Examples with SSLContext - javax.net.ssl.SSLContext

Example 41 with SSLContext

use of javax.net.ssl.SSLContext in project cassandra by apache.

the class SSLFactory method createSSLContext.

@SuppressWarnings("resource")
public static SSLContext createSSLContext(EncryptionOptions options, boolean buildTruststore) throws IOException {
    FileInputStream tsf = null;
    FileInputStream ksf = null;
    SSLContext ctx;
    try {
        ctx = SSLContext.getInstance(options.protocol);
        TrustManager[] trustManagers = null;
        if (buildTruststore) {
            tsf = new FileInputStream(options.truststore);
            TrustManagerFactory tmf = TrustManagerFactory.getInstance(options.algorithm);
            KeyStore ts = KeyStore.getInstance(options.store_type);
            ts.load(tsf, options.truststore_password.toCharArray());
            tmf.init(ts);
            trustManagers = tmf.getTrustManagers();
        }
        ksf = new FileInputStream(options.keystore);
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(options.algorithm);
        KeyStore ks = KeyStore.getInstance(options.store_type);
        ks.load(ksf, options.keystore_password.toCharArray());
        if (!checkedExpiry) {
            for (Enumeration<String> aliases = ks.aliases(); aliases.hasMoreElements(); ) {
                String alias = aliases.nextElement();
                if (ks.getCertificate(alias).getType().equals("X.509")) {
                    Date expires = ((X509Certificate) ks.getCertificate(alias)).getNotAfter();
                    if (expires.before(new Date()))
                        logger.warn("Certificate for {} expired on {}", alias, expires);
                }
            }
            checkedExpiry = true;
        }
        kmf.init(ks, options.keystore_password.toCharArray());
        ctx.init(kmf.getKeyManagers(), trustManagers, null);
    } catch (Exception e) {
        throw new IOException("Error creating the initializing the SSL Context", e);
    } finally {
        FileUtils.closeQuietly(tsf);
        FileUtils.closeQuietly(ksf);
    }
    return ctx;
}

Also used : SSLContext(javax.net.ssl.SSLContext) IOException(java.io.IOException) KeyStore(java.security.KeyStore) FileInputStream(java.io.FileInputStream) Date(java.util.Date) X509Certificate(java.security.cert.X509Certificate) IOException(java.io.IOException) TrustManager(javax.net.ssl.TrustManager) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) TrustManagerFactory(javax.net.ssl.TrustManagerFactory)

Example 42 with SSLContext

use of javax.net.ssl.SSLContext in project NoHttp by yanzhenjie.

the class HttpsActivity method httpsVerify.

/**
     * Https请求，带证书。
     */
private void httpsVerify() {
    Request<String> httpsRequest = NoHttp.createStringRequest("https://kyfw.12306.cn/otn/", RequestMethod.GET);
    SSLContext sslContext = SSLContextUtil.getSSLContext();
    // 主要是需要一个SocketFactory对象，这个对象是java通用的，具体用法还请Google、Baidu。
    if (sslContext != null)
        httpsRequest.setSSLSocketFactory(sslContext.getSocketFactory());
    request(0, httpsRequest, this, false, true);
}

Also used : SSLContext(javax.net.ssl.SSLContext)

Example 43 with SSLContext

use of javax.net.ssl.SSLContext in project xUtils3 by wyouflf.

the class DefaultParamsBuilder method getTrustAllSSLSocketFactory.

public static SSLSocketFactory getTrustAllSSLSocketFactory() {
    if (trustAllSSlSocketFactory == null) {
        synchronized (DefaultParamsBuilder.class) {
            if (trustAllSSlSocketFactory == null) {
                // 信任所有证书
                TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

                    @Override
                    public X509Certificate[] getAcceptedIssuers() {
                        return null;
                    }

                    @Override
                    public void checkClientTrusted(X509Certificate[] certs, String authType) {
                    }

                    @Override
                    public void checkServerTrusted(X509Certificate[] certs, String authType) {
                    }
                } };
                try {
                    SSLContext sslContext = SSLContext.getInstance("TLS");
                    sslContext.init(null, trustAllCerts, null);
                    trustAllSSlSocketFactory = sslContext.getSocketFactory();
                } catch (Throwable ex) {
                    LogUtil.e(ex.getMessage(), ex);
                }
            }
        }
    }
    return trustAllSSlSocketFactory;
}

Also used : X509TrustManager(javax.net.ssl.X509TrustManager) SSLContext(javax.net.ssl.SSLContext) X509Certificate(java.security.cert.X509Certificate) X509TrustManager(javax.net.ssl.X509TrustManager) TrustManager(javax.net.ssl.TrustManager)

Example 44 with SSLContext

use of javax.net.ssl.SSLContext in project zaproxy by zaproxy.

the class RelaxedX509TrustManager method getTunnelSSLSocketFactory.

