Package org.conscrypt

Class OpenSSLX509Certificate

  • All Implemented Interfaces:
    java.io.Serializable, java.security.cert.X509Extension

    @Internal
    public final class OpenSSLX509Certificate
    extends java.security.cert.X509Certificate
    An implementation of X509Certificate based on BoringSSL.
    See Also:
    Serialized Form
    • Field Detail

      • mContext

        private final transient long mContext
      • mHashCode

        private transient java.lang.Integer mHashCode
      • notBefore

        private final java.util.Date notBefore
      • notAfter

        private final java.util.Date notAfter
    • Method Detail

      • fromX509Der

        public static OpenSSLX509Certificate fromX509Der​(byte[] encoded)
                                                  throws java.security.cert.CertificateEncodingException
        Throws:
        java.security.cert.CertificateEncodingException
      • fromCertificate

        public static OpenSSLX509Certificate fromCertificate​(java.security.cert.Certificate cert)
                                                      throws java.security.cert.CertificateEncodingException
        Throws:
        java.security.cert.CertificateEncodingException
      • getCriticalExtensionOIDs

        public java.util.Set<java.lang.String> getCriticalExtensionOIDs()
      • getExtensionValue

        public byte[] getExtensionValue​(java.lang.String oid)
      • getNonCriticalExtensionOIDs

        public java.util.Set<java.lang.String> getNonCriticalExtensionOIDs()
      • hasUnsupportedCriticalExtension

        public boolean hasUnsupportedCriticalExtension()
      • checkValidity

        public void checkValidity()
                           throws java.security.cert.CertificateExpiredException,
                                  java.security.cert.CertificateNotYetValidException
        Specified by:
        checkValidity in class java.security.cert.X509Certificate
        Throws:
        java.security.cert.CertificateExpiredException
        java.security.cert.CertificateNotYetValidException
      • checkValidity

        public void checkValidity​(java.util.Date date)
                           throws java.security.cert.CertificateExpiredException,
                                  java.security.cert.CertificateNotYetValidException
        Specified by:
        checkValidity in class java.security.cert.X509Certificate
        Throws:
        java.security.cert.CertificateExpiredException
        java.security.cert.CertificateNotYetValidException
      • getVersion

        public int getVersion()
        Specified by:
        getVersion in class java.security.cert.X509Certificate
      • getSerialNumber

        public java.math.BigInteger getSerialNumber()
        Specified by:
        getSerialNumber in class java.security.cert.X509Certificate
      • getIssuerDN

        public java.security.Principal getIssuerDN()
        Specified by:
        getIssuerDN in class java.security.cert.X509Certificate
      • getSubjectDN

        public java.security.Principal getSubjectDN()
        Specified by:
        getSubjectDN in class java.security.cert.X509Certificate
      • getNotBefore

        public java.util.Date getNotBefore()
        Specified by:
        getNotBefore in class java.security.cert.X509Certificate
      • getNotAfter

        public java.util.Date getNotAfter()
        Specified by:
        getNotAfter in class java.security.cert.X509Certificate
      • getTBSCertificate

        public byte[] getTBSCertificate()
                                 throws java.security.cert.CertificateEncodingException
        Specified by:
        getTBSCertificate in class java.security.cert.X509Certificate
        Throws:
        java.security.cert.CertificateEncodingException
      • getSignature

        public byte[] getSignature()
        Specified by:
        getSignature in class java.security.cert.X509Certificate
      • getSigAlgName

        public java.lang.String getSigAlgName()
        Specified by:
        getSigAlgName in class java.security.cert.X509Certificate
      • getSigAlgOID

        public java.lang.String getSigAlgOID()
        Specified by:
        getSigAlgOID in class java.security.cert.X509Certificate
      • getSigAlgParams

        public byte[] getSigAlgParams()
        Specified by:
        getSigAlgParams in class java.security.cert.X509Certificate
      • getIssuerUniqueID

        public boolean[] getIssuerUniqueID()
        Specified by:
        getIssuerUniqueID in class java.security.cert.X509Certificate
      • getSubjectUniqueID

        public boolean[] getSubjectUniqueID()
        Specified by:
        getSubjectUniqueID in class java.security.cert.X509Certificate
      • getKeyUsage

        public boolean[] getKeyUsage()
        Specified by:
        getKeyUsage in class java.security.cert.X509Certificate
      • getBasicConstraints

        public int getBasicConstraints()
        Specified by:
        getBasicConstraints in class java.security.cert.X509Certificate
      • getEncoded

        public byte[] getEncoded()
                          throws java.security.cert.CertificateEncodingException
        Specified by:
        getEncoded in class java.security.cert.Certificate
        Throws:
        java.security.cert.CertificateEncodingException
      • verifyOpenSSL

