/** * @throws SSLInitializationException */ private static LayeredConnectionSocketFactory checkAndInit() throws SSLInitializationException { LOG.info("Setting up HTTPS TrustAll Socket Factory"); return new SSLConnectionSocketFactory( new HttpSSLProtocolSocketFactory(JsseSSLManager.CPS), SUPPORTED_PROTOCOL_LIST, SUPPORTED_CIPHER_LIST, NoopHostnameVerifier.INSTANCE); }
@Override public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException { SSLSocketFactory sslfac = getSSLSocketFactory(); Socket sock=sslfac.createSocket(address, port, localAddress, localPort); configureSocket(sock); return wrapSocket(sock); }
@Override public String[] getDefaultCipherSuites() { try { SSLSocketFactory sslfac = getSSLSocketFactory(); return sslfac.getDefaultCipherSuites(); } catch (IOException ex) { return new String[] {}; } }
private void configureSocket(Socket socket){ if (!(socket instanceof SSLSocket)) { throw new IllegalArgumentException("Expected SSLSocket"); } SSLSocket sock = (SSLSocket) socket; if (!PROTOCOL_LIST.isEmpty()) { try { sock.setEnabledProtocols(protocols); } catch (IllegalArgumentException e) { // NOSONAR if (log.isWarnEnabled()) { log.warn("Could not set protocol list: {}.", PROTOCOL_LIST); log.warn("Valid protocols are: {}", join(sock.getSupportedProtocols())); } } } if (!CIPHER_LIST.isEmpty()) { try { sock.setEnabledCipherSuites(ciphers); } catch (IllegalArgumentException e) { // NOSONAR if (log.isWarnEnabled()) { log.warn("Could not set cipher list: {}.", CIPHER_LIST); log.warn("Valid ciphers are: {}", join(sock.getSupportedCipherSuites())); } } } }
@Override public String[] getSupportedCipherSuites() { try { SSLSocketFactory sslfac = getSSLSocketFactory(); return sslfac.getSupportedCipherSuites(); } catch (IOException ex) { return new String[] {}; } }
/** * @see javax.net.SocketFactory#createSocket() */ @Override public Socket createSocket() throws IOException, UnknownHostException { SSLSocketFactory sslfac = getSSLSocketFactory(); Socket sock = sslfac.createSocket(); configureSocket(sock); return wrapSocket(sock); }
/** * Create the SSLContext, and wrap all the X509KeyManagers with * our X509KeyManager so that we can choose our alias. * * @param provider * Description of Parameter */ public JsseSSLManager(Provider provider) { log.debug("ssl Provider = {}", provider); setProvider(provider); if (null == this.rand) { // Surely this is always null in the constructor? this.rand = new SecureRandom(); } try { if (SHARED_SESSION_CONTEXT) { log.debug("Creating shared context"); this.defaultContext = createContext(); } else { this.threadlocal = new ThreadLocal<>(); } HttpsURLConnection.setDefaultSSLSocketFactory(new HttpSSLProtocolSocketFactory(CPS)); HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true); log.debug("SSL stuff all set"); } catch (GeneralSecurityException ex) { log.error("Could not set up SSLContext", ex); } log.debug("JsseSSLManager installed"); }
@Override public Socket createSocket(InetAddress host, int port) throws IOException { SSLSocketFactory sslfac = getSSLSocketFactory(); Socket sock=sslfac.createSocket(host,port); configureSocket(sock); return wrapSocket(sock); }
@Override public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException { SSLSocketFactory sslfac = getSSLSocketFactory(); Socket sock=sslfac.createSocket(s, host,port, autoClose); configureSocket(sock); return wrapSocket(sock); }
@Override public Socket createSocket(String host, int port) throws IOException, UnknownHostException { SSLSocketFactory sslfac = getSSLSocketFactory(); Socket sock=sslfac.createSocket(host,port); configureSocket(sock); return wrapSocket(sock); }
@Override public Socket createSocket(String host, int port, InetAddress inetAddress, int localPort) throws IOException, UnknownHostException { SSLSocketFactory sslfac = getSSLSocketFactory(); Socket sock=sslfac.createSocket(host, port, inetAddress, localPort); configureSocket(sock); return wrapSocket(sock); } }