src/java.base/share/classes/sun/security/ssl/CertStatusReqItemV2.java - platform/libcore - Gitiles

 /*
  * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.  Oracle designates this
  * particular file as subject to the "Classpath" exception as provided
  * by Oracle in the LICENSE file that accompanied this code.
  *
  * This code is distributed in the hope that it will be useful, but WITHOUT
  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * version 2 for more details (a copy is included in the LICENSE file that
  * accompanied this code).
  *
  * You should have received a copy of the GNU General Public License version
  * 2 along with this work; if not, write to the Free Software Foundation,
  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  *
  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  * or visit www.oracle.com if you need additional information or have any
  * questions.
  */

 package sun.security.ssl;

 import java.io.IOException;
 import java.nio.ByteBuffer;
 import java.util.Objects;
 import javax.net.ssl.SSLException;

 /*
  * RFC6961 defines the TLS extension,"status_request_v2" (type 0x5),
  * which allows the client to request that the server perform OCSP
  * on the client's behalf.
  *
  * The RFC defines an CertStatusReqItemV2 structure:
  *
  *      struct {
  *          CertificateStatusType status_type;
  *          uint16 request_length;
  *          select (status_type) {
  *              case ocsp: OCSPStatusRequest;
  *              case ocsp_multi: OCSPStatusRequest;
  *          } request;
  *      } CertificateStatusRequestItemV2;
  *
  *      enum { ocsp(1), ocsp_multi(2), (255) } CertificateStatusType;
  */

 final class CertStatusReqItemV2 {

     private final StatusRequestType statReqType;
     private final StatusRequest request;

     /**
      * Construct a {@code CertStatusReqItemV2} object using a type value
      *      and empty ResponderId and Extension lists.
      *
      * @param reqType the type of request (e.g. ocsp).  A {@code null} value
      *      is not allowed.
      * @param statReq the {@code StatusRequest} object used to provide the
      *      encoding for this {@code CertStatusReqItemV2}.  A {@code null}
      *      value is not allowed.
      *
      * @throws IllegalArgumentException if the provided {@code StatusRequest}
      *      does not match the type.
      * @throws NullPointerException if either the reqType or statReq arguments
      *      are {@code null}.
      */
     CertStatusReqItemV2(StatusRequestType reqType, StatusRequest statReq) {
         statReqType = Objects.requireNonNull(reqType,
                 "Unallowed null value for status_type");
         request = Objects.requireNonNull(statReq,
                 "Unallowed null value for request");

         // There is currently only one known status type (OCSP)
         // We can add more clauses to cover other types in the future
         if (statReqType.equals(StatusRequestType.OCSP) ||
                 statReqType.equals(StatusRequestType.OCSP_MULTI)) {
             if (!(statReq instanceof OCSPStatusRequest)) {
                 throw new IllegalArgumentException("StatusRequest not " +
                         "of type OCSPStatusRequest");
             }
         }
     }

     /**
      * Construct a {@code CertStatusReqItemV2} object from encoded bytes
      *
      * @param requestBytes the encoded bytes for the {@code CertStatusReqItemV2}
      *
      * @throws IOException if any decoding errors take place
      * @throws IllegalArgumentException if the parsed reqType value is not a
      *      supported status request type.
      */
     CertStatusReqItemV2(byte[] reqItemBytes) throws IOException {
         ByteBuffer reqBuf = ByteBuffer.wrap(reqItemBytes);
         statReqType = StatusRequestType.get(reqBuf.get());
         int requestLength = Short.toUnsignedInt(reqBuf.getShort());

         if (requestLength == reqBuf.remaining()) {
             byte[] statReqBytes = new byte[requestLength];
             reqBuf.get(statReqBytes);
             if (statReqType == StatusRequestType.OCSP ||
                     statReqType == StatusRequestType.OCSP_MULTI) {
                 request = new OCSPStatusRequest(statReqBytes);
             } else {
                 request = new UnknownStatusRequest(statReqBytes);
             }
         } else {
             throw new SSLException("Incorrect request_length: " +
                     "Expected " + reqBuf.remaining() + ", got " +
                     requestLength);
         }
     }

