Java Code Examples for javax.net.ssl.SSLSession

The following are top voted examples for showing how to use javax.net.ssl.SSLSession. These examples are extracted from open source projects. You can vote up the examples you like and your votes will be used in our system to generate more good examples.
Example 1
Project: mi-firma-android   File: UrlHttpManagerImpl.java   View source code 8 votes vote down vote up
/** Deshabilita las comprobaciones de certificados en conexiones SSL, aceptádose entonces
 * cualquier certificado.
 * @throws KeyManagementException Si hay problemas en la gestión de claves SSL.
 * @throws NoSuchAlgorithmException Si el JRE no soporta algún algoritmo necesario.
 * @throws KeyStoreException Si no se puede cargar el KeyStore SSL.
 * @throws IOException Si hay errores en la carga del fichero KeyStore SSL.
 * @throws CertificateException Si los certificados del KeyStore SSL son inválidos.
 * @throws UnrecoverableKeyException Si una clave del KeyStore SSL es inválida.
 * @throws NoSuchProviderException Si ocurre un error al recuperar la instancia del Keystore.*/
public static void disableSslChecks() throws KeyManagementException,
                                             NoSuchAlgorithmException,
                                             KeyStoreException,
                                             UnrecoverableKeyException,
                                             CertificateException,
                                             IOException,
                                             NoSuchProviderException {
	final SSLContext sc = SSLContext.getInstance(SSL_CONTEXT);
	sc.init(getKeyManager(), DUMMY_TRUST_MANAGER, new java.security.SecureRandom());
	HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
	HttpsURLConnection.setDefaultHostnameVerifier(
		new HostnameVerifier() {
			@Override
			public boolean verify(final String hostname, final SSLSession session) {
				return true;
			}
		}
	);
}
 
Example 2
Project: openjdk-jdk10   File: TLSConnection.java   View source code 6 votes vote down vote up
private static boolean checkProtocol(SSLSession session, String protocol) {
    if (session == null) {
        System.out.println("Check protocol: no session provided");
        return false;
    }

    System.out.println("Check protocol: negotiated protocol: "
            + session.getProtocol());
    System.out.println("Check protocol: expected protocol: "
            + protocol);
    if (!protocol.equals(session.getProtocol())) {
        System.out.println("Check protocol: unexpected negotiated protocol");
        return false;
    }

    return true;
}
 
Example 3
Project: openjdk-jdk10   File: TLSConnection.java   View source code 6 votes vote down vote up
private static boolean checkCipherSuite(SSLSession session, String ciphersuite) {
    if (session == null) {
        System.out.println("Check protocol: no session provided");
        return false;
    }

    System.out.println("Check protocol: negotiated ciphersuite: "
            + session.getCipherSuite());
    System.out.println("Check protocol: expected ciphersuite: "
            + ciphersuite);
    if (!ciphersuite.equals(session.getCipherSuite())) {
        System.out.println("Check protocol: unexpected negotiated ciphersuite");
        return false;
    }

    return true;
}
 
Example 4
Project: GitHub   File: OkHttp.java   View source code 6 votes vote down vote up
@Override public void prepare(Benchmark benchmark) {
  super.prepare(benchmark);
  client = new OkHttpClient.Builder()
      .protocols(benchmark.protocols)
      .build();

  if (benchmark.tls) {
    SslClient sslClient = SslClient.localhost();
    SSLSocketFactory socketFactory = sslClient.socketFactory;
    HostnameVerifier hostnameVerifier = new HostnameVerifier() {
      @Override public boolean verify(String s, SSLSession session) {
        return true;
      }
    };
    client = new OkHttpClient.Builder()
        .sslSocketFactory(socketFactory, sslClient.trustManager)
        .hostnameVerifier(hostnameVerifier)
        .build();
  }
}
 
Example 5
Project: GitHub   File: UrlConnection.java   View source code 6 votes vote down vote up
@Override public void prepare(Benchmark benchmark) {
  super.prepare(benchmark);
  if (benchmark.tls) {
    SslClient sslClient = SslClient.localhost();
    SSLSocketFactory socketFactory = sslClient.socketFactory;
    HostnameVerifier hostnameVerifier = new HostnameVerifier() {
      @Override public boolean verify(String s, SSLSession session) {
        return true;
      }
    };
    HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
    HttpsURLConnection.setDefaultSSLSocketFactory(socketFactory);
  }
}
 
Example 6
Project: GitHub   File: OkHttp.java   View source code 6 votes vote down vote up
@Override public void prepare(Benchmark benchmark) {
  super.prepare(benchmark);
  client = new OkHttpClient.Builder()
      .protocols(benchmark.protocols)
      .build();

  if (benchmark.tls) {
    SslClient sslClient = SslClient.localhost();
    SSLSocketFactory socketFactory = sslClient.socketFactory;
    HostnameVerifier hostnameVerifier = new HostnameVerifier() {
      @Override public boolean verify(String s, SSLSession session) {
        return true;
      }
    };
    client = new OkHttpClient.Builder()
        .sslSocketFactory(socketFactory, sslClient.trustManager)
        .hostnameVerifier(hostnameVerifier)
        .build();
  }
}
 
Example 7
Project: Responder-Android   File: SSLSocketChannel2.java   View source code 6 votes vote down vote up
protected void createBuffers( SSLSession session ) {
	int netBufferMax = session.getPacketBufferSize();
	int appBufferMax = Math.max(session.getApplicationBufferSize(), netBufferMax);

	if( inData == null ) {
		inData = ByteBuffer.allocate( appBufferMax );
		outCrypt = ByteBuffer.allocate( netBufferMax );
		inCrypt = ByteBuffer.allocate( netBufferMax );
	} else {
		if( inData.capacity() != appBufferMax )
			inData = ByteBuffer.allocate( appBufferMax );
		if( outCrypt.capacity() != netBufferMax )
			outCrypt = ByteBuffer.allocate( netBufferMax );
		if( inCrypt.capacity() != netBufferMax )
			inCrypt = ByteBuffer.allocate( netBufferMax );
	}
	inData.rewind();
	inData.flip();
	inCrypt.rewind();
	inCrypt.flip();
	outCrypt.rewind();
	outCrypt.flip();
	bufferallocations++;
}
 
Example 8
Project: neoscada   File: ClientBaseConnection.java   View source code 6 votes vote down vote up
public SSLSession getSslSession ()
{
    final IoSession session = this.session;
    if ( session == null )
    {
        return null;
    }
    final Object sslSession = session.getAttribute ( SslFilter.SSL_SESSION );

    if ( sslSession instanceof SSLSession )
    {
        return (SSLSession)sslSession;
    }
    else
    {
        return null;
    }
}
 
Example 9
Project: parabuild-ci   File: HsqlSocketFactorySecure.java   View source code 6 votes vote down vote up
public void handshakeCompleted(HandshakeCompletedEvent evt) {

        SSLSession session;
        String     sessionId;
        SSLSocket  socket;

        if (Trace.TRACE) {
            socket  = evt.getSocket();
            session = evt.getSession();

