Search in sources :

Example 1 with TrustManagerFactorySpi

use of javax.net.ssl.TrustManagerFactorySpi in project robovm by robovm.

the class myTrustManagerFactory method test_ConstructorLjavax_net_ssl_TrustManagerFactorySpiLjava_security_ProviderLjava_lang_String.

public void test_ConstructorLjavax_net_ssl_TrustManagerFactorySpiLjava_security_ProviderLjava_lang_String() throws NoSuchAlgorithmException {
    TrustManagerFactorySpi spi = new MyTrustManagerFactorySpi();
    TrustManagerFactory tmF = new myTrustManagerFactory(spi, getDefaultProvider(), getDefaultAlgorithm());
    assertTrue("Not CertStore object", tmF instanceof TrustManagerFactory);
    assertEquals("Incorrect algorithm", tmF.getAlgorithm(), getDefaultAlgorithm());
    assertEquals("Incorrect provider", tmF.getProvider(), getDefaultProvider());
    assertNull("Incorrect result", tmF.getTrustManagers());
    tmF = new myTrustManagerFactory(null, null, null);
    assertTrue("Not CertStore object", tmF instanceof TrustManagerFactory);
    assertNull("Provider must be null", tmF.getProvider());
    assertNull("Algorithm must be null", tmF.getAlgorithm());
    try {
        tmF.getTrustManagers();
        fail("NullPointerException must be thrown");
    } catch (NullPointerException e) {
    }
}
Also used : MyTrustManagerFactorySpi(org.apache.harmony.xnet.tests.support.MyTrustManagerFactorySpi) TrustManagerFactorySpi(javax.net.ssl.TrustManagerFactorySpi) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) MyTrustManagerFactorySpi(org.apache.harmony.xnet.tests.support.MyTrustManagerFactorySpi)

Example 2 with TrustManagerFactorySpi

use of javax.net.ssl.TrustManagerFactorySpi in project netty by netty.

the class SSLEngineTest method testUsingX509TrustManagerVerifiesHostname.

private void testUsingX509TrustManagerVerifiesHostname(SSLEngineTestParam param, boolean useSNI) throws Exception {
    if (clientSslContextProvider() != null) {
        // Not supported when using conscrypt
        return;
    }
    String fqdn = "something.netty.io";
    SelfSignedCertificate cert = new SelfSignedCertificate(fqdn);
    clientSslCtx = wrapContext(param, SslContextBuilder.forClient().trustManager(new TrustManagerFactory(new TrustManagerFactorySpi() {

        @Override
        protected void engineInit(KeyStore keyStore) {
        // NOOP
        }

        @Override
        protected TrustManager[] engineGetTrustManagers() {
            // Provide a custom trust manager, this manager trust all certificates
            return new TrustManager[] { new X509TrustManager() {

                @Override
                public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) {
                // NOOP
                }

                @Override
                public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) {
                // NOOP
                }

                @Override
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    return EmptyArrays.EMPTY_X509_CERTIFICATES;
                }
            } };
        }

        @Override
        protected void engineInit(ManagerFactoryParameters managerFactoryParameters) {
        }
    }, null, TrustManagerFactory.getDefaultAlgorithm()) {
    }).sslContextProvider(clientSslContextProvider()).sslProvider(sslClientProvider()).build());
    SSLEngine client = wrapEngine(clientSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT, "127.0.0.1", 1234));
    SSLParameters sslParameters = client.getSSLParameters();
    sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
    if (useSNI) {
        sslParameters.setServerNames(Collections.<SNIServerName>singletonList(new SNIHostName(fqdn)));
    }
    client.setSSLParameters(sslParameters);
    serverSslCtx = wrapContext(param, SslContextBuilder.forServer(cert.certificate(), cert.privateKey()).sslContextProvider(serverSslContextProvider()).sslProvider(sslServerProvider()).build());
    SSLEngine server = wrapEngine(serverSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT));
    try {
        handshake(param.type(), param.delegate(), client, server);
        if (!useSNI) {
            fail();
        }
    } catch (SSLException exception) {
        if (useSNI) {
            throw exception;
        }
    // expected as the hostname not matches.
    } finally {
        cleanupClientSslEngine(client);
        cleanupServerSslEngine(server);
        cert.delete();
    }
}
Also used : SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate) SSLEngine(javax.net.ssl.SSLEngine) KeyStore(java.security.KeyStore) SSLException(javax.net.ssl.SSLException) X509Certificate(javax.security.cert.X509Certificate) SSLParameters(javax.net.ssl.SSLParameters) X509TrustManager(javax.net.ssl.X509TrustManager) SNIHostName(javax.net.ssl.SNIHostName) SimpleTrustManagerFactory(io.netty.handler.ssl.util.SimpleTrustManagerFactory) InsecureTrustManagerFactory(io.netty.handler.ssl.util.InsecureTrustManagerFactory) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) TrustManagerFactorySpi(javax.net.ssl.TrustManagerFactorySpi) ManagerFactoryParameters(javax.net.ssl.ManagerFactoryParameters)

Aggregations

TrustManagerFactory (javax.net.ssl.TrustManagerFactory)2 TrustManagerFactorySpi (javax.net.ssl.TrustManagerFactorySpi)2 InsecureTrustManagerFactory (io.netty.handler.ssl.util.InsecureTrustManagerFactory)1 SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)1 SimpleTrustManagerFactory (io.netty.handler.ssl.util.SimpleTrustManagerFactory)1 KeyStore (java.security.KeyStore)1 ManagerFactoryParameters (javax.net.ssl.ManagerFactoryParameters)1 SNIHostName (javax.net.ssl.SNIHostName)1 SSLEngine (javax.net.ssl.SSLEngine)1 SSLException (javax.net.ssl.SSLException)1 SSLParameters (javax.net.ssl.SSLParameters)1 X509TrustManager (javax.net.ssl.X509TrustManager)1 X509Certificate (javax.security.cert.X509Certificate)1 MyTrustManagerFactorySpi (org.apache.harmony.xnet.tests.support.MyTrustManagerFactorySpi)1