Search in sources :

Example 6 with SSLException

use of javax.net.ssl.SSLException in project netty by netty.

the class JdkSslServerContext method newSSLContext.

private static SSLContext newSSLContext(X509Certificate[] trustCertCollection, TrustManagerFactory trustManagerFactory, X509Certificate[] keyCertChain, PrivateKey key, String keyPassword, KeyManagerFactory keyManagerFactory, long sessionCacheSize, long sessionTimeout) throws SSLException {
    if (key == null && keyManagerFactory == null) {
        throw new NullPointerException("key, keyManagerFactory");
    }
    try {
        if (trustCertCollection != null) {
            trustManagerFactory = buildTrustManagerFactory(trustCertCollection, trustManagerFactory);
        }
        if (key != null) {
            keyManagerFactory = buildKeyManagerFactory(keyCertChain, key, keyPassword, keyManagerFactory);
        }
        // Initialize the SSLContext to work with our key managers.
        SSLContext ctx = SSLContext.getInstance(PROTOCOL);
        ctx.init(keyManagerFactory.getKeyManagers(), trustManagerFactory == null ? null : trustManagerFactory.getTrustManagers(), null);
        SSLSessionContext sessCtx = ctx.getServerSessionContext();
        if (sessionCacheSize > 0) {
            sessCtx.setSessionCacheSize((int) Math.min(sessionCacheSize, Integer.MAX_VALUE));
        }
        if (sessionTimeout > 0) {
            sessCtx.setSessionTimeout((int) Math.min(sessionTimeout, Integer.MAX_VALUE));
        }
        return ctx;
    } catch (Exception e) {
        if (e instanceof SSLException) {
            throw (SSLException) e;
        }
        throw new SSLException("failed to initialize the server-side SSL context", e);
    }
}
Also used : SSLSessionContext(javax.net.ssl.SSLSessionContext) SSLContext(javax.net.ssl.SSLContext) SSLException(javax.net.ssl.SSLException) SSLException(javax.net.ssl.SSLException)

Example 7 with SSLException

use of javax.net.ssl.SSLException in project XobotOS by xamarin.

the class TLSMessageProcessor method run.

/**
     * Run method for the thread that gets created for each accept socket.
     */
public void run() {
    // Accept new connectins on our socket.
    while (this.isRunning) {
        try {
            synchronized (this) {
                // This is the default behavior.
                while (sipStack.maxConnections != -1 && this.nConnections >= sipStack.maxConnections) {
                    try {
                        this.wait();
                        if (!this.isRunning)
                            return;
                    } catch (InterruptedException ex) {
                        break;
                    }
                }
                this.nConnections++;
            }
            Socket newsock = sock.accept();
            if (sipStack.isLoggingEnabled())
                sipStack.getStackLogger().logDebug("Accepting new connection!");
            // Note that for an incoming message channel, the
            // thread is already running
            incomingTlsMessageChannels.add(new TLSMessageChannel(newsock, sipStack, this));
        } catch (SocketException ex) {
            if (this.isRunning) {
                sipStack.getStackLogger().logError("Fatal - SocketException occured while Accepting connection", ex);
                this.isRunning = false;
                break;
            }
        } catch (SSLException ex) {
            this.isRunning = false;
            sipStack.getStackLogger().logError("Fatal - SSSLException occured while Accepting connection", ex);
            break;
        } catch (IOException ex) {
            // Problem accepting connection.
            sipStack.getStackLogger().logError("Problem Accepting Connection", ex);
            continue;
        } catch (Exception ex) {
            sipStack.getStackLogger().logError("Unexpected Exception!", ex);
        }
    }
}
Also used : IOException(java.io.IOException) SSLException(javax.net.ssl.SSLException) SSLServerSocket(javax.net.ssl.SSLServerSocket) SSLSocket(javax.net.ssl.SSLSocket) SSLException(javax.net.ssl.SSLException) IOException(java.io.IOException)

Example 8 with SSLException

use of javax.net.ssl.SSLException in project voltdb by VoltDB.

the class TLSHandshaker method handshake.

