Class

play.api.libs.ws.ssl

AlgorithmChecker

Related Doc: package ssl

Permalink

class AlgorithmChecker extends PKIXCertPathChecker

Looks for disabled algorithms in the certificate. This is because some certificates are signed with forgable hashes such as MD2 or MD5, so we can't be certain of their authenticity.

This class is needed because the JDK 1.6 Algorithm checker doesn't give us any way to customize the list of disabled algorithms, and we need to be able to support that.

Also note that we need to check the trust anchor for disabled key sizes, and the CertPath explicitly removes the trust anchor from the chain of certificates. This means we need to check the trust anchor explicitly in the through the CompositeTrustManager.

Source
AlgorithmChecker.scala
Linear Supertypes
PKIXCertPathChecker, Cloneable, CertPathChecker, AnyRef, Any
Ordering
  1. Alphabetic
  2. By inheritance
Inherited
  1. AlgorithmChecker
  2. PKIXCertPathChecker
  3. Cloneable
  4. CertPathChecker
  5. AnyRef
  6. Any
  1. Hide All
  2. Show all
Visibility
  1. Public
  2. All

Instance Constructors

  1. new AlgorithmChecker(signatureConstraints: Set[AlgorithmConstraint], keyConstraints: Set[AlgorithmConstraint])

    Permalink

Value Members

  1. final def !=(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any
  2. final def ##(): Int

    Permalink
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any
  4. final def asInstanceOf[T0]: T0

    Permalink
    Definition Classes
    Any
  5. def check(cert: Certificate, unresolvedCritExts: Collection[String]): Unit

    Permalink

    Checks the algorithms in the given certificate.

    Checks the algorithms in the given certificate. Note that this implementation skips signature checking in a root certificate, as a trusted root cert by definition is in the trust store and doesn't need to be signed.

    Definition Classes
    AlgorithmChecker → PKIXCertPathChecker
  6. def check(arg0: Certificate): Unit

    Permalink
    Definition Classes
    PKIXCertPathChecker → CertPathChecker
    Annotations
    @throws( ... )
  7. def checkKeyAlgorithms(x509Cert: X509Certificate): Unit

    Permalink

    Checks for key algorithms in the certificate and throws CertPathValidatorException if matched.

  8. def checkSignatureAlgorithms(x509Cert: X509Certificate): Unit

    Permalink

    Checks for signature algorithms in the certificate and throws CertPathValidatorException if matched.

  9. def clone(): AnyRef

    Permalink
    Definition Classes
    PKIXCertPathChecker → AnyRef
  10. final def eq(arg0: AnyRef): Boolean

    Permalink
    Definition Classes
    AnyRef
  11. def equals(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any
  12. def finalize(): Unit

    Permalink
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )
  13. def findKeyConstraint(algorithm: String): Option[AlgorithmConstraint]

    Permalink
  14. def findSignatureConstraint(algorithm: String): Option[AlgorithmConstraint]

    Permalink
  15. final def getClass(): Class[_]

    Permalink
    Definition Classes
    AnyRef → Any
  16. def getCommonName(cert: X509Certificate): String

    Permalink

    Useful way to get certificate info without getting spammed with data.

  17. def getSupportedExtensions(): Set[String]

    Permalink
    Definition Classes
    AlgorithmChecker → PKIXCertPathChecker
  18. def hashCode(): Int

    Permalink
    Definition Classes
    AnyRef → Any
  19. def infoOnSunset(x509Cert: X509Certificate, expirationDate: DateTime): Unit

    Permalink
  20. def init(forward: Boolean): Unit

    Permalink
    Definition Classes
    AlgorithmChecker → PKIXCertPathChecker → CertPathChecker
  21. def isForwardCheckingSupported(): Boolean

    Permalink
    Definition Classes
    AlgorithmChecker → PKIXCertPathChecker → CertPathChecker
  22. final def isInstanceOf[T0]: Boolean

    Permalink
    Definition Classes
    Any
  23. val keyConstraints: Set[AlgorithmConstraint]

    Permalink
  24. final def ne(arg0: AnyRef): Boolean

    Permalink
    Definition Classes
    AnyRef
  25. final def notify(): Unit

    Permalink
    Definition Classes
    AnyRef
  26. final def notifyAll(): Unit

    Permalink
    Definition Classes
    AnyRef
  27. val signatureConstraints: Set[AlgorithmConstraint]

    Permalink
  28. def sunsetSHA1SignatureAlgorithm(x509Cert: X509Certificate): Unit

    Permalink

    Logs an info or warning message to sunset a SHA-1 certificate, based on Google's recommendations.

    Logs an info or warning message to sunset a SHA-1 certificate, based on Google's recommendations.

  29. final def synchronized[T0](arg0: ⇒ T0): T0

    Permalink
    Definition Classes
    AnyRef
  30. def toString(): String

    Permalink
    Definition Classes
    AnyRef → Any
  31. final def wait(): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  32. final def wait(arg0: Long, arg1: Int): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  33. final def wait(arg0: Long): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  34. def warnOnSunset(x509Cert: X509Certificate, expirationDate: DateTime): Unit

    Permalink

Inherited from PKIXCertPathChecker

Inherited from Cloneable

Inherited from CertPathChecker

Inherited from AnyRef

Inherited from Any

Ungrouped