1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
|
/*
* Copyright (C) 2006 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.net.http;
import java.security.cert.X509Certificate;
/**
* One or more individual SSL errors and the associated SSL certificate
*/
public class SslError {
/**
* Individual SSL errors (in the order from the least to the most severe):
*/
/**
* The certificate is not yet valid
*/
public static final int SSL_NOTYETVALID = 0;
/**
* The certificate has expired
*/
public static final int SSL_EXPIRED = 1;
/**
* Hostname mismatch
*/
public static final int SSL_IDMISMATCH = 2;
/**
* The certificate authority is not trusted
*/
public static final int SSL_UNTRUSTED = 3;
/**
* The number of different SSL errors (update if you add a new SSL error!!!)
*/
public static final int SSL_MAX_ERROR = 4;
/**
* The SSL error set bitfield (each individual error is an bit index;
* multiple individual errors can be OR-ed)
*/
int mErrors;
/**
* The SSL certificate associated with the error set
*/
final SslCertificate mCertificate;
/**
* The URL associated with the error set.
*/
final String mUrl;
/**
* Creates a new SSL error set object
* @param error The SSL error
* @param certificate The associated SSL certificate
* @deprecated Use {@link #SslError(int, SslCertificate, String)}
*/
@Deprecated
public SslError(int error, SslCertificate certificate) {
addError(error);
if (certificate == null) {
throw new NullPointerException("certificate is null.");
}
mCertificate = certificate;
mUrl = "";
}
/**
* Creates a new SSL error set object
* @param error The SSL error
* @param certificate The associated SSL certificate
* @deprecated Use {@link #SslError(int, X509Certificate, String)}
*/
@Deprecated
public SslError(int error, X509Certificate certificate) {
addError(error);
if (certificate == null) {
throw new NullPointerException("certificate is null.");
}
mCertificate = new SslCertificate(certificate);
mUrl = "";
}
/**
* Creates a new SSL error set object
* @param error The SSL error
* @param certificate The associated SSL certificate
* @param url The associated URL.
*/
public SslError(int error, SslCertificate certificate, String url) {
addError(error);
if (certificate == null) {
throw new NullPointerException("certificate is null.");
}
mCertificate = certificate;
if (url == null) {
throw new NullPointerException("url is null.");
}
mUrl = url;
}
/**
* Creates a new SSL error set object
* @param error The SSL error
* @param certificate The associated SSL certificate
* @param url The associated URL.
*/
public SslError(int error, X509Certificate certificate, String url) {
addError(error);
if (certificate == null) {
throw new NullPointerException("certificate is null.");
}
mCertificate = new SslCertificate(certificate);
if (url == null) {
throw new NullPointerException("url is null.");
}
mUrl = url;
}
/**
* @return The SSL certificate associated with the error set, non-null.
*/
public SslCertificate getCertificate() {
return mCertificate;
}
/**
* @return The URL associated with the error set, non-null.
* "" if one of the deprecated constructors is used.
*/
public String getUrl() {
return mUrl;
}
/**
* Adds the SSL error to the error set
* @param error The SSL error to add
* @return True iff the error being added is a known SSL error
*/
public boolean addError(int error) {
boolean rval = (0 <= error && error < SslError.SSL_MAX_ERROR);
if (rval) {
mErrors |= (0x1 << error);
}
return rval;
}
/**
* @param error The SSL error to check
* @return True iff the set includes the error
*/
public boolean hasError(int error) {
boolean rval = (0 <= error && error < SslError.SSL_MAX_ERROR);
if (rval) {
rval = ((mErrors & (0x1 << error)) != 0);
}
return rval;
}
/**
* @return The primary, most severe, SSL error in the set
*/
public int getPrimaryError() {
if (mErrors != 0) {
// go from the most to the least severe errors
for (int error = SslError.SSL_MAX_ERROR - 1; error >= 0; --error) {
if ((mErrors & (0x1 << error)) != 0) {
return error;
}
}
}
return 0;
}
/**
* @return A String representation of this SSL error object
* (used mostly for debugging).
*/
public String toString() {
return "primary error: " + getPrimaryError() +
" certificate: " + getCertificate() +
" on URL: " + getUrl();
}
}
|
