Java Code Examples for javax.net.ssl.SSLContext

public TrustAllSSLSocketFactory() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
  super(null);
  try {
    SSLContext sslcontext=SSLContext.getInstance("TLS");
    sslcontext.init(null,new TrustManager[]{new TrustAllManager()},null);
    factory=sslcontext.getSocketFactory();
    setHostnameVerifier(new AllowAllHostnameVerifier());
  }
 catch (  Exception ex) {
  }
}
 

private static SSLContext createEasySSLContext(){
  try {
    SSLContext context=SSLContext.getInstance("SSL");
    context.init(null,new TrustManager[]{new EasyX509TrustManager(null)},null);
    return context;
  }
 catch (  Exception e) {
    throw new HttpClientError(e.toString());
  }
}
 

private static SSLContext createEasySSLContext() throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new TrivialTrustManager()},null);
    return context;
  }
 catch (  Exception e) {
    throw new IOException(e.getMessage());
  }
}
 

/** 
 * Open an URL connection. If HTTPS, accepts any certificate even if not valid, and connects to any host name.
 * @param url The destination URL, HTTP or HTTPS.
 * @return The URLConnection.
 * @throws IOException
 * @throws NoSuchAlgorithmException
 * @throws KeyManagementException
 */
public static URLConnection getConnection(URL url) throws IOException, NoSuchAlgorithmException, KeyManagementException {
  URLConnection conn=url.openConnection();
  if (conn instanceof HttpsURLConnection) {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(new KeyManager[0],TRUST_MANAGER,new SecureRandom());
    SSLSocketFactory socketFactory=context.getSocketFactory();
    ((HttpsURLConnection)conn).setSSLSocketFactory(socketFactory);
    ((HttpsURLConnection)conn).setHostnameVerifier(HOSTNAME_VERIFIER);
  }
  conn.setConnectTimeout(SOCKET_TIMEOUT);
  conn.setReadTimeout(SOCKET_TIMEOUT);
  return conn;
}
 

public BogusSslContextFactory(){
  String algorithm=Security.getProperty("ssl.KeyManagerFactory.algorithm");
  if (algorithm == null) {
    algorithm="X509";
  }
  SSLContext tmpServerContext;
  SSLContext tmpClientContext;
  try {
    KeyStore ks=KeyStore.getInstance("JKS");
    ks.load(BogusKeyStore.asInputStream(),BogusKeyStore.getKeyStorePassword());
    KeyManagerFactory kmf=KeyManagerFactory.getInstance(algorithm);
    kmf.init(ks,BogusKeyStore.getCertificatePassword());
    tmpServerContext=SSLContext.getInstance(PROTOCOL);
    tmpServerContext.init(kmf.getKeyManagers(),BogusTrustManagerFactory.getTrustManagers(),null);
  }
 catch (  Exception e) {
    throw new Error("Failed to initialize the server-side SSLContext",e);
  }
  try {
    tmpClientContext=SSLContext.getInstance(PROTOCOL);
    tmpClientContext.init(null,BogusTrustManagerFactory.getTrustManagers(),null);
  }
 catch (  Exception e) {
    throw new Error("Failed to initialize the client-side SSLContext",e);
  }
  serverContext=tmpServerContext;
  clientContext=tmpClientContext;
}
 

private SSLContext createSSLContext(InputStream keyStoreFile,String keyStoreFilePassword) throws Exception {
  String algorithm=Security.getProperty("ssl.KeyManagerFactory.algorithm");
  if (algorithm == null) {
    algorithm="SunX509";
  }
  KeyStore ks=KeyStore.getInstance("JKS");
  ks.load(keyStoreFile,keyStoreFilePassword.toCharArray());
  KeyManagerFactory kmf=KeyManagerFactory.getInstance(algorithm);
  kmf.init(ks,keyStoreFilePassword.toCharArray());
  SSLContext serverContext=SSLContext.getInstance("TLS");
  serverContext.init(kmf.getKeyManagers(),null,null);
  return serverContext;
}
 

/** 
 * <p>Start TLS on the given connection.</p> <p><b>TODO:</b> This method uses a non-validating key manager.</p>
 * @throws NoSuchAlgorithmException If the requested encryption algorithmis not supported.
 * @throws KeyManagementException In case of a key managment error.
 * @throws IOException If the underlying stream dies.
 * @throws XmppTransportException In case of XML/XMPP related errors.
 */
protected void startTLS() throws NoSuchAlgorithmException, KeyManagementException, IOException, XmppTransportException {
  Log.d("BC/XMPP/Negotiation","StartTLS");
  xmppOutput.detach();
  xmppInput.detach();
  SSLContext context=SSLContext.getInstance("TLS");
  context.init(new KeyManager[]{},new javax.net.ssl.TrustManager[]{new UnTrustManager()},new java.security.SecureRandom());
  socket=context.getSocketFactory().createSocket(socket,socket.getInetAddress().getHostName(),socket.getPort(),true);
  socket.setKeepAlive(false);
  socket.setSoTimeout(0);
  inputStream=socket.getInputStream();
  outputStream=socket.getOutputStream();
  xmppOutput.attach(outputStream,true,false);
  xmppInput.attach(inputStream);
}
 

/** 
 * <p>Start TLS on the given connection.</p> <p><b>TODO:</b> This method uses a non-validating key manager.</p>
 * @throws NoSuchAlgorithmException If the requested encryption algorithmis not supported.
 * @throws KeyManagementException In case of a key managment error.
 * @throws IOException If the underlying stream dies.
 * @throws XmppTransportException In case of XML/XMPP related errors.
 */
protected void startTLS() throws NoSuchAlgorithmException, KeyManagementException, IOException, XmppTransportException {
  xmppOutput.detach();
  xmppInput.detach();
  SSLContext context=SSLContext.getInstance("TLS");
  context.init(new KeyManager[]{},new javax.net.ssl.TrustManager[]{new UnTrustManager()},new java.security.SecureRandom());
  socket=context.getSocketFactory().createSocket(socket,socket.getInetAddress().getHostName(),socket.getPort(),true);
  socket.setKeepAlive(false);
  socket.setSoTimeout(0);
  inputStream=socket.getInputStream();
  outputStream=socket.getOutputStream();
  xmppOutput.attach(outputStream,true,false);
  xmppInput.attach(inputStream);
}
 

@Override public SocketChannel newChannel(ChannelPipeline pipeline){
  try {
    SSLContext sslContext=SSLContext.getInstance("TLS");
    sslContext.init(null,new TrustManager[]{new BogusTrustManager()},null);
    SSLEngine sslEngine=sslContext.createSSLEngine();
    sslEngine.setUseClientMode(true);
    pipeline.addFirst("ssl",new SslHandler(sslEngine));
    return super.newChannel(pipeline);
  }
 catch (  Exception ex) {
    throw new RuntimeException("Cannot create SSL channel",ex);
  }
}
 

private static SSLContext createEasySSLContext(String certKey) throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new FakeTrustManager(certKey)},null);
    return context;
  }
 catch (  Exception e) {
    throw new IOException(e.getMessage());
  }
}
 

private static SSLContext createSSLContext(){
  try {
    final SSLContext context=SSLContext.getInstance("SSL");
    context.init(null,new TrustManager[]{trustAllCerts},null);
    return context;
  }
 catch (  final Exception e) {
    throw new HttpClientError(e.toString());
  }
}
 

/** 
 * Constructor for singleton
 */
private JsonHttpSslContextManager(){
  try {
    String algorithm=Security.getProperty("ssl.KeyManagerFactory.algorithm");
    if (algorithm == null) {
      algorithm="SunX509";
    }
    SSLContext serverContext=null;
    try {
      KeyStore ks=KeyStore.getInstance("JKS");
      FileInputStream fin=new FileInputStream(AppProperties.getInstance().getPubSubJsonHttpKeyStorePath());
      ks.load(fin,AppProperties.getInstance().getPubSubJsonHttpKeyStorePassword().toCharArray());
      KeyManagerFactory kmf=KeyManagerFactory.getInstance(algorithm);
      kmf.init(ks,AppProperties.getInstance().getPubSubJsonHttpKeyStoreKeyPassword().toCharArray());
      serverContext=SSLContext.getInstance(PROTOCOL);
      serverContext.init(kmf.getKeyManagers(),null,null);
    }
 catch (    Exception e) {
      throw new Error("Failed to initialize the server-side SSLContext",e);
    }
    _serverContext=serverContext;
    SSLContext clientContext=null;
    try {
      clientContext=SSLContext.getInstance(PROTOCOL);
      clientContext.init(null,JsonHttpSSLTrustManager.getInstance().getTrustManagers(),null);
    }
 catch (    Exception e) {
      throw new Error("Failed to initialize the client-side SSLContext",e);
    }
    _clientContext=clientContext;
    return;
  }
 catch (  Exception ex) {
    _logger.error("Error initializing SslContextManager. " + ex.getMessage(),ex);
    System.exit(1);
  }
}
 

private static SSLContext createEasySSLContext() throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new TrivialTrustManager()},null);
    return context;
  }
 catch (  Exception e) {
    throw new IOException(e.getMessage());
  }
}
 

private ServerSocket createTLSServerSocket() throws IOException, GeneralSecurityException {
  SSLContext sslContext=device.sslContext();
  SSLServerSocketFactory ssf=sslContext.getServerSocketFactory();
  SSLServerSocket ss=(SSLServerSocket)ssf.createServerSocket();
  ss.setEnabledProtocols(tlsProtocols);
  ss.setEnabledCipherSuites(tlsCipherSuites);
  ss.setNeedClientAuth(tlsNeedClientAuth);
  return ss;
}
 

private static SSLContext createEasySSLContext() throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new EasyX509TrustManager(null)},null);
    return context;
  }
 catch (  Exception e) {
    throw new IOException(e.getMessage());
  }
}
 

private static SSLContext createEasySSLContext() throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new TrivialTrustManager()},null);
    return context;
  }
 catch (  Exception e) {
    throw new IOException(e.getMessage());
  }
}
 

public SSLContext setupSSLContext(final String keyPassword) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
  initKeyManagerFactory(keyPassword);
  if (null == keyManagerFactory) {
    throw new IllegalStateException("No KeyStore set.");
  }
  SSLContext sslContext=SSLContext.getInstance("TLS");
  sslContext.init(keyManagerFactory.getKeyManagers(),trustManagerFactory != null ? trustManagerFactory.getTrustManagers() : null,new SecureRandom());
  return sslContext;
}
 

private void setSSLFactory(){
  try {
    SSLContext context=SSLContext.getInstance("SSL");
    context.init(null,new TrustManager[]{new ConfigurableX509TrustManager(getSslTrustLevel())},null);
    this.sslfactory=context.getSocketFactory();
  }
 catch (  Exception e) {
    logger.log(Level.WARNING,"Failed configure of ssl context " + e.getMessage(),e);
  }
}
 

private static void trustAllHttpsCertificates(){
  SSLContext context;
  TrustManager[] _trustManagers=new TrustManager[]{new CustomTrustManager()};
  try {
    context=SSLContext.getInstance("SSL");
    context.init(null,_trustManagers,new SecureRandom());
  }
 catch (  GeneralSecurityException gse) {
    throw new IllegalStateException(gse.getMessage());
  }
  HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
}
 

