Certificate validation

S

Stone

Dear java users/developers,

I am trying to validate certificates in JAVA imported from the server
but it seems that my code is wrong.

Could you please let me know where I have made a mistake?

Code is following:

package ssltest;

import java.io.*;
import java.net.*;
import java.util.*;
import javax.net.ssl.*;
import java.security.cert.*;
import java.security.*;
import java.util.regex.*;
/**
*
* @author CZ2B10q6
*/
public class SSLTest implements HandshakeCompletedListener{

private int port = 5000;
private String ip="192.168.0.5";
private SSLSocketFactory sslSocketFactory;
private SSLSocket connection;
private SSLContext sc;
private PrintWriter outStream;
private BufferedReader inStream;
/**
* @param args the command line arguments
*/
public static void main(String[] args) {
// TODO code application logic here
System.out.println("Start");
SSLTest e = new SSLTest();
}

public SSLTest()
{
System.out.println("Connecting to "+ip+" to port "+port);
connectTo();
}

public final void disableCertificates() {
// Create a trust manager that does not validate certificate
chains
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {

public java.security.cert.X509Certificate[]
getAcceptedIssuers() {
return null;
}

public void checkClientTrusted(
java.security.cert.X509Certificate[] certs,
String authType) {
}

public void checkServerTrusted(
java.security.cert.X509Certificate[] certs,
String authType) {
}

public boolean isClientTrusted(X509Certificate[] arg0)
{
return true;
}

public boolean isServerTrusted(X509Certificate[] arg0)
{
return true;
}
}
};

// Install the all-trusting trust manager
try {

sc = SSLContext.getInstance("TLSv1");
String help = sc.getProvider().toString();
System.out.println(sc.getProvider().getName());
System.out.println(help);
help = sc.getProvider().getClass().toString();
System.out.println(help);
sc.init(null, trustAllCerts, new
java.security.SecureRandom());

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}

HostnameVerifier hv = new HostnameVerifier() {

public boolean verify(String string, SSLSession ssls) {
System.out.println("Warning: URL Host: " + string + "
vs. "
+ ssls.getPeerHost());
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);


}


private static void printSocketInfo(SSLSocket s) {
System.out.println("Socket class: "+s.getClass());
System.out.println(" Remote address = "
+s.getInetAddress().toString());
System.out.println(" Remote port = "+s.getPort());
System.out.println(" Local socket address = "
+s.getLocalSocketAddress().toString());
System.out.println(" Local address = "
+s.getLocalAddress().toString());
System.out.println(" Local port = "+s.getLocalPort());
System.out.println(" Need client authentication = "
+s.getNeedClientAuth());
SSLSession ss = s.getSession();
System.out.println(" Cipher suite = "+ss.getCipherSuite());
System.out.println(" Protocol = "+ss.getProtocol());
}
public void connectTo()
{
String patternString = "AES.*256";
Pattern pattern = Pattern.compile(patternString);
Matcher matcher;
boolean matchFound;
try
{
System.out.println("Initialization of trust Manager");
disableCertificates();
Security.addProvider(new
com.sun.net.ssl.internal.ssl.Provider());
Provider[] pr = Security.getProviders();
for(int i=0;i<pr.length;i++)
{
System.out.println("Provider:"+pr.getName());
}
SSLSocketFactory sf = sc.getSocketFactory();
System.out.println("create socket");
SSLSocket s = (SSLSocket)sf.createSocket(ip, port);
s.setEnabledProtocols(new String[]{"SSLv3","TLSv1"});
String[] prot = s.getEnabledProtocols();
for(int i=0;i<prot.length;i++)
{
System.out.println(prot);
}
String[] set = s.getSupportedCipherSuites();
for(int i=0;i<set.length;i++)
{
matcher = pattern.matcher(set);
matchFound = matcher.find();
//if(matchFound)
System.out.println(set);
}

String[] ciphers = s.getEnabledCipherSuites();
for(int j=0;j<ciphers.length;j++)
{
System.out.println("Ciphers:" +ciphers[j]);
}
System.out.println("socket created");
PrintWriter out2 = new PrintWriter(s.getOutputStream());
BufferedReader in = new BufferedReader(new
InputStreamReader(s.getInputStream()));
System.out.println("Getting session");
SSLSession session = ((SSLSocket) s).getSession();
System.out.println("Getting session was done");


System.out.println("Peer host is " +
session.getPeerHost());
System.out.println("Cipher is " +
session.getCipherSuite());
System.out.println("Protocol is " +
session.getProtocol());

printSocketInfo((SSLSocket) s);

String x;

System.out.println("Retrieving:");
x = in.readLine();
System.out.println(x);
System.out.println("Sending LOGIN");

out2.println("START:
0;LOGIN;TOKEN;AUKLs_ot0DmEX.Ilv4YcQ04kKHaZJNyG:END");
out2.flush();
System.out.println("Reading Welcome message");

x = in.readLine();
System.out.println(x);

out2.println("KITTY");
out2.flush();

x = in.readLine();
System.out.println(x);

in.close();
out2.close();
s.close();


}
catch(Exception e)
{
}
}
}
 
A

Arne Vajhøj

Dear java users/developers,

I am trying to validate certificates in JAVA imported from the server
but it seems that my code is wrong.

Could you please let me know where I have made a mistake?

Code is following:

Would you consider revealing why you think the code is wrong?

Arne
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,876
Messages
2,569,932
Members
46,207
Latest member
MedallionGreensCBD

Latest Threads

Top