javax.net.ssl Sockets and OKing self-signed certificates

Discussion in 'Javascript' started by Richard Maher, Sep 6, 2007.

  1. Hi,

    I would dearly love a server with a "self-signed certificate" to be
    accessible by my javax.net.ssl.startHandshake() but it seems to consistently
    crap-out with a failure :-( Look I've only ever tested the client code
    (please see below) with a https server (just to see if everything was
    kosher) and it maybe something I'm doing wrong. I just couldn't find
    anything in the handshake listener that controlled self-cert.

    So, is my code crap? or is there a bit I need to toggle to get the behaviour
    I require?

    Please help if you can.

    Cheers Richard Maher

    import java.io.BufferedOutputStream;
    import java.io.BufferedInputStream;
    import java.io.IOException;
    import java.net.InetAddress;
    import java.net.InetSocketAddress;
    import java.net.Socket;
    import java.net.UnknownHostException;
    import java.net.SocketTimeoutException;
    import java.lang.System;
    import javax.net.ssl.SSLSocket;
    import javax.net.ssl.SSLSocketFactory;

    public class Tier3Socket
    {
    public static final
    String T3ID="T3$";
    public static final
    int USERSIZ=40;
    public static final
    int T3IDBUFSIZ=48;
    public static final
    int CREDBUFSIZ=80;
    public static final
    int CONTIMOUT=3000;

    public byte [] t3IdBuf;
    public byte [] readBuf;
    public byte [] writeBuf;

    private String host;
    private int port;
    private int maxBufSiz;
    private int bytesIn;
    private String hostCharSet;
    private Socket t3Sock;
    private SSLSocketFactory sockFactory;
    private BufferedInputStream in;
    private BufferedOutputStream out;
    private byte [] outUser;
    private byte [] outPwd;
    private byte [] credBuf;
    private String inMsg;
    private String stringOut;
    private boolean sslReqd;

    Tier3Socket (String host, int port, int maxBufSiz, String hostCharSet,
    boolean sslReqd)
    {
    this.host = host;
    this.port = port;
    this.maxBufSiz = maxBufSiz;
    this.hostCharSet = hostCharSet;
    this.bytesIn = 0;
    this.sslReqd = sslReqd;

    t3IdBuf = new byte[T3IDBUFSIZ];
    readBuf = new byte[maxBufSiz];

    if (sslReqd)
    sockFactory = (SSLSocketFactory)SSLSocketFactory.getDefault();
    }

    public void open() throws UnknownHostException, IOException
    {
    if (sslReqd)
    t3Sock = (SSLSocket)sockFactory.createSocket();
    else
    t3Sock = new Socket();

    t3Sock.setKeepAlive(true);
    t3Sock.setReuseAddress(true);
    t3Sock.setTcpNoDelay(true);
    t3Sock.connect(new InetSocketAddress(host,port), CONTIMOUT);

    in = new BufferedInputStream (t3Sock.getInputStream() ,maxBufSiz);
    out = new BufferedOutputStream (t3Sock.getOutputStream(),maxBufSiz);

    if (sslReqd)
    {
    ((SSLSocket)t3Sock).setUseClientMode(true);

    try {((SSLSocket)t3Sock).startHandshake();}
    catch (IOException e)
    {
    System.out.println("Failed SSL Handshake");
    throw new IOException("Can't SSL on Socket");
    }
    }
    }

    public void handShake(String username, String password) throws IOException
    {
    credBuf = new byte[CREDBUFSIZ];

    outUser = username.getBytes(hostCharSet);
    System.arraycopy(outUser, 0, credBuf, 0, outUser.length);

    outPwd = password.getBytes(hostCharSet);
    System.arraycopy(outPwd, 0, credBuf, USERSIZ, outPwd.length);

    out.write(credBuf, 0, CREDBUFSIZ);
    out.flush();

    if (in.read(t3IdBuf) < t3IdBuf.length)
    {
    System.out.println("Read < " + Integer.toString(t3IdBuf.length) + "
    bytes");
    throw new IOException();
    }

    inMsg = new String(t3IdBuf, 0, 3, hostCharSet);

    if (!inMsg.equals(T3ID))
    {
    throw new IOException();
    }
    }

    public void sendUrgentData (int oob) throws IOException
    {
    t3Sock.sendUrgentData(oob);
    }

    public void setTimeout(int msecs) throws UnknownHostException, IOException
    {
    t3Sock.setSoTimeout(msecs);
    }

    public void close () throws IOException
    {
    if (t3Sock != null && !t3Sock.isClosed())
    {
    try {t3Sock.close();}
    catch (Exception e)
    {e.printStackTrace();}
    }
    }

    public void buffMessage (String message) throws IOException
    {
    byte [] msg = message.getBytes(hostCharSet);

    out.write(msg);
    }

    public void sendMessage (String message) throws IOException
    {
    byte [] msg = message.getBytes(hostCharSet);

    out.write(msg);
    flush();
    }

    public void flush () throws IOException
    {
    out.flush();
    }

    public int readMessage () throws IOException
    {
    return readMessage(readBuf.length);
    }

    public int readMessage (int bytes) throws IOException
    {
    try
    {
    bytesIn = in.read(readBuf, 0, bytes);
    }
    catch (SocketTimeoutException e)
    {
    return 0;
    }

    return bytesIn;
    }

    public String getString () throws ArrayIndexOutOfBoundsException
    {
    return getString(0, bytesIn);
    }

    public String getString (int offset, int length) throws
    ArrayIndexOutOfBoundsException
    {
    if ((offset + length) > bytesIn)
    {
    throw new ArrayIndexOutOfBoundsException();
    }
    try
    {
    stringOut = new String(readBuf, offset, length, hostCharSet);
    }
    catch (Exception e)
    {
    return null;
    }

    return stringOut;
    }

    }
     
    Richard Maher, Sep 6, 2007
    #1
    1. Advertising

  2. Richard Maher

    Henry Guest

    On Sep 6, 2:00 pm, Richard Maher wrote:
    > I would dearly love a server with a "self-signed certificate"
    > to be accessible by my javax.net.ssl.startHandshake() ...

    <snip>
    > So, is my code crap? ...

    <snip>

    Your code is 100% Java, and so off topic in a javascript newsgroup.
     
    Henry, Sep 6, 2007
    #2
    1. Advertising

  3. Oops! sorry wrong group.

    "Henry" <> wrote in message
    news:...
    > On Sep 6, 2:00 pm, Richard Maher wrote:
    > > I would dearly love a server with a "self-signed certificate"
    > > to be accessible by my javax.net.ssl.startHandshake() ...

    > <snip>
    > > So, is my code crap? ...

    > <snip>
    >
    > Your code is 100% Java, and so off topic in a javascript newsgroup.
    >
     
    Richard Maher, Sep 6, 2007
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Andrew Thompson
    Replies:
    63
    Views:
    1,732
    Darren
    Sep 20, 2005
  2. Richard Maher
    Replies:
    8
    Views:
    474
    Roedy Green
    Sep 28, 2007
  3. n33470

    Are SSL certificates and x.509 certificates the same?

    n33470, Dec 14, 2005, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    190
    n33470
    Dec 14, 2005
  4. Jon Lim
    Replies:
    0
    Views:
    155
    Jon Lim
    Nov 21, 2005
  5. Neumann
    Replies:
    0
    Views:
    106
    Neumann
    Aug 11, 2006
Loading...

Share This Page