@Test(expected=SSLPeerUnverifiedException.class) public void testSSLTrustVerification() throws Exception {
  SSLContext defaultsslcontext=SSLContext.getInstance("TLS");
  defaultsslcontext.init(null,null,null);
  SSLSocketFactory socketFactory=new SSLSocketFactory(defaultsslcontext,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
  HttpParams params=new BasicHttpParams();
  SSLSocket socket=(SSLSocket)socketFactory.createSocket(params);
  InetSocketAddress address=this.localServer.getServiceAddress();
  socketFactory.connectSocket(socket,address,null,params);
}
 

private SSLContext getDefaultSSLContext(){
  SSLContext sslcontext;
  try {
    sslcontext=SSLContext.getInstance("TLS");
    sslcontext.init(null,null,null);
  }
 catch (  Exception ex) {
    throw new IllegalStateException("Failure initializing default SSL context",ex);
  }
  return sslcontext;
}
 

public Connector configureConnector(String host,int port,SSLOptions options){
  try {
    PEMCredential serviceCredentials=new PEMCredential(options.getKeyFile(),options.getCertificateFile(),options.getKeyPassword());
    OpensslCertChainValidator validator=new OpensslCertChainValidator(options.getTrustStoreDirectory(),DEFAULT_NAMESPACE_CHECKING_MODE,options.getTrustStoreRefreshIntervalInMsec());
    validator.addValidationListener(new SSLValidationErrorReporter());
    SSLContext sslContext=SocketFactoryCreator.getSSLContext(serviceCredentials,validator,null);
    configurator=new SSLContextConnectorConfigurator(sslContext);
    return configurator.configureConnector(host,port,options);
  }
 catch (  Throwable t) {
    log.error("SSL initialization error!",t);
    return null;
  }
}
 

private static SSLContext createEasySSLContext() throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new TrivialTrustManager()},null);
    return context;
  }
 catch (  Exception e) {
    throw new IOException(e.getMessage());
  }
}
 

/** 
 * This function will install a trust manager that will blindly trust all SSL certificates.  The reason this code is being added is to enable developers to do development using self signed SSL certificates on their web server. The standard HttpsURLConnection class will throw an exception on self signed certificates if this code is not run.
 */
private static SSLSocketFactory trustAllHosts(HttpsURLConnection connection){
  SSLSocketFactory oldFactory=connection.getSSLSocketFactory();
  try {
    SSLContext sc=SSLContext.getInstance("TLS");
    sc.init(null,trustAllCerts,new java.security.SecureRandom());
    SSLSocketFactory newFactory=sc.getSocketFactory();
    connection.setSSLSocketFactory(newFactory);
  }
 catch (  Exception e) {
    Log.e(LOG_TAG,e.getMessage(),e);
  }
  return oldFactory;
}
 

public TrustedSocketFactory(String host,boolean secure) throws NoSuchAlgorithmException, KeyManagementException {
  SSLContext sslContext=SSLContext.getInstance("TLS");
  sslContext.init(null,new TrustManager[]{TrustManagerFactory.get(host,secure)},new SecureRandom());
  mSocketFactory=sslContext.getSocketFactory();
  mSchemeSocketFactory=org.apache.http.conn.ssl.SSLSocketFactory.getSocketFactory();
  mSchemeSocketFactory.setHostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
}
 

private static SSLContext createEasySSLContext(){
  try {
    SSLContext context=SSLContext.getInstance("SSL");
    context.init(null,new TrustManager[]{new DummyX509TrustManager(null)},null);
    return context;
  }
 catch (  Exception e) {
    if (LOG.isErrorEnabled()) {
      LOG.error(e.getMessage(),e);
    }
    throw new HttpClientError(e.toString());
  }
}
 

public Socket createSocket(String host,int port) throws IOException, UnknownHostException {
  SSLContext ctx=getSSLContext();
  SSLSocketFactory sf=ctx.getSocketFactory();
  Socket socket=sf.createSocket(host,port);
  return socket;
}
 

protected static SSLContext createEasySSLContext() throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("SSL");
    context.init(null,new TrustManager[]{new EasyX509TrustManager(null)},null);
    return context;
  }
 catch (  Exception e) {
    IOException ioe=new IOException(e.getMessage());
    ioe.initCause(e);
    throw ioe;
  }
}
 

public AbstractDebugSecureSocketFactory(String protocol){
  try {
    SSLContext sslcontext=SSLContext.getInstance(protocol);
    sslcontext.init(null,new TrustManager[]{new NaiveTrustManager()},null);
    factory=(SSLSocketFactory)sslcontext.getSocketFactory();
  }
 catch (  Exception ex) {
  }
}
 

private static SSLContext createEasySSLContext(){
  try {
    SSLContext context=SSLContext.getInstance("SSL");
    context.init(null,new TrustManager[]{new DummyX509TrustManager(null)},null);
    return context;
  }
 catch (  Exception e) {
    if (LOG.isErrorEnabled()) {
      LOG.error(e.getMessage(),e);
    }
    throw new HttpClientError(e.toString());
  }
}
 

/** 
 * Create a new SSLSocketFactory that creates a Socket regardless of the certificate used.
 * @throws SSLException if initialization fails.
 */
public TrustingSSLSocketFactory(){
  try {
    SSLContext sslContext=SSLContext.getInstance("TLS");
    sslContext.init(null,new TrustManager[]{new TrustingX509TrustManager()},new SecureRandom());
    factory=sslContext.getSocketFactory();
  }
 catch (  NoSuchAlgorithmException nsae) {
    throw new RuntimeException("Unable to initialize the SSL context:  ",nsae);
  }
catch (  KeyManagementException kme) {
    throw new RuntimeException("Unable to register a trust manager:  ",kme);
  }
}
 

private static SSLContext createEasySSLContext() throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new TrivialTrustManager()},null);
    return context;
  }
 catch (  Exception e) {
    throw new IOException(e.getMessage());
  }
}
 

/** 
 * Create a new CatSecureSocketFactory.
 * @param attrs     attributes for the connection (Ignored at this point)
 * @throws Exception
 */
@SuppressWarnings("unchecked") public CatSecureSocketFactory(Hashtable attrs) throws Exception {
  if (ks == null)   throw new Exception("The CAT secure socket factory has not been initialized with a keystore");
  TrustManagerFactory tmf=TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
  tmf.init(ks);
  KeyManagerFactory kmf=KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
  kmf.init(ks,ksPass.toCharArray());
  SSLContext ctx=SSLContext.getInstance("SSLv3");
  ctx.init(kmf.getKeyManagers(),tmf.getTrustManagers(),null);
  ssf=ctx.getSocketFactory();
}
 

/** 
 * Sets a trust manager that will always trust. <p> TODO: dont swallog exceptions and setup things so that they dont disturb other components.
 */
private void setPermissiveSSLSocketFactory(HttpsURLConnection connection){
  try {
    SSLContext sslContext=SSLContext.getInstance("SSL");
    sslContext.init(new KeyManager[0],new TrustManager[]{new PermissiveTrustManager()},new SecureRandom());
    SSLSocketFactory socketFactory=sslContext.getSocketFactory();
    ((HttpsURLConnection)connection).setSSLSocketFactory(socketFactory);
  }
 catch (  KeyManagementException e) {
  }
catch (  NoSuchAlgorithmException e) {
  }
}
 

/** 
 * Returns an SSL server socket factory for the given configuration. If no SSLProtocol is already set, uses DEFAULT_PROTOCOL. Throws IllegalArgumentException if the server socket factory could not be created due to underlying configuration problems.
 * @see org.eclipse.paho.client.mqttv3.internal.security.SSLSocketFactoryFactory#DEFAULT_PROTOCOL
 * @param configID The configuration identifier for selecting a configuration.
 * @return An SSLServerSocketFactory
 * @throws MqttDirectException
 */
public SSLServerSocketFactory createServerSocketFactory(String configID) throws MqttDirectException {
  final String METHOD_NAME="createServerSocketFactory";
  SSLContext ctx=getSSLContext(configID);
  if (logger != null) {
    logger.fine(CLASS_NAME,METHOD_NAME,"12018",new Object[]{configID != null ? configID : "null (broker defaults)",getEnabledCipherSuites(configID) != null ? getProperty(configID,CIPHERSUITES,null) : "null (using platform-enabled cipher suites)"});
    logger.fine(CLASS_NAME,METHOD_NAME,"12019",new Object[]{configID != null ? configID : "null (broker defaults)",new Boolean(getClientAuthentication(configID)).toString()});
  }
  return ctx.getServerSocketFactory();
}
 

private SSLSocketFactory createSocketFactory(final String fileWithPath,final String password){
  SSLSocketFactory factory=null;
  try {
    KeyManagerFactory keyManagerFactory=getKeyManagerFactory(fileWithPath,password,"JKS");
    SSLContext sslContext=SSLContext.getInstance("SSLv3");
    sslContext.init(keyManagerFactory.getKeyManagers(),getAllTrustingManager(),new SecureRandom());
    factory=sslContext.getSocketFactory();
    return factory;
  }
 catch (  Exception e) {
    e.printStackTrace();
  }
  return (SSLSocketFactory)SSLSocketFactory.getDefault();
}
 

private static SSLContext createEasySSLContext(){
  try {
    SSLContext context=SSLContext.getInstance("SSL");
    context.init(null,new TrustManager[]{new EasyX509TrustManager(null)},null);
    return context;
  }
 catch (  Exception e) {
    logger.error(e.getMessage(),e);
    throw new HttpClientError(e.toString());
  }
}
 

private static SSLContext createEasySSLContext() throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new TrivialTrustManager()},null);
    return context;
  }
 catch (  Exception e) {
    throw new IOException(e.getMessage());
  }
}
 

