Package org.conscrypt
Class OpenSSLX509Certificate
java.lang.Object
java.security.cert.Certificate
java.security.cert.X509Certificate
org.conscrypt.OpenSSLX509Certificate
- All Implemented Interfaces:
Serializable
,X509Extension
An implementation of
X509Certificate
based on BoringSSL.- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from class java.security.cert.Certificate
Certificate.CertificateRep
-
Field Summary
Fields -
Constructor Summary
ConstructorsModifierConstructorDescription(package private)
OpenSSLX509Certificate
(long ctx) private
OpenSSLX509Certificate
(long ctx, Date notBefore, Date notAfter) -
Method Summary
Modifier and TypeMethodDescriptionprivate static Collection
<List<?>> alternativeNameArrayToList
(Object[][] altNameArray) void
void
checkValidity
(Date date) boolean
protected void
finalize()
static OpenSSLX509Certificate
fromCertificate
(Certificate cert) static List
<OpenSSLX509Certificate> static List
<OpenSSLX509Certificate> static OpenSSLX509Certificate
fromX509Der
(byte[] encoded) static OpenSSLX509Certificate
static OpenSSLX509Certificate
int
long
Returns the raw pointer to the X509 context for use in JNI calls.byte[]
byte[]
getExtensionValue
(String oid) Collection
<List<?>> boolean[]
boolean[]
byte[]
byte[]
Collection
<List<?>> boolean[]
byte[]
int
int
hashCode()
boolean
private static Date
toDate
(long asn1time) toString()
void
void
void
private void
verifyInternal
(PublicKey key, String sigProvider) private void
verifyOpenSSL
(OpenSSLKey pkey) Delete an extension.Methods inherited from class java.security.cert.Certificate
getType, writeReplace
-
Field Details
-
serialVersionUID
private static final long serialVersionUID- See Also:
-
mContext
private final transient long mContext -
mHashCode
-
notBefore
-
notAfter
-
-
Constructor Details
-
OpenSSLX509Certificate
OpenSSLX509Certificate(long ctx) throws OpenSSLX509CertificateFactory.ParsingException -
OpenSSLX509Certificate
-
-
Method Details
-
toDate
-
fromX509DerInputStream
public static OpenSSLX509Certificate fromX509DerInputStream(InputStream is) throws OpenSSLX509CertificateFactory.ParsingException -
fromX509Der
public static OpenSSLX509Certificate fromX509Der(byte[] encoded) throws CertificateEncodingException - Throws:
CertificateEncodingException
-
fromPkcs7DerInputStream
public static List<OpenSSLX509Certificate> fromPkcs7DerInputStream(InputStream is) throws OpenSSLX509CertificateFactory.ParsingException -
fromX509PemInputStream
public static OpenSSLX509Certificate fromX509PemInputStream(InputStream is) throws OpenSSLX509CertificateFactory.ParsingException -
fromPkcs7PemInputStream
public static List<OpenSSLX509Certificate> fromPkcs7PemInputStream(InputStream is) throws OpenSSLX509CertificateFactory.ParsingException -
fromCertificate
public static OpenSSLX509Certificate fromCertificate(Certificate cert) throws CertificateEncodingException - Throws:
CertificateEncodingException
-
getCriticalExtensionOIDs
-
getExtensionValue
-
getNonCriticalExtensionOIDs
-
hasUnsupportedCriticalExtension
public boolean hasUnsupportedCriticalExtension() -
checkValidity
- Specified by:
checkValidity
in classX509Certificate
- Throws:
CertificateExpiredException
CertificateNotYetValidException
-
checkValidity
public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException - Specified by:
checkValidity
in classX509Certificate
- Throws:
CertificateExpiredException
CertificateNotYetValidException
-
getVersion
public int getVersion()- Specified by:
getVersion
in classX509Certificate
-
getSerialNumber
- Specified by:
getSerialNumber
in classX509Certificate
-
getIssuerDN
- Specified by:
getIssuerDN
in classX509Certificate
-
getSubjectDN
- Specified by:
getSubjectDN
in classX509Certificate
-
getNotBefore
- Specified by:
getNotBefore
in classX509Certificate
-
getNotAfter
- Specified by:
getNotAfter
in classX509Certificate
-
getTBSCertificate
- Specified by:
getTBSCertificate
in classX509Certificate
- Throws:
CertificateEncodingException
-
getSignature
public byte[] getSignature()- Specified by:
getSignature
in classX509Certificate
-
getSigAlgName
- Specified by:
getSigAlgName
in classX509Certificate
-
getSigAlgOID
- Specified by:
getSigAlgOID
in classX509Certificate
-
getSigAlgParams
public byte[] getSigAlgParams()- Specified by:
getSigAlgParams
in classX509Certificate
-
getIssuerUniqueID
public boolean[] getIssuerUniqueID()- Specified by:
getIssuerUniqueID
in classX509Certificate
-
getSubjectUniqueID
public boolean[] getSubjectUniqueID()- Specified by:
getSubjectUniqueID
in classX509Certificate
-
getKeyUsage
public boolean[] getKeyUsage()- Specified by:
getKeyUsage
in classX509Certificate
-
getBasicConstraints
public int getBasicConstraints()- Specified by:
getBasicConstraints
in classX509Certificate
-
getEncoded
- Specified by:
getEncoded
in classCertificate
- Throws:
CertificateEncodingException
-
verifyOpenSSL
private void verifyOpenSSL(OpenSSLKey pkey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException -
verifyInternal
private void verifyInternal(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException -
verify
public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException - Specified by:
verify
in classCertificate
- Throws:
CertificateException
NoSuchAlgorithmException
InvalidKeyException
NoSuchProviderException
SignatureException
-
verify
public void verify(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException - Specified by:
verify
in classCertificate
- Throws:
CertificateException
NoSuchAlgorithmException
InvalidKeyException
NoSuchProviderException
SignatureException
-
verify
public void verify(PublicKey key, Provider sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException - Overrides:
verify
in classX509Certificate
- Throws:
CertificateException
NoSuchAlgorithmException
InvalidKeyException
SignatureException
-
toString
- Specified by:
toString
in classCertificate
-
getPublicKey
- Specified by:
getPublicKey
in classCertificate
-
getIssuerX500Principal
- Overrides:
getIssuerX500Principal
in classX509Certificate
-
getSubjectX500Principal
- Overrides:
getSubjectX500Principal
in classX509Certificate
-
getExtendedKeyUsage
- Overrides:
getExtendedKeyUsage
in classX509Certificate
- Throws:
CertificateParsingException
-
alternativeNameArrayToList
-
getSubjectAlternativeNames
- Overrides:
getSubjectAlternativeNames
in classX509Certificate
- Throws:
CertificateParsingException
-
getIssuerAlternativeNames
- Overrides:
getIssuerAlternativeNames
in classX509Certificate
- Throws:
CertificateParsingException
-
equals
- Overrides:
equals
in classCertificate
-
hashCode
public int hashCode()- Overrides:
hashCode
in classCertificate
-
getContext
public long getContext()Returns the raw pointer to the X509 context for use in JNI calls. The life cycle of this native pointer is managed by theOpenSSLX509Certificate
instance and must not be destroyed or freed by users of this API. -
withDeletedExtension
Delete an extension. A modified copy of the certificate is returned. The original object is unchanged. If the extension is not present, an unmodified copy is returned. -
finalize
-