当前位置: 首页>>代码示例>>Java>>正文


Java X509TrustManager.checkClientTrusted方法代码示例

本文整理汇总了Java中javax.net.ssl.X509TrustManager.checkClientTrusted方法的典型用法代码示例。如果您正苦于以下问题:Java X509TrustManager.checkClientTrusted方法的具体用法?Java X509TrustManager.checkClientTrusted怎么用?Java X509TrustManager.checkClientTrusted使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在javax.net.ssl.X509TrustManager的用法示例。


在下文中一共展示了X509TrustManager.checkClientTrusted方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: checkClientTrusted

import javax.net.ssl.X509TrustManager; //导入方法依赖的package包/类
@Override
public void checkClientTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
    for (final X509TrustManager trustManager : trustManagers) {
        try {
            trustManager.checkClientTrusted(chain, authType);
            return;
        } catch (final CertificateException e) {
            LOGGER.debug(e.getMessage(), e);
        }
    }
    throw new CertificateException("None of the TrustManagers trust this certificate chain");
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:13,代码来源:FileTrustStoreSslSocketFactory.java

示例2: checkClientTrusted

import javax.net.ssl.X509TrustManager; //导入方法依赖的package包/类
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
  throws CertificateException {
  X509TrustManager tm = trustManagerRef.get();
  if (tm != null) {
    tm.checkClientTrusted(chain, authType);
  } else {
    throw new CertificateException("Unknown client chain certificate: " +
                                   chain[0].toString());
  }
}
 
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:12,代码来源:ReloadingX509TrustManager.java

示例3: checkClientTrusted

import javax.net.ssl.X509TrustManager; //导入方法依赖的package包/类
@Override
public void checkClientTrusted(X509Certificate[] certificates, String authType) throws CertificateException {
    CertificateException catchException = null;
    for (X509TrustManager tm : trustManagers) {
        try {
            tm.checkClientTrusted(certificates, authType);
            return;
        } catch (CertificateException e) {
            catchException = e;
        }
    }
    throw catchException;
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:14,代码来源:KeyStoresTrustManager.java

示例4: validateCertificateChain

import javax.net.ssl.X509TrustManager; //导入方法依赖的package包/类
/**
 * Performs Certificate Chain Validation on provided certificates. The method verifies if the client certificates provided are generated from root certificates
 * trusted by application.
 *
 * @param clientCerts Collection of X509Certificates provided in request
 * @param trustCerts  Collection of X509Certificates trusted by application
 * @param authType    Auth Type for Certificate
 * @return true if client and server are chained together, false otherwise
 * @throws PayPalRESTException
 */
public static boolean validateCertificateChain(Collection<X509Certificate> clientCerts, Collection<X509Certificate> trustCerts, String authType) throws PayPalRESTException {
	TrustManager trustManagers[];
	X509Certificate[] clientChain;
	try {

		clientChain = clientCerts.toArray(new X509Certificate[0]);
		List<X509Certificate> list = Arrays.asList(clientChain);
		clientChain = list.toArray(new X509Certificate[0]);

		// Create a Keystore and load the Root CA Cert
		KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
		keyStore.load(null, "".toCharArray());

		// Iterate through each certificate and add to keystore
		int i = 0;
		for (Iterator<X509Certificate> payPalCertificate = trustCerts.iterator(); payPalCertificate.hasNext(); ) {
			X509Certificate x509Certificate = (X509Certificate) payPalCertificate.next();
			keyStore.setCertificateEntry("paypalCert" + i, x509Certificate);
			i++;
		}

		// Create TrustManager
		TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
		trustManagerFactory.init(keyStore);
		trustManagers = trustManagerFactory.getTrustManagers();

	} catch (Exception ex) {
		throw new PayPalRESTException(ex);
	}

	// For Each TrustManager of type X509
	for (TrustManager trustManager : trustManagers) {
		if (trustManager instanceof X509TrustManager) {
			X509TrustManager pkixTrustManager = (X509TrustManager) trustManager;
			// Check the trust manager if server is trusted
			try {
				pkixTrustManager.checkClientTrusted(clientChain, (authType == null || authType == "") ? "RSA" : authType);
				// Checks that the certificate is currently valid. It is if the current date and time are within the validity period given in the certificate.
				for (X509Certificate cert : clientChain) {
					cert.checkValidity();
					// Check for CN name matching
					String dn = cert.getSubjectX500Principal().getName();
					String[] tokens = dn.split(",");
					boolean hasPaypalCn = false;

					for (String token : tokens) {
						if (token.startsWith("CN=messageverificationcerts") && token.endsWith(".paypal.com")) {
							hasPaypalCn = true;
						}
					}

					if (!hasPaypalCn) {
						throw new PayPalRESTException("CN of client certificate does not match with trusted CN");
					}
				}
				// If everything looks good, return true
				return true;
			} catch (CertificateException e) {
				throw new PayPalRESTException(e);
			}
		}
	}


	return false;

}
 
开发者ID:funtl,项目名称:framework,代码行数:78,代码来源:SSLUtil.java


注:本文中的javax.net.ssl.X509TrustManager.checkClientTrusted方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。