/** 
 * {@inheritDoc} 
 */
@Override public void sessionOpened(IoSession session) throws Exception {
  if (password == null || keystore == null) {
    throw new NotActiveException("Keystore or password are null");
  }
  SSLContext context=SSLContext.getInstance("TLS");
  KeyManagerFactory kmf=KeyManagerFactory.getInstance("SunX509");
  kmf.init(getKeyStore(),password);
  context.init(kmf.getKeyManagers(),null,null);
  SslFilter sslFilter=new SslFilter(context);
  if (sslFilter != null) {
    session.getFilterChain().addFirst("sslFilter",sslFilter);
  }
  super.sessionOpened(session);
}
 

private static SSLContext createEasySSLContext() throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new FakeTrustManager()},null);
    return context;
  }
 catch (  Exception e) {
    throw new IOException(e.getMessage());
  }
}
 

/** 
 * Bypass HTTPS security check by using free-for-all trust manager.
 * @param _ This is ignored.
 */
@Option(name="-noCertificateCheck") public void setNoCertificateCheck(boolean _) throws NoSuchAlgorithmException, KeyManagementException {
  System.out.println("Skipping HTTPS certificate checks altoghether. Note that this is not secure at all.");
  SSLContext context=SSLContext.getInstance("TLS");
  context.init(null,new TrustManager[]{new NoCheckTrustManager()},new java.security.SecureRandom());
  HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
  HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier(){
    public boolean verify(    String s,    SSLSession sslSession){
      return true;
    }
  }
);
}
 

public void verifyServerCerts(){
  try {
    final SSLContext sc=SSLContext.getInstance("SSL");
    sc.init(null,null,null);
    SSLContext.setDefault(sc);
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
  }
 catch (  Exception e) {
    LOG.error("Problem creating SSL context: ",e);
  }
}
 

public static synchronized void install() throws KeyManagementException, NoSuchAlgorithmException {
  SSLContext context=SSLContext.getInstance("SSL");
  context.init(null,new TrustManager[]{new TrustAllX509TrustManager()},new SecureRandom());
  HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
  log.warn("Trust-all SSL trust manager installed");
}
 

public TrustAllSSLSocketFactory() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
  super(null);
  try {
    SSLContext sslcontext=SSLContext.getInstance("TLS");
    sslcontext.init(null,new TrustManager[]{new TrustAllManager()},null);
    factory=sslcontext.getSocketFactory();
    setHostnameVerifier(new AllowAllHostnameVerifier());
  }
 catch (  Exception ex) {
  }
}
 

private static SSLContext createEasySSLContext() throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new EasyX509TrustManager(null)},null);
    return context;
  }
 catch (  Exception e) {
    throw new IOException(e.getMessage());
  }
}
 

public static void trustEveryone(){
  try {
    SSLContext context=SSLContext.getInstance("SSL");
    TrustManager[] tm=new TrustManager[]{new TrustingX509TrustManager()};
    context.init(null,tm,null);
    SSLContext.setDefault(context);
  }
 catch (  Exception e) {
    Throwables.propagate(e);
  }
}
 

private SSLContext initContext() throws GeneralSecurityException {
  KeyManager[] keyManagers=this.keyManagerFactory.getKeyManagers();
  for (int i=0; i < keyManagers.length; i++) {
    if (ClassUtils.extendsClass(keyManagers[i].getClass(),"javax.net.ssl.X509ExtendedKeyManager")) {
      keyManagers[i]=new ExtendedAliasKeyManager(keyManagers[i],this.keyAlias);
    }
 else     if (keyManagers[i] instanceof X509KeyManager) {
      keyManagers[i]=new AliasKeyManager(keyManagers[i],this.keyAlias);
    }
  }
  SSLContext ctx=SSLContext.getInstance(this.sslProtocol);
  ctx.init(keyManagers,this.trustManagerFactory.getTrustManagers(),null);
  return ctx;
}
 

private static SSLContext createEasySSLContext() throws IOException {
  try {
    SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new EasyX509TrustManager(null)},null);
    return context;
  }
 catch (  Exception e) {
    throw new IOException(e.getMessage());
  }
}
 

@Override protected ClientConnectionManager createClientConnectionManager(){
  SchemeRegistry registry=new SchemeRegistry();
  registry.register(new Scheme("http",80,PlainSocketFactory.getSocketFactory()));
  if (keyStoreStream != null) {
    registry.register(new Scheme("https",443,newSslSocketFactory()));
  }
 else {
    try {
      registry.register(new Scheme("https",443,new SSLSocketFactory(SSLContext.getInstance("Default"),new AllowAllHostnameVerifier())));
    }
 catch (    NoSuchAlgorithmException e) {
      e.printStackTrace();
      try {
        final SSLContext sslContext=SSLContext.getInstance("TLS");
        sslContext.init(null,null,null);
        registry.register(new Scheme("https",443,newSslSocketFactory()));
      }
 catch (      KeyManagementException e1) {
        throw new RuntimeException(e1);
      }
catch (      NoSuchAlgorithmException e1) {
        throw new RuntimeException(e1);
      }
    }
  }
  ThreadSafeClientConnManager connMgr=new ThreadSafeClientConnManager(registry);
  connMgr.setDefaultMaxPerRoute(10);
  return connMgr;
}
 

@Singleton @Provides ClientConnectionManager newClientConnectionManager(HttpParams params,X509HostnameVerifier verifier,Closer closer) throws NoSuchAlgorithmException, KeyManagementException {
  SchemeRegistry schemeRegistry=new SchemeRegistry();
  Scheme http=new Scheme("http",PlainSocketFactory.getSocketFactory(),80);
  SSLContext context=SSLContext.getInstance("TLS");
  context.init(null,null,null);
  SSLSocketFactory sf=new SSLSocketFactory(context);
  sf.setHostnameVerifier(verifier);
  Scheme https=new Scheme("https",sf,443);
  SchemeRegistry sr=new SchemeRegistry();
  sr.register(http);
  sr.register(https);
  schemeRegistry.register(new Scheme("http",PlainSocketFactory.getSocketFactory(),80));
  schemeRegistry.register(new Scheme("https",SSLSocketFactory.getSocketFactory(),443));
  final ClientConnectionManager cm=new ThreadSafeClientConnManager(params,schemeRegistry);
  closer.addToClose(new Closeable(){
    @Override public void close() throws IOException {
      cm.shutdown();
    }
  }
);
  return cm;
}
 

public void startTLS(ClientAuth authentication) throws Exception {
  log.debug("startTLS()...");
  KeyStore ksKeys=SSLConfig.getKeyStore();
  String keypass=SSLConfig.getKeyPassword();
  KeyStore ksTrust=SSLConfig.getc2sTrustStore();
  String trustpass=SSLConfig.getc2sTrustPassword();
  KeyManager[] km=SSLKeyManagerFactory.getKeyManagers(ksKeys,keypass);
  TrustManager[] tm=SSLTrustManagerFactory.getTrustManagers(ksTrust,trustpass);
  SSLContext tlsContext=SSLContext.getInstance("TLS");
  tlsContext.init(km,tm,null);
  SslFilter filter=new SslFilter(tlsContext);
  ioSession.getFilterChain().addFirst("tls",filter);
  ioSession.setAttribute(SslFilter.DISABLE_ENCRYPTION_ONCE,Boolean.TRUE);
  deliverRawText("<proceed xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"/>");
}
 

public static synchronized SSLSocket createSSLSocket() throws HTTPSException {
  try {
    KeyStore defaultKeyStore=getDefaultKeyStore();
    PrivateKey privateKey=(PrivateKey)defaultKeyStore.getKey("APJP","APJP".toCharArray());
    Certificate certificateAuthority=defaultKeyStore.getCertificate("APJP");
    Certificate[] certificateArray=new Certificate[1];
    certificateArray[0]=certificateAuthority;
    KeyStore keyStore=KeyStore.getInstance(KeyStore.getDefaultType());
    keyStore.load(null,"APJP".toCharArray());
    keyStore.setCertificateEntry("APJP",certificateAuthority);
    keyStore.setKeyEntry("APJP",privateKey,"APJP".toCharArray(),certificateArray);
    SSLContext sslContext=SSLContext.getInstance("TLS");
    KeyManagerFactory keyManagerFactory=KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    keyManagerFactory.init(keyStore,"APJP".toCharArray());
    TrustManagerFactory trustManagerFactory=TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(keyStore);
    sslContext.init(keyManagerFactory.getKeyManagers(),trustManagerFactory.getTrustManagers(),null);
    SSLSocketFactory sslSocketFactory=(SSLSocketFactory)sslContext.getSocketFactory();
    return (SSLSocket)sslSocketFactory.createSocket();
  }
 catch (  Exception e) {
    logger.log(2,"HTTPS/CREATE_SSL_SOCKET: EXCEPTION",e);
    throw new HTTPSException("HTTPS/CREATE_SSL_SOCKET",e);
  }
}
 

HttpsURLConnection setupConnection(String urlString){
  SSLContext ctx=null;
  try {
    ctx=SSLContext.getInstance("TLS");
  }
 catch (  NoSuchAlgorithmException e1) {
    e1.printStackTrace();
  }
  try {
    ctx.init(new KeyManager[0],new TrustManager[]{new DefaultTrustManager()},new SecureRandom());
  }
 catch (  KeyManagementException e) {
    e.printStackTrace();
  }
  SSLContext.setDefault(ctx);
  URL url=null;
  try {
    url=new URL(urlString);
  }
 catch (  MalformedURLException e) {
    e.printStackTrace();
  }
  HttpsURLConnection conn=null;
  try {
    conn=(HttpsURLConnection)url.openConnection();
  }
 catch (  IOException e1) {
    e1.printStackTrace();
  }
  conn.setDoOutput(true);
  conn.setDoInput(true);
  conn.setHostnameVerifier(new HostnameVerifier(){
    @Override public boolean verify(    String arg0,    SSLSession arg1){
      return true;
    }
  }
);
  return conn;
}
 

public static HttpClient wrapClient(HttpClient base){
  try {
    SSLContext ctx=SSLContext.getInstance("TLS");
    X509TrustManager tm=new X509TrustManager(){
      @Override public void checkClientTrusted(      X509Certificate[] xcs,      String string) throws CertificateException {
      }
      @Override public void checkServerTrusted(      X509Certificate[] xcs,      String string) throws CertificateException {
      }
      @Override public X509Certificate[] getAcceptedIssuers(){
        return null;
      }
    }
;
    ctx.init(null,new TrustManager[]{tm},null);
    SSLSocketFactory ssf=new SSLSocketFactory(ctx);
    ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    ClientConnectionManager ccm=base.getConnectionManager();
    SchemeRegistry sr=ccm.getSchemeRegistry();
    sr.register(new Scheme("https",ssf,443));
    return new DefaultHttpClient(ccm,base.getParams());
  }
 catch (  Exception ex) {
    throw new RuntimeException(ex);
  }
}
 

public static SSLSocketFactory create(){
  try {
    SSLContext context=SSLContext.getInstance("SSL");
    context.init(null,new TrustManager[]{new X509TrustManager(){
      public void checkClientTrusted(      X509Certificate[] x509Certificates,      String authType) throws CertificateException {
      }
      public void checkServerTrusted(      X509Certificate[] x509Certificates,      String authType) throws CertificateException {
        if (LOGGER.isLoggable(FINE))         LOGGER.fine("Got the certificate: " + Arrays.asList(x509Certificates));
      }
      public X509Certificate[] getAcceptedIssuers(){
        return new X509Certificate[0];
      }
    }
},new SecureRandom());
    return context.getSocketFactory();
  }
 catch (  NoSuchAlgorithmException e) {
    throw new Error(e);
  }
catch (  KeyManagementException e) {
    throw new Error(e);
  }
}
 

