Java Code Examples for javax.net.ssl.X509TrustManager

The following are top voted examples for showing how to use javax.net.ssl.X509TrustManager. These examples are extracted from open source projects. You can vote up the examples you like and your votes will be used in our system to generate more good examples.
Example 1
Project: OpenVertretung   File: ExportControlled.java   Source Code and License 9 votes vote down vote up
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate) throws CertificateException {
    this.origTm = tm;
    this.verifyServerCert = verifyServerCertificate;

    if (verifyServerCertificate) {
        try {
            Set<TrustAnchor> anch = new HashSet<TrustAnchor>();
            for (X509Certificate cert : tm.getAcceptedIssuers()) {
                anch.add(new TrustAnchor(cert, null));
            }
            this.validatorParams = new PKIXParameters(anch);
            this.validatorParams.setRevocationEnabled(false);
            this.validator = CertPathValidator.getInstance("PKIX");
            this.certFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e) {
            throw new CertificateException(e);
        }
    }
}
 
Example 2
Project: q-mail   File: TrustManagerFactoryTest.java   Source Code and License 8 votes vote down vote up
@Test
public void testLocallyTrustedCertificateChain() throws Exception {
    mKeyStore.addCertificate(MATCHING_HOST, PORT1, mCert3);

    X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1);
    trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType");
}
 
Example 3
Project: the-vigilantes   File: ExportControlled.java   Source Code and License 8 votes vote down vote up
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate) throws CertificateException {
    this.origTm = tm;
    this.verifyServerCert = verifyServerCertificate;

    if (verifyServerCertificate) {
        try {
            Set<TrustAnchor> anch = new HashSet<TrustAnchor>();
            for (X509Certificate cert : tm.getAcceptedIssuers()) {
                anch.add(new TrustAnchor(cert, null));
            }
            this.validatorParams = new PKIXParameters(anch);
            this.validatorParams.setRevocationEnabled(false);
            this.validator = CertPathValidator.getInstance("PKIX");
            this.certFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e) {
            throw new CertificateException(e);
        }
    }
}
 
Example 4
Project: ProyectoPacientes   File: ExportControlled.java   Source Code and License 7 votes vote down vote up
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate) throws CertificateException {
    this.origTm = tm;
    this.verifyServerCert = verifyServerCertificate;

    if (verifyServerCertificate) {
        try {
            Set<TrustAnchor> anch = new HashSet<TrustAnchor>();
            for (X509Certificate cert : tm.getAcceptedIssuers()) {
                anch.add(new TrustAnchor(cert, null));
            }
            this.validatorParams = new PKIXParameters(anch);
            this.validatorParams.setRevocationEnabled(false);
            this.validator = CertPathValidator.getInstance("PKIX");
            this.certFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e) {
            throw new CertificateException(e);
        }
    }
}
 
Example 5
Project: Android_Code_Arbiter   File: KeyStoresTrustManager.java   Source Code and License 6 votes vote down vote up
@Override
public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException {
    CertificateException catchException = null;
    for (X509TrustManager tm : trustManagers) {
        try {
            tm.checkServerTrusted(certificates, authType);
            return;
        } catch (CertificateException e) {
            catchException = e;
        }
    }
    throw catchException;
}
 
Example 6
Project: outland   File: CertificateLoader.java   Source Code and License 6 votes vote down vote up
private void create(Path path)
    throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException,
    KeyManagementException {
  TrustManager[] trustManagers;
  KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
  keyStore.load(null, null);

  installCertificates(path, keyStore);

  String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
  TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
  trustManagerFactory.init(keyStore);
  trustManagers = trustManagerFactory.getTrustManagers();
  sslContext = SSLContext.getInstance("TLS");
  sslContext.init(null, trustManagers, null);
  trustManager = (X509TrustManager) trustManagers[0];
  X509Certificate[] acceptedIssuers = trustManager.getAcceptedIssuers();
  for (X509Certificate acceptedIssuer : acceptedIssuers) {
    logger.info("installed cert details: subject={} issuer={}",
        acceptedIssuer.getSubjectX500Principal(), acceptedIssuer.getIssuerX500Principal());
  }
}
 
Example 7
Project: GitHub   File: Main.java   Source Code and License 6 votes vote down vote up
private OkHttpClient createClient() {
  OkHttpClient.Builder builder = new OkHttpClient.Builder();
  builder.followSslRedirects(followRedirects);
  if (connectTimeout != DEFAULT_TIMEOUT) {
    builder.connectTimeout(connectTimeout, SECONDS);
  }
  if (readTimeout != DEFAULT_TIMEOUT) {
    builder.readTimeout(readTimeout, SECONDS);
  }
  if (allowInsecure) {
    X509TrustManager trustManager = createInsecureTrustManager();
    SSLSocketFactory sslSocketFactory = createInsecureSslSocketFactory(trustManager);
    builder.sslSocketFactory(sslSocketFactory, trustManager);
    builder.hostnameVerifier(createInsecureHostnameVerifier());
  }
  return builder.build();
}
 
Example 8
Project: springboot-shiro-cas-mybatis   File: FileTrustStoreSslSocketFactory.java   Source Code and License 6 votes vote down vote up
@Override
public void checkClientTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
    for (final X509TrustManager trustManager : trustManagers) {
        try {
            trustManager.checkClientTrusted(chain, authType);
            return;
        } catch (final CertificateException e) {
            LOGGER.debug(e.getMessage(), e);
        }
    }
    throw new CertificateException("None of the TrustManagers trust this certificate chain");
}
 
