Examples with HostnameVerifier javax.net.ssl.HostnameVerifier used on opensource projects

Search in sources :

Example 11 with HostnameVerifier

use of javax.net.ssl.HostnameVerifier in project platformlayer by platformlayer.

the class PlatformLayerAuthAdminClient method build.

public static AuthenticationTokenValidator build(HttpStrategy httpStrategy, Configuration configuration, EncryptionStore encryptionStore) throws OpsException {
    String keystoneServiceUrl = configuration.lookup("auth.system.url", "https://127.0.0.1:" + WellKnownPorts.PORT_PLATFORMLAYER_AUTH_ADMIN + "/");
    String cert = configuration.get("auth.system.tls.clientcert");
    CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey(cert);
    HostnameVerifier hostnameVerifier = null;
    KeyManager keyManager = new SimpleClientCertificateKeyManager(certificateAndKey);
    TrustManager trustManager = null;
    String trustKeys = configuration.lookup("auth.system.ssl.keys", null);
    if (trustKeys != null) {
        trustManager = new PublicKeyTrustManager(Splitter.on(',').trimResults().split(trustKeys));
        hostnameVerifier = new AcceptAllHostnameVerifier();
    }
    if (log.isDebugEnabled() && certificateAndKey != null) {
        X509Certificate[] chain = certificateAndKey.getCertificateChain();
        log.debug("Using client cert for PL auth: " + Joiner.on(",").join(chain));
    }
    SslConfiguration sslConfiguration = new SslConfiguration(keyManager, trustManager, hostnameVerifier);
    RestfulClient restfulClient = new JreRestfulClient(httpStrategy, keystoneServiceUrl, sslConfiguration);
    AuthenticationTokenValidator tokenValidator = new PlatformLayerAuthAdminClient(restfulClient);
    tokenValidator = new CachingAuthenticationTokenValidator(tokenValidator);
    return tokenValidator;
}
Also used : SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) AuthenticationTokenValidator(org.platformlayer.auth.AuthenticationTokenValidator) RestfulClient(org.platformlayer.rest.RestfulClient) JreRestfulClient(org.platformlayer.rest.JreRestfulClient) X509Certificate(java.security.cert.X509Certificate) AcceptAllHostnameVerifier(com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier) TrustManager(javax.net.ssl.TrustManager) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) AcceptAllHostnameVerifier(com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier) JreRestfulClient(org.platformlayer.rest.JreRestfulClient) SslConfiguration(org.platformlayer.http.SslConfiguration) CertificateAndKey(com.fathomdb.crypto.CertificateAndKey) SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) KeyManager(javax.net.ssl.KeyManager)

Example 12 with HostnameVerifier

use of javax.net.ssl.HostnameVerifier in project robovm by robovm.

the class URLConnectionTest method testHttpsWithCustomTrustManager.

public void testHttpsWithCustomTrustManager() throws Exception {
    RecordingHostnameVerifier hostnameVerifier = new RecordingHostnameVerifier();
    RecordingTrustManager trustManager = new RecordingTrustManager();
    SSLContext sc = SSLContext.getInstance("TLS");
    sc.init(null, new TrustManager[] { trustManager }, new java.security.SecureRandom());
    HostnameVerifier defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
    HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
    SSLSocketFactory defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    try {
        TestSSLContext testSSLContext = TestSSLContext.create();
        server.useHttps(testSSLContext.serverContext.getSocketFactory(), false);
        server.enqueue(new MockResponse().setBody("ABC"));
        server.enqueue(new MockResponse().setBody("DEF"));
        server.enqueue(new MockResponse().setBody("GHI"));
        server.play();
        URL url = server.getUrl("/");
        assertEquals("ABC", readAscii(url.openStream(), Integer.MAX_VALUE));
        assertEquals("DEF", readAscii(url.openStream(), Integer.MAX_VALUE));
        assertEquals("GHI", readAscii(url.openStream(), Integer.MAX_VALUE));
        assertEquals(Arrays.asList("verify " + hostName), hostnameVerifier.calls);
        assertEquals(Arrays.asList("checkServerTrusted [" + "CN=" + hostName + " 1, " + "CN=Test Intermediate Certificate Authority 1, " + "CN=Test Root Certificate Authority 1" + "] RSA"), trustManager.calls);
    } finally {
        HttpsURLConnection.setDefaultHostnameVerifier(defaultHostnameVerifier);
        HttpsURLConnection.setDefaultSSLSocketFactory(defaultSSLSocketFactory);
    }
}
Also used : MockResponse(com.google.mockwebserver.MockResponse) SSLContext(javax.net.ssl.SSLContext) TestSSLContext(libcore.javax.net.ssl.TestSSLContext) TestSSLContext(libcore.javax.net.ssl.TestSSLContext) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) URL(java.net.URL) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Example 13 with HostnameVerifier

use of javax.net.ssl.HostnameVerifier in project robovm by robovm.

the class HttpsHandler method newOkHttpClient.

