X509Certificate - Code Search

okhttp/src/commonJvmAndroid/kotlin/okhttp3/internal/tls/BasicTrustRootIndex.kt

 */
package okhttp3.internal.tls

import java.security.cert.X509Certificate
import javax.security.auth.x500.X500Principal

/** A simple index that of trusted root certificates that have been loaded into memory. */
class BasicTrustRootIndex(
  vararg caCerts: X509Certificate,
) : TrustRootIndex {
  private val subjectToCaCerts: Map<X500Principal, Set<X509Certificate>>

  init {

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Wed Mar 19 19:25:20 UTC 2025

- 1.8K bytes

- Viewed (0)

github.com/square/okhttp

okhttp-tls/src/main/kotlin/okhttp3/tls/internal/InsecureExtendedTrustManager.kt

    chain: Array<out X509Certificate>,
    authType: String?,
  ) = throw CertificateException("Unsupported operation")

  override fun checkClientTrusted(
    chain: Array<out X509Certificate>,
    authType: String,
    engine: SSLEngine?,
  ) = throw CertificateException("Unsupported operation")

  override fun checkClientTrusted(
    chain: Array<out X509Certificate>,
    authType: String,
    socket: Socket?,

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Thu Jul 31 04:18:40 UTC 2025

- 2.7K bytes

- Viewed (0)

github.com/square/okhttp

okhttp/src/commonJvmAndroid/kotlin/okhttp3/internal/tls/OkHostnameVerifier.kt

  ): Boolean =
    if (!host.isAscii()) {
      false
    } else {
      try {
        verify(host, session.peerCertificates[0] as X509Certificate)
      } catch (_: SSLException) {
        false
      }
    }

  fun verify(
    host: String,
    certificate: X509Certificate,
  ): Boolean =
    when {
      host.canParseAsIpAddress() -> verifyIpAddress(host, certificate)

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Wed Mar 19 19:25:20 UTC 2025

- 7.6K bytes

- Viewed (0)

github.com/square/okhttp

android-test/src/androidTest/java/okhttp/android/test/OkHttpTest.kt

        override fun checkClientTrusted(
          chain: Array<out X509Certificate>?,
          authType: String?,
        ) {}

        override fun checkServerTrusted(
          chain: Array<out X509Certificate>?,
          authType: String?,
        ) {}

        override fun getAcceptedIssuers(): Array<X509Certificate> = arrayOf()
      }

    val sslContext =

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Sat Aug 02 14:12:28 UTC 2025

- 29K bytes

- Viewed (0)

github.com/square/okhttp

okhttp-tls/src/main/kotlin/okhttp3/tls/Certificates.kt

 * -----END CERTIFICATE-----
 * ```
 */
fun String.decodeCertificatePem(): X509Certificate {
  try {
    val certificateFactory = CertificateFactory.getInstance("X.509")
    val certificates =
      certificateFactory
        .generateCertificates(
          Buffer().writeUtf8(this).inputStream(),
        )

    return certificates.single() as X509Certificate
  } catch (nsee: NoSuchElementException) {

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Wed Mar 19 19:25:20 UTC 2025

- 2.8K bytes

- Viewed (0)

github.com/square/okhttp

okhttp-tls/src/main/kotlin/okhttp3/tls/HandshakeCertificates.kt

    }

  class Builder {
    private var heldCertificate: HeldCertificate? = null
    private var intermediates: Array<X509Certificate>? = null
    private val trustedCertificates = mutableListOf<X509Certificate>()
    private val insecureHosts = mutableListOf<String>()

    /**
     * Configure the certificate chain to use when being authenticated. The first certificate is

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Sat May 10 11:15:14 UTC 2025

- 8.4K bytes

- Viewed (0)

github.com/square/okhttp

okhttp/src/commonJvmAndroid/kotlin/okhttp3/internal/tls/TrustRootIndex.kt

 * limitations under the License.
 */
package okhttp3.internal.tls

import java.security.cert.X509Certificate

fun interface TrustRootIndex {
  /** Returns the trusted CA certificate that signed [cert]. */
  fun findByIssuerAndSignature(cert: X509Certificate): X509Certificate?

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Fri Dec 27 13:39:56 UTC 2024

- 843 bytes

- Viewed (0)

github.com/square/okhttp

okhttp/src/commonJvmAndroid/kotlin/okhttp3/internal/tls/BasicCertificateChainCleaner.kt

   *     is -1 if signing cert is a lone self-signed certificate.
   */
  private fun verifySignature(
    toVerify: X509Certificate,
    signingCert: X509Certificate,
    minIntermediates: Int,
  ): Boolean {
    if (toVerify.issuerDN != signingCert.subjectDN) {
      return false
    }
    if (signingCert.basicConstraints < minIntermediates) {

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Wed Mar 19 19:25:20 UTC 2025

- 4.8K bytes

- Viewed (0)

github.com/square/okhttp

okhttp-testing-support/src/main/kotlin/okhttp3/FakeSSLSession.kt

import java.security.Principal
import java.security.cert.Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.SSLSession
import javax.net.ssl.SSLSessionContext
import javax.security.cert.X509Certificate

class FakeSSLSession(
  vararg val certificates: Certificate,
) : SSLSession {
  override fun getApplicationBufferSize(): Int = throw UnsupportedOperationException()

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Wed Mar 19 19:25:20 UTC 2025

- 3.1K bytes

- Viewed (0)

github.com/square/okhttp

okhttp/src/androidMain/kotlin/okhttp3/internal/platform/AndroidPlatform.kt

      // private TrustAnchor findTrustAnchorByIssuerAndSignature(X509Certificate lastCert);
      val method =
        trustManager.javaClass.getDeclaredMethod(
          "findTrustAnchorByIssuerAndSignature",
          X509Certificate::class.java,
        )
      method.isAccessible = true
      CustomTrustRootIndex(trustManager, method)

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Thu May 29 16:52:38 UTC 2025

- 6.5K bytes

- Viewed (0)

Search Options