Example 21 with TrustManager
use of javax.net.ssl.TrustManager in project ninja by ninjaframework.
the class StandaloneHelper method createSSLContext.
public static SSLContext createSSLContext(URI keystoreUri, char[] keystorePassword, URI truststoreUri, char[] truststorePassword) throws Exception {
// load keystore
KeyStore keystore = loadKeyStore(keystoreUri, keystorePassword);
KeyManager[] keyManagers;
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keystore, keystorePassword);
keyManagers = keyManagerFactory.getKeyManagers();
// load truststore
KeyStore truststore = loadKeyStore(truststoreUri, truststorePassword);
TrustManager[] trustManagers;
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(truststore);
trustManagers = trustManagerFactory.getTrustManagers();
SSLContext sslContext;
sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, null);
return sslContext;
}
Also used :
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
SSLContext(javax.net.ssl.SSLContext)
KeyStore(java.security.KeyStore)
KeyManager(javax.net.ssl.KeyManager)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
TrustManager(javax.net.ssl.TrustManager)
Example 22 with TrustManager
use of javax.net.ssl.TrustManager in project openhab1-addons by openhab.
the class OpenWebIfCommunicator method executeRequest.
/**
* Executes the http request and parses the returned stream.
*/
@SuppressWarnings("unchecked")
private <T> T executeRequest(OpenWebIfConfig config, String url, Class<T> clazz) throws IOException {
HttpURLConnection con = null;
try {
logger.trace("Request [{}]: {}", config.getName(), url);
con = (HttpURLConnection) new URL(url).openConnection();
con.setConnectTimeout(CONNECTION_TIMEOUT);
con.setReadTimeout(10000);
if (config.hasLogin()) {
String userpass = config.getUser() + ":" + config.getPassword();
String basicAuth = "Basic " + DatatypeConverter.printBase64Binary(userpass.getBytes());
con.setRequestProperty("Authorization", basicAuth);
}
if (con instanceof HttpsURLConnection) {
HttpsURLConnection sCon = (HttpsURLConnection) con;
TrustManager[] trustManager = new TrustManager[] { new SimpleTrustManager() };
SSLContext context = SSLContext.getInstance("TLS");
context.init(new KeyManager[0], trustManager, new SecureRandom());
sCon.setSSLSocketFactory(context.getSocketFactory());
sCon.setHostnameVerifier(new AllowAllHostnameVerifier());
}
StringWriter sw = new StringWriter();
IOUtils.copy(con.getInputStream(), sw);
con.disconnect();
if (con.getResponseCode() == HttpURLConnection.HTTP_OK) {
String response = sw.toString();
logger.trace("Response: [{}]: {}", config.getName(), response);
Unmarshaller um = JAXBContext.newInstance(clazz).createUnmarshaller();
return (T) um.unmarshal(new StringReader(response));
} else {
throw new IOException(con.getResponseMessage());
}
} catch (JAXBException ex) {
throw new IOException(ex.getMessage(), ex);
} catch (GeneralSecurityException ex) {
throw new IOException(ex.getMessage(), ex);
} finally {
if (con != null) {
con.disconnect();
}
}
}
Also used :
AllowAllHostnameVerifier(org.openhab.action.openwebif.internal.impl.ssl.AllowAllHostnameVerifier)
JAXBException(javax.xml.bind.JAXBException)
GeneralSecurityException(java.security.GeneralSecurityException)
SimpleTrustManager(org.openhab.action.openwebif.internal.impl.ssl.SimpleTrustManager)
SecureRandom(java.security.SecureRandom)
SSLContext(javax.net.ssl.SSLContext)
IOException(java.io.IOException)
URL(java.net.URL)
TrustManager(javax.net.ssl.TrustManager)
SimpleTrustManager(org.openhab.action.openwebif.internal.impl.ssl.SimpleTrustManager)
HttpURLConnection(java.net.HttpURLConnection)
StringWriter(java.io.StringWriter)
StringReader(java.io.StringReader)
Unmarshaller(javax.xml.bind.Unmarshaller)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
Example 23 with TrustManager
use of javax.net.ssl.TrustManager in project openhab1-addons by openhab.
the class AirConditioner method connect.
