Example 41 with SSLSession
use of javax.net.ssl.SSLSession in project okhttp by square.
the class HostnameVerifierTest method verifyWilcardCnOnTld.
@Test
public void verifyWilcardCnOnTld() throws Exception {
// It's the CA's responsibility to not issue broad-matching certificates!
// CN=*.co.jp
SSLSession session = session("" + "-----BEGIN CERTIFICATE-----\n" + "MIIERjCCAy6gAwIBAgIJAIz+EYMBU6aVMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD\n" + "VQQGEwJDQTELMAkGA1UECBMCQkMxEjAQBgNVBAcTCVZhbmNvdXZlcjEWMBQGA1UE\n" + "ChMNd3d3LmN1Y2JjLmNvbTEUMBIGA1UECxQLY29tbW9uc19zc2wxHTAbBgNVBAMU\n" + "FGRlbW9faW50ZXJtZWRpYXRlX2NhMSUwIwYJKoZIhvcNAQkBFhZqdWxpdXNkYXZp\n" + "ZXNAZ21haWwuY29tMB4XDTA2MTIxMTE2MTYzMFoXDTI4MTEwNTE2MTYzMFowgaQx\n" + "CzAJBgNVBAYTAlVTMREwDwYDVQQIEwhNYXJ5bGFuZDEUMBIGA1UEBxMLRm9yZXN0\n" + "IEhpbGwxFzAVBgNVBAoTDmh0dHBjb21wb25lbnRzMRowGAYDVQQLExF0ZXN0IGNl\n" + "cnRpZmljYXRlczEQMA4GA1UEAxQHKi5jby5qcDElMCMGCSqGSIb3DQEJARYWanVs\n" + "aXVzZGF2aWVzQGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC\n" + "ggEBAMhjr5aCPoyp0R1iroWAfnEyBMGYWoCidH96yGPFjYLowez5aYKY1IOKTY2B\n" + "lYho4O84X244QrZTRl8kQbYtxnGh4gSCD+Z8gjZ/gMvLUlhqOb+WXPAUHMB39GRy\n" + "zerA/ZtrlUqf+lKo0uWcocxeRc771KN8cPH3nHZ0rV0Hx4ZAZy6U4xxObe4rtSVY\n" + "07hNKXAb2odnVqgzcYiDkLV8ilvEmoNWMWrp8UBqkTcpEhYhCYp3cTkgJwMSuqv8\n" + "BqnGd87xQU3FVZI4tbtkB+KzjD9zz8QCDJAfDjZHR03KNQ5mxOgXwxwKw6lGMaiV\n" + "JTxpTKqym93whYk93l3ocEe55c0CAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgB\n" + "hvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYE\n" + "FJ8Ud78/OrbKOIJCSBYs2tDLXofYMB8GA1UdIwQYMBaAFHua2o+QmU5S0qzbswNS\n" + "yoemDT4NMA0GCSqGSIb3DQEBBQUAA4IBAQA0sWglVlMx2zNGvUqFC73XtREwii53\n" + "CfMM6mtf2+f3k/d8KXhLNySrg8RRlN11zgmpPaLtbdTLrmG4UdAHHYr8O4y2BBmE\n" + "1cxNfGxxechgF8HX10QV4dkyzp6Z1cfwvCeMrT5G/V1pejago0ayXx+GPLbWlNeZ\n" + "S+Kl0m3p+QplXujtwG5fYcIpaGpiYraBLx3Tadih39QN65CnAh/zRDhLCUzKyt9l\n" + "UGPLEUDzRHMPHLnSqT1n5UU5UDRytbjJPXzF+l/+WZIsanefWLsxnkgAuZe/oMMF\n" + "EJMryEzOjg4Tfuc5qM0EXoPcQ/JlheaxZ40p2IyHqbsWV4MRYuFH4bkM\n" + "-----END CERTIFICATE-----\n");
assertTrue(verifier.verify("foo.co.jp", session));
assertTrue(verifier.verify("花子.co.jp", session));
}
Also used :
SSLSession(javax.net.ssl.SSLSession)
FakeSSLSession(okhttp3.FakeSSLSession)
Test(org.junit.Test)
Example 42 with SSLSession
use of javax.net.ssl.SSLSession in project okhttp by square.
the class HostnameVerifierTest method wildcardsCannotMatchIpAddresses.
@Test
public void wildcardsCannotMatchIpAddresses() throws Exception {
// openssl req -x509 -nodes -days 36500 -subj '/CN=*.0.0.1' -newkey rsa:512 -out cert.pem
SSLSession session = session("" + "-----BEGIN CERTIFICATE-----\n" + "MIIBkjCCATygAwIBAgIJAMdemqOwd/BEMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNV\n" + "BAMUByouMC4wLjEwIBcNMTAxMjIwMTY0NDI1WhgPMjExMDExMjYxNjQ0MjVaMBIx\n" + "EDAOBgNVBAMUByouMC4wLjEwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAqY8c9Qrt\n" + "YPWCvb7lclI+aDHM6fgbJcHsS9Zg8nUOh5dWrS7AgeA25wyaokFl4plBbbHQe2j+\n" + "cCjsRiJIcQo9HwIDAQABo3MwcTAdBgNVHQ4EFgQUJ436TZPJvwCBKklZZqIvt1Yt\n" + "JjEwQgYDVR0jBDswOYAUJ436TZPJvwCBKklZZqIvt1YtJjGhFqQUMBIxEDAOBgNV\n" + "BAMUByouMC4wLjGCCQDHXpqjsHfwRDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB\n" + "BQUAA0EAk9i88xdjWoewqvE+iMC9tD2obMchgFDaHH0ogxxiRaIKeEly3g0uGxIt\n" + "fl2WRY8hb4x+zRrwsFaLEpdEvqcjOQ==\n" + "-----END CERTIFICATE-----");
assertFalse(verifier.verify("127.0.0.1", session));
}
Also used :
SSLSession(javax.net.ssl.SSLSession)
FakeSSLSession(okhttp3.FakeSSLSession)
Test(org.junit.Test)
Example 43 with SSLSession
use of javax.net.ssl.SSLSession in project okhttp by square.
the class HostnameVerifierTest method subjectAltNameWithWildcard.