            Trace.printSystemOut("SSL handshake completed:");
            Trace.printSystemOut(
                "------------------------------------------------");
            Trace.printSystemOut("socket:      : " + socket);
            Trace.printSystemOut("cipher suite : "
                                 + session.getCipherSuite());

            sessionId = StringConverter.byteToHex(session.getId());

            Trace.printSystemOut("session id   : " + sessionId);
            Trace.printSystemOut(
                "------------------------------------------------");
        }
    }
 
Example 10
Project: aliyun-cloudphotos-android-demo   File: SSLUtil.java   View source code 5 votes vote down vote up
/**
 * 忽略HTTPS请求的SSL证书,必须在openConnection之前调用
 * @throws Exception
 */
public static void ignoreSsl() throws Exception{
    HostnameVerifier hv = new HostnameVerifier() {
        public boolean verify(String urlHostName, SSLSession session) {
            return true;
        }
    };
    trustAllHttpsCertificates();
    HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
 
Example 11
Project: GitHub   File: OkHostnameVerifier.java   View source code 5 votes vote down vote up
@Override
public boolean verify(String host, SSLSession session) {
  try {
    Certificate[] certificates = session.getPeerCertificates();
    return verify(host, (X509Certificate) certificates[0]);
  } catch (SSLException e) {
    return false;
  }
}
 
Example 12
Project: jdk8u-jdk   File: X509TrustManagerImpl.java   View source code 5 votes vote down vote up
private static void checkIdentity(SSLSession session,
        X509Certificate cert,
        String algorithm,
        boolean isClient,
        List<SNIServerName> sniNames) throws CertificateException {

    boolean identifiable = false;
    String peerHost = session.getPeerHost();
    if (isClient) {
        String hostname = getHostNameInSNI(sniNames);
        if (hostname != null) {
            try {
                checkIdentity(hostname, cert, algorithm);
                identifiable = true;
            } catch (CertificateException ce) {
                if (hostname.equalsIgnoreCase(peerHost)) {
                    throw ce;
                }

                // otherwisw, failover to check peer host
            }
        }
    }

    if (!identifiable) {
        checkIdentity(peerHost, cert, algorithm);
    }
}
 
Example 13
Project: GitHub   File: HostnameVerifierTest.java   View source code 5 votes vote down vote up
@Test public void verifySubjectAlt() throws Exception {
  // CN=foo.com, subjectAlt=bar.com
  SSLSession session = session(""
      + "-----BEGIN CERTIFICATE-----\n"
      + "MIIEXDCCA0SgAwIBAgIJAIz+EYMBU6aRMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD\n"
      + "VQQGEwJDQTELMAkGA1UECBMCQkMxEjAQBgNVBAcTCVZhbmNvdXZlcjEWMBQGA1UE\n"
      + "ChMNd3d3LmN1Y2JjLmNvbTEUMBIGA1UECxQLY29tbW9uc19zc2wxHTAbBgNVBAMU\n"
      + "FGRlbW9faW50ZXJtZWRpYXRlX2NhMSUwIwYJKoZIhvcNAQkBFhZqdWxpdXNkYXZp\n"
      + "ZXNAZ21haWwuY29tMB4XDTA2MTIxMTE1MzYyOVoXDTI4MTEwNTE1MzYyOVowgaQx\n"
      + "CzAJBgNVBAYTAlVTMREwDwYDVQQIEwhNYXJ5bGFuZDEUMBIGA1UEBxMLRm9yZXN0\n"
      + "IEhpbGwxFzAVBgNVBAoTDmh0dHBjb21wb25lbnRzMRowGAYDVQQLExF0ZXN0IGNl\n"
      + "cnRpZmljYXRlczEQMA4GA1UEAxMHZm9vLmNvbTElMCMGCSqGSIb3DQEJARYWanVs\n"
      + "aXVzZGF2aWVzQGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC\n"
      + "ggEBAMhjr5aCPoyp0R1iroWAfnEyBMGYWoCidH96yGPFjYLowez5aYKY1IOKTY2B\n"
      + "lYho4O84X244QrZTRl8kQbYtxnGh4gSCD+Z8gjZ/gMvLUlhqOb+WXPAUHMB39GRy\n"
      + "zerA/ZtrlUqf+lKo0uWcocxeRc771KN8cPH3nHZ0rV0Hx4ZAZy6U4xxObe4rtSVY\n"
      + "07hNKXAb2odnVqgzcYiDkLV8ilvEmoNWMWrp8UBqkTcpEhYhCYp3cTkgJwMSuqv8\n"
      + "BqnGd87xQU3FVZI4tbtkB+KzjD9zz8QCDJAfDjZHR03KNQ5mxOgXwxwKw6lGMaiV\n"
      + "JTxpTKqym93whYk93l3ocEe55c0CAwEAAaOBkDCBjTAJBgNVHRMEAjAAMCwGCWCG\n"
      + "SAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4E\n"
      + "FgQUnxR3vz86tso4gkJIFiza0Mteh9gwHwYDVR0jBBgwFoAUe5raj5CZTlLSrNuz\n"
      + "A1LKh6YNPg0wEgYDVR0RBAswCYIHYmFyLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEA\n"
      + "dQyprNZBmVnvuVWjV42sey/PTfkYShJwy1j0/jcFZR/ypZUovpiHGDO1DgL3Y3IP\n"
      + "zVQ26uhUsSw6G0gGRiaBDe/0LUclXZoJzXX1qpS55OadxW73brziS0sxRgGrZE/d\n"
      + "3g5kkio6IED47OP6wYnlmZ7EKP9cqjWwlnvHnnUcZ2SscoLNYs9rN9ccp8tuq2by\n"
      + "88OyhKwGjJfhOudqfTNZcDzRHx4Fzm7UsVaycVw4uDmhEHJrAsmMPpj/+XRK9/42\n"
      + "2xq+8bc6HojdtbCyug/fvBZvZqQXSmU8m8IVcMmWMz0ZQO8ee3QkBHMZfCy7P/kr\n"
      + "VbWx/uETImUu+NZg22ewEw==\n"
      + "-----END CERTIFICATE-----\n");
  assertFalse(verifier.verify("foo.com", session));
  assertFalse(verifier.verify("a.foo.com", session));
  assertTrue(verifier.verify("bar.com", session));
  assertFalse(verifier.verify("a.bar.com", session));
}
 
