Android APIs
public class

X509TrustManagerExtensions

extends Object
java.lang.Object
   ↳ android.net.http.X509TrustManagerExtensions

Class Overview

X509TrustManager wrapper exposing Android-added features.

The checkServerTrusted method allows callers to perform additional verification of certificate chains after they have been successfully verified by the platform.

Summary

Public Constructors
X509TrustManagerExtensions(X509TrustManager tm)
Constructs a new X509TrustManagerExtensions wrapper.
Public Methods
List<X509Certificate> checkServerTrusted(X509Certificate[] chain, String authType, String host)
Verifies the given certificate chain.
boolean isUserAddedCertificate(X509Certificate cert)
Checks whether a CA certificate is added by an user.
[Expand]
Inherited Methods
From class java.lang.Object

Public Constructors

public X509TrustManagerExtensions (X509TrustManager tm)

Added in API level 17

Constructs a new X509TrustManagerExtensions wrapper.

Parameters
tm X509TrustManager: A X509TrustManager as returned by TrustManagerFactory.getInstance();
Throws
IllegalArgumentException If tm is an unsupported TrustManager type.

Public Methods

public List<X509Certificate> checkServerTrusted (X509Certificate[] chain, String authType, String host)

Added in API level 17

Verifies the given certificate chain.

See checkServerTrusted(X509Certificate[], String) for a description of the chain and authType parameters. The final parameter, host, should be the hostname of the server.

Parameters
chain X509Certificate
authType String
host String
Returns
List<X509Certificate> the properly ordered chain used for verification as a list of X509Certificates.
Throws
CertificateException if the chain does not verify correctly.

public boolean isUserAddedCertificate (X509Certificate cert)

Added in API level 21

Checks whether a CA certificate is added by an user.

Since checkServerTrusted(X509Certificate[], String) allows its parameter chain to chain up to user-added CA certificates, this method can be used to perform additional policies for user-added CA certificates.

Parameters
cert X509Certificate
Returns
boolean true to indicate that the certificate was added by the user, false otherwise.