sun.security.util: public class: HostnameChecker

sun.security.util
public class: HostnameChecker [javadoc | source]

java.lang.Object
   sun.security.util.HostnameChecker

Class to check hostnames against the names specified in a certificate as required for TLS and LDAP.

Field Summary
public static final byte	TYPE_TLS
public static final byte	TYPE_LDAP

Method from sun.security.util.HostnameChecker Summary:
getInstance, getServerName, getSubjectX500Name, match, match

Methods from java.lang.Object:
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method from sun.security.util.HostnameChecker Detail:
public static HostnameChecker getInstance(byte checkType) { if (checkType == TYPE_TLS) { return INSTANCE_TLS; } else if (checkType == TYPE_LDAP) { return INSTANCE_LDAP; } throw new IllegalArgumentException("Unknown check type: " + checkType); } Get a HostnameChecker instance. checkType should be one of the TYPE_* constants defined in this class.
public static String getServerName(Principal principal) { return Krb5Helper.getPrincipalHostName(principal); } Return the Server name from Kerberos principal.
public static X500Name getSubjectX500Name(X509Certificate cert) throws CertificateParsingException { try { Principal subjectDN = cert.getSubjectDN(); if (subjectDN instanceof X500Name) { return (X500Name)subjectDN; } else { X500Principal subjectX500 = cert.getSubjectX500Principal(); return new X500Name(subjectX500.getEncoded()); } } catch (IOException e) { throw(CertificateParsingException) new CertificateParsingException().initCause(e); } } Return the subject of a certificate as X500Name, by reparsing if necessary. X500Name should only be used if access to name components is required, in other cases X500Principal is to be prefered. This method is currently used from within JSSE, do not remove.
public void match(String expectedName, X509Certificate cert) throws CertificateException { if (isIpAddress(expectedName)) { matchIP(expectedName, cert); } else { matchDNS(expectedName, cert); } } Perform the check.
public static boolean match(String expectedName, Principal principal) { String hostName = getServerName(principal); return (expectedName.equalsIgnoreCase(hostName)); } Perform the check for Kerberos.

Method from sun.security.util.HostnameChecker Detail:

 public static HostnameChecker getInstance(byte checkType) {
        if (checkType == TYPE_TLS) {
            return INSTANCE_TLS;
        } else if (checkType == TYPE_LDAP) {
            return INSTANCE_LDAP;
        }
        throw new IllegalArgumentException("Unknown check type: " + checkType);
}

Get a HostnameChecker instance. checkType should be one of the TYPE_* constants defined in this class.

 public static String getServerName(Principal principal) {
        return Krb5Helper.getPrincipalHostName(principal);
}

Return the Server name from Kerberos principal.

 public static X500Name getSubjectX500Name(X509Certificate cert) throws CertificateParsingException {
        try {
            Principal subjectDN = cert.getSubjectDN();
            if (subjectDN instanceof X500Name) {
                return (X500Name)subjectDN;
            } else {
                X500Principal subjectX500 = cert.getSubjectX500Principal();
                return new X500Name(subjectX500.getEncoded());
            }
        } catch (IOException e) {
            throw(CertificateParsingException)
                new CertificateParsingException().initCause(e);
        }
}

Return the subject of a certificate as X500Name, by reparsing if necessary. X500Name should only be used if access to name components is required, in other cases X500Principal is to be prefered. This method is currently used from within JSSE, do not remove.

 public  void match(String expectedName,
    X509Certificate cert) throws CertificateException {
        if (isIpAddress(expectedName)) {
           matchIP(expectedName, cert);
        } else {
           matchDNS(expectedName, cert);
        }
}

Perform the check.

 public static boolean match(String expectedName,
    Principal principal) {
        String hostName = getServerName(principal);
        return (expectedName.equalsIgnoreCase(hostName));
}

Perform the check for Kerberos.