Example 14
Project: GitHub   File: HostnameVerifierTest.java   View source code 5 votes vote down vote up
@Test public void verifySubjectAltOnly() throws Exception {
  // subjectAlt=foo.com
  SSLSession session = session(""
      + "-----BEGIN CERTIFICATE-----\n"
      + "MIIESjCCAzKgAwIBAgIJAIz+EYMBU6aYMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD\n"
      + "VQQGEwJDQTELMAkGA1UECBMCQkMxEjAQBgNVBAcTCVZhbmNvdXZlcjEWMBQGA1UE\n"
      + "ChMNd3d3LmN1Y2JjLmNvbTEUMBIGA1UECxQLY29tbW9uc19zc2wxHTAbBgNVBAMU\n"
      + "FGRlbW9faW50ZXJtZWRpYXRlX2NhMSUwIwYJKoZIhvcNAQkBFhZqdWxpdXNkYXZp\n"
      + "ZXNAZ21haWwuY29tMB4XDTA2MTIxMTE2MjYxMFoXDTI4MTEwNTE2MjYxMFowgZIx\n"
      + "CzAJBgNVBAYTAlVTMREwDwYDVQQIDAhNYXJ5bGFuZDEUMBIGA1UEBwwLRm9yZXN0\n"
      + "IEhpbGwxFzAVBgNVBAoMDmh0dHBjb21wb25lbnRzMRowGAYDVQQLDBF0ZXN0IGNl\n"
      + "cnRpZmljYXRlczElMCMGCSqGSIb3DQEJARYWanVsaXVzZGF2aWVzQGdtYWlsLmNv\n"
      + "bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMhjr5aCPoyp0R1iroWA\n"
      + "fnEyBMGYWoCidH96yGPFjYLowez5aYKY1IOKTY2BlYho4O84X244QrZTRl8kQbYt\n"
      + "xnGh4gSCD+Z8gjZ/gMvLUlhqOb+WXPAUHMB39GRyzerA/ZtrlUqf+lKo0uWcocxe\n"
      + "Rc771KN8cPH3nHZ0rV0Hx4ZAZy6U4xxObe4rtSVY07hNKXAb2odnVqgzcYiDkLV8\n"
      + "ilvEmoNWMWrp8UBqkTcpEhYhCYp3cTkgJwMSuqv8BqnGd87xQU3FVZI4tbtkB+Kz\n"
      + "jD9zz8QCDJAfDjZHR03KNQ5mxOgXwxwKw6lGMaiVJTxpTKqym93whYk93l3ocEe5\n"
      + "5c0CAwEAAaOBkDCBjTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NM\n"
      + "IEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUnxR3vz86tso4gkJIFiza\n"
      + "0Mteh9gwHwYDVR0jBBgwFoAUe5raj5CZTlLSrNuzA1LKh6YNPg0wEgYDVR0RBAsw\n"
      + "CYIHZm9vLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAjl78oMjzFdsMy6F1sGg/IkO8\n"
      + "tF5yUgPgFYrs41yzAca7IQu6G9qtFDJz/7ehh/9HoG+oqCCIHPuIOmS7Sd0wnkyJ\n"
      + "Y7Y04jVXIb3a6f6AgBkEFP1nOT0z6kjT7vkA5LJ2y3MiDcXuRNMSta5PYVnrX8aZ\n"
      + "yiqVUNi40peuZ2R8mAUSBvWgD7z2qWhF8YgDb7wWaFjg53I36vWKn90ZEti3wNCw\n"
      + "qAVqixM+J0qJmQStgAc53i2aTMvAQu3A3snvH/PHTBo+5UL72n9S1kZyNCsVf1Qo\n"
      + "n8jKTiRriEM+fMFlcgQP284EBFzYHyCXFb9O/hMjK2+6mY9euMB1U1aFFzM/Bg==\n"
      + "-----END CERTIFICATE-----\n");
  assertTrue(verifier.verify("foo.com", session));
  assertFalse(verifier.verify("a.foo.com", session));
  assertTrue(verifier.verify("foo.com", session));
  assertFalse(verifier.verify("a.foo.com", session));
}
 
Example 15
Project: GitHub   File: HostnameVerifierTest.java   View source code 5 votes vote down vote up
@Test public void verifyMultipleCn() throws Exception {
  // CN=foo.com, CN=bar.com, CN=&#x82b1;&#x5b50;.co.jp
  SSLSession session = session(""
      + "-----BEGIN CERTIFICATE-----\n"
      + "MIIEbzCCA1egAwIBAgIJAIz+EYMBU6aXMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD\n"
      + "VQQGEwJDQTELMAkGA1UECBMCQkMxEjAQBgNVBAcTCVZhbmNvdXZlcjEWMBQGA1UE\n"
      + "ChMNd3d3LmN1Y2JjLmNvbTEUMBIGA1UECxQLY29tbW9uc19zc2wxHTAbBgNVBAMU\n"
      + "FGRlbW9faW50ZXJtZWRpYXRlX2NhMSUwIwYJKoZIhvcNAQkBFhZqdWxpdXNkYXZp\n"
      + "ZXNAZ21haWwuY29tMB4XDTA2MTIxMTE2MTk0NVoXDTI4MTEwNTE2MTk0NVowgc0x\n"
      + "CzAJBgNVBAYTAlVTMREwDwYDVQQIDAhNYXJ5bGFuZDEUMBIGA1UEBwwLRm9yZXN0\n"
      + "IEhpbGwxFzAVBgNVBAoMDmh0dHBjb21wb25lbnRzMRowGAYDVQQLDBF0ZXN0IGNl\n"
      + "cnRpZmljYXRlczEQMA4GA1UEAwwHZm9vLmNvbTEQMA4GA1UEAwwHYmFyLmNvbTEV\n"
      + "MBMGA1UEAwwM6Iqx5a2QLmNvLmpwMSUwIwYJKoZIhvcNAQkBFhZqdWxpdXNkYXZp\n"
      + "ZXNAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGOv\n"
      + "loI+jKnRHWKuhYB+cTIEwZhagKJ0f3rIY8WNgujB7PlpgpjUg4pNjYGViGjg7zhf\n"
      + "bjhCtlNGXyRBti3GcaHiBIIP5nyCNn+Ay8tSWGo5v5Zc8BQcwHf0ZHLN6sD9m2uV\n"
      + "Sp/6UqjS5ZyhzF5FzvvUo3xw8fecdnStXQfHhkBnLpTjHE5t7iu1JVjTuE0pcBva\n"
      + "h2dWqDNxiIOQtXyKW8Sag1YxaunxQGqRNykSFiEJindxOSAnAxK6q/wGqcZ3zvFB\n"
      + "TcVVkji1u2QH4rOMP3PPxAIMkB8ONkdHTco1DmbE6BfDHArDqUYxqJUlPGlMqrKb\n"
      + "3fCFiT3eXehwR7nlzQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQf\n"
      + "Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUnxR3vz86\n"
      + "tso4gkJIFiza0Mteh9gwHwYDVR0jBBgwFoAUe5raj5CZTlLSrNuzA1LKh6YNPg0w\n"
      + "DQYJKoZIhvcNAQEFBQADggEBAGuZb8ai1NO2j4v3y9TLZvd5s0vh5/TE7n7RX+8U\n"
      + "y37OL5k7x9nt0mM1TyAKxlCcY+9h6frue8MemZIILSIvMrtzccqNz0V1WKgA+Orf\n"
      + "uUrabmn+CxHF5gpy6g1Qs2IjVYWA5f7FROn/J+Ad8gJYc1azOWCLQqSyfpNRLSvY\n"
      + "EriQFEV63XvkJ8JrG62b+2OT2lqT4OO07gSPetppdlSa8NBSKP6Aro9RIX1ZjUZQ\n"
      + "SpQFCfo02NO0uNRDPUdJx2huycdNb+AXHaO7eXevDLJ+QnqImIzxWiY6zLOdzjjI\n"
      + "VBMkLHmnP7SjGSQ3XA4ByrQOxfOUTyLyE7NuemhHppuQPxE=\n"
      + "-----END CERTIFICATE-----\n");
  assertFalse(verifier.verify("foo.com", session));
  assertFalse(verifier.verify("a.foo.com", session));
  assertFalse(verifier.verify("bar.com", session));
  assertFalse(verifier.verify("a.bar.com", session));
  assertTrue(verifier.verify("\u82b1\u5b50.co.jp", session));
  assertFalse(verifier.verify("a.\u82b1\u5b50.co.jp", session));
}
 
