Mercurial > 510Connectbot

comparison src/org/tn5250j/framework/transport/SSL/SSLImplementation.java @ 8:3b760b39962a tn5250

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
adding tn5250 files
author Carl Byington <carl@five-ten-sg.com>
date Thu, 22 May 2014 15:41:35 -0700
parents e8d2a24e85c6
children 731e70088af0
comparison
equal deleted inserted replaced
7:3248b46f3973 8:3b760b39962a
35 import javax.net.ssl.SSLContext; 35 import javax.net.ssl.SSLContext;
36 import javax.net.ssl.SSLSocket; 36 import javax.net.ssl.SSLSocket;
37 import javax.net.ssl.TrustManager; 37 import javax.net.ssl.TrustManager;
38 import javax.net.ssl.TrustManagerFactory; 38 import javax.net.ssl.TrustManagerFactory;
39 import javax.net.ssl.X509TrustManager; 39 import javax.net.ssl.X509TrustManager;
40 import javax.swing.JOptionPane; 40
41 import com.five_ten_sg.connectbot.service.TerminalBridge;
42 import com.five_ten_sg.connectbot.service.TerminalManager;
41 43
42 import org.tn5250j.GlobalConfigure; 44 import org.tn5250j.GlobalConfigure;
43 import org.tn5250j.framework.transport.SSLInterface; 45 import org.tn5250j.framework.transport.SSLInterface;
44 import org.tn5250j.tools.logging.TN5250jLogFactory; 46 import org.tn5250j.tools.logging.TN5250jLogFactory;
45 import org.tn5250j.tools.logging.TN5250jLogger; 47 import org.tn5250j.tools.logging.TN5250jLogger;
47 /** 49 /**
48 * <p> 50 * <p>
49 * This class implements the SSLInterface and is used to create SSL socket 51 * This class implements the SSLInterface and is used to create SSL socket
50 * instances. 52 * instances.
51 * </p> 53 * </p>
52 * 54 *
53 * @author Stephen M. Kennedy <skennedy@tenthpowertech.com> 55 * @author Stephen M. Kennedy <skennedy@tenthpowertech.com>
54 * 56 *
55 */ 57 */
56 public class SSLImplementation implements SSLInterface, X509TrustManager { 58 public class SSLImplementation implements SSLInterface, X509TrustManager {
57 59
58 SSLContext sslContext = null; 60 SSLContext sslContext = null;
59 61
60 KeyStore userks = null; 62 KeyStore userks = null;
61 private String userKsPath; 63 private String userKsPath;
62 private char[] userksPassword = "changeit".toCharArray(); 64 private char[] userksPassword = "changeit".toCharArray();
63 65
66 TerminalBridge bridge = null;
67 TerminalManager manager = null;
68 String target = null; // destination:port
69
64 KeyManagerFactory userkmf = null; 70 KeyManagerFactory userkmf = null;
65 71
66 TrustManagerFactory usertmf = null; 72 TrustManagerFactory usertmf = null;
67 73
68 TrustManager[] userTrustManagers = null; 74 TrustManager[] userTrustManagers = null;
69 75
70 X509Certificate[] acceptedIssuers; 76 X509Certificate[] acceptedIssuers;
71 77
72 TN5250jLogger logger; 78 TN5250jLogger logger;
73 79
74 public SSLImplementation() { 80 public SSLImplementation(TerminalBridge bridge, TerminalManager manager) {
81 this.bridge = bridge;
82 this.manager = manager;
75 logger = TN5250jLogFactory.getLogger(getClass()); 83 logger = TN5250jLogFactory.getLogger(getClass());
76 } 84 }
77 85
78 public void init(String sslType) { 86 public void init(String sslType) {
79 try { 87 try {
105 public Socket createSSLSocket(String destination, int port) { 113 public Socket createSSLSocket(String destination, int port) {
106 if (sslContext == null) 114 if (sslContext == null)
107 throw new IllegalStateException("SSL Context Not Initialized"); 115 throw new IllegalStateException("SSL Context Not Initialized");
108 SSLSocket socket = null; 116 SSLSocket socket = null;
109 try { 117 try {
118 target = destination + ":" + String.valueOf(port);
110 socket = (SSLSocket) sslContext.getSocketFactory().createSocket( 119 socket = (SSLSocket) sslContext.getSocketFactory().createSocket(
111 destination, port); 120 destination, port);
112 } catch (Exception e) { 121 } catch (Exception e) {
113 logger.error("Error creating ssl socket [" + e.getMessage() + "]"); 122 logger.error("Error creating ssl socket [" + e.getMessage() + "]");
114 } 123 }
117 126
118 // X509TrustManager Methods 127 // X509TrustManager Methods
119 128
120 /* 129 /*
121 * (non-Javadoc) 130 * (non-Javadoc)
122 * 131 *
123 * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers() 132 * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
124 */ 133 */
125 public X509Certificate[] getAcceptedIssuers() { 134 public X509Certificate[] getAcceptedIssuers() {
126 return acceptedIssuers; 135 return acceptedIssuers;
127 } 136 }
128 137
129 /* 138 /*
130 * (non-Javadoc) 139 * (non-Javadoc)
131 * 140 *
132 * @see 141 * @see
133 * javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert. 142 * javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert.
