• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 package org.chromium.android_webview;
6 
7 import android.net.http.SslCertificate;
8 import android.net.http.SslError;
9 import android.util.Log;
10 
11 import org.chromium.net.NetError;
12 import org.chromium.net.X509Util;
13 
14 import java.security.KeyStoreException;
15 import java.security.NoSuchAlgorithmException;
16 import java.security.cert.CertificateException;
17 import java.security.cert.X509Certificate;
18 
19 public class SslUtil {
20     private static final String TAG = "SslUtil";
21 
22     /**
23      * Creates an SslError object from a chromium net error code.
24      */
sslErrorFromNetErrorCode(int error, SslCertificate cert, String url)25     public static SslError sslErrorFromNetErrorCode(int error, SslCertificate cert, String url) {
26         assert (error >= NetError.ERR_CERT_END && error <= NetError.ERR_CERT_COMMON_NAME_INVALID);
27         switch(error) {
28             case NetError.ERR_CERT_COMMON_NAME_INVALID:
29                 return new SslError(SslError.SSL_IDMISMATCH, cert, url);
30             case NetError.ERR_CERT_DATE_INVALID:
31                 return new SslError(SslError.SSL_DATE_INVALID, cert, url);
32             case NetError.ERR_CERT_AUTHORITY_INVALID:
33                 return new SslError(SslError.SSL_UNTRUSTED, cert, url);
34             default:
35                 break;
36         }
37         // Map all other codes to SSL_INVALID.
38         return new SslError(SslError.SSL_INVALID, cert, url);
39     }
40 
getCertificateFromDerBytes(byte[] derBytes)41     public static SslCertificate getCertificateFromDerBytes(byte[] derBytes) {
42         if (derBytes == null) {
43             return null;
44         }
45 
46         try {
47             X509Certificate x509Certificate =
48                     X509Util.createCertificateFromBytes(derBytes);
49             return new SslCertificate(x509Certificate);
50         } catch (CertificateException e) {
51             // A SSL related exception must have occured.  This shouldn't happen.
52             Log.w(TAG, "Could not read certificate: " + e);
53         } catch (KeyStoreException e) {
54             // A SSL related exception must have occured.  This shouldn't happen.
55             Log.w(TAG, "Could not read certificate: " + e);
56         } catch (NoSuchAlgorithmException e) {
57             // A SSL related exception must have occured.  This shouldn't happen.
58             Log.w(TAG, "Could not read certificate: " + e);
59         }
60         return null;
61     }
62 }