Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/src/java.base/share/classes/javax/net/ssl/X509TrustManager.java
41159 views
1
/*

2
 * Copyright (c) 1999, 2005, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.  Oracle designates this

8
 * particular file as subject to the "Classpath" exception as provided

9
 * by Oracle in the LICENSE file that accompanied this code.

10
 *

11
 * This code is distributed in the hope that it will be useful, but WITHOUT

12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

14
 * version 2 for more details (a copy is included in the LICENSE file that

15
 * accompanied this code).

16
 *

17
 * You should have received a copy of the GNU General Public License version

18
 * 2 along with this work; if not, write to the Free Software Foundation,

19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

20
 *

21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

22
 * or visit www.oracle.com if you need additional information or have any

23
 * questions.

24
 */

25


26
package javax.net.ssl;

27


28
import java.security.cert.*;

29


30
/**

31
 * Instance of this interface manage which X509 certificates

32
 * may be used to authenticate the remote side of a secure

33
 * socket. Decisions may be based on trusted certificate

34
 * authorities, certificate revocation lists, online

35
 * status checking or other means.

36
 *

37
 * @since 1.4

38
 */

39
public interface X509TrustManager extends TrustManager {

40
    /**

41
     * Given the partial or complete certificate chain provided by the

42
     * peer, build a certificate path to a trusted root and return if

43
     * it can be validated and is trusted for client SSL

44
     * authentication based on the authentication type.

45
     * <p>

46
     * The authentication type is determined by the actual certificate

47
     * used. For instance, if RSAPublicKey is used, the authType

48
     * should be "RSA". Checking is case-sensitive.

49
     *

50
     * @param chain the peer certificate chain

51
     * @param authType the authentication type based on the client certificate

52
     * @throws IllegalArgumentException if null or zero-length chain

53
     *         is passed in for the chain parameter or if null or zero-length

54
     *         string is passed in for the  authType parameter

55
     * @throws CertificateException if the certificate chain is not trusted

56
     *         by this TrustManager.

57
     */

58
    public void checkClientTrusted(X509Certificate[] chain, String authType)

59
        throws CertificateException;

60


61
    /**

62
     * Given the partial or complete certificate chain provided by the

63
     * peer, build a certificate path to a trusted root and return if

64
     * it can be validated and is trusted for server SSL

65
     * authentication based on the authentication type.

66
     * <p>

67
     * The authentication type is the key exchange algorithm portion

68
     * of the cipher suites represented as a String, such as "RSA",

69
     * "DHE_DSS". Note: for some exportable cipher suites, the key

70
     * exchange algorithm is determined at run time during the

71
     * handshake. For instance, for TLS_RSA_EXPORT_WITH_RC4_40_MD5,

72
     * the authType should be RSA_EXPORT when an ephemeral RSA key is

73
     * used for the key exchange, and RSA when the key from the server

74
     * certificate is used. Checking is case-sensitive.

75
     *

76
     * @param chain the peer certificate chain

77
     * @param authType the key exchange algorithm used

78
     * @throws IllegalArgumentException if null or zero-length chain

79
     *         is passed in for the chain parameter or if null or zero-length

80
     *         string is passed in for the  authType parameter

81
     * @throws CertificateException if the certificate chain is not trusted

82
     *         by this TrustManager.

83
     */

84
    public void checkServerTrusted(X509Certificate[] chain, String authType)

85
        throws CertificateException;

86


87
    /**

88
     * Return an array of certificate authority certificates

89
     * which are trusted for authenticating peers.

90
     *

91
     * @return a non-null (possibly empty) array of acceptable

92
     *          CA issuer certificates.

93
     */

94
    public X509Certificate[] getAcceptedIssuers();

95
}

96


97