/** 
 * @return .
 * @throws NoSuchAlgorithmException .
 * @throws KeyStoreException .
 * @throws CertificateException .
 * @throws IOException .
 * @throws UnrecoverableKeyException .
 * @throws KeyManagementException .
 */
public SSLContext createSSLContext() throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException, UnrecoverableKeyException, KeyManagementException {
  InputStream pfxFile=null;
  SSLContext context=null;
  try {
    pfxFile=new FileInputStream(new File(pathToPfxFile));
    KeyManagerFactory keyManagerFactory=KeyManagerFactory.getInstance(SUN_X_509_ALGORITHM);
    KeyStore keyStore=KeyStore.getInstance(KEY_STORE_CONTEXT);
    keyStore.load(pfxFile,pfxPassword.toCharArray());
    pfxFile.close();
    keyManagerFactory.init(keyStore,pfxPassword.toCharArray());
    context=SSLContext.getInstance("SSL");
    context.init(keyManagerFactory.getKeyManagers(),null,new SecureRandom());
    return context;
  }
  finally {
    if (pfxFile != null) {
      pfxFile.close();
    }
  }
}
 

public ApacheHttpClient4Factory(final HttpClientDefaults clientDefaults,@Nullable final Set<? extends HttpClientObserver> httpClientObservers){
  Preconditions.checkArgument(clientDefaults != null,"clientDefaults can not be null!");
  this.httpClientObservers=httpClientObservers;
  initParams();
  registry.register(HTTP_SCHEME);
  try {
    final TrustManager[] trustManagers=new TrustManager[]{getTrustManager(clientDefaults)};
    final KeyManager[] keyManagers=getKeyManagers(clientDefaults);
    final SSLContext sslContext=SSLContext.getInstance("TLS");
    sslContext.init(keyManagers,trustManagers,null);
    final SSLSocketFactory sslSocketFactory=new SSLSocketFactory(sslContext);
    registry.register(new Scheme("https",HTTPS_PORT,sslSocketFactory));
  }
 catch (  GeneralSecurityException ce) {
    throw new IllegalStateException(ce);
  }
catch (  IOException ioe) {
    throw new IllegalStateException(ioe);
  }
  connectionManager=new ThreadSafeClientConnManager(registry);
}
 

private void verifId(ObjectInputStream in,ObjectOutputStream out,Cipher cryptor,Cipher decryptor) throws IOException, ClassNotFoundException, IllegalBlockSizeException, BadPaddingException, SQLException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException {
  for (; ; ) {
    VerifId query=(VerifId)Utils.decryptObject((byte[])in.readObject(),decryptor);
    Protocol valide;
    if ("BE".equals(query.getNationalite())) {
      PreparedStatement instruc=this._con.prepareStatement("SELECT COUNT(*) AS existe " + "FROM voyageur " + "WHERE id_national = ? AND nom = ? AND prenom = ?");
      instruc.setInt(1,query.getClientNationalId());
      instruc.setString(2,query.getClientName());
      instruc.setString(3,query.getClientSurname());
      ResultSet rs=instruc.executeQuery();
      rs.next();
      if (rs.getInt("existe") != 0)       valide=new Ack();
 else       valide=new Fail();
    }
 else {
      System.out.println("Consultation du registre international");
      KeyStore store=KeyStore.getInstance("JKS");
      store.load(new FileInputStream("client_keystore.jks"),"pwdpwd".toCharArray());
      KeyManagerFactory kmf=KeyManagerFactory.getInstance("SunX509");
      kmf.init(store,"pwdpwd".toCharArray());
      TrustManagerFactory tmf=TrustManagerFactory.getInstance("SunX509");
      tmf.init(store);
      SSLContext context=SSLContext.getInstance("SSLv3");
      context.init(kmf.getKeyManagers(),tmf.getTrustManagers(),null);
      SSLSocketFactory factory=context.getSocketFactory();
      SSLSocket sock=(SSLSocket)factory.createSocket(IdentityServer.prop.getProperty("INTERNATIONAL_SERVER"),Integer.parseInt(IdentityServer.prop.getProperty("INTERNATIONAL_PORT")));
      ObjectInputStream ssl_in=new ObjectInputStream(sock.getInputStream());
      ObjectOutputStream ssl_out=new ObjectOutputStream(sock.getOutputStream());
      ssl_out.writeObject(query);
      ssl_out.flush();
      valide=(Protocol)ssl_in.readObject();
      sock.close();
    }
    out.writeObject(Utils.cryptObject(valide,cryptor));
    out.flush();
  }
}
 

/** 
 * Constructor for FedoraClient.
 * @param fc credentials for a Fedora repository
 */
public FedoraClient(FedoraCredentials fc){
  this.fc=fc;
  if (fc.getBaseUrl().toString().startsWith("https")) {
    SSLContext ctx=null;
    try {
      ctx=SSLContext.getInstance("SSL");
      ctx.init(null,null,null);
    }
 catch (    NoSuchAlgorithmException e) {
      logger.error(e.getMessage(),e);
    }
catch (    KeyManagementException e) {
      logger.error(e.getMessage(),e);
    }
    ClientConfig config=new DefaultClientConfig();
    config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,new HTTPSProperties(null,ctx));
    client=Client.create(config);
  }
 else {
    client=Client.create();
  }
  client.setFollowRedirects(true);
  client.addFilter(new HTTPBasicAuthFilter(fc.getUsername(),fc.getPassword()));
}
 

private SSLContext initializeSSLContext(){
  SSLContext context=null;
  try {
    context=SSLContext.getInstance(PROTOCOL_TLS);
    KeyStore keyStore=KeyStore.getInstance(KEYSTORE_TYPE_JKS);
    keyStore.load(loadResource(TRUSTED_KEYSTORE),TRUSTED_KEYSTORE_ACCESS.toCharArray());
    KeyManagerFactory keyManagerFactory=KeyManagerFactory.getInstance(ALGORITHM_SUNX509);
    keyManagerFactory.init(keyStore,TRUSTED_KEYSTORE_ACCESS.toCharArray());
    TrustManagerFactory trustManagerFactory=TrustManagerFactory.getInstance(ALGORITHM_SUNX509);
    trustManagerFactory.init(keyStore);
    context.init(keyManagerFactory.getKeyManagers(),trustManagerFactory.getTrustManagers(),null);
  }
 catch (  Exception e) {
    throw new GlusterRuntimeException("Couldn't initialize SSL Context with Gluster Management Gateway! Error: " + e,e);
  }
  return context;
}
 

public static void main(String[] args) throws Exception {
  SSLContext sslContext=SSLContext.getInstance("SSL");
  sslContext.init(null,TRUST_ALL_CERTS,new SecureRandom());
  final SslTransport client=new SslTransport();
  client.setDispatchQueue(Dispatch.createQueue());
  client.setSSLContext(sslContext);
  client.setBlockingExecutor(Executors.newCachedThreadPool());
  client.setProtocolCodec(new BufferProtocolCodec());
  client.connecting(new URI("ssl://localhost:61614"),null);
  final CountDownLatch done=new CountDownLatch(1);
  final Task onClose=new Task(){
    public void run(){
      System.out.println("Client closed.");
      done.countDown();
    }
  }
;
  client.setTransportListener(new DefaultTransportListener(){
    @Override public void onTransportConnected(){
      System.out.println("Connected");
      client.resumeRead();
      client.offer(new AsciiBuffer("CONNECT\n" + "login:admin\n" + "passcode:password\n"+ "\n\u0000\n"));
    }
    @Override public void onTransportCommand(    Object command){
      Buffer frame=(Buffer)command;
      System.out.println("Received :" + frame.ascii());
      client.stop(onClose);
    }
    @Override public void onTransportFailure(    IOException error){
      System.out.println("Transport failure :" + error);
      client.stop(onClose);
    }
  }
);
  client.start(Dispatch.NOOP);
  done.await();
}
 

public static SslHandler createSelfSignedSslHandler() throws Exception {
  String algorithm="SunX509";
  String password="password";
  KeyStore keyStore=KeyStore.getInstance("JKS");
  InputStream keyStoreAsStream=null;
  try {
    keyStoreAsStream=new BufferedInputStream(new FileInputStream("src/main/resources/dummyserver/selfsigned.jks"));
    keyStore.load(keyStoreAsStream,password.toCharArray());
  }
  finally {
    if (keyStoreAsStream != null) {
      try {
        keyStoreAsStream.close();
      }
 catch (      Exception e) {
      }
    }
  }
  KeyManagerFactory keyManagerFactory=KeyManagerFactory.getInstance(algorithm);
  TrustManagerFactory trustManagerFactory=TrustManagerFactory.getInstance(algorithm);
  keyManagerFactory.init(keyStore,password.toCharArray());
  trustManagerFactory.init(keyStore);
  SSLContext context=SSLContext.getInstance("TLS");
  context.init(keyManagerFactory.getKeyManagers(),trustManagerFactory.getTrustManagers(),new SecureRandom());
  SSLEngine engine=context.createSSLEngine();
  engine.setUseClientMode(false);
  return new SslHandler(engine,true);
}
 

