View Javadoc
1   /*
2    * Copyright 2014 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty5.handler.ssl.util;
17  
18  import io.netty5.util.internal.EmptyArrays;
19  import io.netty5.util.internal.logging.InternalLogger;
20  import io.netty5.util.internal.logging.InternalLoggerFactory;
21  
22  import javax.net.ssl.ManagerFactoryParameters;
23  import javax.net.ssl.TrustManager;
24  import javax.net.ssl.TrustManagerFactory;
25  import javax.net.ssl.X509TrustManager;
26  import java.security.KeyStore;
27  import java.security.cert.X509Certificate;
28  
29  /**
30   * An insecure {@link TrustManagerFactory} that trusts all X.509 certificates without any verification.
31   * <p>
32   * <strong>NOTE:</strong>
33   * Never use this {@link TrustManagerFactory} in production.
34   * It is purely for testing purposes, and thus it is very insecure.
35   * </p>
36   */
37  public final class InsecureTrustManagerFactory extends SimpleTrustManagerFactory {
38  
39      private static final InternalLogger logger = InternalLoggerFactory.getInstance(InsecureTrustManagerFactory.class);
40  
41      public static final TrustManagerFactory INSTANCE = new InsecureTrustManagerFactory();
42  
43      private static final TrustManager tm = new X509TrustManager() {
44          @Override
45          public void checkClientTrusted(X509Certificate[] chain, String s) {
46              if (logger.isDebugEnabled()) {
47                  logger.debug("Accepting a client certificate: " + chain[0].getSubjectDN());
48              }
49          }
50  
51          @Override
52          public void checkServerTrusted(X509Certificate[] chain, String s) {
53              if (logger.isDebugEnabled()) {
54                  logger.debug("Accepting a server certificate: " + chain[0].getSubjectDN());
55              }
56          }
57  
58          @Override
59          public X509Certificate[] getAcceptedIssuers() {
60              return EmptyArrays.EMPTY_X509_CERTIFICATES;
61          }
62      };
63  
64      private InsecureTrustManagerFactory() { }
65  
66      @Override
67      protected void engineInit(KeyStore keyStore) throws Exception { }
68  
69      @Override
70      protected void engineInit(ManagerFactoryParameters managerFactoryParameters) throws Exception { }
71  
72      @Override
73      protected TrustManager[] engineGetTrustManagers() {
74          return new TrustManager[] { tm };
75      }
76  }