1 package net.suberic.pooka.ssl; 2 3 import java.io.*; 4 import java.net.*; 5 import javax.net.SocketFactory; 6 import javax.net.ssl.SSLSocketFactory; 7 import java.security.KeyStore ; 8 import java.io.File ; 9 import java.io.FileInputStream ; 10 11 import javax.net.ssl.*; 12 13 import net.suberic.pooka.Pooka; 14 15 19 public class PookaSSLSocketFactory extends SSLSocketFactory { 20 21 SSLSocketFactory wrappedFactory = null; 22 23 public static Object sLock = new Object (); 24 25 28 public PookaSSLSocketFactory() { 29 getLogger().fine("PookaSSLSocketFactory created."); 30 31 try { 32 33 SSLContext sslc = SSLContext.getInstance("TLS"); 34 35 KeyStore defaultKeyStore = KeyStore.getInstance(KeyStore.getDefaultType()); 36 String java_home = System.getProperty("java.home"); 38 String library_file = java_home + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts"; 39 String passwd = "changeit"; 40 41 defaultKeyStore.load(new FileInputStream (library_file), passwd.toCharArray()); 42 43 KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); 44 kmf.init(defaultKeyStore, passwd.toCharArray()); 45 46 KeyManager[] keyManagers = kmf.getKeyManagers(); 47 48 TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); 49 tmFactory.init(defaultKeyStore); 50 51 PookaTrustManager ptm = Pooka.getTrustManager(); 52 if (ptm == null) { 53 synchronized (sLock) { 54 ptm = Pooka.getTrustManager(); 55 if (ptm == null) { 56 TrustManager[] trustManagers = tmFactory.getTrustManagers(); 57 58 String fileName = Pooka.getProperty("Pooka.sslCertFile", ""); 59 ptm = Pooka.getResourceManager().createPookaTrustManager(trustManagers, fileName); 60 Pooka.setTrustManager(ptm); 61 } 62 } 63 } 64 65 TrustManager[] pookaTrustManagers = new TrustManager[1]; 66 pookaTrustManagers[0] = ptm; 67 68 java.security.SecureRandom secureRandomGenerator = new java.security.SecureRandom (); 69 if (Pooka.getProperty("Pooka.SSL.useSecureRandom", "true").equalsIgnoreCase("false")) { 70 seed(secureRandomGenerator); 71 } 72 sslc.init(keyManagers, pookaTrustManagers, secureRandomGenerator); 73 wrappedFactory = (SSLSocketFactory) sslc.getSocketFactory(); 74 75 } catch(Exception e) { 76 e.printStackTrace(); 77 } 78 } 79 80 83 public static SocketFactory getDefault() { 84 return new PookaSSLSocketFactory(); 85 } 86 87 90 public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException { 91 getLogger().fine("PookaSSLSocketFactory: create socket."); 92 return wrappedFactory.createSocket(s, host, port, autoClose); 93 } 94 95 98 public Socket createSocket(InetAddress host, int port) throws IOException { 99 getLogger().fine("PookaSSLSocketFactory: create socket."); 100 return wrappedFactory.createSocket(host, port); 101 } 102 103 106 public Socket createSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort) throws IOException { 107 getLogger().fine("PookaSSLSocketFactory: create socket."); 108 return wrappedFactory.createSocket(address, port, clientAddress, clientPort); 109 } 110 111 114 public Socket createSocket(String host, int port) throws IOException { 115 getLogger().fine("PookaSSLSocketFactory: create socket."); 116 return wrappedFactory.createSocket(host, port); 117 } 118 119 122 public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort) throws IOException { 123 getLogger().fine("PookaSSLSocketFactory: create socket."); 124 return wrappedFactory.createSocket(host, port, clientHost, clientPort); 125 } 126 127 130 public Socket createSocket() throws IOException { 131 getLogger().fine("PookaSSLSocketFactory: create socket."); 132 return wrappedFactory.createSocket(); 133 } 134 135 138 public String [] getDefaultCipherSuites() { 139 return wrappedFactory.getSupportedCipherSuites(); 140 } 141 142 145 public String [] getSupportedCipherSuites() { 146 return wrappedFactory.getSupportedCipherSuites(); 147 } 148 149 153 public void seed(java.security.SecureRandom random) { 154 if (File.separatorChar == '/') { 156 File f = new File ("/dev/urandom"); 157 if (f.exists()) { 158 try { 159 FileInputStream fis = new FileInputStream (f); 160 byte[] seed = new byte[8]; 161 fis.read(seed); 162 random.setSeed(seed); 163 return; 164 } catch (java.io.IOException ioe) { 165 long newSeed = new java.util.Random (System.currentTimeMillis()).nextLong(); 166 random.setSeed(newSeed); 167 168 } 169 } 170 171 } 172 173 long newSeed = new java.util.Random (System.currentTimeMillis()).nextLong(); 175 random.setSeed(newSeed); 176 } 177 178 181 java.util.logging.Logger getLogger() { 182 return java.util.logging.Logger.getLogger("Pooka.debug.sslFactory"); 183 } 184 } 185 186 | Popular Tags |