-
-
Save limingzju/9fbfe05b991ba43d9ccd to your computer and use it in GitHub Desktop.
package hello; | |
import java.io.File; | |
import java.io.FileInputStream; | |
import java.security.KeyStore; | |
import java.security.cert.Certificate; | |
import java.security.cert.CertificateFactory; | |
import javax.net.ssl.SSLContext; | |
import org.apache.http.client.methods.CloseableHttpResponse; | |
import org.apache.http.client.methods.HttpGet; | |
import org.apache.http.conn.ssl.SSLConnectionSocketFactory; | |
import org.apache.http.conn.ssl.SSLContexts; | |
import org.apache.http.conn.ssl.TrustSelfSignedStrategy; | |
import org.apache.http.impl.client.CloseableHttpClient; | |
import org.apache.http.impl.client.HttpClients; | |
abstract class HttpTest { | |
void run() throws Exception { | |
} | |
String testCaseName; | |
} | |
class HostVisit extends HttpTest { | |
HostVisit() { | |
super.testCaseName = "HostVisit"; | |
} | |
// should pass | |
public void run() throws Exception { | |
SSLContext sslContext = SSLContexts.createDefault(); | |
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory( | |
sslContext, SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER); | |
CloseableHttpClient client = HttpClients.custom() | |
.setSSLSocketFactory(sslsf).build(); | |
HttpGet get = new HttpGet("https://nos.163.com/doc/Koala.jpg"); | |
CloseableHttpResponse response = client.execute(get); | |
System.out.println(response.getStatusLine().getStatusCode()); | |
} | |
} | |
class IpVisit extends HttpTest { | |
IpVisit() { | |
super.testCaseName = "IpVisit"; | |
} | |
// should fail | |
public void run() throws Exception { | |
SSLContext sslContext = SSLContexts.createDefault(); | |
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory( | |
sslContext, SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER); | |
CloseableHttpClient client = HttpClients.custom() | |
.setSSLSocketFactory(sslsf).build(); | |
HttpGet get = new HttpGet("https://223.252.216.59/doc/Koala.jpg"); | |
CloseableHttpResponse response = client.execute(get); | |
System.out.println(response.getStatusLine().getStatusCode()); | |
} | |
} | |
class IpVisitAllowAllHosts extends HttpTest { | |
IpVisitAllowAllHosts() { | |
super.testCaseName = "IpVisitAllowAllHosts"; | |
} | |
// should pass | |
public void run() throws Exception { | |
SSLContext sslContext = SSLContexts.createDefault(); | |
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory( | |
sslContext, | |
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); | |
CloseableHttpClient client = HttpClients.custom() | |
.setSSLSocketFactory(sslsf).build(); | |
HttpGet get = new HttpGet("https://223.252.216.59/doc/Koala.jpg"); | |
CloseableHttpResponse response = client.execute(get); | |
System.out.println(response.getStatusLine().getStatusCode()); | |
} | |
} | |
class IpVisitAllowAllHostsWithRightCert extends HttpTest { | |
IpVisitAllowAllHostsWithRightCert() { | |
super.testCaseName = "IpVisitAllowAllHostsWithRightCert"; | |
} | |
// should pass | |
public void run() throws Exception { | |
FileInputStream in = new FileInputStream(new File( | |
"/Users/limingzju/Desktop/163.com.cer")); | |
CertificateFactory cerFactory = CertificateFactory.getInstance("X.509"); | |
Certificate cert = cerFactory.generateCertificate(in); | |
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); | |
trustStore.load(null, null); | |
trustStore.setCertificateEntry("trust", cert); | |
SSLContext sslContext = SSLContexts.custom() | |
.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy()) | |
.build(); | |
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory( | |
sslContext, new String[] { "TLSv1" }, null, | |
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); | |
CloseableHttpClient client = HttpClients.custom() | |
.setSSLSocketFactory(sslsf).build(); | |
HttpGet get = new HttpGet("https://223.252.216.59/doc/Koala.jpg"); | |
CloseableHttpResponse response = client.execute(get); | |
System.out.println(response.getStatusLine().getStatusCode()); | |
} | |
} | |
class IpVisitAllowAllHostsWithWrongCert extends HttpTest { | |
IpVisitAllowAllHostsWithWrongCert() { | |
super.testCaseName = "IpVisitAllowAllHostsWithWrongCert"; | |
} | |
// should fail | |
public void run() throws Exception { | |
FileInputStream in = new FileInputStream(new File( | |
"/Users/limingzju/Desktop/netease.com.cer")); | |
CertificateFactory cerFactory = CertificateFactory.getInstance("X.509"); | |
Certificate cert = cerFactory.generateCertificate(in); | |
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); | |
trustStore.load(null, null); | |
trustStore.setCertificateEntry("trust", cert); | |
SSLContext sslContext = SSLContexts.custom() | |
.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy()) | |
.build(); | |
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory( | |
sslContext, new String[] { "TLSv1" }, null, | |
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); | |
CloseableHttpClient client = HttpClients.custom() | |
.setSSLSocketFactory(sslsf).build(); | |
HttpGet get = new HttpGet("https://223.252.216.59/doc/Koala.jpg"); | |
CloseableHttpResponse response = client.execute(get); | |
System.out.println(response.getStatusLine().getStatusCode()); | |
} | |
} | |
public class SSLTest { | |
static String runCase(HttpTest httpTest) { | |
String pass = "true"; | |
try { | |
httpTest.run(); | |
} catch (Exception e) { | |
pass = "false"; | |
} | |
return pass; | |
} | |
public static void main(String[] args) { | |
HttpTest[] tests = new HttpTest[]{new HostVisit(), new IpVisit(), new IpVisitAllowAllHosts(), | |
new IpVisitAllowAllHostsWithRightCert(), new IpVisitAllowAllHostsWithWrongCert()}; | |
String[] result = new String[tests.length]; | |
for (int i = 0; i < tests.length; i++) { | |
result[i] = runCase(tests[i]); | |
} | |
System.out.printf("\n\n\n\n\n\n"); | |
for (int i = 0; i < tests.length; i++) { | |
System.out.printf("%s %s\n", tests[i].testCaseName, result[i]); | |
} | |
} | |
} |
limingzju
commented
Sep 23, 2014
package hello;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
public class SSLTest {
public static void main(String[] args) throws InterruptedException, NoSuchAlgorithmException, IOException, KeyStoreException, KeyManagementException {
SSLContextBuilder builder = new SSLContextBuilder();
builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
builder.build(),
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
CloseableHttpClient client = HttpClients.custom()
.setSSLSocketFactory(sslsf).build();
HttpGet get = new HttpGet("https://223.252.196.40/doc/dkfjd?uploadcontext");
CloseableHttpResponse response = client.execute(get);
System.out.println(response.getStatusLine().getStatusCode());
}
}