public void checkCertTrusted(X509Certificate[] chain, String authType, boolean isServer)
throws CertificateException {
Log.d(TAG, "checkCertTrusted(" + chain + ", " + authType + ", " + isServer + ")");
try {
Log.d(TAG, "checkCertTrusted: trying appTrustManager");
if (isServer) appTrustManager.checkServerTrusted(chain, authType);
else appTrustManager.checkClientTrusted(chain, authType);
} catch (CertificateException ae) {
// if the cert is stored in our appTrustManager, we ignore expiredness
ae.printStackTrace();
if (isExpiredException(ae)) {
Log.i(TAG, "checkCertTrusted: accepting expired certificate from keystore");
return;
}
if (isCertKnown(chain[0])) {
Log.i(TAG, "checkCertTrusted: accepting cert already stored in keystore");
return;
}
try {
Log.d(TAG, "checkCertTrusted: trying defaultTrustManager");
if (isServer) defaultTrustManager.checkServerTrusted(chain, authType);
else defaultTrustManager.checkClientTrusted(chain, authType);
} catch (CertificateException e) {
e.printStackTrace();
interact(chain, authType, e);
}
}
}
public void checkCertTrusted(
X509Certificate[] chain, String authType, boolean isServer, boolean interactive)
throws CertificateException {
LOGGER.log(Level.FINE, "checkCertTrusted(" + chain + ", " + authType + ", " + isServer + ")");
try {
LOGGER.log(Level.FINE, "checkCertTrusted: trying appTrustManager");
if (isServer) appTrustManager.checkServerTrusted(chain, authType);
else appTrustManager.checkClientTrusted(chain, authType);
} catch (CertificateException ae) {
LOGGER.log(Level.FINER, "checkCertTrusted: appTrustManager failed", ae);
// if the cert is stored in our appTrustManager, we ignore expiredness
if (isExpiredException(ae)) {
LOGGER.log(Level.INFO, "checkCertTrusted: accepting expired certificate from keystore");
return;
}
if (isCertKnown(chain[0])) {
LOGGER.log(Level.INFO, "checkCertTrusted: accepting cert already stored in keystore");
return;
}
try {
if (defaultTrustManager == null) throw ae;
LOGGER.log(Level.FINE, "checkCertTrusted: trying defaultTrustManager");
if (isServer) defaultTrustManager.checkServerTrusted(chain, authType);
else defaultTrustManager.checkClientTrusted(chain, authType);
} catch (CertificateException e) {
e.printStackTrace();
if (interactive) {
interactCert(chain, authType, e);
} else {
throw e;
}
}
}
}
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
try {
defaultTrustManager.checkClientTrusted(chain, authType);
} catch (CertificateException ce) {
localTrustManager.checkClientTrusted(chain, authType);
}
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
try {
if (mCustomTrustManager != null) {
mCustomTrustManager.checkClientTrusted(chain, authType);
}
} catch (CertificateException e) {
if (mSysTrustManager != null) {
mSysTrustManager.checkClientTrusted(chain, authType);
}
}
}
/*
* Delegate to the default trust manager.
*/
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
try {
pkixTrustManager.checkClientTrusted(chain, authType);
} catch (CertificateException excep) {
// do any special handling here, or rethrow exception.
}
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
try {
trustManager.checkClientTrusted(chain, authType);
} catch (CertificateException e) {
exception = e;
}
}
/*
* Delegate to the default trust manager.
*/
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
try {
pkixTrustManager.checkClientTrusted(chain, authType);
} catch (CertificateException excep) {
Logger.error(this.getClass(), excep.getMessage());
Logger.debug(this.getClass(), excep.getMessage(), excep);
}
}
protected void checkCertifacteTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
// Fail if we don't have a default manager
if (defaultManager == null) {
final String msg =
String.format(
"No trust manager in %s. Can't trust any certificates.", getClass().getName());
throw new CertificateException(msg);
} else {
// Otherwise, check the certificate chain with the default manager
defaultManager.checkClientTrusted(chain, authType);
}
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
tm.checkClientTrusted(chain, authType);
}
/**
* @see com.innovaturelabs.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String
* authType)
*/
public void checkClientTrusted(X509Certificate[] certificates, String authType)
throws CertificateException {
standardTrustManager.checkClientTrusted(certificates, authType);
}
/*
* Delegate to the default trust manager.
