CertStatusReqItemV2.java example

Explorer
openjdk-master
/*
 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package sun.security.ssl;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.Objects;
import javax.net.ssl.SSLException;

/*
 * RFC6961 defines the TLS extension,"status_request_v2" (type 0x5),
 * which allows the client to request that the server perform OCSP
 * on the client's behalf.
 *
 * The RFC defines an CertStatusReqItemV2 structure:
 *
 *      struct {
 *          CertificateStatusType status_type;
 *          uint16 request_length;
 *          select (status_type) {
 *              case ocsp: OCSPStatusRequest;
 *              case ocsp_multi: OCSPStatusRequest;
 *          } request;
 *      } CertificateStatusRequestItemV2;
 *
 *      enum { ocsp(1), ocsp_multi(2), (255) } CertificateStatusType;
 */

final class CertStatusReqItemV2 {

    private final StatusRequestType statReqType;
    private final StatusRequest request;

    /**
     * Construct a {@code CertStatusReqItemV2} object using a type value
     *      and empty ResponderId and Extension lists.
     *
     * @param reqType the type of request (e.g. ocsp).  A {@code null} value
     *      is not allowed.
     * @param statReq the {@code StatusRequest} object used to provide the
     *      encoding for this {@code CertStatusReqItemV2}.  A {@code null}
     *      value is not allowed.
     *
     * @throws IllegalArgumentException if the provided {@code StatusRequest}
     *      does not match the type.
     * @throws NullPointerException if either the reqType or statReq arguments
     *      are {@code null}.
     */
    CertStatusReqItemV2(StatusRequestType reqType, StatusRequest statReq) {
        statReqType = Objects.requireNonNull(reqType,
                "Unallowed null value for status_type");
        request = Objects.requireNonNull(statReq,
                "Unallowed null value for request");

        // There is currently only one known status type (OCSP)
        // We can add more clauses to cover other types in the future
        if (statReqType.equals(StatusRequestType.OCSP) ||
                statReqType.equals(StatusRequestType.OCSP_MULTI)) {
            if (!(statReq instanceof OCSPStatusRequest)) {
                throw new IllegalArgumentException("StatusRequest not " +
                        "of type OCSPStatusRequest");
            }
        }
    }

    /**
     * Construct a {@code CertStatusReqItemV2} object from encoded bytes
     *
     * @param requestBytes the encoded bytes for the {@code CertStatusReqItemV2}
     *
     * @throws IOException if any decoding errors take place
     * @throws IllegalArgumentException if the parsed reqType value is not a
     *      supported status request type.
     */
    CertStatusReqItemV2(byte[] reqItemBytes) throws IOException {
        ByteBuffer reqBuf = ByteBuffer.wrap(reqItemBytes);
        statReqType = StatusRequestType.get(reqBuf.get());
        int requestLength = Short.toUnsignedInt(reqBuf.getShort());

        if (requestLength == reqBuf.remaining()) {
            byte[] statReqBytes = new byte[requestLength];
            reqBuf.get(statReqBytes);
            if (statReqType == StatusRequestType.OCSP ||
                    statReqType == StatusRequestType.OCSP_MULTI) {
                request = new OCSPStatusRequest(statReqBytes);
            } else {
                request = new UnknownStatusRequest(statReqBytes);
            }
        } else {
            throw new SSLException("Incorrect request_length: " +
                    "Expected " + reqBuf.remaining() + ", got " +
                    requestLength);
        }
    }

    /**
     * Construct an {@code CertStatusReqItemV2} object from data read from
     * a {@code HandshakeInputStream}
     *
     * @param s the {@code HandshakeInputStream} providing the encoded data
     *
     * @throws IOException if any decoding errors happen during object
     *      construction.
     * @throws IllegalArgumentException if the parsed reqType value is not a
     *      supported status request type.
     */
    CertStatusReqItemV2(HandshakeInStream in) throws IOException {
        statReqType = StatusRequestType.get(in.getInt8());
        int requestLength = in.getInt16();

        if (statReqType == StatusRequestType.OCSP ||
                statReqType == StatusRequestType.OCSP_MULTI) {
            request = new OCSPStatusRequest(in);
        } else {
            request = new UnknownStatusRequest(in, requestLength);
        }
    }

    /**
     * Return the length of this {@code CertStatusReqItemV2} in its encoded form
     *
     * @return the encoded length of this {@code CertStatusReqItemV2}
     */
    int length() {
        // The length is the the status type (1 byte) + the request length
        // field (2 bytes) + the StatusRequest data length.
        return request.length() + 3;
    }

    /**
     * Send the encoded {@code CertStatusReqItemV2} through a
     *      {@code HandshakeOutputStream}
     *
     * @param s the {@code HandshakeOutputStream} used to send the encoded data
     *
     * @throws IOException if any errors occur during the encoding process
     */
    void send(HandshakeOutStream s) throws IOException {
        s.putInt8(statReqType.id);
        s.putInt16(request.length());
        request.send(s);
    }

    /**
     * Create a string representation of this {@code CertStatusReqItemV2}
     *
     * @return the string representation of this {@code CertStatusReqItemV2}
     */
    @Override
    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("CertStatusReqItemV2: ").append(statReqType).append(", ");
        sb.append(request.toString());

        return sb.toString();
    }

    /**
     * Return the type field for this {@code CertStatusReqItemV2}
     *
     * @return the {@code StatusRequestType} for this extension.
     */
    StatusRequestType getType() {
        return statReqType;
    }

    /**
     * Get the underlying {@code StatusRequest} for this
     *      {@code CertStatusReqItemV2}
     *
     * @return the {@code StatusRequest}
     */
    StatusRequest getRequest() {
        return request;
    }
}