harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ge...@apache.org
Subject svn commit: r423275 [7/7] - in /incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org: ./ apache/ apache/harmony/ apache/harmony/security/ apache/harmony/security/provider/ apache/harmony/security/provider/jsse/
Date Tue, 18 Jul 2006 22:50:14 GMT
Added: incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerHello.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerHello.java?rev=423275&view=auto
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerHello.java
(added)
+++ incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerHello.java
Tue Jul 18 15:50:12 2006
@@ -0,0 +1,136 @@
+/*
+ *  Copyright 2006 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+/**
+* @author Boris Kuznetsov
+* @version $Revision$
+*/
+
+package org.apache.harmony.security.provider.jsse;
+
+import java.io.IOException;
+import java.security.SecureRandom;
+
+/**
+ * 
+ * Represents server hello message.
+ * @see TLS 1.0 spec., 7.4.1.3. Server hello.
+ */
+public class ServerHello extends Message {
+
+    /**
+     * Server version
+     */
+    byte[] server_version = new byte[2];
+
+    /**
+     * Random bytes
+     */
+    byte[] random = new byte[32];
+
+    /**
+     * Session id
+     */
+    byte[] session_id;
+
+    /**
+     * Selected cipher suite
+     */
+    CipherSuite cipher_suite;
+
+    /**
+     * Selected compression method
+     */
+    byte compression_method;
+
+    /**
+     * Creates outbound message
+     * @param sr
+     * @param server_version
+     * @param session_id
+     * @param cipher_suite
+     * @param compression_method
+     */
+    public ServerHello(SecureRandom sr, byte[] server_version,
+            byte[] session_id, CipherSuite cipher_suite, byte compression_method) {
+        long gmt_unix_time = new java.util.Date().getTime() / 1000;
+        sr.nextBytes(random);
+        random[0] = (byte) ((gmt_unix_time & 0xFF000000) >>> 24);
+        random[1] = (byte) ((gmt_unix_time & 0xFF0000) >>> 16);
+        random[2] = (byte) ((gmt_unix_time & 0xFF00) >>> 8);
+        random[3] = (byte) (gmt_unix_time & 0xFF);
+        this.session_id = session_id;
+        this.cipher_suite = cipher_suite;
+        this.compression_method = compression_method;
+        this.server_version = server_version;
+        length = 38 + session_id.length;
+    }
+
+    /**
+     * Creates inbound message
+     * @param in
+     * @param length
+     * @throws IOException
+     */
+    public ServerHello(HandshakeIODataStream in, int length) throws IOException {
+        
+        server_version[0] = (byte) in.read();
+        server_version[1] = (byte) in.read();
+        in.read(random, 0, 32);
+        int size = in.readUint8();
+        session_id = new byte[size];
+        in.read(session_id, 0, size);
+        byte b0 = (byte) in.read();
+        byte b1 = (byte) in.read();
+        cipher_suite = CipherSuite.getByCode(b0, b1);
+        compression_method = (byte) in.read();
+        this.length = 38 + session_id.length;
+        if (this.length != length) {
+            fatalAlert(AlertProtocol.DECODE_ERROR, "DECODE ERROR: incorrect ServerHello");
+        }
+
+    }
+
+    /**
+     * Sends message
+     * @param out
+     */
+    public void send(HandshakeIODataStream out) {
+        out.write(server_version);
+        out.write(random);
+        out.writeUint8(session_id.length);
+        out.write(session_id);
+        out.write(cipher_suite.toBytes());
+        out.write(compression_method);
+        length = 38 + session_id.length;
+    }
+
+    /**
+     * Returns server random
+     * @return
+     */
+    public byte[] getRandom() {
+        return random;
+    }
+
+    /**
+     * Returns message type 
+     * @return
+     */
+    public int getType() {
+        return Handshake.SERVER_HELLO;
+    }
+}

Added: incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerHelloDone.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerHelloDone.java?rev=423275&view=auto
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerHelloDone.java
(added)
+++ incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerHelloDone.java
Tue Jul 18 15:50:12 2006
@@ -0,0 +1,77 @@
+/*
+ *  Copyright 2006 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+/**
+* @author Boris Kuznetsov
+* @version $Revision$
+*/
+
+package org.apache.harmony.security.provider.jsse;
+
+import java.io.IOException;
+
+/**
+ * 
+ * Represents server hello done message
+ * @see TLS 1.0 spec., 7.4.5. Server hello done
+ * (http://www.ietf.org/rfc/rfc2246.txt)
+ * 
+ */
+public class ServerHelloDone extends Message {
+
+    /**
+     * Creates outbound message
+     *
+     */
+    public ServerHelloDone() {    
+    }
+    
+    /**
+     * Creates inbound message
+     * @param in
+     * @param length
+     * @throws IOException
+     */
+    public ServerHelloDone(HandshakeIODataStream in, int length)  
+            throws IOException {
+        if (length != 0) {
+            fatalAlert(AlertProtocol.DECODE_ERROR, "DECODE ERROR: incorrect ServerHelloDone");
+        }
+    }
+
+    /**
+     * Sends message
+     * @param out
+     */
+    public void send(HandshakeIODataStream out) {
+    }
+    
+    /**
+     * Returns message length
+     * @return
+     */
+    public int length() {
+        return 0;
+    }
+    
+    /**
+     * Returns message type 
+     * @return
+     */
+    public int getType() {
+        return Handshake.SERVER_HELLO_DONE;
+    }
+}

Added: incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerKeyExchange.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerKeyExchange.java?rev=423275&view=auto
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerKeyExchange.java
(added)
+++ incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/ServerKeyExchange.java
Tue Jul 18 15:50:12 2006
@@ -0,0 +1,193 @@
+/*
+ *  Copyright 2006 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+/**
+* @author Boris Kuznetsov
+* @version $Revision$
+*/
+
+package org.apache.harmony.security.provider.jsse;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.KeyFactory;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.RSAPublicKeySpec;
+
+/**
+ * 
+ * Represents server key exchange message.
