script-astra/Android/Sdk/sources/android-35/android/security/net/config/ResourceCertificateSource.java

/*
 * Copyright (C) 2015 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package android.security.net.config;

import android.content.Context;
import android.util.ArraySet;
import libcore.io.IoUtils;
import java.io.InputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.Set;

import com.android.org.conscrypt.TrustedCertificateIndex;

/**
 * {@link CertificateSource} based on certificates contained in an application resource file.
 * @hide
 */
public class ResourceCertificateSource implements CertificateSource {
    private final Object mLock = new Object();
    private final int  mResourceId;

    private Set<X509Certificate> mCertificates;
    private Context mContext;
    private TrustedCertificateIndex mIndex;

    public ResourceCertificateSource(int resourceId, Context context) {
        mResourceId = resourceId;
        mContext = context;
    }

    private void ensureInitialized() {
        synchronized (mLock) {
            if (mCertificates != null) {
                return;
            }
            Set<X509Certificate> certificates = new ArraySet<X509Certificate>();
            Collection<? extends Certificate> certs;
            InputStream in = null;
            try {
                CertificateFactory factory = CertificateFactory.getInstance("X.509");
                in = mContext.getResources().openRawResource(mResourceId);
                certs = factory.generateCertificates(in);
            } catch (CertificateException e) {
                throw new RuntimeException("Failed to load trust anchors from id " + mResourceId,
                        e);
            } finally {
                IoUtils.closeQuietly(in);
            }
            TrustedCertificateIndex indexLocal = new TrustedCertificateIndex();
            for (Certificate cert : certs) {
                certificates.add((X509Certificate) cert);
                indexLocal.index((X509Certificate) cert);
            }
            mCertificates = certificates;
            mIndex = indexLocal;
            mContext = null;
        }
    }

    @Override
    public Set<X509Certificate> getCertificates() {
        ensureInitialized();
        return mCertificates;
    }

    @Override
    public X509Certificate findBySubjectAndPublicKey(X509Certificate cert) {
        ensureInitialized();
        java.security.cert.TrustAnchor anchor = mIndex.findBySubjectAndPublicKey(cert);
        if (anchor == null) {
            return null;
        }
        return anchor.getTrustedCert();
    }

    @Override
    public X509Certificate findByIssuerAndSignature(X509Certificate cert) {
        ensureInitialized();
        java.security.cert.TrustAnchor anchor = mIndex.findByIssuerAndSignature(cert);
        if (anchor == null) {
            return null;
        }
        return anchor.getTrustedCert();
    }

    @Override
    public Set<X509Certificate> findAllByIssuerAndSignature(X509Certificate cert) {
        ensureInitialized();
        Set<java.security.cert.TrustAnchor> anchors = mIndex.findAllByIssuerAndSignature(cert);
        if (anchors.isEmpty()) {
            return Collections.<X509Certificate>emptySet();
        }
        Set<X509Certificate> certs = new ArraySet<X509Certificate>(anchors.size());
        for (java.security.cert.TrustAnchor anchor : anchors) {
            certs.add(anchor.getTrustedCert());
        }
        return certs;
    }

    @Override
    public void handleTrustStorageUpdate() {
        // Nothing to do, resource sources never change.
    }
}
init 2025-01-20 15:15:20 +00:00			`/*`
			`* Copyright (C) 2015 The Android Open Source Project`
			`*`
			`* Licensed under the Apache License, Version 2.0 (the "License");`
			`* you may not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
			`*`
			`* http://www.apache.org/licenses/LICENSE-2.0`
			`*`
			`* Unless required by applicable law or agreed to in writing, software`
			`* distributed under the License is distributed on an "AS IS" BASIS,`
			`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`* See the License for the specific language governing permissions and`
			`* limitations under the License.`
			`*/`

			`package android.security.net.config;`

			`import android.content.Context;`
			`import android.util.ArraySet;`
			`import libcore.io.IoUtils;`
			`import java.io.InputStream;`
			`import java.security.cert.Certificate;`
			`import java.security.cert.CertificateException;`
			`import java.security.cert.CertificateFactory;`
			`import java.security.cert.X509Certificate;`
			`import java.util.Collection;`
			`import java.util.Collections;`
			`import java.util.Set;`

			`import com.android.org.conscrypt.TrustedCertificateIndex;`

			`/**`
			`* {@link CertificateSource} based on certificates contained in an application resource file.`
			`* @hide`
			`*/`
			`public class ResourceCertificateSource implements CertificateSource {`
			`private final Object mLock = new Object();`
			`private final int mResourceId;`

			`private Set<X509Certificate> mCertificates;`
			`private Context mContext;`
			`private TrustedCertificateIndex mIndex;`

			`public ResourceCertificateSource(int resourceId, Context context) {`
			`mResourceId = resourceId;`
			`mContext = context;`
			`}`

			`private void ensureInitialized() {`
			`synchronized (mLock) {`
			`if (mCertificates != null) {`
			`return;`
			`}`
			`Set<X509Certificate> certificates = new ArraySet<X509Certificate>();`
			`Collection<? extends Certificate> certs;`
			`InputStream in = null;`
			`try {`
			`CertificateFactory factory = CertificateFactory.getInstance("X.509");`
			`in = mContext.getResources().openRawResource(mResourceId);`
			`certs = factory.generateCertificates(in);`
			`} catch (CertificateException e) {`
			`throw new RuntimeException("Failed to load trust anchors from id " + mResourceId,`
			`e);`
			`} finally {`
			`IoUtils.closeQuietly(in);`
			`}`
			`TrustedCertificateIndex indexLocal = new TrustedCertificateIndex();`
			`for (Certificate cert : certs) {`
			`certificates.add((X509Certificate) cert);`
			`indexLocal.index((X509Certificate) cert);`
			`}`
			`mCertificates = certificates;`
			`mIndex = indexLocal;`
			`mContext = null;`
			`}`
			`}`

			`@Override`
			`public Set<X509Certificate> getCertificates() {`
			`ensureInitialized();`
			`return mCertificates;`
			`}`

			`@Override`
			`public X509Certificate findBySubjectAndPublicKey(X509Certificate cert) {`
			`ensureInitialized();`
			`java.security.cert.TrustAnchor anchor = mIndex.findBySubjectAndPublicKey(cert);`
			`if (anchor == null) {`
			`return null;`
			`}`
			`return anchor.getTrustedCert();`
			`}`

			`@Override`
			`public X509Certificate findByIssuerAndSignature(X509Certificate cert) {`
			`ensureInitialized();`
			`java.security.cert.TrustAnchor anchor = mIndex.findByIssuerAndSignature(cert);`
			`if (anchor == null) {`
			`return null;`
			`}`
			`return anchor.getTrustedCert();`
			`}`

			`@Override`
			`public Set<X509Certificate> findAllByIssuerAndSignature(X509Certificate cert) {`
			`ensureInitialized();`
			`Set<java.security.cert.TrustAnchor> anchors = mIndex.findAllByIssuerAndSignature(cert);`
			`if (anchors.isEmpty()) {`
			`return Collections.<X509Certificate>emptySet();`
			`}`
			`Set<X509Certificate> certs = new ArraySet<X509Certificate>(anchors.size());`
			`for (java.security.cert.TrustAnchor anchor : anchors) {`
			`certs.add(anchor.getTrustedCert());`
			`}`
			`return certs;`
			`}`

			`@Override`
			`public void handleTrustStorageUpdate() {`
			`// Nothing to do, resource sources never change.`
			`}`
			`}`