Merge pull request android-async-http#412 from Shalzz/patch-1

Better implementation of MySSLSocketFactory.java

Author: smarek

library/src/main/java/com/loopj/android/http/MySSLSocketFactory.java

@@ -1,18 +1,37 @@
 package com.loopj.android.http;
 
-import org.apache.http.conn.ssl.SSLSocketFactory;
-
+import java.io.BufferedInputStream;
 import java.io.IOException;
+import java.io.InputStream;
 import java.net.Socket;
+import java.net.UnknownHostException;
 import java.security.KeyManagementException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.UnrecoverableKeyException;
-
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+ 
+import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509TrustManager;
+ 
+import org.apache.http.HttpVersion;
+import org.apache.http.conn.ClientConnectionManager;
+import org.apache.http.conn.scheme.PlainSocketFactory;
+import org.apache.http.conn.scheme.Scheme;
+import org.apache.http.conn.scheme.SchemeRegistry;
+import org.apache.http.conn.ssl.SSLSocketFactory;
+import org.apache.http.impl.client.DefaultHttpClient;
+import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
+import org.apache.http.params.BasicHttpParams;
+import org.apache.http.params.HttpParams;
+import org.apache.http.params.HttpProtocolParams;
+import org.apache.http.protocol.HTTP;
 
 /**
  * This file is introduced to fix HTTPS Post bug on API < ICS see
@@ -22,42 +41,94 @@
 public class MySSLSocketFactory extends SSLSocketFactory {
     SSLContext sslContext = SSLContext.getInstance("TLS");
 
-    public MySSLSocketFactory(KeyStore truststore)
-            throws NoSuchAlgorithmException, KeyManagementException,
-            KeyStoreException, UnrecoverableKeyException {
+    /**
+     * Creates a new SSL Socket Factory with the given KeyStore.
+     * 
+     * @param truststore A KeyStore to create the SSL Socket Factory in context of
+     * @throws NoSuchAlgorithmException
+     * @throws KeyManagementException
+     * @throws KeyStoreException
+     * @throws UnrecoverableKeyException
+     */
+    public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
         super(truststore);
-
-        TrustManager tm = new X509TrustManager() {
-            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
-                return null;
+ 
+        X509TrustManager tm = new X509TrustManager() {
+            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
             }
-
-            @Override
-            public void checkClientTrusted(
-                    java.security.cert.X509Certificate[] chain, String authType)
-                    throws java.security.cert.CertificateException {
+ 
+            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
             }
-
-            @Override
-            public void checkServerTrusted(
-                    java.security.cert.X509Certificate[] chain, String authType)
-                    throws java.security.cert.CertificateException {
+ 
+            public X509Certificate[] getAcceptedIssuers() {
+                return null;
             }
         };
-        sslContext.init(null, new TrustManager[]{tm}, null);
+ 
+        sslContext.init(null, new TrustManager[] { tm }, null);
     }
-
-    @Override
-    public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException {
+    
+    public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException {
         return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
     }
-
+ 
     @Override
     public Socket createSocket() throws IOException {
         return sslContext.getSocketFactory().createSocket();
+    }	
+    
+    /**
+     * Makes HttpsURLConnection trusts a set of certificates specified by the KeyStore
+     */
+    public void fixHttpsURLConnection() {
+    	HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
     }
-
-    public static KeyStore getKeystore() {
+    
+    /**
+     * Gets a KeyStore containing the Certificate
+     * 
+     * @param cert InputStream of the Certificate
+     * @return KeyStore
+     */
+	public static KeyStore getKeystoreOfCA(InputStream cert) {
+		
+		// Load CAs from an InputStream
+		InputStream caInput = null;
+		Certificate ca = null;
+		try {
+			CertificateFactory cf = CertificateFactory.getInstance("X.509");
+			caInput = new BufferedInputStream(cert);
+			ca = (Certificate) cf.generateCertificate(caInput);
+		} catch (CertificateException e1) {
+			e1.printStackTrace();
+		} finally {
+			try {
+				caInput.close();
+			} catch (IOException e) {
+				e.printStackTrace();
+			}
+		}
+ 
+		// Create a KeyStore containing our trusted CAs
+		String keyStoreType = KeyStore.getDefaultType();
+		KeyStore keyStore = null;
+		try {
+			keyStore = KeyStore.getInstance(keyStoreType);
+			keyStore.load(null, null);
+			keyStore.setCertificateEntry("ca",
+					(java.security.cert.Certificate) ca);
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+		return keyStore;
+	}
+	
+	/**
+	 * Gets a Default KeyStore
+	 * 
+	 * @return KeyStore
+	 */
+	public static KeyStore getKeystore() {
         KeyStore trustStore = null;
         try {
             trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
@@ -67,7 +138,12 @@ public static KeyStore getKeystore() {
         }
         return trustStore;
     }
-
+ 
+	/**
+	 * Returns a SSlSocketFactory which trusts all certificates
+	 * 
+	 * @return
+	 */
     public static SSLSocketFactory getFixedSocketFactory() {
         SSLSocketFactory socketFactory;
         try {
@@ -79,5 +155,31 @@ public static SSLSocketFactory getFixedSocketFactory() {
         }
         return socketFactory;
     }
+    
+    /**
+     * Gets a DefaultHttpClient which trusts a set of certificates specified by the KeyStore
+     * 
+     * @param keyStore
+     * @return
+     */
+	public static DefaultHttpClient getNewHttpClient(KeyStore keyStore) {
+		
+	    try {
+		    SSLSocketFactory sf = new MySSLSocketFactory(keyStore);
+		    SchemeRegistry registry = new SchemeRegistry();
+		    registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
+		    registry.register(new Scheme("https", sf, 443));
+ 
+	        HttpParams params = new BasicHttpParams();
+	        HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
+	        HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
+ 
+	        ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
+ 
+	        return new DefaultHttpClient(ccm, params);
+	    } catch (Exception e) {
+	        return new DefaultHttpClient();
+	    }
+	}
 
-}
+}