summaryrefslogtreecommitdiff
path: root/mocca-1.2.11/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java
diff options
context:
space:
mode:
Diffstat (limited to 'mocca-1.2.11/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java')
-rw-r--r--mocca-1.2.11/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java157
1 files changed, 0 insertions, 157 deletions
diff --git a/mocca-1.2.11/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java b/mocca-1.2.11/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java
deleted file mode 100644
index a02e56eb..00000000
--- a/mocca-1.2.11/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java
+++ /dev/null
@@ -1,157 +0,0 @@
-/*
- * Copyright 2008 Federal Chancellery Austria and
- * Graz University of Technology
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package at.gv.egiz.bku.online.applet;
-
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.Socket;
-import java.net.UnknownHostException;
-import java.security.cert.CertificateParsingException;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-import java.util.List;
-
-import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.SSLPeerUnverifiedException;
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-public class InternalSSLSocketFactory extends SSLSocketFactory {
-
- private final static String GOV_DOMAIN = ".gv.at";
-
- private static InternalSSLSocketFactory instance = new InternalSSLSocketFactory();
-
- private final static Log log = LogFactory
- .getLog(InternalSSLSocketFactory.class);
-
- private SSLSocket sslSocket;
-
- private SSLSocketFactory proxy;
-
- private InternalSSLSocketFactory() {
- proxy = HttpsURLConnection.getDefaultSSLSocketFactory();
- }
-
- public static InternalSSLSocketFactory getInstance() {
- return instance;
- }
-
- @Override
- public Socket createSocket() throws IOException {
- sslSocket = (SSLSocket) proxy.createSocket();
- return sslSocket;
- }
-
- @Override
- public Socket createSocket(String arg0, int arg1) throws IOException,
- UnknownHostException {
- sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1);
-
- return sslSocket;
- }
-
- @Override
- public Socket createSocket(InetAddress arg0, int arg1) throws IOException {
- sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1);
- return sslSocket;
- }
-
- @Override
- public Socket createSocket(String arg0, int arg1, InetAddress arg2, int arg3)
- throws IOException, UnknownHostException {
- sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3);
- return sslSocket;
- }
-
- @Override
- public Socket createSocket(InetAddress arg0, int arg1, InetAddress arg2,
- int arg3) throws IOException {
- sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3);
- return sslSocket;
- }
-
- @Override
- public Socket createSocket(Socket arg0, String arg1, int arg2, boolean arg3)
- throws IOException {
- sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3);
- return sslSocket;
- }
-
- @Override
- public String[] getDefaultCipherSuites() {
- return proxy.getDefaultCipherSuites();
- }
-
- @Override
- public String[] getSupportedCipherSuites() {
- return proxy.getSupportedCipherSuites();
- }
-
- public boolean isEgovAgency() {
- log.info("Checking if server is egov agency");
- if (sslSocket != null) {
- try {
- X509Certificate cert = (X509Certificate) sslSocket.getSession()
- .getPeerCertificates()[0];
- log.info("Server cert: " + cert);
- return isGovAgency(cert);
- } catch (SSLPeerUnverifiedException e) {
- log.error(e);
- return false;
- }
- }
- log.info("Not a SSL connection");
- return false;
- }
-
- public static boolean isGovAgency(X509Certificate cert) {
- String[] rdns = (cert.getSubjectX500Principal().getName()).split(",");
- for (String rdn : rdns) {
- if (rdn.startsWith("CN=")) {
- String dns = rdn.split("=")[1];
- if (dns.endsWith(GOV_DOMAIN)) {
- return true;
- }
- }
- }
- try {
- Collection<List<?>> sanList = cert.getSubjectAlternativeNames();
- if (sanList != null) {
- for (List<?> san : sanList) {
- if ((Integer) san.get(0) == 2) {
- String dns = (String) san.get(1);
- if (dns.endsWith(GOV_DOMAIN)) {
- return true;
- }
- }
- }
- }
- } catch (CertificateParsingException e) {
- log.error(e);
- }
- if ((cert.getExtensionValue("1.2.40.0.10.1.1.1") != null)
- || (cert.getExtensionValue("1.2.40.0.10.1.1.2") != null)) {
- return true;
- }
- return false;
- }
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-08 03:26:48 +0000