com.mysql.cj.protocol

Class ExportControlled.X509TrustManagerWrapper

java.lang.Object

com.mysql.cj.protocol.ExportControlled.X509TrustManagerWrapper

All Implemented Interfaces:

javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager

Enclosing class:

ExportControlled

public static class ExportControlled.X509TrustManagerWrapper
extends java.lang.Object
implements javax.net.ssl.X509TrustManager

Implementation of X509TrustManager wrapping JVM X509TrustManagers to add expiration and identity check

Field Summary

Fields

Modifier and Type	Field and Description
private java.security.cert.CertificateFactory	certFactory
private java.lang.String	hostName
private javax.net.ssl.X509TrustManager	origTm
private java.security.cert.CertPathValidator	validator
private java.security.cert.PKIXParameters	validatorParams
private boolean	verifyServerCert

Constructor Summary

Constructors

Constructor and Description
X509TrustManagerWrapper(boolean verifyServerCertificate, java.lang.String hostName)
X509TrustManagerWrapper(javax.net.ssl.X509TrustManager tm, boolean verifyServerCertificate, java.lang.String hostName)

Method Summary

Modifier and Type	Method and Description
void	checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)
void	checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)
java.security.cert.X509Certificate[]	getAcceptedIssuers()
private boolean	verifyHostName(java.lang.String ptn) Verify the host name against the given pattern, using the rules specified in RFC 6125, Section 6.4.3.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

origTm

private javax.net.ssl.X509TrustManager origTm

verifyServerCert

private boolean verifyServerCert

hostName

private java.lang.String hostName

certFactory

private java.security.cert.CertificateFactory certFactory

validatorParams

private java.security.cert.PKIXParameters validatorParams

validator

private java.security.cert.CertPathValidator validator

Constructor Detail

X509TrustManagerWrapper

public X509TrustManagerWrapper(javax.net.ssl.X509TrustManager tm,
                               boolean verifyServerCertificate,
                               java.lang.String hostName)
                        throws java.security.cert.CertificateException

Throws:

java.security.cert.CertificateException

X509TrustManagerWrapper

public X509TrustManagerWrapper(boolean verifyServerCertificate,
                               java.lang.String hostName)

Method Detail

getAcceptedIssuers

public java.security.cert.X509Certificate[] getAcceptedIssuers()

Specified by:

getAcceptedIssuers in interface javax.net.ssl.X509TrustManager

checkServerTrusted

public void checkServerTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType)
                        throws java.security.cert.CertificateException

Specified by:

checkServerTrusted in interface javax.net.ssl.X509TrustManager

Throws:

java.security.cert.CertificateException

checkClientTrusted

public void checkClientTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType)
                        throws java.security.cert.CertificateException

Specified by:

checkClientTrusted in interface javax.net.ssl.X509TrustManager

Throws:

java.security.cert.CertificateException

verifyHostName

private boolean verifyHostName(java.lang.String ptn)

Verify the host name against the given pattern, using the rules specified in RFC 6125, Section 6.4.3. Support wildcard character as defined in the RFC.

Parameters:

ptn - the pattern to match with the host name.

Returns:

true if the host name matches the pattern, false otherwise.