public static void main(String[] args) throws Exception {
  Handler handler=new Handler();
  InetSocketAddress addr=new InetSocketAddress(0);
  HttpsServer server=HttpsServer.create(addr,0);
  HttpContext ctx=server.createContext("/test",handler);
  ExecutorService executor=Executors.newCachedThreadPool();
  SSLContext ssl=new SimpleSSLContext(System.getProperty("test.src")).get();
  server.setExecutor(executor);
  server.setHttpsConfigurator(new HttpsConfigurator(ssl));
  server.start();
  URL url=new URL("https://localhost:" + server.getAddress().getPort() + "/test/foo.html");
  System.out.print("Test6a: ");
  HttpsURLConnection urlc=(HttpsURLConnection)url.openConnection();
  urlc.setDoOutput(true);
  urlc.setRequestMethod("POST");
  urlc.setChunkedStreamingMode(32);
  urlc.setSSLSocketFactory(ssl.getSocketFactory());
  urlc.setHostnameVerifier(new DummyVerifier());
  OutputStream os=new BufferedOutputStream(urlc.getOutputStream());
  for (int i=0; i < SIZE; i++) {
    os.write(i % 100);
  }
  os.close();
  int resp=urlc.getResponseCode();
  if (resp != 200) {
    throw new RuntimeException("test failed response code");
  }
  if (error) {
    throw new RuntimeException("test failed error");
  }
  delay();
  server.stop(2);
  executor.shutdown();
  System.out.println("OK");
}
 

public static HttpClient setupClient(boolean ignoreAuthenticationFailure,String domain,Integer port,String proxyHost,Integer proxyPort,String authUser,String authPassword,CookieStore cookieStore) throws NoSuchAlgorithmException, KeyManagementException {
  DefaultHttpClient client=null;
  if (ignoreAuthenticationFailure) {
    SSLContext sslContext=SSLContext.getInstance("SSL");
    sslContext.init(null,new TrustManager[]{new EasyX509TrustManager()},new SecureRandom());
    SchemeRegistry schemeRegistry=new SchemeRegistry();
    SSLSocketFactory sf=new SSLSocketFactory(sslContext);
    Scheme httpsScheme=new Scheme("https",sf,443);
    schemeRegistry.register(httpsScheme);
    SocketFactory sfa=new PlainSocketFactory();
    Scheme httpScheme=new Scheme("http",sfa,80);
    schemeRegistry.register(httpScheme);
    HttpParams params=new BasicHttpParams();
    ClientConnectionManager cm=new SingleClientConnManager(params,schemeRegistry);
    client=new DefaultHttpClient(cm,params);
  }
 else {
    client=new DefaultHttpClient();
  }
  if (proxyHost != null && proxyPort != null) {
    HttpHost proxy=new HttpHost(proxyHost,proxyPort);
    client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY,proxy);
  }
 else {
    ProxySelectorRoutePlanner routePlanner=new ProxySelectorRoutePlanner(client.getConnectionManager().getSchemeRegistry(),ProxySelector.getDefault());
    client.setRoutePlanner(routePlanner);
  }
  if (authUser != null && authPassword != null) {
    client.getCredentialsProvider().setCredentials(new AuthScope(domain,port),new UsernamePasswordCredentials(authUser,authPassword));
  }
  client.setCookieStore(cookieStore);
  client.getParams().setParameter(ClientPNames.COOKIE_POLICY,CookiePolicy.BEST_MATCH);
  return client;
}
 

/** 
 * Build the SSLEngine
 * @throws Exception
 */
private void buildSSLContext() throws Exception {
  if (useStartTLS || useSSL) {
    FileInputStream fis=null;
    try {
      KeyStore ks=KeyStore.getInstance("JKS");
      fis=new FileInputStream(fileSystem.getFile(keystore));
      ks.load(fis,secret.toCharArray());
      KeyManagerFactory kmf=KeyManagerFactory.getInstance(x509Algorithm);
      kmf.init(ks,secret.toCharArray());
      SSLContext context=SSLContext.getInstance("TLS");
      context.init(kmf.getKeyManagers(),null,null);
      if (useStartTLS) {
        encryption=Encryption.createStartTls(context,enabledCipherSuites);
      }
 else {
        encryption=Encryption.createTls(context,enabledCipherSuites);
      }
    }
  finally {
      if (fis != null) {
        fis.close();
      }
    }
  }
}
 

/** 
 * Gets the SSL socket factory which is used in SSL connection.
 * @return the SSL socket factory.
 * @throws ConnectionException if unable to create SSL socket factory.
 */
public SSLSocketFactory getSSLSocketFactory() throws ConnectionException {
  try {
    if (keyManagers.size() > 0 || trustManagers.size() > 0) {
      SSLContext context=SSLContext.getInstance("SSL");
      context.init((KeyManager[])keyManagers.toArray(new KeyManager[]{}),(TrustManager[])trustManagers.toArray(new TrustManager[]{}),null);
      return context.getSocketFactory();
    }
 else {
      return HttpsURLConnection.getDefaultSSLSocketFactory();
    }
  }
 catch (  Exception e) {
    throw new ConnectionException("Unable to create SSL socket factory",e);
  }
}
 

/** 
 * Creates an SSLServerSocketFactory.
 * @return the newly creates SSL Server Socket Factory
 * @throws KeyStoreException
 * @throws CertificateException
 * @throws IOException
 * @throws UnrecoverableKeyException
 * @throws KeyManagementException
 */
private SSLServerSocketFactory getSSLSocketFactory() throws KeyStoreException, CertificateException, IOException, UnrecoverableKeyException, KeyManagementException {
  StreamManager h=new StreamManager();
  SSLContext ctx;
  KeyManagerFactory kmf;
  try {
    InputStream ksStream=getClass().getClassLoader().getResourceAsStream(KEYSTORE_NAME);
    h.handle(ksStream);
    ctx=SSLContext.getInstance("SSLv3");
    kmf=KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    KeyStore ks=KeyStore.getInstance("JKS");
    char[] passphrase=KEYSTORE_PWD.toCharArray();
    ks.load(ksStream,passphrase);
    kmf.init(ks,passphrase);
    ctx.init(kmf.getKeyManagers(),null,new java.security.SecureRandom());
  }
 catch (  NoSuchAlgorithmException e) {
    throw new SSLException("Unable to initialize SSLSocketFactory.\n" + e.getMessage());
  }
 finally {
    h.closeAll();
  }
  return ctx.getServerSocketFactory();
}
 

public SSLContext createSSLContext(String provider,String protocol,String algorithm,String keyStore,String keyAlias,String trustStore,long timeout) throws GeneralSecurityException {
  if (!this.checkForKeystoresAvailability(keyStore,keyAlias,trustStore,timeout)) {
    throw new GeneralSecurityException("Unable to lookup configured keystore and/or truststore");
  }
  KeystoreInstance keyInstance=getKeystore(keyStore);
  if (keyInstance != null && keyInstance.isKeystoreLocked()) {
    throw new KeystoreIsLocked("Keystore '" + keyStore + "' is locked");
  }
  if (keyInstance != null && keyInstance.isKeyLocked(keyAlias)) {
    throw new KeystoreIsLocked("Key '" + keyAlias + "' in keystore '"+ keyStore+ "' is locked");
  }
  KeystoreInstance trustInstance=trustStore == null ? null : getKeystore(trustStore);
  if (trustInstance != null && trustInstance.isKeystoreLocked()) {
    throw new KeystoreIsLocked("Keystore '" + trustStore + "' is locked");
  }
  SSLContext context;
  if (provider == null) {
    context=SSLContext.getInstance(protocol);
  }
 else {
    context=SSLContext.getInstance(protocol,provider);
  }
  context.init(keyInstance == null ? null : keyInstance.getKeyManager(algorithm,keyAlias),trustInstance == null ? null : trustInstance.getTrustManager(algorithm),new SecureRandom());
  return context;
}
 

private void startupSSL(){
  try {
    System.setProperty("java.protocol.handler.pkgs","javax.net.ssl");
    TrustManager[] trustAllCerts=new TrustManager[]{new X509TrustManager(){
      public java.security.cert.X509Certificate[] getAcceptedIssuers(){
        return null;
      }
      public void checkClientTrusted(      java.security.cert.X509Certificate[] certs,      String authType){
      }
      public void checkServerTrusted(      java.security.cert.X509Certificate[] certs,      String authType){
      }
    }
};
    SSLContext sc=SSLContext.getInstance("SSL");
    sc.init(null,trustAllCerts,new java.security.SecureRandom());
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    HostnameVerifier hv=new HostnameVerifier(){
      public boolean verify(      String urlHostName,      SSLSession session){
        return true;
      }
    }
;
    HttpsURLConnection.setDefaultHostnameVerifier(hv);
  }
 catch (  Exception e) {
    console.output("! " + e.getMessage() + "\n",true);
  }
}
 

public HttpClient getCliente(){
  if (cliente == null) {
    try {
      SSLContext ctx=SSLContext.getInstance("TLS");
      X509TrustManager tm=new X509TrustManager(){
        @Override public void checkClientTrusted(        X509Certificate[] xcs,        String string) throws CertificateException {
        }
        @Override public void checkServerTrusted(        X509Certificate[] xcs,        String string) throws CertificateException {
        }
        @Override public X509Certificate[] getAcceptedIssuers(){
          return null;
        }
      }
;
      ctx.init(null,new TrustManager[]{tm},null);
      SSLSocketFactory ssf=new SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
      SchemeRegistry schemeRegistry=new SchemeRegistry();
      schemeRegistry.register(new Scheme("http",80,PlainSocketFactory.getSocketFactory()));
      schemeRegistry.register(new Scheme("https",443,ssf));
      HttpParams params=new BasicHttpParams();
      HttpProtocolParams.setUserAgent(params,"Mozilla/5.0 (X11; U; Linux i686; es-ES; rv:1.9.2.12) Gecko/20101027 Ubuntu/10.04 (lucid) Firefox/3.6.12");
      ThreadSafeClientConnManager cm=new ThreadSafeClientConnManager(schemeRegistry);
      cm.setDefaultMaxPerRoute(10);
      cm.setMaxTotal(20);
      HttpConnectionParams.setConnectionTimeout(params,1000);
      cliente=new DefaultHttpClient(cm,params);
    }
 catch (    Exception ex) {
      Logger.getLogger(ClienteSeneca.class.getName()).log(Level.SEVERE,null,ex);
      setUltimoError("Error conectando con S?neca: " + ex.getLocalizedMessage());
      setUltimaExcepcion(ex);
    }
  }
  ThreadSafeClientConnManager man=(ThreadSafeClientConnManager)cliente.getConnectionManager();
  man.closeExpiredConnections();
  man.closeIdleConnections(10,TimeUnit.SECONDS);
  Logger.getLogger(ClienteSeneca.class.getName()).log(Level.INFO,"Hay {0} conexiones abiertas.",man.getConnectionsInPool());
  return cliente;
}
 