Example 9
Project: super-volley   File: SuperVolley.java   Source Code and License 6 votes vote down vote up
private OkHttpClient getDefaultOkHttpClient(boolean isSecured, boolean followRedirects,
                                            boolean followProtocolRedirects, String[] publicKeys,
                                            Collection<Interceptor> interceptors, LogLevel logLevel) {
    ClientSSLSocketFactory.setIsSecured(isSecured);
    ClientSSLSocketFactory.setPublicKeys(publicKeys);
    SSLSocketFactory sslSocketFactory = ClientSSLSocketFactory.getSocketFactory();
    X509TrustManager trustManager = ClientSSLSocketFactory.get509TrustManager();
    OkHttpClient.Builder builder = new OkHttpClient.Builder()
            .sslSocketFactory(sslSocketFactory, trustManager);
    HttpLoggingInterceptor loggingInterceptor = new HttpLoggingInterceptor();
    loggingInterceptor.setLevel(logLevel);
    builder.addInterceptor(loggingInterceptor);
    for (Interceptor interceptor : interceptors) {
        builder.addInterceptor(interceptor);
    }
    builder.followRedirects(followRedirects);
    builder.followSslRedirects(followProtocolRedirects);
    return builder.build();
}
 
Example 10
Project: li-android-sdk-core   File: LiRestv2ClientTest.java   Source Code and License 5 votes vote down vote up
@Test
public void testValidateResponse() throws Exception {
    context = Mockito.mock(Activity.class);
    PowerMockito.mockStatic(LiClientManager.class);
    LiClientManager liClientManager = PowerMockito.mock(LiClientManager.class);

    PowerMockito.mockStatic(SSLContext.class);
    SSLContext sslContext = PowerMockito.mock(SSLContext.class);
    when(sslContext.getInstance("SSL")).thenReturn(sslContext);
    Mockito.doNothing().when(sslContext).init(isA(KeyManager[].class), isA(TrustManager[].class), isA(SecureRandom.class));
    SSLSocketFactory socketFactory = mock(SSLSocketFactory.class);
    when(sslContext.getSocketFactory()).thenReturn(socketFactory);

    PowerMockito.mockStatic(Platform.class);
    Platform platform = PowerMockito.mock(Platform.class);
    X509TrustManager trustManager = mock(X509TrustManager.class);
    when(platform.trustManager(socketFactory)).thenReturn(trustManager);
    BDDMockito.given(Platform.get()).willReturn(platform);

    BDDMockito.given(SSLContext.getInstance("SSL")).willReturn(sslContext);

    LiRestv2Client liRestv2Client = LiRestv2Client.getInstance();
    final LiBaseResponse liBaseResponse = mock(LiBaseResponse.class);
    when(liBaseResponse.getHttpCode()).thenReturn(200);
    LiRestv2Client liRestv2ClientSpy = spy(LiRestv2Client.class);
    doReturn(liBaseResponse).when(liRestv2ClientSpy).processSync(isA(LiBaseRestRequest.class));

    LiRestV2Request liBaseRestRequest = new LiRestV2Request(context, liql, "message");
    liBaseRestRequest.addQueryParam("test");

    LiBaseResponse liBaseResponse1 = liRestv2ClientSpy.processSync(liBaseRestRequest);

    Assert.assertEquals(200, liBaseResponse1.getHttpCode());
    PowerMockito.verifyStatic();
}
 
Example 11
Project: Book-Shelf   File: CustomTrust.java   Source Code and License 5 votes vote down vote up
/**
 * Returns a trust manager that trusts {@code certificates} and none other. HTTPS services whose
 * certificates have not been signed by these certificates will fail with a {@code
 * SSLHandshakeException}.
 *
 * <p>This can be used to replace the host platform's built-in trusted certificates with a custom
 * set. This is useful in development where certificate authority-trusted certificates aren't
 * available. Or in production, to avoid reliance on third-party certificate authorities.
 *
 * <p>See also {@link CertificatePinner}, which can limit trusted certificates while still using
 * the host platform's built-in trust store.
 *
 * <h3>Warning: Customizing Trusted Certificates is Dangerous!</h3>
 *
 * <p>Relying on your own trusted certificates limits your server team's ability to update their
 * TLS certificates. By installing a specific set of trusted certificates, you take on additional
 * operational complexity and limit your ability to migrate between certificate authorities. Do
 * not use custom trusted certificates in production without the blessing of your server's TLS
 * administrator.
 */
private X509TrustManager trustManagerForCertificates(InputStream in)
        throws GeneralSecurityException {
    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
    Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);
    if (certificates.isEmpty()) {
        throw new IllegalArgumentException("expected non-empty set of trusted certificates");
    }

    // Put the certificates a key store.
    char[] password = "password".toCharArray(); // Any password will work.
    KeyStore keyStore = newEmptyKeyStore(password);
    int index = 0;
    for (Certificate certificate : certificates) {
        String certificateAlias = Integer.toString(index++);
        keyStore.setCertificateEntry(certificateAlias, certificate);
    }

    // Use it to build an X509 trust manager.
    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(
            KeyManagerFactory.getDefaultAlgorithm());
    keyManagerFactory.init(keyStore, password);
    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
            TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(keyStore);
    TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
    if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
        throw new IllegalStateException("Unexpected default trust managers:"
                + Arrays.toString(trustManagers));
    }
    return (X509TrustManager) trustManagers[0];
}
 
Example 12
Project: q-mail   File: TrustManagerFactoryTest.java   Source Code and License 5 votes vote down vote up
@Test
public void testLocallyTrustedCertificateChainNotMatchingHost() throws Exception {
    mKeyStore.addCertificate(NOT_MATCHING_HOST, PORT1, mCert3);

    X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1);
    trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType");
}
 
Example 13
Project: RxEasyHttp   File: HttpsUtils.java   Source Code and License 5 votes vote down vote up
private static X509TrustManager chooseTrustManager(TrustManager[] trustManagers) {
    for (TrustManager trustManager : trustManagers) {
        if (trustManager instanceof X509TrustManager) {
            return (X509TrustManager) trustManager;
        }
    }
    return null;
}
 
