本文整理汇总了Java中javax.net.ssl.SSLPeerUnverifiedException类的典型用法代码示例。如果您正苦于以下问题:Java SSLPeerUnverifiedException类的具体用法?Java SSLPeerUnverifiedException怎么用?Java SSLPeerUnverifiedException使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
SSLPeerUnverifiedException类属于javax.net.ssl包,在下文中一共展示了SSLPeerUnverifiedException类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getPeerCertificates
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
/**
* Return the cert chain presented by the peer in the
* java.security.cert format.
* Note: This method can be used only when using certificate-based
* cipher suites; using it with non-certificate-based cipher suites,
* such as Kerberos, will throw an SSLPeerUnverifiedException.
*
* @return array of peer X.509 certs, with the peer's own cert
* first in the chain, and with the "root" CA last.
*/
@Override
public java.security.cert.Certificate[] getPeerCertificates()
throws SSLPeerUnverifiedException {
//
// clone to preserve integrity of session ... caller can't
// change record of peer identity even by accident, much
// less do it intentionally.
//
if ((cipherSuite.keyExchange == K_KRB5) ||
(cipherSuite.keyExchange == K_KRB5_EXPORT)) {
throw new SSLPeerUnverifiedException("no certificates expected"
+ " for Kerberos cipher suites");
}
if (peerCerts == null) {
throw new SSLPeerUnverifiedException("peer not authenticated");
}
// Certs are immutable objects, therefore we don't clone them.
// But do need to clone the array, so that nothing is inserted
// into peerCerts.
return (java.security.cert.Certificate[])peerCerts.clone();
}
示例2: get
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
public static Handshake get(SSLSession session) {
String cipherSuiteString = session.getCipherSuite();
if (cipherSuiteString == null) throw new IllegalStateException("cipherSuite == null");
CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString);
String tlsVersionString = session.getProtocol();
if (tlsVersionString == null) throw new IllegalStateException("tlsVersion == null");
TlsVersion tlsVersion = TlsVersion.forJavaName(tlsVersionString);
Certificate[] peerCertificates;
try {
peerCertificates = session.getPeerCertificates();
} catch (SSLPeerUnverifiedException ignored) {
peerCertificates = null;
}
List<Certificate> peerCertificatesList = peerCertificates != null
? Util.immutableList(peerCertificates)
: Collections.<Certificate>emptyList();
Certificate[] localCertificates = session.getLocalCertificates();
List<Certificate> localCertificatesList = localCertificates != null
? Util.immutableList(localCertificates)
: Collections.<Certificate>emptyList();
return new Handshake(tlsVersion, cipherSuite, peerCertificatesList, localCertificatesList);
}
示例3: unmatchingPinnedCertificate
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
@Test public void unmatchingPinnedCertificate() throws Exception {
enableTls();
server.enqueue(new MockResponse());
// Pin publicobject.com's cert.
client = client.newBuilder()
.certificatePinner(new CertificatePinner.Builder()
.add(server.getHostName(), "sha1/DmxUShsZuNiqPQsX2Oi9uv2sCnw=")
.build())
.build();
// When we pin the wrong certificate, connectivity fails.
Request request = new Request.Builder().url(server.url("/")).build();
try {
client.newCall(request).execute();
fail();
} catch (SSLPeerUnverifiedException expected) {
assertTrue(expected.getMessage().startsWith("Certificate pinning failure!"));
}
}
示例4: getServerCertificates
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
/**
* Returns the server's certificate chain, or throws
* SSLPeerUnverified Exception if
* the server did not authenticate.
