Examples with HostnameVerifier javax.net.ssl.HostnameVerifier used on opensource projects

Search in sources :

Example 66 with HostnameVerifier

use of javax.net.ssl.HostnameVerifier in project robovm by robovm.

the class HostnameVerifierTest method testWildcardsDoesNotNeedTwoDots.

/**
     * Earlier implementations of Android's hostname verifier required that
     * wildcard names wouldn't match "*.com" or similar. This was a nonstandard
     * check that we've since dropped. It is the CA's responsibility to not hand
     * out certificates that match so broadly.
     */
public void testWildcardsDoesNotNeedTwoDots() throws Exception {
    // openssl req -x509 -nodes -days 36500 -subj '/CN=*.com' -newkey rsa:512 -out cert.pem
    String cert = "-----BEGIN CERTIFICATE-----\n" + "MIIBjDCCATagAwIBAgIJAOVulXCSu6HuMA0GCSqGSIb3DQEBBQUAMBAxDjAMBgNV\n" + "BAMUBSouY29tMCAXDTEwMTIyMDE2NDkzOFoYDzIxMTAxMTI2MTY0OTM4WjAQMQ4w\n" + "DAYDVQQDFAUqLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDJd8xqni+h7Iaz\n" + "ypItivs9kPuiJUqVz+SuJ1C05SFc3PmlRCvwSIfhyD67fHcbMdl+A/LrIjhhKZJe\n" + "1joO0+pFAgMBAAGjcTBvMB0GA1UdDgQWBBS4Iuzf5w8JdCp+EtBfdFNudf6+YzBA\n" + "BgNVHSMEOTA3gBS4Iuzf5w8JdCp+EtBfdFNudf6+Y6EUpBIwEDEOMAwGA1UEAxQF\n" + "Ki5jb22CCQDlbpVwkruh7jAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA0EA\n" + "U6LFxmZr31lFyis2/T68PpjAppc0DpNQuA2m/Y7oTHBDi55Fw6HVHCw3lucuWZ5d\n" + "qUYo4ES548JdpQtcLrW2sA==\n" + "-----END CERTIFICATE-----";
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    InputStream in = new ByteArrayInputStream(cert.getBytes("UTF-8"));
    X509Certificate x509 = (X509Certificate) cf.generateCertificate(in);
    mySSLSession session = new mySSLSession(new X509Certificate[] { x509 });
    HostnameVerifier verifier = HttpsURLConnection.getDefaultHostnameVerifier();
    assertTrue(verifier.verify("google.com", session));
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) org.apache.harmony.xnet.tests.support.mySSLSession(org.apache.harmony.xnet.tests.support.mySSLSession) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Example 67 with HostnameVerifier

use of javax.net.ssl.HostnameVerifier in project robovm by robovm.

the class HostnameVerifierTest method testWildcardsCannotMatchIpAddresses.

public void testWildcardsCannotMatchIpAddresses() throws Exception {
    // openssl req -x509 -nodes -days 36500 -subj '/CN=*.0.0.1' -newkey rsa:512 -out cert.pem
    String cert = "-----BEGIN CERTIFICATE-----\n" + "MIIBkjCCATygAwIBAgIJAMdemqOwd/BEMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNV\n" + "BAMUByouMC4wLjEwIBcNMTAxMjIwMTY0NDI1WhgPMjExMDExMjYxNjQ0MjVaMBIx\n" + "EDAOBgNVBAMUByouMC4wLjEwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAqY8c9Qrt\n" + "YPWCvb7lclI+aDHM6fgbJcHsS9Zg8nUOh5dWrS7AgeA25wyaokFl4plBbbHQe2j+\n" + "cCjsRiJIcQo9HwIDAQABo3MwcTAdBgNVHQ4EFgQUJ436TZPJvwCBKklZZqIvt1Yt\n" + "JjEwQgYDVR0jBDswOYAUJ436TZPJvwCBKklZZqIvt1YtJjGhFqQUMBIxEDAOBgNV\n" + "BAMUByouMC4wLjGCCQDHXpqjsHfwRDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB\n" + "BQUAA0EAk9i88xdjWoewqvE+iMC9tD2obMchgFDaHH0ogxxiRaIKeEly3g0uGxIt\n" + "fl2WRY8hb4x+zRrwsFaLEpdEvqcjOQ==\n" + "-----END CERTIFICATE-----";
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    InputStream in = new ByteArrayInputStream(cert.getBytes("UTF-8"));
    X509Certificate x509 = (X509Certificate) cf.generateCertificate(in);
    mySSLSession session = new mySSLSession(new X509Certificate[] { x509 });
    HostnameVerifier verifier = HttpsURLConnection.getDefaultHostnameVerifier();
    assertFalse(verifier.verify("127.0.0.1", session));
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) org.apache.harmony.xnet.tests.support.mySSLSession(org.apache.harmony.xnet.tests.support.mySSLSession) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Example 68 with HostnameVerifier

use of javax.net.ssl.HostnameVerifier in project robovm by robovm.

the class HostnameVerifierTest method testVerify.