Example 14
Project: q-mail   File: TrustManagerFactoryTest.java   Source Code and License 5 votes vote down vote up
private void assertCertificateRejection(X509TrustManager trustManager,
        X509Certificate[] certificates) {
    boolean certificateValid;
    try {
        trustManager.checkServerTrusted(certificates, "authType");
        certificateValid = true;
    } catch (CertificateException e) {
        certificateValid = false;
    }
    assertFalse("The certificate should have been rejected but wasn't", certificateValid);
}
 
Example 15
Project: GitHub   File: HttpsUtils.java   Source Code and License 5 votes vote down vote up
private static X509TrustManager chooseTrustManager(TrustManager[] trustManagers)
{
    for (TrustManager trustManager : trustManagers)
    {
        if (trustManager instanceof X509TrustManager)
        {
            return (X509TrustManager) trustManager;
        }
    }
    return null;
}
 
Example 16
Project: TPlayer   File: HttpsUtils.java   Source Code and License 5 votes vote down vote up
private static X509TrustManager chooseTrustManager(TrustManager[] trustManagers) {
    for (TrustManager trustManager : trustManagers) {
        if (trustManager instanceof X509TrustManager) {
            return (X509TrustManager) trustManager;
        }
    }
    return null;
}
 
Example 17
Project: Tusky   File: OkHttpUtils.java   Source Code and License 5 votes vote down vote up
/**
 * Android version Nougat has a regression where elliptic curve cipher suites are supported, but
 * only the curve secp256r1 is allowed. So, first it's best to just disable all elliptic
 * ciphers, try the connection, and fall back to the all cipher suites enabled list after.
 */
private static void addNougatFixConnectionSpec(List<ConnectionSpec> specList) {
    if (Build.VERSION.SDK_INT != Build.VERSION_CODES.N) {
        return;
    }
    SSLSocketFactory socketFactory;
    try {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
                TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
            throw new IllegalStateException("Unexpected default trust managers:"
                    + Arrays.toString(trustManagers));
        }

        X509TrustManager trustManager = (X509TrustManager) trustManagers[0];

        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(null, new TrustManager[] { trustManager }, null);
        socketFactory = sslContext.getSocketFactory();
    } catch (NoSuchAlgorithmException|KeyStoreException|KeyManagementException e) {
        Log.e(TAG, "Failed obtaining the SSL socket factory.");
        return;
    }
    String[] cipherSuites = socketFactory.getDefaultCipherSuites();
    ArrayList<String> allowedList = new ArrayList<>();
    for (String suite : cipherSuites) {
        if (!suite.contains("ECDH")) {
            allowedList.add(suite);
        }
    }
    ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
            .cipherSuites(allowedList.toArray(new String[0]))
            .supportsTlsExtensions(true)
            .build();
    specList.add(spec);
}
 
Example 18
Project: EasyAppleSyncAdapter   File: SSLSocketFactoryCompat.java   Source Code and License 5 votes vote down vote up
public SSLSocketFactoryCompat(@NonNull X509TrustManager trustManager) {
    try {
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(null, new X509TrustManager[] {trustManager}, null);
        delegate = sslContext.getSocketFactory();
    } catch (GeneralSecurityException e) {
        throw new AssertionError(); // The system has no TLS. Just give up.
    }
}
 
Example 19
Project: GitHub   File: Jdk9Platform.java   Source Code and License 5 votes vote down vote up
@Override public X509TrustManager trustManager(SSLSocketFactory sslSocketFactory) {
  // Not supported due to access checks on JDK 9+:
  // java.lang.reflect.InaccessibleObjectException: Unable to make member of class
  // sun.security.ssl.SSLSocketFactoryImpl accessible:  module java.base does not export
  // sun.security.ssl to unnamed module @xxx
  throw new UnsupportedOperationException(
      "clientBuilder.sslSocketFactory(SSLSocketFactory) not supported on JDK 9+");
}
 
Example 20
Project: openjdk-jdk10   File: TrustManagerTest.java   Source Code and License 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    if (initSecmod() == false) {
        return;
    }

    if ("sparc".equals(System.getProperty("os.arch")) == false) {
        // we have not updated other platforms with the proper NSS libraries yet
        System.out.println("Test currently works only on solaris-sparc, skipping");
        return;
    }

    String configName = BASE + SEP + "fips.cfg";
    Provider p = getSunPKCS11(configName);

    System.out.println(p);
    Security.addProvider(p);

    Security.removeProvider("SunJSSE");
    Provider jsse = new com.sun.net.ssl.internal.ssl.Provider(p);
    Security.addProvider(jsse);
    System.out.println(jsse.getInfo());

    KeyStore ks = KeyStore.getInstance("PKCS11", p);
    ks.load(null, "test12".toCharArray());

    X509Certificate server = loadCertificate("certs/server.cer");
    X509Certificate ca = loadCertificate("certs/ca.cer");
    X509Certificate anchor = loadCertificate("certs/anchor.cer");

    if (args.length > 1 && "sm".equals(args[0])) {
        Policy.setPolicy(Policy.getInstance("JavaPolicy",
                new URIParameter(new File(BASE, args[1]).toURI())));
        System.setSecurityManager(new SecurityManager());
    }

    KeyStore trustStore = KeyStore.getInstance("JKS");
    trustStore.load(null, null);
    trustStore.setCertificateEntry("anchor", anchor);

    TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");
    tmf.init(trustStore);

    X509TrustManager tm = (X509TrustManager)tmf.getTrustManagers()[0];

    X509Certificate[] chain = {server, ca, anchor};

    tm.checkServerTrusted(chain, "RSA");

