android.net.http.X509TrustManagerExtensions Java Examples
The following examples show how to use
android.net.http.X509TrustManagerExtensions.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: OkHttpRootTrustManager.java From TrustKit-Android with MIT License | 7 votes |
|
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
String host = mServerHostname.get();
DomainPinningPolicy serverConfig =
TrustKit.getInstance().getConfiguration().getPolicyForHostname(host);
X509TrustManager trustManager = TrustKit.getInstance().getTrustManager(host);
//The first check is needed for compatibility with the Platform default's implementation of
//the Trust Manager. For APIs 24 and greater, the Platform's default TrustManager states
//that it requires usage of the hostname-aware version of checkServerTrusted for app's that
//implement Android's network_security_config file. The 2nd check is to allow usage of the
//X509TrustManagerExtensions class. Any API below will default to the baseline trust manager.
if (serverConfig == null && Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) {
new X509TrustManagerExtensions(trustManager).checkServerTrusted(chain, authType, host);
} else {
trustManager.checkServerTrusted(chain, authType);
}
}
Example #2
| Source File: PinningTrustManager.java From TrustKit-Android with MIT License | 6 votes |
|
/**
* A trust manager which implements path, hostname and pinning validation for a given hostname
* and sends pinning failure reports if validation failed.
*
* Before Android N, the PinningTrustManager implements pinning validation itself. On Android
* N and later the OS' implementation is used instead for pinning validation.
*
* @param serverHostname: The hostname of the server whose identity is being validated. It will
* be validated against the name(s) the leaf certificate was issued for
* when performing hostname validation.
* @param serverConfig: The pinning policy to be enforced when doing pinning validation.
* @param baselineTrustManager: The trust manager to use for path validation.
*/
public PinningTrustManager(@NonNull String serverHostname,
@NonNull DomainPinningPolicy serverConfig,
@NonNull X509TrustManager baselineTrustManager) {
// Store server's information
this.serverHostname = serverHostname;
this.serverConfig = serverConfig;
if (Build.VERSION.SDK_INT < 17) {
// No pinning validation at all for API level < 17
// Because X509TrustManagerExtensions is not available
this.baselineTrustManager = null;
} else {
// We use the default trust manager so we can perform regular SSL validation and we wrap
// it in the Android-specific X509TrustManagerExtensions, which provides an API to
// compute the cleaned/verified server certificate chain that we eventually need for
// pinning validation. Also the X509TrustManagerExtensions provides a
// checkServerTrusted() where the hostname can be supplied, allowing it to call the
// (system) RootTrustManager on Android N
this.baselineTrustManager = new X509TrustManagerExtensions(baselineTrustManager);
}
}
Example #3
| Source File: X509Util.java From cronet with BSD 3-Clause "New" or "Revised" License | 4 votes |
|
@SuppressLint("NewApi")
public X509TrustManagerJellyBean(X509TrustManager trustManager) {
mTrustManagerExtensions = new X509TrustManagerExtensions(trustManager);
}
Example #4
| Source File: X509Util.java From 365browser with Apache License 2.0 | 4 votes |
|
@SuppressLint("NewApi")
public X509TrustManagerJellyBean(X509TrustManager trustManager) {
mTrustManagerExtensions = new X509TrustManagerExtensions(trustManager);
}
