Mercurial > 510Connectbot
comparison src/org/tn5250j/framework/transport/SSL/SSLImplementation.java @ 112:77ac18bc1b2f
cleanup java formatting
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Wed, 18 Jun 2014 13:03:01 -0700 |
parents | 33eb63352be5 |
children |
comparison
equal
deleted
inserted
replaced
111:6a0ad4d384ea | 112:77ac18bc1b2f |
---|---|
55 * @author Stephen M. Kennedy <skennedy@tenthpowertech.com> | 55 * @author Stephen M. Kennedy <skennedy@tenthpowertech.com> |
56 * | 56 * |
57 */ | 57 */ |
58 public class SSLImplementation implements SSLInterface, X509TrustManager { | 58 public class SSLImplementation implements SSLInterface, X509TrustManager { |
59 private static final String TAG = "SSLImplementation"; | 59 private static final String TAG = "SSLImplementation"; |
60 SSLContext sslContext = null; | 60 SSLContext sslContext = null; |
61 KeyStore userks = null; | 61 KeyStore userks = null; |
62 private String userKsPath; | 62 private String userKsPath; |
63 private char[] userksPassword = "changeit".toCharArray(); | 63 private char[] userksPassword = "changeit".toCharArray(); |
64 | 64 |
65 TerminalBridge bridge = null; | 65 TerminalBridge bridge = null; |
66 TerminalManager manager = null; | 66 TerminalManager manager = null; |
67 String target = null; // destination:port | 67 String target = null; // destination:port |
68 | 68 |
69 KeyManagerFactory userkmf = null; | 69 KeyManagerFactory userkmf = null; |
70 | 70 |
71 TrustManagerFactory usertmf = null; | 71 TrustManagerFactory usertmf = null; |
72 | 72 |
73 TrustManager[] userTrustManagers = null; | 73 TrustManager[] userTrustManagers = null; |
74 | 74 |
75 X509Certificate[] acceptedIssuers; | 75 X509Certificate[] acceptedIssuers; |
76 | 76 |
77 public SSLImplementation(TerminalBridge bridge, TerminalManager manager) { | 77 public SSLImplementation(TerminalBridge bridge, TerminalManager manager) { |
78 this.bridge = bridge; | 78 this.bridge = bridge; |
79 this.manager = manager; | 79 this.manager = manager; |
80 | 80 } |
81 } | 81 |
82 | 82 public void init(String sslType, String homeDirectory) { |
83 public void init(String sslType, String homeDirectory) { | 83 try { |
84 try { | 84 Log.d(TAG, "Initializing User KeyStore"); |
85 Log.d(TAG,"Initializing User KeyStore"); | 85 userKsPath = homeDirectory + File.separator + "keystore"; |
86 userKsPath = homeDirectory + File.separator + "keystore"; | 86 File userKsFile = new File(userKsPath); |
87 File userKsFile = new File(userKsPath); | 87 userks = KeyStore.getInstance(KeyStore.getDefaultType()); |
88 userks = KeyStore.getInstance(KeyStore.getDefaultType()); | 88 userks.load(userKsFile.exists() ? new FileInputStream(userKsFile) |
89 userks.load(userKsFile.exists() ? new FileInputStream(userKsFile) | 89 : null, userksPassword); |
90 : null, userksPassword); | 90 Log.d(TAG, "Initializing User Key Manager Factory"); |
91 Log.d(TAG,"Initializing User Key Manager Factory"); | 91 userkmf = KeyManagerFactory.getInstance(KeyManagerFactory |
92 userkmf = KeyManagerFactory.getInstance(KeyManagerFactory | 92 .getDefaultAlgorithm()); |
93 .getDefaultAlgorithm()); | 93 userkmf.init(userks, userksPassword); |
94 userkmf.init(userks, userksPassword); | 94 Log.d(TAG, "Initializing User Trust Manager Factory"); |
95 Log.d(TAG,"Initializing User Trust Manager Factory"); | 95 usertmf = TrustManagerFactory.getInstance(TrustManagerFactory |
96 usertmf = TrustManagerFactory.getInstance(TrustManagerFactory | 96 .getDefaultAlgorithm()); |
97 .getDefaultAlgorithm()); | 97 usertmf.init(userks); |
98 usertmf.init(userks); | 98 userTrustManagers = usertmf.getTrustManagers(); |
99 userTrustManagers = usertmf.getTrustManagers(); | 99 Log.d(TAG, "Initializing SSL Context"); |
100 Log.d(TAG,"Initializing SSL Context"); | 100 sslContext = SSLContext.getInstance(sslType); |
101 sslContext = SSLContext.getInstance(sslType); | 101 sslContext.init(userkmf.getKeyManagers(), new TrustManager[] {this}, null); |
102 sslContext.init(userkmf.getKeyManagers(), new TrustManager[] {this}, null); | 102 } |
103 } catch (Exception ex) { | 103 catch (Exception ex) { |
104 Log.e(TAG,"Error initializing SSL [" + ex.getMessage() + "]"); | 104 Log.e(TAG, "Error initializing SSL [" + ex.getMessage() + "]"); |
105 } | 105 } |
106 | 106 } |
107 } | 107 |
108 | 108 public Socket createSSLSocket(String destination, int port) { |
109 public Socket createSSLSocket(String destination, int port) { | 109 if (sslContext == null) |
110 if (sslContext == null) | 110 throw new IllegalStateException("SSL Context Not Initialized"); |
111 throw new IllegalStateException("SSL Context Not Initialized"); | 111 |
112 SSLSocket socket = null; | 112 SSLSocket socket = null; |
113 try { | 113 |
114 try { | |
114 target = destination + ":" + String.valueOf(port); | 115 target = destination + ":" + String.valueOf(port); |
115 socket = (SSLSocket) sslContext.getSocketFactory().createSocket( | 116 socket = (SSLSocket) sslContext.getSocketFactory().createSocket( |
116 destination, port); | 117 destination, port); |
117 } catch (Exception e) { | 118 } |
118 Log.e(TAG,"Error creating ssl socket [" + e.getMessage() + "]"); | 119 catch (Exception e) { |
119 } | 120 Log.e(TAG, "Error creating ssl socket [" + e.getMessage() + "]"); |
120 return socket; | 121 } |
121 } | 122 |
122 | 123 return socket; |
123 // X509TrustManager Methods | 124 } |
124 | 125 |
125 /* | 126 // X509TrustManager Methods |
126 * (non-Javadoc) | 127 |
127 * | 128 /* |
128 * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers() | 129 * (non-Javadoc) |
129 */ | 130 * |
130 public X509Certificate[] getAcceptedIssuers() { | 131 * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers() |
131 return acceptedIssuers; | 132 */ |
132 } | 133 public X509Certificate[] getAcceptedIssuers() { |
133 | 134 return acceptedIssuers; |
134 /* | 135 } |
135 * (non-Javadoc) | 136 |
136 * | 137 /* |
137 * @see | 138 * (non-Javadoc) |
138 * javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert. | 139 * |
139 * X509Certificate[], java.lang.String) | 140 * @see |
140 */ | 141 * javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert. |
141 public void checkClientTrusted(X509Certificate[] arg0, String arg1) | 142 * X509Certificate[], java.lang.String) |
142 throws CertificateException { | 143 */ |
143 throw new SecurityException("checkClientTrusted unsupported"); | 144 public void checkClientTrusted(X509Certificate[] arg0, String arg1) |
144 | 145 throws CertificateException { |
145 } | 146 throw new SecurityException("checkClientTrusted unsupported"); |
146 | 147 } |
147 /* | 148 |
148 * (non-Javadoc) | 149 /* |
149 * | 150 * (non-Javadoc) |
150 * @see | 151 * |
151 * javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert. | 152 * @see |
152 * X509Certificate[], java.lang.String) | 153 * javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert. |
153 */ | 154 * X509Certificate[], java.lang.String) |
154 public void checkServerTrusted(X509Certificate[] chain, String type) | 155 */ |
155 throws CertificateException { | 156 public void checkServerTrusted(X509Certificate[] chain, String type) |
156 try { | 157 throws CertificateException { |
157 for (int i = 0; i < userTrustManagers.length; i++) { | 158 try { |
158 if (userTrustManagers[i] instanceof X509TrustManager) { | 159 for (int i = 0; i < userTrustManagers.length; i++) { |
159 X509TrustManager trustManager = (X509TrustManager) userTrustManagers[i]; | 160 if (userTrustManagers[i] instanceof X509TrustManager) { |
160 X509Certificate[] calist = trustManager | 161 X509TrustManager trustManager = (X509TrustManager) userTrustManagers[i]; |
161 .getAcceptedIssuers(); | 162 X509Certificate[] calist = trustManager |
162 if (calist.length > 0) { | 163 .getAcceptedIssuers(); |
163 trustManager.checkServerTrusted(chain, type); | 164 |
164 } else { | 165 if (calist.length > 0) { |
165 throw new CertificateException( | 166 trustManager.checkServerTrusted(chain, type); |
