Loading core/java/android/net/http/X509TrustManagerExtensions.java +5 −28 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ package android.net.http; import android.annotation.SystemApi; import android.security.net.config.UserCertificateSource; import com.android.org.conscrypt.TrustManagerImpl; Loading @@ -43,7 +44,6 @@ public class X509TrustManagerExtensions { // Methods to use when mDelegate is not a TrustManagerImpl and duck typing is being used. private final X509TrustManager mTrustManager; private final Method mCheckServerTrusted; private final Method mIsUserAddedCertificate; private final Method mIsSameTrustConfiguration; /** Loading @@ -57,7 +57,6 @@ public class X509TrustManagerExtensions { mDelegate = (TrustManagerImpl) tm; mTrustManager = null; mCheckServerTrusted = null; mIsUserAddedCertificate = null; mIsSameTrustConfiguration = null; return; } Loading @@ -74,14 +73,6 @@ public class X509TrustManagerExtensions { throw new IllegalArgumentException("Required method" + " checkServerTrusted(X509Certificate[], String, String, String) missing"); } // Check that isUserAddedCertificate is present. try { mIsUserAddedCertificate = tm.getClass().getMethod("isUserAddedCertificate", X509Certificate.class); } catch (NoSuchMethodException e) { throw new IllegalArgumentException( "Required method isUserAddedCertificate(X509Certificate) missing"); } // Get the option isSameTrustConfiguration method. Method isSameTrustConfiguration = null; try { Loading Loading @@ -128,29 +119,15 @@ public class X509TrustManagerExtensions { /** * Checks whether a CA certificate is added by an user. * * <p>Since {@link X509TrustManager#checkServerTrusted} allows its parameter {@code chain} to * <p>Since {@link X509TrustManager#checkServerTrusted} may allow its parameter {@code chain} to * chain up to user-added CA certificates, this method can be used to perform additional * policies for user-added CA certificates. * * @return {@code true} to indicate that the certificate was added by the user, {@code false} * otherwise. * @return {@code true} to indicate that the certificate authority exists in the user added * certificate store, {@code false} otherwise. */ public boolean isUserAddedCertificate(X509Certificate cert) { if (mDelegate != null) { return mDelegate.isUserAddedCertificate(cert); } else { try { return (Boolean) mIsUserAddedCertificate.invoke(mTrustManager, cert); } catch (IllegalAccessException e) { throw new RuntimeException("Failed to call isUserAddedCertificate", e); } catch (InvocationTargetException e) { if (e.getCause() instanceof RuntimeException) { throw (RuntimeException) e.getCause(); } else { throw new RuntimeException("isUserAddedCertificate failed", e.getCause()); } } } return UserCertificateSource.getInstance().findBySubjectAndPublicKey(cert) != null; } /** Loading core/java/android/security/net/config/NetworkSecurityTrustManager.java +0 −9 Original line number Diff line number Diff line Loading @@ -115,15 +115,6 @@ public class NetworkSecurityTrustManager extends X509ExtendedTrustManager { return trustedChain; } /** * Check if the provided certificate is a user added certificate authority. * This is required by android.net.http.X509TrustManagerExtensions. */ public boolean isUserAddedCertificate(X509Certificate cert) { // TODO: Figure out the right way to handle this, and if it is still even used. return false; } private void checkPins(List<X509Certificate> chain) throws CertificateException { PinSet pinSet = mNetworkSecurityConfig.getPins(); if (pinSet.pins.isEmpty() Loading core/java/android/security/net/config/RootTrustManager.java +0 −9 Original line number Diff line number Diff line Loading @@ -131,15 +131,6 @@ public class RootTrustManager extends X509ExtendedTrustManager { return config.getTrustManager().checkServerTrusted(certs, authType, hostname); } /** * Check if the provided certificate is a user added certificate authority. * This is required by android.net.http.X509TrustManagerExtensions. */ public boolean isUserAddedCertificate(X509Certificate cert) { // TODO: Figure out the right way to handle this, and if it is still even used. return false; } @Override public X509Certificate[] getAcceptedIssuers() { // getAcceptedIssuers is meant to be used to determine which trust anchors the server will Loading Loading
