Examples with X509CertImpl - sun.security.x509.X509CertImpl

Example 41 with X509CertImpl

use of sun.security.x509.X509CertImpl in project cloudstack by apache.

the class AprSocketWrapperImpl method upgradeToSsl.

@Override
public void upgradeToSsl() {
    try {
        long sslContext;
        try {
            sslContext = SSLContext.make(pool, SSL.SSL_PROTOCOL_TLSV1, SSL.SSL_MODE_CLIENT);
        } catch (Exception e) {
            throw new RuntimeException("Cannot create SSL context using Tomcat native library.", e);
        }
        SSLContext.setOptions(sslContext, SSL.SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS | SSL.SSL_OP_TLS_BLOCK_PADDING_BUG | SSL.SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER | SSL.SSL_OP_MSIE_SSLV2_RSA_PADDING);
        // FIXME: verify certificate by default
        SSLContext.setVerify(sslContext, SSL.SSL_CVERIFY_NONE, 0);
        int ret;
        try {
            ret = SSLSocket.attach(sslContext, socket);
        } catch (Exception e) {
            throw new RuntimeException("[" + this + "] ERROR: Cannot attach SSL context to socket: ", e);
        }
        if (ret != 0)
            throw new RuntimeException("[" + this + "] ERROR: Cannot attach SSL context to socket(" + ret + "): " + SSL.getLastError());
        try {
            ret = SSLSocket.handshake(socket);
        } catch (Exception e) {
            throw new RuntimeException("[" + this + "] ERROR: Cannot make SSL handshake with server: ", e);
        }
        if (// 20014: bad certificate signature FIXME: show prompt for self signed certificate
        ret != 0 && ret != 20014)
            throw new RuntimeException("[" + this + "] ERROR: Cannot make SSL handshake with server(" + ret + "): " + SSL.getLastError());
        try {
            byte[] key = SSLSocket.getInfoB(socket, SSL.SSL_INFO_CLIENT_CERT);
            //*DEBUG*/System.out.println("DEBUG: Server cert:\n"+new ByteBuffer(key).dump());
            sslState.serverCertificateSubjectPublicKeyInfo = new X509CertImpl(key).getPublicKey().getEncoded();
        } catch (Exception e) {
            throw new RuntimeException("[" + this + "] ERROR: Cannot get server public key: ", e);
        }
    } catch (RuntimeException e) {
        shutdown();
        throw e;
    }
}

Also used : X509CertImpl(sun.security.x509.X509CertImpl) IOException(java.io.IOException)

Aggregations

X509CertImpl (sun.security.x509.X509CertImpl)35 IOException (java.io.IOException)15 CertificateException (java.security.cert.CertificateException)15 CertPathValidatorException (java.security.cert.CertPathValidatorException)10 CertificateFactory (java.security.cert.CertificateFactory)7 X509Certificate (java.security.cert.X509Certificate)6 X500Name (sun.security.x509.X500Name)6 X509CertInfo (sun.security.x509.X509CertInfo)6 BigInteger (java.math.BigInteger)5 AlgorithmId (sun.security.x509.AlgorithmId)5 CertificateAlgorithmId (sun.security.x509.CertificateAlgorithmId)5 CRLException (java.security.cert.CRLException)4 CertificateSerialNumber (sun.security.x509.CertificateSerialNumber)4 CertificateValidity (sun.security.x509.CertificateValidity)4 CertificateVersion (sun.security.x509.CertificateVersion)4 CertificateX509Key (sun.security.x509.CertificateX509Key)4 GeneralName (sun.security.x509.GeneralName)4 PublicKey (java.security.PublicKey)3 CertificateParsingException (java.security.cert.CertificateParsingException)3 Date (java.util.Date)3