Mercurial > 510Connectbot

annotate src/org/tn5250j/framework/transport/SSL/SSLImplementation.java @ 14:51f34b9de232 tn5250

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
adding tn5250 files
author Carl Byington <carl@five-ten-sg.com>
date Thu, 22 May 2014 19:00:59 -0700
parents b39bcf616a6f
children 5949eb469a79
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1 package org.tn5250j.framework.transport.SSL;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
2
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
3 /*
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
4 * @(#)SSLImplementation.java
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
5 * @author Stephen M. Kennedy
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
6 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
7 * Copyright: Copyright (c) 2001
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
8 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
9 * This program is free software; you can redistribute it and/or modify
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
10 * it under the terms of the GNU General Public License as published by
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
11 * the Free Software Foundation; either version 2, or (at your option)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
12 * any later version.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
13 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
14 * This program is distributed in the hope that it will be useful,
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
17 * GNU General Public License for more details.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
18 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
19 * You should have received a copy of the GNU General Public License
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
20 * along with this software; see the file COPYING. If not, write to
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
21 * the Free Software Foundation, Inc., 59 Temple Place, Suite 330,
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
22 * Boston, MA 02111-1307 USA
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
23 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
24 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
25
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
26 import java.io.File;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
27 import java.io.FileInputStream;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
28 import java.io.FileOutputStream;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
29 import java.net.Socket;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
30 import java.security.KeyStore;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
31 import java.security.cert.CertificateException;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
32 import java.security.cert.X509Certificate;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
33
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
34 import javax.net.ssl.KeyManagerFactory;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
35 import javax.net.ssl.SSLContext;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
36 import javax.net.ssl.SSLSocket;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
37 import javax.net.ssl.TrustManager;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
38 import javax.net.ssl.TrustManagerFactory;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
39 import javax.net.ssl.X509TrustManager;
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
40
13
b39bcf616a6f adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 9
diff changeset
41 import com.five_ten_sg.connectbot.R;
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
42 import com.five_ten_sg.connectbot.service.TerminalBridge;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
43 import com.five_ten_sg.connectbot.service.TerminalManager;
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
44
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
45 import org.tn5250j.GlobalConfigure;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
46 import org.tn5250j.framework.transport.SSLInterface;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
47 import org.tn5250j.tools.logging.TN5250jLogFactory;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
48 import org.tn5250j.tools.logging.TN5250jLogger;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
49
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
50 /**
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
51 * <p>
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
52 * This class implements the SSLInterface and is used to create SSL socket
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
53 * instances.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
54 * </p>
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
55 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
56 * @author Stephen M. Kennedy <skennedy@tenthpowertech.com>
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
57 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
58 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
59 public class SSLImplementation implements SSLInterface, X509TrustManager {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
60
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
61 SSLContext sslContext = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
62
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
63 KeyStore userks = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
64 private String userKsPath;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
65 private char[] userksPassword = "changeit".toCharArray();
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
66
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
67 TerminalBridge bridge = null;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
68 TerminalManager manager = null;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
69 String target = null; // destination:port
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
70
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
71 KeyManagerFactory userkmf = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
72
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
73 TrustManagerFactory usertmf = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
74
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
75 TrustManager[] userTrustManagers = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
76
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
77 X509Certificate[] acceptedIssuers;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
78
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
79 TN5250jLogger logger;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
80
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
81 public SSLImplementation(TerminalBridge bridge, TerminalManager manager) {
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
82 this.bridge = bridge;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
83 this.manager = manager;
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
84 logger = TN5250jLogFactory.getLogger(getClass());
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
85 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
86
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
87 public void init(String sslType) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
88 try {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
89 logger.debug("Initializing User KeyStore");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
90 userKsPath = System.getProperty("user.home") + File.separator
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
91 + GlobalConfigure.TN5250J_FOLDER + File.separator + "keystore";
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
92 File userKsFile = new File(userKsPath);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
93 userks = KeyStore.getInstance(KeyStore.getDefaultType());
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
94 userks.load(userKsFile.exists() ? new FileInputStream(userKsFile)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
95 : null, userksPassword);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
96 logger.debug("Initializing User Key Manager Factory");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
97 userkmf = KeyManagerFactory.getInstance(KeyManagerFactory
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
98 .getDefaultAlgorithm());
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
99 userkmf.init(userks, userksPassword);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
100 logger.debug("Initializing User Trust Manager Factory");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
101 usertmf = TrustManagerFactory.getInstance(TrustManagerFactory
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
102 .getDefaultAlgorithm());
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
103 usertmf.init(userks);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
104 userTrustManagers = usertmf.getTrustManagers();
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
105 logger.debug("Initializing SSL Context");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
106 sslContext = SSLContext.getInstance(sslType);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
107 sslContext.init(userkmf.getKeyManagers(), new TrustManager[] {this}, null);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
108 } catch (Exception ex) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
109 logger.error("Error initializing SSL [" + ex.getMessage() + "]");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
110 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
111
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
112 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
113
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
114 public Socket createSSLSocket(String destination, int port) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
115 if (sslContext == null)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
116 throw new IllegalStateException("SSL Context Not Initialized");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
117 SSLSocket socket = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
118 try {
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
119 target = destination + ":" + String.valueOf(port);
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
120 socket = (SSLSocket) sslContext.getSocketFactory().createSocket(
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
121 destination, port);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
122 } catch (Exception e) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
123 logger.error("Error creating ssl socket [" + e.getMessage() + "]");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
124 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
125 return socket;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
126 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
127
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
128 // X509TrustManager Methods
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
129
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
130 /*
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
131 * (non-Javadoc)
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
132 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
133 * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
134 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
135 public X509Certificate[] getAcceptedIssuers() {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
136 return acceptedIssuers;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
137 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
138
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
139 /*
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
140 * (non-Javadoc)
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
141 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
142 * @see
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
143 * javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
144 * X509Certificate[], java.lang.String)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
145 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
146 public void checkClientTrusted(X509Certificate[] arg0, String arg1)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
147 throws CertificateException {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
148 throw new SecurityException("checkClientTrusted unsupported");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
149
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
150 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
151
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
152 /*
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
153 * (non-Javadoc)
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
154 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
155 * @see
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
156 * javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
157 * X509Certificate[], java.lang.String)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
158 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
159 public void checkServerTrusted(X509Certificate[] chain, String type)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
160 throws CertificateException {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
161 try {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
162 for (int i = 0; i < userTrustManagers.length; i++) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
163 if (userTrustManagers[i] instanceof X509TrustManager) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
164 X509TrustManager trustManager = (X509TrustManager) userTrustManagers[i];
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
165 X509Certificate[] calist = trustManager
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
166 .getAcceptedIssuers();
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
167 if (calist.length > 0) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
168 trustManager.checkServerTrusted(chain, type);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
169 } else {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
170 throw new CertificateException(
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
171 "Empty list of accepted issuers (a.k.a. root CA list).");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
172 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
173 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
174 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
175 return;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
176 } catch (CertificateException ce) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
177 X509Certificate cert = chain[0];
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
178 String certInfo = "Version: " + cert.getVersion() + "\n";
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
179 certInfo = certInfo.concat("Serial Number: "
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
180 + cert.getSerialNumber() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
181 certInfo = certInfo.concat("Signature Algorithm: "
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
182 + cert.getSigAlgName() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
183 certInfo = certInfo.concat("Issuer: "
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
184 + cert.getIssuerDN().getName() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
185 certInfo = certInfo.concat("Valid From: " + cert.getNotBefore()
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
186 + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
187 certInfo = certInfo
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
188 .concat("Valid To: " + cert.getNotAfter() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
189 certInfo = certInfo.concat("Subject DN: "
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
190 + cert.getSubjectDN().getName() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
191 certInfo = certInfo.concat("Public Key: "
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
192 + cert.getPublicKey().getFormat() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
193
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
194 bridge.outputLine(manager.res.getString(R.string.host_authenticity_warning, target));
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
195 bridge.outputLine(manager.res.getString(R.string.host_certificate, certInfo));
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
196 Boolean result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_accept_certificate));
9
731e70088af0 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 8
diff changeset
197 if ((result == null) || (!result.booleanValue())) {
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
198 throw new java.security.cert.CertificateException(
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
199 "Certificate Rejected");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
200 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
201
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
202 result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_save_certificate));
9
731e70088af0 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 8
diff changeset
203 if ((result != null) && (result.booleanValue())) {
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
204 try {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
205 userks.setCertificateEntry(cert.getSubjectDN().getName(),
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
206 cert);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
207 userks.store(new FileOutputStream(userKsPath),
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
208 userksPassword);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
209 } catch (Exception e) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
210 logger.error("Error saving certificate [" + e.getMessage()
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
211 + "]");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
212 e.printStackTrace();
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
213 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
214 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
215 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
216 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
217 }