PookaSSLSocketFactory


1   package net.suberic.pooka.ssl;
2   
3   import java.io.*;
4   import java.net.*;
5   import javax.net.SocketFactory;
6   import javax.net.ssl.SSLSocketFactory;
7   import java.security.KeyStore  ;
8   import java.io.File  ;
9   import java.io.FileInputStream  ;
10  
11  import javax.net.ssl.*;
12  
13  import net.suberic.pooka.Pooka;
14  
15  /**
16   * An SSLSocketFactory that uses the PookaTrustManager in order to 
17   * allow users to manually choose to accpet otherwise untrusted certificates.
18   */
19  public class PookaSSLSocketFactory extends SSLSocketFactory {
20  
21    SSLSocketFactory wrappedFactory = null;
22  
23    public static Object   sLock = new Object  ();
24  
25    /**
26     * Creates a PookaSSLSocketFactory.
27     */
28    public PookaSSLSocketFactory() {
29      getLogger().fine("PookaSSLSocketFactory created.");
30  
31      try {
32  
33        SSLContext sslc = SSLContext.getInstance("TLS");
34  
35        KeyStore   defaultKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
36        // load the KeyStore.
37        String   java_home = System.getProperty("java.home");
38        String   library_file = java_home + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts"; 
39        String   passwd = "changeit";
40        
41        defaultKeyStore.load(new FileInputStream  (library_file), passwd.toCharArray());
42  
43        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
44        kmf.init(defaultKeyStore, passwd.toCharArray());
45  
46        KeyManager[] keyManagers = kmf.getKeyManagers();
47  
48        TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
49        tmFactory.init(defaultKeyStore);
50        
51        PookaTrustManager ptm = Pooka.getTrustManager();
52        if (ptm == null) {
53          synchronized (sLock) {
54            ptm = Pooka.getTrustManager();
55            if (ptm == null) {
56              TrustManager[] trustManagers = tmFactory.getTrustManagers();
57              
58              String   fileName = Pooka.getProperty("Pooka.sslCertFile", "");
59              ptm = Pooka.getResourceManager().createPookaTrustManager(trustManagers, fileName);
60              Pooka.setTrustManager(ptm);
61            }
62          }
63        }
64        
65        TrustManager[] pookaTrustManagers = new TrustManager[1];
66        pookaTrustManagers[0] = ptm;
67        
68        java.security.SecureRandom   secureRandomGenerator = new java.security.SecureRandom  ();
69        if (Pooka.getProperty("Pooka.SSL.useSecureRandom", "true").equalsIgnoreCase("false")) {
70      seed(secureRandomGenerator);
71        }
72        sslc.init(keyManagers, pookaTrustManagers, secureRandomGenerator);
73        wrappedFactory = (SSLSocketFactory) sslc.getSocketFactory();
74        
75      } catch(Exception   e) {
76        e.printStackTrace();
77      }
78    }
79    
80    /**
81     * Gets a default PookaSSLSocketFactory.
82     */
83    public static SocketFactory getDefault() {
84      return new PookaSSLSocketFactory();
85    }
86    
87    /**
88     * Creates an SSL Socket.
89     */
90    public Socket createSocket(Socket s, String   host, int port, boolean autoClose) throws IOException {
91      getLogger().fine("PookaSSLSocketFactory:  create socket.");
92      return wrappedFactory.createSocket(s, host, port, autoClose);
93    }
94    
95    /**
96     * Creates an SSL Socket.
97     */
98    public Socket createSocket(InetAddress host, int port) throws IOException {
99      getLogger().fine("PookaSSLSocketFactory:  create socket.");
100     return wrappedFactory.createSocket(host, port);
101   }
102   
103   /**
104    * Creates an SSL Socket.
105    */
106   public Socket createSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort) throws IOException {
107     getLogger().fine("PookaSSLSocketFactory:  create socket.");
108     return wrappedFactory.createSocket(address, port, clientAddress, clientPort);
109   }
110   
111   /**
112    * Creates an SSL Socket.
113    */
114   public Socket createSocket(String   host, int port) throws IOException {
115     getLogger().fine("PookaSSLSocketFactory:  create socket.");
116     return wrappedFactory.createSocket(host, port);
117   }
118   
119   /**
120    * Creates an SSL Socket.
121    */
122   public Socket createSocket(String   host, int port, InetAddress clientHost, int clientPort) throws IOException {
123     getLogger().fine("PookaSSLSocketFactory:  create socket.");
124     return wrappedFactory.createSocket(host, port, clientHost, clientPort);
125   }
126   
127   /**
128    * Creates an SSL Socket.
129    */
130   public Socket createSocket() throws IOException {
131     getLogger().fine("PookaSSLSocketFactory:  create socket.");
132     return wrappedFactory.createSocket();
133   }
134   
135   /**
136    * Retuns the default cipher suites.
137    */
138   public String  [] getDefaultCipherSuites() {
139     return wrappedFactory.getSupportedCipherSuites();
140   }
141 
142   /**
143    * Retuns the supported cipher suites.
144    */
145   public String  [] getSupportedCipherSuites() {
146     return wrappedFactory.getSupportedCipherSuites();
147   }
148 
149   /**
150    * Generates a random seed.  Useful because the default SecureRandom
151    * seed generation system is very very slow.
152    */
153   public void seed(java.security.SecureRandom   random) {
154     // check for /dev/urandom if we're on unix.
155     if (File.separatorChar == '/') {
156       File   f = new File  ("/dev/urandom");
157       if (f.exists()) {
158         try {
159           FileInputStream   fis = new FileInputStream  (f);
160           byte[] seed = new byte[8];
161           fis.read(seed);
162           random.setSeed(seed);
163           return;
164         } catch (java.io.IOException   ioe) {
165           long newSeed = new java.util.Random  (System.currentTimeMillis()).nextLong();
166           random.setSeed(newSeed);
167           
168         }
169       }
170       
171     } 
172 
173     // if not...
174     long newSeed = new java.util.Random  (System.currentTimeMillis()).nextLong();
175     random.setSeed(newSeed);
176   }
177 
178   /**
179    * Returns the logger for this class.
180    */
181   java.util.logging.Logger   getLogger() {
182     return java.util.logging.Logger.getLogger("Pooka.debug.sslFactory");
183   }
184 }
185 
186
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags