com.amazonaws.kinesisvideo.http

Class HostnameVerifyingX509ExtendedTrustManager

java.lang.Object

javax.net.ssl.X509ExtendedTrustManager

com.amazonaws.kinesisvideo.http.HostnameVerifyingX509ExtendedTrustManager

All Implemented Interfaces:

javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager

public class HostnameVerifyingX509ExtendedTrustManager
extends javax.net.ssl.X509ExtendedTrustManager

Constructor Summary

Constructors

Constructor and Description
HostnameVerifyingX509ExtendedTrustManager(boolean clientSideHostnameVerificationEnabled)

Method Summary

Modifier and Type	Method and Description
void	checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)
void	checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)
void	checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)
void	checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType)
void	checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)
void	checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)
java.security.cert.X509Certificate[]	getAcceptedIssuers()
void	performHostVerification(java.net.InetAddress inetAddress, java.security.cert.X509Certificate certificate) Compares peer's hostname with the one stored in the provided client certificate.
void	performHostVerification(java.lang.String hostAddress, java.lang.String hostName, java.security.cert.X509Certificate certificate) Compares peer's hostname with the one stored in the provided client certificate.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

HostnameVerifyingX509ExtendedTrustManager

public HostnameVerifyingX509ExtendedTrustManager(boolean clientSideHostnameVerificationEnabled)

Method Detail

getAcceptedIssuers

public java.security.cert.X509Certificate[] getAcceptedIssuers()

checkClientTrusted

public void checkClientTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               java.net.Socket socket)
                        throws java.security.cert.CertificateException

Specified by:

checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager

Throws:

java.security.cert.CertificateException

checkServerTrusted

public void checkServerTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               java.net.Socket socket)
                        throws java.security.cert.CertificateException

Specified by:

checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager

Throws:

java.security.cert.CertificateException

checkClientTrusted

public void checkClientTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               javax.net.ssl.SSLEngine engine)
                        throws java.security.cert.CertificateException

Specified by:

checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager

Throws:

java.security.cert.CertificateException

checkServerTrusted

public void checkServerTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               javax.net.ssl.SSLEngine engine)
                        throws java.security.cert.CertificateException

Specified by:

checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager

Throws:

java.security.cert.CertificateException

checkClientTrusted

public void checkClientTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType)
                        throws java.security.cert.CertificateException

Throws:

java.security.cert.CertificateException

checkServerTrusted

public void checkServerTrusted(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType)
                        throws java.security.cert.CertificateException

Throws:

java.security.cert.CertificateException

performHostVerification

public void performHostVerification(java.net.InetAddress inetAddress,
                                    java.security.cert.X509Certificate certificate)
                             throws java.security.cert.CertificateException

Compares peer's hostname with the one stored in the provided client certificate. Performs verification with the help of provided HostnameVerifier.

Parameters:

inetAddress - Peer's inet address.

certificate - Peer's certificate

Throws:

java.security.cert.CertificateException - Thrown if the provided certificate doesn't match the peer hostname.

performHostVerification

public void performHostVerification(java.lang.String hostAddress,
                                    java.lang.String hostName,
                                    java.security.cert.X509Certificate certificate)
                             throws java.security.cert.CertificateException

Compares peer's hostname with the one stored in the provided client certificate. Performs verification with the help of provided HostnameVerifier.

Parameters:

hostAddress - Peer's host address.

hostName - Peer's host name.

certificate - Peer's certificate

Throws:

java.security.cert.CertificateException - Thrown if the provided certificate doesn't match the peer hostname.