diff options
author | Daniel Gultsch <daniel@gultsch.de> | 2014-03-06 20:03:35 +0100 |
---|---|---|
committer | Daniel Gultsch <daniel@gultsch.de> | 2014-03-06 20:03:35 +0100 |
commit | 3e52daf5e1e77662adc4a782d1b37c9a51fce13b (patch) | |
tree | 3ea6909918924f64450e6a2eadde604dd6652173 /src/eu | |
parent | c666b086d6be3d993b0b9c52a6aab916cd6942ab (diff) |
ssl shit
Diffstat (limited to '')
-rw-r--r-- | src/eu/siacs/conversations/services/XmppConnectionService.java | 1 | ||||
-rw-r--r-- | src/eu/siacs/conversations/xmpp/XmppConnection.java | 70 |
2 files changed, 63 insertions, 8 deletions
diff --git a/src/eu/siacs/conversations/services/XmppConnectionService.java b/src/eu/siacs/conversations/services/XmppConnectionService.java index 3ba5c5e3..716b3edc 100644 --- a/src/eu/siacs/conversations/services/XmppConnectionService.java +++ b/src/eu/siacs/conversations/services/XmppConnectionService.java @@ -490,6 +490,7 @@ public class XmppConnectionService extends Service { x.setContent(this.getPgpEngine().encrypt(keyId, message.getBody())); packet.addChild(x); + Log.d(LOGTAG,"pgp message"+packet.toString()); account.getXmppConnection().sendMessagePacket(packet); message.setStatus(Message.STATUS_SEND); message.setEncryption(Message.ENCRYPTION_DECRYPTED); diff --git a/src/eu/siacs/conversations/xmpp/XmppConnection.java b/src/eu/siacs/conversations/xmpp/XmppConnection.java index 9da0cbf2..c5aa1d7d 100644 --- a/src/eu/siacs/conversations/xmpp/XmppConnection.java +++ b/src/eu/siacs/conversations/xmpp/XmppConnection.java @@ -6,14 +6,26 @@ import java.io.OutputStream; import java.math.BigInteger; import java.net.Socket; import java.net.UnknownHostException; +import java.security.KeyManagementException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.cert.CertPathValidatorException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateExpiredException; +import java.security.cert.X509Certificate; import java.util.HashSet; import java.util.Hashtable; import java.util.List; +import javax.net.ssl.ManagerFactoryParameters; +import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; +import javax.net.ssl.X509TrustManager; import org.xmlpull.v1.XmlPullParserException; @@ -270,11 +282,51 @@ public class XmppConnection implements Runnable { IOException { Tag nextTag = tagReader.readTag(); // should be proceed end tag Log.d(LOGTAG, account.getJid() + ": now switch to ssl"); - SSLSocket sslSocket; try { - sslSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory - .getDefault()).createSocket(socket, socket.getInetAddress() - .getHostAddress(), socket.getPort(), true); + SSLContext sc = SSLContext.getInstance("TLS"); + TrustManagerFactory tmf = TrustManagerFactory + .getInstance(TrustManagerFactory.getDefaultAlgorithm()); + // Initialise the TMF as you normally would, for example: + // tmf.in + try { + tmf.init((KeyStore) null); + } catch (KeyStoreException e1) { + // TODO Auto-generated catch block + e1.printStackTrace(); + } + + TrustManager[] trustManagers = tmf.getTrustManagers(); + final X509TrustManager origTrustmanager = (X509TrustManager) trustManagers[0]; + + TrustManager[] wrappedTrustManagers = new TrustManager[] { new X509TrustManager() { + + @Override + public void checkClientTrusted(X509Certificate[] chain, + String authType) throws CertificateException { + origTrustmanager.checkClientTrusted(chain, authType); + } + + @Override + public void checkServerTrusted(X509Certificate[] chain, + String authType) throws CertificateException { + try { + origTrustmanager.checkServerTrusted(chain, authType); + } catch (CertificateException e) { + Log.d(LOGTAG,"cert exeption"); + } + } + + @Override + public X509Certificate[] getAcceptedIssuers() { + return origTrustmanager.getAcceptedIssuers(); + } + + } }; + sc.init(null, wrappedTrustManagers, null); + SSLSocketFactory factory = sc.getSocketFactory(); + SSLSocket sslSocket = (SSLSocket) factory.createSocket(socket, + socket.getInetAddress().getHostAddress(), socket.getPort(), + true); tagReader.setInputStream(sslSocket.getInputStream()); Log.d(LOGTAG, "reset inputstream"); tagWriter.setOutputStream(sslSocket.getOutputStream()); @@ -283,10 +335,12 @@ public class XmppConnection implements Runnable { sendStartStream(); processStream(tagReader.readTag()); sslSocket.close(); - } catch (IOException e) { - Log.d(LOGTAG, - account.getJid() + ": error on ssl '" + e.getMessage() - + "'"); + } catch (NoSuchAlgorithmException e1) { + // TODO Auto-generated catch block + e1.printStackTrace(); + } catch (KeyManagementException e) { + // TODO Auto-generated catch block + e.printStackTrace(); } } |