正在查看: SpeedCash v6.5.1482 应用的 AdvancedTlsX509TrustManager.java JAVA 源代码文件
本页面展示 JAVA 反编译生成的源代码文件,支持语法高亮显示。 仅供安全研究与技术分析使用,严禁用于任何非法用途。请遵守相关法律法规。
页面标题
页面副标题
SpeedCash v6.5.1482 - AdvancedTlsX509TrustManager.java 源代码
package io.grpc.util;
import io.grpc.ExperimentalApi;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedTrustManager;
import org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement;
@ExperimentalApi("https://github.com/grpc/grpc-java/issues/8024")
@IgnoreJRERequirement
public final class AdvancedTlsX509TrustManager extends X509ExtendedTrustManager {
public static final Logger d = Logger.getLogger(AdvancedTlsX509TrustManager.class.getName());
public final Verification a;
public final SslSocketAndEnginePeerVerifier b;
public volatile X509ExtendedTrustManager c;
public static final class Builder {
public Verification a;
public SslSocketAndEnginePeerVerifier b;
public Builder(a aVar) {
this();
}
public AdvancedTlsX509TrustManager build() throws CertificateException {
return new AdvancedTlsX509TrustManager(this.a, this.b, null);
}
public Builder setSslSocketAndEnginePeerVerifier(SslSocketAndEnginePeerVerifier sslSocketAndEnginePeerVerifier) {
this.b = sslSocketAndEnginePeerVerifier;
return this;
}
public Builder setVerification(Verification verification) {
this.a = verification;
return this;
}
public Builder() {
this.a = Verification.CERTIFICATE_AND_HOST_NAME_VERIFICATION;
}
}
public interface Closeable extends java.io.Closeable {
@Override
void close();
}
public interface SslSocketAndEnginePeerVerifier {
void verifyPeerCertificate(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException;
void verifyPeerCertificate(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException;
}
public enum Verification {
CERTIFICATE_AND_HOST_NAME_VERIFICATION,
CERTIFICATE_ONLY_VERIFICATION,
INSECURELY_SKIP_ALL_VERIFICATION
}
public class a implements Closeable {
public final ScheduledFuture a;
public a(ScheduledFuture scheduledFuture) {
this.a = scheduledFuture;
}
@Override
public void close() {
this.a.cancel(false);
}
}
public class b implements Runnable {
public File a;
public long b = 0;
public b(File file) {
this.a = file;
}
@Override
public void run() {
try {
this.b = AdvancedTlsX509TrustManager.this.e(this.a, this.b);
} catch (IOException | GeneralSecurityException e) {
AdvancedTlsX509TrustManager.d.log(Level.SEVERE, "Failed refreshing trust CAs from file. Using previous CAs", e);
}
}
}
public AdvancedTlsX509TrustManager(Verification verification, SslSocketAndEnginePeerVerifier sslSocketAndEnginePeerVerifier, a aVar) throws CertificateException {
this(verification, sslSocketAndEnginePeerVerifier);
}
public static X509ExtendedTrustManager d(KeyStore keyStore) throws CertificateException, KeyStoreException, NoSuchAlgorithmException {
X509ExtendedTrustManager x509ExtendedTrustManager;
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
int i = 0;
while (true) {
if (i >= trustManagers.length) {
x509ExtendedTrustManager = null;
break;
}
TrustManager trustManager = trustManagers[i];
if (trustManager instanceof X509ExtendedTrustManager) {
x509ExtendedTrustManager = (X509ExtendedTrustManager) trustManager;
break;
}
i++;
}
if (x509ExtendedTrustManager != null) {
return x509ExtendedTrustManager;
}
throw new CertificateException("Failed to find X509ExtendedTrustManager with default TrustManager algorithm " + TrustManagerFactory.getDefaultAlgorithm());
}
public static Builder newBuilder() {
return new Builder(null);
}
public final void c(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine, Socket socket, boolean z) throws CertificateException {
if (x509CertificateArr == null || x509CertificateArr.length == 0) {
throw new IllegalArgumentException("Want certificate verification but got null or empty certificates");
}
if (sSLEngine == null && socket == null) {
throw new CertificateException("Not enough information to validate peer. SSLEngine or Socket required.");
}
if (this.a != Verification.INSECURELY_SKIP_ALL_VERIFICATION) {
X509ExtendedTrustManager x509ExtendedTrustManager = this.c;