private void connect() throws Exception {
if (isConnected()) {
return;
} else {
logger.debug("Disconnected so we'll try again");
disconnect();
}
if (CERTIFICATE_FILE_NAME != null && new File(CERTIFICATE_FILE_NAME).isFile()) {
if (CERTIFICATE_PASSWORD == null) {
CERTIFICATE_PASSWORD = "";
}
try {
SSLClient client = new SSLClient();
client.addTrustMaterial(TrustMaterial.DEFAULT);
client.setCheckHostname(false);
client.setKeyMaterial(new KeyMaterial(CERTIFICATE_FILE_NAME, CERTIFICATE_PASSWORD.toCharArray()));
client.setConnectTimeout(10000);
socket = (SSLSocket) client.createSocket(IP, PORT);
socket.setSoTimeout(2000);
socket.startHandshake();
} catch (Exception e) {
throw new Exception("Could not connect using certificate: " + CERTIFICATE_FILE_NAME, e);
}
} else {
try {
SSLContext ctx = SSLContext.getInstance("TLS");
final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
}
} };
ctx.init(null, trustAllCerts, null);
socket = (SSLSocket) ctx.getSocketFactory().createSocket(IP, PORT);
socket.setSoTimeout(2000);
socket.startHandshake();
} catch (Exception e) {
throw new Exception("Cannot connect to " + IP + ":" + PORT, e);
}
}
handleResponse();
}
Also used :
SSLClient(org.apache.commons.ssl.SSLClient)
KeyMaterial(org.apache.commons.ssl.KeyMaterial)
X509TrustManager(javax.net.ssl.X509TrustManager)
SSLContext(javax.net.ssl.SSLContext)
File(java.io.File)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SSLException(javax.net.ssl.SSLException)
SocketTimeoutException(java.net.SocketTimeoutException)
X509Certificate(java.security.cert.X509Certificate)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
Example 24 with TrustManager
use of javax.net.ssl.TrustManager in project nutz by nutzam.
the class Http method nopSSLSocketFactory.
public static SSLSocketFactory nopSSLSocketFactory() throws Exception {
SSLContext sc = SSLContext.getInstance("SSL");
TrustManager[] tmArr = { new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
} };
sc.init(null, tmArr, new SecureRandom());
return sc.getSocketFactory();
}
Also used :
X509TrustManager(javax.net.ssl.X509TrustManager)
SecureRandom(java.security.SecureRandom)
CertificateException(java.security.cert.CertificateException)
SSLContext(javax.net.ssl.SSLContext)
X509Certificate(java.security.cert.X509Certificate)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
Example 25 with TrustManager
use of javax.net.ssl.TrustManager in project scdl by passy.
the class PinningTrustManagerImpl method checkServerTrusted.
@Override
public void checkServerTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
Log.d(TAG, "Checking if server is trusted");
for (final TrustManager systemTrustManager : systemTrustManagers) {
((X509TrustManager) systemTrustManager).checkServerTrusted(chain, authType);
}
Log.d(TAG, "Getting trust root");
final X509Certificate anchor = systemKeyStore.getTrustRoot(chain);
Log.d(TAG, "checking certs for valid pin");
for (final X509Certificate certificate : chain) {
if (isValidPin(certificate)) {
Log.d(TAG, "Success!");
return;
}
}
Log.d(TAG, "checking anchor for valid pin");
if (anchor != null && isValidPin(anchor)) {
Log.d(TAG, "Success!");
return;
}
throw new CertificateException("No valid Pins found in Certificate Chain!");
}
Also used :
X509TrustManager(javax.net.ssl.X509TrustManager)
CertificateException(java.security.cert.CertificateException)
X509Certificate(java.security.cert.X509Certificate)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
Aggregations
TrustManager (javax.net.ssl.TrustManager)186
SSLContext (javax.net.ssl.SSLContext)116
X509TrustManager (javax.net.ssl.X509TrustManager)111
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)78
X509Certificate (java.security.cert.X509Certificate)53
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)51
SecureRandom (java.security.SecureRandom)51
IOException (java.io.IOException)48
KeyManagementException (java.security.KeyManagementException)47
KeyStore (java.security.KeyStore)47
KeyManager (javax.net.ssl.KeyManager)44
CertificateException (java.security.cert.CertificateException)36
KeyStoreException (java.security.KeyStoreException)35
KeyManagerFactory (javax.net.ssl.KeyManagerFactory)31
GeneralSecurityException (java.security.GeneralSecurityException)22
HostnameVerifier (javax.net.ssl.HostnameVerifier)19
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)15
InputStream (java.io.InputStream)14
UnrecoverableKeyException (java.security.UnrecoverableKeyException)13
FileInputStream (java.io.FileInputStream)11