/** 
 * Get SSLContext singleton.
 * @return SSLContext
 * @throws java.security.GeneralSecurityException
 */
public static SSLContext getInstance(boolean server) throws GeneralSecurityException {
  SSLContext retInstance=null;
  if (server) {
synchronized (BogusSslContextFactory.class) {
      if (serverInstance == null) {
        try {
          serverInstance=createBougusServerSslContext();
        }
 catch (        Exception ioe) {
          throw new GeneralSecurityException("Can't create Server SSLContext:" + ioe);
        }
      }
    }
    retInstance=serverInstance;
  }
 else {
synchronized (BogusSslContextFactory.class) {
      if (clientInstance == null) {
        clientInstance=createBougusClientSslContext();
      }
    }
    retInstance=clientInstance;
  }
  return retInstance;
}
 

/** 
 * Builds a "trusting" trust manager. This is totally horrible and basically ignores everything that SSL stands for. This allows connection to self-signed certificate hosts, bypassing the normal validation exceptions that occur. <p/> Use at your own risk - again, this is horrible!
 */
public DefaultHttpClient getEvilTrustingTrustManager(DefaultHttpClient httpClient){
  try {
    X509TrustManager trustManager=new X509TrustManager(){
      public void checkClientTrusted(      X509Certificate[] chain,      String authType) throws CertificateException {
        log.warn("BYPASSING CLIENT TRUSTED CHECK!");
      }
      public void checkServerTrusted(      X509Certificate[] chain,      String authType) throws CertificateException {
        log.warn("BYPASSING SERVER TRUSTED CHECK!");
      }
      public X509Certificate[] getAcceptedIssuers(){
        log.warn("BYPASSING CERTIFICATE ISSUER CHECKS!");
        return null;
      }
    }
;
    SSLContext sslcontext=SSLContext.getInstance("TLS");
    sslcontext.init(null,new TrustManager[]{trustManager},null);
    SSLSocketFactory sf=new SSLSocketFactory(sslcontext);
    sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    ClientConnectionManager ccm=httpClient.getConnectionManager();
    SchemeRegistry schemeRegistry=ccm.getSchemeRegistry();
    schemeRegistry.register(new Scheme("https",sf,443));
    return new DefaultHttpClient(ccm,httpClient.getParams());
  }
 catch (  Throwable t) {
    log.warn("Something nasty happened with the EvilTrustingTrustManager. Warranty is null and void!");
    t.printStackTrace();
    return null;
  }
}
 

/** 
 * Constructor for singleton
 */
private WebSocketSslServerSslContext(){
  try {
    String algorithm=Security.getProperty("ssl.KeyManagerFactory.algorithm");
    if (algorithm == null) {
      algorithm="SunX509";
    }
    SSLContext serverContext;
    try {
      String keyStoreFilePath=System.getProperty("keystore.file.path");
      String keyStoreFilePassword=System.getProperty("keystore.file.password");
      KeyStore ks=KeyStore.getInstance("JKS");
      FileInputStream fin=new FileInputStream(keyStoreFilePath);
      ks.load(fin,keyStoreFilePassword.toCharArray());
      KeyManagerFactory kmf=KeyManagerFactory.getInstance(algorithm);
      kmf.init(ks,keyStoreFilePassword.toCharArray());
      serverContext=SSLContext.getInstance(PROTOCOL);
      serverContext.init(kmf.getKeyManagers(),null,null);
    }
 catch (    Exception e) {
      throw new Error("Failed to initialize the server-side SSLContext",e);
    }
    _serverContext=serverContext;
  }
 catch (  Exception ex) {
    if (logger.isErrorEnabled()) {
      logger.error("Error initializing SslContextManager. " + ex.getMessage(),ex);
    }
    System.exit(1);
  }
}
 

public ServiceConnectionSE(Proxy proxy,String url,int timeout) throws IOException {
  try {
    SSLContext sc=SSLContext.getInstance("TLS");
    sc.init(null,trustAllCerts,new java.security.SecureRandom());
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
  }
 catch (  Exception e) {
    e.getMessage();
  }
  connection=(proxy == null) ? (HttpURLConnection)new URL(url).openConnection() : (HttpURLConnection)new URL(url).openConnection(proxy);
  connection.setUseCaches(false);
  connection.setDoOutput(true);
  connection.setDoInput(true);
  connection.setConnectTimeout(timeout);
  connection.setReadTimeout(timeout);
  ((HttpsURLConnection)connection).setHostnameVerifier(new AllowAllHostnameVerifier());
}
 

private void createUnsafeConnection() throws Exception {
  System.setProperty("http.keepAlive","true");
  String completeUrl=getCompleteUrl();
  Field connField=getClass().getSuperclass().getSuperclass().getDeclaredField("connection");
  connField.setAccessible(true);
  TrustManager[] trustAllCerts=new TrustManager[]{new X509TrustManager(){
    public java.security.cert.X509Certificate[] getAcceptedIssuers(){
      return null;
    }
    public void checkClientTrusted(    java.security.cert.X509Certificate[] certs,    String authType){
    }
    public void checkServerTrusted(    java.security.cert.X509Certificate[] certs,    String authType){
    }
  }
};
  SSLContext sc=SSLContext.getInstance("SSL");
  sc.init(null,trustAllCerts,new java.security.SecureRandom());
  HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
  URLConnection openConnection=new URL(completeUrl).openConnection();
  connField.set(this,openConnection);
}
 

/** 
 * FIXME: still need to implement correctly
 * @param connectionInformation
 * @param filterChainBuilder
 * @param isClient
 */
protected static void initSsl(final ConnectionInformation connectionInformation,final DefaultIoFilterChainBuilder filterChainBuilder,final boolean isClient){
  SSLContext sslContext=null;
  try {
    sslContext=createContext(connectionInformation);
    sslContext.init(getKeyManagers(connectionInformation,isClient),getTrustManagers(connectionInformation),getRandom(connectionInformation));
  }
 catch (  final Throwable e) {
    logger.warn("Failed to enable SSL",e);
  }
  if (sslContext != null) {
    final SslFilter filter=new SslFilter(sslContext);
    filter.setUseClientMode(isClient);
    filterChainBuilder.addFirst("sslFilter",filter);
  }
}
 

static void setupClientSSL() throws Exception {
  KeyStore store=KeyStore.getInstance(KeyStore.getDefaultType());
  FileInputStream storeInput=new FileInputStream(getTestKeystore());
  char[] storePass=getTestKeystorePassword().toCharArray();
  store.load(storeInput,storePass);
  TrustManagerFactory manager=TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
  manager.init(store);
  SSLContext context=SSLContext.getInstance("TLS");
  context.init(null,manager.getTrustManagers(),null);
  SSLSocketFactory factory=context.getSocketFactory();
  HttpsURLConnection.setDefaultSSLSocketFactory(factory);
  HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier(){
    public boolean verify(    String hostname,    SSLSession session){
      return true;
    }
  }
);
}
 

protected DefaultHttpClient getHTTPClient() throws NoSuchAlgorithmException, KeyManagementException {
  SSLContext sslContext=SSLContext.getInstance("SSL");
  sslContext.init(null,new TrustManager[]{new X509TrustManager(){
    @Override public X509Certificate[] getAcceptedIssuers(){
      System.out.println("getAcceptedIssuers =============");
      return null;
    }
    @Override public void checkClientTrusted(    X509Certificate[] certs,    String authType){
      System.out.println("checkClientTrusted =============");
    }
    @Override public void checkServerTrusted(    X509Certificate[] certs,    String authType){
      System.out.println("checkServerTrusted =============");
    }
  }
},new SecureRandom());
  SSLSocketFactory sf=new SSLSocketFactory(sslContext,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
  Scheme httpsScheme=new Scheme("https",8181,sf);
  PlainSocketFactory plain=new PlainSocketFactory();
  Scheme httpScheme=new Scheme("http",8080,plain);
  SchemeRegistry schemeRegistry=new SchemeRegistry();
  schemeRegistry.register(httpsScheme);
  schemeRegistry.register(httpScheme);
  HttpParams params=new BasicHttpParams();
  ThreadSafeClientConnManager cm=new ThreadSafeClientConnManager(schemeRegistry);
  cm.setMaxTotal(200);
  cm.setDefaultMaxPerRoute(20);
  DefaultHttpClient httpClient=new DefaultHttpClient(cm,params);
  httpClient.getParams().setParameter(CoreProtocolPNames.PROTOCOL_VERSION,HttpVersion.HTTP_1_1);
  httpClient.getParams().setParameter(CoreProtocolPNames.HTTP_CONTENT_CHARSET,"UTF-8");
  return httpClient;
}
 

public void unlockKey(int keystoreIndex,int aliasIndex,String keyPassword) throws KeyStoreException, KeyManagementException {
  KeyStore ks=(KeyStore)_keyStores.get(keystoreIndex);
  String alias=getAliasAt(keystoreIndex,aliasIndex);
  AliasKeyManager akm=new AliasKeyManager(ks,alias,keyPassword);
  String fingerprint=getFingerPrint(getCertificate(keystoreIndex,aliasIndex));
  if (fingerprint == null) {
    _logger.severe("No fingerprint found");
    return;
  }
  SSLContext sc;
  try {
    sc=SSLContext.getInstance("SSL");
  }
 catch (  NoSuchAlgorithmException nsao) {
    _logger.severe("Could not get an instance of the SSL algorithm: " + nsao.getMessage());
    return;
  }
  sc.init(new KeyManager[]{akm},_trustAllCerts,new SecureRandom());
  String key=fingerprint;
  if (key.indexOf(" ") > 0)   key=key.substring(0,key.indexOf(" "));
  _contextMaps.put(key,sc);
}
 

public ServerSocket createServerSocket(int port) throws IOException {
  log.info("createServerSocket: Port " + port);
  log.info("createServerSocket: keystore is: " + keystore);
  SSLServerSocketFactory ssf;
  try {
    SSLContext ctx;
    KeyManagerFactory kmf;
    KeyStore ks;
    ctx=SSLContext.getInstance("TLS");
    kmf=KeyManagerFactory.getInstance("SunX509");
    ks=KeyStore.getInstance("JKS");
    if (inDeveloperMode) {
      ks.load(getClass().getResourceAsStream("dummyssl.keys"),passphrase.toCharArray());
    }
 else {
      if (!keystore.exists()) {
        throw new IllegalArgumentException("File " + keystore + " does not exist");
      }
      ks.load(new FileInputStream(keystore),passphrase.toCharArray());
    }
    kmf.init(ks,passphrase.toCharArray());
    ctx.init(kmf.getKeyManagers(),null,null);
    ssf=ctx.getServerSocketFactory();
  }
 catch (  Exception e) {
    log.error("Error",e);
    throw new IOException("Exceptinon getting socket factory " + e.getClass() + e.getMessage());
  }
  return ssf.createServerSocket(port);
}
 

/** 
 * This function will install a trust manager that will blindly trust all SSL  certificates.  The reason this code is being added is to enable developers  to do development using self signed SSL certificates on their web server. The standard HttpsURLConnection class will throw an exception on self  signed certificates if this code is not run.
 */
private void trustAllHosts(){
  TrustManager[] trustAllCerts=new TrustManager[]{new X509TrustManager(){
    public java.security.cert.X509Certificate[] getAcceptedIssuers(){
      return new java.security.cert.X509Certificate[]{};
    }
    public void checkClientTrusted(    X509Certificate[] chain,    String authType) throws CertificateException {
    }
    public void checkServerTrusted(    X509Certificate[] chain,    String authType) throws CertificateException {
    }
  }
};
  try {
    defaultSSLSocketFactory=HttpsURLConnection.getDefaultSSLSocketFactory();
    SSLContext sc=SSLContext.getInstance("TLS");
    sc.init(null,trustAllCerts,new java.security.SecureRandom());
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
  }
 catch (  Exception e) {
    System.out.println(e.getMessage());
  }
}
 

public static ClientConnection https(String host,int port,long timeout,TimeUnit unit) throws IOException {
  java.lang.System.setProperty("sun.security.ssl.allowUnsafeRenegotiation","true");
  X509TrustManager trustManager=new X509TrustManager(){
    public void checkClientTrusted(    X509Certificate[] chain,    String authType) throws CertificateException {
    }
    public void checkServerTrusted(    X509Certificate[] chain,    String authType) throws CertificateException {
    }
    public X509Certificate[] getAcceptedIssuers(){
      return null;
    }
  }
;
  SSLContext sslContext=null;
  try {
    sslContext=SSLContext.getInstance("SSL");
    sslContext.init(null,new TrustManager[]{trustManager},new SecureRandom());
    SSLEngine engine=sslContext.createSSLEngine();
    engine.setUseClientMode(true);
    SocketChannel channel=createSocket(host,port,timeout,unit);
    ClientSSLChannel sslChannel=new ClientSSLChannel(channel,engine);
    return new ClientConnectionImpl(sslChannel,host,port);
  }
 catch (  Exception e) {
    throw new RuntimeException(e);
  }
}
 

private void prepConnection() throws Exception {
  httpClient=new DefaultHttpClient();
  SSLContext sslContext=SSLContext.getInstance("SSL");
  sslContext.init(null,new TrustManager[]{new X509TrustManager(){
    public X509Certificate[] getAcceptedIssuers(){
      System.out.println("getAcceptedIssuers =============");
      return null;
    }
    public void checkClientTrusted(    X509Certificate[] certs,    String authType){
      System.out.println("checkClientTrusted =============");
    }
    public void checkServerTrusted(    X509Certificate[] certs,    String authType){
      System.out.println("checkServerTrusted =============");
    }
  }
},new SecureRandom());
  SSLSocketFactory ssf=new SSLSocketFactory(sslContext,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
  ClientConnectionManager ccm=httpClient.getConnectionManager();
  SchemeRegistry sr=ccm.getSchemeRegistry();
  sr.register(new Scheme("https",443,ssf));
  UsernamePasswordCredentials credentials=new UsernamePasswordCredentials(accountId,password);
  URL urlObj=new URL(openshiftRestURI);
  AuthScope aScope=new AuthScope(urlObj.getHost(),urlObj.getPort());
  httpClient.getCredentialsProvider().setCredentials(aScope,credentials);
  httpClient.addRequestInterceptor(new PreemptiveAuthInterceptor(),0);
}
 

public static HttpClient wrapClient(HttpClient base){
  try {
    SSLContext ctx=SSLContext.getInstance("TLS");
    X509TrustManager tm=new X509TrustManager(){
      public void checkClientTrusted(      X509Certificate[] xcs,      String string) throws CertificateException {
      }
      public void checkServerTrusted(      X509Certificate[] xcs,      String string) throws CertificateException {
      }
      public X509Certificate[] getAcceptedIssuers(){
        return null;
      }
    }
;
    ctx.init(null,new TrustManager[]{tm},null);
    SSLSocketFactory ssf=new SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    ClientConnectionManager ccm=base.getConnectionManager();
    SchemeRegistry sr=ccm.getSchemeRegistry();
    sr.register(new Scheme("https",443,ssf));
    return new DefaultHttpClient(ccm,base.getParams());
  }
 catch (  Exception ex) {
    return null;
  }
}
 

protected static SecurityOptions newTrustAnyoneOptions() throws KeyManagementException, NoSuchAlgorithmException {
  TrustManager[] trust=new TrustManager[]{new X509TrustManager(){
    public java.security.cert.X509Certificate[] getAcceptedIssuers(){
      return new X509Certificate[0];
    }
    /** 
 * @throws CertificateException
 */
    public void checkClientTrusted(    java.security.cert.X509Certificate[] certs,    String authType) throws CertificateException {
    }
    /** 
 * @throws CertificateException
 */
    public void checkServerTrusted(    java.security.cert.X509Certificate[] certs,    String authType) throws CertificateException {
    }
  }
};
  SSLContext sslContext=SSLContext.getInstance("SSLv3");
  sslContext.init(null,trust,null);
  return new SecurityOptions(sslContext);
}
 

/** 
 * {@inheritDoc} 
 */
@Override public void sessionOpened(IoSession session) throws Exception {
  if (password == null || keystore == null) {
    throw new NotActiveException("Keystore or password are null");
  }
  SSLContext context=null;
  SslFilter sslFilter=null;
  RTMP rtmp=(RTMP)session.getAttribute(ProtocolState.SESSION_KEY);
  if (rtmp.getMode() != RTMP.MODE_CLIENT) {
    context=SSLContext.getInstance("TLS");
    KeyManagerFactory kmf=KeyManagerFactory.getInstance("SunX509");
    kmf.init(getKeyStore(),password);
    context.init(kmf.getKeyManagers(),null,null);
    sslFilter=new SslFilter(context);
  }
 else {
    context=SSLContext.getInstance("SSL");
    context.init(null,trustAllCerts,new SecureRandom());
    sslFilter=new SslFilter(context);
    sslFilter.setUseClientMode(true);
  }
  if (sslFilter != null) {
    session.getFilterChain().addFirst("sslFilter",sslFilter);
  }
  super.sessionOpened(session);
}
 

private static SSLSocketFactory getTrustedFactory() throws HttpRequestException {
  if (TRUSTED_FACTORY == null) {
    final TrustManager[] trustAllCerts=new TrustManager[]{new X509TrustManager(){
      public X509Certificate[] getAcceptedIssuers(){
        return new X509Certificate[0];
      }
      public void checkClientTrusted(      X509Certificate[] chain,      String authType){
      }
      public void checkServerTrusted(      X509Certificate[] chain,      String authType){
      }
    }
};
    try {
      SSLContext context=SSLContext.getInstance("TLS");
      context.init(null,trustAllCerts,new SecureRandom());
      TRUSTED_FACTORY=context.getSocketFactory();
    }
 catch (    GeneralSecurityException e) {
      IOException ioException=new IOException("Security exception configuring SSL context");
      ioException.initCause(e);
      throw new HttpRequestException(ioException);
    }
  }
  return TRUSTED_FACTORY;
}
 

private void startTlsConnection(){
  try {
    connected=false;
    connection.stop();
    final SSLContext context=SSLContext.getInstance("TLS");
    context.init(null,new TrustManager[]{new FakeTrustManager()},null);
    Socket plain=socket;
    socket=context.getSocketFactory().createSocket(plain,plain.getInetAddress().getHostName(),plain.getPort(),true);
    socket.setSoTimeout(0);
    socket.setKeepAlive(true);
    ((SSLSocket)socket).startHandshake();
    Thread.sleep(1000);
    connection.start();
  }
 catch (  Exception e) {
    throw new XMPPException("Can not start TLS connection",e);
  }
}
 

public void start(BundleContext context) throws Exception {
  super.start(context);
  plugin=this;
  TrustManager[] trustAllCertificates=new TrustManager[]{new X509TrustManager(){
    public X509Certificate[] getAcceptedIssuers(){
      return null;
    }
    public void checkClientTrusted(    X509Certificate[] arg0,    String arg1) throws CertificateException {
    }
    public void checkServerTrusted(    X509Certificate[] arg0,    String arg1) throws CertificateException {
    }
  }
};
  SSLContext sc=SSLContext.getInstance("SSL");
  HostnameVerifier hv=new HostnameVerifier(){
    public boolean verify(    String arg0,    SSLSession arg1){
      return true;
    }
  }
;
  sc.init(null,trustAllCertificates,new java.security.SecureRandom());
  HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
  HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
 

public static DefaultHttpClient decorate(DefaultHttpClient base){
  try {
    SSLContext ctx=SSLContext.getInstance("TLS");
    X509TrustManager tm=new X509TrustManager(){
      public void checkClientTrusted(      X509Certificate[] xcs,      String string) throws CertificateException {
      }
      public void checkServerTrusted(      X509Certificate[] xcs,      String string) throws CertificateException {
      }
      public X509Certificate[] getAcceptedIssuers(){
        return null;
      }
    }
;
    ctx.init(null,new TrustManager[]{tm},null);
    SSLSocketFactory ssf=new SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    ClientConnectionManager ccm=base.getConnectionManager();
    SchemeRegistry sr=ccm.getSchemeRegistry();
    sr.register(new Scheme("https",443,ssf));
    return new DefaultHttpClient(ccm,base.getParams());
  }
 catch (  Exception ex) {
    logger.error(ex.getMessage(),ex);
    return null;
  }
}
 

private void initializeConnectionManager(){
  connectionManager=new ThreadSafeClientConnManager();
  connectionManager.setMaxTotal(MAX_TOTAL_CONNECTIONS);
  connectionManager.setDefaultMaxPerRoute(MAX_CONNECTIONS_PER_ROUTE);
  SSLContext sslContext=getSSLContext();
  try {
    sslContext.init(null,new TrustManager[]{new AlwaysTrustX509Manager()},null);
  }
 catch (  KeyManagementException e) {
    throw new IllegalStateException("Failed to initialize SSL context",e);
  }
  SSLSocketFactory socketFactory=new SSLSocketFactory(sslContext,new AllowAllHostnamesVerifier());
  SchemeRegistry schemeRegistry=connectionManager.getSchemeRegistry();
  schemeRegistry.register(new Scheme(HTTPS,443,socketFactory));
}
 

