當前位置: 首頁>>代碼示例>>Java>>正文

Java X509TrustManager.checkClientTrusted方法代碼示例

本文整理匯總了Java中javax.net.ssl.X509TrustManager.checkClientTrusted方法的典型用法代碼示例。如果您正苦於以下問題:Java X509TrustManager.checkClientTrusted方法的具體用法?Java X509TrustManager.checkClientTrusted怎麽用?Java X509TrustManager.checkClientTrusted使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在javax.net.ssl.X509TrustManager的用法示例。


在下文中一共展示了X509TrustManager.checkClientTrusted方法的4個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。

示例1: checkClientTrusted

import javax.net.ssl.X509TrustManager; //導入方法依賴的package包/類
@Override
public void checkClientTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
    for (final X509TrustManager trustManager : trustManagers) {
        try {
            trustManager.checkClientTrusted(chain, authType);
            return;
        } catch (final CertificateException e) {
            LOGGER.debug(e.getMessage(), e);
        }
    }
    throw new CertificateException("None of the TrustManagers trust this certificate chain");
}
開發者ID:hsj-xiaokang,項目名稱:springboot-shiro-cas-mybatis,代碼行數:13,代碼來源:FileTrustStoreSslSocketFactory.java

示例2: checkClientTrusted

import javax.net.ssl.X509TrustManager; //導入方法依賴的package包/類
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
  throws CertificateException {
  X509TrustManager tm = trustManagerRef.get();
  if (tm != null) {
    tm.checkClientTrusted(chain, authType);
  } else {
    throw new CertificateException("Unknown client chain certificate: " +
                                   chain[0].toString());
  }
}
開發者ID:nucypher,項目名稱:hadoop-oss,代碼行數:12,代碼來源:ReloadingX509TrustManager.java

示例3: checkClientTrusted

import javax.net.ssl.X509TrustManager; //導入方法依賴的package包/類
@Override
public void checkClientTrusted(X509Certificate[] certificates, String authType) throws CertificateException {
    CertificateException catchException = null;
    for (X509TrustManager tm : trustManagers) {
        try {
            tm.checkClientTrusted(certificates, authType);
            return;
        } catch (CertificateException e) {
            catchException = e;
        }
    }
    throw catchException;
}
開發者ID:blackarbiter,項目名稱:Android_Code_Arbiter,代碼行數:14,代碼來源:KeyStoresTrustManager.java

示例4: validateCertificateChain

import javax.net.ssl.X509TrustManager; //導入方法依賴的package包/類
/**
 * Performs Certificate Chain Validation on provided certificates. The method verifies if the client certificates provided are generated from root certificates
 * trusted by application.
 *
 * @param clientCerts Collection of X509Certificates provided in request
 * @param trustCerts  Collection of X509Certificates trusted by application
 * @param authType    Auth Type for Certificate
 * @return true if client and server are chained together, false otherwise
 * @throws PayPalRESTException
 */
public static boolean validateCertificateChain(Collection<X509Certificate> clientCerts, Collection<X509Certificate> trustCerts, String authType) throws PayPalRESTException {
	TrustManager trustManagers[];
	X509Certificate[] clientChain;
	try {

		clientChain = clientCerts.toArray(new X509Certificate[0]);
		List<X509Certificate> list = Arrays.asList(clientChain);
		clientChain = list.toArray(new X509Certificate[0]);

		// Create a Keystore and load the Root CA Cert
		KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
		keyStore.load(null, "".toCharArray());

		// Iterate through each certificate and add to keystore
		int i = 0;
		for (Iterator<X509Certificate> payPalCertificate = trustCerts.iterator(); payPalCertificate.hasNext(); ) {
			X509Certificate x509Certificate = (X509Certificate) payPalCertificate.next();
			keyStore.setCertificateEntry("paypalCert" + i, x509Certificate);
			i++;
		}

		// Create TrustManager
		TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
		trustManagerFactory.init(keyStore);
		trustManagers = trustManagerFactory.getTrustManagers();

	} catch (Exception ex) {
		throw new PayPalRESTException(ex);
	}

	// For Each TrustManager of type X509
	for (TrustManager trustManager : trustManagers) {
		if (trustManager instanceof X509TrustManager) {
			X509TrustManager pkixTrustManager = (X509TrustManager) trustManager;
			// Check the trust manager if server is trusted
			try {
				pkixTrustManager.checkClientTrusted(clientChain, (authType == null || authType == "") ? "RSA" : authType);
				// Checks that the certificate is currently valid. It is if the current date and time are within the validity period given in the certificate.
				for (X509Certificate cert : clientChain) {
					cert.checkValidity();
					// Check for CN name matching
					String dn = cert.getSubjectX500Principal().getName();
					String[] tokens = dn.split(",");
					boolean hasPaypalCn = false;

					for (String token : tokens) {
						if (token.startsWith("CN=messageverificationcerts") && token.endsWith(".paypal.com")) {
							hasPaypalCn = true;
						}
					}

					if (!hasPaypalCn) {
						throw new PayPalRESTException("CN of client certificate does not match with trusted CN");
					}
				}
				// If everything looks good, return true
				return true;
			} catch (CertificateException e) {
				throw new PayPalRESTException(e);
			}
		}
	}


	return false;

}
開發者ID:funtl,項目名稱:framework,代碼行數:78,代碼來源:SSLUtil.java


注:本文中的javax.net.ssl.X509TrustManager.checkClientTrusted方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。