• Home
• com.gitee.opensource4clive
• java-tools-httpclient
• 4.0.6
• source code
• SSL.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

cn.cliveyuan.tools.httpclient.ssl.SSL Maven / Gradle / Ivy

package cn.cliveyuan.tools.httpclient.ssl;

import okhttp3.internal.tls.OkHostnameVerifier;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;

/**
 * @author Clive Yuan
 * @date 2021/06/08
 */
public class SSL {
    public static final X509TrustManager x509TrustManager;
    public static final HostnameVerifier hostnameVerifier;
    public static final SSLSocketFactory sslSocketFactory;

    static {
        try {
            final X509TrustManager systemDefaultTrustManager = systemDefaultTrustManager();
            // Create a trust manager that does not validate certificate chains
            x509TrustManager = new X509TrustManager() {

                X509Certificate[] EMPTY = new X509Certificate[0];

                @Override
                public void checkClientTrusted(
                        X509Certificate[] chain,
                        String authType) throws CertificateException {
                    systemDefaultTrustManager.checkClientTrusted(chain, authType);
                }

                @Override
                public void checkServerTrusted(
                        X509Certificate[] chain,
                        String authType) throws CertificateException {
                    try {
                        systemDefaultTrustManager.checkServerTrusted(chain, authType);
                    } catch (CertificateException e) {
                        throw e;
                    } catch (Throwable e) {
                        throw new CertificateException(e);
                    }
                }


                @Override
                public X509Certificate[] getAcceptedIssuers() {
                    return systemDefaultTrustManager.getAcceptedIssuers();
                }
            };

            hostnameVerifier = OkHostnameVerifier.INSTANCE::verify;
            sslSocketFactory = systemDefaultSslSocketFactory(x509TrustManager);
        } catch (Throwable e) {
            throw new AssertionError(e);
        }
    }


    private static X509TrustManager systemDefaultTrustManager() throws NoSuchAlgorithmException, KeyStoreException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
                TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
            throw new IllegalStateException("Unexpected default trust managers:"
                    + Arrays.toString(trustManagers));
        }
        return (X509TrustManager) trustManagers[0];
    }

    private static SSLSocketFactory systemDefaultSslSocketFactory(X509TrustManager trustManager) throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(null, new TrustManager[]{trustManager}, null);
        return sslContext.getSocketFactory();
    }
}