Search in sources :

Example 1 with Tls12SocketFactory

use of org.whispersystems.signalservice.api.util.Tls12SocketFactory in project libsignal-service-java by signalapp.

the class WebSocketConnection method connect.

public synchronized void connect() {
    Log.w(TAG, "WSC connect()...");
    if (client == null) {
        String filledUri;
        if (credentialsProvider.isPresent()) {
            String identifier = credentialsProvider.get().getUuid() != null ? credentialsProvider.get().getUuid().toString() : credentialsProvider.get().getE164();
            filledUri = String.format(wsUri, identifier, credentialsProvider.get().getPassword());
        } else {
            filledUri = wsUri;
        }
        Pair<SSLSocketFactory, X509TrustManager> socketFactory = createTlsSocketFactory(trustStore);
        OkHttpClient okHttpClient = new OkHttpClient.Builder().sslSocketFactory(new Tls12SocketFactory(socketFactory.first()), socketFactory.second()).connectionSpecs(Util.immutableList(ConnectionSpec.RESTRICTED_TLS)).readTimeout(KEEPALIVE_TIMEOUT_SECONDS + 10, TimeUnit.SECONDS).connectTimeout(KEEPALIVE_TIMEOUT_SECONDS + 10, TimeUnit.SECONDS).build();
        Request.Builder requestBuilder = new Request.Builder().url(filledUri);
        if (userAgent != null) {
            requestBuilder.addHeader("X-Signal-Agent", userAgent);
        }
        if (listener != null) {
            listener.onConnecting();
        }
        this.connected = false;
        this.client = okHttpClient.newWebSocket(requestBuilder.build(), this);
    }
}
Also used : OkHttpClient(okhttp3.OkHttpClient) X509TrustManager(javax.net.ssl.X509TrustManager) Request(okhttp3.Request) ByteString(okio.ByteString) Tls12SocketFactory(org.whispersystems.signalservice.api.util.Tls12SocketFactory) SSLSocketFactory(javax.net.ssl.SSLSocketFactory)

Example 2 with Tls12SocketFactory

use of org.whispersystems.signalservice.api.util.Tls12SocketFactory in project Signal-Android by signalapp.

the class BadgeLoader method createFactory.

public static Factory createFactory() {
    try {
        OkHttpClient baseClient = ApplicationDependencies.getOkHttpClient();
        SSLContext sslContext = SSLContext.getInstance("TLS");
        TrustStore trustStore = new SignalServiceTrustStore(ApplicationDependencies.getApplication());
        TrustManager[] trustManagers = BlacklistingTrustManager.createFor(trustStore);
        sslContext.init(null, trustManagers, null);
        OkHttpClient client = baseClient.newBuilder().sslSocketFactory(new Tls12SocketFactory(sslContext.getSocketFactory()), (X509TrustManager) trustManagers[0]).connectionSpecs(Util.immutableList(ConnectionSpec.RESTRICTED_TLS)).build();
        return new Factory(client);
    } catch (NoSuchAlgorithmException | KeyManagementException e) {
        throw new AssertionError(e);
    }
}
Also used : OkHttpClient(okhttp3.OkHttpClient) MultiModelLoaderFactory(com.bumptech.glide.load.model.MultiModelLoaderFactory) Tls12SocketFactory(org.whispersystems.signalservice.api.util.Tls12SocketFactory) ModelLoaderFactory(com.bumptech.glide.load.model.ModelLoaderFactory) SSLContext(javax.net.ssl.SSLContext) SignalServiceTrustStore(org.thoughtcrime.securesms.push.SignalServiceTrustStore) TrustStore(org.whispersystems.signalservice.api.push.TrustStore) Tls12SocketFactory(org.whispersystems.signalservice.api.util.Tls12SocketFactory) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SignalServiceTrustStore(org.thoughtcrime.securesms.push.SignalServiceTrustStore) KeyManagementException(java.security.KeyManagementException) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager) BlacklistingTrustManager(org.whispersystems.signalservice.internal.util.BlacklistingTrustManager)

Example 3 with Tls12SocketFactory

use of org.whispersystems.signalservice.api.util.Tls12SocketFactory in project Signal-Android by signalapp.

the class PushServiceSocket method createConnectionClient.

