本文整理汇总了Java中javax.net.ssl.X509TrustManager类的典型用法代码示例。如果您正苦于以下问题:Java X509TrustManager类的具体用法?Java X509TrustManager怎么用?Java X509TrustManager使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
X509TrustManager类属于javax.net.ssl包,在下文中一共展示了X509TrustManager类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: testLocallyTrustedCertificateChain
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
@Test
public void testLocallyTrustedCertificateChain() throws Exception {
mKeyStore.addCertificate(MATCHING_HOST, PORT1, mCert3);
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1);
trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType");
}
示例2: X509TrustManagerWrapper
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate) throws CertificateException {
this.origTm = tm;
this.verifyServerCert = verifyServerCertificate;
if (verifyServerCertificate) {
try {
Set<TrustAnchor> anch = new HashSet<TrustAnchor>();
for (X509Certificate cert : tm.getAcceptedIssuers()) {
anch.add(new TrustAnchor(cert, null));
}
this.validatorParams = new PKIXParameters(anch);
this.validatorParams.setRevocationEnabled(false);
this.validator = CertPathValidator.getInstance("PKIX");
this.certFactory = CertificateFactory.getInstance("X.509");
} catch (Exception e) {
throw new CertificateException(e);
}
}
}
示例3: checkServerTrusted
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
@Override
public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException {
CertificateException catchException = null;
for (X509TrustManager tm : trustManagers) {
try {
tm.checkServerTrusted(certificates, authType);
return;
} catch (CertificateException e) {
catchException = e;
}
}
throw catchException;
}
示例4: create
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
private void create(Path path)
throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException,
KeyManagementException {
TrustManager[] trustManagers;
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
installCertificates(path, keyStore);
String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
trustManagerFactory.init(keyStore);
trustManagers = trustManagerFactory.getTrustManagers();
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustManagers, null);
trustManager = (X509TrustManager) trustManagers[0];
X509Certificate[] acceptedIssuers = trustManager.getAcceptedIssuers();
for (X509Certificate acceptedIssuer : acceptedIssuers) {
logger.info("installed cert details: subject={} issuer={}",
acceptedIssuer.getSubjectX500Principal(), acceptedIssuer.getIssuerX500Principal());
}
}
示例5: createClient
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
private OkHttpClient createClient() {
OkHttpClient.Builder builder = new OkHttpClient.Builder();
builder.followSslRedirects(followRedirects);
if (connectTimeout != DEFAULT_TIMEOUT) {
builder.connectTimeout(connectTimeout, SECONDS);
}
if (readTimeout != DEFAULT_TIMEOUT) {
builder.readTimeout(readTimeout, SECONDS);
}
if (allowInsecure) {
X509TrustManager trustManager = createInsecureTrustManager();
SSLSocketFactory sslSocketFactory = createInsecureSslSocketFactory(trustManager);
builder.sslSocketFactory(sslSocketFactory, trustManager);
builder.hostnameVerifier(createInsecureHostnameVerifier());
}
return builder.build();
}
示例6: getX509TrustManager
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
private X509TrustManager getX509TrustManager() {
try {
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
return (X509TrustManager) trustManagers[0];
} else {
LOG.error(String.format("Error while retrieving X509 trust manager! " + "(TrustMangers: %s)",
Arrays.toString(trustManagers)));
return null;
}
} catch (NoSuchAlgorithmException | KeyStoreException e) {
LOG.error("Error while retrieving X509 trust manager!", e);
return null;
}
}
示例7: checkClientTrusted
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
@Override
public void checkClientTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
for (final X509TrustManager trustManager : trustManagers) {
try {
trustManager.checkClientTrusted(chain, authType);
return;
} catch (final CertificateException e) {
LOGGER.debug(e.getMessage(), e);
}
}
throw new CertificateException("None of the TrustManagers trust this certificate chain");
}
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:13,代码来源:FileTrustStoreSslSocketFactory.java
示例8: KeyStoresTrustManager
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
public KeyStoresTrustManager(KeyStore... keyStores) throws NoSuchAlgorithmException, KeyStoreException {
super();
for (KeyStore keystore : keyStores) {
TrustManagerFactory factory = TrustManagerFactory.getInstance("JKS");
factory.init(keystore);
TrustManager[] tms = factory.getTrustManagers();
if (tms.length == 0) {
throw new NoSuchAlgorithmException("Unable to load keystore");
}
trustManagers.add((X509TrustManager) tms[0]);
}
//Build accepted issuers list
Set<X509Certificate> issuers = new HashSet<X509Certificate>();
for (X509TrustManager tm : trustManagers) {
for (X509Certificate issuer : tm.getAcceptedIssuers()) {
issuers.add(issuer);
}
}
acceptedIssuers = issuers.toArray(new X509Certificate[issuers.size()]);
}
示例9: getDefaultOkHttpClient
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
private OkHttpClient getDefaultOkHttpClient(boolean isSecured, boolean followRedirects,
boolean followProtocolRedirects, String[] publicKeys,
Collection<Interceptor> interceptors, LogLevel logLevel) {
ClientSSLSocketFactory.setIsSecured(isSecured);
ClientSSLSocketFactory.setPublicKeys(publicKeys);
SSLSocketFactory sslSocketFactory = ClientSSLSocketFactory.getSocketFactory();
X509TrustManager trustManager = ClientSSLSocketFactory.get509TrustManager();
OkHttpClient.Builder builder = new OkHttpClient.Builder()
