diff options
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/tls/MutableX509TrustManager.java')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/MutableX509TrustManager.java | 70 |
1 files changed, 0 insertions, 70 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/MutableX509TrustManager.java b/security-utils/src/main/java/com/yahoo/security/tls/MutableX509TrustManager.java deleted file mode 100644 index ed424480d26..00000000000 --- a/security-utils/src/main/java/com/yahoo/security/tls/MutableX509TrustManager.java +++ /dev/null @@ -1,70 +0,0 @@ -// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.security.tls; - -import javax.net.ssl.SSLEngine; -import javax.net.ssl.X509ExtendedTrustManager; -import java.net.Socket; -import java.security.KeyStore; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; - -/** - * A {@link X509ExtendedTrustManager} which can be updated with new CA certificates while in use. - * - * @author bjorncs - */ -public class MutableX509TrustManager extends X509ExtendedTrustManager { - - private volatile X509ExtendedTrustManager currentManager; - - public MutableX509TrustManager(KeyStore truststore) { - this.currentManager = TrustManagerUtils.createDefaultX509TrustManager(truststore); - } - - public MutableX509TrustManager() { - this.currentManager = TrustManagerUtils.createDefaultX509TrustManager(); - } - - public void updateTruststore(KeyStore truststore) { - this.currentManager = TrustManagerUtils.createDefaultX509TrustManager(truststore); - } - - public void useDefaultTruststore() { - this.currentManager = TrustManagerUtils.createDefaultX509TrustManager(); - } - - @Override - public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { - currentManager.checkClientTrusted(chain, authType); - } - - @Override - public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { - currentManager.checkServerTrusted(chain, authType); - } - - @Override - public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket) throws CertificateException { - currentManager.checkClientTrusted(chain, authType, socket); - } - - @Override - public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket) throws CertificateException { - currentManager.checkServerTrusted(chain, authType, socket); - } - - @Override - public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine sslEngine) throws CertificateException { - currentManager.checkClientTrusted(chain, authType, sslEngine); - } - - @Override - public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine sslEngine) throws CertificateException { - currentManager.checkServerTrusted(chain, authType, sslEngine); - } - - @Override - public X509Certificate[] getAcceptedIssuers() { - return currentManager.getAcceptedIssuers(); - } -} |