Certificate validation

Discussion in 'Java' started by Stone, Aug 5, 2011.

  1. Stone

    Stone Guest

    Dear java users/developers,

    I am trying to validate certificates in JAVA imported from the server
    but it seems that my code is wrong.

    Could you please let me know where I have made a mistake?

    Code is following:

    package ssltest;

    import java.io.*;
    import java.net.*;
    import java.util.*;
    import javax.net.ssl.*;
    import java.security.cert.*;
    import java.security.*;
    import java.util.regex.*;
    /**
    *
    * @author CZ2B10q6
    */
    public class SSLTest implements HandshakeCompletedListener{

    private int port = 5000;
    private String ip="192.168.0.5";
    private SSLSocketFactory sslSocketFactory;
    private SSLSocket connection;
    private SSLContext sc;
    private PrintWriter outStream;
    private BufferedReader inStream;
    /**
    * @param args the command line arguments
    */
    public static void main(String[] args) {
    // TODO code application logic here
    System.out.println("Start");
    SSLTest e = new SSLTest();
    }

    public SSLTest()
    {
    System.out.println("Connecting to "+ip+" to port "+port);
    connectTo();
    }

    public final void disableCertificates() {
    // Create a trust manager that does not validate certificate
    chains
    TrustManager[] trustAllCerts = new TrustManager[]{
    new X509TrustManager() {

    public java.security.cert.X509Certificate[]
    getAcceptedIssuers() {
    return null;
    }

    public void checkClientTrusted(
    java.security.cert.X509Certificate[] certs,
    String authType) {
    }

    public void checkServerTrusted(
    java.security.cert.X509Certificate[] certs,
    String authType) {
    }

    public boolean isClientTrusted(X509Certificate[] arg0)
    {
    return true;
    }

    public boolean isServerTrusted(X509Certificate[] arg0)
    {
    return true;
    }
    }
    };

    // Install the all-trusting trust manager
    try {

    sc = SSLContext.getInstance("TLSv1");
    String help = sc.getProvider().toString();
    System.out.println(sc.getProvider().getName());
    System.out.println(help);
    help = sc.getProvider().getClass().toString();
    System.out.println(help);
    sc.init(null, trustAllCerts, new
    java.security.SecureRandom());

    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    } catch (Exception e) {
    e.printStackTrace();
    }

    HostnameVerifier hv = new HostnameVerifier() {

    public boolean verify(String string, SSLSession ssls) {
    System.out.println("Warning: URL Host: " + string + "
    vs. "
    + ssls.getPeerHost());
    return true;
    }
    };
    HttpsURLConnection.setDefaultHostnameVerifier(hv);


    }


    private static void printSocketInfo(SSLSocket s) {
    System.out.println("Socket class: "+s.getClass());
    System.out.println(" Remote address = "
    +s.getInetAddress().toString());
    System.out.println(" Remote port = "+s.getPort());
    System.out.println(" Local socket address = "
    +s.getLocalSocketAddress().toString());
    System.out.println(" Local address = "
    +s.getLocalAddress().toString());
    System.out.println(" Local port = "+s.getLocalPort());
    System.out.println(" Need client authentication = "
    +s.getNeedClientAuth());
    SSLSession ss = s.getSession();
    System.out.println(" Cipher suite = "+ss.getCipherSuite());
    System.out.println(" Protocol = "+ss.getProtocol());
    }
    public void connectTo()
    {
    String patternString = "AES.*256";
    Pattern pattern = Pattern.compile(patternString);
    Matcher matcher;
    boolean matchFound;
    try
    {
    System.out.println("Initialization of trust Manager");
    disableCertificates();
    Security.addProvider(new
    com.sun.net.ssl.internal.ssl.Provider());
    Provider[] pr = Security.getProviders();
    for(int i=0;i<pr.length;i++)
    {
    System.out.println("Provider:"+pr.getName());
    }
    SSLSocketFactory sf = sc.getSocketFactory();
    System.out.println("create socket");
    SSLSocket s = (SSLSocket)sf.createSocket(ip, port);
    s.setEnabledProtocols(new String[]{"SSLv3","TLSv1"});
    String[] prot = s.getEnabledProtocols();
    for(int i=0;i<prot.length;i++)
    {
    System.out.println(prot);
    }
    String[] set = s.getSupportedCipherSuites();
    for(int i=0;i<set.length;i++)
    {
    matcher = pattern.matcher(set);
    matchFound = matcher.find();
    //if(matchFound)
    System.out.println(set);
    }

    String[] ciphers = s.getEnabledCipherSuites();
    for(int j=0;j<ciphers.length;j++)
    {
    System.out.println("Ciphers:" +ciphers[j]);
    }
    System.out.println("socket created");
    PrintWriter out2 = new PrintWriter(s.getOutputStream());
    BufferedReader in = new BufferedReader(new
    InputStreamReader(s.getInputStream()));
    System.out.println("Getting session");
    SSLSession session = ((SSLSocket) s).getSession();
    System.out.println("Getting session was done");


    System.out.println("Peer host is " +
    session.getPeerHost());
    System.out.println("Cipher is " +
    session.getCipherSuite());
    System.out.println("Protocol is " +
    session.getProtocol());

    printSocketInfo((SSLSocket) s);

    String x;

    System.out.println("Retrieving:");
    x = in.readLine();
    System.out.println(x);
    System.out.println("Sending LOGIN");

    out2.println("START:
    0;LOGIN;TOKEN;AUKLs_ot0DmEX.Ilv4YcQ04kKHaZJNyG:END");
    out2.flush();
    System.out.println("Reading Welcome message");

    x = in.readLine();
    System.out.println(x);

    out2.println("KITTY");
    out2.flush();

    x = in.readLine();
    System.out.println(x);

    in.close();
    out2.close();
    s.close();


    }
    catch(Exception e)
    {
    }
    }
    }
    Stone, Aug 5, 2011
    #1
    1. Advertising

  2. Stone

    Arne Vajhøj Guest

    On 8/5/2011 4:09 PM, Stone wrote:
    > Dear java users/developers,
    >
    > I am trying to validate certificates in JAVA imported from the server
    > but it seems that my code is wrong.
    >
    > Could you please let me know where I have made a mistake?
    >
    > Code is following:


    Would you consider revealing why you think the code is wrong?

    Arne
    Arne Vajhøj, Aug 6, 2011
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Diego Rivero
    Replies:
    0
    Views:
    349
    Diego Rivero
    Jul 4, 2003
  2. Matt Frame

    Client Certificate Validation

    Matt Frame, Oct 15, 2003, in forum: ASP .Net
    Replies:
    4
    Views:
    6,286
    catalinr
    Oct 19, 2005
  3. Java Developer
    Replies:
    0
    Views:
    563
    Java Developer
    Jun 21, 2004
  4. Helena Cai
    Replies:
    0
    Views:
    381
    Helena Cai
    Aug 29, 2004
  5. Replies:
    0
    Views:
    404
Loading...

Share This Page