@Test
public void subjectAltNameWithWildcard() throws Exception {
// $ cat ./cert.cnf
// [req]
// distinguished_name=distinguished_name
// req_extensions=req_extensions
// x509_extensions=x509_extensions
// [distinguished_name]
// [req_extensions]
// [x509_extensions]
// subjectAltName=DNS:bar.com,DNS:*.baz.com
//
// $ openssl req -x509 -nodes -days 36500 -subj '/CN=foo.com' -config ./cert.cnf \
// -newkey rsa:512 -out cert.pem
SSLSession session = session("" + "-----BEGIN CERTIFICATE-----\n" + "MIIBPzCB6qADAgECAgkAnv/7Jv5r7pMwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UE\n" + "AxMHZm9vLmNvbTAgFw0xMDEyMjAxODQ2MDFaGA8yMTEwMTEyNjE4NDYwMVowEjEQ\n" + "MA4GA1UEAxMHZm9vLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDAz2YXnyog\n" + "YdYLSFr/OEgSumtwqtZKJTB4wqTW/eKbBCEzxnyUMxWZIqUGu353PzwfOuWp2re3\n" + "nvVV+QDYQlh9AgMBAAGjITAfMB0GA1UdEQQWMBSCB2Jhci5jb22CCSouYmF6LmNv\n" + "bTANBgkqhkiG9w0BAQUFAANBAB8yrSl8zqy07i0SNYx2B/FnvQY734pxioaqFWfO\n" + "Bqo1ZZl/9aPHEWIwBrxYNVB0SGu/kkbt/vxqOjzzrkXukmI=\n" + "-----END CERTIFICATE-----");
assertFalse(verifier.verify("foo.com", session));
assertTrue(verifier.verify("bar.com", session));
assertTrue(verifier.verify("a.baz.com", session));
assertFalse(verifier.verify("baz.com", session));
assertFalse(verifier.verify("a.foo.com", session));
assertFalse(verifier.verify("a.bar.com", session));
assertFalse(verifier.verify("quux.com", session));
}
Also used :
SSLSession(javax.net.ssl.SSLSession)
FakeSSLSession(okhttp3.FakeSSLSession)
Test(org.junit.Test)
Example 44 with SSLSession
use of javax.net.ssl.SSLSession in project XobotOS by xamarin.
the class AbstractSessionContext method setSessionTimeout.
public void setSessionTimeout(int seconds) throws IllegalArgumentException {
if (seconds < 0) {
throw new IllegalArgumentException("seconds < 0");
}
timeout = seconds;
synchronized (sessions) {
Iterator<SSLSession> i = sessions.values().iterator();
while (i.hasNext()) {
SSLSession session = i.next();
// timeout as part of their validity condition.
if (!session.isValid()) {
i.remove();
sessionRemoved(session);
}
}
}
}
Also used :
SSLSession(javax.net.ssl.SSLSession)
Example 45 with SSLSession
use of javax.net.ssl.SSLSession in project XobotOS by xamarin.
the class AbstractSessionContext method getIds.
public final Enumeration getIds() {
final Iterator<SSLSession> i = sessionIterator();
return new Enumeration<byte[]>() {
private SSLSession next;
public boolean hasMoreElements() {
if (next != null) {
return true;
}
while (i.hasNext()) {
SSLSession session = i.next();
if (session.isValid()) {
next = session;
return true;
}
}
next = null;
return false;
}
public byte[] nextElement() {
if (hasMoreElements()) {
byte[] id = next.getId();
next = null;
return id;
}
throw new NoSuchElementException();
}
};
}
Also used :
Enumeration(java.util.Enumeration)
SSLSession(javax.net.ssl.SSLSession)
NoSuchElementException(java.util.NoSuchElementException)
Aggregations
SSLSession (javax.net.ssl.SSLSession)340
HostnameVerifier (javax.net.ssl.HostnameVerifier)121
SSLContext (javax.net.ssl.SSLContext)74
IOException (java.io.IOException)65
X509Certificate (java.security.cert.X509Certificate)64
CertificateException (java.security.cert.CertificateException)49
SSLSocket (javax.net.ssl.SSLSocket)49
TrustManager (javax.net.ssl.TrustManager)45
X509TrustManager (javax.net.ssl.X509TrustManager)43
Test (org.junit.Test)39
Certificate (java.security.cert.Certificate)33
SecureRandom (java.security.SecureRandom)31
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)29
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)28
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)28
URL (java.net.URL)24
HttpsURLConnection (javax.net.ssl.HttpsURLConnection)24
KeyManagementException (java.security.KeyManagementException)23
SSLException (javax.net.ssl.SSLException)22
InputStream (java.io.InputStream)18