Example 16
Project: GitHub   File: HostnameVerifierTest.java   View source code 5 votes vote down vote up
@Test public void verifyWilcardCn() throws Exception {
  // CN=*.foo.com
  SSLSession session = session(""
      + "-----BEGIN CERTIFICATE-----\n"
      + "MIIESDCCAzCgAwIBAgIJAIz+EYMBU6aUMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD\n"
      + "VQQGEwJDQTELMAkGA1UECBMCQkMxEjAQBgNVBAcTCVZhbmNvdXZlcjEWMBQGA1UE\n"
      + "ChMNd3d3LmN1Y2JjLmNvbTEUMBIGA1UECxQLY29tbW9uc19zc2wxHTAbBgNVBAMU\n"
      + "FGRlbW9faW50ZXJtZWRpYXRlX2NhMSUwIwYJKoZIhvcNAQkBFhZqdWxpdXNkYXZp\n"
      + "ZXNAZ21haWwuY29tMB4XDTA2MTIxMTE2MTU1NVoXDTI4MTEwNTE2MTU1NVowgaYx\n"
      + "CzAJBgNVBAYTAlVTMREwDwYDVQQIEwhNYXJ5bGFuZDEUMBIGA1UEBxMLRm9yZXN0\n"
      + "IEhpbGwxFzAVBgNVBAoTDmh0dHBjb21wb25lbnRzMRowGAYDVQQLExF0ZXN0IGNl\n"
      + "cnRpZmljYXRlczESMBAGA1UEAxQJKi5mb28uY29tMSUwIwYJKoZIhvcNAQkBFhZq\n"
      + "dWxpdXNkYXZpZXNAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"
      + "CgKCAQEAyGOvloI+jKnRHWKuhYB+cTIEwZhagKJ0f3rIY8WNgujB7PlpgpjUg4pN\n"
      + "jYGViGjg7zhfbjhCtlNGXyRBti3GcaHiBIIP5nyCNn+Ay8tSWGo5v5Zc8BQcwHf0\n"
      + "ZHLN6sD9m2uVSp/6UqjS5ZyhzF5FzvvUo3xw8fecdnStXQfHhkBnLpTjHE5t7iu1\n"
      + "JVjTuE0pcBvah2dWqDNxiIOQtXyKW8Sag1YxaunxQGqRNykSFiEJindxOSAnAxK6\n"
      + "q/wGqcZ3zvFBTcVVkji1u2QH4rOMP3PPxAIMkB8ONkdHTco1DmbE6BfDHArDqUYx\n"
      + "qJUlPGlMqrKb3fCFiT3eXehwR7nlzQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCG\n"
      + "SAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4E\n"
      + "FgQUnxR3vz86tso4gkJIFiza0Mteh9gwHwYDVR0jBBgwFoAUe5raj5CZTlLSrNuz\n"
      + "A1LKh6YNPg0wDQYJKoZIhvcNAQEFBQADggEBAH0ipG6J561UKUfgkeW7GvYwW98B\n"
      + "N1ZooWX+JEEZK7+Pf/96d3Ij0rw9ACfN4bpfnCq0VUNZVSYB+GthQ2zYuz7tf/UY\n"
      + "A6nxVgR/IjG69BmsBl92uFO7JTNtHztuiPqBn59pt+vNx4yPvno7zmxsfI7jv0ww\n"
      + "yfs+0FNm7FwdsC1k47GBSOaGw38kuIVWqXSAbL4EX9GkryGGOKGNh0qvAENCdRSB\n"
      + "G9Z6tyMbmfRY+dLSh3a9JwoEcBUso6EWYBakLbq4nG/nvYdYvG9ehrnLVwZFL82e\n"
      + "l3Q/RK95bnA6cuRClGusLad0e6bjkBzx/VQ3VarDEpAkTLUGVAa0CLXtnyc=\n"
      + "-----END CERTIFICATE-----\n");
  assertFalse(verifier.verify("foo.com", session));
  assertTrue(verifier.verify("www.foo.com", session));
  assertTrue(verifier.verify("\u82b1\u5b50.foo.com", session));
  assertFalse(verifier.verify("a.b.foo.com", session));
}
 
