View Javadoc
1   /*
2    * Copyright 2015 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty5.handler.ssl.util;
17  
18  import javax.security.cert.CertificateException;
19  import javax.security.cert.CertificateExpiredException;
20  import javax.security.cert.CertificateNotYetValidException;
21  import javax.security.cert.X509Certificate;
22  import java.math.BigInteger;
23  import java.security.InvalidKeyException;
24  import java.security.NoSuchAlgorithmException;
25  import java.security.NoSuchProviderException;
26  import java.security.Principal;
27  import java.security.PublicKey;
28  import java.security.SignatureException;
29  import java.util.Date;
30  
31  import static java.util.Objects.requireNonNull;
32  
33  public final class LazyJavaxX509Certificate extends X509Certificate {
34      private final byte[] bytes;
35      private X509Certificate wrapped;
36  
37      /**
38       * Creates a new instance which will lazy parse the given bytes. Be aware that the bytes will not be cloned.
39       */
40      public LazyJavaxX509Certificate(byte[] bytes) {
41          this.bytes = requireNonNull(bytes, "bytes");
42      }
43  
44      @Override
45      public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
46          unwrap().checkValidity();
47      }
48  
49      @Override
50      public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
51          unwrap().checkValidity(date);
52      }
53  
54      @Override
55      public int getVersion() {
56          return unwrap().getVersion();
57      }
58  
59      @Override
60      public BigInteger getSerialNumber() {
61          return unwrap().getSerialNumber();
62      }
63  
64      @Override
65      public Principal getIssuerDN() {
66          return unwrap().getIssuerDN();
67      }
68  
69      @Override
70      public Principal getSubjectDN() {
71          return unwrap().getSubjectDN();
72      }
73  
74      @Override
75      public Date getNotBefore() {
76          return unwrap().getNotBefore();
77      }
78  
79      @Override
80      public Date getNotAfter() {
81          return unwrap().getNotAfter();
82      }
83  
84      @Override
85      public String getSigAlgName() {
86          return unwrap().getSigAlgName();
87      }
88  
89      @Override
90      public String getSigAlgOID() {
91          return unwrap().getSigAlgOID();
92      }
93  
94      @Override
95      public byte[] getSigAlgParams() {
96          return unwrap().getSigAlgParams();
97      }
98  
99      @Override
100     public byte[] getEncoded() {
101         return bytes.clone();
102     }
103 
104     /**
105      * Return the underlying {@code byte[]} without cloning it first. This {@code byte[]} <strong>must</strong> never
106      * be mutated.
107      */
108     @SuppressWarnings("AssignmentOrReturnOfFieldWithMutableType")
109     byte[] getBytes() {
110         return bytes;
111     }
112 
113     @Override
114     public void verify(PublicKey key)
115             throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException,
116                    SignatureException {
117         unwrap().verify(key);
118     }
119 
120     @Override
121     public void verify(PublicKey key, String sigProvider)
122             throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException,
123                    SignatureException {
124         unwrap().verify(key, sigProvider);
125     }
126 
127     @Override
128     public String toString() {
129         return unwrap().toString();
130     }
131 
132     @Override
133     public PublicKey getPublicKey() {
134         return unwrap().getPublicKey();
135     }
136 
137     private X509Certificate unwrap() {
138         X509Certificate wrapped = this.wrapped;
139         if (wrapped == null) {
140             try {
141                 wrapped = this.wrapped = X509Certificate.getInstance(bytes);
142             } catch (CertificateException e) {
143                 throw new IllegalStateException(e);
144             }
145         }
146         return wrapped;
147     }
148 }