Package org.bouncycastle.est.jcajce
Class JsseDefaultHostnameAuthorizer
java.lang.Object
org.bouncycastle.est.jcajce.JsseDefaultHostnameAuthorizer
- All Implemented Interfaces:
JsseHostnameAuthorizer
A typical hostname authorizer for verifying a hostname against the available certificates.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic booleanisValidNameMatch(String name, String dnsName, Set<String> suffixes) booleanverified(String name, SSLSession context) Verify the passed in host name according to the context object.booleanverify(String name, X509Certificate cert)
-
Constructor Details
-
JsseDefaultHostnameAuthorizer
Base constructor.The authorizer attempts to perform matching (including the use of the wildcard) in accordance with RFC 6125.
Known suffixes is a list of public domain suffixes that can't be used as wild cards for example *.com, or c*c.com, as a dns wildcard could match every/most .com domains if a registrar were issue it. If *.com is in the known suffixes list will not be allowed to match.
- Parameters:
knownSuffixes- a set of suffixes that cannot be wild-carded, e.g. { ".com", ".net", ".org" }
-
-
Method Details
-
verified
Description copied from interface:JsseHostnameAuthorizerVerify the passed in host name according to the context object.- Specified by:
verifiedin interfaceJsseHostnameAuthorizer- Parameters:
name- name of the host to be verified.context- context object to do the verification under.- Returns:
- true if name verified, false otherwise.
- Throws:
IOException
-
verify
- Throws:
IOException
-
isValidNameMatch
public static boolean isValidNameMatch(String name, String dnsName, Set<String> suffixes) throws IOException - Throws:
IOException
-