/*
* Copyright (C) 2006 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.net.http;
import java.security.cert.X509Certificate;
/**
* One or more individual SSL errors and the associated SSL certificate
*
* {@hide}
*/
public class SslError {
/**
* Individual SSL errors (in the order from the least to the most severe):
*/
/**
* The certificate is not yet valid
*/
public static final int SSL_NOTYETVALID = 0;
/**
* The certificate has expired
*/
public static final int SSL_EXPIRED = 1;
/**
* Hostname mismatch
*/
public static final int SSL_IDMISMATCH = 2;
/**
* The certificate authority is not trusted
*/
public static final int SSL_UNTRUSTED = 3;
/**
* The number of different SSL errors (update if you add a new SSL error!!!)
*/
public static final int SSL_MAX_ERROR = 4;
/**
* The SSL error set bitfield (each individual error is an bit index;
* multiple individual errors can be OR-ed)
*/
int mErrors;
/**
* The SSL certificate associated with the error set
*/
SslCertificate mCertificate;
/**
* Creates a new SSL error set object
* @param error The SSL error
* @param certificate The associated SSL certificate
*/
public SslError(int error, SslCertificate certificate) {
addError(error);
mCertificate = certificate;
}
/**
* Creates a new SSL error set object
* @param error The SSL error
* @param certificate The associated SSL certificate
*/
public SslError(int error, X509Certificate certificate) {
addError(error);
mCertificate = new SslCertificate(certificate);
}
/**
* @return The SSL certificate associated with the error set
*/
public SslCertificate getCertificate() {
return mCertificate;
}
/**
* Adds the SSL error to the error set
* @param error The SSL error to add
* @return True iff the error being added is a known SSL error
*/
public boolean addError(int error) {
boolean rval = (0 <= error && error < SslError.SSL_MAX_ERROR);
if (rval) {
mErrors |= (0x1 << error);
}
return rval;
}
/**
* @param error The SSL error to check
* @return True iff the set includes the error
*/
public boolean hasError(int error) {
boolean rval = (0 <= error && error < SslError.SSL_MAX_ERROR);
if (rval) {
rval = ((mErrors & (0x1 << error)) != 0);
}
return rval;
}
/**
* @return The primary, most severe, SSL error in the set
*/
public int getPrimaryError() {
if (mErrors != 0) {
// go from the most to the least severe errors
for (int error = SslError.SSL_MAX_ERROR - 1; error >= 0; --error) {
if ((mErrors & (0x1 << error)) != 0) {
return error;
}
}
}
return 0;
}
/**
* @return A String representation of this SSL error object
* (used mostly for debugging).
*/
public String toString() {
return "primary error: " + getPrimaryError() +
" certificate: " + getCertificate();
}
}