• Home
• com.taskadapter
• redmine-java-api
• 4.0.0.preview.3
• source code
• CompositeTrustManager.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.taskadapter.redmineapi.internal.comm.betterssl.CompositeTrustManager Maven / Gradle / Ivy

package com.taskadapter.redmineapi.internal.comm.betterssl;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;

import javax.net.ssl.X509TrustManager;

/**
 * Trust manager which trusts a host when at least one peer trusts the target.
 */
final class CompositeTrustManager implements X509TrustManager {
	
	/** Peers to delegate to. */
	private final Collection peers;
	
	/** All accepted issuers. */
	private final X509Certificate[] allCerts;

	/** 
	 * Creates a new composite manager.
	 * @param peers peers to delegate to.
	 */
	CompositeTrustManager(Collection peers) {
		this.peers = peers;
		final List certs = new ArrayList<>();
		for (X509TrustManager peer: peers) {
			certs.addAll(Arrays.asList(peer.getAcceptedIssuers()));
		}
		this.allCerts = certs.toArray(new X509Certificate[certs.size()]);
	}

	@Override
	public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
		for (X509TrustManager peer : peers) {
			try {
				peer.checkClientTrusted(chain, authType);
				return;
			} catch (CertificateException e) {
				//Let other manager to check this.
			}
		}
		throw new CertificateException("Could not authenticate client, nobody trusts it.");
	}

	@Override
	public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
		for (X509TrustManager peer : peers) {
			try {
				peer.checkServerTrusted(chain, authType);
				return;
			} catch (CertificateException e) {
				//Let other manager to check this.
			}
		}
		throw new CertificateException("Could not authenticate server, nobody trusts it.");
	}

	@Override
	public X509Certificate[] getAcceptedIssuers() {
		return allCerts;
	}

}