        private void verifyOpenSSL​(OpenSSLKey pkey)
                            throws java.security.cert.CertificateException,
                                   java.security.NoSuchAlgorithmException,
                                   java.security.InvalidKeyException,
                                   java.security.SignatureException
        Throws:
        java.security.cert.CertificateException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
        java.security.SignatureException
      • verifyInternal

        private void verifyInternal​(java.security.PublicKey key,
                                    java.lang.String sigProvider)
                             throws java.security.cert.CertificateException,
                                    java.security.NoSuchAlgorithmException,
                                    java.security.InvalidKeyException,
                                    java.security.NoSuchProviderException,
                                    java.security.SignatureException
        Throws:
        java.security.cert.CertificateException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
        java.security.NoSuchProviderException
        java.security.SignatureException
      • verify

        public void verify​(java.security.PublicKey key)
                    throws java.security.cert.CertificateException,
                           java.security.NoSuchAlgorithmException,
                           java.security.InvalidKeyException,
                           java.security.NoSuchProviderException,
                           java.security.SignatureException
        Specified by:
        verify in class java.security.cert.Certificate
        Throws:
        java.security.cert.CertificateException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
        java.security.NoSuchProviderException
        java.security.SignatureException
      • verify

        public void verify​(java.security.PublicKey key,
                           java.lang.String sigProvider)
                    throws java.security.cert.CertificateException,
                           java.security.NoSuchAlgorithmException,
                           java.security.InvalidKeyException,
                           java.security.NoSuchProviderException,
                           java.security.SignatureException
        Specified by:
        verify in class java.security.cert.Certificate
        Throws:
        java.security.cert.CertificateException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
        java.security.NoSuchProviderException
        java.security.SignatureException
      • verify

        public void verify​(java.security.PublicKey key,
                           java.security.Provider sigProvider)
                    throws java.security.cert.CertificateException,
                           java.security.NoSuchAlgorithmException,
                           java.security.InvalidKeyException,
                           java.security.SignatureException
        Overrides:
        verify in class java.security.cert.X509Certificate
        Throws:
        java.security.cert.CertificateException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
        java.security.SignatureException
      • toString

        public java.lang.String toString()
        Specified by:
        toString in class java.security.cert.Certificate
      • getPublicKey

        public java.security.PublicKey getPublicKey()
        Specified by:
        getPublicKey in class java.security.cert.Certificate
      • getIssuerX500Principal

        public javax.security.auth.x500.X500Principal getIssuerX500Principal()
        Overrides:
        getIssuerX500Principal in class java.security.cert.X509Certificate
      • getSubjectX500Principal

        public javax.security.auth.x500.X500Principal getSubjectX500Principal()
        Overrides:
        getSubjectX500Principal in class java.security.cert.X509Certificate
      • getExtendedKeyUsage

        public java.util.List<java.lang.String> getExtendedKeyUsage()
                                                             throws java.security.cert.CertificateParsingException
        Overrides:
        getExtendedKeyUsage in class java.security.cert.X509Certificate
        Throws:
        java.security.cert.CertificateParsingException
      • alternativeNameArrayToList

        private static java.util.Collection<java.util.List<?>> alternativeNameArrayToList​(java.lang.Object[][] altNameArray)
      • getSubjectAlternativeNames

        public java.util.Collection<java.util.List<?>> getSubjectAlternativeNames()
                                                                           throws java.security.cert.CertificateParsingException
        Overrides:
        getSubjectAlternativeNames in class java.security.cert.X509Certificate
        Throws:
        java.security.cert.CertificateParsingException
      • getIssuerAlternativeNames

        public java.util.Collection<java.util.List<?>> getIssuerAlternativeNames()
                                                                          throws java.security.cert.CertificateParsingException
        Overrides:
        getIssuerAlternativeNames in class java.security.cert.X509Certificate
        Throws:
        java.security.cert.CertificateParsingException
      • equals

        public boolean equals​(java.lang.Object other)
        Overrides:
        equals in class java.security.cert.Certificate
      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class java.security.cert.Certificate
      • getContext

        public long getContext()
        Returns the raw pointer to the X509 context for use in JNI calls. The life cycle of this native pointer is managed by the OpenSSLX509Certificate instance and must not be destroyed or freed by users of this API.
      • withDeletedExtension

        public OpenSSLX509Certificate withDeletedExtension​(java.lang.String oid)
        Delete an extension. A modified copy of the certificate is returned. The original object is unchanged. If the extension is not present, an unmodified copy is returned.
      • finalize

        protected void finalize()
                         throws java.lang.Throwable
        Overrides:
        finalize in class java.lang.Object
        Throws:
        java.lang.Throwable