if (x509ExtendedTrustManager == null) {
throw new CertificateException("No trust roots configured");
}
if (z) {
String str2 = this.a == Verification.CERTIFICATE_AND_HOST_NAME_VERIFICATION ? "HTTPS" : "";
if (sSLEngine != null) {
SSLParameters sSLParameters = sSLEngine.getSSLParameters();
sSLParameters.setEndpointIdentificationAlgorithm(str2);
sSLEngine.setSSLParameters(sSLParameters);
x509ExtendedTrustManager.checkServerTrusted(x509CertificateArr, str, sSLEngine);
} else {
if (!(socket instanceof SSLSocket)) {
throw new CertificateException("socket is not a type of SSLSocket");
}
SSLSocket sSLSocket = (SSLSocket) socket;
SSLParameters sSLParameters2 = sSLSocket.getSSLParameters();
sSLParameters2.setEndpointIdentificationAlgorithm(str2);
sSLSocket.setSSLParameters(sSLParameters2);
x509ExtendedTrustManager.checkServerTrusted(x509CertificateArr, str, sSLSocket);
}
} else {
x509ExtendedTrustManager.checkClientTrusted(x509CertificateArr, str, sSLEngine);
}
}
SslSocketAndEnginePeerVerifier sslSocketAndEnginePeerVerifier = this.b;
if (sslSocketAndEnginePeerVerifier != null) {
if (sSLEngine != null) {
sslSocketAndEnginePeerVerifier.verifyPeerCertificate(x509CertificateArr, str, sSLEngine);
} else {
sslSocketAndEnginePeerVerifier.verifyPeerCertificate(x509CertificateArr, str, socket);
}
}
}
@Override
public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
throw new CertificateException("Not enough information to validate peer. SSLEngine or Socket required.");
}
@Override
public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException {
c(x509CertificateArr, str, sSLEngine, null, true);
}
public final long e(File file, long j) throws IOException, GeneralSecurityException {
long lastModified = file.lastModified();
if (lastModified == j) {
return j;
}
FileInputStream fileInputStream = new FileInputStream(file);
try {
updateTrustCredentials(CertificateUtils.getX509Certificates(fileInputStream));
return lastModified;
} finally {
fileInputStream.close();
}
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return this.c == null ? new X509Certificate[0] : this.c.getAcceptedIssuers();
}
public void updateTrustCredentials(X509Certificate[] x509CertificateArr) throws IOException, GeneralSecurityException {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
int i = 1;
for (X509Certificate x509Certificate : x509CertificateArr) {
keyStore.setCertificateEntry(Integer.toString(i), x509Certificate);
i++;
}
this.c = d(keyStore);
}
public Closeable updateTrustCredentialsFromFile(File file, long j, TimeUnit timeUnit, ScheduledExecutorService scheduledExecutorService) throws IOException, GeneralSecurityException {
if (e(file, 0L) != 0) {
return new a(scheduledExecutorService.scheduleWithFixedDelay(new b(file), j, j, timeUnit));
}
throw new GeneralSecurityException("Files were unmodified before their initial update. Probably a bug.");
}
public void useSystemDefaultTrustCerts() throws CertificateException, KeyStoreException, NoSuchAlgorithmException {
this.c = d(null);
}
public AdvancedTlsX509TrustManager(Verification verification, SslSocketAndEnginePeerVerifier sslSocketAndEnginePeerVerifier) throws CertificateException {
this.c = null;
this.a = verification;
this.b = sslSocketAndEnginePeerVerifier;
}
@Override
public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException {
c(x509CertificateArr, str, null, socket, false);
}
@Override
public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
throw new CertificateException("Not enough information to validate peer. SSLEngine or Socket required.");
}
@Override
public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException {
c(x509CertificateArr, str, sSLEngine, null, false);
}
@Override
public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException {
c(x509CertificateArr, str, null, socket, true);
}
public void updateTrustCredentialsFromFile(File file) throws IOException, GeneralSecurityException {
if (e(file, 0L) == 0) {
throw new GeneralSecurityException("Files were unmodified before their initial update. Probably a bug.");
}
}
}