+ * @see TLS 1.0 spec., 7.4.3. Server key exchange message.
+ * (http://www.ietf.org/rfc/rfc2246.txt)
+ * 
+ */
+public class ServerKeyExchange extends Message {
+
+                           //          ServerRSAParams        ServerDHParams
+    final BigInteger par1; //            rsa_modulus               dh_p
+    final byte[] bytes1;
+
+    final BigInteger par2; //            rsa_exponent              dh_g
+    final byte[] bytes2;
+
+    final BigInteger par3; //                                      dh_Ys
+    final byte[] bytes3;
+
+    /**
+     * Signature
+     */
+    final byte[] hash;
+
+    private RSAPublicKey key;
+
+    /**
+     * Creates outbound message
+     * @param par1 rsa_modulus or dh_p
+     * @param par2 rsa_exponent or dh_g
+     * @param par3 dh_Ys for ServerDHParams; should be null for ServerRSAParams
+     * @param hash should be null for anonymous SignatureAlgorithm
+     */
+    public ServerKeyExchange(BigInteger par1, BigInteger par2, BigInteger par3,
+            byte[] hash) {
+        this.par1 = par1;
+        this.par2 = par2;
+        this.par3 = par3;
+        this.hash = hash;
+
+        byte[] bb = this.par1.toByteArray();
+        if (bb[0] == 0) {
+// XXX check for par1 == 0 or bb.length > 1
+            bytes1 = new byte[bb.length - 1];
+            System.arraycopy(bb, 1, bytes1, 0, bytes1.length);
+        } else {
+            bytes1 = bb;
+        }
+
+        bb = this.par2.toByteArray();
+        if (bb[0] == 0) {
+            bytes2 = new byte[bb.length - 1];
+            System.arraycopy(bb, 1, bytes2, 0, bytes2.length);
+        } else {
+            bytes2 = bb;
+        }
+
+        length = 4 + bytes1.length + bytes2.length;
+        if (hash != null) {
+            length += 2 + hash.length;
+        }
+        if (par3 == null) {
+            bytes3 = null;
+            return;
+        }
+        bb = this.par3.toByteArray();
+        if (bb[0] == 0) {
+            bytes3 = new byte[bb.length - 1];
+            System.arraycopy(bb, 1, bytes3, 0, bytes3.length);
+        } else {
+            bytes3 = bb;
+        }
+        length += 2 + bytes3.length;
+    }
+
+    /**
+     * Creates inbound message
+     * @param in
+     * @param length
+     * @param keyExchange
+     * @throws IOException
+     */
+    public ServerKeyExchange(HandshakeIODataStream in, int length,
+            int keyExchange) throws IOException {
+
+        int size = in.readUint16();
+        bytes1 = in.read(size);
+        par1 = new BigInteger(1, bytes1);
+        this.length = 2 + bytes1.length;
+        size = in.readUint16();
+        bytes2 = in.read(size);
+        par2 = new BigInteger(1, bytes2);
+        this.length += 2 + bytes2.length;
+        if (keyExchange != CipherSuite.KeyExchange_RSA_EXPORT) {
+            size = in.readUint16();
+            bytes3 = in.read(size);
+            par3 = new BigInteger(1, bytes3);
+            this.length += 2 + bytes3.length;
+        } else {
+            par3 = null;
+            bytes3 = null;
+        }
+        if (keyExchange != CipherSuite.KeyExchange_DH_anon_EXPORT
+                && keyExchange != CipherSuite.KeyExchange_DH_anon) {
+            size = in.readUint16();
+            hash = in.read(size);
+            this.length += 2 + hash.length;
+        } else {
+            hash = null;
+        }
+        if (this.length != length) {
+            fatalAlert(AlertProtocol.DECODE_ERROR,
+                    "DECODE ERROR: incorrect ServerKeyExchange");
+        }
+    }
+
+    /**
+     * Sends message
+     * @param out
+     */
+    public void send(HandshakeIODataStream out) {
+        out.writeUint16(bytes1.length);
+        out.write(bytes1);
+        out.writeUint16(bytes2.length);
+        out.write(bytes2);
+        if (bytes3 != null) {
+            out.writeUint16(bytes3.length);
+            out.write(bytes3);
+        }
+        if (hash != null) {
+            out.writeUint16(hash.length);
+            out.write(hash);
+        }
+    }
+
+    /**
+     * Returns RSAPublicKey generated using ServerRSAParams 
+     * (rsa_modulus and rsa_exponent).
