android/okhttp
1
0
Fork 0
mirror of https://github.com/square/okhttp.git synced 2025-08-08 23:42:08 +03:00
Code Releases Activity

Fail on unencodable keys (#6468)

Browse Source
This commit is contained in:
Yuri Schimke
2020-12-29 01:46:01 +00:00
committed by GitHub
parent 000bb66652
commit 168cbffb6e
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
okhttp-tls/src/main/kotlin/okhttp3/tls/HandshakeCertificates.kt
View File

@@ -30,6 +30,7 @@ import okhttp3.internal.platform.Platform
import okhttp3.internal.toImmutableList
import okhttp3.tls.internal.TlsUtil.newKeyManager
import okhttp3.tls.internal.TlsUtil.newTrustManager
import java.security.KeyStoreException
/**
* Certificates to identify which peers to trust and also to earn the trust of those peers in kind.
@@ -172,6 +173,12 @@ class HandshakeCertificates private constructor(
fun build(): HandshakeCertificates {
val immutableInsecureHosts = insecureHosts.toImmutableList()
val heldCertificate = heldCertificate
if (heldCertificate != null && heldCertificate.keyPair.private.format == null) {
throw KeyStoreException("unable to support unencodable private key")
}
val keyManager = newKeyManager(null, heldCertificate, *(intermediates ?: emptyArray()))
val trustManager = newTrustManager(null, trustedCertificates, immutableInsecureHosts)
return HandshakeCertificates(keyManager, trustManager)