core/java/android/net/http/X509TrustManagerExtensions.java +5 −28 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ package android.net.http; import android.annotation.SystemApi; import android.security.net.config.UserCertificateSource; import com.android.org.conscrypt.TrustManagerImpl; Loading @@ -43,7 +44,6 @@ public class X509TrustManagerExtensions { // Methods to use when mDelegate is not a TrustManagerImpl and duck typing is being used. private final X509TrustManager mTrustManager; private final Method mCheckServerTrusted; private final Method mIsUserAddedCertificate; private final Method mIsSameTrustConfiguration; /** Loading @@ -57,7 +57,6 @@ public class X509TrustManagerExtensions { mDelegate = (TrustManagerImpl) tm; mTrustManager = null; mCheckServerTrusted = null; mIsUserAddedCertificate = null; mIsSameTrustConfiguration = null; return; } Loading @@ -74,14 +73,6 @@ public class X509TrustManagerExtensions { throw new IllegalArgumentException("Required method" + " checkServerTrusted(X509Certificate[], String, String, String) missing"); } // Check that isUserAddedCertificate is present. try { mIsUserAddedCertificate = tm.getClass().getMethod("isUserAddedCertificate", X509Certificate.class); } catch (NoSuchMethodException e) { throw new IllegalArgumentException( "Required method isUserAddedCertificate(X509Certificate) missing"); } // Get the option isSameTrustConfiguration method. Method isSameTrustConfiguration = null; try { Loading Loading @@ -128,29 +119,15 @@ public class X509TrustManagerExtensions { /** * Checks whether a CA certificate is added by an user. * * <p>Since {@link X509TrustManager#checkServerTrusted} allows its parameter {@code chain} to * <p>Since {@link X509TrustManager#checkServerTrusted} may allow its parameter {@code chain} to * chain up to user-added CA certificates, this method can be used to perform additional * policies for user-added CA certificates. * * @return {@code true} to indicate that the certificate was added by the user, {@code false} * otherwise. * @return {@code true} to indicate that the certificate authority exists in the user added * certificate store, {@code false} otherwise. */ public boolean isUserAddedCertificate(X509Certificate cert) { if (mDelegate != null) { return mDelegate.isUserAddedCertificate(cert); } else { try { return (Boolean) mIsUserAddedCertificate.invoke(mTrustManager, cert); } catch (IllegalAccessException e) { throw new RuntimeException("Failed to call isUserAddedCertificate", e); } catch (InvocationTargetException e) { if (e.getCause() instanceof RuntimeException) { throw (RuntimeException) e.getCause(); } else { throw new RuntimeException("isUserAddedCertificate failed", e.getCause()); } } } return UserCertificateSource.getInstance().findBySubjectAndPublicKey(cert) != null; } /** Loading
core/java/android/security/net/config/NetworkSecurityTrustManager.java +0 −9 Original line number Diff line number Diff line Loading @@ -115,15 +115,6 @@ public class NetworkSecurityTrustManager extends X509ExtendedTrustManager { return trustedChain; } /** * Check if the provided certificate is a user added certificate authority. * This is required by android.net.http.X509TrustManagerExtensions. */ public boolean isUserAddedCertificate(X509Certificate cert) { // TODO: Figure out the right way to handle this, and if it is still even used. return false; } private void checkPins(List<X509Certificate> chain) throws CertificateException { PinSet pinSet = mNetworkSecurityConfig.getPins(); if (pinSet.pins.isEmpty() Loading
core/java/android/security/net/config/RootTrustManager.java +0 −9 Original line number Diff line number Diff line Loading @@ -131,15 +131,6 @@ public class RootTrustManager extends X509ExtendedTrustManager { return config.getTrustManager().checkServerTrusted(certs, authType, hostname); } /** * Check if the provided certificate is a user added certificate authority. * This is required by android.net.http.X509TrustManagerExtensions. */ public boolean isUserAddedCertificate(X509Certificate cert) { // TODO: Figure out the right way to handle this, and if it is still even used. return false; } @Override public X509Certificate[] getAcceptedIssuers() { // getAcceptedIssuers is meant to be used to determine which trust anchors the server will Loading