+     * 
+     * @return
+     */
+    public RSAPublicKey getRSAPublicKey() {
+        if (key != null) {
+            return key;
+        }
+        try {
+            KeyFactory kf = KeyFactory.getInstance("RSA");
+            key = (RSAPublicKey) kf.generatePublic(new RSAPublicKeySpec(par1,
+                    par2));
+        } catch (Exception e) {
+            return null;
+        }
+        return key;
+    }
+
+    /**
+     * Returns message type 
+     * @return
+     */
+    public int getType() {
+        return Handshake.SERVER_KEY_EXCHANGE;
+    }
+
+}
\ No newline at end of file

Added: incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/TrustManagerFactoryImpl.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/TrustManagerFactoryImpl.java?rev=423275&view=auto
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/TrustManagerFactoryImpl.java
(added)
+++ incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/TrustManagerFactoryImpl.java
Tue Jul 18 15:50:12 2006
@@ -0,0 +1,124 @@
+/*
+ *  Copyright 2006 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+/**
+ * @author Boris Kuznetsov
+ * @version $Revision$
+ */
+
+package org.apache.harmony.security.provider.jsse;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.security.AccessController;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+
+import javax.net.ssl.ManagerFactoryParameters;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactorySpi;
+
+/**
+ * 
+ * TrustManagerFactory service provider interface implementation.
+ * 
+ * @see javax.net.ssl.TrustManagerFactorySpi
+ */
+public class TrustManagerFactoryImpl extends TrustManagerFactorySpi {
+
+    private KeyStore keyStore;
+
+    /**
+     * @see javax.net.ssl.TrustManagerFactorySpi#engineInit(KeyStore)
+     */
+    public void engineInit(KeyStore ks) throws KeyStoreException {
+        if (ks != null) {
+            keyStore = ks;
+        } else {
+            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+            String keyStoreName = (String) AccessController
+                    .doPrivileged(new java.security.PrivilegedAction() {
+                        public Object run() {
+                            return System.getProperty("javax.net.ssl.trustStore");
+                        }
+                    });
+            String keyStorePwd = null;
+            if (keyStoreName == null || keyStoreName.equalsIgnoreCase("NONE")
+                    || keyStoreName.length() == 0) {
+                try {
+                    keyStore.load(null, null);
+                } catch (IOException e) {
+                    throw new KeyStoreException(e);
+                } catch (CertificateException e) {
+                    throw new KeyStoreException(e);
+                } catch (NoSuchAlgorithmException e) {
+                    throw new KeyStoreException(e);
+                }
+            } else {
+                keyStorePwd = (String) AccessController
+                        .doPrivileged(new java.security.PrivilegedAction() {
+                            public Object run() {
+                                return System
+                                        .getProperty("javax.net.ssl.trustStorePassword ");
+                            }
+                        });
+                char[] pwd;
+                if (keyStorePwd == null) {
+                    pwd = new char[0];
+                } else {
+                    pwd = keyStorePwd.toCharArray();
+                }
+                try {
+                    keyStore.load(new FileInputStream(new File(keyStoreName)), pwd);
+                } catch (FileNotFoundException e) {
+                    throw new KeyStoreException(e);
+                } catch (IOException e) {
+                    throw new KeyStoreException(e);
+                } catch (CertificateException e) {
+                    throw new KeyStoreException(e);
+                } catch (NoSuchAlgorithmException e) {
+                    throw new KeyStoreException(e);
+                }
+            }
+        }
+
+    }
+
+    /**
+     * @see javax.net.ssl.engineInit(ManagerFactoryParameters)
+     */
+    public void engineInit(ManagerFactoryParameters spec)
+            throws InvalidAlgorithmParameterException {
+        throw new InvalidAlgorithmParameterException(
+                "ManagerFactoryParameters not supported");
+    }
+
+    /**
+     * @see javax.net.ssl.engineGetTrustManagers()
+     */
+    public TrustManager[] engineGetTrustManagers() {
+        if (keyStore == null) {
+            throw new IllegalStateException(
+                    "TrustManagerFactory is not initialized");
+        }
+        return new TrustManager[] { new TrustManagerImpl(keyStore) };
