.security.cert.X509Certificate
- Throws:
java.security.cert.CertificateParsingException
-
equals
public boolean equals(java.lang.Object other)
- Overrides:
equals
in classjava.security.cert.Certificate
-
hashCode
public int hashCode()
- Overrides:
hashCode
in classjava.security.cert.Certificate
-
getContext
public long getContext()
Returns the raw pointer to the X509 context for use in JNI calls. The life cycle of this native pointer is managed by theOpenSSLX509Certificate
instance and must not be destroyed or freed by users of this API.
-
withDeletedExtension
public OpenSSLX509Certificate withDeletedExtension(java.lang.String oid)
Delete an extension. A modified copy of the certificate is returned. The original object is unchanged. If the extension is not present, an unmodified copy is returned.
-
finalize
protected void finalize() throws java.lang.Throwable
- Overrides:
finalize
in classjava.lang.Object
- Throws:
java.lang.Throwable
-
-