1 /* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security.net.config; 18 19 import android.util.ArraySet; 20 import java.security.cert.X509Certificate; 21 import java.util.Set; 22 23 /** @hide */ 24 public final class CertificatesEntryRef { 25 private final CertificateSource mSource; 26 private final boolean mOverridesPins; 27 CertificatesEntryRef(CertificateSource source, boolean overridesPins)28 public CertificatesEntryRef(CertificateSource source, boolean overridesPins) { 29 mSource = source; 30 mOverridesPins = overridesPins; 31 } 32 overridesPins()33 boolean overridesPins() { 34 return mOverridesPins; 35 } 36 getTrustAnchors()37 public Set<TrustAnchor> getTrustAnchors() { 38 // TODO: cache this [but handle mutable sources] 39 Set<TrustAnchor> anchors = new ArraySet<TrustAnchor>(); 40 for (X509Certificate cert : mSource.getCertificates()) { 41 anchors.add(new TrustAnchor(cert, mOverridesPins)); 42 } 43 return anchors; 44 } 45 findBySubjectAndPublicKey(X509Certificate cert)46 public TrustAnchor findBySubjectAndPublicKey(X509Certificate cert) { 47 X509Certificate foundCert = mSource.findBySubjectAndPublicKey(cert); 48 if (foundCert == null) { 49 return null; 50 } 51 52 return new TrustAnchor(foundCert, mOverridesPins); 53 } 54 findByIssuerAndSignature(X509Certificate cert)55 public TrustAnchor findByIssuerAndSignature(X509Certificate cert) { 56 X509Certificate foundCert = mSource.findByIssuerAndSignature(cert); 57 if (foundCert == null) { 58 return null; 59 } 60 61 return new TrustAnchor(foundCert, mOverridesPins); 62 } 63 findAllCertificatesByIssuerAndSignature(X509Certificate cert)64 public Set<X509Certificate> findAllCertificatesByIssuerAndSignature(X509Certificate cert) { 65 return mSource.findAllByIssuerAndSignature(cert); 66 } 67 handleTrustStorageUpdate()68 public void handleTrustStorageUpdate() { 69 mSource.handleTrustStorageUpdate(); 70 } 71 } 72