Example 17
Project: GitHub   File: HostnameVerifierTest.java   View source code 5 votes vote down vote up
@Test public void verifyWilcardCnOnTld() throws Exception {
  // It's the CA's responsibility to not issue broad-matching certificates!
  // CN=*.co.jp
  SSLSession session = session(""
      + "-----BEGIN CERTIFICATE-----\n"
      + "MIIERjCCAy6gAwIBAgIJAIz+EYMBU6aVMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD\n"
      + "VQQGEwJDQTELMAkGA1UECBMCQkMxEjAQBgNVBAcTCVZhbmNvdXZlcjEWMBQGA1UE\n"
      + "ChMNd3d3LmN1Y2JjLmNvbTEUMBIGA1UECxQLY29tbW9uc19zc2wxHTAbBgNVBAMU\n"
      + "FGRlbW9faW50ZXJtZWRpYXRlX2NhMSUwIwYJKoZIhvcNAQkBFhZqdWxpdXNkYXZp\n"
      + "ZXNAZ21haWwuY29tMB4XDTA2MTIxMTE2MTYzMFoXDTI4MTEwNTE2MTYzMFowgaQx\n"
      + "CzAJBgNVBAYTAlVTMREwDwYDVQQIEwhNYXJ5bGFuZDEUMBIGA1UEBxMLRm9yZXN0\n"
      + "IEhpbGwxFzAVBgNVBAoTDmh0dHBjb21wb25lbnRzMRowGAYDVQQLExF0ZXN0IGNl\n"
      + "cnRpZmljYXRlczEQMA4GA1UEAxQHKi5jby5qcDElMCMGCSqGSIb3DQEJARYWanVs\n"
      + "aXVzZGF2aWVzQGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC\n"
      + "ggEBAMhjr5aCPoyp0R1iroWAfnEyBMGYWoCidH96yGPFjYLowez5aYKY1IOKTY2B\n"
      + "lYho4O84X244QrZTRl8kQbYtxnGh4gSCD+Z8gjZ/gMvLUlhqOb+WXPAUHMB39GRy\n"
      + "zerA/ZtrlUqf+lKo0uWcocxeRc771KN8cPH3nHZ0rV0Hx4ZAZy6U4xxObe4rtSVY\n"
      + "07hNKXAb2odnVqgzcYiDkLV8ilvEmoNWMWrp8UBqkTcpEhYhCYp3cTkgJwMSuqv8\n"
      + "BqnGd87xQU3FVZI4tbtkB+KzjD9zz8QCDJAfDjZHR03KNQ5mxOgXwxwKw6lGMaiV\n"
      + "JTxpTKqym93whYk93l3ocEe55c0CAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgB\n"
      + "hvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYE\n"
      + "FJ8Ud78/OrbKOIJCSBYs2tDLXofYMB8GA1UdIwQYMBaAFHua2o+QmU5S0qzbswNS\n"
      + "yoemDT4NMA0GCSqGSIb3DQEBBQUAA4IBAQA0sWglVlMx2zNGvUqFC73XtREwii53\n"
      + "CfMM6mtf2+f3k/d8KXhLNySrg8RRlN11zgmpPaLtbdTLrmG4UdAHHYr8O4y2BBmE\n"
      + "1cxNfGxxechgF8HX10QV4dkyzp6Z1cfwvCeMrT5G/V1pejago0ayXx+GPLbWlNeZ\n"
      + "S+Kl0m3p+QplXujtwG5fYcIpaGpiYraBLx3Tadih39QN65CnAh/zRDhLCUzKyt9l\n"
      + "UGPLEUDzRHMPHLnSqT1n5UU5UDRytbjJPXzF+l/+WZIsanefWLsxnkgAuZe/oMMF\n"
      + "EJMryEzOjg4Tfuc5qM0EXoPcQ/JlheaxZ40p2IyHqbsWV4MRYuFH4bkM\n"
      + "-----END CERTIFICATE-----\n");
  assertTrue(verifier.verify("foo.co.jp", session));
  assertTrue(verifier.verify("\u82b1\u5b50.co.jp", session));
}
 
Example 18
Project: jdk8u-jdk   File: SSLSessionContextImpl.java   View source code 5 votes vote down vote up
boolean isTimedout(SSLSession sess) {
    if (timeout == 0) {
        return false;
    }

    if ((sess != null) && ((sess.getCreationTime() + timeout * 1000L)
                                    <= (System.currentTimeMillis()))) {
        sess.invalidate();
        return true;
    }

    return false;
}
 
Example 19
Project: GitHub   File: HostnameVerifierTest.java   View source code 5 votes vote down vote up
@Test public void subjectAltName() throws Exception {
  // $ cat ./cert.cnf
  // [req]
  // distinguished_name=distinguished_name
  // req_extensions=req_extensions
  // x509_extensions=x509_extensions
  // [distinguished_name]
  // [req_extensions]
  // [x509_extensions]
  // subjectAltName=DNS:bar.com,DNS:baz.com
  //
  // $ openssl req -x509 -nodes -days 36500 -subj '/CN=foo.com' -config ./cert.cnf \
  //     -newkey rsa:512 -out cert.pem
  SSLSession session = session(""
      + "-----BEGIN CERTIFICATE-----\n"
      + "MIIBPTCB6KADAgECAgkA7zoHaaqNGHQwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UE\n"
      + "AxMHZm9vLmNvbTAgFw0xMDEyMjAxODM5MzZaGA8yMTEwMTEyNjE4MzkzNlowEjEQ\n"
      + "MA4GA1UEAxMHZm9vLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC+gmoSxF+8\n"
      + "hbV+rgRQqHIJd50216OWQJbU3BvdlPbca779NYO4+UZWTFdBM8BdQqs3H4B5Agvp\n"
      + "y7HeSff1F7XRAgMBAAGjHzAdMBsGA1UdEQQUMBKCB2Jhci5jb22CB2Jhei5jb20w\n"
      + "DQYJKoZIhvcNAQEFBQADQQBXpZZPOY2Dy1lGG81JTr8L4or9jpKacD7n51eS8iqI\n"
      + "oTznPNuXHU5bFN0AAGX2ij47f/EahqTpo5RdS95P4sVm\n"
      + "-----END CERTIFICATE-----");
  assertFalse(verifier.verify("foo.com", session));
  assertTrue(verifier.verify("bar.com", session));
  assertTrue(verifier.verify("baz.com", session));
  assertFalse(verifier.verify("a.foo.com", session));
  assertFalse(verifier.verify("quux.com", session));
}
 
Example 20
Project: lams   File: JSSESupport.java   View source code 5 votes vote down vote up
protected java.security.cert.X509Certificate [] getX509Certificates(SSLSession session) 
    throws IOException {
    Certificate [] certs=null;
    try {
        certs = session.getPeerCertificates();
    } catch( Throwable t ) {
        log.debug("Error getting client certs",t);
        return null;
    }
    if( certs==null ) return null;
    
    java.security.cert.X509Certificate [] x509Certs = 
        new java.security.cert.X509Certificate[certs.length];
    for(int i=0; i < certs.length; i++) {
        if (certs[i] instanceof java.security.cert.X509Certificate ) {
            // always currently true with the JSSE 1.1.x
            x509Certs[i] = (java.security.cert.X509Certificate) certs[i];
        } else {
            try {
                byte [] buffer = certs[i].getEncoded();
                CertificateFactory cf =
                    CertificateFactory.getInstance("X.509");
                ByteArrayInputStream stream =
                    new ByteArrayInputStream(buffer);
                x509Certs[i] = (java.security.cert.X509Certificate) cf.generateCertificate(stream);
            } catch(Exception ex) { 
                log.info("Error translating cert " + certs[i], ex);
                return null;
            }
        }
        if(log.isTraceEnabled())
            log.trace("Cert #" + i + " = " + x509Certs[i]);
    }
    if(x509Certs.length < 1)
        return null;
    return x509Certs;
}
 
Example 21
Project: OpenJSharp   File: StartTlsResponseImpl.java   View source code 5 votes vote down vote up
private static Principal getPeerPrincipal(SSLSession session)
        throws SSLPeerUnverifiedException {
    Principal principal;
    try {
        principal = session.getPeerPrincipal();
    } catch (AbstractMethodError e) {
        // if the JSSE provider does not support it, return null, since
        // we need it only for Kerberos.
        principal = null;
    }
    return principal;
}
 
Example 22
Project: openjdk-jdk10   File: X509TrustManagerImpl.java   View source code 5 votes vote down vote up
static List<SNIServerName> getRequestedServerNames(Socket socket) {
    if (socket != null && socket.isConnected() &&
                                    socket instanceof SSLSocket) {

