public class X509TrustManagerExtensions
extends Object
java.lang.Object | |
↳ | android.net.http.X509TrustManagerExtensions |
X509TrustManager wrapper exposing Android-added features.
The checkServerTrusted method allows callers to perform additional verification of certificate chains after they have been successfully verified by the platform.
Public constructors |
|
---|---|
X509TrustManagerExtensions(X509TrustManager tm) Constructs a new X509TrustManagerExtensions wrapper. |
Public methods |
|
---|---|
List<X509Certificate> |
checkServerTrusted(X509Certificate[] chain, String authType, String host) Verifies the given certificate chain. |
boolean |
isUserAddedCertificate(X509Certificate cert) Checks whether a CA certificate is added by an user. |
Inherited methods |
|
---|---|
![]() java.lang.Object
|
X509TrustManagerExtensions (X509TrustManager tm)
Constructs a new X509TrustManagerExtensions wrapper.
Parameters | |
---|---|
tm |
X509TrustManager : A X509TrustManager as returned by TrustManagerFactory.getInstance(); |
Throws | |
---|---|
IllegalArgumentException |
If tm is an unsupported TrustManager type. |
List<X509Certificate> checkServerTrusted (X509Certificate[] chain, String authType, String host)
Verifies the given certificate chain.
See checkServerTrusted(X509Certificate[], String)
for a description of the chain and authType parameters. The final parameter, host, should be the hostname of the server.
Parameters | |
---|---|
chain |
X509Certificate
|
authType |
String
|
host |
String
|
Returns | |
---|---|
List<X509Certificate> |
the properly ordered chain used for verification as a list of X509Certificates. |
Throws | |
---|---|
CertificateException |
if the chain does not verify correctly. |
boolean isUserAddedCertificate (X509Certificate cert)
Checks whether a CA certificate is added by an user.
Since checkServerTrusted(X509Certificate[], String)
may allow its parameter chain
to chain up to user-added CA certificates, this method can be used to perform additional policies for user-added CA certificates.
Parameters | |
---|---|
cert |
X509Certificate
|
Returns | |
---|---|
boolean |
true to indicate that the certificate authority exists in the user added certificate store, false otherwise. |