View Javadoc
1   /*
2    * Copyright 2014 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty.handler.ssl;
17  
18  import javax.security.auth.x500.X500Principal;
19  import java.io.ByteArrayInputStream;
20  import java.math.BigInteger;
21  import java.security.InvalidKeyException;
22  import java.security.NoSuchAlgorithmException;
23  import java.security.NoSuchProviderException;
24  import java.security.Principal;
25  import java.security.Provider;
26  import java.security.PublicKey;
27  import java.security.SignatureException;
28  import java.security.cert.CertificateEncodingException;
29  import java.security.cert.CertificateException;
30  import java.security.cert.CertificateExpiredException;
31  import java.security.cert.CertificateNotYetValidException;
32  import java.security.cert.CertificateParsingException;
33  import java.security.cert.X509Certificate;
34  import java.util.Collection;
35  import java.util.Date;
36  import java.util.List;
37  import java.util.Set;
38  
39  final class OpenSslX509Certificate extends X509Certificate {
40  
41      private final byte[] bytes;
42      private X509Certificate wrapped;
43  
44      public OpenSslX509Certificate(byte[] bytes) {
45          this.bytes = bytes;
46      }
47  
48      @Override
49      public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
50          unwrap().checkValidity();
51      }
52  
53      @Override
54      public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
55          unwrap().checkValidity(date);
56      }
57  
58      @Override
59      public X500Principal getIssuerX500Principal() {
60          return unwrap().getIssuerX500Principal();
61      }
62  
63      @Override
64      public X500Principal getSubjectX500Principal() {
65          return unwrap().getSubjectX500Principal();
66      }
67  
68      @Override
69      public List<String> getExtendedKeyUsage() throws CertificateParsingException {
70          return unwrap().getExtendedKeyUsage();
71      }
72  
73      @Override
74      public Collection<List<?>> getSubjectAlternativeNames() throws CertificateParsingException {
75          return unwrap().getSubjectAlternativeNames();
76      }
77  
78      @Override
79      public Collection<List<?>> getIssuerAlternativeNames() throws CertificateParsingException {
80          return unwrap().getSubjectAlternativeNames();
81      }
82  
83      // No @Override annotation as it was only introduced in Java8.
84      public void verify(PublicKey key, Provider sigProvider)
85              throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
86          unwrap().verify(key, sigProvider);
87      }
88  
89      @Override
90      public int getVersion() {
91          return unwrap().getVersion();
92      }
93  
94      @Override
95      public BigInteger getSerialNumber() {
96          return unwrap().getSerialNumber();
97      }
98  
99      @Override
100     public Principal getIssuerDN() {
101         return unwrap().getIssuerDN();
102     }
103 
104     @Override
105     public Principal getSubjectDN() {
106         return unwrap().getSubjectDN();
107     }
108 
109     @Override
110     public Date getNotBefore() {
111         return unwrap().getNotBefore();
112     }
113 
114     @Override
115     public Date getNotAfter() {
116         return unwrap().getNotAfter();
117     }
118 
119     @Override
120     public byte[] getTBSCertificate() throws CertificateEncodingException {
121         return unwrap().getTBSCertificate();
122     }
123 
124     @Override
125     public byte[] getSignature() {
126         return unwrap().getSignature();
127     }
128 
129     @Override
130     public String getSigAlgName() {
131         return unwrap().getSigAlgName();
132     }
133 
134     @Override
135     public String getSigAlgOID() {
136         return unwrap().getSigAlgOID();
137     }
138 
139     @Override
140     public byte[] getSigAlgParams() {
141         return unwrap().getSigAlgParams();
142     }
143 
144     @Override
145     public boolean[] getIssuerUniqueID() {
146         return unwrap().getIssuerUniqueID();
147     }
148 
149     @Override
150     public boolean[] getSubjectUniqueID() {
151         return unwrap().getSubjectUniqueID();
152     }
153 
154     @Override
155     public boolean[] getKeyUsage() {
156         return unwrap().getKeyUsage();
157     }
158 
159     @Override
160     public int getBasicConstraints() {
161         return unwrap().getBasicConstraints();
162     }
163 
164     @Override
165     public byte[] getEncoded() {
166         return bytes.clone();
167     }
168 
169     @Override
170     public void verify(PublicKey key)
171             throws CertificateException, NoSuchAlgorithmException,
172             InvalidKeyException, NoSuchProviderException, SignatureException {
173         unwrap().verify(key);
174     }
175 
176     @Override
177     public void verify(PublicKey key, String sigProvider)
178             throws CertificateException, NoSuchAlgorithmException, InvalidKeyException,
179             NoSuchProviderException, SignatureException {
180         unwrap().verify(key, sigProvider);
181     }
182 
183     @Override
184     public String toString() {
185         return unwrap().toString();
186     }
187 
188     @Override
189     public PublicKey getPublicKey() {
190         return unwrap().getPublicKey();
191     }
192 
193     @Override
194     public boolean hasUnsupportedCriticalExtension() {
195         return unwrap().hasUnsupportedCriticalExtension();
196     }
197 
198     @Override
199     public Set<String> getCriticalExtensionOIDs() {
200         return unwrap().getCriticalExtensionOIDs();
201     }
202 
203     @Override
204     public Set<String> getNonCriticalExtensionOIDs() {
205         return unwrap().getNonCriticalExtensionOIDs();
206     }
207 
208     @Override
209     public byte[] getExtensionValue(String oid) {
210         return unwrap().getExtensionValue(oid);
211     }
212 
213     private X509Certificate unwrap() {
214         X509Certificate wrapped = this.wrapped;
215         if (wrapped == null) {
216             try {
217                 wrapped = this.wrapped = (X509Certificate) SslContext.X509_CERT_FACTORY.generateCertificate(
218                         new ByteArrayInputStream(bytes));
219             } catch (CertificateException e) {
220                 throw new IllegalStateException(e);
221             }
222         }
223         return wrapped;
224     }
225 }