• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package org.conscrypt.ct;
18 
19 import org.conscrypt.Internal;
20 
21 import java.util.ArrayList;
22 import java.util.Collections;
23 import java.util.EnumMap;
24 import java.util.List;
25 
26 /**
27  * Container for verified SignedCertificateTimestamp.
28  *
29  * getValidSCTs returns SCTs which were found to match a known log and for
30  * which the signature has been verified. There is no guarantee on the state of
31  * the log (e.g., getLogInfo.getState() may return STATE_UNKNOWN). Further
32  * verification on the compliance with the policy is performed in PolicyImpl.
33  */
34 @Internal
35 public class VerificationResult {
36     private final List<VerifiedSCT> validSCTs = new ArrayList<>();
37     private final List<VerifiedSCT> invalidSCTs = new ArrayList<>();
38     private final EnumMap<SignedCertificateTimestamp.Origin, Integer> count =
39             new EnumMap<>(SignedCertificateTimestamp.Origin.class);
40 
add(VerifiedSCT result)41     public void add(VerifiedSCT result) {
42         if (result.isValid()) {
43             validSCTs.add(result);
44         } else {
45             invalidSCTs.add(result);
46         }
47         SignedCertificateTimestamp.Origin origin = result.getSct().getOrigin();
48         Integer value = count.get(origin);
49         if (value == null) {
50             count.put(origin, 1);
51         } else {
52             count.put(origin, value + 1);
53         }
54     }
55 
getValidSCTs()56     public List<VerifiedSCT> getValidSCTs() {
57         return Collections.unmodifiableList(validSCTs);
58     }
59 
getInvalidSCTs()60     public List<VerifiedSCT> getInvalidSCTs() {
61         return Collections.unmodifiableList(invalidSCTs);
62     }
63 
numCertSCTs()64     public int numCertSCTs() {
65         Integer num = count.get(SignedCertificateTimestamp.Origin.EMBEDDED);
66         return (num == null ? 0 : num.intValue());
67     }
68 
numOCSPSCTs()69     public int numOCSPSCTs() {
70         Integer num = count.get(SignedCertificateTimestamp.Origin.OCSP_RESPONSE);
71         return (num == null ? 0 : num.intValue());
72     }
numTlsSCTs()73     public int numTlsSCTs() {
74         Integer num = count.get(SignedCertificateTimestamp.Origin.TLS_EXTENSION);
75         return (num == null ? 0 : num.intValue());
76     }
77 }
78