From 32d17447a258188b2d534bcb0bf65a659ba7b7d0 Mon Sep 17 00:00:00 2001 From: mcentner Date: Fri, 29 Aug 2008 12:11:34 +0000 Subject: Initial import. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../online/applet/InternalSSLSocketFactory.java | 101 +++++++++++++++++++++ 1 file changed, 101 insertions(+) create mode 100644 BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java (limited to 'BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java') diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java new file mode 100644 index 00000000..ab04d2b6 --- /dev/null +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java @@ -0,0 +1,101 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ + +package at.gv.egiz.bku.online.applet; + +import java.io.IOException; +import java.security.KeyManagementException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.X509TrustManager; + +public class InternalSSLSocketFactory { + + private SSLSocketFactory factory; + + public static SSLSocketFactory getSocketFactory() throws InternalSSLSocketFactoryException { + return new InternalSSLSocketFactory().factory; + } + + public static HostnameVerifier getHostNameVerifier() throws InternalSSLSocketFactoryException { + return (new HostnameVerifier() { + @Override + public boolean verify(String hostname, SSLSession session) { + return true; + } + }); + } + + public InternalSSLSocketFactory() throws InternalSSLSocketFactoryException { + SSLContext sslContext; + try { + sslContext = SSLContext.getInstance("TLSv1"); + sslContext.getClientSessionContext().setSessionTimeout(0); + KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509"); + + KeyStore keyStore = KeyStore.getInstance("JKS"); + keyStore.load(null, null); + keyManagerFactory.init(keyStore, null); + + sslContext.init(keyManagerFactory.getKeyManagers(), + new X509TrustManager[] { new AcceptAllTrustManager() }, + null); + } catch (NoSuchAlgorithmException e) { + throw new InternalSSLSocketFactoryException(e); + } catch (CertificateException e) { + throw new InternalSSLSocketFactoryException(e); + } catch (IOException e) { + throw new InternalSSLSocketFactoryException(e); + } catch (KeyStoreException e) { + throw new InternalSSLSocketFactoryException(e); + } catch (UnrecoverableKeyException e) { + throw new InternalSSLSocketFactoryException(e); + } catch (KeyManagementException e) { + throw new InternalSSLSocketFactoryException(e); + } + + this.factory = sslContext.getSocketFactory(); + } + + class AcceptAllTrustManager implements X509TrustManager { + + public X509Certificate[] getAcceptedIssuers() { + return null; + } + + public void checkClientTrusted(X509Certificate[] chain, String authType) { + } + + public void checkServerTrusted(X509Certificate[] chain, String authType) { + //FIXME + } + } +}; -- cgit v1.2.3