private static OkHttpClient createConnectionClient(SignalUrl url, List<Interceptor> interceptors, Optional<Dns> dns, Optional<SignalProxy> proxy) {
    try {
        TrustManager[] trustManagers = BlacklistingTrustManager.createFor(url.getTrustStore());
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, trustManagers, null);
        OkHttpClient.Builder builder = new OkHttpClient.Builder().sslSocketFactory(new Tls12SocketFactory(context.getSocketFactory()), (X509TrustManager) trustManagers[0]).connectionSpecs(url.getConnectionSpecs().or(Util.immutableList(ConnectionSpec.RESTRICTED_TLS))).dns(dns.or(Dns.SYSTEM));
        if (proxy.isPresent()) {
            builder.socketFactory(new TlsProxySocketFactory(proxy.get().getHost(), proxy.get().getPort(), dns));
        }
        builder.sslSocketFactory(new Tls12SocketFactory(context.getSocketFactory()), (X509TrustManager) trustManagers[0]).connectionSpecs(url.getConnectionSpecs().or(Util.immutableList(ConnectionSpec.RESTRICTED_TLS))).build();
        builder.connectionPool(new ConnectionPool(5, 45, TimeUnit.SECONDS));
        for (Interceptor interceptor : interceptors) {
            builder.addInterceptor(interceptor);
        }
        return builder.build();
    } catch (NoSuchAlgorithmException | KeyManagementException e) {
        throw new AssertionError(e);
    }
}
Also used : ConnectionPool(okhttp3.ConnectionPool) OkHttpClient(okhttp3.OkHttpClient) SSLContext(javax.net.ssl.SSLContext) Tls12SocketFactory(org.whispersystems.signalservice.api.util.Tls12SocketFactory) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyManagementException(java.security.KeyManagementException) X509TrustManager(javax.net.ssl.X509TrustManager) BlacklistingTrustManager(org.whispersystems.signalservice.internal.util.BlacklistingTrustManager) TrustManager(javax.net.ssl.TrustManager) Interceptor(okhttp3.Interceptor) TlsProxySocketFactory(org.whispersystems.signalservice.api.util.TlsProxySocketFactory)

Example 4 with Tls12SocketFactory

use of org.whispersystems.signalservice.api.util.Tls12SocketFactory in project Signal-Android by signalapp.

the class WebSocketConnection method connect.

public synchronized Observable<WebSocketConnectionState> connect() {
    log("connect()");
    if (client == null) {
        String filledUri;
        if (credentialsProvider.isPresent()) {
            String identifier = Objects.requireNonNull(credentialsProvider.get().getAci()).toString();
            if (credentialsProvider.get().getDeviceId() != SignalServiceAddress.DEFAULT_DEVICE_ID) {
                identifier += "." + credentialsProvider.get().getDeviceId();
            }
            filledUri = String.format(wsUri, identifier, credentialsProvider.get().getPassword());
        } else {
            filledUri = wsUri;
        }
        Pair<SSLSocketFactory, X509TrustManager> socketFactory = createTlsSocketFactory(trustStore);
        OkHttpClient.Builder clientBuilder = new OkHttpClient.Builder().sslSocketFactory(new Tls12SocketFactory(socketFactory.first()), socketFactory.second()).connectionSpecs(Util.immutableList(ConnectionSpec.RESTRICTED_TLS)).readTimeout(KEEPALIVE_TIMEOUT_SECONDS + 10, TimeUnit.SECONDS).dns(dns.or(Dns.SYSTEM)).connectTimeout(KEEPALIVE_TIMEOUT_SECONDS + 10, TimeUnit.SECONDS);
        for (Interceptor interceptor : interceptors) {
            clientBuilder.addInterceptor(interceptor);
        }
        if (signalProxy.isPresent()) {
            clientBuilder.socketFactory(new TlsProxySocketFactory(signalProxy.get().getHost(), signalProxy.get().getPort(), dns));
        }
        OkHttpClient okHttpClient = clientBuilder.build();
        Request.Builder requestBuilder = new Request.Builder().url(filledUri);
        if (signalAgent != null) {
            requestBuilder.addHeader("X-Signal-Agent", signalAgent);
        }
        webSocketState.onNext(WebSocketConnectionState.CONNECTING);
        this.client = okHttpClient.newWebSocket(requestBuilder.build(), this);
    }
    return webSocketState;
}
Also used : OkHttpClient(okhttp3.OkHttpClient) X509TrustManager(javax.net.ssl.X509TrustManager) Request(okhttp3.Request) ByteString(okio.ByteString) Tls12SocketFactory(org.whispersystems.signalservice.api.util.Tls12SocketFactory) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) Interceptor(okhttp3.Interceptor) TlsProxySocketFactory(org.whispersystems.signalservice.api.util.TlsProxySocketFactory)

