SSLFactory
来源:互联网 发布:android浏览器源码 编辑:程序博客网 时间:2024/05/05 09:41
/**
* @Author: bcoffman@paypal.com
* A Secure Socket Layer Factory.
*/
package com.paypal.api.client;
import java.lang.*;
import java.net.*;
import javax.net.*;
import java.io.*;
import java.util.*;
import java.security.*;
import javax.net.ssl.*;
/**
* Default TrustManager checks that a cert is signed by a well known
* certificate authority, like Verisign or Thawte.
*/
class RelaxedX509TrustManager implements X509TrustManager {
public boolean checkClientTrusted(java.security.cert.X509Certificate[] chain){ return true; }
public boolean isServerTrusted(java.security.cert.X509Certificate[] chain){ return true; }
public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {}
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {}
}
/**
* The SSL factory pattern (as in design patterns) that produces an SSL channel.
* We specify a cert, and the passwor, as well as the format of the cert. The
* supported types are PCKS12, and JKS. You must specify
*/
public class SSLFactory extends org.apache.axis.components.net.JSSESocketFactory {
public SSLFactory(Hashtable attributes) {
super(attributes);
}
protected void initFactory() throws IOException {
sslFactory = get_SSLFactory();
}
protected SSLSocketFactory get_SSLFactory() throws IOException {
String cert_password = "";
String cert_format = "";
String cert_file = "";
try {
SimpleConfigFile cfg = new SimpleConfigFile(); // Uses previously instantiated file.
cert_file = cfg.val("cert_file");
cert_password= cfg.val("cert_password");
cert_format = cfg.val("cert_format");
if (cert_format==null) {
cert_format="PKCS12"; // Default value.
}
if (cert_file==null || cert_password==null) {
throw new IOException("missing cert info");
}
}
catch (Exception e) {
System.err.println("com.paypal.api.client.SSLFactory: Problems with keystore configuration");
throw new IOException("Problems with keystore configuration");
}
char[] keypass = cert_password.toCharArray();
char[] storepass = cert_password.toCharArray();
try {
//InputFileStream ifs = getClass().getResourceAsStream(cert_file);
File file = new File(cert_file);
if(!file.canRead()) {
System.err.println("com.paypal.api.client.SSLFactory: Can't find/read cert file: /"" +cert_file+"/".");
throw new IOException("com.paypal.api.client.SSLFactory: Can't find/read cert file: /"" +cert_file+"/".");
}
FileInputStream fin = new FileInputStream(file);
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
random.setSeed(System.currentTimeMillis());
KeyStore ks = null;
if (cert_format.toUpperCase() == "JKS") {
ks = KeyStore.getInstance(cert_format);
} else {
ks = KeyStore.getInstance(cert_format, "SunJSSE"); // PKCS12
}
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
TrustManager[] tm = {new RelaxedX509TrustManager()}; // customized, see above
try {
ks.load(fin, storepass);
} catch (Exception e) {
System.out.println("com.paypal.api.client.SSLFactory: Bad cert_password");
throw new IOException("com.paypal.api.client.SSLFactory: Bad cert_password");
}
kmf.init(ks, keypass);
SSLContext ctx = SSLContext.getInstance("SSL"); //TLS, SSLv3, SSL
ctx.init(kmf.getKeyManagers(), tm, random);
return ctx.getSocketFactory();
}
catch (Exception e) {
throw new IOException("com.paypal.api.client.SSLFactory: Cannot create SSL factory.");
}
}
}
- SSLFactory
- 最近流行建论坛我也弄了一个
- TransactionSearch
- RefundTransaction
- 遍历表单中所有对象一小例
- PaypalSvc.wsdl
- SSLFactory
- 修改过的PHP购物车类
- 请高手指点!!!!!!!!!!!11
- 余世维讲座视频下载
- [原创]在fedora core 2中安装jdk+tomcat+eclipse
- 用Rational Rose和UML开发J2EE应用(一)
- MY_IDE:一个将Delphi的组件面板转变为多层并能自动隐藏的组件
- 用Rational Rose和UML开发J2EE应用(二)
- (转贴)我们是无耻之徒吗? 人民网 作者:程生