Transpiled version (1696L) is out of date.
1 | import javax.net.ssl.*; |
2 | import java.security.Principal; |
3 | import java.security.PrivateKey; |
4 | import java.security.cert.X509Certificate; |
5 | |
6 | // from https://github.com/grahamedgecombe/netty-sni-example/blob/master/src/main/java/SniKeyManager.java |
7 | |
8 | sclass SNIKeyManager extends X509ExtendedKeyManager { |
9 | X509ExtendedKeyManager keyManager; |
10 | S defaultAlias = "test1.example.com"; |
11 | bool verbose; |
12 | |
13 | *(X509ExtendedKeyManager *keyManager) {} |
14 | |
15 | @Override |
16 | public String[] getClientAliases(String keyType, Principal[] issuers) { |
17 | throw printStackTrace(new UnsupportedOperationException()); // we don't use client mode |
18 | } |
19 | |
20 | @Override |
21 | public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) { |
22 | throw printStackTrace(new UnsupportedOperationException()); // as above |
23 | } |
24 | |
25 | @Override |
26 | public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine) { |
27 | throw printStackTrace(new UnsupportedOperationException()); // as above |
28 | } |
29 | |
30 | @Override |
31 | public String[] getServerAliases(String keyType, Principal[] issuers) { |
32 | return keyManager.getServerAliases(keyType, issuers); |
33 | } |
34 | |
35 | @Override |
36 | public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) { |
37 | // This is the one used by serveHttps right now |
38 | ExtendedSSLSession session = cast ((SSLSocket) socket).getHandshakeSession(); |
39 | print("chooseServerAlias session type: " + className(session)); |
40 | List<SNIServerName> names = session.getRequestedServerNames(); |
41 | if (verbose) |
42 | print("Requested server names: " + names); |
43 | |
44 | ret keyManager.chooseServerAlias(keyType, issuers, socket); |
45 | } |
46 | |
47 | @Override |
48 | public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine) { |
49 | ExtendedSSLSession session = (ExtendedSSLSession) engine.getHandshakeSession(); |
50 | |
51 | // Pick first SNIHostName in the list of SNI names. |
52 | String hostname = null; |
53 | List<SNIServerName> names = session.getRequestedServerNames(); |
54 | if (verbose) |
55 | print("Requested server names: " + names); |
56 | for (SNIServerName name : names) { |
57 | if (name.getType() == StandardConstants.SNI_HOST_NAME) { |
58 | hostname = ((SNIHostName) name).getAsciiName(); |
59 | break; |
60 | } |
61 | } |
62 | |
63 | // If we got given a hostname over SNI, check if we have a cert and key for that hostname. If so, we use it. |
64 | // Otherwise, we fall back to the default certificate. |
65 | if (hostname != null && (getCertificateChain(hostname) != null && getPrivateKey(hostname) != null)) |
66 | return hostname; |
67 | else |
68 | return defaultAlias; |
69 | } |
70 | |
71 | @Override |
72 | public X509Certificate[] getCertificateChain(String alias) { |
73 | return keyManager.getCertificateChain(alias); |
74 | } |
75 | |
76 | @Override |
77 | public PrivateKey getPrivateKey(String alias) { |
78 | return keyManager.getPrivateKey(alias); |
79 | } |
80 | } |
download show line numbers debug dex old transpilations
Travelled to 6 computer(s): bhatertpkbcr, mqqgnosmbjvj, pyentgdyhuwx, pzhvpgtvlbxg, tvejysmllsmz, vouqrxazstgt
No comments. add comment
Snippet ID: | #1024321 |
Snippet name: | SNIKeyManager (old) |
Eternal ID of this version: | #1024321/10 |
Text MD5: | 2292d5cc3f533c975f4ddd7cabd0e074 |
Author: | stefan |
Category: | javax / ssl |
Type: | JavaX fragment (include) |
Public (visible to everyone): | Yes |
Archived (hidden from active list): | No |
Created/modified: | 2019-08-02 15:18:15 |
Source code size: | 2907 bytes / 80 lines |
Pitched / IR pitched: | No / No |
Views / Downloads: | 203 / 375 |
Version history: | 9 change(s) |
Referenced in: | [show references] |