Mercurial > 510Connectbot

annotate src/org/tn5250j/framework/transport/SSL/SSLImplementation.java @ 10:e773d0952613 tn5250

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
adding tn5250 files
author Carl Byington <carl@five-ten-sg.com>
date Thu, 22 May 2014 16:11:14 -0700
parents 731e70088af0
children b39bcf616a6f
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1 package org.tn5250j.framework.transport.SSL;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
2
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
3 /*
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
4 * @(#)SSLImplementation.java
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
5 * @author Stephen M. Kennedy
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
6 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
7 * Copyright: Copyright (c) 2001
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
8 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
9 * This program is free software; you can redistribute it and/or modify
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
10 * it under the terms of the GNU General Public License as published by
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
11 * the Free Software Foundation; either version 2, or (at your option)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
12 * any later version.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
13 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
14 * This program is distributed in the hope that it will be useful,
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
17 * GNU General Public License for more details.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
18 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
19 * You should have received a copy of the GNU General Public License
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
20 * along with this software; see the file COPYING. If not, write to
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
21 * the Free Software Foundation, Inc., 59 Temple Place, Suite 330,
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
22 * Boston, MA 02111-1307 USA
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
23 *
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
24 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
25
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
26 import java.io.File;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
27 import java.io.FileInputStream;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
28 import java.io.FileOutputStream;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
29 import java.net.Socket;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
30 import java.security.KeyStore;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
31 import java.security.cert.CertificateException;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
32 import java.security.cert.X509Certificate;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
33
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
34 import javax.net.ssl.KeyManagerFactory;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
35 import javax.net.ssl.SSLContext;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
36 import javax.net.ssl.SSLSocket;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
37 import javax.net.ssl.TrustManager;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
38 import javax.net.ssl.TrustManagerFactory;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
39 import javax.net.ssl.X509TrustManager;
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
40
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
41 import com.five_ten_sg.connectbot.service.TerminalBridge;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
42 import com.five_ten_sg.connectbot.service.TerminalManager;
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
43
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
44 import org.tn5250j.GlobalConfigure;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
45 import org.tn5250j.framework.transport.SSLInterface;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
46 import org.tn5250j.tools.logging.TN5250jLogFactory;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
47 import org.tn5250j.tools.logging.TN5250jLogger;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
48
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
49 /**
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
50 * <p>
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
51 * This class implements the SSLInterface and is used to create SSL socket
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
52 * instances.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
53 * </p>
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
54 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
55 * @author Stephen M. Kennedy <skennedy@tenthpowertech.com>
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
56 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
57 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
58 public class SSLImplementation implements SSLInterface, X509TrustManager {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
59
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
60 SSLContext sslContext = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
61
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
62 KeyStore userks = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
63 private String userKsPath;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
64 private char[] userksPassword = "changeit".toCharArray();
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
65
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
66 TerminalBridge bridge = null;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
67 TerminalManager manager = null;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
68 String target = null; // destination:port
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
69
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
70 KeyManagerFactory userkmf = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
71
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
72 TrustManagerFactory usertmf = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
73
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
74 TrustManager[] userTrustManagers = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
75
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
76 X509Certificate[] acceptedIssuers;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
77
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
78 TN5250jLogger logger;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
79
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
80 public SSLImplementation(TerminalBridge bridge, TerminalManager manager) {
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
81 this.bridge = bridge;
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
82 this.manager = manager;
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
83 logger = TN5250jLogFactory.getLogger(getClass());
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
84 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
85
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
86 public void init(String sslType) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
87 try {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
88 logger.debug("Initializing User KeyStore");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
89 userKsPath = System.getProperty("user.home") + File.separator
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
90 + GlobalConfigure.TN5250J_FOLDER + File.separator + "keystore";
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
91 File userKsFile = new File(userKsPath);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
92 userks = KeyStore.getInstance(KeyStore.getDefaultType());
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
93 userks.load(userKsFile.exists() ? new FileInputStream(userKsFile)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
94 : null, userksPassword);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
95 logger.debug("Initializing User Key Manager Factory");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
96 userkmf = KeyManagerFactory.getInstance(KeyManagerFactory
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
97 .getDefaultAlgorithm());
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
98 userkmf.init(userks, userksPassword);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
99 logger.debug("Initializing User Trust Manager Factory");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
100 usertmf = TrustManagerFactory.getInstance(TrustManagerFactory
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
101 .getDefaultAlgorithm());
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
102 usertmf.init(userks);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
103 userTrustManagers = usertmf.getTrustManagers();
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
104 logger.debug("Initializing SSL Context");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
105 sslContext = SSLContext.getInstance(sslType);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