public boolean handshake() throws IOException {
    ByteBuffer txNetData = (ByteBuffer) ByteBuffer.allocate(m_appsz).clear();
    ByteBuffer clearData = (ByteBuffer) ByteBuffer.allocate(CipherExecutor.FRAME_SIZE).clear();
    SSLEngineResult result = null;
    m_eng.beginHandshake();
    HandshakeStatus status = m_eng.getHandshakeStatus();
    boolean isBlocked = m_sc.isBlocking();
    synchronized (m_sc.blockingLock()) {
        isBlocked = m_sc.isBlocking();
        if (isBlocked) {
            m_sc.configureBlocking(false);
        }
    }
    Selector selector = Selector.open();
    m_sc.register(selector, SelectionKey.OP_READ);
    try {
        while (status != HandshakeStatus.FINISHED && status != HandshakeStatus.NOT_HANDSHAKING) {
            switch(status) {
                case NEED_UNWRAP:
                    if (selector.select(2) == 1 && canread(selector)) {
                        if (m_sc.read(m_rxNetData) < 0) {
                            if (m_eng.isInboundDone() && m_eng.isOutboundDone()) {
                                return false;
                            }
                            try {
                                m_eng.closeInbound();
                            } catch (SSLException ingnoreIt) {
                            }
                            m_eng.closeOutbound();
                            status = m_eng.getHandshakeStatus();
                            break;
                        }
                    }
                    m_rxNetData.flip();
                    try {
                        result = m_eng.unwrap(m_rxNetData, clearData);
                        m_rxNetData.compact();
                        status = m_eng.getHandshakeStatus();
                    } catch (SSLException e) {
                        m_eng.closeOutbound();
                        throw e;
                    }
                    switch(result.getStatus()) {
                        case OK:
                            break;
                        case BUFFER_OVERFLOW:
                            clearData = expand(clearData, false);
                            break;
                        case BUFFER_UNDERFLOW:
                            // in this state until data shows up in m_rxNetData.
                            break;
                        case CLOSED:
                            if (m_eng.isOutboundDone()) {
                                return false;
                            } else {
                                m_eng.closeOutbound();
                                status = m_eng.getHandshakeStatus();
                            }
                            break;
                        default:
                            throw new IllegalStateException("Invalid SSL status: " + result.getStatus());
                    }
                    break;
                case NEED_WRAP:
                    txNetData.clear();
                    try {
                        result = m_eng.wrap(clearData, txNetData);
                        status = m_eng.getHandshakeStatus();
                    } catch (SSLException e) {
                        m_eng.closeOutbound();
                        throw e;
                    }
                    switch(result.getStatus()) {
                        case OK:
                            txNetData.flip();
                            while (txNetData.hasRemaining()) {
                                m_sc.write(txNetData);
                            }
                            break;
                        case BUFFER_OVERFLOW:
                            clearData = expand(txNetData, false);
                            break;
                        case BUFFER_UNDERFLOW:
                            throw new SSLException("Buffer underflow occured after a wrap");
                        case CLOSED:
                            txNetData.flip();
                            while (txNetData.hasRemaining()) {
                                m_sc.write(txNetData);
                            }
                            m_rxNetData.clear();
                            status = m_eng.getHandshakeStatus();
                            break;
                        default:
                            throw new IllegalStateException("Invalid SSL status: " + result.getStatus());
                    }
                    break;
                case NEED_TASK:
                    Runnable task;
                    while ((task = m_eng.getDelegatedTask()) != null) {
                        task.run();
                    }
                    status = m_eng.getHandshakeStatus();
                    break;
                case FINISHED:
                    break;
                case NOT_HANDSHAKING:
                    break;
                default:
                    throw new IllegalStateException("Invalid SSL handshake status" + status);
            }
        }
    } finally {
        SelectionKey sk = m_sc.keyFor(selector);
        sk.cancel();
        selector.close();
        if (isBlocked)
            synchronized (m_sc.blockingLock()) {
                m_sc.configureBlocking(isBlocked);
            }
    }
    return true;
}
Also used : SelectionKey(java.nio.channels.SelectionKey) SSLEngineResult(javax.net.ssl.SSLEngineResult) ByteBuffer(java.nio.ByteBuffer) SSLException(javax.net.ssl.SSLException) HandshakeStatus(javax.net.ssl.SSLEngineResult.HandshakeStatus) Selector(java.nio.channels.Selector)

Example 9 with SSLException

use of javax.net.ssl.SSLException in project android_frameworks_base by DirtyUnicorns.

the class AbstractVerifier method verify.

public final boolean verify(String host, SSLSession session) {
    try {
        Certificate[] certs = session.getPeerCertificates();
        X509Certificate x509 = (X509Certificate) certs[0];
        verify(host, x509);
        return true;
    } catch (SSLException e) {
        return false;
    }
}
Also used : SSLException(javax.net.ssl.SSLException) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 10 with SSLException

use of javax.net.ssl.SSLException in project mobile-center-sdk-android by Microsoft.

the class HttpUtilsAndroidTest method isRecoverableErrorTest.

