我正在尝试用 Javascript 实现我自己的 TrustManager,但我不知道如何实现它。
在Java中我有以下内容:
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
}
};
我尝试对 X509TrustManager 使用以下内容:
js> obj = { getAcceptedIssuers : function() { return null; }, checkClientTrusted: function() { }, checkServerTrusted: function() { } }
[object Object]
js> x509tm = new javax.net.ssl.X509TrustManager(obj)
adapter1@2eee9593
js>
然后我不知道如何创建TrustManager。如何在 Javascript 中执行此操作(Rhino 1.6 发布 7 2008 01 02)?
经过几个小时,我终于成功实现了。
这是与上述Java部分对应的代码:
obj = { getAcceptedIssuers : function() { return null; }, checkClientTrusted: function() { return; }, checkServerTrusted: function() { return; } };
var o = new JavaAdapter(javax.net.ssl.X509TrustManager, obj);
var oo = new Array();
oo.push(o);
然后使用它,一切就变得简单了:
var sc = javax.net.ssl.SSLContext.getInstance("SSL");
sc.init(null, oo, new java.security.SecureRandom());
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
希望这对遇到同样情况的人有帮助。
扩展 user2360915 的答案,在 Rhino 中扩展类的另一种方法是使用以下格式:
new ClassType({NewFunction:function(){}})
例如:
var HNV = new javax.net.ssl.HostnameVerifier({ verify:function(hostname,session){return true;} });
这会产生与 user2360915 略有不同的初始方法(尽管它需要相同的数组解决方案才能工作):
var ExtendedTrustManager = new javax.net.ssl.X509TrustManager({accepted:null,checkClientTrusted:function(xcs, string){},checkServerTrusted:function(xcs, string){this.accepted = xcs;},getAcceptedIssuers:function(){return this.accepted;}});
var TMArray = new Array();
TMArray.push(ExtendedTrustManager);
用于 Mirth 的完整代码改编自 https://nakov.com/blog/2009/07/16/disable-certificate-validation-in-java-ssl-connections/
// Create a trust manager that does not validate certificate chains
obj = { getAcceptedIssuers : function() { return null; }, checkClientTrusted: function() { return; }, checkServerTrusted: function() { return; } };
var o = new JavaAdapter(javax.net.ssl.X509TrustManager, obj);
var oo = new Array();
oo.push(o);
// Install the all-trusting trust manager
var sc = javax.net.ssl.SSLContext.getInstance("SSL");
sc.init(null, oo, new java.security.SecureRandom());
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// Create all-trusting host name verifier
var allHostsValid = new javax.net.ssl.HostnameVerifier() {
verify: function(hostname, session) {
return true;
}
};
// Install the all-trusting host verifier
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);