annotate src/org/tn5250j/framework/transport/SSL/SSLImplementation.java @ 322:a713e91c59c8 ganymed

add ecdsa key support everywhere
author Carl Byington <carl@five-ten-sg.com>
date Thu, 31 Jul 2014 09:03:50 -0700
parents 77ac18bc1b2f
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1 package org.tn5250j.framework.transport.SSL;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
2
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
3 /*
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
4 * @(#)SSLImplementation.java
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
5 * @author Stephen M. Kennedy
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
6 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
7 * Copyright: Copyright (c) 2001
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
8 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
9 * This program is free software; you can redistribute it and/or modify
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
10 * it under the terms of the GNU General Public License as published by
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
11 * the Free Software Foundation; either version 2, or (at your option)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
12 * any later version.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
13 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
14 * This program is distributed in the hope that it will be useful,
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
17 * GNU General Public License for more details.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
18 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
19 * You should have received a copy of the GNU General Public License
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
20 * along with this software; see the file COPYING. If not, write to
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
21 * the Free Software Foundation, Inc., 59 Temple Place, Suite 330,
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
22 * Boston, MA 02111-1307 USA
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
23 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
24 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
25
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
26 import java.io.File;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
27 import java.io.FileInputStream;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
28 import java.io.FileOutputStream;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
29 import java.net.Socket;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
30 import java.security.KeyStore;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
31 import java.security.cert.CertificateException;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
32 import java.security.cert.X509Certificate;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
33
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
34 import javax.net.ssl.KeyManagerFactory;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
35 import javax.net.ssl.SSLContext;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
36 import javax.net.ssl.SSLSocket;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
37 import javax.net.ssl.TrustManager;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
38 import javax.net.ssl.TrustManagerFactory;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
39 import javax.net.ssl.X509TrustManager;
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
40
13
b39bcf616a6f adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 9
diff changeset
41 import com.five_ten_sg.connectbot.R;
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
42 import com.five_ten_sg.connectbot.service.TerminalBridge;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
43 import com.five_ten_sg.connectbot.service.TerminalManager;
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
44
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
45 import org.tn5250j.framework.transport.SSLInterface;
25
5949eb469a79 adding tn5250 files, native android logging
Carl Byington <carl@five-ten-sg.com>
parents: 13
diff changeset
46 import android.util.Log;
5949eb469a79 adding tn5250 files, native android logging
Carl Byington <carl@five-ten-sg.com>
parents: 13
diff changeset
47
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
48
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
49 /**
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
50 * <p>
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
51 * This class implements the SSLInterface and is used to create SSL socket
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
52 * instances.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
53 * </p>
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
54 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
55 * @author Stephen M. Kennedy <skennedy@tenthpowertech.com>
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
56 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
57 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
58 public class SSLImplementation implements SSLInterface, X509TrustManager {
26
9ae1c889a64c adding tn5250 files, native android logging
Carl Byington <carl@five-ten-sg.com>
parents: 25
diff changeset
59 private static final String TAG = "SSLImplementation";
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
60 SSLContext sslContext = null;
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
61 KeyStore userks = null;
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
62 private String userKsPath;
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
63 private char[] userksPassword = "changeit".toCharArray();
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
64
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
65 TerminalBridge bridge = null;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
66 TerminalManager manager = null;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
67 String target = null; // destination:port
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
68
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
69 KeyManagerFactory userkmf = null;
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
70
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
71 TrustManagerFactory usertmf = null;
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
72
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
73 TrustManager[] userTrustManagers = null;
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
74
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
75 X509Certificate[] acceptedIssuers;
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
76
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
77 public SSLImplementation(TerminalBridge bridge, TerminalManager manager) {
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
78 this.bridge = bridge;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
79 this.manager = manager;
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
80 }
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
81
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
82 public void init(String sslType, String homeDirectory) {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
83 try {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
84 Log.d(TAG, "Initializing User KeyStore");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
85 userKsPath = homeDirectory + File.separator + "keystore";
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
86 File userKsFile = new File(userKsPath);
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
87 userks = KeyStore.getInstance(KeyStore.getDefaultType());
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
88 userks.load(userKsFile.exists() ? new FileInputStream(userKsFile)
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
89 : null, userksPassword);
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
90 Log.d(TAG, "Initializing User Key Manager Factory");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
91 userkmf = KeyManagerFactory.getInstance(KeyManagerFactory
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
92 .getDefaultAlgorithm());
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
93 userkmf.init(userks, userksPassword);
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
94 Log.d(TAG, "Initializing User Trust Manager Factory");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
95 usertmf = TrustManagerFactory.getInstance(TrustManagerFactory
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
96 .getDefaultAlgorithm());
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
97 usertmf.init(userks);
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
98 userTrustManagers = usertmf.getTrustManagers();
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
99 Log.d(TAG, "Initializing SSL Context");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
100 sslContext = SSLContext.getInstance(sslType);
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
101 sslContext.init(userkmf.getKeyManagers(), new TrustManager[] {this}, null);
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
102 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
103 catch (Exception ex) {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
104 Log.e(TAG, "Error initializing SSL [" + ex.getMessage() + "]");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
