View Javadoc
1   package org.apache.maven.wagon.shared.http;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *   http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import org.apache.http.conn.ssl.TrustStrategy;
23  
24  import java.security.cert.CertificateException;
25  import java.security.cert.CertificateExpiredException;
26  import java.security.cert.CertificateNotYetValidException;
27  import java.security.cert.X509Certificate;
28  
29  /**
30   * Relaxed X509 certificate trust manager: can ignore invalid certificate date.
31   *
32   * @author Olivier Lamy
33   * @since 2.0
34   */
35  public class RelaxedTrustStrategy
36      implements TrustStrategy
37  {
38      private final boolean ignoreSSLValidityDates;
39  
40      public RelaxedTrustStrategy( boolean ignoreSSLValidityDates )
41      {
42          this.ignoreSSLValidityDates = ignoreSSLValidityDates;
43      }
44  
45      public boolean isTrusted( X509Certificate[] certificates, String authType )
46          throws CertificateException
47      {
48          if ( ( certificates != null ) && ( certificates.length > 0 ) )
49          {
50              for ( X509Certificate currentCertificate : certificates )
51              {
52                  try
53                  {
54                      currentCertificate.checkValidity();
55                  }
56                  catch ( CertificateExpiredException e )
57                  {
58                      if ( !ignoreSSLValidityDates )
59                      {
60                          throw e;
61                      }
62                  }
63                  catch ( CertificateNotYetValidException e )
64                  {
65                      if ( !ignoreSSLValidityDates )
66                      {
67                          throw e;
68                      }
69                  }
70              }
71              return true;
72          }
73          else
74          {
75              return false;
76          }
77      }
78  
79  }