    System.out.println("OK");
}
 
Example 21
Project: JKApp   File: HttpsCerManager.java   Source Code and License 5 votes vote down vote up
private X509TrustManager chooseTrustManager(TrustManager[] trustManagers) {
    for (TrustManager trustManager : trustManagers) {
        if (trustManager instanceof X509TrustManager) {
            return (X509TrustManager) trustManager;
        }
    }
    return null;
}
 
Example 22
Project: okhttpUtil   File: HttpsUtil.java   Source Code and License 5 votes vote down vote up
private static X509TrustManager chooseTrustManager(TrustManager[] trustManagers)
{
    for (TrustManager trustManager : trustManagers)
    {
        if (trustManager instanceof X509TrustManager)
        {
            return (X509TrustManager) trustManager;
        }
    }
    return null;
}
 
Example 23
Project: GitHub   File: CertificateChainCleanerTest.java   Source Code and License 5 votes vote down vote up
@Test public void equalsFromTrustManager() throws Exception {
  SslClient client = new SslClient.Builder().build();
  X509TrustManager x509TrustManager = client.trustManager;
  assertEquals(
      CertificateChainCleaner.get(x509TrustManager),
      CertificateChainCleaner.get(x509TrustManager));
}
 
Example 24
Project: GitHub   File: CustomCipherSuites.java   Source Code and License 5 votes vote down vote up
public CustomCipherSuites() throws GeneralSecurityException {
  // Configure cipher suites to demonstrate how to customize which cipher suites will be used for
  // an OkHttp request. In order to be selected a cipher suite must be included in both OkHttp's
  // connection spec and in the SSLSocket's enabled cipher suites array. Most applications should
  // not customize the cipher suites list.
  List<CipherSuite> customCipherSuites = Arrays.asList(
      CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
      CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
      CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
      CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384);
  final ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
      .cipherSuites(customCipherSuites.toArray(new CipherSuite[0]))
      .build();

  X509TrustManager trustManager = defaultTrustManager();
  SSLSocketFactory sslSocketFactory = defaultSslSocketFactory(trustManager);
  SSLSocketFactory customSslSocketFactory = new DelegatingSSLSocketFactory(sslSocketFactory) {
    @Override protected SSLSocket configureSocket(SSLSocket socket) throws IOException {
      socket.setEnabledCipherSuites(javaNames(spec.cipherSuites()));
      return socket;
    }
  };

  client = new OkHttpClient.Builder()
      .connectionSpecs(Collections.singletonList(spec))
      .sslSocketFactory(customSslSocketFactory, trustManager)
      .build();
}
 
Example 25
Project: hadoop   File: ReloadingX509TrustManager.java   Source Code and License 5 votes vote down vote up
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
  throws CertificateException {
  X509TrustManager tm = trustManagerRef.get();
  if (tm != null) {
    tm.checkClientTrusted(chain, authType);
  } else {
    throw new CertificateException("Unknown client chain certificate: " +
                                   chain[0].toString());
  }
}
 
Example 26
Project: GitHub   File: CustomCipherSuites.java   Source Code and License 5 votes vote down vote up
/** Returns a trust manager that trusts the VM's default certificate authorities. */
private X509TrustManager defaultTrustManager() throws GeneralSecurityException {
  TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
      TrustManagerFactory.getDefaultAlgorithm());
  trustManagerFactory.init((KeyStore) null);
  TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
  if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
    throw new IllegalStateException("Unexpected default trust managers:"
        + Arrays.toString(trustManagers));
  }
  return (X509TrustManager) trustManagers[0];
}
 
Example 27
Project: GitHub   File: AndroidPlatform.java   Source Code and License 5 votes vote down vote up
public CertificateChainCleaner buildCertificateChainCleaner(X509TrustManager trustManager) {
  try {
    Class<?> extensionsClass = Class.forName("android.net.http.X509TrustManagerExtensions");
    Constructor<?> constructor = extensionsClass.getConstructor(X509TrustManager.class);
    Object extensions = constructor.newInstance(trustManager);
    Method checkServerTrusted = extensionsClass.getMethod(
        "checkServerTrusted", X509Certificate[].class, String.class, String.class);
    return new AndroidCertificateChainCleaner(extensions, checkServerTrusted);
  } catch (Exception e) {
    return super.buildCertificateChainCleaner(trustManager);
  }
}
 
Example 28
Project: GitHub   File: Platform.java   Source Code and License 5 votes vote down vote up
protected X509TrustManager trustManager(SSLSocketFactory sslSocketFactory) {
  // Attempt to get the trust manager from an OpenJDK socket factory. We attempt this on all
  // platforms in order to support Robolectric, which mixes classes from both Android and the
  // Oracle JDK. Note that we don't support HTTP/2 or other nice features on Robolectric.
  try {
    Class<?> sslContextClass = Class.forName("sun.security.ssl.SSLContextImpl");
    Object context = readFieldOrNull(sslSocketFactory, sslContextClass, "context");
    if (context == null) return null;
    return readFieldOrNull(context, X509TrustManager.class, "trustManager");
  } catch (ClassNotFoundException e) {
    return null;
  }
}
 
Example 29
Project: jdk8u-jdk   File: CipherTestUtils.java   Source Code and License 5 votes vote down vote up
public AlwaysTrustManager(KeyStore keyStore)
        throws NoSuchAlgorithmException, KeyStoreException {

    TrustManagerFactory tmf
            = TrustManagerFactory.getInstance(TrustManagerFactory.
                    getDefaultAlgorithm());
    tmf.init(keyStore);

    TrustManager tms[] = tmf.getTrustManagers();
    for (TrustManager tm : tms) {
        trustManager = (X509TrustManager) tm;
        return;
    }

