X509Certificate - Code Search

okhttp/src/commonJvmAndroid/kotlin/okhttp3/internal/tls/TrustRootIndex.kt

 * limitations under the License.
 */
package okhttp3.internal.tls

import java.security.cert.X509Certificate

fun interface TrustRootIndex {
  /** Returns the trusted CA certificate that signed [cert]. */
  fun findByIssuerAndSignature(cert: X509Certificate): X509Certificate?

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Fri Dec 27 13:39:56 UTC 2024

- 843 bytes

- Viewed (0)

github.com/square/okhttp

okhttp/src/commonJvmAndroid/kotlin/okhttp3/internal/tls/BasicCertificateChainCleaner.kt

   *     is -1 if signing cert is a lone self-signed certificate.
   */
  private fun verifySignature(
    toVerify: X509Certificate,
    signingCert: X509Certificate,
    minIntermediates: Int,
  ): Boolean {
    if (toVerify.issuerDN != signingCert.subjectDN) {
      return false
    }
    if (signingCert.basicConstraints < minIntermediates) {

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Wed Mar 19 19:25:20 UTC 2025

- 4.8K bytes

- Viewed (0)

github.com/square/okhttp

okhttp-testing-support/src/main/kotlin/okhttp3/FakeSSLSession.kt

import java.security.Principal
import java.security.cert.Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.SSLSession
import javax.net.ssl.SSLSessionContext
import javax.security.cert.X509Certificate

class FakeSSLSession(
  vararg val certificates: Certificate,
) : SSLSession {
  override fun getApplicationBufferSize(): Int = throw UnsupportedOperationException()

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Wed Mar 19 19:25:20 UTC 2025

- 3.1K bytes

- Viewed (0)

github.com/square/okhttp

okhttp-tls/src/main/kotlin/okhttp3/tls/internal/der/Certificate.kt

    }
  }

  fun toX509Certificate(): X509Certificate {
    val data = CertificateAdapters.certificate.toDer(this)
    try {
      val certificateFactory = CertificateFactory.getInstance("X.509")
      val certificates = certificateFactory.generateCertificates(Buffer().write(data).inputStream())
      return certificates.single() as X509Certificate
    } catch (e: NoSuchElementException) {

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Mon Jan 08 01:13:22 UTC 2024

- 6.4K bytes

- Viewed (0)

github.com/square/okhttp

okhttp/src/jvmTest/kotlin/okhttp3/internal/tls/HostnameVerifierTest.kt

    assertThat("www.nintendo.co.jp".canParseAsIpAddress()).isFalse()
  }

  private fun certificate(certificate: String): X509Certificate =
    CertificateFactory
      .getInstance("X.509")
      .generateCertificate(ByteArrayInputStream(certificate.toByteArray()))
      as X509Certificate

  private fun session(certificate: String): SSLSession = FakeSSLSession(certificate(certificate))

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Wed Mar 19 19:25:20 UTC 2025

- 40.4K bytes

- Viewed (0)

github.com/square/okhttp

okhttp-tls/src/main/kotlin/okhttp3/tls/internal/TlsUtil.kt

 * limitations under the License.
 */
package okhttp3.tls.internal

import java.io.InputStream
import java.security.KeyStore
import java.security.cert.Certificate
import java.security.cert.X509Certificate
import javax.net.ssl.KeyManagerFactory
import javax.net.ssl.TrustManagerFactory
import javax.net.ssl.X509ExtendedTrustManager
import javax.net.ssl.X509KeyManager
import javax.net.ssl.X509TrustManager

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Wed Mar 19 19:25:20 UTC 2025

- 4.3K bytes

- Viewed (1)

github.com/square/okhttp

okhttp/src/androidMain/kotlin/okhttp3/internal/platform/AndroidPlatform.kt

      // private TrustAnchor findTrustAnchorByIssuerAndSignature(X509Certificate lastCert);
      val method =
        trustManager.javaClass.getDeclaredMethod(
          "findTrustAnchorByIssuerAndSignature",
          X509Certificate::class.java,
        )
      method.isAccessible = true
      CustomTrustRootIndex(trustManager, method)

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Thu May 29 16:52:38 UTC 2025

- 6.5K bytes

- Viewed (0)

github.com/square/okhttp

okhttp/src/commonJvmAndroid/kotlin/okhttp3/internal/tls/CertificateChainCleaner.kt

 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */
package okhttp3.internal.tls

import java.security.cert.Certificate
import java.security.cert.X509Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.X509TrustManager
import okhttp3.internal.platform.Platform

/**

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Wed Mar 19 19:25:20 UTC 2025

- 2K bytes

- Viewed (0)

github.com/square/okhttp

okhttp/src/androidMain/kotlin/okhttp3/internal/platform/android/AndroidCertificateChainCleaner.kt

import android.net.http.X509TrustManagerExtensions
import java.lang.IllegalArgumentException
import java.security.cert.Certificate
import java.security.cert.CertificateException
import java.security.cert.X509Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.X509TrustManager
import okhttp3.internal.SuppressSignatureCheck
import okhttp3.internal.tls.CertificateChainCleaner

/**

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Fri Dec 27 13:39:56 UTC 2024

- 2.7K bytes

- Viewed (0)

github.com/square/okhttp

okhttp/src/commonJvmAndroid/kotlin/okhttp3/CertificatePinner.kt

  ) = check(hostname) {
    (certificateChainCleaner?.clean(peerCertificates, hostname) ?: peerCertificates)
      .map { it as X509Certificate }
  }

  internal fun check(
    hostname: String,
    cleanedPeerCertificatesFn: () -> List<X509Certificate>,
  ) {
    val pins = findMatchingPins(hostname)
    if (pins.isEmpty()) return

    val peerCertificates = cleanedPeerCertificatesFn()

Registered: Fri Sep 05 11:42:10 UTC 2025

- Last Modified: Wed Mar 19 19:25:20 UTC 2025

- 14.1K bytes

- Viewed (1)

Search Options