     /**
      * Construct an {@code CertStatusReqItemV2} object from data read from
      * a {@code HandshakeInputStream}
      *
      * @param s the {@code HandshakeInputStream} providing the encoded data
      *
      * @throws IOException if any decoding errors happen during object
      *      construction.
      * @throws IllegalArgumentException if the parsed reqType value is not a
      *      supported status request type.
      */
     CertStatusReqItemV2(HandshakeInStream in) throws IOException {
         statReqType = StatusRequestType.get(in.getInt8());
         int requestLength = in.getInt16();

         if (statReqType == StatusRequestType.OCSP ||
                 statReqType == StatusRequestType.OCSP_MULTI) {
             request = new OCSPStatusRequest(in);
         } else {
             request = new UnknownStatusRequest(in, requestLength);
         }
     }

     /**
      * Return the length of this {@code CertStatusReqItemV2} in its encoded form
      *
      * @return the encoded length of this {@code CertStatusReqItemV2}
      */
     int length() {
         // The length is the the status type (1 byte) + the request length
         // field (2 bytes) + the StatusRequest data length.
         return request.length() + 3;
     }

     /**
      * Send the encoded {@code CertStatusReqItemV2} through a
      *      {@code HandshakeOutputStream}
      *
      * @param s the {@code HandshakeOutputStream} used to send the encoded data
      *
      * @throws IOException if any errors occur during the encoding process
      */
     void send(HandshakeOutStream s) throws IOException {
         s.putInt8(statReqType.id);
         s.putInt16(request.length());
         request.send(s);
     }

     /**
      * Create a string representation of this {@code CertStatusReqItemV2}
      *
      * @return the string representation of this {@code CertStatusReqItemV2}
      */
     @Override
     public String toString() {
         StringBuilder sb = new StringBuilder();
         sb.append("CertStatusReqItemV2: ").append(statReqType).append(", ");
         sb.append(request.toString());

         return sb.toString();
     }

     /**
      * Return the type field for this {@code CertStatusReqItemV2}
      *
      * @return the {@code StatusRequestType} for this extension.
      */
     StatusRequestType getType() {
         return statReqType;
     }

     /**
      * Get the underlying {@code StatusRequest} for this
      *      {@code CertStatusReqItemV2}
      *
      * @return the {@code StatusRequest}
      */
     StatusRequest getRequest() {
         return request;
     }
 }
	/*
	* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	*
	* This code is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License version 2 only, as
	* published by the Free Software Foundation. Oracle designates this
	* particular file as subject to the "Classpath" exception as provided
	* by Oracle in the LICENSE file that accompanied this code.
	*
	* This code is distributed in the hope that it will be useful, but WITHOUT
	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* version 2 for more details (a copy is included in the LICENSE file that
	* accompanied this code).
	*
	* You should have received a copy of the GNU General Public License version
	* 2 along with this work; if not, write to the Free Software Foundation,
	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	*
	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	* or visit www.oracle.com if you need additional information or have any
	* questions.
	*/

	package sun.security.ssl;

	import java.io.IOException;
	import java.nio.ByteBuffer;
	import java.util.Objects;
	import javax.net.ssl.SSLException;

	/*
	* RFC6961 defines the TLS extension,"status_request_v2" (type 0x5),
	* which allows the client to request that the server perform OCSP
	* on the client's behalf.
	*
	* The RFC defines an CertStatusReqItemV2 structure:
	*
	* struct {
	* CertificateStatusType status_type;
	* uint16 request_length;
	* select (status_type) {
	* case ocsp: OCSPStatusRequest;
	* case ocsp_multi: OCSPStatusRequest;
	* } request;
	* } CertificateStatusRequestItemV2;
	*
	* enum { ocsp(1), ocsp_multi(2), (255) } CertificateStatusType;
	*/

	final class CertStatusReqItemV2 {

	private final StatusRequestType statReqType;
	private final StatusRequest request;

	/**
	* Construct a {@code CertStatusReqItemV2} object using a type value
	* and empty ResponderId and Extension lists.
	*
	* @param reqType the type of request (e.g. ocsp). A {@code null} value
	* is not allowed.
	* @param statReq the {@code StatusRequest} object used to provide the
	* encoding for this {@code CertStatusReqItemV2}. A {@code null}
	* value is not allowed.
	*
	* @throws IllegalArgumentException if the provided {@code StatusRequest}
	* does not match the type.
	* @throws NullPointerException if either the reqType or statReq arguments
	* are {@code null}.
	*/
	CertStatusReqItemV2(StatusRequestType reqType, StatusRequest statReq) {
	statReqType = Objects.requireNonNull(reqType,
	"Unallowed null value for status_type");
	request = Objects.requireNonNull(statReq,
	"Unallowed null value for request");

