ssl shit
This commit is contained in:
parent
c666b086d6
commit
3e52daf5e1
|
@ -490,6 +490,7 @@ public class XmppConnectionService extends Service {
|
||||||
x.setContent(this.getPgpEngine().encrypt(keyId,
|
x.setContent(this.getPgpEngine().encrypt(keyId,
|
||||||
message.getBody()));
|
message.getBody()));
|
||||||
packet.addChild(x);
|
packet.addChild(x);
|
||||||
|
Log.d(LOGTAG,"pgp message"+packet.toString());
|
||||||
account.getXmppConnection().sendMessagePacket(packet);
|
account.getXmppConnection().sendMessagePacket(packet);
|
||||||
message.setStatus(Message.STATUS_SEND);
|
message.setStatus(Message.STATUS_SEND);
|
||||||
message.setEncryption(Message.ENCRYPTION_DECRYPTED);
|
message.setEncryption(Message.ENCRYPTION_DECRYPTED);
|
||||||
|
|
|
@ -6,14 +6,26 @@ import java.io.OutputStream;
|
||||||
import java.math.BigInteger;
|
import java.math.BigInteger;
|
||||||
import java.net.Socket;
|
import java.net.Socket;
|
||||||
import java.net.UnknownHostException;
|
import java.net.UnknownHostException;
|
||||||
|
import java.security.KeyManagementException;
|
||||||
|
import java.security.KeyStore;
|
||||||
|
import java.security.KeyStoreException;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.security.SecureRandom;
|
import java.security.SecureRandom;
|
||||||
import java.security.cert.CertPathValidatorException;
|
import java.security.cert.CertPathValidatorException;
|
||||||
|
import java.security.cert.CertificateException;
|
||||||
|
import java.security.cert.CertificateExpiredException;
|
||||||
|
import java.security.cert.X509Certificate;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Hashtable;
|
import java.util.Hashtable;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
import javax.net.ssl.ManagerFactoryParameters;
|
||||||
|
import javax.net.ssl.SSLContext;
|
||||||
import javax.net.ssl.SSLSocket;
|
import javax.net.ssl.SSLSocket;
|
||||||
import javax.net.ssl.SSLSocketFactory;
|
import javax.net.ssl.SSLSocketFactory;
|
||||||
|
import javax.net.ssl.TrustManager;
|
||||||
|
import javax.net.ssl.TrustManagerFactory;
|
||||||
|
import javax.net.ssl.X509TrustManager;
|
||||||
|
|
||||||
import org.xmlpull.v1.XmlPullParserException;
|
import org.xmlpull.v1.XmlPullParserException;
|
||||||
|
|
||||||
|
@ -270,11 +282,51 @@ public class XmppConnection implements Runnable {
|
||||||
IOException {
|
IOException {
|
||||||
Tag nextTag = tagReader.readTag(); // should be proceed end tag
|
Tag nextTag = tagReader.readTag(); // should be proceed end tag
|
||||||
Log.d(LOGTAG, account.getJid() + ": now switch to ssl");
|
Log.d(LOGTAG, account.getJid() + ": now switch to ssl");
|
||||||
SSLSocket sslSocket;
|
|
||||||
try {
|
try {
|
||||||
sslSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory
|
SSLContext sc = SSLContext.getInstance("TLS");
|
||||||
.getDefault()).createSocket(socket, socket.getInetAddress()
|
TrustManagerFactory tmf = TrustManagerFactory
|
||||||
.getHostAddress(), socket.getPort(), true);
|
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
|
||||||
|
// Initialise the TMF as you normally would, for example:
|
||||||
|
// tmf.in
|
||||||
|
try {
|
||||||
|
tmf.init((KeyStore) null);
|
||||||
|
} catch (KeyStoreException e1) {
|
||||||
|
// TODO Auto-generated catch block
|
||||||
|
e1.printStackTrace();
|
||||||
|
}
|
||||||
|
|
||||||
|
TrustManager[] trustManagers = tmf.getTrustManagers();
|
||||||
|
final X509TrustManager origTrustmanager = (X509TrustManager) trustManagers[0];
|
||||||
|
|
||||||
|
TrustManager[] wrappedTrustManagers = new TrustManager[] { new X509TrustManager() {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void checkClientTrusted(X509Certificate[] chain,
|
||||||
|
String authType) throws CertificateException {
|
||||||
|
origTrustmanager.checkClientTrusted(chain, authType);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void checkServerTrusted(X509Certificate[] chain,
|
||||||
|
String authType) throws CertificateException {
|
||||||
|
try {
|
||||||
|
origTrustmanager.checkServerTrusted(chain, authType);
|
||||||
|
} catch (CertificateException e) {
|
||||||
|
Log.d(LOGTAG,"cert exeption");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public X509Certificate[] getAcceptedIssuers() {
|
||||||
|
return origTrustmanager.getAcceptedIssuers();
|
||||||
|
}
|
||||||
|
|
||||||
|
} };
|
||||||
|
sc.init(null, wrappedTrustManagers, null);
|
||||||
|
SSLSocketFactory factory = sc.getSocketFactory();
|
||||||
|
SSLSocket sslSocket = (SSLSocket) factory.createSocket(socket,
|
||||||
|
socket.getInetAddress().getHostAddress(), socket.getPort(),
|
||||||
|
true);
|
||||||
tagReader.setInputStream(sslSocket.getInputStream());
|
tagReader.setInputStream(sslSocket.getInputStream());
|
||||||
Log.d(LOGTAG, "reset inputstream");
|
Log.d(LOGTAG, "reset inputstream");
|
||||||
tagWriter.setOutputStream(sslSocket.getOutputStream());
|
tagWriter.setOutputStream(sslSocket.getOutputStream());
|
||||||
|
@ -283,10 +335,12 @@ public class XmppConnection implements Runnable {
|
||||||
sendStartStream();
|
sendStartStream();
|
||||||
processStream(tagReader.readTag());
|
processStream(tagReader.readTag());
|
||||||
sslSocket.close();
|
sslSocket.close();
|
||||||
} catch (IOException e) {
|
} catch (NoSuchAlgorithmException e1) {
|
||||||
Log.d(LOGTAG,
|
// TODO Auto-generated catch block
|
||||||
account.getJid() + ": error on ssl '" + e.getMessage()
|
e1.printStackTrace();
|
||||||
+ "'");
|
} catch (KeyManagementException e) {
|
||||||
|
// TODO Auto-generated catch block
|
||||||
|
e.printStackTrace();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue