1 | |
package org.apache.maven.wagon.shared.http4; |
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
|
12 | |
|
13 | |
|
14 | |
|
15 | |
|
16 | |
|
17 | |
|
18 | |
|
19 | |
|
20 | |
|
21 | |
|
22 | |
import javax.net.ssl.SSLContext; |
23 | |
import javax.net.ssl.TrustManager; |
24 | |
import javax.net.ssl.TrustManagerFactory; |
25 | |
import javax.net.ssl.X509TrustManager; |
26 | |
import java.io.IOException; |
27 | |
import java.security.KeyStore; |
28 | |
import java.security.KeyStoreException; |
29 | |
import java.security.NoSuchAlgorithmException; |
30 | |
import java.security.cert.CertificateException; |
31 | |
import java.security.cert.CertificateExpiredException; |
32 | |
import java.security.cert.CertificateNotYetValidException; |
33 | |
import java.security.cert.X509Certificate; |
34 | |
|
35 | |
|
36 | |
|
37 | |
|
38 | |
|
39 | |
public class EasyX509TrustManager |
40 | |
implements X509TrustManager |
41 | |
{ |
42 | 1 | private X509TrustManager standardTrustManager = null; |
43 | |
|
44 | |
|
45 | |
protected static SSLContext createEasySSLContext() |
46 | |
throws IOException |
47 | |
{ |
48 | |
try |
49 | |
{ |
50 | 1 | SSLContext context = SSLContext.getInstance( "SSL" ); |
51 | 1 | context.init( null, new TrustManager[]{ new EasyX509TrustManager( null ) }, null ); |
52 | 1 | return context; |
53 | |
} |
54 | 0 | catch ( Exception e ) |
55 | |
{ |
56 | 0 | IOException ioe = new IOException( e.getMessage() ); |
57 | 0 | ioe.initCause( e ); |
58 | 0 | throw ioe; |
59 | |
} |
60 | |
} |
61 | |
|
62 | |
|
63 | |
|
64 | |
|
65 | |
public EasyX509TrustManager( KeyStore keystore ) |
66 | |
throws NoSuchAlgorithmException, KeyStoreException |
67 | |
{ |
68 | 1 | super(); |
69 | 1 | TrustManagerFactory factory = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm() ); |
70 | 1 | factory.init( keystore ); |
71 | 1 | TrustManager[] trustmanagers = factory.getTrustManagers(); |
72 | 1 | if ( trustmanagers.length == 0 ) |
73 | |
{ |
74 | 0 | throw new NoSuchAlgorithmException( "no trust manager found" ); |
75 | |
} |
76 | 1 | this.standardTrustManager = (X509TrustManager) trustmanagers[0]; |
77 | 1 | } |
78 | |
|
79 | |
|
80 | |
|
81 | |
|
82 | |
public void checkClientTrusted( X509Certificate[] certificates, String authType ) |
83 | |
throws CertificateException |
84 | |
{ |
85 | 0 | standardTrustManager.checkClientTrusted( certificates, authType ); |
86 | 0 | } |
87 | |
|
88 | |
|
89 | |
|
90 | |
|
91 | |
public void checkServerTrusted( X509Certificate[] certificates, String authType ) |
92 | |
throws CertificateException |
93 | |
{ |
94 | |
|
95 | 0 | if ( ( certificates != null ) && ( certificates.length == 1 ) ) |
96 | |
{ |
97 | |
try |
98 | |
{ |
99 | 0 | certificates[0].checkValidity(); |
100 | |
} |
101 | 0 | catch ( CertificateExpiredException e ) |
102 | |
{ |
103 | 0 | if ( !AbstractHttpClientWagon.IGNORE_SSL_VALIDITY_DATES ) |
104 | |
{ |
105 | 0 | throw e; |
106 | |
} |
107 | |
} |
108 | 0 | catch ( CertificateNotYetValidException e ) |
109 | |
{ |
110 | 0 | if ( !AbstractHttpClientWagon.IGNORE_SSL_VALIDITY_DATES ) |
111 | |
{ |
112 | 0 | throw e; |
113 | |
} |
114 | 0 | } |
115 | |
} |
116 | |
else |
117 | |
{ |
118 | 0 | standardTrustManager.checkServerTrusted( certificates, authType ); |
119 | |
} |
120 | 0 | } |
121 | |
|
122 | |
|
123 | |
|
124 | |
|
125 | |
public X509Certificate[] getAcceptedIssuers() |
126 | |
{ |
127 | 0 | return this.standardTrustManager.getAcceptedIssuers(); |
128 | |
} |
129 | |
} |