netty Architecture Docs
Home / Function/ verify() — netty Function Reference

verify() — netty Function Reference

Architecture documentation for the verify() function in BoringSSLCertificateVerifyCallback.java from the netty codebase.

Function java Buffer Allocators calls 1

Entity Profile

Dependency Diagram

graph TD
  6747e14f_2dd2_2bd1_22f3_cbc64acffb1d["verify()"]
  581c64f9_86e3_6d21_7ce3_ec0412545f34["BoringSSLCertificateVerifyCallback"]
  6747e14f_2dd2_2bd1_22f3_cbc64acffb1d -->|defined in| 581c64f9_86e3_6d21_7ce3_ec0412545f34
  0d5e17f0_fb40_7067_6726_34868e4d0460["translateToError()"]
  6747e14f_2dd2_2bd1_22f3_cbc64acffb1d -->|calls| 0d5e17f0_fb40_7067_6726_34868e4d0460
  style 6747e14f_2dd2_2bd1_22f3_cbc64acffb1d fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

codec-classes-quic/src/main/java/io/netty/handler/codec/quic/BoringSSLCertificateVerifyCallback.java lines 51–96

    @SuppressWarnings("unused")
    int verify(long ssl, byte[][] x509, String authAlgorithm) {
        final QuicheQuicSslEngine engine = engineMap.get(ssl);
        if (engine == null) {
            // May be null if it was destroyed in the meantime.
            return BoringSSL.X509_V_ERR_UNSPECIFIED;
        }

        if (manager == null) {
            engineMap.remove(ssl);
            return BoringSSL.X509_V_ERR_UNSPECIFIED;
        }

        X509Certificate[] peerCerts = BoringSSL.certificates(x509);
        try {
            if (engine.getUseClientMode()) {
                if (TRY_USING_EXTENDED_TRUST_MANAGER && manager instanceof X509ExtendedTrustManager) {
                    ((X509ExtendedTrustManager) manager).checkServerTrusted(peerCerts, authAlgorithm, engine);
                } else {
                    manager.checkServerTrusted(peerCerts, authAlgorithm);
                }
            } else {
                if (TRY_USING_EXTENDED_TRUST_MANAGER && manager instanceof X509ExtendedTrustManager) {
                    ((X509ExtendedTrustManager) manager).checkClientTrusted(peerCerts, authAlgorithm, engine);
                } else {
                    manager.checkClientTrusted(peerCerts, authAlgorithm);
                }
            }
            return BoringSSL.X509_V_OK;
        } catch (Throwable cause) {
            engineMap.remove(ssl);
            // Try to extract the correct error code that should be used.
            if (cause instanceof OpenSslCertificateException) {
                // This will never return a negative error code as its validated when constructing the
                // OpenSslCertificateException.
                return ((OpenSslCertificateException) cause).errorCode();
            }
            if (cause instanceof CertificateExpiredException) {
                return BoringSSL.X509_V_ERR_CERT_HAS_EXPIRED;
            }
            if (cause instanceof CertificateNotYetValidException) {
                return BoringSSL.X509_V_ERR_CERT_NOT_YET_VALID;
            }
            return translateToError(cause);
        }
    }

Domain

Subdomains

Defined In

Calls

Source

Frequently Asked Questions

What does verify() do?
verify() is a function in the netty codebase, defined in codec-classes-quic/src/main/java/io/netty/handler/codec/quic/BoringSSLCertificateVerifyCallback.java.
Where is verify() defined?
verify() is defined in codec-classes-quic/src/main/java/io/netty/handler/codec/quic/BoringSSLCertificateVerifyCallback.java at line 51.
What does verify() call?
verify() calls 1 function(s): translateToError.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free