Loading core/java/android/security/net/config/CertificateSource.java +1 −0 Original line number Diff line number Diff line Loading @@ -23,4 +23,5 @@ import java.security.cert.X509Certificate; public interface CertificateSource { Set<X509Certificate> getCertificates(); X509Certificate findBySubjectAndPublicKey(X509Certificate cert); X509Certificate findByIssuerAndSignature(X509Certificate cert); } core/java/android/security/net/config/CertificatesEntryRef.java +9 −0 Original line number Diff line number Diff line Loading @@ -51,4 +51,13 @@ public final class CertificatesEntryRef { return new TrustAnchor(foundCert, mOverridesPins); } public TrustAnchor findByIssuerAndSignature(X509Certificate cert) { X509Certificate foundCert = mSource.findByIssuerAndSignature(cert); if (foundCert == null) { return null; } return new TrustAnchor(foundCert, mOverridesPins); } } core/java/android/security/net/config/DirectoryCertificateSource.java +15 −0 Original line number Diff line number Diff line Loading @@ -94,6 +94,21 @@ abstract class DirectoryCertificateSource implements CertificateSource { }); } @Override public X509Certificate findByIssuerAndSignature(final X509Certificate cert) { return findCert(cert.getIssuerX500Principal(), new CertSelector() { @Override public boolean match(X509Certificate ca) { try { cert.verify(ca.getPublicKey()); return true; } catch (Exception e) { return false; } } }); } private static interface CertSelector { boolean match(X509Certificate cert); } Loading core/java/android/security/net/config/KeyStoreCertificateSource.java +10 −0 Original line number Diff line number Diff line Loading @@ -80,4 +80,14 @@ class KeyStoreCertificateSource implements CertificateSource { } return anchor.getTrustedCert(); } @Override public X509Certificate findByIssuerAndSignature(X509Certificate cert) { ensureInitialized(); java.security.cert.TrustAnchor anchor = mIndex.findByIssuerAndSignature(cert); if (anchor == null) { return null; } return anchor.getTrustedCert(); } } core/java/android/security/net/config/NetworkSecurityConfig.java +11 −0 Original line number Diff line number Diff line Loading @@ -134,6 +134,17 @@ public final class NetworkSecurityConfig { return null; } /** @hide */ public TrustAnchor findTrustAnchorByIssuerAndSignature(X509Certificate cert) { for (CertificatesEntryRef ref : mCertificatesEntryRefs) { TrustAnchor anchor = ref.findByIssuerAndSignature(cert); if (anchor != null) { return anchor; } } return null; } /** * Return a {@link Builder} for the default {@code NetworkSecurityConfig}. * Loading Loading
core/java/android/security/net/config/CertificateSource.java +1 −0 Original line number Diff line number Diff line Loading @@ -23,4 +23,5 @@ import java.security.cert.X509Certificate; public interface CertificateSource { Set<X509Certificate> getCertificates(); X509Certificate findBySubjectAndPublicKey(X509Certificate cert); X509Certificate findByIssuerAndSignature(X509Certificate cert); }
core/java/android/security/net/config/CertificatesEntryRef.java +9 −0 Original line number Diff line number Diff line Loading @@ -51,4 +51,13 @@ public final class CertificatesEntryRef { return new TrustAnchor(foundCert, mOverridesPins); } public TrustAnchor findByIssuerAndSignature(X509Certificate cert) { X509Certificate foundCert = mSource.findByIssuerAndSignature(cert); if (foundCert == null) { return null; } return new TrustAnchor(foundCert, mOverridesPins); } }
core/java/android/security/net/config/DirectoryCertificateSource.java +15 −0 Original line number Diff line number Diff line Loading @@ -94,6 +94,21 @@ abstract class DirectoryCertificateSource implements CertificateSource { }); } @Override public X509Certificate findByIssuerAndSignature(final X509Certificate cert) { return findCert(cert.getIssuerX500Principal(), new CertSelector() { @Override public boolean match(X509Certificate ca) { try { cert.verify(ca.getPublicKey()); return true; } catch (Exception e) { return false; } } }); } private static interface CertSelector { boolean match(X509Certificate cert); } Loading
core/java/android/security/net/config/KeyStoreCertificateSource.java +10 −0 Original line number Diff line number Diff line Loading @@ -80,4 +80,14 @@ class KeyStoreCertificateSource implements CertificateSource { } return anchor.getTrustedCert(); } @Override public X509Certificate findByIssuerAndSignature(X509Certificate cert) { ensureInitialized(); java.security.cert.TrustAnchor anchor = mIndex.findByIssuerAndSignature(cert); if (anchor == null) { return null; } return anchor.getTrustedCert(); } }
core/java/android/security/net/config/NetworkSecurityConfig.java +11 −0 Original line number Diff line number Diff line Loading @@ -134,6 +134,17 @@ public final class NetworkSecurityConfig { return null; } /** @hide */ public TrustAnchor findTrustAnchorByIssuerAndSignature(X509Certificate cert) { for (CertificatesEntryRef ref : mCertificatesEntryRefs) { TrustAnchor anchor = ref.findByIssuerAndSignature(cert); if (anchor != null) { return anchor; } } return null; } /** * Return a {@link Builder} for the default {@code NetworkSecurityConfig}. * Loading
