1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 package org.apache.commons.net.util;
19
20 import java.security.GeneralSecurityException;
21 import java.security.KeyStore;
22 import java.security.cert.CertificateException;
23 import java.security.cert.X509Certificate;
24
25 import javax.net.ssl.TrustManagerFactory;
26 import javax.net.ssl.X509TrustManager;
27
28
29
30
31
32
33 public final class TrustManagerUtils {
34
35 private static class TrustManager implements X509TrustManager {
36
37 private final boolean checkServerValidity;
38
39 TrustManager(final boolean checkServerValidity) {
40 this.checkServerValidity = checkServerValidity;
41 }
42
43
44
45
46 @Override
47 public void checkClientTrusted(final X509Certificate[] certificates, final String authType) {
48 }
49
50 @Override
51 public void checkServerTrusted(final X509Certificate[] certificates, final String authType) throws CertificateException {
52 if (checkServerValidity) {
53 for (final X509Certificate certificate : certificates) {
54 certificate.checkValidity();
55 }
56 }
57 }
58
59
60
61
62 @Override
63 public X509Certificate[] getAcceptedIssuers() {
64 return NetConstants.EMPTY_X509_CERTIFICATE_ARRAY;
65 }
66 }
67
68 private static final X509TrustManager ACCEPT_ALL = new TrustManager(false);
69
70 private static final X509TrustManager CHECK_SERVER_VALIDITY = new TrustManager(true);
71
72
73
74
75
76
77 public static X509TrustManager getAcceptAllTrustManager() {
78 return ACCEPT_ALL;
79 }
80
81
82
83
84
85
86
87
88
89
90
91
92 public static X509TrustManager getDefaultTrustManager(final KeyStore keyStore) throws GeneralSecurityException {
93 final String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
94 final TrustManagerFactory instance = TrustManagerFactory.getInstance(defaultAlgorithm);
95 instance.init(keyStore);
96 return (X509TrustManager) instance.getTrustManagers()[0];
97 }
98
99
100
101
102
103
104 public static X509TrustManager getValidateServerCertificateTrustManager() {
105 return CHECK_SERVER_VALIDITY;
106 }
107
108 }