*/
public java.security.cert.Certificate[] getServerCertificates()
throws SSLPeerUnverifiedException {
if (cachedResponse != null) {
List<java.security.cert.Certificate> l = ((SecureCacheResponse)cachedResponse).getServerCertificateChain();
if (l == null) {
return null;
} else {
return l.toArray(new java.security.cert.Certificate[0]);
}
}
if (http == null) {
throw new IllegalStateException("connection not yet open");
} else {
return (((HttpsClient)http).getServerCertificates ());
}
}
示例5: Entry
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
public Entry(URI uri, RawHeaders varyHeaders, HttpURLConnection httpConnection)
throws IOException {
this.uri = uri.toString();
this.varyHeaders = varyHeaders;
this.requestMethod = httpConnection.getRequestMethod();
this.responseHeaders = RawHeaders.fromMultimap(httpConnection.getHeaderFields(), true);
SSLSocket sslSocket = getSslSocket(httpConnection);
if (sslSocket != null) {
cipherSuite = sslSocket.getSession().getCipherSuite();
Certificate[] peerCertificatesNonFinal = null;
try {
peerCertificatesNonFinal = sslSocket.getSession().getPeerCertificates();
} catch (SSLPeerUnverifiedException ignored) {
}
peerCertificates = peerCertificatesNonFinal;
localCertificates = sslSocket.getSession().getLocalCertificates();
} else {
cipherSuite = null;
peerCertificates = null;
localCertificates = null;
}
}
示例6: checkError
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
public void checkError(Throwable e){
try {
throwable = e;
fireBaseReportError(e);
Crashlytics.logException(e);
e.printStackTrace();
if (e instanceof HttpException) {
int code = getHttpErrorCode(e);
httpMessage(code);
}
else if (e instanceof ConnectException) {
showToast(mContext.getString(R.string.slow_internet));
} else if (e instanceof UnknownHostException || e instanceof SocketTimeoutException) {
showToast(mContext.getString(R.string.internet_not_connected));
} else if (e instanceof SSLHandshakeException || e instanceof SSLPeerUnverifiedException) {
showToast(mContext.getString(R.string.server_problem));
} else {
showToast(mContext.getString(R.string.unknown_error_msg));
}
}
catch (Exception err){
err.printStackTrace();
}
}
示例7: getCertificateChain
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
/**
* Return the cert chain presented by the peer.
* Note: This method can be used only when using certificate-based
* cipher suites; using it with non-certificate-based cipher suites,
* such as Kerberos, will throw an SSLPeerUnverifiedException.
*
* @return array of peer X.509 certs, with the peer's own cert
* first in the chain, and with the "root" CA last.
*/
public X509Certificate[] getCertificateChain()
throws SSLPeerUnverifiedException {
/*
* clone to preserve integrity of session ... caller can't
* change record of peer identity even by accident, much
* less do it intentionally.
*/
if ((cipherSuite.keyExchange == K_KRB5) ||
(cipherSuite.keyExchange == K_KRB5_EXPORT)) {
throw new SSLPeerUnverifiedException("no certificates expected"
+ " for Kerberos cipher suites");
}
if (peerCerts != null) {
return peerCerts.clone();
} else {
throw new SSLPeerUnverifiedException("peer not authenticated");
}
}
示例8: getCertificateChain
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
/**
* Return the cert chain presented by the peer.
* Note: This method can be used only when using certificate-based
* cipher suites; using it with non-certificate-based cipher suites,
* such as Kerberos, will throw an SSLPeerUnverifiedException.
*
* @return array of peer X.509 certs, with the peer's own cert
* first in the chain, and with the "root" CA last.
*/
public X509Certificate[] getCertificateChain()
throws SSLPeerUnverifiedException {
/*
* clone to preserve integrity of session ... caller can't
* change record of peer identity even by accident, much
* less do it intentionally.
*/
if (ClientKeyExchangeService.find(cipherSuite.keyExchange.name) != null) {
throw new SSLPeerUnverifiedException("no certificates expected"
+ " for " + cipherSuite.keyExchange + " cipher suites");
}
if (peerCerts != null) {
return peerCerts.clone();
} else {
throw new SSLPeerUnverifiedException("peer not authenticated");
}
}
示例9: processResponseCertificates
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
private void processResponseCertificates(HttpURLConnection con, Response response) throws SSLPeerUnverifiedException {
if (con instanceof HttpsURLConnection) {
try {
HttpsURLConnection secureConn = (HttpsURLConnection) con;
response.cipherSuite = secureConn.getCipherSuite();
response.serverCertificates = secureConn.getServerCertificates();
response.clientCertificates = secureConn.getLocalCertificates();
} catch (IllegalStateException e) {
// If the response is not a 200, getting response certificates will fail with the (misleading) message
// "connection not yet open". Ignore this.
}
}
}
示例10: getServerCertificates
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
/**
* Returns the server's certificate chain, or throws
* SSLPeerUnverified Exception if
* the server did not authenticate.
