• Home
• cn.felord
• wecom-common
• 1.2.5
• source code
• SSLManager.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

cn.felord.retrofit.ssl.SSLManager Maven / Gradle / Ivy

/*
 *  Copyright (c) 2023. felord.cn
 *    Licensed under the Apache License, Version 2.0 (the "License");
 *    you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *       https://www.apache.org/licenses/LICENSE-2.0
 *  Website:
 *       https://felord.cn
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */

package cn.felord.retrofit.ssl;

import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonProperty;

import javax.net.ssl.*;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.Arrays;

/**
 * Ssl manager.
 *
 * @author dax
 * @since 2023 /6/27
 */
public class SSLManager {
    private final X509TrustManager trustManager;
    private final SSLSocketFactory sslSocketFactory;

    /**
     * Instantiates a new Ssl manager.
     *
     * @param pkcs12InputStream the pkcs 12 input stream
     * @param pin               the pin
     * @throws NoSuchAlgorithmException the no such algorithm exception
     * @throws KeyStoreException        the key store exception
     * @throws KeyManagementException   the key management exception
     * @throws CertificateException     the certificate exception
     * @throws IOException              the io exception
     */
    public SSLManager(InputStream pkcs12InputStream, String pin) throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, CertificateException, IOException {
        KeyStore store = KeyStore.getInstance("PKCS12");
        store.load(pkcs12InputStream, pin.toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(store);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
            throw new IllegalStateException("Unexpected default trust managers:"
                    + Arrays.toString(trustManagers));
        }
        SSLContext tlSv1 = SSLContext.getInstance("TLSv1");
        X509TrustManager x509TrustManager = (X509TrustManager) trustManagers[0];
        tlSv1.init(null, new TrustManager[]{x509TrustManager}, null);
        this.trustManager = x509TrustManager;
        this.sslSocketFactory = tlSv1.getSocketFactory();
    }

    /**
     * Instantiates a new Ssl manager.
     *
     * @param loadedKeyStore the loadedKey store
     * @throws NoSuchAlgorithmException the no such algorithm exception
     * @throws KeyStoreException        the key store exception
     * @throws KeyManagementException   the key management exception
     */
    public SSLManager(KeyStore loadedKeyStore) throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(loadedKeyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
            throw new IllegalStateException("Unexpected default trust managers:"
                    + Arrays.toString(trustManagers));
        }
        SSLContext tlSv1 = SSLContext.getInstance("TLSv1");
        X509TrustManager x509TrustManager = (X509TrustManager) trustManagers[0];
        tlSv1.init(null, new TrustManager[]{x509TrustManager}, null);
        this.trustManager = x509TrustManager;
        this.sslSocketFactory = tlSv1.getSocketFactory();
    }

    /**
     * Instantiates a new Ssl manager.
     *
     * @param trustManager the trust manager
     * @throws NoSuchAlgorithmException the no such algorithm exception
     * @throws KeyManagementException   the key management exception
     */
    public SSLManager(X509TrustManager trustManager) throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext tlSv1 = SSLContext.getInstance("TLSv1");
        tlSv1.init(null, new TrustManager[]{trustManager}, null);
        this.trustManager = trustManager;
        this.sslSocketFactory = tlSv1.getSocketFactory();
    }

    /**
     * Instantiates a new Ssl manager.
     *
     * @param trustManager     the trust manager
     * @param sslSocketFactory the ssl socket factory
     */
    @JsonCreator
    public SSLManager(@JsonProperty("trustManager") X509TrustManager trustManager, @JsonProperty("sslSocketFactory") SSLSocketFactory sslSocketFactory) {
        this.trustManager = trustManager;
        this.sslSocketFactory = sslSocketFactory;
    }

    public X509TrustManager getTrustManager() {
        return trustManager;
    }

    public SSLSocketFactory getSslSocketFactory() {
        return sslSocketFactory;
    }
}