166 "Empty list of accepted issuers (a.k.a. root CA list)."); | 167 } |
167 } | 168 else { |
168 } | 169 throw new CertificateException( |
169 } | 170 "Empty list of accepted issuers (a.k.a. root CA list)."); |
170 return; | 171 } |
171 } catch (CertificateException ce) { | 172 } |
172 X509Certificate cert = chain[0]; | 173 } |
173 String certInfo = manager.res.getString(R.string.host_cert_version) + cert.getVersion() + "\r\n"; | 174 |
174 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_serial) + cert.getSerialNumber() + "\r\n"); | 175 return; |
175 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_algorithm) + cert.getSigAlgName() + "\r\n"); | 176 } |
176 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_issuer) + cert.getIssuerDN().getName() + "\r\n"); | 177 catch (CertificateException ce) { |
177 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_from) + cert.getNotBefore() + "\r\n"); | 178 X509Certificate cert = chain[0]; |
178 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_to) + cert.getNotAfter() + "\r\n"); | 179 String certInfo = manager.res.getString(R.string.host_cert_version) + cert.getVersion() + "\r\n"; |
179 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_dn) + cert.getSubjectDN().getName() + "\r\n"); | 180 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_serial) + cert.getSerialNumber() + "\r\n"); |
180 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_publickey) + cert.getPublicKey().getFormat() + "\r\n"); | 181 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_algorithm) + cert.getSigAlgName() + "\r\n"); |
181 | 182 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_issuer) + cert.getIssuerDN().getName() + "\r\n"); |
183 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_from) + cert.getNotBefore() + "\r\n"); | |
184 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_to) + cert.getNotAfter() + "\r\n"); | |
185 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_dn) + cert.getSubjectDN().getName() + "\r\n"); | |
186 certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_publickey) + cert.getPublicKey().getFormat() + "\r\n"); | |
182 bridge.outputLine(manager.res.getString(R.string.host_authenticity_warning, target)); | 187 bridge.outputLine(manager.res.getString(R.string.host_authenticity_warning, target)); |
183 bridge.outputLine(manager.res.getString(R.string.host_certificate, certInfo)); | 188 bridge.outputLine(manager.res.getString(R.string.host_certificate, certInfo)); |
184 Boolean result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_accept_certificate)); | 189 Boolean result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_accept_certificate)); |
190 | |
185 if ((result == null) || (!result.booleanValue())) { | 191 if ((result == null) || (!result.booleanValue())) { |
186 throw new java.security.cert.CertificateException( | 192 throw new java.security.cert.CertificateException( |
187 "Certificate Rejected"); | 193 "Certificate Rejected"); |
188 } | 194 } |
189 | 195 |
190 result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_save_certificate)); | 196 result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_save_certificate)); |
197 | |
191 if ((result != null) && (result.booleanValue())) { | 198 if ((result != null) && (result.booleanValue())) { |
192 try { | 199 try { |
193 userks.setCertificateEntry(cert.getSubjectDN().getName(), | 200 userks.setCertificateEntry(cert.getSubjectDN().getName(), |
194 cert); | 201 cert); |
195 userks.store(new FileOutputStream(userKsPath), | 202 userks.store(new FileOutputStream(userKsPath), |
196 userksPassword); | 203 userksPassword); |
197 } catch (Exception e) { | 204 } |
198 Log.e(TAG,"Error saving certificate [" + e.getMessage() | 205 catch (Exception e) { |
199 + "]"); | 206 Log.e(TAG, "Error saving certificate [" + e.getMessage() |
200 e.printStackTrace(); | 207 + "]"); |
201 } | 208 e.printStackTrace(); |
202 } | 209 } |
203 } | 210 } |
204 } | 211 } |
212 } | |
205 } | 213 } |