*/
public java.security.cert.Certificate[] getServerCertificates()
throws SSLPeerUnverifiedException {
if (cachedResponse != null) {
List<java.security.cert.Certificate> l =
((SecureCacheResponse)cachedResponse)
.getServerCertificateChain();
if (l == null) {
return null;
} else {
return l.toArray(new java.security.cert.Certificate[0]);
}
}
if (http == null) {
throw new IllegalStateException("connection not yet open");
} else {
return (((HttpsClient)http).getServerCertificates ());
}
}
示例11: getPeerCertificateChain
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
@Override
public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException, RenegotiationRequiredException {
try {
return channel.getSslSession().getPeerCertificateChain();
} catch (SSLPeerUnverifiedException e) {
try {
SslClientAuthMode sslClientAuthMode = channel.getOption(Options.SSL_CLIENT_AUTH_MODE);
if (sslClientAuthMode == SslClientAuthMode.NOT_REQUESTED) {
throw new RenegotiationRequiredException();
}
} catch (IOException e1) {
//ignore, will not actually happen
}
throw e;
}
}
示例12: getPeerCertificates
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
@Override
public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException, RenegotiationRequiredException {
try {
return channel.getSslSession().getPeerCertificates();
} catch (SSLPeerUnverifiedException e) {
try {
SslClientAuthMode sslClientAuthMode = channel.getOption(Options.SSL_CLIENT_AUTH_MODE);
if (sslClientAuthMode == SslClientAuthMode.NOT_REQUESTED) {
throw new RenegotiationRequiredException();
}
} catch (IOException e1) {
//ignore, will not actually happen
}
throw e;
}
}
示例13: extractPeerDNFromServerSSLSocket
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
/**
* Returns the DN extracted from the server certificate.
*
* @param socket the SSL Socket
* @return the extracted DN
* @throws CertificateException if there is a problem parsing the certificate
*/
private static String extractPeerDNFromServerSSLSocket(Socket socket) throws CertificateException {
String dn = null;
if (socket instanceof SSLSocket) {
final SSLSocket sslSocket = (SSLSocket) socket;
try {
final Certificate[] certChains = sslSocket.getSession().getPeerCertificates();
if (certChains != null && certChains.length > 0) {
X509Certificate x509Certificate = convertAbstractX509Certificate(certChains[0]);
dn = x509Certificate.getSubjectDN().getName().trim();
logger.debug("Extracted DN={} from server certificate", dn);
}
} catch (SSLPeerUnverifiedException e) {
if (e.getMessage().equals(PEER_NOT_AUTHENTICATED_MSG)) {
logger.error("The server did not present a certificate and thus the DN cannot" +
" be extracted. Check that the other endpoint is providing a complete certificate chain");
}
throw new CertificateException(e);
}
}
return dn;
}
示例14: getPeerPrincipal
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
/**
* Returns the identity of the peer which was established as part of
* defining the session.
*
* @return the peer's principal. Returns an X500Principal of the
* end-entity certificate for X509-based cipher suites, and
* Principal for Kerberos cipher suites.
*
* @throws SSLPeerUnverifiedException if the peer's identity has not
* been verified
*/
@Override
public Principal getPeerPrincipal()
throws SSLPeerUnverifiedException
{
if ((cipherSuite.keyExchange == K_KRB5) ||
(cipherSuite.keyExchange == K_KRB5_EXPORT)) {
if (peerPrincipal == null) {
throw new SSLPeerUnverifiedException("peer not authenticated");
} else {
// Eliminate dependency on KerberosPrincipal
return peerPrincipal;
}
}
if (peerCerts == null) {
throw new SSLPeerUnverifiedException("peer not authenticated");
}
return peerCerts[0].getSubjectX500Principal();
}
示例15: get
import javax.net.ssl.SSLPeerUnverifiedException; //导入依赖的package包/类
public static Handshake get(SSLSession session) {
String cipherSuite = session.getCipherSuite();
if (cipherSuite == null) {
throw new IllegalStateException("cipherSuite == null");
}
Certificate[] peerCertificates;
List<Certificate> peerCertificatesList;
List<Certificate> localCertificatesList;
try {
peerCertificates = session.getPeerCertificates();
} catch (SSLPeerUnverifiedException e) {
peerCertificates = null;
}
if (peerCertificates != null) {
peerCertificatesList = Util.immutableList(peerCertificates);
} else {
peerCertificatesList = Collections.emptyList();
}
Certificate[] localCertificates = session.getLocalCertificates();
if (localCertificates != null) {
localCertificatesList = Util.immutableList(localCertificates);
} else {
localCertificatesList = Collections.emptyList();
}
return new Handshake(cipherSuite, peerCertificatesList, localCertificatesList);
}