106 sslContext.init(userkmf.getKeyManagers(), new TrustManager[] {this}, null);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
107 } catch (Exception ex) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
108 logger.error("Error initializing SSL [" + ex.getMessage() + "]");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
109 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
110
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
111 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
112
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
113 public Socket createSSLSocket(String destination, int port) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
114 if (sslContext == null)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
115 throw new IllegalStateException("SSL Context Not Initialized");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
116 SSLSocket socket = null;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
117 try {
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
118 target = destination + ":" + String.valueOf(port);
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
119 socket = (SSLSocket) sslContext.getSocketFactory().createSocket(
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
120 destination, port);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
121 } catch (Exception e) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
122 logger.error("Error creating ssl socket [" + e.getMessage() + "]");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
123 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
124 return socket;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
125 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
126
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
127 // X509TrustManager Methods
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
128
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
129 /*
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
130 * (non-Javadoc)
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
131 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
132 * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
133 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
134 public X509Certificate[] getAcceptedIssuers() {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
135 return acceptedIssuers;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
136 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
137
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
138 /*
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
139 * (non-Javadoc)
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
140 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
141 * @see
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
142 * javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
143 * X509Certificate[], java.lang.String)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
144 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
145 public void checkClientTrusted(X509Certificate[] arg0, String arg1)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
146 throws CertificateException {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
147 throw new SecurityException("checkClientTrusted unsupported");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
148
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
149 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
150
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
151 /*
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
152 * (non-Javadoc)
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
153 *
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
154 * @see
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
155 * javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert.
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
156 * X509Certificate[], java.lang.String)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
157 */
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
158 public void checkServerTrusted(X509Certificate[] chain, String type)
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
159 throws CertificateException {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
160 try {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
161 for (int i = 0; i < userTrustManagers.length; i++) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
162 if (userTrustManagers[i] instanceof X509TrustManager) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
163 X509TrustManager trustManager = (X509TrustManager) userTrustManagers[i];
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
164 X509Certificate[] calist = trustManager
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
165 .getAcceptedIssuers();
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
166 if (calist.length > 0) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
167 trustManager.checkServerTrusted(chain, type);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
168 } else {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
169 throw new CertificateException(
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
170 "Empty list of accepted issuers (a.k.a. root CA list).");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
171 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
172 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
173 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
174 return;
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
175 } catch (CertificateException ce) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
176 X509Certificate cert = chain[0];
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
177 String certInfo = "Version: " + cert.getVersion() + "\n";
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
178 certInfo = certInfo.concat("Serial Number: "
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
179 + cert.getSerialNumber() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
180 certInfo = certInfo.concat("Signature Algorithm: "
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
181 + cert.getSigAlgName() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
182 certInfo = certInfo.concat("Issuer: "
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
183 + cert.getIssuerDN().getName() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
184 certInfo = certInfo.concat("Valid From: " + cert.getNotBefore()
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
185 + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
186 certInfo = certInfo
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
187 .concat("Valid To: " + cert.getNotAfter() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
188 certInfo = certInfo.concat("Subject DN: "
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
189 + cert.getSubjectDN().getName() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
190 certInfo = certInfo.concat("Public Key: "
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
191 + cert.getPublicKey().getFormat() + "\n");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
192
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
193 bridge.outputLine(manager.res.getString(R.string.host_authenticity_warning, target));
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
194 bridge.outputLine(manager.res.getString(R.string.host_certificate, certInfo));
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
195 Boolean result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_accept_certificate));
9
731e70088af0 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 8
diff changeset
196 if ((result == null) || (!result.booleanValue())) {
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
197 throw new java.security.cert.CertificateException(
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
198 "Certificate Rejected");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
199 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
200
8
3b760b39962a adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 3
diff changeset
201 result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_save_certificate));
9
731e70088af0 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents: 8
diff changeset
202 if ((result != null) && (result.booleanValue())) {
3
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
203 try {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
204 userks.setCertificateEntry(cert.getSubjectDN().getName(),
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
205 cert);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
206 userks.store(new FileOutputStream(userKsPath),
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
207 userksPassword);
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
208 } catch (Exception e) {
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
209 logger.error("Error saving certificate [" + e.getMessage()
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
210 + "]");
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
211 e.printStackTrace();
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
212 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
213 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
214 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
215 }
e8d2a24e85c6 adding tn5250 files
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
216 }