use of javax.net.ssl.TrustManagerFactorySpi in project robovm by robovm.
the class myTrustManagerFactory method test_ConstructorLjavax_net_ssl_TrustManagerFactorySpiLjava_security_ProviderLjava_lang_String.
public void test_ConstructorLjavax_net_ssl_TrustManagerFactorySpiLjava_security_ProviderLjava_lang_String() throws NoSuchAlgorithmException {
TrustManagerFactorySpi spi = new MyTrustManagerFactorySpi();
TrustManagerFactory tmF = new myTrustManagerFactory(spi, getDefaultProvider(), getDefaultAlgorithm());
assertTrue("Not CertStore object", tmF instanceof TrustManagerFactory);
assertEquals("Incorrect algorithm", tmF.getAlgorithm(), getDefaultAlgorithm());
assertEquals("Incorrect provider", tmF.getProvider(), getDefaultProvider());
assertNull("Incorrect result", tmF.getTrustManagers());
tmF = new myTrustManagerFactory(null, null, null);
assertTrue("Not CertStore object", tmF instanceof TrustManagerFactory);
assertNull("Provider must be null", tmF.getProvider());
assertNull("Algorithm must be null", tmF.getAlgorithm());
try {
tmF.getTrustManagers();
fail("NullPointerException must be thrown");
} catch (NullPointerException e) {
}
}
use of javax.net.ssl.TrustManagerFactorySpi in project netty by netty.
the class SSLEngineTest method testUsingX509TrustManagerVerifiesHostname.
private void testUsingX509TrustManagerVerifiesHostname(SSLEngineTestParam param, boolean useSNI) throws Exception {
if (clientSslContextProvider() != null) {
// Not supported when using conscrypt
return;
}
String fqdn = "something.netty.io";
SelfSignedCertificate cert = new SelfSignedCertificate(fqdn);
clientSslCtx = wrapContext(param, SslContextBuilder.forClient().trustManager(new TrustManagerFactory(new TrustManagerFactorySpi() {
@Override
protected void engineInit(KeyStore keyStore) {
// NOOP
}
@Override
protected TrustManager[] engineGetTrustManagers() {
// Provide a custom trust manager, this manager trust all certificates
return new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) {
// NOOP
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) {
// NOOP
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return EmptyArrays.EMPTY_X509_CERTIFICATES;
}
} };
}
@Override
protected void engineInit(ManagerFactoryParameters managerFactoryParameters) {
}
}, null, TrustManagerFactory.getDefaultAlgorithm()) {
}).sslContextProvider(clientSslContextProvider()).sslProvider(sslClientProvider()).build());
SSLEngine client = wrapEngine(clientSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT, "127.0.0.1", 1234));
SSLParameters sslParameters = client.getSSLParameters();
sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
if (useSNI) {
sslParameters.setServerNames(Collections.<SNIServerName>singletonList(new SNIHostName(fqdn)));
}
client.setSSLParameters(sslParameters);
serverSslCtx = wrapContext(param, SslContextBuilder.forServer(cert.certificate(), cert.privateKey()).sslContextProvider(serverSslContextProvider()).sslProvider(sslServerProvider()).build());
SSLEngine server = wrapEngine(serverSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT));
try {
handshake(param.type(), param.delegate(), client, server);
if (!useSNI) {
fail();
}
} catch (SSLException exception) {
if (useSNI) {
throw exception;
}
// expected as the hostname not matches.
} finally {
cleanupClientSslEngine(client);
cleanupServerSslEngine(server);
cert.delete();
}
}
Aggregations