1 package org.apache.maven.wagon.shared.http4;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import javax.net.ssl.SSLContext;
23 import javax.net.ssl.TrustManager;
24 import javax.net.ssl.TrustManagerFactory;
25 import javax.net.ssl.X509TrustManager;
26 import java.io.IOException;
27 import java.security.KeyStore;
28 import java.security.KeyStoreException;
29 import java.security.NoSuchAlgorithmException;
30 import java.security.cert.CertificateException;
31 import java.security.cert.CertificateExpiredException;
32 import java.security.cert.CertificateNotYetValidException;
33 import java.security.cert.X509Certificate;
34
35
36
37
38
39
40
41
42 public class RelaxedX509TrustManager
43 implements X509TrustManager
44 {
45 private X509TrustManager standardTrustManager = null;
46
47 protected static SSLContext createRelaxedSSLContext()
48 throws IOException
49 {
50 try
51 {
52 SSLContext context = SSLContext.getInstance( "SSL" );
53 context.init( null, new TrustManager[]{ new RelaxedX509TrustManager( null ) }, null );
54 return context;
55 }
56 catch ( Exception e )
57 {
58 IOException ioe = new IOException( e.getMessage() );
59 ioe.initCause( e );
60 throw ioe;
61 }
62 }
63
64
65
66
67 public RelaxedX509TrustManager( KeyStore keystore )
68 throws NoSuchAlgorithmException, KeyStoreException
69 {
70 super();
71 TrustManagerFactory factory = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm() );
72 factory.init( keystore );
73 TrustManager[] trustmanagers = factory.getTrustManagers();
74 if ( trustmanagers.length == 0 )
75 {
76 throw new NoSuchAlgorithmException( "no trust manager found" );
77 }
78 this.standardTrustManager = (X509TrustManager) trustmanagers[0];
79 }
80
81
82
83
84 public void checkClientTrusted( X509Certificate[] certificates, String authType )
85 throws CertificateException
86 {
87 standardTrustManager.checkClientTrusted( certificates, authType );
88 }
89
90
91
92
93 public void checkServerTrusted( X509Certificate[] certificates, String authType )
94 throws CertificateException
95 {
96
97 if ( ( certificates != null ) && ( certificates.length == 1 ) )
98 {
99 try
100 {
101 certificates[0].checkValidity();
102 }
103 catch ( CertificateExpiredException e )
104 {
105 if ( !AbstractHttpClientWagon.IGNORE_SSL_VALIDITY_DATES )
106 {
107 throw e;
108 }
109 }
110 catch ( CertificateNotYetValidException e )
111 {
112 if ( !AbstractHttpClientWagon.IGNORE_SSL_VALIDITY_DATES )
113 {
114 throw e;
115 }
116 }
117 }
118 else
119 {
120 standardTrustManager.checkServerTrusted( certificates, authType );
121 }
122 }
123
124
125
126
127 public X509Certificate[] getAcceptedIssuers()
128 {
129 return this.standardTrustManager.getAcceptedIssuers();
130 }
131 }