• Home
• com.marklogic
• marklogic-corb
• 2.4.2
• source code
• TrustAnyoneSSLConfig.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.marklogic.developer.corb.TrustAnyoneSSLConfig Maven / Gradle / Ivy

/*
 * Copyright (c) 2004-2018 MarkLogic Corporation
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 * The use of the Apache License does not indicate that this project is
 * affiliated with the Apache Software Foundation.
 */
package com.marklogic.developer.corb;

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/**
 * Creates a TrustManager that does not validate certificate chains.
 * Useful for bypassing issues with self-signed certs, but should be used with
 * caution.
 *
 * @since 2.2.0
 */
public class TrustAnyoneSSLConfig extends AbstractSSLConfig {

    /**
     * Returns an SSLContext, which will not perform any certificate chain
     * validation. Use with caution!
     *
     * @return an SSLv3 SSLContext with a TrustManager that will not validate
     * certificate chains.
     * @throws NoSuchAlgorithmException
     * @throws KeyManagementException
     */
    @Override
    public SSLContext getSSLContext() throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sslContext = SSLContext.getInstance("SSLv3");
        TrustManager[] trust = new TrustManager[]{new TrustAnyoneManager()};
        sslContext.init(null, trust, null);
        return sslContext;
    }

    /**
     * Returns the names of the SSL cipher suites which are currently enabled
     * for use on this engine.
     *
     * @return an empty array
     */
    @Override
    public String[] getEnabledCipherSuites() {
        return new String[0];
    }

    /**
     * Returns the names of the protocol versions currently enabled for use with
     * this SSLEngine.
     *
     * @return an empty array
     */
    @Override
    public String[] getEnabledProtocols() {
        return new String[0];
    }

    private static class TrustAnyoneManager implements X509TrustManager {

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override
        public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException {
            // no exception means it's okay
        }

        @Override
        public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException {
            // no exception means it's okay
        }
    }
}