1 /* 2 * Copyright (C) 2006 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.net.http; 18 19 import java.security.cert.X509Certificate; 20 21 /** 22 * One or more individual SSL errors and the associated SSL certificate 23 * 24 * {@hide} 25 */ 26 public class SslError { 27 28 /** 29 * Individual SSL errors (in the order from the least to the most severe): 30 */ 31 32 /** 33 * The certificate is not yet valid 34 */ 35 public static final int SSL_NOTYETVALID = 0; 36 /** 37 * The certificate has expired 38 */ 39 public static final int SSL_EXPIRED = 1; 40 /** 41 * Hostname mismatch 42 */ 43 public static final int SSL_IDMISMATCH = 2; 44 /** 45 * The certificate authority is not trusted 46 */ 47 public static final int SSL_UNTRUSTED = 3; 48 49 50 /** 51 * The number of different SSL errors (update if you add a new SSL error!!!) 52 */ 53 public static final int SSL_MAX_ERROR = 4; 54 55 /** 56 * The SSL error set bitfield (each individual error is an bit index; 57 * multiple individual errors can be OR-ed) 58 */ 59 int mErrors; 60 61 /** 62 * The SSL certificate associated with the error set 63 */ 64 SslCertificate mCertificate; 65 66 /** 67 * Creates a new SSL error set object 68 * @param error The SSL error 69 * @param certificate The associated SSL certificate 70 */ SslError(int error, SslCertificate certificate)71 public SslError(int error, SslCertificate certificate) { 72 addError(error); 73 mCertificate = certificate; 74 } 75 76 /** 77 * Creates a new SSL error set object 78 * @param error The SSL error 79 * @param certificate The associated SSL certificate 80 */ SslError(int error, X509Certificate certificate)81 public SslError(int error, X509Certificate certificate) { 82 addError(error); 83 mCertificate = new SslCertificate(certificate); 84 } 85 86 /** 87 * @return The SSL certificate associated with the error set 88 */ getCertificate()89 public SslCertificate getCertificate() { 90 return mCertificate; 91 } 92 93 /** 94 * Adds the SSL error to the error set 95 * @param error The SSL error to add 96 * @return True iff the error being added is a known SSL error 97 */ addError(int error)98 public boolean addError(int error) { 99 boolean rval = (0 <= error && error < SslError.SSL_MAX_ERROR); 100 if (rval) { 101 mErrors |= (0x1 << error); 102 } 103 104 return rval; 105 } 106 107 /** 108 * @param error The SSL error to check 109 * @return True iff the set includes the error 110 */ hasError(int error)111 public boolean hasError(int error) { 112 boolean rval = (0 <= error && error < SslError.SSL_MAX_ERROR); 113 if (rval) { 114 rval = ((mErrors & (0x1 << error)) != 0); 115 } 116 117 return rval; 118 } 119 120 /** 121 * @return The primary, most severe, SSL error in the set 122 */ getPrimaryError()123 public int getPrimaryError() { 124 if (mErrors != 0) { 125 // go from the most to the least severe errors 126 for (int error = SslError.SSL_MAX_ERROR - 1; error >= 0; --error) { 127 if ((mErrors & (0x1 << error)) != 0) { 128 return error; 129 } 130 } 131 } 132 133 return 0; 134 } 135 136 /** 137 * @return A String representation of this SSL error object 138 * (used mostly for debugging). 139 */ toString()140 public String toString() { 141 return "primary error: " + getPrimaryError() + 142 " certificate: " + getCertificate(); 143 } 144 } 145