1 23 package org.archive.httpclient; 24 25 import java.security.KeyStore ; 26 import java.security.KeyStoreException ; 27 import java.security.NoSuchAlgorithmException ; 28 import java.security.cert.CertificateException ; 29 import java.security.cert.X509Certificate ; 30 import java.util.Arrays ; 31 import java.util.List ; 32 import java.util.logging.Logger ; 33 34 import javax.net.ssl.TrustManager; 35 import javax.net.ssl.TrustManagerFactory; 36 import javax.net.ssl.X509TrustManager; 37 38 61 public class ConfigurableX509TrustManager implements X509TrustManager 62 { 63 66 protected static Logger logger = Logger.getLogger( 67 "org.archive.httpclient.ConfigurableX509TrustManager"); 68 69 78 public final static String OPEN = "open"; 79 80 83 public final static String LOOSE = "loose"; 84 85 90 public final static String NORMAL = "normal"; 91 92 97 public final static String STRICT = "strict"; 98 99 102 public static String [] LEVELS_AS_ARRAY = {OPEN, LOOSE, NORMAL, STRICT}; 103 104 107 private static List LEVELS = Arrays.asList(LEVELS_AS_ARRAY); 108 109 112 public final static String DEFAULT = OPEN; 113 114 117 private String trustLevel = DEFAULT; 118 119 120 126 private X509TrustManager standardTrustManager = null; 127 128 129 public ConfigurableX509TrustManager() 130 throws NoSuchAlgorithmException , KeyStoreException { 131 this(DEFAULT); 132 } 133 134 142 public ConfigurableX509TrustManager(String level) 143 throws NoSuchAlgorithmException , KeyStoreException { 144 super(); 145 TrustManagerFactory factory = TrustManagerFactory. 146 getInstance(TrustManagerFactory.getDefaultAlgorithm()); 147 148 factory.init((KeyStore )null); 154 TrustManager[] trustmanagers = factory.getTrustManagers(); 155 if (trustmanagers.length == 0) { 156 throw new NoSuchAlgorithmException (TrustManagerFactory. 157 getDefaultAlgorithm() + " trust manager not supported"); 158 } 159 this.standardTrustManager = (X509TrustManager)trustmanagers[0]; 160 161 this.trustLevel = 162 (LEVELS.contains(level.toLowerCase()))? level: DEFAULT; 163 } 164 165 public void checkClientTrusted(X509Certificate [] certificates, String type) 166 throws CertificateException { 167 if (this.trustLevel.equals(OPEN)) { 168 return; 169 } 170 171 this.standardTrustManager.checkClientTrusted(certificates, type); 172 } 173 174 public void checkServerTrusted(X509Certificate [] certificates, String type) 175 throws CertificateException { 176 if (this.trustLevel.equals(OPEN)) { 177 return; 178 } 179 180 try { 181 this.standardTrustManager.checkServerTrusted(certificates, type); 182 if (this.trustLevel.equals(STRICT)) { 183 logger.severe(STRICT + " not implemented."); 184 } 185 } catch (CertificateException e) { 186 if (this.trustLevel.equals(LOOSE) && 187 certificates != null && certificates.length == 1) 188 { 189 X509Certificate certificate = certificates[0]; 192 certificate.checkValidity(); 193 } else { 194 throw e; 196 } 197 } 198 } 199 200 public X509Certificate [] getAcceptedIssuers() { 201 return this.standardTrustManager.getAcceptedIssuers(); 202 } 203 } 204 | Popular Tags |