*/
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
final X509TrustManager defaultX509TrustManager = x509TrustManagers.get(0);
defaultX509TrustManager.checkClientTrusted(chain, authType);
}
public static void assertClientCertificateChain(
X509TrustManager trustManager, Certificate[] clientChain) throws CertificateException {
X509Certificate[] chain = (X509Certificate[]) clientChain;
trustManager.checkClientTrusted(chain, chain[0].getPublicKey().getAlgorithm());
}
public void checkClientTrusted(X509Certificate ax509certificate[], String s)
throws CertificateException {
a.checkClientTrusted(ax509certificate, s);
}
/*
* Primary constructor, used to drive remainder of the test.
*
* Fork off the other side, then do your work.
*/
CheckNullEntity() throws Exception {
String authType = "RSA";
int failed = 0x3F; // indicate six tests for normal TM
int extFailed = 0x3F; // indicate six tests for extended TM
initialize();
try {
try {
trustManager.checkClientTrusted(certChain, (String) null);
} catch (IllegalArgumentException iae) {
// get the right exception
failed >>= 1;
}
try {
trustManager.checkServerTrusted(certChain, (String) null);
} catch (IllegalArgumentException iae) {
// get the right exception
failed >>= 1;
}
try {
trustManager.checkClientTrusted(certChain, "");
} catch (IllegalArgumentException iae) {
// get the right exception
failed >>= 1;
}
try {
trustManager.checkServerTrusted(certChain, "");
} catch (IllegalArgumentException iae) {
// get the right exception
failed >>= 1;
}
try {
trustManager.checkClientTrusted(null, authType);
} catch (IllegalArgumentException iae) {
// get the right exception
failed >>= 1;
}
try {
trustManager.checkServerTrusted(null, authType);
} catch (IllegalArgumentException iae) {
// get the right exception
failed >>= 1;
}
if (trustManager instanceof X509ExtendedTrustManager) {
try {
((X509ExtendedTrustManager) trustManager)
.checkClientTrusted(certChain, (String) null, "localhost", null);
} catch (IllegalArgumentException iae) {
// get the right exception
extFailed >>= 1;
}
try {
((X509ExtendedTrustManager) trustManager)
.checkServerTrusted(certChain, (String) null, "localhost", null);
} catch (IllegalArgumentException iae) {
// get the right exception
extFailed >>= 1;
}
try {
((X509ExtendedTrustManager) trustManager)
.checkClientTrusted(certChain, "", "localhost", null);
} catch (IllegalArgumentException iae) {
// get the right exception
extFailed >>= 1;
}
try {
((X509ExtendedTrustManager) trustManager)
.checkServerTrusted(certChain, "", "localhost", null);
} catch (IllegalArgumentException iae) {
// get the right exception
extFailed >>= 1;
}
try {
((X509ExtendedTrustManager) trustManager)
.checkClientTrusted(null, authType, "localhost", null);
} catch (IllegalArgumentException iae) {
// get the right exception
extFailed >>= 1;
}
try {
((X509ExtendedTrustManager) trustManager)
.checkServerTrusted(null, authType, "localhost", null);
} catch (IllegalArgumentException iae) {
// get the right exception
extFailed >>= 1;
}
} else {
extFailed = 0;
}
} catch (NullPointerException npe) {
// IllegalArgumentException should be thrown
failed = 1;
} catch (Exception e) {
// ignore
System.out.println("Got another exception e" + e);
}
if (failed != 0 || extFailed != 0) {
throw new Exception("Should throw IllegalArgumentException");
}
}