        SSLSocket sslSocket = (SSLSocket)socket;
        SSLSession session = sslSocket.getHandshakeSession();

        if (session != null && (session instanceof ExtendedSSLSession)) {
            ExtendedSSLSession extSession = (ExtendedSSLSession)session;
            return extSession.getRequestedServerNames();
        }
    }

    return Collections.<SNIServerName>emptyList();
}
 
Example 23
Project: FirefoxData-android   File: DefaultManagedHttpClientConnection.java   View source code 5 votes vote down vote up
public SSLSession getSSLSession() {
    final Socket socket = super.getSocket();
    if (socket instanceof SSLSocket) {
        return ((SSLSocket) socket).getSession();
    } else {
        return null;
    }
}
 
Example 24
Project: linkopensdk-android   File: HttpRequest.java   View source code 5 votes vote down vote up
public HttpRequest setTrustedHost(final String hostStr) {
    if (hostStr.length() > 0) {
        TRUSTED_VERIFIER = new HostnameVerifier() {
            public boolean verify(String host, SSLSession session) {
                if (hostStr.contains(host)) {
                    return true;
                } else {
                    return false;
                }
            }
        };
    }
    return this;
}
 
Example 25
Project: openjdk-jdk10   File: SSLSessionContextImpl.java   View source code 5 votes vote down vote up
boolean isTimedout(SSLSession sess) {
    if (timeout == 0) {
        return false;
    }

    if ((sess != null) && ((sess.getCreationTime() + timeout * 1000L)
                                    <= (System.currentTimeMillis()))) {
        sess.invalidate();
        return true;
    }

    return false;
}
 
Example 26
Project: GitHub   File: HostnameVerifierTest.java   View source code 5 votes vote down vote up
@Test public void verifyNonAsciiCn() throws Exception {
  // CN=&#x82b1;&#x5b50;.co.jp
  SSLSession session = session(""
      + "-----BEGIN CERTIFICATE-----\n"
      + "MIIESzCCAzOgAwIBAgIJAIz+EYMBU6aTMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD\n"
      + "VQQGEwJDQTELMAkGA1UECBMCQkMxEjAQBgNVBAcTCVZhbmNvdXZlcjEWMBQGA1UE\n"
      + "ChMNd3d3LmN1Y2JjLmNvbTEUMBIGA1UECxQLY29tbW9uc19zc2wxHTAbBgNVBAMU\n"
      + "FGRlbW9faW50ZXJtZWRpYXRlX2NhMSUwIwYJKoZIhvcNAQkBFhZqdWxpdXNkYXZp\n"
      + "ZXNAZ21haWwuY29tMB4XDTA2MTIxMTE1NDIxNVoXDTI4MTEwNTE1NDIxNVowgakx\n"
      + "CzAJBgNVBAYTAlVTMREwDwYDVQQIDAhNYXJ5bGFuZDEUMBIGA1UEBwwLRm9yZXN0\n"
      + "IEhpbGwxFzAVBgNVBAoMDmh0dHBjb21wb25lbnRzMRowGAYDVQQLDBF0ZXN0IGNl\n"
      + "cnRpZmljYXRlczEVMBMGA1UEAwwM6Iqx5a2QLmNvLmpwMSUwIwYJKoZIhvcNAQkB\n"
      + "FhZqdWxpdXNkYXZpZXNAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\n"
      + "MIIBCgKCAQEAyGOvloI+jKnRHWKuhYB+cTIEwZhagKJ0f3rIY8WNgujB7PlpgpjU\n"
      + "g4pNjYGViGjg7zhfbjhCtlNGXyRBti3GcaHiBIIP5nyCNn+Ay8tSWGo5v5Zc8BQc\n"
      + "wHf0ZHLN6sD9m2uVSp/6UqjS5ZyhzF5FzvvUo3xw8fecdnStXQfHhkBnLpTjHE5t\n"
      + "7iu1JVjTuE0pcBvah2dWqDNxiIOQtXyKW8Sag1YxaunxQGqRNykSFiEJindxOSAn\n"
      + "AxK6q/wGqcZ3zvFBTcVVkji1u2QH4rOMP3PPxAIMkB8ONkdHTco1DmbE6BfDHArD\n"
      + "qUYxqJUlPGlMqrKb3fCFiT3eXehwR7nlzQIDAQABo3sweTAJBgNVHRMEAjAAMCwG\n"
      + "CWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNV\n"
      + "HQ4EFgQUnxR3vz86tso4gkJIFiza0Mteh9gwHwYDVR0jBBgwFoAUe5raj5CZTlLS\n"
      + "rNuzA1LKh6YNPg0wDQYJKoZIhvcNAQEFBQADggEBALJ27i3okV/KvlDp6KMID3gd\n"
      + "ITl68PyItzzx+SquF8gahMh016NX73z/oVZoVUNdftla8wPUB1GwIkAnGkhQ9LHK\n"
      + "spBdbRiCj0gMmLCsX8SrjFvr7cYb2cK6J/fJe92l1tg/7Y4o7V/s4JBe/cy9U9w8\n"
      + "a0ctuDmEBCgC784JMDtT67klRfr/2LlqWhlOEq7pUFxRLbhpquaAHSOjmIcWnVpw\n"
      + "9BsO7qe46hidgn39hKh1WjKK2VcL/3YRsC4wUi0PBtFW6ScMCuMhgIRXSPU55Rae\n"
      + "UIlOdPjjr1SUNWGId1rD7W16Scpwnknn310FNxFMHVI0GTGFkNdkilNCFJcIoRA=\n"
      + "-----END CERTIFICATE-----\n");
  assertTrue(verifier.verify("\u82b1\u5b50.co.jp", session));
  assertFalse(verifier.verify("a.\u82b1\u5b50.co.jp", session));
}
 