/** 
 * Allows subclasses of TcpTransportFactory to create custom instances of TcpTransport.
 */
protected TcpTransport createTransport(URI uri) throws Exception {
  String protocol=protocol(uri.getScheme());
  if (protocol != null) {
    SslTransport rc=new SslTransport();
    rc.setSSLContext(SSLContext.getInstance(protocol));
    return rc;
  }
  return null;
}
 

private void initSSLContext(String domain,String requestedServer,ConnectionConfiguration config) throws Exception {
  ks=KeyStore.getInstance(TRUSTSTORE_TYPE);
  try {
    ks.load(new FileInputStream(TRUSTSTORE_PATH),TRUSTSTORE_PASS.toCharArray());
  }
 catch (  Exception e) {
    ks=null;
  }
  KeyManagerFactory kmf=KeyManagerFactory.getInstance(KEYMANAGER_TYPE);
  try {
    kmf.init(ks,TRUSTSTORE_PASS.toCharArray());
    kms=kmf.getKeyManagers();
  }
 catch (  NullPointerException npe) {
    kms=null;
  }
  sslContext=SSLContext.getInstance(SSLCONTEXT_TYPE);
  sTrustManager=new ServerTrustManager(aContext,domain,requestedServer,config);
  sslContext.init(kms,new javax.net.ssl.TrustManager[]{sTrustManager},new java.security.SecureRandom());
  config.setCustomSSLContext(sslContext);
  config.setCallbackHandler(this);
}
 

private synchronized SSLContext ctx(){
  if (ctx == null) {
    TrustManagerFactory tmf;
    KeyManagerFactory kmf;
    try {
      ctx=SSLContext.getInstance("TLS");
      tmf=TrustManagerFactory.getInstance("PKIX");
      kmf=KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
      KeyManager[] kms=null;
      tmf.init(trusted);
      if (creds != null) {
        kmf.init(creds,pw);
        kms=kmf.getKeyManagers();
      }
      ctx.init(kms,tmf.getTrustManagers(),new SecureRandom());
    }
 catch (    NoSuchAlgorithmException e) {
      throw (new Error(e));
    }
catch (    KeyStoreException e) {
      throw (new RuntimeException(e));
    }
catch (    UnrecoverableKeyException e) {
      throw (new RuntimeException(e));
    }
catch (    KeyManagementException e) {
      throw (new RuntimeException(e));
    }
  }
  return (ctx);
}
 

/** 
 * This runs the main test: it runs a client and a server.
 * @param sslClientContext SSLContext to be used by the client.
 * @return true if the server accepted the SSL certificate.
 * @throws IOException
 */
public boolean runSSLContextTest(SSLContext sslClientContext,Connector connector) throws Exception {
  boolean result=false;
  Server server=new Server();
  server.setConnectors(new Connector[]{connector});
  server.setHandler(new HelloWorldHandler());
  server.start();
  int testPort=connector.getLocalPort();
  SSLSocket sslClientSocket=null;
  try {
    SSLSocketFactory sslClientSocketFactory=sslClientContext.getSocketFactory();
    sslClientSocket=(SSLSocket)sslClientSocketFactory.createSocket("localhost",testPort);
    assertTrue("Client socket connected",sslClientSocket.isConnected());
    sslClientSocket.setSoTimeout(500);
    OutputStream os=sslClientSocket.getOutputStream();
    os.write(REQUEST0.getBytes());
    os.write(REQUEST0.getBytes());
    os.flush();
    os.write(REQUEST1.getBytes());
    os.flush();
    String responses=readResponse(sslClientSocket);
    assertEquals(RESPONSE0 + RESPONSE0 + RESPONSE1,responses);
    result=true;
  }
 catch (  SocketException e) {
    result=false;
  }
catch (  SSLHandshakeException e) {
    result=false;
    printSslException("! Client: ",e,sslClientSocket);
  }
 finally {
    server.stop();
  }
  return result;
}
 

/** 
 * Create an SSLContext based on the configured stores.
 * @return A configured SSLContext.
 * @throws GlobusSSLConfigurationException If we fail to create the context.
 */
public SSLContext getSSLContext() throws GlobusSSLConfigurationException {
  if (sslContext == null) {
    configureContext();
  }
  return this.sslContext;
}
 

private SSLContext getSSLContext(){
  if (this.sslcontext == null) {
    this.sslcontext=createSSLContext();
  }
  return this.sslcontext;
}
 

public static void allowAllSSL(){
  HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier(){
    public boolean verify(    String hostname,    SSLSession session){
      return true;
    }
  }
);
  if (trustManagers == null) {
    trustManagers=new TrustManager[]{new FakeX509TrustManager()};
  }
  try {
    context=SSLContext.getInstance("TLS");
    context.init(null,trustManagers,new SecureRandom());
  }
 catch (  NoSuchAlgorithmException e) {
    e.printStackTrace();
  }
catch (  KeyManagementException e) {
    e.printStackTrace();
  }
  HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
}
 

NettySMTPClientTransport(SMTPDeliveryMode mode,SSLContext context,ClientSocketChannelFactory factory,SMTPClientSessionFactory sessionFactory){
  this.context=context;
  this.mode=mode;
  this.factory=factory;
  this.sessionFactory=sessionFactory;
}
 

/** 
 * Creates a new test server.
 * @param proc the HTTP processors to be used by the server, or <code>null</code> to use a  {@link #newProcessor default} processor
 * @param reuseStrat the connection reuse strategy to be used by the server, or <code>null</code> to use  {@link #newConnectionReuseStrategy() default} strategy.
 * @param params the parameters to be used by the server, or <code>null</code> to use  {@link #newDefaultParams default} parameters
 * @param sslcontext optional SSL context if the server is to leverage SSL/TLS transport security
 */
public LocalTestServerHack(final BasicHttpProcessor proc,final ConnectionReuseStrategy reuseStrat,final HttpResponseFactory responseFactory,final HttpExpectationVerifier expectationVerifier,final HttpParams params,final SSLContext sslcontext){
  super();
  this.handlerRegistry=new HttpRequestHandlerRegistry();
  this.workers=Collections.synchronizedSet(new HashSet<Worker>());
  this.httpservice=new HttpService(proc != null ? proc : newProcessor(),reuseStrat != null ? reuseStrat : newConnectionReuseStrategy(),responseFactory != null ? responseFactory : newHttpResponseFactory(),handlerRegistry,expectationVerifier,params != null ? params : newDefaultParams());
  this.sslcontext=sslcontext;
}
 

public ModSSLSocketFactory(String algorithm,final KeyStore keystore,final String keystorePassword,final KeyStore truststore,final SecureRandom random,final HostNameResolver nameResolver) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
  super();
  if (algorithm == null) {
    algorithm=TLS;
  }
  KeyManager[] keymanagers=null;
  if (keystore != null) {
    keymanagers=createKeyManagers(keystore,keystorePassword);
  }
  TrustManager[] trustmanagers=null;
  if (truststore != null) {
    trustmanagers=createTrustManagers(truststore);
  }
  this.sslcontext=SSLContext.getInstance(algorithm);
  this.sslcontext.init(keymanagers,trustmanagers,random);
  this.socketfactory=this.sslcontext.getSocketFactory();
  this.nameResolver=nameResolver;
}
 

public SSLSocketFactory(String algorithm,final KeyStore keystore,final String keystorePassword,final KeyStore truststore,final SecureRandom random,final HostNameResolver nameResolver) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
  super();
  if (algorithm == null) {
    algorithm=TLS;
  }
  KeyManager[] keymanagers=null;
  if (keystore != null) {
    keymanagers=createKeyManagers(keystore,keystorePassword);
  }
  TrustManager[] trustmanagers=null;
  if (truststore != null) {
    trustmanagers=createTrustManagers(truststore);
  }
  this.sslcontext=SSLContext.getInstance(algorithm);
  this.sslcontext.init(keymanagers,trustmanagers,random);
  this.socketfactory=this.sslcontext.getSocketFactory();
  this.nameResolver=nameResolver;
}
 

private synchronized SSLContext ctx(){
  if (ctx == null) {
    TrustManagerFactory tmf;
    KeyManagerFactory kmf;
    try {
      ctx=SSLContext.getInstance("TLS");
      tmf=TrustManagerFactory.getInstance("PKIX");
      kmf=KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
      KeyManager[] kms=null;
      tmf.init(trusted);
      if (creds != null) {
        kmf.init(creds,pw);
        kms=kmf.getKeyManagers();
      }
      ctx.init(kms,tmf.getTrustManagers(),new SecureRandom());
    }
 catch (    NoSuchAlgorithmException e) {
      throw (new Error(e));
    }
catch (    KeyStoreException e) {
      throw (new RuntimeException(e));
    }
catch (    UnrecoverableKeyException e) {
      throw (new RuntimeException(e));
    }
catch (    KeyManagementException e) {
      throw (new RuntimeException(e));
    }
  }
  return (ctx);
}
 

public ChannelPipeline getPipeline() throws Exception {
  ChannelPipeline pipeline=Channels.pipeline();
  if (config.getAuthType() != Auth.PLAIN) {
    SSLEngine sslEngine=SSLContext.getDefault().createSSLEngine();
    sslEngine.setUseClientMode(true);
    SslHandler sslHandler=new SslHandler(sslEngine);
    sslHandler.setEnableRenegotiation(true);
    pipeline.addLast("ssl",sslHandler);
  }
  pipeline.addLast("decoder",new StringDecoder());
  pipeline.addLast("encoder",new StringEncoder());
  pipeline.addLast("handler",mailClientHandler);
  return pipeline;
}