// ZAP: added new ServerSocketFaktory with support of dynamic SSL certificates
public SSLSocketFactory getTunnelSSLSocketFactory(String hostname) {
    //	KeyStore ks;
    try {
        SSLContext ctx = SSLContext.getInstance(SSL);
        // Normally "SunX509", "IbmX509"...
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        SslCertificateService scs = CachedSslCertifificateServiceImpl.getService();
        KeyStore ks = scs.createCertForHost(hostname);
        kmf.init(ks, SslCertificateService.PASSPHRASE);
        java.security.SecureRandom x = new java.security.SecureRandom();
        x.setSeed(System.currentTimeMillis());
        ctx.init(kmf.getKeyManagers(), null, x);
        SSLSocketFactory tunnelSSLFactory = createDecoratedServerSslSocketFactory(ctx.getSocketFactory());
        return tunnelSSLFactory;
    } catch (NoSuchAlgorithmException | KeyStoreException | CertificateException | UnrecoverableKeyException | KeyManagementException | InvalidKeyException | NoSuchProviderException | SignatureException | IOException e) {
        // friendly way?
        throw new RuntimeException(e);
    }
}

Also used : SslCertificateService(org.parosproxy.paros.security.SslCertificateService) CertificateException(java.security.cert.CertificateException) SSLContext(javax.net.ssl.SSLContext) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyStoreException(java.security.KeyStoreException) SignatureException(java.security.SignatureException) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException) KeyStore(java.security.KeyStore) KeyManagementException(java.security.KeyManagementException) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) UnrecoverableKeyException(java.security.UnrecoverableKeyException) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) NoSuchProviderException(java.security.NoSuchProviderException)

Example 45 with SSLContext

use of javax.net.ssl.SSLContext in project zaproxy by zaproxy.

the class RelaxedX509TrustManager method getClientSocketFactory.

public SSLSocketFactory getClientSocketFactory(String type) {
    // Trust all invalid server certificate
    TrustManager[] trustMgr = new TrustManager[] { new RelaxedX509TrustManager() };
    try {
        SSLContext sslContext = SSLContext.getInstance(type);
        java.security.SecureRandom x = new java.security.SecureRandom();
        x.setSeed(System.currentTimeMillis());
        if (relaxedTrust) {
            sslContext.init(null, trustMgr, x);
        } else {
            sslContext.init(null, null, x);
        }
        clientSSLSockFactory = createDecoratedClientSslSocketFactory(sslContext.getSocketFactory());
        HttpsURLConnection.setDefaultSSLSocketFactory(clientSSLSockFactory);
    } catch (Exception e) {
        logger.error(e.getMessage(), e);
    }
    return clientSSLSockFactory;
}

Also used : SSLContext(javax.net.ssl.SSLContext) KeyStoreException(java.security.KeyStoreException) ConnectTimeoutException(org.apache.commons.httpclient.ConnectTimeoutException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) SignatureException(java.security.SignatureException) IOException(java.io.IOException) KeyManagementException(java.security.KeyManagementException) CertificateException(java.security.cert.CertificateException) UnknownHostException(java.net.UnknownHostException) SSLException(javax.net.ssl.SSLException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) NoSuchProviderException(java.security.NoSuchProviderException) TrustManager(javax.net.ssl.TrustManager) X509ExtendedTrustManager(javax.net.ssl.X509ExtendedTrustManager)

Aggregations

SSLContext (javax.net.ssl.SSLContext)745 IOException (java.io.IOException)171 TrustManager (javax.net.ssl.TrustManager)139 KeyStore (java.security.KeyStore)130 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)112 SecureRandom (java.security.SecureRandom)110 X509TrustManager (javax.net.ssl.X509TrustManager)107 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)106 KeyManagementException (java.security.KeyManagementException)92 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)92 CertificateException (java.security.cert.CertificateException)84 X509Certificate (java.security.cert.X509Certificate)84 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)69 Test (org.junit.Test)65 SSLSocket (javax.net.ssl.SSLSocket)64 InputStream (java.io.InputStream)59 FileInputStream (java.io.FileInputStream)56 SSLEngine (javax.net.ssl.SSLEngine)54 KeyManager (javax.net.ssl.KeyManager)52 KeyStoreException (java.security.KeyStoreException)45