-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update Certificate#verify to allow nullable params
- Loading branch information
Showing
8 changed files
with
135 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
15 changes: 15 additions & 0 deletions
15
jvm/src/main/kotlin/app/cash/trifle/internal/validators/CertificateValidator.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
package app.cash.trifle.internal.validators | ||
|
||
import app.cash.trifle.Certificate | ||
import java.util.Date | ||
|
||
sealed interface CertificateValidator { | ||
/** | ||
* Validates if a specific Trifle Certificate is within the validity window of the date. | ||
* | ||
* @param certificate - The certificate to validate. | ||
* @param date - The date to use for verification against certificates' validity windows. If null, | ||
* the current time is used. | ||
*/ | ||
fun validate(certificate: Certificate, date: Date?): Result<Unit> | ||
} |
17 changes: 17 additions & 0 deletions
17
jvm/src/main/kotlin/app/cash/trifle/internal/validators/CertificateValidatorFactory.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
package app.cash.trifle.internal.validators | ||
|
||
import app.cash.trifle.Certificate | ||
|
||
object CertificateValidatorFactory { | ||
/** | ||
* Return a certificate validator matching the provided certificate. | ||
* @param certificate - The certificate to validate. Its format will determine how | ||
* verification should be performed. | ||
*/ | ||
fun get(certificate: Certificate): CertificateValidator { | ||
return when (certificate.version) { | ||
Certificate.CERTIFICATE_VERSION -> X509CertificateValidator | ||
else -> throw UnsupportedOperationException("Unsupported version of Trifle Certificate") | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
17 changes: 17 additions & 0 deletions
17
jvm/src/main/kotlin/app/cash/trifle/internal/validators/X509CertificateUtil.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
package app.cash.trifle.internal.validators | ||
|
||
import app.cash.trifle.Certificate | ||
import java.security.cert.CertPath | ||
import java.security.cert.CertificateFactory | ||
import java.security.cert.X509Certificate | ||
|
||
internal object X509CertificateUtil { | ||
internal fun Certificate.toX509Certificate() = certificate.inputStream().use { | ||
X509FACTORY.generateCertificate(it) as X509Certificate | ||
} | ||
|
||
internal fun List<X509Certificate>.generateCertPath(): CertPath = | ||
X509FACTORY.generateCertPath(this) | ||
|
||
private val X509FACTORY = CertificateFactory.getInstance("X509") | ||
} |
23 changes: 23 additions & 0 deletions
23
jvm/src/main/kotlin/app/cash/trifle/internal/validators/X509CertificateValidator.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
package app.cash.trifle.internal.validators | ||
|
||
import app.cash.trifle.Certificate | ||
import app.cash.trifle.TrifleErrors | ||
import app.cash.trifle.internal.validators.X509CertificateUtil.toX509Certificate | ||
import java.security.cert.CertificateExpiredException | ||
import java.security.cert.CertificateNotYetValidException | ||
import java.util.Date | ||
|
||
/** | ||
* X.509 specific implementation for validating a certificate. | ||
*/ | ||
internal object X509CertificateValidator : CertificateValidator { | ||
override fun validate(certificate: Certificate, date: Date?): Result<Unit> = | ||
try { | ||
certificate.toX509Certificate().checkValidity(date ?: Date()) | ||
Result.success(Unit) | ||
} catch (e: CertificateExpiredException) { | ||
Result.failure(TrifleErrors.ExpiredCertificate) | ||
} catch (e: CertificateNotYetValidException) { | ||
Result.failure(TrifleErrors.NotValidYetCertificate) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters