Package javax.net.ssl

Examples of javax.net.ssl.SSLException

99
100
101
102
103
104
105
106
107
108
    if (sslNotSupported) {
      throw new SSLNotSupportedException("Neither JSSE nor J2SE " +
          ">= 1.4 installed:\n---\n"+
      sw.toString() +"---");
    } else {
      throw new SSLException("Exception while creating "+
          "the SSLSocketFactory with JSSE:\n---\n"+
          sw.toString() + "---");
    }
  }
View Full Code Here
263
264
265
266
267
268
269
270
271
    } catch (Exception exc) {
      StringWriter sw = new StringWriter();
      PrintWriter pw = new PrintWriter(sw);
      exc.printStackTrace(pw);
      pw.close();
      throw new SSLException("Exception while preparing "+
          "the SSLSocket:\n---\n"+ sw.toString() + "---");
    }
  }
View Full Code Here
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
            }
        }

        if(names.isEmpty()) {
            String msg = "Certificate for <" + host + "> doesn't contain CN or DNS subjectAlt";
            throw new SSLException(msg);
        }

        // StringBuilder for building the error message.
        StringBuilder buf = new StringBuilder();

        // We're can be case-insensitive when comparing the host we used to
        // establish the socket to the hostname in the certificate.
        String hostName = host.trim().toLowerCase(Locale.ENGLISH);
        boolean match = false;
        for(Iterator<String> it = names.iterator(); it.hasNext();) {
            // Don't trim the CN, though!
            String cn = it.next();
            cn = cn.toLowerCase(Locale.ENGLISH);
            // Store CN in StringBuilder in case we need to report an error.
            buf.append(" <");
            buf.append(cn);
            buf.append('>');
            if(it.hasNext()) {
                buf.append(" OR");
            }

            // The CN better have at least two dots if it wants wildcard
            // action.  It also can't be [*.co.uk] or [*.co.jp] or
            // [*.org.uk], etc...
            String parts[] = cn.split("\\.");
            boolean doWildcard = parts.length >= 3 &&
                                 parts[0].endsWith("*") &&
                                 acceptableCountryWildcard(cn) &&
                                 !isIPAddress(host);

            if(doWildcard) {
                if (parts[0].length() > 1) { // e.g. server*
                    String prefix = parts[0].substring(0, parts.length-2); // e.g. server
                    String suffix = cn.substring(parts[0].length()); // skip wildcard part from cn
                    String hostSuffix = hostName.substring(prefix.length()); // skip wildcard part from host
                    match = hostName.startsWith(prefix) && hostSuffix.endsWith(suffix);
                } else {
                    match = hostName.endsWith(cn.substring(1));                   
                }
                if(match && strictWithSubDomains) {
                    // If we're in strict mode, then [*.foo.com] is not
                    // allowed to match [a.b.foo.com]
                    match = countDots(hostName) == countDots(cn);
                }
            } else {
                match = hostName.equals(cn);
            }
            if(match) {
                break;
            }
        }
        if(!match) {
            throw new SSLException("hostname in certificate didn't match: <" + host + "> !=" + buf);
        }
    }
View Full Code Here
372
373
374
375
376
377
378
379
380
381
382
            if (result.getStatus() == SSLEngineResult.Status.OK) {
                if (result.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                    doTasks();
                }
            } else {
                throw new SSLException("SSLEngine error during encrypt: "
                        + result.getStatus() + " src: " + src
                        + "outNetBuffer: " + outNetBuffer);
            }
        }
View Full Code Here
401
402
403
404
405
406
407
408
409
410
        // By RFC 2616, we can "fire and forget" our close_notify
        // message, so that's what we'll do here.
        outNetBuffer.clear();
        SSLEngineResult result = sslEngine.wrap(hsBB, outNetBuffer);
        if (result.getStatus() != SSLEngineResult.Status.CLOSED) {
            throw new SSLException("Improper close state: " + result);
        }
        outNetBuffer.flip();
        return true;
    }
View Full Code Here
441
442
443
444
445
446
447
448
449
450
         * CLOSED - The other peer closed the socket. Also normal.
         */
        if (status != SSLEngineResult.Status.OK
                && status != SSLEngineResult.Status.CLOSED
                && status != SSLEngineResult.Status.BUFFER_UNDERFLOW) {
            throw new SSLException("SSLEngine error during decrypt: " + status
                    + " inNetBuffer: " + inNetBuffer + "appBuffer: "
                    + appBuffer);
        }
    }
View Full Code Here
559
560
561
562
563
564
565
566
567
568
569
570
571
            // loop while more writes required to complete handshake
            while (needToCompleteHandshake()) {
                try {
                    handshake(nextFilter);
                } catch (SSLException ssle) {
                    SSLException newSSLE = new SSLHandshakeException(
                            "SSL handshake failed.");
                    newSSLE.initCause(ssle);
                    throw newSSLE;
                }
                if (getOutNetBuffer().hasRemaining()) {
                    if (SessionLog.isDebugEnabled(session)) {
                        SessionLog.debug(session, " write outNetBuffer2: "
View Full Code Here
411
412
413
414
415
416
417
418
419
420
421
422
423
                            handler.scheduleMessageReceived(nextFilter, buf);
                        }
                    }
                } catch (SSLException ssle) {
                    if (!handler.isHandshakeComplete()) {
                        SSLException newSSLE = new SSLHandshakeException(
                                "SSL handshake failed.");
                        newSSLE.initCause(ssle);
                        ssle = newSSLE;
                    }
                   
                    throw ssle;
                }
View Full Code Here
181
182
183
184
185
186
187
188
189
190
191
                int read = in.read(b);
                if (read > 0) {
                    // Shouldn't happen as all input should have been swallowed
                    // before trying to do the handshake. If it does, something
                    // went wrong so lets bomb out now.
                    throw new SSLException(
                            sm.getString("jsseSupport.unexpectedData"));
                }
            } catch(SSLException sslex) {
                log.info(sm.getString("jsseSupport.clientCertError"), sslex);
                throw sslex;
View Full Code Here
421
422
423
424
425
426
427
428
429
430
431
432
433
                            handler.scheduleMessageReceived(nextFilter, buf);
                        }
                    }
                } catch (SSLException ssle) {
                    if (!handler.isHandshakeComplete()) {
                        SSLException newSsle = new SSLHandshakeException(
                                "SSL handshake failed.");
                        newSsle.initCause(ssle);
                        ssle = newSsle;
                    }

                    throw ssle;
                }
View Full Code Here
TOP

Related Classes of javax.net.ssl.SSLException

  • ch.unifr.nio.framework.transform.SSLInputForwarder
  • com.dropbox.core.http.SSLConfig
  • com.dtolabs.rundeck.jetty.jaas.HostnameVerifyingTrustManagerTest
  • com.ensifera.animosity.craftirc.libs.org.jibble.pircbot.TrustingSSLSocketFactory
  • com.facebook.presto.jdbc.internal.netty.handler.ssl.SslHandler
  • com.findwise.utils.http.SelectiveHostnameVerifierTest
  • com.impossibl.postgres.protocol.v30.ProtocolFactoryImpl
  • com.pusher.client.connection.websocket.WebSocketClientWrapper
  • com.subgraph.orchid.sockets.sslengine.SSLEngineManager
  • gnu.javax.net.ssl.provider.SSLSocket
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.