@Override
protected OkHttpClient newOkHttpClient(Proxy proxy) {
    OkHttpClient client = super.newOkHttpClient(proxy);
    client.setTransports(ENABLED_TRANSPORTS);
    HostnameVerifier verifier = HttpsURLConnection.getDefaultHostnameVerifier();
    // default verifier.
    if (!(verifier instanceof DefaultHostnameVerifier)) {
        client.setHostnameVerifier(verifier);
    }
    return client;
}
Also used : DefaultHostnameVerifier(javax.net.ssl.DefaultHostnameVerifier) DefaultHostnameVerifier(javax.net.ssl.DefaultHostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Example 14 with HostnameVerifier

use of javax.net.ssl.HostnameVerifier in project robovm by robovm.

the class HostnameVerifierTest method testSubjectAlt.

public void testSubjectAlt() throws Exception {
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    InputStream in = new ByteArrayInputStream(X509_MULTIPLE_SUBJECT_ALT);
    X509Certificate x509 = (X509Certificate) cf.generateCertificate(in);
    mySSLSession session = new mySSLSession(new X509Certificate[] { x509 });
    HostnameVerifier verifier = HttpsURLConnection.getDefaultHostnameVerifier();
    assertEquals(new X500Principal("CN=localhost"), x509.getSubjectX500Principal());
    assertTrue(verifier.verify("localhost", session));
    assertTrue(verifier.verify("localhost.localdomain", session));
    assertFalse(verifier.verify("local.host", session));
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) X500Principal(javax.security.auth.x500.X500Principal) org.apache.harmony.xnet.tests.support.mySSLSession(org.apache.harmony.xnet.tests.support.mySSLSession) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Example 15 with HostnameVerifier

use of javax.net.ssl.HostnameVerifier in project robovm by robovm.

the class HostnameVerifierTest method testSubjectAltName.

public void testSubjectAltName() throws Exception {
    /*
         * $ cat ./cert.cnf
         * [req]
         * distinguished_name=distinguished_name
         * req_extensions=req_extensions
         * x509_extensions=x509_extensions
         * [distinguished_name]
         * [req_extensions]
         * [x509_extensions]
         * subjectAltName=DNS:bar.com,DNS:baz.com
         *
         * $ openssl req -x509 -nodes -days 36500 -subj '/CN=foo.com' -config ./cert.cnf \
         *     -newkey rsa:512 -out cert.pem
         */
    String cert = "-----BEGIN CERTIFICATE-----\n" + "MIIBPTCB6KADAgECAgkA7zoHaaqNGHQwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UE\n" + "AxMHZm9vLmNvbTAgFw0xMDEyMjAxODM5MzZaGA8yMTEwMTEyNjE4MzkzNlowEjEQ\n" + "MA4GA1UEAxMHZm9vLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC+gmoSxF+8\n" + "hbV+rgRQqHIJd50216OWQJbU3BvdlPbca779NYO4+UZWTFdBM8BdQqs3H4B5Agvp\n" + "y7HeSff1F7XRAgMBAAGjHzAdMBsGA1UdEQQUMBKCB2Jhci5jb22CB2Jhei5jb20w\n" + "DQYJKoZIhvcNAQEFBQADQQBXpZZPOY2Dy1lGG81JTr8L4or9jpKacD7n51eS8iqI\n" + "oTznPNuXHU5bFN0AAGX2ij47f/EahqTpo5RdS95P4sVm\n" + "-----END CERTIFICATE-----";
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    InputStream in = new ByteArrayInputStream(cert.getBytes("UTF-8"));
    X509Certificate x509 = (X509Certificate) cf.generateCertificate(in);
    mySSLSession session = new mySSLSession(new X509Certificate[] { x509 });
    HostnameVerifier verifier = HttpsURLConnection.getDefaultHostnameVerifier();
    assertFalse(verifier.verify("foo.com", session));
    assertTrue(verifier.verify("bar.com", session));
    assertTrue(verifier.verify("baz.com", session));
    assertFalse(verifier.verify("a.foo.com", session));
    assertFalse(verifier.verify("quux.com", session));
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) org.apache.harmony.xnet.tests.support.mySSLSession(org.apache.harmony.xnet.tests.support.mySSLSession) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Aggregations

HostnameVerifier (javax.net.ssl.HostnameVerifier)94 SSLSession (javax.net.ssl.SSLSession)41 SSLContext (javax.net.ssl.SSLContext)30 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)27 HttpsURLConnection (javax.net.ssl.HttpsURLConnection)24 TrustManager (javax.net.ssl.TrustManager)19 IOException (java.io.IOException)18 URL (java.net.URL)18 X509Certificate (java.security.cert.X509Certificate)17 X509TrustManager (javax.net.ssl.X509TrustManager)17 Test (org.junit.Test)16 HttpURLConnection (java.net.HttpURLConnection)14 SecureRandom (java.security.SecureRandom)14 InputStream (java.io.InputStream)12 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)10 CertificateException (java.security.cert.CertificateException)10 SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)10 KeyManagementException (java.security.KeyManagementException)9 ConnectionSocketFactory (org.apache.http.conn.socket.ConnectionSocketFactory)9 ByteArrayInputStream (java.io.ByteArrayInputStream)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial