import java.security.cert.Certificate
import java.security.cert.CertificateException
import java.security.cert.X509Certificate
import javax.net.ssl.X509TrustManager

/** This extends [X509TrustManager] for Android to disable verification for a set of hosts. */
internal class InsecureAndroidTrustManager(
  private val delegate: X509TrustManager,
  private val insecureHosts: List<String>,
) : X509TrustManager {

      }
    )
  })

  api(libs.hamcrestLibrary)
  api(libs.junit.jupiter.api)
  api(libs.junit.jupiter.params)

  api(libs.junit.pioneer)

  compileOnly(libs.robolectric.android)

  testImplementation(libs.kotlin.test.common)
  testImplementation(libs.kotlin.test.junit)
}

animalsniffer {
  isIgnoreFailures = true

      apply {
        this.trustedCertificates += certificate
      }

    /**
     * Add all of the host platform's trusted root certificates. This set varies by platform
     * (Android vs. Java), by platform release (Android 4.4 vs. Android 9), and with user
     * customizations.
     *
     * Most TLS clients that connect to hosts on the public Internet should call this method.

------------------------

_2018-07-12_

Added a new extra strict RESTRICTED_TLS configuration inspired by [Google Cloud’s similar policy][googlecloud_ssl_policy]. It is appropriate when both the host platform
(JVM/Conscrypt/Android) and target webserver are current.

##### RESTRICTED_TLS cipher suites

 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp.regression;

import android.os.Build;
import androidx.test.ext.junit.runners.AndroidJUnit4;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;

    assertThat(verifier.verify("bar.com", session)).isTrue()
    assertThat(verifier.verify("a.bar.com", session)).isFalse()
  }

  /**
   * Ignored due to incompatibilities between Android and Java on how non-ASCII subject alt names
   * are parsed. Android fails to parse these, which means we fall back to the CN. The RI does parse
   * them, so the CN is unused.
   */
  @Test fun verifyNonAsciiSubjectAlt() {
    // Expecting actual:

 * here. Cipher suites that are not available on either Android (through API level 24) or Java
 * (through JDK 9) are omitted for brevity.
 *
 * See [Android SSLEngine][sslengine] which lists the cipher suites supported by Android.
 *
 * See [JDK Providers][oracle_providers] which lists the cipher suites supported by Oracle.
 *

  - [Java Applications](https://docs.gradle.org/current/samples/sample_building_java_applications.html)
  - [Java Modules](https://docs.gradle.org/current/samples/sample_java_modules_multi_project.html)
  - [Android Apps](https://developer.android.com/studio/build/index.html)
  - [Groovy Applications](https://docs.gradle.org/current/samples/sample_building_groovy_applications.html)

import static java.lang.annotation.ElementType.TYPE;

import java.lang.annotation.Target;
import org.jspecify.annotations.NullMarked;

/**
 * Disables Animal Sniffer's checking of compatibility with older versions of Java/Android.
 *
 * <p>Each package's copy of this annotation needs to be listed in our {@code pom.xml}.
 */
@Target({METHOD, CONSTRUCTOR, TYPE, FIELD})
@NullMarked

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3.internal.platform

import android.content.Context
import androidx.startup.Initializer

/**
 * Androidx Startup initializer to ensure that the AndroidPlatform has access to the application context.
 */
class PlatformInitializer : Initializer<Platform> {