File Doc Category Size Date Package
SslCertificate.java API Doc Android 5.1 API 17600 Thu Mar 12 22:22:10 GMT 2015 android.net.http

SslCertificate

java.lang.Object

public class SslCertificate extends Object

SSL certificate info (certificate details) class

Fields Summary
private static String
ISO_8601_DATE_FORMAT
SimpleDateFormat pattern for an ISO 8601 date
private final DName
mIssuedTo
Name of the entity this certificate is issued to
private final DName
mIssuedBy
Name of the entity this certificate is issued by
private final Date
mValidNotBefore
Not-before date from the validity period
private final Date
mValidNotAfter
Not-after date from the validity period
private final X509Certificate
mX509Certificate
The original source certificate, if available. TODO If deprecated constructors are removed, this should always be available, and saveState and restoreState can be simplified to be unconditional.
private static final String
ISSUED_TO
Bundle key names
private static final String
ISSUED_BY
private static final String
VALID_NOT_BEFORE
private static final String
VALID_NOT_AFTER
private static final String
X509_CERTIFICATE
Constructors Summary
public SslCertificate(String issuedTo, String issuedBy, String validNotBefore, String validNotAfter)
Creates a new SSL certificate object
param
issuedTo The entity this certificate is issued to
param
issuedBy The entity that issued this certificate
param
validNotBefore The not-before date from the certificate validity period in ISO 8601 format
param
validNotAfter The not-after date from the certificate validity period in ISO 8601 format
deprecated
Use {@link #SslCertificate(X509Certificate)}
this(issuedTo, issuedBy, parseDate(validNotBefore), parseDate(validNotAfter), null);
public SslCertificate(String issuedTo, String issuedBy, Date validNotBefore, Date validNotAfter)
Creates a new SSL certificate object
param
issuedTo The entity this certificate is issued to
param
issuedBy The entity that issued this certificate
param
validNotBefore The not-before date from the certificate validity period
param
validNotAfter The not-after date from the certificate validity period
deprecated
Use {@link #SslCertificate(X509Certificate)}
this(issuedTo, issuedBy, validNotBefore, validNotAfter, null);
public SslCertificate(X509Certificate certificate)
Creates a new SSL certificate object from an X509 certificate
param
certificate X509 certificate
this(certificate.getSubjectDN().getName(), certificate.getIssuerDN().getName(), certificate.getNotBefore(), certificate.getNotAfter(), certificate);
private SslCertificate(String issuedTo, String issuedBy, Date validNotBefore, Date validNotAfter, X509Certificate x509Certificate)
mIssuedTo = new DName(issuedTo); mIssuedBy = new DName(issuedBy); mValidNotBefore = cloneDate(validNotBefore); mValidNotAfter = cloneDate(validNotAfter); mX509Certificate = x509Certificate;
Methods Summary
private static java.util.Date cloneDate(java.util.Date date)
Clone a possibly null Date
if (date == null) { return null; } return (Date) date.clone();
private static final java.lang.String fingerprint(byte[] bytes)
if (bytes == null) { return ""; } StringBuilder sb = new StringBuilder(); for (int i = 0; i < bytes.length; i++) { byte b = bytes[i]; IntegralToString.appendByteAsHex(sb, b, true); if (i+1 != bytes.length) { sb.append(':"); } } return sb.toString();
private java.lang.String formatCertificateDate(android.content.Context context, java.util.Date certificateDate)
Formats the certificate date to a properly localized date string.
return
Properly localized version of the certificate date string and the "" if it fails to localize.
if (certificateDate == null) { return ""; } return DateFormat.getDateFormat(context).format(certificateDate);
private static java.lang.String formatDate(java.util.Date date)
Format a date as an ISO 8601 string, return "" for a null date
if (date == null) { return ""; } return new SimpleDateFormat(ISO_8601_DATE_FORMAT).format(date);
private static java.lang.String getDigest(java.security.cert.X509Certificate x509Certificate, java.lang.String algorithm)
Convenience for UI presentation, not intended as public API.
if (x509Certificate == null) { return ""; } try { byte[] bytes = x509Certificate.getEncoded(); MessageDigest md = MessageDigest.getInstance(algorithm); byte[] digest = md.digest(bytes); return fingerprint(digest); } catch (CertificateEncodingException ignored) { return ""; } catch (NoSuchAlgorithmException ignored) { return ""; }
public android.net.http.SslCertificate$DName getIssuedBy()
return
Issued-by distinguished name or null if none has been set
return mIssuedBy;
public android.net.http.SslCertificate$DName getIssuedTo()
return
Issued-to distinguished name or null if none has been set
return mIssuedTo;
private static java.lang.String getSerialNumber(java.security.cert.X509Certificate x509Certificate)
Convenience for UI presentation, not intended as public API.
if (x509Certificate == null) { return ""; } BigInteger serialNumber = x509Certificate.getSerialNumber(); if (serialNumber == null) { return ""; } return fingerprint(serialNumber.toByteArray());