Example 27
Project: GitHub   File: HostnameVerifierTest.java   View source code 5 votes vote down vote up
@Test public void verifySubjectAlt() throws Exception {
  // CN=foo.com, subjectAlt=bar.com
  SSLSession session = session(""
      + "-----BEGIN CERTIFICATE-----\n"
      + "MIIEXDCCA0SgAwIBAgIJAIz+EYMBU6aRMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD\n"
      + "VQQGEwJDQTELMAkGA1UECBMCQkMxEjAQBgNVBAcTCVZhbmNvdXZlcjEWMBQGA1UE\n"
      + "ChMNd3d3LmN1Y2JjLmNvbTEUMBIGA1UECxQLY29tbW9uc19zc2wxHTAbBgNVBAMU\n"
      + "FGRlbW9faW50ZXJtZWRpYXRlX2NhMSUwIwYJKoZIhvcNAQkBFhZqdWxpdXNkYXZp\n"
      + "ZXNAZ21haWwuY29tMB4XDTA2MTIxMTE1MzYyOVoXDTI4MTEwNTE1MzYyOVowgaQx\n"
      + "CzAJBgNVBAYTAlVTMREwDwYDVQQIEwhNYXJ5bGFuZDEUMBIGA1UEBxMLRm9yZXN0\n"
      + "IEhpbGwxFzAVBgNVBAoTDmh0dHBjb21wb25lbnRzMRowGAYDVQQLExF0ZXN0IGNl\n"
      + "cnRpZmljYXRlczEQMA4GA1UEAxMHZm9vLmNvbTElMCMGCSqGSIb3DQEJARYWanVs\n"
      + "aXVzZGF2aWVzQGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC\n"
      + "ggEBAMhjr5aCPoyp0R1iroWAfnEyBMGYWoCidH96yGPFjYLowez5aYKY1IOKTY2B\n"
      + "lYho4O84X244QrZTRl8kQbYtxnGh4gSCD+Z8gjZ/gMvLUlhqOb+WXPAUHMB39GRy\n"
      + "zerA/ZtrlUqf+lKo0uWcocxeRc771KN8cPH3nHZ0rV0Hx4ZAZy6U4xxObe4rtSVY\n"
      + "07hNKXAb2odnVqgzcYiDkLV8ilvEmoNWMWrp8UBqkTcpEhYhCYp3cTkgJwMSuqv8\n"
      + "BqnGd87xQU3FVZI4tbtkB+KzjD9zz8QCDJAfDjZHR03KNQ5mxOgXwxwKw6lGMaiV\n"
      + "JTxpTKqym93whYk93l3ocEe55c0CAwEAAaOBkDCBjTAJBgNVHRMEAjAAMCwGCWCG\n"
      + "SAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4E\n"
      + "FgQUnxR3vz86tso4gkJIFiza0Mteh9gwHwYDVR0jBBgwFoAUe5raj5CZTlLSrNuz\n"
      + "A1LKh6YNPg0wEgYDVR0RBAswCYIHYmFyLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEA\n"
      + "dQyprNZBmVnvuVWjV42sey/PTfkYShJwy1j0/jcFZR/ypZUovpiHGDO1DgL3Y3IP\n"
      + "zVQ26uhUsSw6G0gGRiaBDe/0LUclXZoJzXX1qpS55OadxW73brziS0sxRgGrZE/d\n"
      + "3g5kkio6IED47OP6wYnlmZ7EKP9cqjWwlnvHnnUcZ2SscoLNYs9rN9ccp8tuq2by\n"
      + "88OyhKwGjJfhOudqfTNZcDzRHx4Fzm7UsVaycVw4uDmhEHJrAsmMPpj/+XRK9/42\n"
      + "2xq+8bc6HojdtbCyug/fvBZvZqQXSmU8m8IVcMmWMz0ZQO8ee3QkBHMZfCy7P/kr\n"
      + "VbWx/uETImUu+NZg22ewEw==\n"
      + "-----END CERTIFICATE-----\n");
  assertFalse(verifier.verify("foo.com", session));
  assertFalse(verifier.verify("a.foo.com", session));
  assertTrue(verifier.verify("bar.com", session));
  assertFalse(verifier.verify("a.bar.com", session));
}
 
Example 28
Project: lazycat   File: JSSESocketFactory.java   View source code 5 votes vote down vote up
@Override
public void handshake(Socket sock) throws IOException {
	// We do getSession instead of startHandshake() so we can call this
	// multiple times
	SSLSession session = ((SSLSocket) sock).getSession();
	if (session.getCipherSuite().equals("SSL_NULL_WITH_NULL_NULL"))
		throw new IOException("SSL handshake failed. Ciper suite in SSL Session is SSL_NULL_WITH_NULL_NULL");

	if (!allowUnsafeLegacyRenegotiation && !rfc5746Supported) {
		// Prevent further handshakes by removing all cipher suites
		((SSLSocket) sock).setEnabledCipherSuites(new String[0]);
	}
}
 
Example 29
Project: GitHub   File: HostnameVerifierTest.java   View source code 5 votes vote down vote up
@Test public void verifyWilcardCn() throws Exception {
  // CN=*.foo.com
  SSLSession session = session(""
      + "-----BEGIN CERTIFICATE-----\n"
      + "MIIESDCCAzCgAwIBAgIJAIz+EYMBU6aUMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD\n"
      + "VQQGEwJDQTELMAkGA1UECBMCQkMxEjAQBgNVBAcTCVZhbmNvdXZlcjEWMBQGA1UE\n"
      + "ChMNd3d3LmN1Y2JjLmNvbTEUMBIGA1UECxQLY29tbW9uc19zc2wxHTAbBgNVBAMU\n"
      + "FGRlbW9faW50ZXJtZWRpYXRlX2NhMSUwIwYJKoZIhvcNAQkBFhZqdWxpdXNkYXZp\n"
      + "ZXNAZ21haWwuY29tMB4XDTA2MTIxMTE2MTU1NVoXDTI4MTEwNTE2MTU1NVowgaYx\n"
      + "CzAJBgNVBAYTAlVTMREwDwYDVQQIEwhNYXJ5bGFuZDEUMBIGA1UEBxMLRm9yZXN0\n"
      + "IEhpbGwxFzAVBgNVBAoTDmh0dHBjb21wb25lbnRzMRowGAYDVQQLExF0ZXN0IGNl\n"
      + "cnRpZmljYXRlczESMBAGA1UEAxQJKi5mb28uY29tMSUwIwYJKoZIhvcNAQkBFhZq\n"
      + "dWxpdXNkYXZpZXNAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"
      + "CgKCAQEAyGOvloI+jKnRHWKuhYB+cTIEwZhagKJ0f3rIY8WNgujB7PlpgpjUg4pN\n"
      + "jYGViGjg7zhfbjhCtlNGXyRBti3GcaHiBIIP5nyCNn+Ay8tSWGo5v5Zc8BQcwHf0\n"
      + "ZHLN6sD9m2uVSp/6UqjS5ZyhzF5FzvvUo3xw8fecdnStXQfHhkBnLpTjHE5t7iu1\n"
      + "JVjTuE0pcBvah2dWqDNxiIOQtXyKW8Sag1YxaunxQGqRNykSFiEJindxOSAnAxK6\n"
      + "q/wGqcZ3zvFBTcVVkji1u2QH4rOMP3PPxAIMkB8ONkdHTco1DmbE6BfDHArDqUYx\n"
      + "qJUlPGlMqrKb3fCFiT3eXehwR7nlzQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCG\n"
      + "SAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4E\n"
      + "FgQUnxR3vz86tso4gkJIFiza0Mteh9gwHwYDVR0jBBgwFoAUe5raj5CZTlLSrNuz\n"
      + "A1LKh6YNPg0wDQYJKoZIhvcNAQEFBQADggEBAH0ipG6J561UKUfgkeW7GvYwW98B\n"
      + "N1ZooWX+JEEZK7+Pf/96d3Ij0rw9ACfN4bpfnCq0VUNZVSYB+GthQ2zYuz7tf/UY\n"
      + "A6nxVgR/IjG69BmsBl92uFO7JTNtHztuiPqBn59pt+vNx4yPvno7zmxsfI7jv0ww\n"
      + "yfs+0FNm7FwdsC1k47GBSOaGw38kuIVWqXSAbL4EX9GkryGGOKGNh0qvAENCdRSB\n"
      + "G9Z6tyMbmfRY+dLSh3a9JwoEcBUso6EWYBakLbq4nG/nvYdYvG9ehrnLVwZFL82e\n"
      + "l3Q/RK95bnA6cuRClGusLad0e6bjkBzx/VQ3VarDEpAkTLUGVAa0CLXtnyc=\n"
      + "-----END CERTIFICATE-----\n");
  assertFalse(verifier.verify("foo.com", session));
  assertTrue(verifier.verify("www.foo.com", session));
  assertTrue(verifier.verify("\u82b1\u5b50.foo.com", session));
  assertFalse(verifier.verify("a.b.foo.com", session));
}
 