Example 5 with Tls12SocketFactory

use of org.whispersystems.signalservice.api.util.Tls12SocketFactory in project Signal-Android by WhisperSystems.

the class PushServiceSocket method createConnectionClient.

private static OkHttpClient createConnectionClient(SignalUrl url, List<Interceptor> interceptors, Optional<Dns> dns, Optional<SignalProxy> proxy) {
    try {
        TrustManager[] trustManagers = BlacklistingTrustManager.createFor(url.getTrustStore());
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, trustManagers, null);
        OkHttpClient.Builder builder = new OkHttpClient.Builder().sslSocketFactory(new Tls12SocketFactory(context.getSocketFactory()), (X509TrustManager) trustManagers[0]).connectionSpecs(url.getConnectionSpecs().or(Util.immutableList(ConnectionSpec.RESTRICTED_TLS))).dns(dns.or(Dns.SYSTEM));
        if (proxy.isPresent()) {
            builder.socketFactory(new TlsProxySocketFactory(proxy.get().getHost(), proxy.get().getPort(), dns));
        }
        builder.sslSocketFactory(new Tls12SocketFactory(context.getSocketFactory()), (X509TrustManager) trustManagers[0]).connectionSpecs(url.getConnectionSpecs().or(Util.immutableList(ConnectionSpec.RESTRICTED_TLS))).build();
        builder.connectionPool(new ConnectionPool(5, 45, TimeUnit.SECONDS));
        for (Interceptor interceptor : interceptors) {
            builder.addInterceptor(interceptor);
        }
        return builder.build();
    } catch (NoSuchAlgorithmException | KeyManagementException e) {
        throw new AssertionError(e);
    }
}
Also used : ConnectionPool(okhttp3.ConnectionPool) OkHttpClient(okhttp3.OkHttpClient) SSLContext(javax.net.ssl.SSLContext) Tls12SocketFactory(org.whispersystems.signalservice.api.util.Tls12SocketFactory) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyManagementException(java.security.KeyManagementException) X509TrustManager(javax.net.ssl.X509TrustManager) BlacklistingTrustManager(org.whispersystems.signalservice.internal.util.BlacklistingTrustManager) TrustManager(javax.net.ssl.TrustManager) Interceptor(okhttp3.Interceptor) TlsProxySocketFactory(org.whispersystems.signalservice.api.util.TlsProxySocketFactory)

Aggregations

OkHttpClient (okhttp3.OkHttpClient)9 Tls12SocketFactory (org.whispersystems.signalservice.api.util.Tls12SocketFactory)9 X509TrustManager (javax.net.ssl.X509TrustManager)8 KeyManagementException (java.security.KeyManagementException)6 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)6 SSLContext (javax.net.ssl.SSLContext)6 TrustManager (javax.net.ssl.TrustManager)5 BlacklistingTrustManager (org.whispersystems.signalservice.internal.util.BlacklistingTrustManager)5 Interceptor (okhttp3.Interceptor)4 TlsProxySocketFactory (org.whispersystems.signalservice.api.util.TlsProxySocketFactory)4 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)3 Request (okhttp3.Request)3 ByteString (okio.ByteString)3 ModelLoaderFactory (com.bumptech.glide.load.model.ModelLoaderFactory)2 MultiModelLoaderFactory (com.bumptech.glide.load.model.MultiModelLoaderFactory)2 ConnectionPool (okhttp3.ConnectionPool)2 SignalServiceTrustStore (org.thoughtcrime.securesms.push.SignalServiceTrustStore)2 TrustStore (org.whispersystems.signalservice.api.push.TrustStore)2 KeyStoreException (java.security.KeyStoreException)1 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)1