Package org.apache.http.conn.ssl

Class AbstractVerifier

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      static boolean acceptableCountryWildcard​(java.lang.String cn)
      Deprecated.
      (4.3.1) should not be a part of public APIs.
      static int countDots​(java.lang.String s)
      Counts the number of dots "." in a string.
      static java.lang.String[] getCNs​(java.security.cert.X509Certificate cert)  
      static java.lang.String[] getDNSSubjectAlts​(java.security.cert.X509Certificate cert)
      Extracts the array of SubjectAlt DNS names from an X509Certificate.
      void verify​(java.lang.String host, java.lang.String[] cns, java.lang.String[] subjectAlts, boolean strictWithSubDomains)  
      void verify​(java.lang.String host, java.security.cert.X509Certificate cert)
      Verifies that the host name is an acceptable match with the server's authentication scheme based on the given X509Certificate.
      boolean verify​(java.lang.String host, javax.net.ssl.SSLSession session)  
      void verify​(java.lang.String host, javax.net.ssl.SSLSocket ssl)
      Verifies that the host name is an acceptable match with the server's authentication scheme based on the given SSLSocket.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • AbstractVerifier

        public AbstractVerifier()

    • Method Detail

      • verify

        public final void verify​(java.lang.String host,
                         javax.net.ssl.SSLSocket ssl)
                  throws java.io.IOException
        Description copied from interface: X509HostnameVerifier
        Verifies that the host name is an acceptable match with the server's authentication scheme based on the given SSLSocket.
        Specified by:
        verify in interface X509HostnameVerifier
        Parameters:
        host - the host.
        ssl - the SSL socket.
        Throws:
        java.io.IOException - if an I/O error occurs or the verification process fails.

      • verify

        public final boolean verify​(java.lang.String host,
                            javax.net.ssl.SSLSession session)
        Specified by:
        verify in interface javax.net.ssl.HostnameVerifier

      • verify

        public final void verify​(java.lang.String host,
                         java.security.cert.X509Certificate cert)
                  throws javax.net.ssl.SSLException
        Description copied from interface: X509HostnameVerifier
        Verifies that the host name is an acceptable match with the server's authentication scheme based on the given X509Certificate.
        Specified by:
        verify in interface X509HostnameVerifier
        Parameters:
        host - the host.
        cert - the certificate.
        Throws:
        javax.net.ssl.SSLException - if the verification process fails.

      • verify

        public final void verify​(java.lang.String host,
                         java.lang.String[] cns,
                         java.lang.String[] subjectAlts,
                         boolean strictWithSubDomains)
                  throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException

      • acceptableCountryWildcard

        @Deprecated
public static boolean acceptableCountryWildcard​(java.lang.String cn)
        Deprecated.
        (4.3.1) should not be a part of public APIs.

      • getCNs

        public static java.lang.String[] getCNs​(java.security.cert.X509Certificate cert)

      • getDNSSubjectAlts

        public static java.lang.String[] getDNSSubjectAlts​(java.security.cert.X509Certificate cert)
        Extracts the array of SubjectAlt DNS names from an X509Certificate. Returns null if there aren't any.

        Note: Java doesn't appear able to extract international characters from the SubjectAlts. It can only extract international characters from the CN field.

        (Or maybe the version of OpenSSL I'm using to test isn't storing the international characters correctly in the SubjectAlts?).

        Parameters:
        cert - X509Certificate
        Returns:
        Array of SubjectALT DNS names stored in the certificate.

      • countDots

        public static int countDots​(java.lang.String s)
        Counts the number of dots "." in a string.
        Parameters:
        s - string to count dots from
        Returns:
        number of dots