com.unbound.provider.Connection Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of unbound-java-provider Show documentation
Show all versions of unbound-java-provider Show documentation
This is a collection of JAVA libraries that implement Unbound cryptographic classes for JAVA provider, PKCS11 wrapper, cryptoki, and advapi
package com.unbound.provider;
import com.unbound.common.HEX;
import com.unbound.common.Log;
import com.unbound.common.crypto.SHA256;
import com.unbound.common.crypto.SystemProvider;
import javax.net.ssl.*;
import java.io.*;
import java.lang.management.ManagementFactory;
import java.lang.management.RuntimeMXBean;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.*;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import java.security.KeyStore;
class Connection
{
private static TrustManager[] trustManagers = null;
private static boolean hasHeaders = false;
private static String hdrHostName = "";
private static String hdrClientIP = "";
private static String hdrUserName = "";
private static String hdrClientID = "";
private static String hdrCmdLine = "";
private HttpURLConnection conn;
private Server server;
private Partition partition;
//private HashSet cookies = new HashSet<>();
static synchronized void initialize(KeyStore trusted) throws NoSuchAlgorithmException, KeyStoreException
{
if (trusted == null) return;
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(trusted);
trustManagers = tmf.getTrustManagers();
}
static synchronized void initialize(String caFileName) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException
{
Log log = Log.func("Connections.initialize").log("caFileName", caFileName).end(); try
{
if (caFileName == null) return;
KeyStore trusted = SystemProvider.KeyStore.getInstance("JKS");
trusted.load(null, null);
FileInputStream fis = new FileInputStream(caFileName);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection collection = cf.generateCertificates(fis);
for (Object o : collection)
{
X509Certificate cert = (X509Certificate)o;
String alias = cert.getSubjectDN().getName();
trusted.setCertificateEntry(alias, cert);
}
initialize(trusted);
}
catch (Exception e) { log.failed(e); throw e; } finally { log.leave(); }
}
private static synchronized void getHeaders() throws UnknownHostException
{
if (hasHeaders) return;
hdrCmdLine = System.getProperty("sun.java.command");
hdrUserName = System.getProperty("user.name");
InetAddress inetAddress = InetAddress.getLocalHost();
hdrHostName = inetAddress.getHostName();
hdrClientIP = inetAddress.getHostAddress();
hdrClientID = HEX.toString(new SHA256().update("AA09AE54-ED04-40E6-9237-F4865C630387").update(hdrHostName).end());
hasHeaders = true;
}
Connection(Server server, Partition partition) throws IOException
{
getHeaders();
this.server = server;
this.partition = partition;
conn = (HttpURLConnection) server.url.openConnection();
if (conn instanceof HttpsURLConnection)
{
try
{
SSLContext ctx = SSLContext.getInstance("TLSv1.2");
KeyManager[] keyManagers = partition==null ? null : partition.keyManagers;
ctx.init(keyManagers, trustManagers, new SecureRandom());
HttpsURLConnection https = (HttpsURLConnection) conn;
https.setSSLSocketFactory(ctx.getSocketFactory());
}
catch (NoSuchAlgorithmException | KeyManagementException e)
{
throw new ProviderException(e);
}
}
}
byte[] transmit(byte[] in) throws IOException
{
Log log = Log.func("Connection.transmit").end(); try
{
conn.setRequestMethod("POST");
conn.addRequestProperty("Host", server.url.getHost());
conn.addRequestProperty("Accept", "*/*");
conn.setRequestProperty("User-Agent", "Unbound Java Provider");
conn.setRequestProperty("Content-Type", "application/octet-stream");
conn.addRequestProperty("Connection", "Keep-Alive");
conn.addRequestProperty("EKM-Host-Name", hdrHostName);
conn.addRequestProperty("EKM-User-Name", hdrUserName);
conn.addRequestProperty("EKM-Command-Line", hdrCmdLine);
conn.addRequestProperty("EKM-Client-ID", hdrClientID);
conn.addRequestProperty("EKM-Client-IP", hdrClientIP);
if (partition!=null) conn.addRequestProperty("EKM-Partition-Name", partition.name);
conn.addRequestProperty("EKM-Client-Version", "2.0.2001.0");
//conn.addRequestProperty("Content-Length", String.valueOf(in.length));
/*for (String cookie : cookies)
{
conn.addRequestProperty("Cookie", cookie);
}*/
conn.setDoOutput(true);
DataOutputStream outputStream = new DataOutputStream(conn.getOutputStream());
outputStream.write(in);
outputStream.flush();
outputStream.close();
int responseCode = conn.getResponseCode();
if (responseCode != HttpURLConnection.HTTP_OK)
{
close();
throw new IOException("HTTP response code = " + responseCode);
}
InputStream input = conn.getInputStream();
ByteArrayOutputStream temp = new ByteArrayOutputStream();
int len;
byte[] buffer = new byte[4096];
while ((len = input.read(buffer)) != -1)
{
temp.write(buffer, 0, len);
}
close();
return temp.toByteArray();
}
catch (Exception e) { log.failed(e); throw e; } finally { log.leave(); }
}
private void close()
{
if (conn != null) conn.disconnect();
conn = null;
server = null;
partition = null;
}
}