// copied and modified from apache http client test suite.
public void testVerify() throws Exception {
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    InputStream in;
    X509Certificate x509;
    in = new ByteArrayInputStream(X509_FOO);
    x509 = (X509Certificate) cf.generateCertificate(in);
    mySSLSession session = new mySSLSession(new X509Certificate[] { x509 });
    HostnameVerifier verifier = HttpsURLConnection.getDefaultHostnameVerifier();
    assertTrue(verifier.verify("foo.com", session));
    assertFalse(verifier.verify("a.foo.com", session));
    assertFalse(verifier.verify("bar.com", session));
    in = new ByteArrayInputStream(X509_HANAKO);
    x509 = (X509Certificate) cf.generateCertificate(in);
    session = new mySSLSession(new X509Certificate[] { x509 });
    assertTrue(verifier.verify("花子.co.jp", session));
    assertFalse(verifier.verify("a.花子.co.jp", session));
    in = new ByteArrayInputStream(X509_FOO_BAR);
    x509 = (X509Certificate) cf.generateCertificate(in);
    session = new mySSLSession(new X509Certificate[] { x509 });
    assertFalse(verifier.verify("foo.com", session));
    assertFalse(verifier.verify("a.foo.com", session));
    assertTrue(verifier.verify("bar.com", session));
    assertFalse(verifier.verify("a.bar.com", session));
    in = new ByteArrayInputStream(X509_FOO_BAR_HANAKO);
    x509 = (X509Certificate) cf.generateCertificate(in);
    session = new mySSLSession(new X509Certificate[] { x509 });
    assertTrue(verifier.verify("foo.com", session));
    assertFalse(verifier.verify("a.foo.com", session));
    // these checks test alternative subjects. The test data contains an
    // alternative subject starting with a japanese kanji character. This is
    // not supported by Android because the underlying implementation from
    // harmony follows the definition from rfc 1034 page 10 for alternative
    // subject names. This causes the code to drop all alternative subjects.
    // assertTrue(verifier.verify("bar.com", session));
    // assertFalse(verifier.verify("a.bar.com", session));
    // assertFalse(verifier.verify("a.花子.co.jp", session));
    in = new ByteArrayInputStream(X509_NO_CNS_FOO);
    x509 = (X509Certificate) cf.generateCertificate(in);
    session = new mySSLSession(new X509Certificate[] { x509 });
    assertTrue(verifier.verify("foo.com", session));
    assertFalse(verifier.verify("a.foo.com", session));
    in = new ByteArrayInputStream(X509_NO_CNS_FOO);
    x509 = (X509Certificate) cf.generateCertificate(in);
    session = new mySSLSession(new X509Certificate[] { x509 });
    assertTrue(verifier.verify("foo.com", session));
    assertFalse(verifier.verify("a.foo.com", session));
    in = new ByteArrayInputStream(X509_THREE_CNS_FOO_BAR_HANAKO);
    x509 = (X509Certificate) cf.generateCertificate(in);
    session = new mySSLSession(new X509Certificate[] { x509 });
    assertFalse(verifier.verify("foo.com", session));
    assertFalse(verifier.verify("a.foo.com", session));
    assertFalse(verifier.verify("bar.com", session));
    assertFalse(verifier.verify("a.bar.com", session));
    assertTrue(verifier.verify("花子.co.jp", session));
    assertFalse(verifier.verify("a.花子.co.jp", session));
    in = new ByteArrayInputStream(X509_WILD_FOO);
    x509 = (X509Certificate) cf.generateCertificate(in);
    session = new mySSLSession(new X509Certificate[] { x509 });
    assertTrue(verifier.verify("foo.com", session));
    assertTrue(verifier.verify("www.foo.com", session));
    assertTrue(verifier.verify("花子.foo.com", session));
    assertFalse(verifier.verify("a.b.foo.com", session));
    in = new ByteArrayInputStream(X509_WILD_CO_JP);
    x509 = (X509Certificate) cf.generateCertificate(in);
    session = new mySSLSession(new X509Certificate[] { x509 });
    assertTrue(verifier.verify("foo.co.jp", session));
    assertTrue(verifier.verify("花子.co.jp", session));
    in = new ByteArrayInputStream(X509_WILD_FOO_BAR_HANAKO);
    x509 = (X509Certificate) cf.generateCertificate(in);
    session = new mySSLSession(new X509Certificate[] { x509 });
    // try the foo.com variations
    assertTrue(verifier.verify("foo.com", session));
    assertTrue(verifier.verify("www.foo.com", session));
    assertTrue(verifier.verify("花子.foo.com", session));
    assertFalse(verifier.verify("a.b.foo.com", session));
// these checks test alternative subjects. The test data contains an
// alternative subject starting with a japanese kanji character. This is
// not supported by Android because the underlying implementation from
// harmony follows the definition from rfc 1034 page 10 for alternative
// subject names. This causes the code to drop all alternative subjects.
// assertFalse(verifier.verify("bar.com", session));
// assertTrue(verifier.verify("www.bar.com", session));
// assertTrue(verifier.verify("花子.bar.com", session));
// assertTrue(verifier.verify("a.b.bar.com", session));
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) org.apache.harmony.xnet.tests.support.mySSLSession(org.apache.harmony.xnet.tests.support.mySSLSession) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Example 69 with HostnameVerifier

use of javax.net.ssl.HostnameVerifier in project robovm by robovm.

the class myHostnameVerifier method test_getHostnameVerifier.

/**
     * javax.net.ssl.HttpsURLConnection#getHostnameVerifier()
     */
public final void test_getHostnameVerifier() throws Exception {
    HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"));
    HostnameVerifier verifyer = con.getHostnameVerifier();
    assertNotNull("Hostname verifyer is null", verifyer);
    assertEquals("Incorrect value of hostname verirfyer", HttpsURLConnection.getDefaultHostnameVerifier(), verifyer);
}
Also used : HttpsURLConnection(javax.net.ssl.HttpsURLConnection) URL(java.net.URL) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Example 70 with HostnameVerifier

use of javax.net.ssl.HostnameVerifier in project phonegap-facebook-plugin by Wizcorp.

the class HttpEngine method connect.

/** Connect to the origin server either directly or via a proxy. */
protected final void connect() throws IOException {
    if (connection != null) {
        return;
    }
    if (routeSelector == null) {
        String uriHost = uri.getHost();
        if (uriHost == null) {
            throw new UnknownHostException(uri.toString());
        }
        SSLSocketFactory sslSocketFactory = null;
        HostnameVerifier hostnameVerifier = null;
        if (uri.getScheme().equalsIgnoreCase("https")) {
            sslSocketFactory = policy.sslSocketFactory;
            hostnameVerifier = policy.hostnameVerifier;
        }
        Address address = new Address(uriHost, getEffectivePort(uri), sslSocketFactory, hostnameVerifier, policy.requestedProxy);
        routeSelector = new RouteSelector(address, uri, policy.proxySelector, policy.connectionPool, Dns.DEFAULT, policy.getFailedRoutes());
    }
    connection = routeSelector.next();
    if (!connection.isConnected()) {
        connection.connect(policy.getConnectTimeout(), policy.getReadTimeout(), getTunnelConfig());
        policy.connectionPool.maybeShare(connection);
        policy.getFailedRoutes().remove(connection.getRoute());
    }
    connected(connection);
    if (connection.getRoute().getProxy() != policy.requestedProxy) {
        // Update the request line if the proxy changed; it may need a host name.
        requestHeaders.getHeaders().setRequestLine(getRequestLine());
    }
}
Also used : UnknownHostException(java.net.UnknownHostException) Address(com.squareup.okhttp.Address) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Aggregations

HostnameVerifier (javax.net.ssl.HostnameVerifier)94 SSLSession (javax.net.ssl.SSLSession)41 SSLContext (javax.net.ssl.SSLContext)30 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)27 HttpsURLConnection (javax.net.ssl.HttpsURLConnection)24 TrustManager (javax.net.ssl.TrustManager)19 IOException (java.io.IOException)18 URL (java.net.URL)18 X509Certificate (java.security.cert.X509Certificate)17 X509TrustManager (javax.net.ssl.X509TrustManager)17 Test (org.junit.Test)16 HttpURLConnection (java.net.HttpURLConnection)14 SecureRandom (java.security.SecureRandom)14 InputStream (java.io.InputStream)12 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)10 CertificateException (java.security.cert.CertificateException)10 SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)10 KeyManagementException (java.security.KeyManagementException)9 ConnectionSocketFactory (org.apache.http.conn.socket.ConnectionSocketFactory)9 ByteArrayInputStream (java.io.ByteArrayInputStream)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial