Mercurial > 510Connectbot
comparison src/org/tn5250j/framework/transport/SSL/X509CertificateTrustManager.java @ 10:e773d0952613 tn5250
adding tn5250 files
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Thu, 22 May 2014 16:11:14 -0700 |
| parents | e8d2a24e85c6 |
| children | 51f34b9de232 |
comparison
equal
deleted
inserted
replaced
| 9:731e70088af0 | 10:e773d0952613 |
|---|---|
| 27 import java.security.KeyStore; | 27 import java.security.KeyStore; |
| 28 import java.security.cert.CertificateException; | 28 import java.security.cert.CertificateException; |
| 29 import java.util.ArrayList; | 29 import java.util.ArrayList; |
| 30 import java.util.Arrays; | 30 import java.util.Arrays; |
| 31 | 31 |
| 32 import javax.swing.JOptionPane; | 32 import com.five_ten_sg.connectbot.service.TerminalBridge; |
| 33 import com.five_ten_sg.connectbot.service.TerminalManager; | |
| 34 | |
| 33 | 35 |
| 34 /** | 36 /** |
| 35 * This class is used to trust certificates exchanged during an SSL socket | 37 * This class is used to trust certificates exchanged during an SSL socket |
| 36 * handshake. It allows the user to accept the certificate so that connections | 38 * handshake. It allows the user to accept the certificate so that connections |
| 37 * can be made without requiring the server to have a certificate signed by a | 39 * can be made without requiring the server to have a certificate signed by a |
| 38 * CA (Verisign, Thawte, etc.). | 40 * CA (Verisign, Thawte, etc.). |
| 39 * | 41 * |
| 40 * @author Stephen M. Kennedy <skennedy@tenthpowertech.com> | 42 * @author Stephen M. Kennedy <skennedy@tenthpowertech.com> |
| 41 * @deprecated. no longer used. | 43 * @deprecated. no longer used. |
| 42 * | 44 * |
| 43 */ | 45 */ |
| 44 public class X509CertificateTrustManager implements X509TrustManager { | 46 public class X509CertificateTrustManager implements X509TrustManager { |
| 45 | 47 |
| 46 KeyStore ks = null; | 48 KeyStore ks = null; |
| 47 TrustManager[] trustManagers; | 49 TrustManager[] trustManagers; |
| 48 //X509TrustManager trustManager = null; | 50 TerminalBridge bridge = null; |
| 51 TerminalManager manager = null; | |
| 49 | 52 |
| 50 public X509CertificateTrustManager(TrustManager[] managers, KeyStore keyStore) { | 53 public X509CertificateTrustManager(TrustManager[] managers, KeyStore keyStore, TerminalBridge bridge, TerminalManager manager) { |
| 54 this.bridge = bridge; | |
| 55 this.manager = manager; | |
| 51 trustManagers = managers; | 56 trustManagers = managers; |
| 52 ks = keyStore; | 57 ks = keyStore; |
| 53 } | 58 } |
| 54 | 59 |
| 55 public void checkClientTrusted(X509Certificate[] chain, String type) throws CertificateException { | 60 public void checkClientTrusted(X509Certificate[] chain, String type) throws CertificateException { |
| 56 throw new SecurityException("checkClientTrusted unsupported"); | 61 throw new SecurityException("checkClientTrusted unsupported"); |
| 57 } | 62 } |
| 58 | 63 |
| 59 | 64 |
| 60 /** | 65 /** |
| 61 * Checks the server certificate. If it isn't trusted by the trust manager | 66 * Checks the server certificate. If it isn't trusted by the trust manager |
| 62 * passed to the constructor, then the user will be prompted to accept the | 67 * passed to the constructor, then the user will be prompted to accept the |
| 63 * certificate. | 68 * certificate. |
| 64 */ | 69 */ |
| 65 public void checkServerTrusted(X509Certificate[] chain, String type) | 70 public void checkServerTrusted(X509Certificate[] chain, String type) |
| 66 throws CertificateException { | 71 throws CertificateException { |
| 67 try { | 72 try { |
| 68 for (int i=0; i<trustManagers.length; i++) { | 73 for (int i=0; i<trustManagers.length; i++) { |
| 69 if (trustManagers[i] instanceof X509TrustManager) | 74 if (trustManagers[i] instanceof X509TrustManager) |
| 70 ((X509TrustManager)trustManagers[i]).checkServerTrusted(chain,type); | 75 ((X509TrustManager)trustManagers[i]).checkServerTrusted(chain,type); |
| 78 certInfo = certInfo.concat("Issuer: " + cert.getIssuerDN().getName()+"\n"); | 83 certInfo = certInfo.concat("Issuer: " + cert.getIssuerDN().getName()+"\n"); |
| 79 certInfo = certInfo.concat("Valid From: " + cert.getNotBefore()+"\n"); | 84 certInfo = certInfo.concat("Valid From: " + cert.getNotBefore()+"\n"); |
| 80 certInfo = certInfo.concat("Valid To: " + cert.getNotAfter()+"\n"); | 85 certInfo = certInfo.concat("Valid To: " + cert.getNotAfter()+"\n"); |
| 81 certInfo = certInfo.concat("Subject DN: " + cert.getSubjectDN().getName()+"\n"); | 86 certInfo = certInfo.concat("Subject DN: " + cert.getSubjectDN().getName()+"\n"); |
| 82 certInfo = certInfo.concat("Public Key: " + cert.getPublicKey().getFormat()+"\n"); | 87 certInfo = certInfo.concat("Public Key: " + cert.getPublicKey().getFormat()+"\n"); |
| 83 | 88 |
| 84 int accept = JOptionPane.showConfirmDialog(null,certInfo, | 89 bridge.outputLine(manager.res.getString(R.string.host_certificate, certInfo)); |
| 85 "Accept Certificate",javax.swing.JOptionPane.YES_NO_OPTION); | 90 Boolean result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_accept_certificate)); |
| 86 if (accept != JOptionPane.YES_OPTION) { | 91 if ((result == null) || (!result.booleanValue())) { |
| 87 throw new java.security.cert.CertificateException("Certificate Not Accepted"); | 92 throw new java.security.cert.CertificateException("Certificate Not Accepted"); |
| 88 } | 93 } |
| 89 } | 94 } |
| 90 } | 95 } |
| 91 | 96 |