TrustSource (LittleProxy MITM Module 2.1.4 API)

java.lang.Object
- net.lightbody.bmp.mitm.TrustSource

```
public class TrustSource
extends Object
```
A source of trusted root certificate authorities. Provides static methods to obtain default trust sources:
- defaultTrustSource()- both the built-in and JVM-trusted CAs
- javaTrustSource() - only default CAs trusted by the JVM
- builtinTrustSource() - only built-in trusted CAs (ultimately derived from Firefox's trust list)
Custom TrustSources can be built by starting with empty(), then calling the various add() methods to add PEM-encoded files and Strings, KeyStores, and X509Certificates to the TrustSource. For example:
TrustSource customTrustSource = TrustSource.empty() .add(myX509Certificate) .add(pemFileContainingMyCA) .add(javaKeyStore);
Note: This class is immutable, so calls to add() will return a new instance, rather than modifying the existing instance.

Constructor Summary

Constructors
Modifier	Constructor and Description
`protected`	`TrustSource()` Creates a TrustSource that contains no trusted certificates.
`protected`	`TrustSource(X509Certificate... trustedCAs)` Creates a TrustSource that considers only the specified certificates as "trusted".

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`TrustSource`	`add(File trustedCAPemFile)` Returns a new TrustSource containing the same trusted CAs as this TrustSource, plus zero or more CAs contained in the PEM-encoded File.
`TrustSource`	`add(KeyStore trustStore)` Returns a new TrustSource containing the same trusted CAs as this TrustSource, plus all trusted certificate entries from the specified trustStore.
`TrustSource`	`add(String trustedPemEncodedCAs)` Returns a new TrustSource containing the same trusted CAs as this TrustSource, plus zero or more CAs contained in the PEM-encoded String.
`TrustSource`	`add(TrustSource trustSource)` Returns a new TrustSource containing the same trusted CAs as this TrustSource, plus the trusted CAs in the specified TrustSource.
`TrustSource`	`add(X509Certificate... trustedCertificates)` Returns a new TrustSource containing the same trusted CAs as this TrustSource, plus zero or more additional trusted X509Certificates.
`static TrustSource`	`builtinTrustSource()` Returns a TrustSource containing only the builtin trusted CAs and does not include the JVM's trusted CAs.
`static TrustSource`	`defaultTrustSource()` Returns a TrustSource containing the default trusted CAs.
`static TrustSource`	`empty()` Returns a TrustSource that contains no trusted CAs.
`X509Certificate[]`	`getTrustedCAs()` Returns the X509 certificates considered "trusted" by this TrustSource.
`static TrustSource`	`javaTrustSource()` Returns a TrustSource containing the default CAs trusted by this JVM.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - TrustSource
```
protected TrustSource()
```
    Creates a TrustSource that contains no trusted certificates. For public use, see empty().
  - TrustSource
```
protected TrustSource(X509Certificate... trustedCAs)
```
    Creates a TrustSource that considers only the specified certificates as "trusted". For public use, use empty() followed by add(X509Certificate...).
    
    Parameters:
    
    trustedCAs - root CAs to trust
- Method Detail
  - getTrustedCAs
```
public X509Certificate[] getTrustedCAs()
```
    Returns the X509 certificates considered "trusted" by this TrustSource. This method will not return null, but may return an empty array.
  - empty
```
public static TrustSource empty()
```
    Returns a TrustSource that contains no trusted CAs. Can be used in conjunction with the add() methods to build a TrustSource containing custom CAs from a variety of sources (PEM files, KeyStores, etc.).
  - defaultTrustSource
```
public static TrustSource defaultTrustSource()
```
    Returns a TrustSource containing the default trusted CAs. By default, contains both the JVM's trusted CAs and the built-in trusted CAs (Firefox's trusted CAs).
  - builtinTrustSource
```
public static TrustSource builtinTrustSource()
```
    Returns a TrustSource containing only the builtin trusted CAs and does not include the JVM's trusted CAs. See TrustUtil.getBuiltinTrustedCAs().
  - javaTrustSource
```
public static TrustSource javaTrustSource()
```
    Returns a TrustSource containing the default CAs trusted by this JVM. See TrustUtil.getJavaTrustedCAs().
  - add
```
public TrustSource add(String trustedPemEncodedCAs)
```
    Returns a new TrustSource containing the same trusted CAs as this TrustSource, plus zero or more CAs contained in the PEM-encoded String. The String may contain multiple certificates and may contain comments or other non-PEM-encoded text, as long as the PEM-encoded certificates are delimited by appropriate BEGIN_CERTIFICATE and END_CERTIFICATE text blocks.
    
    Parameters:
    
    trustedPemEncodedCAs - String containing PEM-encoded certificates to trust
    
    Returns:
    
    a new TrustSource containing this TrustSource's trusted CAs plus the CAs in the specified String
  - add
```
public TrustSource add(X509Certificate... trustedCertificates)
```
    Returns a new TrustSource containing the same trusted CAs as this TrustSource, plus zero or more additional trusted X509Certificates. If trustedCertificates is null or empty, returns this same TrustSource.
    
    Parameters:
    
    trustedCertificates - X509Certificates of CAs to trust
    
    Returns:
    
    a new TrustSource containing this TrustSource's trusted CAs plus the specified CAs
  - add
```
public TrustSource add(KeyStore trustStore)
```
    Returns a new TrustSource containing the same trusted CAs as this TrustSource, plus all trusted certificate entries from the specified trustStore. This method will only add trusted certificate entries from the specified KeyStore (i.e. entries of type KeyStore.TrustedCertificateEntry; private keys will be ignored. The trustStore may be in JKS or PKCS12 format.
    
    Parameters:
    
    trustStore - keystore containing trusted certificate entries
    
    Returns:
    
    a new TrustSource containing this TrustSource's trusted CAs plus trusted certificate entries from the keystore
  - add
```
public TrustSource add(File trustedCAPemFile)
```
    Returns a new TrustSource containing the same trusted CAs as this TrustSource, plus zero or more CAs contained in the PEM-encoded File. The File may contain multiple certificates and may contain comments or other non-PEM-encoded text, as long as the PEM-encoded certificates are delimited by appropriate BEGIN_CERTIFICATE and END_CERTIFICATE text blocks. The file may contain UTF-8 characters, but the PEM-encoded certificate data itself must be US-ASCII.
    
    Parameters:
    
    trustedCAPemFile - File containing PEM-encoded certificates
    
    Returns:
    
    a new TrustSource containing this TrustSource's trusted CAs plus the CAs in the specified String
  - add
```
public TrustSource add(TrustSource trustSource)
```
    Returns a new TrustSource containing the same trusted CAs as this TrustSource, plus the trusted CAs in the specified TrustSource.
    
    Parameters:
    
    trustSource - TrustSource to combine with this TrustSource
    
    Returns:
    
    a new TrustSource containing both TrustSources' trusted CAs

Class TrustSource

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

TrustSource

TrustSource

Method Detail

getTrustedCAs

empty

defaultTrustSource

builtinTrustSource

javaTrustSource

add

add

add

add

add