// ========================================================================================================= // HTTPS handling private HttpServer createHttpsServer( InetSocketAddress pSocketAddress, JolokiaServerConfig pConfig) { // initialise the HTTPS server try { HttpsServer server = HttpsServer.create(pSocketAddress, pConfig.getBacklog()); SSLContext sslContext = SSLContext.getInstance(pConfig.getSecureSocketProtocol()); // initialise the keystore KeyStore ks = getKeyStore(pConfig); // setup the key manager factory KeyManagerFactory kmf = getKeyManagerFactory(pConfig); kmf.init(ks, pConfig.getKeystorePassword()); // setup the trust manager factory TrustManagerFactory tmf = getTrustManagerFactory(pConfig); tmf.init(ks); // setup the HTTPS context and parameters sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); // Update the config to filter out bad protocols or ciphers pConfig.updateHTTPSSettingsFromContext(sslContext); server.setHttpsConfigurator(new JolokiaHttpsConfigurator(sslContext, pConfig)); return server; } catch (GeneralSecurityException e) { throw new IllegalStateException("Cannot use keystore for https communication: " + e, e); } catch (IOException e) { throw new IllegalStateException("Cannot open keystore for https communication: " + e, e); } }
JSSEServer(CipherTest cipherTest) throws Exception { super(cipherTest); SSLContext serverContext = SSLContext.getInstance("TLS"); serverContext.init( new KeyManager[] {cipherTest.keyManager}, new TrustManager[] {cipherTest.trustManager}, cipherTest.secureRandom); SSLServerSocketFactory factory = (SSLServerSocketFactory) serverContext.getServerSocketFactory(); serverSocket = (SSLServerSocket) factory.createServerSocket(cipherTest.serverPort); cipherTest.serverPort = serverSocket.getLocalPort(); serverSocket.setEnabledCipherSuites(factory.getSupportedCipherSuites()); serverSocket.setWantClientAuth(true); }
public static void main(PeerFactory peerFactory, KeyStore keyStore, String[] args) throws Exception { long time = System.currentTimeMillis(); String relPath; if ((args != null) && (args.length > 0) && args[0].equals("sh")) { relPath = pathToStoresSH; } else { relPath = pathToStores; } PATH = new File(System.getProperty("test.src", "."), relPath); CipherTest.peerFactory = peerFactory; System.out.print("Initializing test '" + peerFactory.getName() + "'..."); // secureRandom = new SecureRandom(); // secureRandom.nextInt(); // trustStore = readKeyStore(trustStoreFile); CipherTest.keyStore = keyStore; // keyStore = readKeyStore(keyStoreFile); KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyFactory.init(keyStore, "test12".toCharArray()); keyManager = (X509ExtendedKeyManager) keyFactory.getKeyManagers()[0]; TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keyStore); trustManager = (X509TrustManager) tmf.getTrustManagers()[0]; // trustManager = new AlwaysTrustManager(); SSLContext context = SSLContext.getInstance("TLS"); context.init(new KeyManager[] {keyManager}, new TrustManager[] {trustManager}, null); SSLContext.setDefault(context); CipherTest cipherTest = new CipherTest(peerFactory); Thread serverThread = new Thread(peerFactory.newServer(cipherTest), "Server"); serverThread.setDaemon(true); serverThread.start(); System.out.println("Done"); cipherTest.run(); time = System.currentTimeMillis() - time; System.out.println("Done. (" + time + " ms)"); }
/** {@inheritDoc} */ public void configure(HttpsParameters params) { // initialise the SSL context SSLEngine engine = context.createSSLEngine(); // get the default parameters SSLParameters defaultSSLParameters = context.getDefaultSSLParameters(); // Cert authentication is delayed later to the ClientCertAuthenticator params.setWantClientAuth(serverConfig.useSslClientAuthentication()); defaultSSLParameters.setWantClientAuth(serverConfig.useSslClientAuthentication()); // Cipher Suites params.setCipherSuites(serverConfig.getSSLCipherSuites()); defaultSSLParameters.setCipherSuites(serverConfig.getSSLCipherSuites()); // Protocols params.setProtocols(serverConfig.getSSLProtocols()); defaultSSLParameters.setProtocols(serverConfig.getSSLProtocols()); params.setSSLParameters(defaultSSLParameters); }
public QuickConnectResolver(HttpUrl requestUrl) { OkHttpClient.Builder builder = new OkHttpClient.Builder(); try { SSLContext context = SSLContext.getInstance("TLS"); TrustManager[] trustManagers = new TrustManager[] { new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {} @Override public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {} @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } } }; context.init(null, trustManagers, new SecureRandom()); builder.sslSocketFactory(context.getSocketFactory()); builder.hostnameVerifier( new HostnameVerifier() { @Override public boolean verify(String s, SSLSession sslSession) { // since most DSM doesn't have valid certificate, ignore verifying hostname return true; } }); } catch (NoSuchAlgorithmException | KeyManagementException ignored) { } this.defaultClient = builder.build(); this.requestUrl = requestUrl; this.gson = new Gson(); }
public void run() { try { URL url = new URL(protocol + "://localhost:" + port + "/test1/" + f); HttpURLConnection urlc = (HttpURLConnection) url.openConnection(); if (urlc instanceof HttpsURLConnection) { HttpsURLConnection urlcs = (HttpsURLConnection) urlc; urlcs.setHostnameVerifier( new HostnameVerifier() { public boolean verify(String s, SSLSession s1) { return true; } }); urlcs.setSSLSocketFactory(ctx.getSocketFactory()); } byte[] buf = new byte[4096]; if (fixedLen) { urlc.setRequestProperty("XFixed", "yes"); } InputStream is = urlc.getInputStream(); File temp = File.createTempFile("Test1", null); temp.deleteOnExit(); OutputStream fout = new BufferedOutputStream(new FileOutputStream(temp)); int c, count = 0; while ((c = is.read(buf)) != -1) { count += c; fout.write(buf, 0, c); } is.close(); fout.close(); if (count != size) { throw new RuntimeException("wrong amount of data returned"); } String orig = root + "/" + f; compare(new File(orig), temp); temp.delete(); } catch (Exception e) { e.printStackTrace(); fail = true; } }