Menu
▾
▴
[ebxmlms-commits] ebxmlms/src/hk/hku/cecid/phoenix/pki AlwaysTrueHostnameVerifier.java,NONE,1.1 KeyStoreTrustManager.java,1.1,1.2
|
From: <bob...@us...> - 2003-09-10 04:47:15
|
Update of /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/pki
In directory sc8-pr-cvs1:/tmp/cvs-serv3802/src/hk/hku/cecid/phoenix/pki
Modified Files:
KeyStoreTrustManager.java
Added Files:
AlwaysTrueHostnameVerifier.java
Log Message:
Change KeyStoreTrustManager to make it 1.3 compilance
add AlwaysTrueHostnameVerifier to easy debugging.
change Http.java to support SSL Server authentication
Note that in order to support JSDK 1.3, it use some deprecated functions.
Also note that the settings to support SSL maybe dependent to the
app. server.
--- NEW FILE: AlwaysTrueHostnameVerifier.java ---
/*
* Copyright(c) 2002 Center for E-Commerce Infrastructure Development, The
* University of Hong Kong (HKU). All Rights Reserved.
*
* This software is licensed under the Academic Free License Version 1.0
*
* Academic Free License
* Version 1.0
*
* This Academic Free License applies to any software and associated
* documentation (the "Software") whose owner (the "Licensor") has placed the
* statement "Licensed under the Academic Free License Version 1.0" immediately
* after the copyright notice that applies to the Software.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of the Software (1) to use, copy, modify, merge, publish, perform,
* distribute, sublicense, and/or sell copies of the Software, and to permit
* persons to whom the Software is furnished to do so, and (2) under patent
* claims owned or controlled by the Licensor that are embodied in the Software
* as furnished by the Licensor, to make, use, sell and offer for sale the
* Software and derivative works thereof, subject to the following conditions:
*
* - Redistributions of the Software in source code form must retain all
* copyright notices in the Software as furnished by the Licensor, this list
* of conditions, and the following disclaimers.
* - Redistributions of the Software in executable form must reproduce all
* copyright notices in the Software as furnished by the Licensor, this list
* of conditions, and the following disclaimers in the documentation and/or
* other materials provided with the distribution.
* - Neither the names of Licensor, nor the names of any contributors to the
* Software, nor any of their trademarks or service marks, may be used to
* endorse or promote products derived from this Software without express
* prior written permission of the Licensor.
*
* DISCLAIMERS: LICENSOR WARRANTS THAT THE COPYRIGHT IN AND TO THE SOFTWARE IS
* OWNED BY THE LICENSOR OR THAT THE SOFTWARE IS DISTRIBUTED BY LICENSOR UNDER
* A VALID CURRENT LICENSE. EXCEPT AS EXPRESSLY STATED IN THE IMMEDIATELY
* PRECEDING SENTENCE, THE SOFTWARE IS PROVIDED BY THE LICENSOR, CONTRIBUTORS
* AND COPYRIGHT OWNERS "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
* LICENSOR, CONTRIBUTORS OR COPYRIGHT OWNERS BE LIABLE FOR ANY CLAIM, DAMAGES
* OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
* ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE.
*
* This license is Copyright (C) 2002 Lawrence E. Rosen. All rights reserved.
* Permission is hereby granted to copy and distribute this license without
* modification. This license may not be modified without the express written
* permission of its copyright owner.
*/
/* =====
*
* $Header: /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/pki/AlwaysTrueHostnameVerifier.java,v 1.1 2003/09/10 04:47:02 bobpykoon Exp $
*
* Code authored by:
*
* Bob Koon [2003-09-09]
*
* Code reviewed by:
*
* username [YYYY-MM-DD]
*
* Remarks:
*
* =====
*/
package hk.hku.cecid.phoenix.pki;
//import javax.net.ssl.SSLSession;
//import javax.net.ssl.HostnameVerifier;
import com.sun.net.ssl.HostnameVerifier;
/**
The Hostname Verifier which always return true for all cases.
This class is useful for simple testing on SSL connection.
@author Bob Koon
@version $Revision: 1.1 $
*/
public class AlwaysTrueHostnameVerifier implements HostnameVerifier {
/*
For 1.4 only. so it is commented.
public boolean verify(String hostname, SSLSession session) {
return true;
}
*/
public boolean verify(String urlHostname, String certHostname) {
return true;
}
}
Index: KeyStoreTrustManager.java
===================================================================
RCS file: /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/pki/KeyStoreTrustManager.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** KeyStoreTrustManager.java 9 Sep 2003 06:52:59 -0000 1.1
--- KeyStoreTrustManager.java 10 Sep 2003 04:47:02 -0000 1.2
***************
*** 69,73 ****
package hk.hku.cecid.phoenix.pki;
import java.util.Enumeration;
! import javax.net.ssl.X509TrustManager;
import java.security.KeyStore;
import java.security.KeyStoreException;
--- 69,74 ----
package hk.hku.cecid.phoenix.pki;
import java.util.Enumeration;
! //import javax.net.ssl.X509TrustManager;
! import com.sun.net.ssl.X509TrustManager;
import java.security.KeyStore;
import java.security.KeyStoreException;
***************
*** 76,84 ****
import org.apache.log4j.Logger;
/**
! * This class implements the javax.net.ssl.X509TrustManager, which Trust the
* Certificate Chain if any of the certificate in the certificate chain is
* stored in the KeyStore.
*
! * @author pykoon
* @version $Revision$
*/
--- 77,85 ----
import org.apache.log4j.Logger;
/**
! * This class implements the com.sun.net.ssl.X509TrustManager, which Trust the
* Certificate Chain if any of the certificate in the certificate chain is
* stored in the KeyStore.
*
! * @author bobpykoon
* @version $Revision$
*/
***************
*** 168,172 ****
/**
Implemented the TrustManager function. It trust the chain if the KeyStore
! contains one of the certificate in the chain.
*/
public void checkClientTrusted(X509Certificate[] chain, String authType)
--- 169,174 ----
/**
Implemented the TrustManager function. It trust the chain if the KeyStore
! contains one of the certificate in the chain. This function Implement 1.4
! X509TrustManager, but 1.4 is not used yet.
*/
public void checkClientTrusted(X509Certificate[] chain, String authType)
***************
*** 177,185 ****
/**
Implemented the TrustManager function. It trust the chain if the KeyStore
! contains one of the certificate in the chain.
*/
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
checkTrusted(chain);
}
}
--- 179,216 ----
/**
Implemented the TrustManager function. It trust the chain if the KeyStore
! contains one of the certificate in the chain. This function Implement 1.4
! X509TrustManager, but 1.4 is not used yet.
*/
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
checkTrusted(chain);
+ }
+
+ /**
+ Implemented the TrustManager(1.3) function.
+ It trust the chain if the KeyStore contains one of
+ the certificate in the chain.
+ */
+ public boolean isClientTrusted(X509Certificate[] chain) {
+ try {
+ checkTrusted(chain);
+ return true;
+ } catch (CertificateException e) {
+ return false;
+ }
+ }
+
+ /**
+ Implemented the TrustManager(1.3) function.
+ It trust the chain if the KeyStore contains one of
+ the certificate in the chain.
+ */
+ public boolean isServerTrusted(X509Certificate[] chain) {
+ try {
+ checkTrusted(chain);
+ return true;
+ } catch (CertificateException e) {
+ return false;
+ }
}
}
|
