Created
August 8, 2016 11:14
-
-
Save h3nrique/066fd89433cb622a4658d25e2062b8ed to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import java.io.BufferedReader; | |
| import java.io.File; | |
| import java.io.FileInputStream; | |
| import java.io.FileOutputStream; | |
| import java.io.InputStreamReader; | |
| import java.security.KeyStore; | |
| import java.security.MessageDigest; | |
| import java.security.cert.CertificateException; | |
| import java.security.cert.X509Certificate; | |
| import javax.net.ssl.SSLContext; | |
| import javax.net.ssl.SSLException; | |
| import javax.net.ssl.SSLSocket; | |
| import javax.net.ssl.SSLSocketFactory; | |
| import javax.net.ssl.TrustManager; | |
| import javax.net.ssl.TrustManagerFactory; | |
| import javax.net.ssl.X509TrustManager; | |
| /** | |
| * Created by Paulo Henrique Alves on 08/08/16. | |
| */ | |
| public class InstallCert { | |
| public static void main(String[] paramArrayOfString) throws Exception { | |
| String str1; | |
| int i; | |
| char[] arrayOfChar; | |
| String[] localObject1; | |
| if ((paramArrayOfString.length == 1) || (paramArrayOfString.length == 2)) { | |
| localObject1 = paramArrayOfString[0].split(":"); | |
| str1 = localObject1[0]; | |
| i = localObject1.length == 1 ? 443 : Integer.parseInt(localObject1[1]); | |
| String str2 = paramArrayOfString.length == 1 ? "changeit" : paramArrayOfString[1]; | |
| arrayOfChar = str2.toCharArray(); | |
| } else { | |
| System.out.println("Usage: java InstallCert <host>[:port] [passphrase]"); | |
| return; | |
| } | |
| File localObjectJsse = new File("jssecacerts"); | |
| if (!localObjectJsse.isFile()) { | |
| char c = File.separatorChar; | |
| File localObject2 = new File(System.getProperty("java.home") + c + "lib" + c + "security"); | |
| localObjectJsse = new File(localObject2, "jssecacerts"); | |
| if (!localObjectJsse.isFile()) { | |
| localObjectJsse = new File(localObject2, "cacerts"); | |
| } | |
| } | |
| System.out.println("Loading KeyStore " + localObject1 + "..."); | |
| FileInputStream localFileInputStream = new FileInputStream((File) localObjectJsse); | |
| Object localObject2 = KeyStore.getInstance(KeyStore.getDefaultType()); | |
| ((KeyStore) localObject2).load(localFileInputStream, arrayOfChar); | |
| localFileInputStream.close(); | |
| SSLContext localSSLContext = SSLContext.getInstance("TLS"); | |
| TrustManagerFactory localTrustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); | |
| localTrustManagerFactory.init((KeyStore) localObject2); | |
| X509TrustManager localX509TrustManager = (X509TrustManager) localTrustManagerFactory.getTrustManagers()[0]; | |
| InstallCert.SavingTrustManager localSavingTrustManager = new InstallCert.SavingTrustManager(localX509TrustManager); | |
| localSSLContext.init(null, new TrustManager[]{localSavingTrustManager}, null); | |
| SSLSocketFactory localSSLSocketFactory = localSSLContext.getSocketFactory(); | |
| System.out.println("Opening connection to " + str1 + ":" + i + "..."); | |
| SSLSocket localSSLSocket = (SSLSocket) localSSLSocketFactory.createSocket(str1, i); | |
| localSSLSocket.setSoTimeout(10000); | |
| try { | |
| System.out.println("Starting SSL handshake..."); | |
| localSSLSocket.startHandshake(); | |
| localSSLSocket.close(); | |
| System.out.println(); | |
| System.out.println("No errors, certificate is already trusted"); | |
| } catch (SSLException localSSLException) { | |
| System.out.println(); | |
| localSSLException.printStackTrace(System.out); | |
| } | |
| X509Certificate[] arrayOfX509Certificate = localSavingTrustManager.chain; | |