134 * X509Certificate[], java.lang.String) 143 * X509Certificate[], java.lang.String)
135 */ 144 */
136 public void checkClientTrusted(X509Certificate[] arg0, String arg1) 145 public void checkClientTrusted(X509Certificate[] arg0, String arg1)
139 148
140 } 149 }
141 150
142 /* 151 /*
143 * (non-Javadoc) 152 * (non-Javadoc)
144 * 153 *
145 * @see 154 * @see
146 * javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert. 155 * javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert.
147 * X509Certificate[], java.lang.String) 156 * X509Certificate[], java.lang.String)
148 */ 157 */
149 public void checkServerTrusted(X509Certificate[] chain, String type) 158 public void checkServerTrusted(X509Certificate[] chain, String type)
179 certInfo = certInfo.concat("Subject DN: " 188 certInfo = certInfo.concat("Subject DN: "
180 + cert.getSubjectDN().getName() + "\n"); 189 + cert.getSubjectDN().getName() + "\n");
181 certInfo = certInfo.concat("Public Key: " 190 certInfo = certInfo.concat("Public Key: "
182 + cert.getPublicKey().getFormat() + "\n"); 191 + cert.getPublicKey().getFormat() + "\n");
183 192
184 int accept = JOptionPane 193 bridge.outputLine(manager.res.getString(R.string.host_authenticity_warning, target));
185 .showConfirmDialog(null, certInfo, "Unknown Certificate - Do you accept it?", 194 bridge.outputLine(manager.res.getString(R.string.host_certificate, certInfo));
186 javax.swing.JOptionPane.YES_NO_OPTION); 195 Boolean result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_accept_certificate));
187 if (accept != JOptionPane.YES_OPTION) { 196 if ((result == null) || (!result.booleanValue()) {
188 throw new java.security.cert.CertificateException( 197 throw new java.security.cert.CertificateException(
189 "Certificate Rejected"); 198 "Certificate Rejected");
190 } 199 }
191 200
192 int save = JOptionPane.showConfirmDialog(null, 201 result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_save_certificate));
193 "Remember this certificate?", "Save Certificate", 202 if ((result != null) && (result.booleanValue()) {
194 javax.swing.JOptionPane.YES_NO_OPTION);
195
196 if (save == JOptionPane.YES_OPTION) {
197 try { 203 try {
198 userks.setCertificateEntry(cert.getSubjectDN().getName(), 204 userks.setCertificateEntry(cert.getSubjectDN().getName(),
199 cert); 205 cert);
200 userks.store(new FileOutputStream(userKsPath), 206 userks.store(new FileOutputStream(userKsPath),
201 userksPassword); 207 userksPassword);
204 + "]"); 210 + "]");
205 e.printStackTrace(); 211 e.printStackTrace();
206 } 212 }
207 } 213 }
208 } 214 }
209
210 } 215 }
211 } 216 }