+    }
+}
\ No newline at end of file

Added: incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/TrustManagerImpl.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/TrustManagerImpl.java?rev=423275&view=auto
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/TrustManagerImpl.java
(added)
+++ incubator/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/security/provider/jsse/TrustManagerImpl.java
Tue Jul 18 15:50:12 2006
@@ -0,0 +1,148 @@
+/*
+ *  Copyright 2006 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+/**
+ * @author Boris Kuznetsov
+ * @version $Revision$
+ */
+
+package org.apache.harmony.security.provider.jsse;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyStore;
+import java.security.cert.CertPathValidator;
+import java.security.cert.CertPathValidatorException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.PKIXParameters;
+import java.security.cert.TrustAnchor;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+
+import javax.net.ssl.X509TrustManager;
+
+/**
+ * 
+ * TrustManager implementation. The implementation is based on CertPathValidator
+ * PKIX and CertificateFactory X509 implementations. This implementations should
+ * be provided by some certification provider.
+ * 
+ * @see javax.net.ssl.X509TrustManager
+ */
+public class TrustManagerImpl implements X509TrustManager {
+
+    private CertPathValidator validator;
+
+    private PKIXParameters params;
+
+    private Exception err = null;
+
+    private CertificateFactory factory;
+
+    /**
+     * Creates trust manager implementation
+     * 
+     * @param ks
+     */
+    public TrustManagerImpl(KeyStore ks) {
+        try {
+            validator = CertPathValidator.getInstance("PKIX");
+            factory = CertificateFactory.getInstance("X509");
+            String alias;
+            X509Certificate cert;
+            byte[] nameConstrains = null;
+            Set trusted = new HashSet();
+            for (Enumeration en = ks.aliases(); en.hasMoreElements();) {
+                alias = (String) en.nextElement();
+                cert = (X509Certificate) ks.getCertificate(alias);
+                if (cert != null) {
+                    trusted.add(new TrustAnchor(cert, nameConstrains));
+                }
+            }
+            params = new PKIXParameters(trusted);
+            params.setRevocationEnabled(false);
+        } catch (Exception e) {
+            err = e;
+        }
+    }
+
+    /**
+     * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],
+     *      String)
+     */
+    public void checkClientTrusted(X509Certificate[] chain, String authType)
+            throws CertificateException {
+        if (chain == null || chain.length == 0 || authType == null
+                || authType.length() == 0) {
+            throw new IllegalArgumentException("null or zero-length parameter");
+        }
+        if (err != null) {
+            throw new CertificateException(err);
+        }
+        try {
+            validator.validate(factory.generateCertPath(Arrays.asList(chain)),
+                    params);
+        } catch (InvalidAlgorithmParameterException e) {
+            throw new CertificateException(e);
+        } catch (CertPathValidatorException e) {
+            throw new CertificateException(e);
+        }
+    }
+
+    /**
+     * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],
+     *      String)
+     */
+    public void checkServerTrusted(X509Certificate[] chain, String authType)
+            throws CertificateException {
+        if (chain == null || chain.length == 0 || authType == null
+                || authType.length() == 0) {
+            throw new IllegalArgumentException("null or zero-length parameter");
+        }
+        if (err != null) {
+            throw new CertificateException(err);
+        }
+        try {
+            validator.validate(factory.generateCertPath(Arrays.asList(chain)),
+                    params);
+        } catch (InvalidAlgorithmParameterException e) {
+            throw new CertificateException(e);
+        } catch (CertPathValidatorException e) {
+            throw new CertificateException(e);
+        }
+    }
+
+    /**
+     * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
+     */
+    public X509Certificate[] getAcceptedIssuers() {
+        if (params == null) {
+            return new X509Certificate[0];
+        }
+        Set anchors = params.getTrustAnchors();
+        X509Certificate[] certs = new X509Certificate[anchors.size()];
+        int i = 0;
+        for (Iterator it = anchors.iterator(); it.hasNext();) {
+            certs[i++] = ((TrustAnchor) it.next()).getTrustedCert();
+        }
+        return certs;
+    }
+
+}



Mime
View raw message