Coverage Report

Coverage Report - org.apache.commons.httpclient.contrib.ssl.EasyX509TrustManager

Classes in this File

Line Coverage

Branch Coverage

Complexity

EasyX509TrustManager

0/21

0/12

2.75

 /**
  * Copyright 2005-2011 The Kuali Foundation
  *
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  * http://www.opensource.org/licenses/ecl2.php
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.commons.httpclient.contrib.ssl;
 
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 
 import javax.net.ssl.TrustManagerFactory;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509TrustManager;
 import org.apache.commons.logging.Log; 
 import org.apache.commons.logging.LogFactory;
 
 /**
  * <p>
  * EasyX509TrustManager unlike default {@link X509TrustManager} accepts 
  * self-signed certificates. 
  * </p>
  * <p>
  * This trust manager SHOULD NOT be used for productive systems 
  * due to security reasons, unless it is a concious decision and 
  * you are perfectly aware of security implications of accepting 
  * self-signed certificates
  * </p>
  * 
  * @author <a href="mailto:adrian.sutton@ephox.com">Adrian Sutton</a>
  * @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
  * 
  * <p>
  * DISCLAIMER: HttpClient developers DO NOT actively support this component.
  * The component is provided as a reference material, which may be inappropriate
  * for use without additional customization.
  * </p>
  */
 
 public class EasyX509TrustManager implements X509TrustManager
 {
     private X509TrustManager standardTrustManager = null;
 
     /** Log object for this class. */
     private static final Log LOG = LogFactory.getLog(EasyX509TrustManager.class);
 
     /**
      * Constructor for EasyX509TrustManager.
      */
     public EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
         super();
         TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
         factory.init(keystore);
         TrustManager[] trustmanagers = factory.getTrustManagers();
         if (trustmanagers.length == 0) {
             throw new NoSuchAlgorithmException("no trust manager found");
         }
         this.standardTrustManager = (X509TrustManager)trustmanagers[0];
     }
 
     /**
      * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType)
      */
     public void checkClientTrusted(X509Certificate[] certificates,String authType) throws CertificateException {
         standardTrustManager.checkClientTrusted(certificates,authType);
     }
 
     /**
      * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType)
      */
     public void checkServerTrusted(X509Certificate[] certificates,String authType) throws CertificateException {
         if ((certificates != null) && LOG.isDebugEnabled()) {
             LOG.debug("Server certificate chain:");
             for (int i = 0; i < certificates.length; i++) {
                 LOG.debug("X509Certificate[" + i + "]=" + certificates[i]);
             }
         }
         if ((certificates != null) && (certificates.length == 1)) {
             certificates[0].checkValidity();
         } else {
             standardTrustManager.checkServerTrusted(certificates,authType);
         }
     }
 
     /**
      * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
      */
     public X509Certificate[] getAcceptedIssuers() {
         return this.standardTrustManager.getAcceptedIssuers();
     }
 }

1		/**
2		* Copyright 2005-2011 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl2.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.apache.commons.httpclient.contrib.ssl;
17
18		import java.security.KeyStore;
19		import java.security.KeyStoreException;
20		import java.security.NoSuchAlgorithmException;
21		import java.security.cert.CertificateException;
22		import java.security.cert.X509Certificate;
23
24		import javax.net.ssl.TrustManagerFactory;
25		import javax.net.ssl.TrustManager;
26		import javax.net.ssl.X509TrustManager;
27		import org.apache.commons.logging.Log;
28		import org.apache.commons.logging.LogFactory;
29
30		/**
31		* <p>
32		* EasyX509TrustManager unlike default {@link X509TrustManager} accepts
33		* self-signed certificates.
34		* </p>
35		* <p>
36		* This trust manager SHOULD NOT be used for productive systems
37		* due to security reasons, unless it is a concious decision and
38		* you are perfectly aware of security implications of accepting
39		* self-signed certificates
40		* </p>
41		*
42		* @author <a href="mailto:adrian.sutton@ephox.com">Adrian Sutton</a>
43		* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
44		*
45		* <p>
46		* DISCLAIMER: HttpClient developers DO NOT actively support this component.
47		* The component is provided as a reference material, which may be inappropriate
48		* for use without additional customization.
49		* </p>
50		*/
51
52		public class EasyX509TrustManager implements X509TrustManager
53		{
54	0	private X509TrustManager standardTrustManager = null;
55
56		/** Log object for this class. */
57	0	private static final Log LOG = LogFactory.getLog(EasyX509TrustManager.class);
58
59		/**
60		* Constructor for EasyX509TrustManager.
61		*/
62		public EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
63	0	super();
64	0	TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
65	0	factory.init(keystore);
66	0	TrustManager[] trustmanagers = factory.getTrustManagers();
67	0	if (trustmanagers.length == 0) {
68	0	throw new NoSuchAlgorithmException("no trust manager found");
69		}
70	0	this.standardTrustManager = (X509TrustManager)trustmanagers[0];
71	0	}
72
73		/**
74		* @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType)
75		*/
76		public void checkClientTrusted(X509Certificate[] certificates,String authType) throws CertificateException {
77	0	standardTrustManager.checkClientTrusted(certificates,authType);
78	0	}
79
80		/**
81		* @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType)
82		*/
83		public void checkServerTrusted(X509Certificate[] certificates,String authType) throws CertificateException {
84	0	if ((certificates != null) && LOG.isDebugEnabled()) {
85	0	LOG.debug("Server certificate chain:");
86	0	for (int i = 0; i < certificates.length; i++) {
87	0	LOG.debug("X509Certificate[" + i + "]=" + certificates[i]);
88		}
89		}
90	0	if ((certificates != null) && (certificates.length == 1)) {
91	0	certificates[0].checkValidity();
92		} else {
93	0	standardTrustManager.checkServerTrusted(certificates,authType);
94		}
95	0	}
96
97		/**
98		* @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
99		*/
100		public X509Certificate[] getAcceptedIssuers() {
101	0	return this.standardTrustManager.getAcceptedIssuers();
102		}
103		}