Mercurial > 510Connectbot
comparison src/org/tn5250j/framework/transport/SSL/X509CertificateTrustManager.java @ 10:e773d0952613 tn5250
adding tn5250 files
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Thu, 22 May 2014 16:11:14 -0700 |
parents | e8d2a24e85c6 |
children | 51f34b9de232 |
comparison
equal
deleted
inserted
replaced
9:731e70088af0 | 10:e773d0952613 |
---|---|
27 import java.security.KeyStore; | 27 import java.security.KeyStore; |
28 import java.security.cert.CertificateException; | 28 import java.security.cert.CertificateException; |
29 import java.util.ArrayList; | 29 import java.util.ArrayList; |
30 import java.util.Arrays; | 30 import java.util.Arrays; |
31 | 31 |
32 import javax.swing.JOptionPane; | 32 import com.five_ten_sg.connectbot.service.TerminalBridge; |
33 import com.five_ten_sg.connectbot.service.TerminalManager; | |
34 | |
33 | 35 |
34 /** | 36 /** |
35 * This class is used to trust certificates exchanged during an SSL socket | 37 * This class is used to trust certificates exchanged during an SSL socket |
36 * handshake. It allows the user to accept the certificate so that connections | 38 * handshake. It allows the user to accept the certificate so that connections |
37 * can be made without requiring the server to have a certificate signed by a | 39 * can be made without requiring the server to have a certificate signed by a |
38 * CA (Verisign, Thawte, etc.). | 40 * CA (Verisign, Thawte, etc.). |
39 * | 41 * |
40 * @author Stephen M. Kennedy <skennedy@tenthpowertech.com> | 42 * @author Stephen M. Kennedy <skennedy@tenthpowertech.com> |
41 * @deprecated. no longer used. | 43 * @deprecated. no longer used. |
42 * | 44 * |
43 */ | 45 */ |
44 public class X509CertificateTrustManager implements X509TrustManager { | 46 public class X509CertificateTrustManager implements X509TrustManager { |
45 | 47 |
46 KeyStore ks = null; | 48 KeyStore ks = null; |
47 TrustManager[] trustManagers; | 49 TrustManager[] trustManagers; |
48 //X509TrustManager trustManager = null; | 50 TerminalBridge bridge = null; |
51 TerminalManager manager = null; | |
49 | 52 |
50 public X509CertificateTrustManager(TrustManager[] managers, KeyStore keyStore) { | 53 public X509CertificateTrustManager(TrustManager[] managers, KeyStore keyStore, TerminalBridge bridge, TerminalManager manager) { |
54 this.bridge = bridge; | |
55 this.manager = manager; | |
51 trustManagers = managers; | 56 trustManagers = managers; |
52 ks = keyStore; | 57 ks = keyStore; |
53 } | 58 } |
54 | 59 |
55 public void checkClientTrusted(X509Certificate[] chain, String type) throws CertificateException { | 60 public void checkClientTrusted(X509Certificate[] chain, String type) throws CertificateException { |
56 throw new SecurityException("checkClientTrusted unsupported"); | 61 throw new SecurityException("checkClientTrusted unsupported"); |
57 } | 62 } |
58 | 63 |
59 | 64 |
60 /** | 65 /** |
61 * Checks the server certificate. If it isn't trusted by the trust manager | 66 * Checks the server certificate. If it isn't trusted by the trust manager |
62 * passed to the constructor, then the user will be prompted to accept the | 67 * passed to the constructor, then the user will be prompted to accept the |
63 * certificate. | 68 * certificate. |
64 */ | 69 */ |
65 public void checkServerTrusted(X509Certificate[] chain, String type) | 70 public void checkServerTrusted(X509Certificate[] chain, String type) |
66 throws CertificateException { | 71 throws CertificateException { |
67 try { | 72 try { |
68 for (int i=0; i<trustManagers.length; i++) { | 73 for (int i=0; i<trustManagers.length; i++) { |
69 if (trustManagers[i] instanceof X509TrustManager) | 74 if (trustManagers[i] instanceof X509TrustManager) |
70 ((X509TrustManager)trustManagers[i]).checkServerTrusted(chain,type); | 75 ((X509TrustManager)trustManagers[i]).checkServerTrusted(chain,type); |
78 certInfo = certInfo.concat("Issuer: " + cert.getIssuerDN().getName()+"\n"); | 83 certInfo = certInfo.concat("Issuer: " + cert.getIssuerDN().getName()+"\n"); |
79 certInfo = certInfo.concat("Valid From: " + cert.getNotBefore()+"\n"); | 84 certInfo = certInfo.concat("Valid From: " + cert.getNotBefore()+"\n"); |
80 certInfo = certInfo.concat("Valid To: " + cert.getNotAfter()+"\n"); | 85 certInfo = certInfo.concat("Valid To: " + cert.getNotAfter()+"\n"); |
81 certInfo = certInfo.concat("Subject DN: " + cert.getSubjectDN().getName()+"\n"); | 86 certInfo = certInfo.concat("Subject DN: " + cert.getSubjectDN().getName()+"\n"); |
82 certInfo = certInfo.concat("Public Key: " + cert.getPublicKey().getFormat()+"\n"); | 87 certInfo = certInfo.concat("Public Key: " + cert.getPublicKey().getFormat()+"\n"); |
83 | 88 |
84 int accept = JOptionPane.showConfirmDialog(null,certInfo, | 89 bridge.outputLine(manager.res.getString(R.string.host_certificate, certInfo)); |
85 "Accept Certificate",javax.swing.JOptionPane.YES_NO_OPTION); | 90 Boolean result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_accept_certificate)); |
86 if (accept != JOptionPane.YES_OPTION) { | 91 if ((result == null) || (!result.booleanValue())) { |
87 throw new java.security.cert.CertificateException("Certificate Not Accepted"); | 92 throw new java.security.cert.CertificateException("Certificate Not Accepted"); |
88 } | 93 } |
89 } | 94 } |
90 } | 95 } |
91 | 96 |