}
 
Example 30
Project: zabbkit-android   File: MyX509TrustManager.java   Source Code and License 5 votes vote down vote up
private static X509TrustManager findX509TrustManager(TrustManagerFactory tmf) {
	TrustManager tms[] = tmf.getTrustManagers();
	for (final TrustManager tm : tms) {
		if (tm instanceof X509TrustManager) {
			return (X509TrustManager) tm;
		}
	}

	return null;
}
 
Example 31
Project: MVVM-JueJin   File: HttpsUtil.java   Source Code and License 5 votes vote down vote up
private static X509TrustManager chooseTrustManager(TrustManager[] trustManagers)
{
    for (TrustManager trustManager : trustManagers)
    {
        if (trustManager instanceof X509TrustManager)
        {
            return (X509TrustManager) trustManager;
        }
    }
    return null;
}
 
Example 32
Project: GitHub   File: CustomCipherSuites.java   Source Code and License 5 votes vote down vote up
public CustomCipherSuites() throws GeneralSecurityException {
  // Configure cipher suites to demonstrate how to customize which cipher suites will be used for
  // an OkHttp request. In order to be selected a cipher suite must be included in both OkHttp's
  // connection spec and in the SSLSocket's enabled cipher suites array. Most applications should
  // not customize the cipher suites list.
  List<CipherSuite> customCipherSuites = Arrays.asList(
      CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
      CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
      CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
      CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384);
  final ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
      .cipherSuites(customCipherSuites.toArray(new CipherSuite[0]))
      .build();

  X509TrustManager trustManager = defaultTrustManager();
  SSLSocketFactory sslSocketFactory = defaultSslSocketFactory(trustManager);
  SSLSocketFactory customSslSocketFactory = new DelegatingSSLSocketFactory(sslSocketFactory) {
    @Override protected SSLSocket configureSocket(SSLSocket socket) throws IOException {
      socket.setEnabledCipherSuites(javaNames(spec.cipherSuites()));
      return socket;
    }
  };

  client = new OkHttpClient.Builder()
      .connectionSpecs(Collections.singletonList(spec))
      .sslSocketFactory(customSslSocketFactory, trustManager)
      .build();
}
 
Example 33
Project: GitHub   File: CustomCipherSuites.java   Source Code and License 5 votes vote down vote up
/** Returns a trust manager that trusts the VM's default certificate authorities. */
private X509TrustManager defaultTrustManager() throws GeneralSecurityException {
  TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
      TrustManagerFactory.getDefaultAlgorithm());
  trustManagerFactory.init((KeyStore) null);
  TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
  if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
    throw new IllegalStateException("Unexpected default trust managers:"
        + Arrays.toString(trustManagers));
  }
  return (X509TrustManager) trustManagers[0];
}
 
Example 34
Project: GitHub   File: CustomTrust.java   Source Code and License 5 votes vote down vote up
public CustomTrust() {
  X509TrustManager trustManager;
  SSLSocketFactory sslSocketFactory;
  try {
    trustManager = trustManagerForCertificates(trustedCertificatesInputStream());
    SSLContext sslContext = SSLContext.getInstance("TLS");
    sslContext.init(null, new TrustManager[] { trustManager }, null);
    sslSocketFactory = sslContext.getSocketFactory();
  } catch (GeneralSecurityException e) {
    throw new RuntimeException(e);
  }

  client = new OkHttpClient.Builder()
      .sslSocketFactory(sslSocketFactory, trustManager)
      .build();
}
 
Example 35
Project: GitHub   File: SslClient.java   Source Code and License 5 votes vote down vote up
public SslClient build() {
  try {
    // Put the certificate in a key store.
    char[] password = "password".toCharArray();
    KeyStore keyStore = newEmptyKeyStore(password);

    if (keyPair != null) {
      Certificate[] certificates = chainCertificates.toArray(
          new Certificate[chainCertificates.size()]);
      keyStore.setKeyEntry("private", keyPair.getPrivate(), password, certificates);
    }

    for (int i = 0; i < certificates.size(); i++) {
      keyStore.setCertificateEntry("cert_" + i, certificates.get(i));
    }

    // Wrap it up in an SSL context.
    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(
        KeyManagerFactory.getDefaultAlgorithm());
    keyManagerFactory.init(keyStore, password);
    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
        TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(keyStore);
    TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();

    if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
      throw new IllegalStateException("Unexpected default trust managers:"
          + Arrays.toString(trustManagers));
    }

    SSLContext sslContext = SSLContext.getInstance("TLS");
    sslContext.init(keyManagerFactory.getKeyManagers(), trustManagers, new SecureRandom());

    return new SslClient(sslContext, (X509TrustManager) trustManagers[0]);
  } catch (GeneralSecurityException gse) {
    throw new AssertionError(gse);
  }
}
 
Example 36
Project: XinFramework   File: HttpsUtils.java   Source Code and License 5 votes vote down vote up
private static X509TrustManager chooseTrustManager(TrustManager[] trustManagers) {
    for (TrustManager trustManager : trustManagers) {
        if (trustManager instanceof X509TrustManager) {
            return (X509TrustManager) trustManager;
        }
    }
    return null;
}
 
Example 37
Project: GitHub   File: HttpsUtils.java   Source Code and License 5 votes vote down vote up
private static X509TrustManager chooseTrustManager(TrustManager[] trustManagers) {
    for (TrustManager trustManager : trustManagers) {
        if (trustManager instanceof X509TrustManager) {
            return (X509TrustManager) trustManager;
        }
    }
    return null;
}
 
Example 38
Project: dracoon-dropzone   File: RestClient.java   Source Code and License 5 votes vote down vote up
private X509TrustManager getX509TrustManager() {
	try {
		TrustManagerFactory trustManagerFactory = TrustManagerFactory
				.getInstance(TrustManagerFactory.getDefaultAlgorithm());
		trustManagerFactory.init((KeyStore) null);
		TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
		if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
			return (X509TrustManager) trustManagers[0];
		} else {
			LOG.error(String.format("Error while retrieving X509 trust manager! " + "(TrustMangers: %s)",
					Arrays.toString(trustManagers)));
			return null;
		}
	} catch (NoSuchAlgorithmException | KeyStoreException e) {
		LOG.error("Error while retrieving X509 trust manager!", e);
		return null;
	}
}
 
Example 39
Project: outland   File: CertificateLoaderTest.java   Source Code and License 5 votes vote down vote up
@Test
public void createNone() throws IOException {
  String fPath = "file://" + folder.newFolder().getAbsolutePath();
  CertificateLoader securitySupport = new CertificateLoader(fPath);
  X509TrustManager x509TrustManager = securitySupport.trustManager();
  SSLContext sslContext = securitySupport.sslContext();

  assertNotNull(x509TrustManager);
  assertNotNull(sslContext);

  X509Certificate[] acceptedIssuers = x509TrustManager.getAcceptedIssuers();
  assertEquals(0, acceptedIssuers.length);
}
 
Example 40
Project: springboot-shiro-cas-mybatis   File: FileTrustStoreSslSocketFactory.java   Source Code and License 5 votes vote down vote up
@Override
public void checkServerTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
    for (final X509TrustManager trustManager : trustManagers) {
        try {
            trustManager.checkServerTrusted(chain, authType);
            return;
        } catch (final CertificateException e) {
            LOGGER.debug(e.getMessage(), e);
        }
    }
    throw new CertificateException("None of the TrustManagers trust this certificate chain");
}
 
Example 41
Project: springboot-shiro-cas-mybatis   File: FileTrustStoreSslSocketFactory.java   Source Code and License 5 votes vote down vote up
@Override
public X509Certificate[] getAcceptedIssuers() {
    final List<X509Certificate> certificates = new ArrayList<>();
    for (final X509TrustManager trustManager : trustManagers) {
        final List<X509Certificate> list = Arrays.asList(trustManager.getAcceptedIssuers());
        certificates.addAll(list);
    }
    return certificates.toArray(new X509Certificate[] {});
}
 
Example 42
Project: springboot-shiro-cas-mybatis   File: FileTrustStoreSslSocketFactory.java   Source Code and License 5 votes vote down vote up
@Override
public void checkClientTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
    for (final X509TrustManager trustManager : trustManagers) {
        try {
            trustManager.checkClientTrusted(chain, authType);
            return;
        } catch (final CertificateException e) {
            LOGGER.debug(e.getMessage(), e);
        }
    }
    throw new CertificateException("None of the TrustManagers trust this certificate chain");
}
 
Example 43
Project: springboot-shiro-cas-mybatis   File: FileTrustStoreSslSocketFactory.java   Source Code and License 5 votes vote down vote up
@Override
public X509Certificate[] getAcceptedIssuers() {
    final List<X509Certificate> certificates = new ArrayList<>();
    for (final X509TrustManager trustManager : trustManagers) {
        final List<X509Certificate> list = Arrays.asList(trustManager.getAcceptedIssuers());
        certificates.addAll(list);
    }
    return certificates.toArray(new X509Certificate[] {});
}
 
Example 44
Project: lib-commons-httpclient   File: EasyX509TrustManager.java   Source Code and License 5 votes vote down vote up
/**
 * Constructor for EasyX509TrustManager.
 */
public EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
    super();
    TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    factory.init(keystore);
    TrustManager[] trustmanagers = factory.getTrustManagers();
    if (trustmanagers.length == 0) {
        throw new NoSuchAlgorithmException("no trust manager found");
    }
    this.standardTrustManager = (X509TrustManager)trustmanagers[0];
}
 
Example 45
Project: cas-5.1.0   File: FileTrustStoreSslSocketFactory.java   Source Code and License 5 votes vote down vote up
/**
 * Gets the trusted ssl context.
 *
 * @param trustStoreFile     the trust store file
 * @param trustStorePassword the trust store password
 * @param trustStoreType     the trust store type
 * @return the trusted ssl context
 */
private static SSLContext getTrustedSslContext(final Resource trustStoreFile, final String trustStorePassword,
                                               final String trustStoreType) {
    try {

        final KeyStore casTrustStore = KeyStore.getInstance(trustStoreType);
        final char[] trustStorePasswordCharArray = trustStorePassword.toCharArray();

        try (InputStream casStream = trustStoreFile.getInputStream()) {
            casTrustStore.load(casStream, trustStorePasswordCharArray);
        }

        final String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        final X509KeyManager customKeyManager = getKeyManager(ALG_NAME_PKIX, casTrustStore, trustStorePasswordCharArray);
        final X509KeyManager jvmKeyManager = getKeyManager(defaultAlgorithm, null, null);
        final X509TrustManager customTrustManager = getTrustManager(ALG_NAME_PKIX, casTrustStore);
        final X509TrustManager jvmTrustManager = getTrustManager(defaultAlgorithm, null);

        final KeyManager[] keyManagers = {
                new CompositeX509KeyManager(Arrays.asList(jvmKeyManager, customKeyManager))
        };
        final TrustManager[] trustManagers = {
                new CompositeX509TrustManager(Arrays.asList(jvmTrustManager, customTrustManager))
        };

        final SSLContext context = SSLContexts.custom().useProtocol("SSL").build();
        context.init(keyManagers, trustManagers, null);
        return context;

    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
        throw Throwables.propagate(e);
    }
}
 
Example 46
Project: MVVM-JueJin   File: HttpsUtil.java   Source Code and License 5 votes vote down vote up
public MyTrustManager(X509TrustManager localTrustManager) throws NoSuchAlgorithmException, KeyStoreException
{
    TrustManagerFactory var4 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    var4.init((KeyStore) null);
    defaultTrustManager = chooseTrustManager(var4.getTrustManagers());
    this.localTrustManager = localTrustManager;
}
 
Example 47
Project: outland   File: CertificateLoaderTest.java   Source Code and License 5 votes vote down vote up
@Test
public void createSome() throws IOException {
  CertificateLoader securitySupport =
      new CertificateLoader("classpath:certs");

  X509TrustManager x509TrustManager = securitySupport.trustManager();
  SSLContext sslContext = securitySupport.sslContext();
  assertNotNull(x509TrustManager);
  assertNotNull(sslContext);
  X509Certificate[] acceptedIssuers = x509TrustManager.getAcceptedIssuers();

  assertEquals(3, acceptedIssuers.length);

  String issuer1 = "CN=Let's Encrypt Authority X1, O=Let's Encrypt, C=US";
  String issuer2 = "CN=Let's Encrypt Authority X2, O=Let's Encrypt, C=US";
  String issuer3 = "CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US";
  Set<String> seen = Sets.newHashSet();
  for (X509Certificate acceptedIssuer : acceptedIssuers) {
    String name = acceptedIssuer.getSubjectDN().getName();
    System.out.println(name);
    if (issuer1.equals(name)) {
      seen.add(name);
    }

    if (issuer2.equals(name)) {
      seen.add(name);
    }

    if (issuer3.equals(name)) {
      seen.add(name);
    }
  }

  assertEquals(3, seen.size());
  assertTrue(seen.contains(issuer1));
  assertTrue(seen.contains(issuer2));
  assertTrue(seen.contains(issuer3));
}
 
Example 48
Project: revolution-irc   File: ServerCertificateManager.java   Source Code and License 5 votes vote down vote up
public static X509TrustManager createKeyStoreTrustManager(KeyStore keyStore) {
    try {
        TrustManagerFactory factory = TrustManagerFactory.getInstance(
                TrustManagerFactory.getDefaultAlgorithm());
        factory.init(keyStore);
        for (TrustManager manager : factory.getTrustManagers()) {
            if (manager instanceof X509TrustManager)
                return (X509TrustManager) manager;
        }
    } catch (NoSuchAlgorithmException | KeyStoreException e) {
        throw new RuntimeException(e);
    }
    return null;
}
 
Example 49
Project: hadoop-oss   File: ReloadingX509TrustManager.java   Source Code and License 5 votes vote down vote up
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
  throws CertificateException {
  X509TrustManager tm = trustManagerRef.get();
  if (tm != null) {
    tm.checkServerTrusted(chain, authType);
  } else {
    throw new CertificateException("Unknown server chain certificate: " +
                                   chain[0].toString());
  }
}
 
Example 50
Project: hadoop-oss   File: ReloadingX509TrustManager.java   Source Code and License 5 votes vote down vote up
@Override
public X509Certificate[] getAcceptedIssuers() {
  X509Certificate[] issuers = EMPTY;
  X509TrustManager tm = trustManagerRef.get();
  if (tm != null) {
    issuers = tm.getAcceptedIssuers();
  }
  return issuers;
}
 
Example 51
Project: q-mail   File: TrustManagerFactory.java   Source Code and License 4 votes vote down vote up
public static X509TrustManager get(String host, int port) {
    return SecureX509TrustManager.getInstance(host, port);
}
 
Example 52
Project: lams   File: TrustManagerDecorator.java   Source Code and License 4 votes vote down vote up
TrustManagerDecorator(final X509TrustManager trustManager, final TrustStrategy trustStrategy) {
    super();
    this.trustManager = trustManager;
    this.trustStrategy = trustStrategy;
}
 
Example 53
Project: letv   File: PinningTrustManager.java   Source Code and License 4 votes vote down vote up
private void checkSystemTrust(X509Certificate[] chain, String authType) throws CertificateException {
    for (TrustManager systemTrustManager : this.systemTrustManagers) {
        ((X509TrustManager) systemTrustManager).checkServerTrusted(chain, authType);
    }
}
 
Example 54
Project: q-mail   File: TrustManagerFactoryTest.java   Source Code and License 4 votes vote down vote up
@Test
public void testGloballyTrustedCertificateChain() throws Exception {
    X509TrustManager trustManager = TrustManagerFactory.get("www.linux.com", PORT1);
    X509Certificate[] certificates = new X509Certificate[] { mLinuxComCert, mLinuxComFirstParentCert};
    trustManager.checkServerTrusted(certificates, "authType");
}
 
Example 55
Project: lorne_core   File: EasyX509TrustManager.java   Source Code and License 4 votes vote down vote up
/**
 * Constructor for EasyX509TrustManager.
 */
public EasyX509TrustManager(KeyStore keystore)
		throws NoSuchAlgorithmException, KeyStoreException {
	super();
	TrustManagerFactory factory = TrustManagerFactory
			.getInstance(TrustManagerFactory.getDefaultAlgorithm());
	factory.init(keystore);
	TrustManager[] trustmanagers = factory.getTrustManagers();
	if (trustmanagers.length == 0) {
		throw new NoSuchAlgorithmException("no trust manager found");
	}
	this.standardTrustManager = (X509TrustManager) trustmanagers[0];
}
 
Example 56
Project: AndroidModulePattern   File: HttpsUtils.java   Source Code and License 4 votes vote down vote up
/**
 * @param context   上下文
 * @param bksFileId "XXX.bks"文件(文件位置res/raw/XXX.bks)
 * @param password  The certificate's password.
 * @return SSLParams
 */
public static SSLParams getSslSocketFactory(Context context, @RawRes int bksFileId, String password, String alias) {
    if (context == null) {
        throw new NullPointerException("context == null");
    }
    if (TextUtils.isEmpty(password) || TextUtils.isEmpty(alias)) {
        throw new NullPointerException("password == null or alias == null!");
    }
    SSLParams sslParams = new SSLParams();
    try {
        // 创建一个BKS类型的KeyStore,存储我们信任的证书
        KeyStore clientKeyStore = KeyStore.getInstance("BKS");
        clientKeyStore.load(context.getResources().openRawResource(bksFileId), password.toCharArray());
        //通过alias直接从密钥库中读取证书
        Certificate rootCA = clientKeyStore.getCertificate(alias);
        // Turn it to X509 format.
        InputStream certInput = new ByteArrayInputStream(rootCA.getEncoded());
        X509Certificate serverCert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(certInput);
        //关闭流
        CloseUtils.closeIO(certInput);