public java.lang.String getValidNotAfter()
return
Not-after date from the certificate validity period in ISO 8601 format or "" if none has been set
deprecated
Use {@link #getValidNotAfterDate()}
return formatDate(mValidNotAfter);
public java.util.Date getValidNotAfterDate()
return
Not-after date from the certificate validity period or "" if none has been set
return cloneDate(mValidNotAfter);
public java.lang.String getValidNotBefore()
return
Not-before date from the certificate validity period in ISO 8601 format or "" if none has been set
deprecated
Use {@link #getValidNotBeforeDate()}
return formatDate(mValidNotBefore);
public java.util.Date getValidNotBeforeDate()
return
Not-before date from the certificate validity period or "" if none has been set
return cloneDate(mValidNotBefore);
public android.view.View inflateCertificateView(android.content.Context context)
Inflates the SSL certificate view (helper method).
return
The resultant certificate view with issued-to, issued-by, issued-on, expires-on, and possibly other fields set.
hide
Used by Browser and Settings
LayoutInflater factory = LayoutInflater.from(context); View certificateView = factory.inflate( com.android.internal.R.layout.ssl_certificate, null); // issued to: SslCertificate.DName issuedTo = getIssuedTo(); if (issuedTo != null) { ((TextView) certificateView.findViewById(com.android.internal.R.id.to_common)) .setText(issuedTo.getCName()); ((TextView) certificateView.findViewById(com.android.internal.R.id.to_org)) .setText(issuedTo.getOName()); ((TextView) certificateView.findViewById(com.android.internal.R.id.to_org_unit)) .setText(issuedTo.getUName()); } // serial number: ((TextView) certificateView.findViewById(com.android.internal.R.id.serial_number)) .setText(getSerialNumber(mX509Certificate)); // issued by: SslCertificate.DName issuedBy = getIssuedBy(); if (issuedBy != null) { ((TextView) certificateView.findViewById(com.android.internal.R.id.by_common)) .setText(issuedBy.getCName()); ((TextView) certificateView.findViewById(com.android.internal.R.id.by_org)) .setText(issuedBy.getOName()); ((TextView) certificateView.findViewById(com.android.internal.R.id.by_org_unit)) .setText(issuedBy.getUName()); } // issued on: String issuedOn = formatCertificateDate(context, getValidNotBeforeDate()); ((TextView) certificateView.findViewById(com.android.internal.R.id.issued_on)) .setText(issuedOn); // expires on: String expiresOn = formatCertificateDate(context, getValidNotAfterDate()); ((TextView) certificateView.findViewById(com.android.internal.R.id.expires_on)) .setText(expiresOn); // fingerprints: ((TextView) certificateView.findViewById(com.android.internal.R.id.sha256_fingerprint)) .setText(getDigest(mX509Certificate, "SHA256")); ((TextView) certificateView.findViewById(com.android.internal.R.id.sha1_fingerprint)) .setText(getDigest(mX509Certificate, "SHA1")); return certificateView;
private static java.util.Date parseDate(java.lang.String string)
Parse an ISO 8601 date converting ParseExceptions to a null result;
try { return new SimpleDateFormat(ISO_8601_DATE_FORMAT).parse(string); } catch (ParseException e) { return null; }
public static android.net.http.SslCertificate restoreState(android.os.Bundle bundle)
Restores the certificate stored in the bundle
param
bundle The bundle with the certificate state stored in it
return
The SSL certificate stored in the bundle or null if fails
if (bundle == null) { return null; } X509Certificate x509Certificate; byte[] bytes = bundle.getByteArray(X509_CERTIFICATE); if (bytes == null) { x509Certificate = null; } else { try { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes)); x509Certificate = (X509Certificate) cert; } catch (CertificateException e) { x509Certificate = null; } } return new SslCertificate(bundle.getString(ISSUED_TO), bundle.getString(ISSUED_BY), parseDate(bundle.getString(VALID_NOT_BEFORE)), parseDate(bundle.getString(VALID_NOT_AFTER)), x509Certificate);
public static android.os.Bundle saveState(android.net.http.SslCertificate certificate)
Saves the certificate state to a bundle
param
certificate The SSL certificate to store
return
A bundle with the certificate stored in it or null if fails
if (certificate == null) { return null; } Bundle bundle = new Bundle(); bundle.putString(ISSUED_TO, certificate.getIssuedTo().getDName()); bundle.putString(ISSUED_BY, certificate.getIssuedBy().getDName()); bundle.putString(VALID_NOT_BEFORE, certificate.getValidNotBefore()); bundle.putString(VALID_NOT_AFTER, certificate.getValidNotAfter()); X509Certificate x509Certificate = certificate.mX509Certificate; if (x509Certificate != null) { try { bundle.putByteArray(X509_CERTIFICATE, x509Certificate.getEncoded()); } catch (CertificateEncodingException ignored) { } } return bundle;
public java.lang.String toString()
return
A string representation of this certificate for debugging
return ("Issued to: " + mIssuedTo.getDName() + ";\n" + "Issued by: " + mIssuedBy.getDName() + ";\n");