introduced custom tls socket factory to make tls1.2 work for http connections

author: Christian Schneppe <christian@pix-art.de> 2016-11-20 17:44:53 +0100
committer: Christian Schneppe <christian@pix-art.de> 2016-11-20 17:44:53 +0100
commit: b8f0b3c3a94b094de134d4092d566687d93498b0 (patch)
tree: 407e35eec816b8db083e920c8e173bd2a4f29657 /src/main/java/de/pixart/messenger/utils/TLSSocketFactory.java
parent: 1cf0241aed94015f5c5fc523b756cbbd5a797de7 (diff)
1 files changed, 70 insertions, 0 deletions
diff --git a/src/main/java/de/pixart/messenger/utils/TLSSocketFactory.java b/src/main/java/de/pixart/messenger/utils/TLSSocketFactory.java
new file mode 100644
index 000000000..cfefbd93d
--- /dev/null
+++ b/src/main/java/de/pixart/messenger/utils/TLSSocketFactory.java
@@ -0,0 +1,70 @@
+package de.pixart.messenger.utils;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.X509TrustManager;
+
+public class TLSSocketFactory extends SSLSocketFactory {
+
+    private final SSLSocketFactory internalSSLSocketFactory;
+
+    public TLSSocketFactory(X509TrustManager[] trustManager, SecureRandom random) throws KeyManagementException, NoSuchAlgorithmException {
+        SSLContext context = SSLContext.getInstance("TLS");
+        context.init(null, trustManager, random);
+        this.internalSSLSocketFactory = context.getSocketFactory();
+    }
+
+    @Override
+    public String[] getDefaultCipherSuites() {
+        return CryptoHelper.getOrderedCipherSuites(internalSSLSocketFactory.getDefaultCipherSuites());
+    }
+
+    @Override
+    public String[] getSupportedCipherSuites() {
+        return internalSSLSocketFactory.getSupportedCipherSuites();
+    }
+
+    @Override
+    public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
+        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(s, host, port, autoClose));
+    }
+
+    @Override
+    public Socket createSocket(String host, int port) throws IOException {
+        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
+    }
+
+    @Override
+    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException {
+        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port, localHost, localPort));
+    }
+
+    @Override
+    public Socket createSocket(InetAddress host, int port) throws IOException {
+        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
+    }
+
+    @Override
+    public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
+        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(address, port, localAddress, localPort));
+    }
+
+    private static Socket enableTLSOnSocket(Socket socket) {
+        if(socket != null && (socket instanceof SSLSocket)) {
+            try {
+                SSLSocketHelper.setSecurity((SSLSocket) socket);
+            } catch (NoSuchAlgorithmException e) {
+                //ignoring
+            }
+        }
+        return socket;
+    }
+}
+\ No newline at end of file
author	Christian Schneppe <christian@pix-art.de>	2016-11-20 17:44:53 +0100
committer	Christian Schneppe <christian@pix-art.de>	2016-11-20 17:44:53 +0100
commit	b8f0b3c3a94b094de134d4092d566687d93498b0 (patch)
tree	407e35eec816b8db083e920c8e173bd2a4f29657 /src/main/java/de/pixart/messenger/utils/TLSSocketFactory.java
parent	1cf0241aed94015f5c5fc523b756cbbd5a797de7 (diff)