        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        //用我们之前的keyStore实例初始化TrustManagerFactory,这样trustManagerFactory就会信任keyStore中的证书
        trustManagerFactory.init(clientKeyStore);

        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(clientKeyStore, password.toCharArray());

        X509TrustManager x509TrustManager = new SafeTrustManager(serverCert);

        //创建TLS类型的SSLContext对象,that uses our TrustManager
        SSLContext sslContext = SSLContext.getInstance("TLS");

        //用上面得到的trustManagers初始化SSLContext,这样sslContext就会信任keyStore中的证书
        sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());

        //Android 4.X 对TLS1.1、TLS1.2的支持
        sslParams.sSLSocketFactory = new Tls12SocketFactory(sslContext.getSocketFactory());
        sslParams.trustManager = x509TrustManager;
        return sslParams;
    } catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException | UnrecoverableKeyException | IOException | CertificateException e) {
        throw new AssertionError(e);
    }
}
 
Example 57
Project: GitHub   File: OkHttpClient.java   Source Code and License 4 votes vote down vote up
OkHttpClient(Builder builder) {
  this.dispatcher = builder.dispatcher;
  this.proxy = builder.proxy;
  this.protocols = builder.protocols;
  this.connectionSpecs = builder.connectionSpecs;
  this.interceptors = Util.immutableList(builder.interceptors);
  this.networkInterceptors = Util.immutableList(builder.networkInterceptors);
  this.proxySelector = builder.proxySelector;
  this.cookieJar = builder.cookieJar;
  this.cache = builder.cache;
  this.internalCache = builder.internalCache;
  this.socketFactory = builder.socketFactory;

  boolean isTLS = false;
  for (ConnectionSpec spec : connectionSpecs) {
    isTLS = isTLS || spec.isTls();
  }

  if (builder.sslSocketFactory != null || !isTLS) {
    this.sslSocketFactory = builder.sslSocketFactory;
    this.certificateChainCleaner = builder.certificateChainCleaner;
  } else {
    X509TrustManager trustManager = systemDefaultTrustManager();
    this.sslSocketFactory = systemDefaultSslSocketFactory(trustManager);
    this.certificateChainCleaner = CertificateChainCleaner.get(trustManager);
  }

  this.hostnameVerifier = builder.hostnameVerifier;
  this.certificatePinner = builder.certificatePinner.withCertificateChainCleaner(
      certificateChainCleaner);
  this.proxyAuthenticator = builder.proxyAuthenticator;
  this.authenticator = builder.authenticator;
  this.connectionPool = builder.connectionPool;
  this.dns = builder.dns;
  this.followSslRedirects = builder.followSslRedirects;
  this.followRedirects = builder.followRedirects;
  this.retryOnConnectionFailure = builder.retryOnConnectionFailure;
  this.connectTimeout = builder.connectTimeout;
  this.readTimeout = builder.readTimeout;
  this.writeTimeout = builder.writeTimeout;
  this.pingInterval = builder.pingInterval;
}
 
Example 58
Project: boohee_v5.6   File: HttpUtils.java   Source Code and License 4 votes vote down vote up
MyX509TrustManager() throws Exception {
    KeyStore instance;
    Throwable th;
    FileInputStream fileInputStream;
    try {
        instance = KeyStore.getInstance("JKS");
    } catch (Exception e) {
        instance = null;
    }
    TrustManager[] trustManagerArr = new TrustManager[0];
    if (instance != null) {
        try {
            InputStream fileInputStream2 = new FileInputStream("trustedCerts");
            try {
                instance.load(fileInputStream2, "passphrase".toCharArray());
                TrustManagerFactory instance2 = TrustManagerFactory.getInstance
                        ("SunX509", "SunJSSE");
                instance2.init(instance);
                TrustManager[] trustManagers = instance2.getTrustManagers();
                if (fileInputStream2 != null) {
                    fileInputStream2.close();
                }
            } catch (Throwable th2) {
                th = th2;
                InputStream inputStream = fileInputStream2;
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw th;
            }
        } catch (Throwable th3) {
            Throwable th4 = th3;
            fileInputStream = null;
            th = th4;
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }
    TrustManagerFactory instance3 = TrustManagerFactory.getInstance(TrustManagerFactory
            .getDefaultAlgorithm());
    instance3.init((KeyStore) null);
    trustManagers = instance3.getTrustManagers();
    for (int i = 0; i < trustManagers.length; i++) {
        if (trustManagers[i] instanceof X509TrustManager) {
            this.a = (X509TrustManager) trustManagers[i];
            return;
        }
    }
    throw new Exception("Couldn't initialize");
}
 
Example 59
Project: GitHub   File: CertificateChainCleaner.java   Source Code and License 4 votes vote down vote up
public static CertificateChainCleaner get(X509TrustManager trustManager) {
  return Platform.get().buildCertificateChainCleaner(trustManager);
}
 
Example 60
Project: GitHub   File: Platform.java   Source Code and License 4 votes vote down vote up
public CertificateChainCleaner buildCertificateChainCleaner(X509TrustManager trustManager) {
  return new BasicCertificateChainCleaner(TrustRootIndex.get(trustManager));
}