• Home
• com.stripe
• stripe-java
• 7.0.0
• source code
• StripeSslSocketFactory.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.stripe.net.StripeSslSocketFactory Maven / Gradle / Ivy

package com.stripe.net;

import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;

/**
 * Wraps a SSLSocketFactory and enables more TLS versions.
 */
public class StripeSslSocketFactory extends SSLSocketFactory {
  private final SSLSocketFactory under;
  private final boolean tlsv11Supported;
  private final boolean tlsv12Supported;

  private static final String TLSv11Proto = "TLSv1.1";
  private static final String TLSv12Proto = "TLSv1.2";

  /**
   * Constructs a new SSL socket factory.
   */
  public StripeSslSocketFactory() {
    this.under = HttpsURLConnection.getDefaultSSLSocketFactory();

    // For sufficiently old Java, TLSv1.1 and TLSv1.2 might not be supported, so do some detection
    boolean tlsv11Supported = false;
    boolean tlsv12Supported = false;

    String[] supportedProtos = new String[0];
    try {
      supportedProtos = SSLContext.getDefault().getSupportedSSLParameters().getProtocols();
    } catch (NoSuchAlgorithmException e) {
      // Nothing to do.
    }

    for (String proto : supportedProtos) {
      if (proto.equals(TLSv11Proto)) {
        tlsv11Supported = true;
      } else if (proto.equals(TLSv12Proto)) {
        tlsv12Supported = true;
      }
    }

    this.tlsv11Supported = tlsv11Supported;
    this.tlsv12Supported = tlsv12Supported;
  }

  private Socket fixupSocket(Socket sock) {
    if (!(sock instanceof SSLSocket)) {
      return sock;
    }

    SSLSocket sslSock = (SSLSocket) sock;

    Set protos = new HashSet(Arrays.asList(sslSock.getEnabledProtocols()));
    if (tlsv11Supported) {
      protos.add(TLSv11Proto);
    }
    if (tlsv12Supported) {
      protos.add(TLSv12Proto);
    }

    sslSock.setEnabledProtocols(protos.toArray(new String[0]));
    return sslSock;
  }

  @Override
  public String[] getDefaultCipherSuites() {
    return this.under.getDefaultCipherSuites();
  }

  @Override
  public String[] getSupportedCipherSuites() {
    return this.under.getSupportedCipherSuites();
  }

  @Override
  public Socket createSocket(Socket s, String host, int port, boolean autoClose)
      throws IOException {
    return fixupSocket(this.under.createSocket(s, host, port, autoClose));
  }

  @Override
  public Socket createSocket(String host, int port) throws IOException {
    return fixupSocket(this.under.createSocket(host, port));
  }

  @Override
  public Socket createSocket(String host, int port, InetAddress localHost, int localPort)
      throws IOException {
    return fixupSocket(this.under.createSocket(host, port, localHost, localPort));
  }

  @Override
  public Socket createSocket(InetAddress host, int port) throws IOException {
    return fixupSocket(this.under.createSocket(host, port));
  }

  @Override
  public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort)
      throws IOException {
    return fixupSocket(this.under.createSocket(address, port, localAddress, localPort));
  }
}