From e2ab585fc4cfc165dc02ea9142f33dd308979e49 Mon Sep 17 00:00:00 2001
From: Jakob Heher <jakob.heher@iaik.tugraz.at>
Date: Mon, 3 Oct 2022 17:36:36 +0200
Subject: start untangling BKU handler from GUI logic

---
 .../gui/bku/OLDmobile/TrustedSocketFactory.java    | 191 +++++++++++++++++++++
 1 file changed, 191 insertions(+)
 create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/OLDmobile/TrustedSocketFactory.java

(limited to 'pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/OLDmobile/TrustedSocketFactory.java')

diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/OLDmobile/TrustedSocketFactory.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/OLDmobile/TrustedSocketFactory.java
new file mode 100644
index 00000000..e6402a9d
--- /dev/null
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/OLDmobile/TrustedSocketFactory.java
@@ -0,0 +1,191 @@
+/*
+ * Copyright 2012 by A-SIT, Secure Information Technology Center Austria
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://joinup.ec.europa.eu/software/page/eupl
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ */
+package at.asit.pdfover.gui.bku.OLDmobile;
+
+// Imports
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.net.SocketAddress;
+import java.net.UnknownHostException;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+
+import org.apache.commons.httpclient.ConnectTimeoutException;
+import org.apache.commons.httpclient.params.HttpConnectionParams;
+import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.asit.pdfover.commons.Messages;
+
+/**
+ *
+ */
+public class TrustedSocketFactory implements SecureProtocolSocketFactory {
+	/**
+	 * SLF4J Logger instance
+	 **/
+	private static final Logger log = LoggerFactory.getLogger(TrustedSocketFactory.class);
+
+	private static final String ENABLED_CS[] = {
+		"TLS_RSA_WITH_AES_128_CBC_SHA",
+		"SSL_RSA_WITH_RC4_128_SHA",
+		"SSL_RSA_WITH_3DES_EDE_CBC_SHA",
+		"SSL_RSA_WITH_RC4_128_MD5"
+	};
+
+	private static SSLSocketFactory getFactory() throws NoSuchAlgorithmException,
+			KeyManagementException, Exception {
+		SSLContext sslContext = SSLContext.getInstance("TLS");
+		sslContext.init(null, new TrustManager[] { new SimpleXMLTrustManager() },
+				new java.security.SecureRandom());
+
+		return sslContext.getSocketFactory();
+	}
+
+	/*
+	 * (non-Javadoc)
+	 *
+	 * @see
+	 * org.apache.commons.httpclient.protocol.ProtocolSocketFactory#createSocket
+	 * (java.lang.String, int)
+	 */
+	@Override
+	public Socket createSocket(String host, int port) throws IOException,
+			UnknownHostException {
+		try {
+			SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(host,
+					port);
+			sslSocket.setEnabledCipherSuites(ENABLED_CS);
+			return sslSocket;
+		} catch (Exception ex) {
+			log.error("TrustedSocketFactory: ", ex);
+			if (ex instanceof IOException) {
+				throw (IOException) ex;
+			} else if (ex instanceof UnknownHostException) {
+				throw (UnknownHostException) ex;
+			} else {
+				throw new IOException(
+						Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex);
+			}
+		}
+	}
+
+	/*
+	 * (non-Javadoc)
+	 *
+	 * @see
+	 * org.apache.commons.httpclient.protocol.ProtocolSocketFactory#createSocket
+	 * (java.lang.String, int, java.net.InetAddress, int)
+	 */
+	@Override
+	public Socket createSocket(String host, int port, InetAddress clientHost,
+			int clientPort) throws IOException, UnknownHostException {
+		try {
+			SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(host,
+					port, clientHost, clientPort);
+			sslSocket.setEnabledCipherSuites(ENABLED_CS);
+			return sslSocket;
+		} catch (Exception ex) {
+			log.error("TrustedSocketFactory: ", ex);
+			if (ex instanceof IOException) {
+				throw (IOException) ex;
+			} else if (ex instanceof UnknownHostException) {
+				throw (UnknownHostException) ex;
+			} else {
+				throw new IOException(
+						Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex);
+			}
+		}
+	}
+
+	/*
+	 * (non-Javadoc)
+	 *
+	 * @see
+	 * org.apache.commons.httpclient.protocol.ProtocolSocketFactory#createSocket
+	 * (java.lang.String, int, java.net.InetAddress, int,
+	 * org.apache.commons.httpclient.params.HttpConnectionParams)
+	 */
+	@Override
+	public Socket createSocket(String host, int port, InetAddress clientHost,
+			int clientPort, HttpConnectionParams params) throws IOException,
+			UnknownHostException, ConnectTimeoutException {
+		try {
+			if (params == null) {
+				throw new IllegalArgumentException("Parameters may not be null");
+			}
+			int timeout = params.getConnectionTimeout();
+			SSLSocket sslSocket = null;
+
+			SSLSocketFactory socketfactory = getFactory();
+			if (timeout == 0) {
+				sslSocket = (SSLSocket) socketfactory.createSocket(host, port, clientHost,
+						clientPort);
+			} else {
+				sslSocket = (SSLSocket) socketfactory.createSocket();
+				SocketAddress localaddr = new InetSocketAddress(clientHost,
+						clientPort);
+				SocketAddress remoteaddr = new InetSocketAddress(host, port);
+				sslSocket.bind(localaddr);
+				sslSocket.connect(remoteaddr, timeout);
+			}
+			sslSocket.setEnabledCipherSuites(ENABLED_CS);
+			return sslSocket;
+		} catch (Exception ex) {
+			log.error("TrustedSocketFactory: ", ex);
+			if (ex instanceof IOException) {
+				throw (IOException) ex;
+			} else if (ex instanceof UnknownHostException) {
+				throw (UnknownHostException) ex;
+			} else {
+				throw new IOException(
+						Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex);
+			}
+		}
+	}
+
+	/* (non-Javadoc)
+	 * @see org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory#createSocket(java.net.Socket, java.lang.String, int, boolean)
+	 */
+	@Override
+	public Socket createSocket(Socket socket, String host, int port,
+			boolean autoClose) throws IOException, UnknownHostException {
+		try {
+			SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(socket, host, port, autoClose);
+			sslSocket.setEnabledCipherSuites(ENABLED_CS);
+			return sslSocket;
+		} catch (Exception ex) {
+			log.error("TrustedSocketFactory: ", ex);
+			if (ex instanceof IOException) {
+				throw (IOException) ex;
+			} else if (ex instanceof UnknownHostException) {
+				throw (UnknownHostException) ex;
+			} else {
+				throw new IOException(
+						Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex);
+			}
+		}
+	}
+
+}
-- 
cgit v1.2.3