.sslSocketFactory(sslSocketFactory, trustManager);
HttpLoggingInterceptor loggingInterceptor = new HttpLoggingInterceptor();
loggingInterceptor.setLevel(logLevel);
builder.addInterceptor(loggingInterceptor);
for (Interceptor interceptor : interceptors) {
builder.addInterceptor(interceptor);
}
builder.followRedirects(followRedirects);
builder.followSslRedirects(followProtocolRedirects);
return builder.build();
}
示例10: testValidateResponse
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
@Test
public void testValidateResponse() throws Exception {
context = Mockito.mock(Activity.class);
PowerMockito.mockStatic(LiClientManager.class);
LiClientManager liClientManager = PowerMockito.mock(LiClientManager.class);
PowerMockito.mockStatic(SSLContext.class);
SSLContext sslContext = PowerMockito.mock(SSLContext.class);
when(sslContext.getInstance("SSL")).thenReturn(sslContext);
Mockito.doNothing().when(sslContext).init(isA(KeyManager[].class), isA(TrustManager[].class), isA(SecureRandom.class));
SSLSocketFactory socketFactory = mock(SSLSocketFactory.class);
when(sslContext.getSocketFactory()).thenReturn(socketFactory);
PowerMockito.mockStatic(Platform.class);
Platform platform = PowerMockito.mock(Platform.class);
X509TrustManager trustManager = mock(X509TrustManager.class);
when(platform.trustManager(socketFactory)).thenReturn(trustManager);
BDDMockito.given(Platform.get()).willReturn(platform);
BDDMockito.given(SSLContext.getInstance("SSL")).willReturn(sslContext);
LiRestv2Client liRestv2Client = LiRestv2Client.getInstance();
final LiBaseResponse liBaseResponse = mock(LiBaseResponse.class);
when(liBaseResponse.getHttpCode()).thenReturn(200);
LiRestv2Client liRestv2ClientSpy = spy(LiRestv2Client.class);
doReturn(liBaseResponse).when(liRestv2ClientSpy).processSync(isA(LiBaseRestRequest.class));
LiRestV2Request liBaseRestRequest = new LiRestV2Request(context, liql, "message");
liBaseRestRequest.addQueryParam("test");
LiBaseResponse liBaseResponse1 = liRestv2ClientSpy.processSync(liBaseRestRequest);
Assert.assertEquals(200, liBaseResponse1.getHttpCode());
PowerMockito.verifyStatic();
}
示例11: trustManagerForCertificates
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
/**
* Returns a trust manager that trusts {@code certificates} and none other. HTTPS services whose
* certificates have not been signed by these certificates will fail with a {@code
* SSLHandshakeException}.
*
* <p>This can be used to replace the host platform's built-in trusted certificates with a custom
* set. This is useful in development where certificate authority-trusted certificates aren't
* available. Or in production, to avoid reliance on third-party certificate authorities.
*
* <p>See also {@link CertificatePinner}, which can limit trusted certificates while still using
* the host platform's built-in trust store.
*
* <h3>Warning: Customizing Trusted Certificates is Dangerous!</h3>
*
* <p>Relying on your own trusted certificates limits your server team's ability to update their
* TLS certificates. By installing a specific set of trusted certificates, you take on additional
* operational complexity and limit your ability to migrate between certificate authorities. Do
* not use custom trusted certificates in production without the blessing of your server's TLS
* administrator.
*/
private X509TrustManager trustManagerForCertificates(InputStream in)
throws GeneralSecurityException {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
// Put the certificates a key store.
char[] password = "password".toCharArray(); // Any password will work.
KeyStore keyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = Integer.toString(index++);
keyStore.setCertificateEntry(certificateAlias, certificate);
}
// Use it to build an X509 trust manager.
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, password);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
throw new IllegalStateException("Unexpected default trust managers:"
+ Arrays.toString(trustManagers));
}
return (X509TrustManager) trustManagers[0];
}
示例12: testLocallyTrustedCertificateChainNotMatchingHost
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
@Test
public void testLocallyTrustedCertificateChainNotMatchingHost() throws Exception {
mKeyStore.addCertificate(NOT_MATCHING_HOST, PORT1, mCert3);
X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1);
trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType");
}
示例13: EasyX509TrustManager
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
/**
* Constructor for EasyX509TrustManager.
*/
public EasyX509TrustManager(KeyStore keystore)
throws NoSuchAlgorithmException, KeyStoreException {
super();
TrustManagerFactory factory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
factory.init(keystore);
TrustManager[] trustmanagers = factory.getTrustManagers();
if (trustmanagers.length == 0) {
throw new NoSuchAlgorithmException("no trust manager found");
}
this.standardTrustManager = (X509TrustManager) trustmanagers[0];
}
示例14: chooseTrustManager
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
private static X509TrustManager chooseTrustManager(TrustManager[] trustManagers) {
for (TrustManager trustManager : trustManagers) {
if (trustManager instanceof X509TrustManager) {
return (X509TrustManager) trustManager;
}
}
return null;
}
示例15: assertCertificateRejection
import javax.net.ssl.X509TrustManager; //导入依赖的package包/类
private void assertCertificateRejection(X509TrustManager trustManager,
X509Certificate[] certificates) {
boolean certificateValid;
try {
trustManager.checkServerTrusted(certificates, "authType");
certificateValid = true;
} catch (CertificateException e) {
certificateValid = false;
}
assertFalse("The certificate should have been rejected but wasn't", certificateValid);
}