View Javadoc

1   /*
2    * Copyright 2012 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package org.jboss.netty.example.securechat;
17  
18  import javax.net.ssl.ManagerFactoryParameters;
19  import javax.net.ssl.TrustManager;
20  import javax.net.ssl.TrustManagerFactorySpi;
21  import javax.net.ssl.X509TrustManager;
22  import java.security.InvalidAlgorithmParameterException;
23  import java.security.KeyStore;
24  import java.security.KeyStoreException;
25  import java.security.cert.X509Certificate;
26  
27  /**
28   * Bogus {@link TrustManagerFactorySpi} which accepts any certificate
29   * even if it is invalid.
30   */
31  public class SecureChatTrustManagerFactory extends TrustManagerFactorySpi {
32  
33      private static final TrustManager DUMMY_TRUST_MANAGER = new X509TrustManager() {
34          public X509Certificate[] getAcceptedIssuers() {
35              return new X509Certificate[0];
36          }
37  
38          public void checkClientTrusted(X509Certificate[] chain, String authType) {
39              // Always trust - it is an example.
40              // You should do something in the real world.
41              // You will reach here only if you enabled client certificate auth,
42              // as described in SecureChatSslContextFactory.
43              System.err.println(
44                      "UNKNOWN CLIENT CERTIFICATE: " + chain[0].getSubjectDN());
45          }
46  
47          public void checkServerTrusted(X509Certificate[] chain, String authType) {
48              // Always trust - it is an example.
49              // You should do something in the real world.
50              System.err.println(
51                      "UNKNOWN SERVER CERTIFICATE: " + chain[0].getSubjectDN());
52          }
53      };
54  
55      public static TrustManager[] getTrustManagers() {
56          return new TrustManager[] { DUMMY_TRUST_MANAGER };
57      }
58  
59      @Override
60      protected TrustManager[] engineGetTrustManagers() {
61          return getTrustManagers();
62      }
63  
64      @Override
65      protected void engineInit(KeyStore keystore) throws KeyStoreException {
66          // Unused
67      }
68  
69      @Override
70      protected void engineInit(ManagerFactoryParameters managerFactoryParameters)
71              throws InvalidAlgorithmParameterException {
72          // Unused
73      }
74  }