summaryrefslogtreecommitdiff
path: root/pdf-over-gui/src/main/java/at/asit
diff options
context:
space:
mode:
authorTobias Kellner <tobias.kellner@iaik.tugraz.at>2014-10-17 18:56:13 +0200
committerTobias Kellner <tobias.kellner@iaik.tugraz.at>2014-10-17 18:56:13 +0200
commit31cfebe95d6ecb372794d1ade5966dfacfccdf3b (patch)
tree7fa36de84b9567b12f0f4bd643f5fef9600628b4 /pdf-over-gui/src/main/java/at/asit
parent0a1414b78a7633e1e4eb83808c3f4a4bf81d195a (diff)
downloadpdf-over-31cfebe95d6ecb372794d1ade5966dfacfccdf3b.tar.gz
pdf-over-31cfebe95d6ecb372794d1ade5966dfacfccdf3b.tar.bz2
pdf-over-31cfebe95d6ecb372794d1ade5966dfacfccdf3b.zip
Only enable certain ciphersuites to avoid 'Server Key' error under OSX
Diffstat (limited to 'pdf-over-gui/src/main/java/at/asit')
-rw-r--r--pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/MobileBKUState.java1
-rw-r--r--pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/TrustedSocketFactory.java26
2 files changed, 17 insertions, 10 deletions
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/MobileBKUState.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/MobileBKUState.java
index de634af6..823edae8 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/MobileBKUState.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/MobileBKUState.java
@@ -66,7 +66,6 @@ public class MobileBKUState extends State {
/**
* SLF4J Logger instance
**/
- @SuppressWarnings("unused")
private static final Logger log = LoggerFactory
.getLogger(MobileBKUState.class);
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/TrustedSocketFactory.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/TrustedSocketFactory.java
index c39edbca..ee521641 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/TrustedSocketFactory.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/TrustedSocketFactory.java
@@ -48,6 +48,13 @@ public class TrustedSocketFactory implements SecureProtocolSocketFactory {
private static final Logger log = LoggerFactory
.getLogger(TrustedSocketFactory.class);
+ private static final String ENABLED_CS[] = {
+ "TLS_RSA_WITH_AES_128_CBC_SHA", //$NON-NLS-1$
+ "SSL_RSA_WITH_RC4_128_SHA", //$NON-NLS-1$
+ "SSL_RSA_WITH_3DES_EDE_CBC_SHA", //$NON-NLS-1$
+ "SSL_RSA_WITH_RC4_128_MD5" //$NON-NLS-1$
+ };
+
private static SSLSocketFactory getFactory() throws NoSuchAlgorithmException,
KeyManagementException, Exception {
SSLContext sslContext = SSLContext.getInstance("TLS"); //$NON-NLS-1$
@@ -70,7 +77,7 @@ public class TrustedSocketFactory implements SecureProtocolSocketFactory {
try {
SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(host,
port);
-
+ sslSocket.setEnabledCipherSuites(ENABLED_CS);
return sslSocket;
} catch (Exception ex) {
log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$
@@ -98,7 +105,7 @@ public class TrustedSocketFactory implements SecureProtocolSocketFactory {
try {
SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(host,
port, clientHost, clientPort);
-
+ sslSocket.setEnabledCipherSuites(ENABLED_CS);
return sslSocket;
} catch (Exception ex) {
log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$
@@ -130,21 +137,22 @@ public class TrustedSocketFactory implements SecureProtocolSocketFactory {
throw new IllegalArgumentException("Parameters may not be null"); //$NON-NLS-1$
}
int timeout = params.getConnectionTimeout();
- Socket socket = null;
+ SSLSocket sslSocket = null;
SSLSocketFactory socketfactory = getFactory();
if (timeout == 0) {
- socket = socketfactory.createSocket(host, port, clientHost,
+ sslSocket = (SSLSocket) socketfactory.createSocket(host, port, clientHost,
clientPort);
} else {
- socket = socketfactory.createSocket();
+ sslSocket = (SSLSocket) socketfactory.createSocket();
SocketAddress localaddr = new InetSocketAddress(clientHost,
clientPort);
SocketAddress remoteaddr = new InetSocketAddress(host, port);
- socket.bind(localaddr);
- socket.connect(remoteaddr, timeout);
+ sslSocket.bind(localaddr);
+ sslSocket.connect(remoteaddr, timeout);
}
- return socket;
+ sslSocket.setEnabledCipherSuites(ENABLED_CS);
+ return sslSocket;
} catch (Exception ex) {
log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$
if (ex instanceof IOException) {
@@ -166,7 +174,7 @@ public class TrustedSocketFactory implements SecureProtocolSocketFactory {
boolean autoClose) throws IOException, UnknownHostException {
try {
SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(socket, host, port, autoClose);
-
+ sslSocket.setEnabledCipherSuites(ENABLED_CS);
return sslSocket;
} catch (Exception ex) {
log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$