View Javadoc
1   /*
2    * Copyright 2015 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty.handler.ssl.util;
17  
18  import io.netty.util.internal.ObjectUtil;
19  
20  import javax.security.cert.CertificateException;
21  import javax.security.cert.CertificateExpiredException;
22  import javax.security.cert.CertificateNotYetValidException;
23  import javax.security.cert.X509Certificate;
24  import java.math.BigInteger;
25  import java.security.InvalidKeyException;
26  import java.security.NoSuchAlgorithmException;
27  import java.security.NoSuchProviderException;
28  import java.security.Principal;
29  import java.security.PublicKey;
30  import java.security.SignatureException;
31  import java.util.Date;
32  
33  public final class LazyJavaxX509Certificate extends X509Certificate {
34      private final byte[] bytes;
35      private X509Certificate wrapped;
36  
37      /**
38       * Creates a new instance which will lazy parse the given bytes. Be aware that the bytes will not be cloned.
39       */
40      public LazyJavaxX509Certificate(byte[] bytes) {
41          this.bytes = ObjectUtil.checkNotNull(bytes, "bytes");
42      }
43  
44      @Override
45      public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
46          unwrap().checkValidity();
47      }
48  
49      @Override
50      public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
51          unwrap().checkValidity(date);
52      }
53  
54      @Override
55      public int getVersion() {
56          return unwrap().getVersion();
57      }
58  
59      @Override
60      public BigInteger getSerialNumber() {
61          return unwrap().getSerialNumber();
62      }
63  
64      @Override
65      public Principal getIssuerDN() {
66          return unwrap().getIssuerDN();
67      }
68  
69      @Override
70      public Principal getSubjectDN() {
71          return unwrap().getSubjectDN();
72      }
73  
74      @Override
75      public Date getNotBefore() {
76          return unwrap().getNotBefore();
77      }
78  
79      @Override
80      public Date getNotAfter() {
81          return unwrap().getNotAfter();
82      }
83  
84      @Override
85      public String getSigAlgName() {
86          return unwrap().getSigAlgName();
87      }
88  
89      @Override
90      public String getSigAlgOID() {
91          return unwrap().getSigAlgOID();
92      }
93  
94      @Override
95      public byte[] getSigAlgParams() {
96          return unwrap().getSigAlgParams();
97      }
98  
99      @Override
100     public byte[] getEncoded() {
101         return bytes.clone();
102     }
103 
104     /**
105      * Return the underyling {@code byte[]} without cloning it first. This {@code byte[]} <strong>must</strong> never
106      * be mutated.
107      */
108     byte[] getBytes() {
109         return bytes;
110     }
111 
112     @Override
113     public void verify(PublicKey key)
114             throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException,
115                    SignatureException {
116         unwrap().verify(key);
117     }
118 
119     @Override
120     public void verify(PublicKey key, String sigProvider)
121             throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException,
122                    SignatureException {
123         unwrap().verify(key, sigProvider);
124     }
125 
126     @Override
127     public String toString() {
128         return unwrap().toString();
129     }
130 
131     @Override
132     public PublicKey getPublicKey() {
133         return unwrap().getPublicKey();
134     }
135 
136     private X509Certificate unwrap() {
137         X509Certificate wrapped = this.wrapped;
138         if (wrapped == null) {
139             try {
140                 wrapped = this.wrapped = X509Certificate.getInstance(bytes);
141             } catch (CertificateException e) {
142                 throw new IllegalStateException(e);
143             }
144         }
145         return wrapped;
146     }
147 }