import assertk.assertions.isEqualTo
import assertk.assertions.isFalse
import assertk.assertions.isInstanceOf
import assertk.assertions.isTrue
import java.io.ByteArrayInputStream
import java.security.cert.CertificateFactory
import java.security.cert.X509Certificate
import javax.net.ssl.SSLSession
import javax.security.auth.x500.X500Principal
import okhttp3.FakeSSLSession
import okhttp3.OkHttpClient
import okhttp3.internal.canParseAsIpAddress

    }
    this.subjectToCaCerts = map
  }

  override fun findByIssuerAndSignature(cert: X509Certificate): X509Certificate? {
    val issuer = cert.issuerX500Principal
    val subjectCaCerts = subjectToCaCerts[issuer] ?: return null

    return subjectCaCerts.firstOrNull {
      try {
        cert.verify(it.publicKey)
        return@firstOrNull true
      } catch (_: Exception) {
        return@firstOrNull false

	public final fun -deprecated_certificate ()Ljava/security/cert/X509Certificate;
	public final fun -deprecated_keyPair ()Ljava/security/KeyPair;
	public fun <init> (Ljava/security/KeyPair;Ljava/security/cert/X509Certificate;)V
	public final fun certificate ()Ljava/security/cert/X509Certificate;
	public final fun certificatePem ()Ljava/lang/String;

Telefonnummer eingetragen",badSecurityAnswer:"Sie haben die falsche Antwort auf die Sicherheitsfrage eingegeben",badDate:"Eingabe eines falschen Datums",lengthBadStart:"Der eingegebene Wert muss dazwischen sein ",lengthBadEnd:"  Zeichen",lengthTooLongStart:"Der eingegebene Wert ist größer als ",lengthTooShortStart:"Der eingegebene Wert ist kleiner als ",notConfirmed:"Die Eingaben sind unterschiedlich",badDomain:"Sie haben die falsche Domäne eingetragen",badUrl:"Sie haben nicht die richtige URL eingegeben",...

 * limitations under the License.
 */
package okhttp3.internal.tls

import java.security.cert.X509Certificate

fun interface TrustRootIndex {
  /** Returns the trusted CA certificate that signed [cert]. */
  fun findByIssuerAndSignature(cert: X509Certificate): X509Certificate?

 * the License.
 */
package okhttp3

import java.security.Principal
import java.security.cert.Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.SSLSession
import javax.net.ssl.SSLSessionContext
import javax.security.cert.X509Certificate

class FakeSSLSession(
  vararg val certificates: Certificate,
) : SSLSession {

 * limitations under the License.
 */
package okhttp3.internal.tls

import java.security.GeneralSecurityException
import java.security.cert.Certificate
import java.security.cert.X509Certificate
import java.util.ArrayDeque
import java.util.Deque
import javax.net.ssl.SSLPeerUnverifiedException

/**

          val cert = peerCertificates[0] as X509Certificate
          throw SSLPeerUnverifiedException(
            """
            |Hostname ${address.url.host} not verified:
            |    certificate: ${CertificatePinner.pin(cert)}
            |    DN: ${cert.subjectDN.name}
            |    subjectAltNames: ${OkHostnameVerifier.allSubjectAltNames(cert)}
            """.trimMargin(),
          )

import okhttp3.Protocol;
import okhttp3.Request;
import okhttp3.Response;
import org.junit.Test;
import org.junit.runner.RunWith;

import java.io.IOException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;

/**
 * Simple test adaptable to show a failure in older versions of OkHttp

 * limitations under the License.
 */
package okhttp3.tls.internal

import java.io.InputStream
import java.security.KeyStore
import java.security.cert.Certificate
import java.security.cert.X509Certificate
import javax.net.ssl.KeyManagerFactory
import javax.net.ssl.TrustManagerFactory
import javax.net.ssl.X509ExtendedTrustManager
import javax.net.ssl.X509KeyManager