Skip to content
Snippets Groups Projects
Select Git revision
  • main default protected
  • wip
  • ChenZhangg-Modify_GRADLE_1
  • jetpack-compose-rewrite
  • demo-jump-in-history
  • attachments
  • 1.7.0 protected
  • 1.6.2 protected
  • 1.6.1 protected
  • 1.6.0 protected
  • 1.5.3 protected
  • 1.5.2 protected
  • 1.5.1 protected
  • 1.5.0 protected
  • 1.4.4 protected
  • 1.4.3 protected
  • 1.4.2 protected
  • 1.4.1 protected
  • 1.4.0 protected
  • v1.3.3 protected
  • v1.3.2 protected
  • v1.3.1 protected
  • v1.3.0 protected
  • v1.2.28 protected
  • v1.2.27 protected
  • v1.2.26 protected
26 results

QuasselTrustManager.kt

Blame
    • QuasselTrustManager.kt 2.46 KiB 
    /*
 * Quasseldroid - Quassel client for Android
 *
 * Copyright (c) 2018 Janne Koschinski
 * Copyright (c) 2018 The Quassel Project
 *
 * This program is free software: you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 3 as published
 * by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

package de.kuschku.quasseldroid.ssl

import de.kuschku.libquassel.connection.QuasselSecurityException
import de.kuschku.quasseldroid.ssl.custom.QuasselCertificateManager
import java.security.GeneralSecurityException
import java.security.KeyStore
import java.security.cert.X509Certificate
import javax.net.ssl.KeyManagerFactory
import javax.net.ssl.TrustManagerFactory
import javax.net.ssl.X509TrustManager

class QuasselTrustManager private constructor(
  private val certificateManager: QuasselCertificateManager,
  private val trustManager: X509TrustManager?
) : X509TrustManager {
  constructor(
    certificateManager: QuasselCertificateManager,
    factory: TrustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).apply {
      init(null as KeyStore?)
    }
  ) : this(
    certificateManager,
    factory.trustManagers.mapNotNull {
      it as? X509TrustManager
    }.firstOrNull()
  )

  override fun checkClientTrusted(chain: Array<out X509Certificate>?, authType: String?) {
    try {
      trustManager?.checkClientTrusted(chain, authType)
      ?: throw GeneralSecurityException("No TrustManager available")
    } catch (e: GeneralSecurityException) {
      throw QuasselSecurityException.Certificate(chain, e)
    }
  }

  override fun checkServerTrusted(chain: Array<out X509Certificate>?, authType: String?) {
    try {
      if (!certificateManager.isServerTrusted(chain)) {
        trustManager?.checkServerTrusted(chain, authType)
        ?: throw GeneralSecurityException("No TrustManager available")
      }
    } catch (e: GeneralSecurityException) {
      throw QuasselSecurityException.Certificate(chain, e)
    }
  }

  override fun getAcceptedIssuers(): Array<X509Certificate> =
    trustManager?.acceptedIssuers ?: emptyArray()
}