1/* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package libcore.javax.net.ssl; 18 19import java.io.PrintStream; 20import javax.net.ssl.TrustManager; 21import javax.net.ssl.X509TrustManager; 22import java.security.cert.CertificateException; 23import java.security.cert.X509Certificate; 24import libcore.java.io.NullPrintStream; 25import libcore.java.security.StandardNames; 26 27/** 28 * TestTrustManager is a simple proxy class that wraps an existing 29 * X509TrustManager to provide debug logging and recording of 30 * values. 31 */ 32public final class TestTrustManager implements X509TrustManager { 33 34 private static final boolean LOG = false; 35 private static final PrintStream out = LOG ? System.out : new NullPrintStream(); 36 37 private final X509TrustManager trustManager; 38 39 public static TrustManager[] wrap(TrustManager[] trustManagers) { 40 TrustManager[] result = trustManagers.clone(); 41 for (int i = 0; i < result.length; i++) { 42 result[i] = wrap(result[i]); 43 } 44 return result; 45 } 46 47 public static TrustManager wrap(TrustManager trustManager) { 48 if (!(trustManager instanceof X509TrustManager)) { 49 return trustManager; 50 } 51 return new TestTrustManager((X509TrustManager) trustManager); 52 } 53 54 public TestTrustManager(X509TrustManager trustManager) { 55 out.println("TestTrustManager.<init> trustManager=" + trustManager); 56 this.trustManager = trustManager; 57 } 58 59 public void checkClientTrusted(X509Certificate[] chain, String authType) 60 throws CertificateException { 61 out.print("TestTrustManager.checkClientTrusted " 62 + "chain=" + chain.length + " " 63 + "authType=" + authType + " "); 64 try { 65 assertClientAuthType(authType); 66 trustManager.checkClientTrusted(chain, authType); 67 out.println("OK"); 68 } catch (CertificateException e) { 69 e.printStackTrace(out); 70 throw e; 71 } 72 } 73 74 private void assertClientAuthType(String authType) { 75 if (!StandardNames.CLIENT_AUTH_TYPES.contains(authType)) { 76 throw new AssertionError("Unexpected client auth type " + authType); 77 } 78 } 79 80 public void checkServerTrusted(X509Certificate[] chain, String authType) 81 throws CertificateException { 82 out.print("TestTrustManager.checkServerTrusted " 83 + "chain=" + chain.length + " " 84 + "authType=" + authType + " "); 85 try { 86 assertServerAuthType(authType); 87 trustManager.checkServerTrusted(chain, authType); 88 out.println("OK"); 89 } catch (CertificateException e) { 90 e.printStackTrace(out); 91 throw e; 92 } 93 } 94 95 private void assertServerAuthType(String authType) { 96 if (!StandardNames.SERVER_AUTH_TYPES.contains(authType)) { 97 throw new AssertionError("Unexpected server auth type " + authType); 98 } 99 } 100 101 /** 102 * Returns the list of certificate issuer authorities which are trusted for 103 * authentication of peers. 104 * 105 * @return the list of certificate issuer authorities which are trusted for 106 * authentication of peers. 107 */ 108 public X509Certificate[] getAcceptedIssuers() { 109 X509Certificate[] result = trustManager.getAcceptedIssuers(); 110 out.print("TestTrustManager.getAcceptedIssuers result=" + result.length); 111 return result; 112 } 113} 114 115