Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
/*
* ====================================================================
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* .
*
*/
package org.apache.http.nio.conn.ssl;
import java.net.InetSocketAddress;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.nio.conn.scheme.LayeringStrategy;
import org.apache.http.nio.reactor.IOSession;
import org.apache.http.nio.reactor.ssl.SSLIOSession;
import org.apache.http.nio.reactor.ssl.SSLMode;
import org.apache.http.nio.reactor.ssl.SSLSetupHandler;
@Deprecated
public class SSLLayeringStrategy implements LayeringStrategy {
public static final String TLS = "TLS";
public static final String SSL = "SSL";
public static final String SSLV2 = "SSLv2";
public static SSLLayeringStrategy getDefaultStrategy() {
return new SSLLayeringStrategy(SSLContexts.createDefault());
}
public static SSLLayeringStrategy getSystemDefaultStrategy() {
return new SSLLayeringStrategy(SSLContexts.createSystemDefault());
}
private final SSLContext sslContext;
private final X509HostnameVerifier hostnameVerifier;
private static SSLContext createSSLContext(
final String algorithm,
final KeyStore keystore,
final String keystorePassword,
final KeyStore truststore,
final SecureRandom random,
final TrustStrategy trustStrategy)
throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, KeyManagementException {
final String algo = algorithm != null ? algorithm : TLS;
final KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
kmfactory.init(keystore, keystorePassword != null ? keystorePassword.toCharArray(): null);
final KeyManager[] keymanagers = kmfactory.getKeyManagers();
final TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
tmfactory.init(truststore);
final TrustManager[] trustmanagers = tmfactory.getTrustManagers();
if (trustmanagers != null && trustStrategy != null) {
for (int i = 0; i < trustmanagers.length; i++) {
final TrustManager tm = trustmanagers[i];
if (tm instanceof X509TrustManager) {
trustmanagers[i] = new TrustManagerDecorator(
(X509TrustManager) tm, trustStrategy);
}
}
}
final SSLContext sslcontext = SSLContext.getInstance(algo);
sslcontext.init(keymanagers, trustmanagers, random);
return sslcontext;
}
public SSLLayeringStrategy(
final String algorithm,
final KeyStore keystore,
final String keystorePassword,
final KeyStore truststore,
final SecureRandom random,
final X509HostnameVerifier hostnameVerifier)
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
this(createSSLContext(
algorithm, keystore, keystorePassword, truststore, random, null),
hostnameVerifier);
}
public SSLLayeringStrategy(
final String algorithm,
final KeyStore keystore,
final String keystorePassword,
final KeyStore truststore,
final SecureRandom random,
final TrustStrategy trustStrategy,
final X509HostnameVerifier hostnameVerifier)
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
this(createSSLContext(
algorithm, keystore, keystorePassword, truststore, random, trustStrategy),
hostnameVerifier);
}
public SSLLayeringStrategy(
final KeyStore keystore,
final String keystorePassword,
final KeyStore truststore)
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
this(TLS, keystore, keystorePassword, truststore, null, null, new BrowserCompatHostnameVerifier());
}
public SSLLayeringStrategy(
final KeyStore keystore,
final String keystorePassword)
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException{
this(TLS, keystore, keystorePassword, null, null, null, new BrowserCompatHostnameVerifier());
}
public SSLLayeringStrategy(
final KeyStore truststore)
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
this(TLS, null, null, truststore, null, null, new BrowserCompatHostnameVerifier());
}
public SSLLayeringStrategy(
final TrustStrategy trustStrategy,
final X509HostnameVerifier hostnameVerifier)
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
this(TLS, null, null, null, null, trustStrategy, hostnameVerifier);
}
public SSLLayeringStrategy(
final TrustStrategy trustStrategy)
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
this(TLS, null, null, null, null, trustStrategy, new BrowserCompatHostnameVerifier());
}
public SSLLayeringStrategy(
final SSLContext sslContext, final X509HostnameVerifier hostnameVerifier) {
super();
this.sslContext = sslContext;
this.hostnameVerifier = hostnameVerifier;
}
public SSLLayeringStrategy(final SSLContext sslContext) {
this(sslContext, new BrowserCompatHostnameVerifier());
}
@Override
public boolean isSecure() {
return true;
}
@Override
public SSLIOSession layer(final IOSession iosession) {
final SSLIOSession ssliosession = new SSLIOSession(
iosession,
SSLMode.CLIENT,
this.sslContext,
new SSLSetupHandler() {
@Override
public void initalize(
final SSLEngine sslengine) throws SSLException {
initializeEngine(sslengine);
}
@Override
public void verify(
final IOSession iosession,
final SSLSession sslsession) throws SSLException {
verifySession(iosession, sslsession);
}
});
iosession.setAttribute(SSLIOSession.SESSION_KEY, ssliosession);
return ssliosession;
}
protected void initializeEngine(final SSLEngine engine) {
}
protected void verifySession(
final IOSession iosession,
final SSLSession sslsession) throws SSLException {
final InetSocketAddress address = (InetSocketAddress) iosession.getRemoteAddress();
final Certificate[] certs = sslsession.getPeerCertificates();
final X509Certificate x509 = (X509Certificate) certs[0];
this.hostnameVerifier.verify(address.getHostName(), x509);
}
}