001/* 002 * Copyright 2015-2024 the original author or authors 003 * 004 * This software is licensed under the Apache License, Version 2.0, 005 * the GNU Lesser General Public License version 2 or later ("LGPL") 006 * and the WTFPL. 007 * You may choose either license to govern your use of this software only 008 * upon the condition that you accept all of the terms of either 009 * the Apache License 2.0, the LGPL 2.1+ or the WTFPL. 010 */ 011package org.minidns.dane; 012 013import java.security.cert.CertificateException; 014import java.util.Collections; 015import java.util.List; 016 017import org.minidns.record.TLSA; 018 019public abstract class DaneCertificateException extends CertificateException { 020 021 /** 022 * 023 */ 024 private static final long serialVersionUID = 1L; 025 026 protected DaneCertificateException() { 027 } 028 029 protected DaneCertificateException(String message) { 030 super(message); 031 } 032 033 public static class CertificateMismatch extends DaneCertificateException { 034 035 /** 036 * 037 */ 038 private static final long serialVersionUID = 1L; 039 040 public final TLSA tlsa; 041 public final byte[] computed; 042 043 public CertificateMismatch(TLSA tlsa, byte[] computed) { 044 super("The TLSA RR does not match the certificate"); 045 this.tlsa = tlsa; 046 this.computed = computed; 047 } 048 } 049 050 public static class MultipleCertificateMismatchExceptions extends DaneCertificateException { 051 052 /** 053 * 054 */ 055 private static final long serialVersionUID = 1L; 056 057 public final List<CertificateMismatch> certificateMismatchExceptions; 058 059 public MultipleCertificateMismatchExceptions(List<CertificateMismatch> certificateMismatchExceptions) { 060 super("There where multiple CertificateMismatch exceptions because none of the TLSA RR does match the certificate"); 061 assert !certificateMismatchExceptions.isEmpty(); 062 this.certificateMismatchExceptions = Collections.unmodifiableList(certificateMismatchExceptions); 063 } 064 } 065}