• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.security.net.config;
18 
19 import android.util.ArraySet;
20 
21 import java.security.cert.X509Certificate;
22 import java.util.Set;
23 
24 /** @hide */
25 public final class CertificatesEntryRef {
26     private final CertificateSource mSource;
27     private final boolean mOverridesPins;
28     private final boolean mDisableCT;
29 
CertificatesEntryRef(CertificateSource source, boolean overridesPins, boolean disableCT)30     public CertificatesEntryRef(CertificateSource source, boolean overridesPins,
31             boolean disableCT) {
32         mSource = source;
33         mOverridesPins = overridesPins;
34         mDisableCT = disableCT;
35     }
36 
overridesPins()37     boolean overridesPins() {
38         return mOverridesPins;
39     }
40 
disableCT()41     boolean disableCT() {
42         return mDisableCT;
43     }
44 
getTrustAnchors()45     public Set<TrustAnchor> getTrustAnchors() {
46         // TODO: cache this [but handle mutable sources]
47         Set<TrustAnchor> anchors = new ArraySet<TrustAnchor>();
48         for (X509Certificate cert : mSource.getCertificates()) {
49             anchors.add(new TrustAnchor(cert, mOverridesPins));
50         }
51         return anchors;
52     }
53 
findBySubjectAndPublicKey(X509Certificate cert)54     public TrustAnchor findBySubjectAndPublicKey(X509Certificate cert) {
55         X509Certificate foundCert = mSource.findBySubjectAndPublicKey(cert);
56         if (foundCert == null) {
57             return null;
58         }
59 
60         return new TrustAnchor(foundCert, mOverridesPins);
61     }
62 
findByIssuerAndSignature(X509Certificate cert)63     public TrustAnchor findByIssuerAndSignature(X509Certificate cert) {
64         X509Certificate foundCert = mSource.findByIssuerAndSignature(cert);
65         if (foundCert == null) {
66             return null;
67         }
68 
69         return new TrustAnchor(foundCert, mOverridesPins);
70     }
71 
findAllCertificatesByIssuerAndSignature(X509Certificate cert)72     public Set<X509Certificate> findAllCertificatesByIssuerAndSignature(X509Certificate cert) {
73         return mSource.findAllByIssuerAndSignature(cert);
74     }
75 
handleTrustStorageUpdate()76     public void handleTrustStorageUpdate() {
77         mSource.handleTrustStorageUpdate();
78     }
79 }
80