42 lines
1.6 KiB
Plaintext
42 lines
1.6 KiB
Plaintext
Validation of X.509 certificates is essential to create secure SSL/TLS sessions not vulnerable to man-in-the-middle attacks.
|
|
|
|
The certificate chain validation includes these steps:
|
|
|
|
* The certificate is issued by its parent Certificate Authority or the root CA trusted by the system.
|
|
* Each CA is allowed to issue certificates.
|
|
* Each certificate in the chain is not expired.
|
|
|
|
This rule raises an issue when an implementation of X509TrustManager is not controlling the validity of the certificate (ie: no exception is raised). Empty implementations of the ``++X509TrustManager++`` interface are often created to disable certificate validation. The correct solution is to provide an appropriate trust store.
|
|
|
|
== Noncompliant Code Example
|
|
|
|
----
|
|
// Create a trust manager that does not validate certificate chains
|
|
val trustAllCerts = arrayOf<TrustManager>(object : X509TrustManager {
|
|
@Throws(CertificateException::class)
|
|
override fun checkClientTrusted(chain: Array<java.security.cert.X509Certificate>, authType: String) {
|
|
} // Noncompliant
|
|
|
|
@Throws(CertificateException::class)
|
|
override fun checkServerTrusted(chain: Array<java.security.cert.X509Certificate>, authType: String) {
|
|
} // Noncompliant
|
|
|
|
override fun getAcceptedIssuers(): Array<java.security.cert.X509Certificate> {
|
|
return arrayOf()
|
|
}
|
|
})
|
|
|
|
// Install the all-trusting trust manager
|
|
val sslContext = SSLContext.getInstance("SSL")
|
|
sslContext.init(null, trustAllCerts, java.security.SecureRandom())
|
|
----
|
|
|
|
== Compliant Solution
|
|
|
|
----
|
|
val sslContext = SSLContext.getInstance("SSL")
|
|
sslContext.init(null, null, java.security.SecureRandom())
|
|
----
|
|
|
|
include::../see.adoc[]
|