Initial commit for X509TrustManagerExtensions.

    field public static final int SSL_UNTRUSTED = 3; // 0x3

  }

  public class X509TrustManagerExtensions {

    ctor public X509TrustManagerExtensions(javax.net.ssl.X509TrustManager) throws java.lang.IllegalArgumentException;

    method public java.util.List<java.security.cert.X509Certificate> checkServerTrusted(java.security.cert.X509Certificate[], java.lang.String, java.lang.String) throws java.security.cert.CertificateException;

  }

}

package android.net.nsd {

/*

 * Copyright (C) 2012 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.net.http;

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import java.security.KeyManagementException;

import java.util.List;

import javax.net.ssl.X509TrustManager;

import org.apache.harmony.xnet.provider.jsse.TrustManagerImpl;

/**

 * X509TrustManager wrapper exposing Android-added features.

 *

 * <p> The checkServerTrusted method allows callers to perform additional

 * verification of certificate chains after they have been successfully

 * verified by the platform.</p>

 */

public class X509TrustManagerExtensions {

    TrustManagerImpl mDelegate;

    /**

     * Constructs a new X509TrustManagerExtensions wrapper.

     *

     * @param tm A {@link X509TrustManager} as returned by TrustManagerFactory.getInstance();

     * @throws IllegalArgumentException If tm is an unsupported TrustManager type.

     */

    public X509TrustManagerExtensions(X509TrustManager tm) throws IllegalArgumentException {

        if (mDelegate instanceof TrustManagerImpl) {

            mDelegate = (TrustManagerImpl) tm;

        } else {

            throw new IllegalArgumentException("tm is not a supported type of X509TrustManager");

        }

    }

    /**

     * Verifies the given certificate chain.

     *

     * <p>See {@link X509TrustManager#checkServerTrusted(X509Certificate[], String)} for a

     * description of the chain and authType parameters. The final parameter, host, should be the

     * hostname of the server.</p>

     *

     * @throws CertificateException if the chain does not verify correctly.

     * @return the properly ordered chain used for verification as a list of X509Certificates.

     */

    public List<X509Certificate> checkServerTrusted(X509Certificate[] chain, String authType,

                                                    String host) throws CertificateException {

        return mDelegate.checkServerTrusted(chain, authType, host);

    }

}