@Test
public void isRecoverableErrorTest() {
    assertTrue(isRecoverableError(new EOFException()));
    assertTrue(isRecoverableError(new InterruptedIOException()));
    assertTrue(isRecoverableError(new SocketTimeoutException()));
    assertTrue(isRecoverableError(new SocketException()));
    assertTrue(isRecoverableError(new PortUnreachableException()));
    assertTrue(isRecoverableError(new UnknownHostException()));
    assertTrue(isRecoverableError(new RejectedExecutionException()));
    assertFalse(isRecoverableError(new MalformedURLException()));
    assertFalse(isRecoverableError(new IOException()));
    assertTrue(isRecoverableError(new IOException(new EOFException())));
    assertFalse(isRecoverableError(new IOException(new Exception())));
    for (int i = 0; i <= 4; i++) assertTrue(isRecoverableError(new HttpException(500 + i)));
    for (int i = 0; i <= 6; i++) assertFalse(isRecoverableError(new HttpException(400 + i)));
    assertTrue(isRecoverableError(new HttpException(408)));
    assertFalse(isRecoverableError(new HttpException(413)));
    assertTrue(isRecoverableError(new HttpException(429)));
    assertTrue(isRecoverableError(new SSLException("Write error: ssl=0x59c28f90: I/O error during system call, Connection timed out")));
    assertFalse(isRecoverableError(new SSLHandshakeException("java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.")));
    assertFalse(isRecoverableError(new SSLException(null, new CertPathValidatorException("Trust anchor for certification path not found."))));
    assertFalse(isRecoverableError(new SSLException("java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty")));
    assertTrue(isRecoverableError(new SSLException("Read error: ssl=0x9dd07200: I/O error during system call, Connection reset by peer")));
    assertTrue(isRecoverableError(new SSLException("SSL handshake aborted: ssl=0x1cc160: I/O error during system call, Connection reset by peer")));
    assertTrue(isRecoverableError(new SSLHandshakeException("javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x870c918: Failure in SSL library, usually a protocol error\nerror:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:658 0xb7c393a1:0x00000000)")));
}
Also used : InterruptedIOException(java.io.InterruptedIOException) SocketException(java.net.SocketException) PortUnreachableException(java.net.PortUnreachableException) MalformedURLException(java.net.MalformedURLException) UnknownHostException(java.net.UnknownHostException) IOException(java.io.IOException) InterruptedIOException(java.io.InterruptedIOException) SSLException(javax.net.ssl.SSLException) RejectedExecutionException(java.util.concurrent.RejectedExecutionException) MalformedURLException(java.net.MalformedURLException) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) IOException(java.io.IOException) EOFException(java.io.EOFException) InterruptedIOException(java.io.InterruptedIOException) UnknownHostException(java.net.UnknownHostException) SocketException(java.net.SocketException) RejectedExecutionException(java.util.concurrent.RejectedExecutionException) SSLException(javax.net.ssl.SSLException) SocketTimeoutException(java.net.SocketTimeoutException) PortUnreachableException(java.net.PortUnreachableException) CertPathValidatorException(java.security.cert.CertPathValidatorException) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) CertPathValidatorException(java.security.cert.CertPathValidatorException) SocketTimeoutException(java.net.SocketTimeoutException) EOFException(java.io.EOFException) Test(org.junit.Test)

Aggregations

SSLException (javax.net.ssl.SSLException)326 IOException (java.io.IOException)106 CertificateException (java.security.cert.CertificateException)54 X509Certificate (java.security.cert.X509Certificate)43 SslContext (io.netty.handler.ssl.SslContext)37 SSLHandshakeException (javax.net.ssl.SSLHandshakeException)37 InetSocketAddress (java.net.InetSocketAddress)35 SSLEngineResult (javax.net.ssl.SSLEngineResult)34 SocketException (java.net.SocketException)33 Test (org.junit.Test)33 ByteBuffer (java.nio.ByteBuffer)32 SSLEngine (javax.net.ssl.SSLEngine)30 KeyStore (java.security.KeyStore)29 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)29 SSLSocket (javax.net.ssl.SSLSocket)29 InputStream (java.io.InputStream)26 SSLContext (javax.net.ssl.SSLContext)25 SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)24 Bootstrap (io.netty.bootstrap.Bootstrap)23 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)22