105 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
106 }
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
107
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
108 public Socket createSSLSocket(String destination, int port) {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
109 if (sslContext == null)
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
110 throw new IllegalStateException("SSL Context Not Initialized");
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
111
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
112 SSLSocket socket = null;
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
113
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
114 try {
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
115 target = destination + ":" + String.valueOf(port);
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
116 socket = (SSLSocket) sslContext.getSocketFactory().createSocket(
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
117 destination, port);
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
118 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
119 catch (Exception e) {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
120 Log.e(TAG, "Error creating ssl socket [" + e.getMessage() + "]");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
121 }
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
122
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
123 return socket;
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
124 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
125
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
126 // X509TrustManager Methods
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
127
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
128 /*
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
129 * (non-Javadoc)
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
130 *
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
131 * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
132 */
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
133 public X509Certificate[] getAcceptedIssuers() {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
134 return acceptedIssuers;
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
135 }
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
136
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
137 /*
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
138 * (non-Javadoc)
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
139 *
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
140 * @see
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
141 * javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert.
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
142 * X509Certificate[], java.lang.String)
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
143 */
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
144 public void checkClientTrusted(X509Certificate[] arg0, String arg1)
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
145 throws CertificateException {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
146 throw new SecurityException("checkClientTrusted unsupported");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
147 }
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
148
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
149 /*
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
150 * (non-Javadoc)
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
151 *
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
152 * @see
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
153 * javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert.
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
154 * X509Certificate[], java.lang.String)
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
155 */
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
156 public void checkServerTrusted(X509Certificate[] chain, String type)
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
157 throws CertificateException {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
158 try {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
159 for (int i = 0; i < userTrustManagers.length; i++) {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
160 if (userTrustManagers[i] instanceof X509TrustManager) {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
161 X509TrustManager trustManager = (X509TrustManager) userTrustManagers[i];
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
162 X509Certificate[] calist = trustManager
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
163 .getAcceptedIssuers();
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
164
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
165 if (calist.length > 0) {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
166 trustManager.checkServerTrusted(chain, type);
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
167 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
168 else {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
169 throw new CertificateException(
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
170 "Empty list of accepted issuers (a.k.a. root CA list).");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
171 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
172 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
173 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
174
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
175 return;
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
176 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
177 catch (CertificateException ce) {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
178 X509Certificate cert = chain[0];
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
179 String certInfo = manager.res.getString(R.string.host_cert_version) + cert.getVersion() + "\r\n";
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
180 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_serial) + cert.getSerialNumber() + "\r\n");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
181 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_algorithm) + cert.getSigAlgName() + "\r\n");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
182 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_issuer) + cert.getIssuerDN().getName() + "\r\n");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
183 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_from) + cert.getNotBefore() + "\r\n");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
184 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_to) + cert.getNotAfter() + "\r\n");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
185 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_dn) + cert.getSubjectDN().getName() + "\r\n");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
186 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_publickey) + cert.getPublicKey().getFormat() + "\r\n");
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
187 bridge.outputLine(manager.res.getString(R.string.host_authenticity_warning, target));
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
188 bridge.outputLine(manager.res.getString(R.string.host_certificate, certInfo));
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
189 Boolean result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_accept_certificate));
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
190
9
731e70088af0 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 8
diff changeset
191 if ((result == null) || (!result.booleanValue())) {
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
192 throw new java.security.cert.CertificateException(
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
193 "Certificate Rejected");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
194 }
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
195
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
196 result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_save_certificate));
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
197
9
731e70088af0 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 8
diff changeset
198 if ((result != null) && (result.booleanValue())) {
112
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
199 try {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
200 userks.setCertificateEntry(cert.getSubjectDN().getName(),
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
201 cert);
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
202 userks.store(new FileOutputStream(userKsPath),
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
203 userksPassword);
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
204 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
205 catch (Exception e) {
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
206 Log.e(TAG, "Error saving certificate [" + e.getMessage()
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
207 + "]");
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
208 e.printStackTrace();
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
209 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
210 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
211 }
77ac18bc1b2f cleanup java formatting
Carl Byington <carl@five-ten-sg.com>
parents: 91
diff changeset
212 }
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
213 }