class FilterX509TrustManager extends Utilities implements X509TrustManager
Utilities.SSLContextInfo
Modifier and Type | Field and Description |
---|---|
private static Object |
lock
Use for synchronizing initialization of the trustManager field.
|
private Set |
principals
The set of permitted remote principals, or null if no restriction.
|
private static X509TrustManager |
trustManager
The trust manager to delegate to.
|
private static String |
trustManagerFactoryAlgorithm
The trust manager factory algorithm.
|
ANY_KEY_ALGORITHM, clientLogger, DSA_KEY_ALGORITHM, getSubjectPermission, initLogger, INTEGRITY_PREFERRED, INTEGRITY_REQUIRED, RSA_KEY_ALGORITHM, serverLogger, UNKNOWN_PRINCIPAL
Constructor and Description |
---|
FilterX509TrustManager(Set principals)
Creates an X509TrustManager that only trusts certificate chains whose
first certificate identifies one of a set of principals.
|
Modifier and Type | Method and Description |
---|---|
private void |
check(X509Certificate[] chain)
Make sure the subject of the leaf certificate is one of the permitted
principals.
|
void |
checkClientTrusted(X509Certificate[] chain,
String authType) |
void |
checkServerTrusted(X509Certificate[] chain,
String authType) |
X509Certificate[] |
getAcceptedIssuers() |
private static X509TrustManager |
getTrustManager()
Returns the X509TrustManager to delegate to.
|
(package private) void |
setPermittedRemotePrincipals(Set principals)
Specifies the set of permitted remote principals.
|
checkValidity, contains, doesEncryption, doesServerAuthentication, equals, firstX509Cert, getCertFactory, getCipherAlgorithm, getClassName, getClientPrincipals, getClientPrincipals, getClientSSLContextInfo, getKeyAlgorithm, getKeyExchangeAlgorithm, getPermittedKeyAlgorithms, getServerPrincipals, getServerSSLContextInfo, getSupportedCipherSuites, hasStrongCipherAlgorithm, logThrow, maintainsIntegrity, permittedKeyAlgorithm, position, releaseClientSSLContextInfo, safeEquals, subjectString, toString
private static X509TrustManager trustManager
private static final Object lock
private static final String trustManagerFactoryAlgorithm
private Set principals
FilterX509TrustManager(Set principals) throws NoSuchAlgorithmException
principals
- the set of permitted remote principals, or null if no
restrictionNoSuchAlgorithmException
- if the trust manager factory algorithm
is not foundpublic void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException
checkClientTrusted
in interface X509TrustManager
CertificateException
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException
checkServerTrusted
in interface X509TrustManager
CertificateException
public X509Certificate[] getAcceptedIssuers()
getAcceptedIssuers
in interface X509TrustManager
void setPermittedRemotePrincipals(Set principals)
principals
- the set of permitted remote principals, or null if no
restrictionprivate void check(X509Certificate[] chain) throws CertificateException
CertificateException
private static X509TrustManager getTrustManager() throws NoSuchAlgorithmException
NoSuchAlgorithmException
Copyright 2007-2013, multiple authors.
Licensed under the Apache License, Version 2.0, see the NOTICE file for attributions.