	// There is currently only one known status type (OCSP)
	// We can add more clauses to cover other types in the future
	if (statReqType.equals(StatusRequestType.OCSP) \|\|
	statReqType.equals(StatusRequestType.OCSP_MULTI)) {
	if (!(statReq instanceof OCSPStatusRequest)) {
	throw new IllegalArgumentException("StatusRequest not " +
	"of type OCSPStatusRequest");
	}
	}
	}

	/**
	* Construct a {@code CertStatusReqItemV2} object from encoded bytes
	*
	* @param requestBytes the encoded bytes for the {@code CertStatusReqItemV2}
	*
	* @throws IOException if any decoding errors take place
	* @throws IllegalArgumentException if the parsed reqType value is not a
	* supported status request type.
	*/
	CertStatusReqItemV2(byte[] reqItemBytes) throws IOException {
	ByteBuffer reqBuf = ByteBuffer.wrap(reqItemBytes);
	statReqType = StatusRequestType.get(reqBuf.get());
	int requestLength = Short.toUnsignedInt(reqBuf.getShort());

	if (requestLength == reqBuf.remaining()) {
	byte[] statReqBytes = new byte[requestLength];
	reqBuf.get(statReqBytes);
	if (statReqType == StatusRequestType.OCSP \|\|
	statReqType == StatusRequestType.OCSP_MULTI) {
	request = new OCSPStatusRequest(statReqBytes);
	} else {
	request = new UnknownStatusRequest(statReqBytes);
	}
	} else {
	throw new SSLException("Incorrect request_length: " +
	"Expected " + reqBuf.remaining() + ", got " +
	requestLength);
	}
	}

	/**
	* Construct an {@code CertStatusReqItemV2} object from data read from
	* a {@code HandshakeInputStream}
	*
	* @param s the {@code HandshakeInputStream} providing the encoded data
	*
	* @throws IOException if any decoding errors happen during object
	* construction.
	* @throws IllegalArgumentException if the parsed reqType value is not a
	* supported status request type.
	*/
	CertStatusReqItemV2(HandshakeInStream in) throws IOException {
	statReqType = StatusRequestType.get(in.getInt8());
	int requestLength = in.getInt16();

	if (statReqType == StatusRequestType.OCSP \|\|
	statReqType == StatusRequestType.OCSP_MULTI) {
	request = new OCSPStatusRequest(in);
	} else {
	request = new UnknownStatusRequest(in, requestLength);
	}
	}

	/**
	* Return the length of this {@code CertStatusReqItemV2} in its encoded form
	*
	* @return the encoded length of this {@code CertStatusReqItemV2}
	*/
	int length() {
	// The length is the the status type (1 byte) + the request length
	// field (2 bytes) + the StatusRequest data length.
	return request.length() + 3;
	}

	/**
	* Send the encoded {@code CertStatusReqItemV2} through a
	* {@code HandshakeOutputStream}
	*
	* @param s the {@code HandshakeOutputStream} used to send the encoded data
	*
	* @throws IOException if any errors occur during the encoding process
	*/
	void send(HandshakeOutStream s) throws IOException {
	s.putInt8(statReqType.id);
	s.putInt16(request.length());
	request.send(s);
	}

	/**
	* Create a string representation of this {@code CertStatusReqItemV2}
	*
	* @return the string representation of this {@code CertStatusReqItemV2}
	*/
	@Override
	public String toString() {
	StringBuilder sb = new StringBuilder();
	sb.append("CertStatusReqItemV2: ").append(statReqType).append(", ");
	sb.append(request.toString());

	return sb.toString();
	}

	/**
	* Return the type field for this {@code CertStatusReqItemV2}
	*
	* @return the {@code StatusRequestType} for this extension.
	*/
	StatusRequestType getType() {
	return statReqType;
	}

	/**
	* Get the underlying {@code StatusRequest} for this
	* {@code CertStatusReqItemV2}
	*
	* @return the {@code StatusRequest}
	*/
	StatusRequest getRequest() {
	return request;
	}
	}