X509TrustManagerExtensions
public
class
X509TrustManagerExtensions
extends Object
java.lang.Object | |
↳ | android.net.http.X509TrustManagerExtensions |
X509TrustManager wrapper exposing Android-added features.
The checkServerTrusted method allows callers to perform additional verification of certificate chains after they have been successfully verified by the platform.
Summary
Public constructors | |
---|---|
X509TrustManagerExtensions(X509TrustManager tm)
Constructs a new X509TrustManagerExtensions wrapper. |
Public methods | |
---|---|
List<X509Certificate>
|
checkServerTrusted(X509Certificate[] chain, String authType, String host)
Verifies the given certificate chain. |
boolean
|
isSameTrustConfiguration(String hostname1, String hostname2)
Returns |
boolean
|
isUserAddedCertificate(X509Certificate cert)
Checks whether a CA certificate is added by an user. |
Inherited methods | |
---|---|
Public constructors
X509TrustManagerExtensions
public X509TrustManagerExtensions (X509TrustManager tm)
Constructs a new X509TrustManagerExtensions wrapper.
Parameters | |
---|---|
tm |
X509TrustManager : A X509TrustManager as returned by TrustManagerFactory.getInstance(); |
Throws | |
---|---|
IllegalArgumentException |
If tm is an unsupported TrustManager type. |
Public methods
checkServerTrusted
public List<X509Certificate> checkServerTrusted (X509Certificate[] chain, String authType, String host)
Verifies the given certificate chain.
See X509TrustManager.checkServerTrusted(X509Certificate[], String)
for a
description of the chain and authType parameters. The final parameter, host, should be the
hostname of the server.
Parameters | |
---|---|
chain |
X509Certificate |
authType |
String |
host |
String |
Returns | |
---|---|
List<X509Certificate> |
the properly ordered chain used for verification as a list of X509Certificates. |
Throws | |
---|---|
CertificateException |
if the chain does not verify correctly. |
isSameTrustConfiguration
public boolean isSameTrustConfiguration (String hostname1, String hostname2)
Returns true
if the TrustManager uses the same trust configuration for the provided
hostnames.
Parameters | |
---|---|
hostname1 |
String |
hostname2 |
String |
Returns | |
---|---|
boolean |
isUserAddedCertificate
public boolean isUserAddedCertificate (X509Certificate cert)
Checks whether a CA certificate is added by an user.
Since X509TrustManager.checkServerTrusted
may allow its parameter chain
to
chain up to user-added CA certificates, this method can be used to perform additional
policies for user-added CA certificates.
Parameters | |
---|---|
cert |
X509Certificate |
Returns | |
---|---|
boolean |
true to indicate that the certificate authority exists in the user added
certificate store, false otherwise. |