Most visited

Recently visited

Added in API level 17

X509TrustManagerExtensions

public class X509TrustManagerExtensions
extends Object

java.lang.Object
   ↳ android.net.http.X509TrustManagerExtensions


X509TrustManager wrapper exposing Android-added features.

The checkServerTrusted method allows callers to perform additional verification of certificate chains after they have been successfully verified by the platform.

Summary

Public constructors

X509TrustManagerExtensions(X509TrustManager tm)

Constructs a new X509TrustManagerExtensions wrapper.

Public methods

List<X509Certificate> checkServerTrusted(X509Certificate[] chain, String authType, String host)

Verifies the given certificate chain.

boolean isUserAddedCertificate(X509Certificate cert)

Checks whether a CA certificate is added by an user.

Inherited methods

From class java.lang.Object

Public constructors

X509TrustManagerExtensions

Added in API level 17
X509TrustManagerExtensions (X509TrustManager tm)

Constructs a new X509TrustManagerExtensions wrapper.

Parameters
tm X509TrustManager: A X509TrustManager as returned by TrustManagerFactory.getInstance();
Throws
IllegalArgumentException If tm is an unsupported TrustManager type.

Public methods

checkServerTrusted

Added in API level 17
List<X509Certificate> checkServerTrusted (X509Certificate[] chain, 
                String authType, 
                String host)

Verifies the given certificate chain.

See checkServerTrusted(X509Certificate[], String) for a description of the chain and authType parameters. The final parameter, host, should be the hostname of the server.

Parameters
chain X509Certificate
authType String
host String
Returns
List<X509Certificate> the properly ordered chain used for verification as a list of X509Certificates.
Throws
CertificateException if the chain does not verify correctly.

isUserAddedCertificate

Added in API level 21
boolean isUserAddedCertificate (X509Certificate cert)

Checks whether a CA certificate is added by an user.

Since checkServerTrusted(X509Certificate[], String) may allow its parameter chain to chain up to user-added CA certificates, this method can be used to perform additional policies for user-added CA certificates.

Parameters
cert X509Certificate
Returns
boolean true to indicate that the certificate authority exists in the user added certificate store, false otherwise.

Hooray!