| if (arrayOfX509Certificate == null) { | |
| System.out.println("Could not obtain server certificate chain"); | |
| return; | |
| } | |
| BufferedReader localBufferedReader = new BufferedReader(new InputStreamReader(System.in)); | |
| System.out.println(); | |
| System.out.println("Server sent " + arrayOfX509Certificate.length + " certificate(s):"); | |
| System.out.println(); | |
| MessageDigest localMessageDigest1 = MessageDigest.getInstance("SHA1"); | |
| MessageDigest localMessageDigest2 = MessageDigest.getInstance("MD5"); | |
| for (int j = 0; j < arrayOfX509Certificate.length; j++) { | |
| X509Certificate localX509Certificate1 = arrayOfX509Certificate[j]; | |
| System.out.println(" " + (j + 1) + " Subject " + localX509Certificate1.getSubjectDN()); | |
| System.out.println(" Issuer " + localX509Certificate1.getIssuerDN()); | |
| localMessageDigest1.update(localX509Certificate1.getEncoded()); | |
| System.out.println(" sha1 " + toHexString(localMessageDigest1.digest())); | |
| localMessageDigest2.update(localX509Certificate1.getEncoded()); | |
| System.out.println(" md5 " + toHexString(localMessageDigest2.digest())); | |
| System.out.println(); | |
| } | |
| System.out.println("Enter certificate to add to trusted keystore or 'q' to quit: [1]"); | |
| String str3 = localBufferedReader.readLine().trim(); | |
| int k; | |
| try { | |
| k = str3.length() == 0 ? 0 : Integer.parseInt(str3) - 1; | |
| } catch (NumberFormatException localNumberFormatException) { | |
| System.out.println("KeyStore not changed"); | |
| return; | |
| } | |
| X509Certificate localX509Certificate2 = arrayOfX509Certificate[k]; | |
| String str4 = str1 + "-" + (k + 1); | |
| ((KeyStore) localObject2).setCertificateEntry(str4, localX509Certificate2); | |
| FileOutputStream localFileOutputStream = new FileOutputStream("jssecacerts"); | |
| ((KeyStore) localObject2).store(localFileOutputStream, arrayOfChar); | |
| localFileOutputStream.close(); | |
| System.out.println(); | |
| System.out.println(localX509Certificate2); | |
| System.out.println(); | |
| System.out.println("Added certificate to keystore 'jssecacerts' using alias '" + str4 + "'"); | |
| } | |
| private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray(); | |
| private static String toHexString(byte[] paramArrayOfByte) { | |
| StringBuilder localStringBuilder = new StringBuilder(paramArrayOfByte.length * 3); | |
| for (int k : paramArrayOfByte) { | |
| k &= 0xFF; | |
| localStringBuilder.append(HEXDIGITS[(k >> 4)]); | |
| localStringBuilder.append(HEXDIGITS[(k & 0xF)]); | |
| localStringBuilder.append(' '); | |
| } | |
| return localStringBuilder.toString(); | |
| } | |
| private static class SavingTrustManager | |
| implements X509TrustManager { | |
| private final X509TrustManager tm; | |
| private X509Certificate[] chain; | |
| SavingTrustManager(X509TrustManager paramX509TrustManager) { | |
| this.tm = paramX509TrustManager; | |
| } | |
| public X509Certificate[] getAcceptedIssuers() { | |
| throw new UnsupportedOperationException(); | |
| } | |
| public void checkClientTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) | |
| throws CertificateException { | |
| throw new UnsupportedOperationException(); | |
| } | |
| public void checkServerTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) | |
| throws CertificateException { | |
| this.chain = paramArrayOfX509Certificate; | |
| this.tm.checkServerTrusted(paramArrayOfX509Certificate, paramString); | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment