Class BadCertHandler

  • All Implemented Interfaces:
    java.lang.Runnable

    public abstract class BadCertHandler
    extends java.lang.Object
    implements java.lang.Runnable
    BadAuthHandler interface enables arbitrary certificate authentication from a NSS cert auth hook. Notably, the return code from check should be a PRErrorCode, else 0. This will be used by NSS to determine the alert to send when closing the connection (in the event of an error). The concern here is that, when this is invoked synchronously, we're called from NSS as called by Java. Certain operations may or may not succeed or work as expected (such as raising an exception, acquiring locks already held, etc.).
    • Field Summary

      Fields 
      Modifier and Type Field Description
      int error
      When invoked via run(), the error code to pass to the check operation.
      boolean finished
      Whether or not the check operation has been executed yet, when invoked via run().
      int result
      When invoked via run(), the result of the check operation.
    • Constructor Summary

      Constructors 
      Constructor Description
      BadCertHandler​(SSLFDProxy fd, int error)
      Constructor to store SSLFDProxy, error information.
    • Method Summary

      All Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      abstract int check​(SSLFDProxy fd, int error)
      Returns the PRErrorCode the error validating certificate auth, else 0.
      void run()  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • error

        public int error
        When invoked via run(), the error code to pass to the check operation.
      • result

        public int result
        When invoked via run(), the result of the check operation.
      • finished

        public boolean finished
        Whether or not the check operation has been executed yet, when invoked via run().
    • Constructor Detail

      • BadCertHandler

        public BadCertHandler​(SSLFDProxy fd,
                              int error)
        Constructor to store SSLFDProxy, error information. This is useful for implementations which expect to be used via the Runnable interface, instead of called via the synchronous certificate authentication hook in NSS.
    • Method Detail

      • check

        public abstract int check​(SSLFDProxy fd,
                                  int error)
        Returns the PRErrorCode the error validating certificate auth, else 0. Note that it is up to the implementer to fetch the certificates (via SSL.PeerCertificateChain(ssl_fd)) and validate them properly. Note that returning 0 here means SECis returned
      • run

        public void run()
        Specified by:
        run in interface java.lang.Runnable