Examples with SSLException javax.net.ssl.SSLException used on opensource projects

Example 31 with SSLException

use of javax.net.ssl.SSLException in project robovm by robovm.

the class AbstractVerifier method verify.

public final boolean verify(String host, SSLSession session) {
    try {
        Certificate[] certs = session.getPeerCertificates();
        X509Certificate x509 = (X509Certificate) certs[0];
        verify(host, x509);
        return true;
    } catch (SSLException e) {
        return false;
    }
}

Example 32 with SSLException

use of javax.net.ssl.SSLException in project robovm by robovm.

the class URLConnectionTest method testConnectViaHttpsReusingConnectionsDifferentFactories.

public void testConnectViaHttpsReusingConnectionsDifferentFactories() throws IOException, InterruptedException {
    TestSSLContext testSSLContext = TestSSLContext.create();
    server.useHttps(testSSLContext.serverContext.getSocketFactory(), false);
    server.enqueue(new MockResponse().setBody("this response comes via HTTPS"));
    server.enqueue(new MockResponse().setBody("another response via HTTPS"));
    server.play();
    // install a custom SSL socket factory so the server can be authorized
    HttpsURLConnection connection = (HttpsURLConnection) server.getUrl("/").openConnection();
    connection.setSSLSocketFactory(testSSLContext.clientContext.getSocketFactory());
    assertContent("this response comes via HTTPS", connection);
    connection = (HttpsURLConnection) server.getUrl("/").openConnection();
    try {
        readAscii(connection.getInputStream(), Integer.MAX_VALUE);
        fail("without an SSL socket factory, the connection should fail");
    } catch (SSLException expected) {
    }
}

Example 33 with SSLException

use of javax.net.ssl.SSLException in project robovm by robovm.

the class OpenSSLSocketImpl method setCertificate.

private void setCertificate(String alias) throws CertificateEncodingException, SSLException {
    if (alias == null) {
        return;
    }
    PrivateKey privateKey = sslParameters.getKeyManager().getPrivateKey(alias);
    if (privateKey == null) {
        return;
    }
    X509Certificate[] certificates = sslParameters.getKeyManager().getCertificateChain(alias);
    if (certificates == null) {
        return;
    }
    // Note that OpenSSL says to use SSL_use_certificate before SSL_use_PrivateKey.
    byte[][] certificateBytes = NativeCrypto.encodeCertificates(certificates);
    NativeCrypto.SSL_use_certificate(sslNativePointer, certificateBytes);
    try {
        final OpenSSLKey key = OpenSSLKey.fromPrivateKey(privateKey);
        NativeCrypto.SSL_use_PrivateKey(sslNativePointer, key.getPkeyContext());
    } catch (InvalidKeyException e) {
        throw new SSLException(e);
    }
    // checks the last installed private key and certificate,
    // so need to do this once per loop iteration
    NativeCrypto.SSL_check_private_key(sslNativePointer);
}

Example 34 with SSLException

use of javax.net.ssl.SSLException in project robovm by robovm.

the class OpenSSLSocketImpl method verifyCertificateChain.

// used by NativeCrypto.SSLHandshakeCallbacks
@SuppressWarnings("unused")
@Override
public void verifyCertificateChain(byte[][] bytes, String authMethod) throws CertificateException {
    try {
        if (bytes == null || bytes.length == 0) {
            throw new SSLException("Peer sent no certificate");
        }
        X509Certificate[] peerCertificateChain = new X509Certificate[bytes.length];
        for (int i = 0; i < bytes.length; i++) {
            peerCertificateChain[i] = OpenSSLX509Certificate.fromX509Der(bytes[i]);
        }
        boolean client = sslParameters.getUseClientMode();
        if (client) {
            X509TrustManager x509tm = sslParameters.getTrustManager();
            if (x509tm instanceof TrustManagerImpl) {
                TrustManagerImpl tm = (TrustManagerImpl) x509tm;
                tm.checkServerTrusted(peerCertificateChain, authMethod, wrappedHost);
            } else {
                x509tm.checkServerTrusted(peerCertificateChain, authMethod);
            }
        } else {
            String authType = peerCertificateChain[0].getPublicKey().getAlgorithm();
            sslParameters.getTrustManager().checkClientTrusted(peerCertificateChain, authType);
        }
    } catch (CertificateException e) {
        throw e;
    } catch (Exception e) {
        throw new CertificateException(e);
    }
}

Example 35 with SSLException

use of javax.net.ssl.SSLException in project ignite by apache.

the class SslContextFactory method loadKeyStore.

/**
 * Loads key store with configured parameters.
 *
 * @param keyStoreType Type of key store.
 * @param storeFilePath Path to key store file.
 * @param keyStorePwd Store password.
 * @return Initialized key store.
 * @throws SSLException If key store could not be initialized.
 */
private KeyStore loadKeyStore(String keyStoreType, String storeFilePath, char[] keyStorePwd) throws SSLException {
    InputStream input = null;
    try {
        KeyStore keyStore = KeyStore.getInstance(keyStoreType);
        input = openFileInputStream(storeFilePath);
        keyStore.load(input, keyStorePwd);
        return keyStore;
    } catch (GeneralSecurityException e) {
        throw new SSLException("Failed to initialize key store (security exception occurred) [type=" + keyStoreType + ", keyStorePath=" + storeFilePath + ']', e);
    } catch (FileNotFoundException e) {
        throw new SSLException("Failed to initialize key store (key store file was not found): [path=" + storeFilePath + ", msg=" + e.getMessage() + ']');
    } catch (IOException e) {
        throw new SSLException("Failed to initialize key store (I/O error occurred): " + storeFilePath, e);
    } finally {
        if (input != null) {
            try {
                input.close();
            } catch (IOException ignored) {
            }
        }
    }
}