Example 30
Project: SuperHttp   File: HttpsUtils.java   View source code 5 votes vote down vote up
@Override
public boolean verify(String hostname, SSLSession session) {
    if (this.host == null || "".equals(this.host) || !this.host.contains(hostname)) {
        return false;
    }
    return true;
}
 
Example 31
Project: java-pilosa   File: InsecurePilosaClientIT.java   View source code 5 votes vote down vote up
@Override
protected Registry<ConnectionSocketFactory> getRegistry() {
    HostnameVerifier verifier = new HostnameVerifier() {
        @Override
        public boolean verify(String hostName, SSLSession session) {
            return true;
        }
    };

    SSLContext sslContext = null;
    try {
        sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
            public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
                return true;
            }
        }).build();
    } catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException e) {
        e.printStackTrace();
    }
    if (sslContext == null) {
        throw new RuntimeException("SSL Context not created");
    }

    SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(
            sslContext,
            new String[]{"TLSv1.2"}, null, verifier);
    return RegistryBuilder.<ConnectionSocketFactory>create()
            .register("http", PlainConnectionSocketFactory.getSocketFactory())
            .register("https", sslConnectionSocketFactory)
            .build();
}
 
Example 32
Project: GitHub   File: DelegatingSSLSocket.java   View source code 5 votes vote down vote up
public SSLSession getHandshakeSession() {
  try {
    return (SSLSession) SSLSocket.class.getMethod("getHandshakeSession").invoke(delegate);
  } catch (IllegalAccessException | InvocationTargetException | NoSuchMethodException e) {
    throw new AssertionError();
  }
}
 
Example 33
Project: RxEasyHttp   File: MyApplication.java   View source code 5 votes vote down vote up
@Override
public boolean verify(String hostname, SSLSession session) {
    HttpLog.i("############### verify " + hostname + " " + this.host);
    if (this.host == null || "".equals(this.host) || !this.host.contains(hostname))
        return false;
    return true;
}
 
Example 34
Project: jdk8u-jdk   File: StartTlsResponseImpl.java   View source code 5 votes vote down vote up
private static Principal getPeerPrincipal(SSLSession session)
        throws SSLPeerUnverifiedException {
    Principal principal;
    try {
        principal = session.getPeerPrincipal();
    } catch (AbstractMethodError e) {
        // if the JSSE provider does not support it, return null, since
        // we need it only for Kerberos.
        principal = null;
    }
    return principal;
}
 
Example 35
Project: AndroidCoreLib   File: NetworkRequestClient.java   View source code 5 votes vote down vote up
private NetworkRequestClient(){
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        //支持Https
        builder.hostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        });
        builder.connectTimeout(TIME_OUT, TimeUnit.SECONDS);
//        builder.readTimeout(TIME_OUT, TimeUnit.SECONDS);
//        builder.writeTimeout(TIME_OUT, TimeUnit.SECONDS);
        mOkHttpClient = builder.build();
    }
 
Example 36
Project: FirefoxData-android   File: DefaultUserTokenHandler.java   View source code 5 votes vote down vote up
public Object getUserToken(final HttpContext context) {

        final HttpClientContext clientContext = HttpClientContext.adapt(context);

        Principal userPrincipal = null;

        final AuthState targetAuthState = clientContext.getTargetAuthState();
        if (targetAuthState != null) {
            userPrincipal = getAuthPrincipal(targetAuthState);
            if (userPrincipal == null) {
                final AuthState proxyAuthState = clientContext.getProxyAuthState();
                userPrincipal = getAuthPrincipal(proxyAuthState);
            }
        }

        if (userPrincipal == null) {
            final HttpConnection conn = clientContext.getConnection();
            if (conn.isOpen() && conn instanceof ManagedHttpClientConnection) {
                final SSLSession sslsession = ((ManagedHttpClientConnection) conn).getSSLSession();
                if (sslsession != null) {
                    userPrincipal = sslsession.getLocalPrincipal();
                }
            }
        }

        return userPrincipal;
    }
 
Example 37
Project: lams   File: AbstractClientConnAdapter.java   View source code 5 votes vote down vote up
public SSLSession getSSLSession() {
    OperatedClientConnection conn = getWrappedConnection();
    assertValid(conn);
    if (!isOpen())
        return null;

    SSLSession result = null;
    Socket    sock    = conn.getSocket();
    if (sock instanceof SSLSocket) {
        result = ((SSLSocket)sock).getSession();
    }
    return result;
}
 
Example 38
Project: FirefoxData-android   File: AbstractVerifier.java   View source code 5 votes vote down vote up
public final boolean verify(final String host, final SSLSession session) {
    try {
        final Certificate[] certs = session.getPeerCertificates();
        final X509Certificate x509 = (X509Certificate) certs[0];
        verify(host, x509);
        return true;
    }
    catch(final SSLException e) {
        return false;
    }
}
 
Example 39
Project: FirefoxData-android   File: DefaultClientConnection.java   View source code 5 votes vote down vote up
public SSLSession getSSLSession() {
    if (this.socket instanceof SSLSocket) {
        return ((SSLSocket) this.socket).getSession();
    } else {
        return null;
    }
}
 
Example 40
Project: jdk8u-jdk   File: AcceptLargeFragments.java   View source code 5 votes vote down vote up
public static void main (String[] args) throws Exception {
    SSLContext context = SSLContext.getDefault();

    // set the property before initialization SSLEngine.
    System.setProperty("jsse.SSLEngine.acceptLargeFragments", "true");

    SSLEngine cliEngine = context.createSSLEngine();
    cliEngine.setUseClientMode(true);

    SSLEngine srvEngine = context.createSSLEngine();
    srvEngine.setUseClientMode(false);

    SSLSession cliSession = cliEngine.getSession();
    SSLSession srvSession = srvEngine.getSession();

    // check packet buffer sizes.
    if (cliSession.getPacketBufferSize() < 33049 ||
        srvSession.getPacketBufferSize() < 33049) {
            throw new Exception("Don't accept large SSL/TLS fragments");
    }

    // check application data buffer sizes.
    if (cliSession.getApplicationBufferSize() < 32768 ||
        srvSession.getApplicationBufferSize() < 32768) {
            throw new Exception(
                    "Don't accept large SSL/TLS application data ");
    }
}