1 /* ownCloud Android client application
2 * Copyright (C) 2012 Bartek Przybylski
4 * This program is free software: you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation, either version 3 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
19 package com
.owncloud
.android
.network
;
21 import java
.security
.KeyStore
;
22 import java
.security
.KeyStoreException
;
23 import java
.security
.NoSuchAlgorithmException
;
24 import java
.security
.cert
.CertStoreException
;
25 import java
.security
.cert
.CertificateException
;
26 import java
.security
.cert
.X509Certificate
;
28 import javax
.net
.ssl
.TrustManager
;
29 import javax
.net
.ssl
.TrustManagerFactory
;
30 import javax
.net
.ssl
.X509TrustManager
;
32 import android
.util
.Log
;
35 * @author David A. Velasco
37 public class AdvancedX509TrustManager
implements X509TrustManager
{
39 private static final String TAG
= AdvancedX509TrustManager
.class.getSimpleName();
41 private X509TrustManager mStandardTrustManager
= null
;
42 private KeyStore mKnownServersKeyStore
;
45 * Constructor for AdvancedX509TrustManager
47 * @param knownServersCertStore Local certificates store with server certificates explicitly trusted by the user.
48 * @throws CertStoreException When no default X509TrustManager instance was found in the system.
50 public AdvancedX509TrustManager(KeyStore knownServersKeyStore
)
51 throws NoSuchAlgorithmException
, KeyStoreException
, CertStoreException
{
53 TrustManagerFactory factory
= TrustManagerFactory
54 .getInstance(TrustManagerFactory
.getDefaultAlgorithm());
55 factory
.init((KeyStore
)null
);
56 mStandardTrustManager
= findX509TrustManager(factory
);
58 mKnownServersKeyStore
= knownServersKeyStore
;
63 * Locates the first X509TrustManager provided by a given TrustManagerFactory
64 * @param factory TrustManagerFactory to inspect in the search for a X509TrustManager
65 * @return The first X509TrustManager found in factory.
66 * @throws CertStoreException When no X509TrustManager instance was found in factory
68 private X509TrustManager
findX509TrustManager(TrustManagerFactory factory
) throws CertStoreException
{
69 TrustManager tms
[] = factory
.getTrustManagers();
70 for (int i
= 0; i
< tms
.length
; i
++) {
71 if (tms
[i
] instanceof X509TrustManager
) {
72 return (X509TrustManager
) tms
[i
];
80 * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],
83 public void checkClientTrusted(X509Certificate
[] certificates
, String authType
) throws CertificateException
{
84 mStandardTrustManager
.checkClientTrusted(certificates
, authType
);
89 * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],
92 public void checkServerTrusted(X509Certificate
[] certificates
, String authType
) throws CertificateException
{
93 if (!isKnownServer(certificates
[0])) {
94 Log
.d(TAG
, "checkClientTrusted() with standard trust manager...");
95 mStandardTrustManager
.checkClientTrusted(certificates
, authType
);
101 * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
103 public X509Certificate
[] getAcceptedIssuers() {
104 return mStandardTrustManager
.getAcceptedIssuers();
108 private boolean isKnownServer(X509Certificate cert
) {
110 return (mKnownServersKeyStore
.getCertificateAlias(cert
) != null
);
111 } catch (KeyStoreException e
) {
112 Log
.d(TAG
, "Fail while checking certificate in the known-servers store");
projects / pub / Android / ownCloud.git / blob