EnhancingX509ExtendedTrustManager Class — netty Architecture

Architecture documentation for the EnhancingX509ExtendedTrustManager class in EnhancingX509ExtendedTrustManager.java from the netty codebase.

Class java

Entity Profile

Dependency Diagram

graph TD
  c5d2be08_7d10_3353_b854_1b0eee00afa0["EnhancingX509ExtendedTrustManager"]
  f62f442f_06ad_b026_feed_262f1225047c["EnhancingX509ExtendedTrustManager.java"]
  c5d2be08_7d10_3353_b854_1b0eee00afa0 -->|defined in| f62f442f_06ad_b026_feed_262f1225047c
  2c5ac77e_291c_f472_a5c8_30076b80f389["EnhancingX509ExtendedTrustManager()"]
  c5d2be08_7d10_3353_b854_1b0eee00afa0 -->|method| 2c5ac77e_291c_f472_a5c8_30076b80f389
  c9ec471a_d240_2cbf_fddc_0146f7d1f102["checkClientTrusted()"]
  c5d2be08_7d10_3353_b854_1b0eee00afa0 -->|method| c9ec471a_d240_2cbf_fddc_0146f7d1f102
  7cb09430_ae31_2f23_9ea0_20866ef3f4bf["checkServerTrusted()"]
  c5d2be08_7d10_3353_b854_1b0eee00afa0 -->|method| 7cb09430_ae31_2f23_9ea0_20866ef3f4bf
  fe325a82_54fa_8fcb_6347_a85659a94ef3["getAcceptedIssuers()"]
  c5d2be08_7d10_3353_b854_1b0eee00afa0 -->|method| fe325a82_54fa_8fcb_6347_a85659a94ef3
  2eeb261a_bf22_8fb6_3cda_596b5ab85a9f["throwEnhancedCertificateException()"]
  c5d2be08_7d10_3353_b854_1b0eee00afa0 -->|method| 2eeb261a_bf22_8fb6_3cda_596b5ab85a9f
  6e8b10cb_ec1a_f08a_e4d5_84ac7850db3c["String()"]
  c5d2be08_7d10_3353_b854_1b0eee00afa0 -->|method| 6e8b10cb_ec1a_f08a_e4d5_84ac7850db3c

Relationship Graph

Source Code

handler/src/main/java/io/netty/handler/ssl/EnhancingX509ExtendedTrustManager.java lines 40–195

final class EnhancingX509ExtendedTrustManager extends X509ExtendedTrustManager {

    // Constants for subject alt names of type DNS and IP. See X509Certificate#getSubjectAlternativeNames() javadocs.
    static final int ALTNAME_DNS = 2;
    static final int ALTNAME_URI = 6;
    static final int ALTNAME_IP = 7;
    private static final String SEPARATOR = ", ";

    private final X509ExtendedTrustManager wrapped;

    EnhancingX509ExtendedTrustManager(X509TrustManager wrapped) {
        this.wrapped = (X509ExtendedTrustManager) wrapped;
    }

    @Override
    public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket)
            throws CertificateException {
        wrapped.checkClientTrusted(chain, authType, socket);
    }

    @Override
    public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket)
            throws CertificateException {
        try {
            wrapped.checkServerTrusted(chain, authType, socket);
        } catch (CertificateException e) {
            throwEnhancedCertificateException(e, chain,
                    socket instanceof SSLSocket ? ((SSLSocket) socket).getHandshakeSession() : null);
        }
    }

    @Override
    public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine)
            throws CertificateException {
        wrapped.checkClientTrusted(chain, authType, engine);
    }

    @Override
    public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine)
            throws CertificateException {
        try {
            wrapped.checkServerTrusted(chain, authType, engine);
        } catch (CertificateException e) {
            throwEnhancedCertificateException(e, chain, engine != null ? engine.getHandshakeSession() : null);
        }
    }

    @Override
    public void checkClientTrusted(X509Certificate[] chain, String authType)
            throws CertificateException {
        wrapped.checkClientTrusted(chain, authType);
    }

    @Override
    public void checkServerTrusted(X509Certificate[] chain, String authType)
            throws CertificateException {
        try {
            wrapped.checkServerTrusted(chain, authType);
        } catch (CertificateException e) {
            throwEnhancedCertificateException(e, chain, null);
        }
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return wrapped.getAcceptedIssuers();
    }

    private static void throwEnhancedCertificateException(CertificateException e, X509Certificate[] chain,
                                                          SSLSession session) throws CertificateException {
        // Matching the message is the best we can do sadly.
        String message = e.getMessage();
        if (message != null &&
                (message.startsWith("No subject alternative") || message.startsWith("No name matching"))) {
            StringBuilder sb = new StringBuilder(128);
            sb.append(message);
            // Some exception messages from sun.security.util.HostnameChecker may end with a dot that we don't need
            if (message.charAt(message.length() - 1) == '.') {
                sb.setLength(sb.length() - 1);
            }
            if (session != null) {

Defined In

handler/src/main/java/io/netty/handler/ssl/EnhancingX509ExtendedTrustManager.java

Source

View on GitHub

Frequently Asked Questions

What is the EnhancingX509ExtendedTrustManager class?

EnhancingX509ExtendedTrustManager is a class in the netty codebase, defined in handler/src/main/java/io/netty/handler/ssl/EnhancingX509ExtendedTrustManager.java.

Where is EnhancingX509ExtendedTrustManager defined?

EnhancingX509ExtendedTrustManager is defined in handler/src/main/java/io/netty/handler/ssl/EnhancingX509ExtendedTrustManager.java at line 40.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free