public
class
X509TrustManagerExtensions
extends Object
java.lang.Object | |
↳ | android.net.http.X509TrustManagerExtensions |
X509TrustManager wrapper exposing Android-added features.
The checkServerTrusted method allows callers to perform additional verification of certificate chains after they have been successfully verified by the platform.
Public constructors | |
---|---|
X509TrustManagerExtensions(X509TrustManager tm)
Constructs a new X509TrustManagerExtensions wrapper. |
Public methods | |
---|---|
List<X509Certificate>
|
checkServerTrusted(X509Certificate[] chain, String authType, String host)
Verifies the given certificate chain. |
boolean
|
isUserAddedCertificate(X509Certificate cert)
Checks whether a CA certificate is added by an user. |
Inherited methods | |
---|---|
From
class
java.lang.Object
|
X509TrustManagerExtensions (X509TrustManager tm)
Constructs a new X509TrustManagerExtensions wrapper.
Parameters | |
---|---|
tm |
X509TrustManager :
A X509TrustManager as returned by TrustManagerFactory.getInstance(); |
Throws | |
---|---|
IllegalArgumentException |
If tm is an unsupported TrustManager type. |
List<X509Certificate> checkServerTrusted (X509Certificate[] chain, String authType, String host)
Verifies the given certificate chain.
See checkServerTrusted(X509Certificate[], String)
for a
description of the chain and authType parameters. The final parameter, host, should be the
hostname of the server.
Parameters | |
---|---|
chain |
X509Certificate
|
authType |
String
|
host |
String
|
Returns | |
---|---|
List<X509Certificate> |
the properly ordered chain used for verification as a list of X509Certificates. |
Throws | |
---|---|
CertificateException |
if the chain does not verify correctly. |
boolean isUserAddedCertificate (X509Certificate cert)
Checks whether a CA certificate is added by an user.
Since checkServerTrusted(X509Certificate[], String)
may allow its parameter chain
to
chain up to user-added CA certificates, this method can be used to perform additional
policies for user-added CA certificates.
Parameters | |
---|---|
cert |
X509Certificate
|
Returns | |
---|---|
boolean |
true to indicate that the certificate authority exists in the user added
certificate store, false otherwise.
|