From 368ba3ba0859e00ec245a64c94c1eab1f96d23bd Mon Sep 17 00:00:00 2001 From: Wyvest <45589059+Wyvest@users.noreply.github.com> Date: Wed, 25 May 2022 10:39:31 +0700 Subject: OC-33 SSL / Internet Utils (#19) Co-authored-by: EthanDevelops --- .../cc/polyfrost/oneconfig/network/SSLStore.java | 76 ++++++++++++++++++++++ .../polyfrost/oneconfig/utils/InternetUtils.java | 4 ++ 2 files changed, 80 insertions(+) create mode 100644 src/main/java/cc/polyfrost/oneconfig/network/SSLStore.java create mode 100644 src/main/java/cc/polyfrost/oneconfig/utils/InternetUtils.java (limited to 'src/main') diff --git a/src/main/java/cc/polyfrost/oneconfig/network/SSLStore.java b/src/main/java/cc/polyfrost/oneconfig/network/SSLStore.java new file mode 100644 index 0000000..3b8eed2 --- /dev/null +++ b/src/main/java/cc/polyfrost/oneconfig/network/SSLStore.java @@ -0,0 +1,76 @@ +package cc.polyfrost.oneconfig.network; + +import javax.net.ssl.KeyManager; +import javax.net.ssl.SSLContext; +import javax.net.ssl.TrustManagerFactory; +import java.io.BufferedInputStream; +import java.io.InputStream; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.security.KeyStore; +import java.security.SecureRandom; +import java.security.cert.Certificate; +import java.security.cert.CertificateFactory; + +/** + * Adds our certificate to the JavaKeyStore to avoid SSL issues. + */ +public class SSLStore { + private final CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); + private final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); + + public SSLStore() throws Exception { + Path keyStorePath = Paths.get(System.getProperty("java.home"), "lib", "security", "cacerts"); + this.keyStore.load(Files.newInputStream(keyStorePath),(char[])null); + } + + /** + * Loads the specified SSL certificate. + * @param sslFile A .der filename from the resources/assets/oneconfig/ssl directory. + * @throws Exception Uses Exception to cover the SSL loading and generation + */ + public SSLStore load(String sslFile) throws Exception { + InputStream certificateResource = SSLStore.class.getResourceAsStream("/assets/oneconfig/ssl/" + sslFile + ".der"); + Throwable sslThrowable = null; + + // Try to gen and load the certificate + try { + InputStream certStream = new BufferedInputStream(certificateResource); + Certificate generatedCertificate = this.certificateFactory.generateCertificate(certStream); + + this.keyStore.setCertificateEntry(sslFile, generatedCertificate); + } catch (Throwable sslException) { + sslThrowable = sslException; + throw sslException; + } finally { + if (certificateResource != null) { + try { + certificateResource.close(); + } catch (Throwable closeException) { + sslThrowable.addSuppressed(closeException); + } + } else { + certificateResource.close(); + } + } + return this; + } + + /** + * Generates and returns the SSLContext after the new cert has been added with SSLStore.load(). + * @return The SSLContext generated after init. + * @throws Exception Uses Exception to cover the TMF init and SSLContext init. + */ + public SSLContext finish() throws Exception { + // Initialize TrustManagerFactory with the new KeyStore once the new cert has been added + TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); + trustManagerFactory.init(this.keyStore); + + // Return the SSLContext after init. + SSLContext sslContext = SSLContext.getInstance("TLS"); + sslContext.init((KeyManager[])null, trustManagerFactory.getTrustManagers(), (SecureRandom)null); + + return sslContext; + } +} diff --git a/src/main/java/cc/polyfrost/oneconfig/utils/InternetUtils.java b/src/main/java/cc/polyfrost/oneconfig/utils/InternetUtils.java new file mode 100644 index 0000000..aa13c96 --- /dev/null +++ b/src/main/java/cc/polyfrost/oneconfig/utils/InternetUtils.java @@ -0,0 +1,4 @@ +package cc.polyfrost.oneconfig.utils; + +public class InternetUtils { +} -- cgit