BasicCertificateChainCleaner

java.lang.Object
- okhttp3.internal.tls.CertificateChainCleaner
- - okhttp3.internal.tls.BasicCertificateChainCleaner

```
public final class BasicCertificateChainCleaner
extends CertificateChainCleaner
```
A certificate chain cleaner that uses a set of trusted root certificates to build the trusted chain. This class duplicates the clean chain building performed during the TLS handshake. We prefer other mechanisms where they exist, such as with okhttp3.internal.platform.AndroidPlatform.AndroidCertificateChainCleaner.
This class includes code from Conscrypt's TrustManagerImpl and TrustedCertificateIndex.

Field Summary

Fields
Modifier and Type Field and Description

private static int MAX_SIGNERS
The maximum number of signers in a chain.

private TrustRootIndex trustRootIndex

Fields
Modifier and Type	Field and Description
`private static int`	`MAX_SIGNERS` The maximum number of signers in a chain.
`private TrustRootIndex`	`trustRootIndex`

Constructor Summary

Constructors
Constructor and Description

BasicCertificateChainCleaner(TrustRootIndex trustRootIndex)

Constructors
Constructor and Description
`BasicCertificateChainCleaner(TrustRootIndex trustRootIndex)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`java.util.List<java.security.cert.Certificate>`	`clean(java.util.List<java.security.cert.Certificate> chain, java.lang.String hostname)` Returns a cleaned chain for `chain`.
`boolean`	`equals(java.lang.Object other)`
`int`	`hashCode()`
`private boolean`	`verifySignature(java.security.cert.X509Certificate toVerify, java.security.cert.X509Certificate signingCert)` Returns true if `toVerify` was signed by `signingCert`'s public key.

Methods inherited from class okhttp3.internal.tls.CertificateChainCleaner
get, get

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - MAX_SIGNERS
```
private static final int MAX_SIGNERS
```
    The maximum number of signers in a chain. We use 9 for consistency with OpenSSL.
    
    See Also:
    
    Constant Field Values
  - trustRootIndex
```
private final TrustRootIndex trustRootIndex
```
- Constructor Detail
  - BasicCertificateChainCleaner
```
public BasicCertificateChainCleaner(TrustRootIndex trustRootIndex)
```
- Method Detail
  - clean
```
public java.util.List<java.security.cert.Certificate> clean(java.util.List<java.security.cert.Certificate> chain,
                                                            java.lang.String hostname)
                                                     throws javax.net.ssl.SSLPeerUnverifiedException
```
    Returns a cleaned chain for chain.
    This method throws if the complete chain to a trusted CA certificate cannot be constructed. This is unexpected unless the trust root index in this class has a different trust manager than what was used to establish chain.
    
    Specified by:
    
    clean in class CertificateChainCleaner
    
    Throws:
    
    javax.net.ssl.SSLPeerUnverifiedException
  - verifySignature
```
private boolean verifySignature(java.security.cert.X509Certificate toVerify,
                                java.security.cert.X509Certificate signingCert)
```
    Returns true if toVerify was signed by signingCert's public key.
  - hashCode
```
public int hashCode()
```
    Overrides:
    
    hashCode in class java.lang.Object
  - equals
```
public boolean equals(java.lang.Object other)
```
    Overrides:
    
    equals in class java.lang.Object

Class BasicCertificateChainCleaner

Field Summary

Constructor Summary

Method Summary

Methods inherited from class okhttp3.internal.tls.CertificateChainCleaner

Methods inherited from class java.lang.Object

Field Detail

MAX_SIGNERS

trustRootIndex

Constructor Detail

BasicCertificateChainCleaner

Method Detail

clean

verifySignature

hashCode

equals