com.sap.security.core.server.https
Class Utils

java.lang.Object
  |
  +--com.sap.security.core.server.https.Utils

public class Utils

extends Object

This class contains several static utility methods for use with SecureConnectionFactory.

Copyright (c) 2003 SAP AG.

Constructor Summary

Utils()

Method Summary

KeyStore	convertCertificateToKeyStore(InputStream is, char[] password) converts a single certificate to a java KeyStore instance, which can be used as trusted CA keystore for SecureConnectionFactory.
static KeyStore	convertPKCS12ToKeyStore(InputStream certStream, char[] password) converts a PKCS#12 structure to a java KeyStore instance, which can be used as credentials keystore for SecureConnectionFactory.
KeyStore	convertPKCS7ToKeyStore(InputStream is, char[] password) converts a PKCS#7 chain of certificates to a java KeyStore instance
static List	getClientAliases(KeyStore keystore) Returns a list of client aliases identifying client certificates
static Hashtable	getHttpHeaders(HttpURLConnection con) Extracts http-headers from HttpURLConnection
static KeyStore	getJavaDefaultKeystore() Looks for default SUN Keystore (cacerts), loads and returns it as KeyStore object.
static Socket	getProxySocket(String host, int port) Creates a socket for SSL over proxy, which can be used in createSocket-method.
static Socket	getProxySocket(String host, int port, String proxyServer, int proxyPort) Creates a socket for SSL over proxy, which can be used in createSocket-method.
static Socket	getProxySocket(String host, int port, String proxyServer, int proxyPort, String proxyusr, String proxypwd) Creates a socket for SSL over proxy, which can be used in createSocket-method.
static Socket	getProxySocket(String host, int port, String proxyusr, String proxypwd) Creates a socket for SSL over proxy, which can be used in createSocket-method.
protected static Socket	getProxySocket(String host, int port, String authenticationMechanism, String proxyServer, int proxyPort, String proxyusr, String proxypwd)
boolean	hasClientCertificates(KeyStore keystore) Checks whether the keystore contains client certificates.
static String	headersToString(Hashtable headers) Visualizes http-headers from HttpURLConnection.
static boolean	isNonProxyHost(String host) Tests if the connection to the host should be established using proxy settings configured in system properties.
static byte[]	loadAsBytes(HttpURLConnection con) Reads all available data from InputStream provided by given connection.
static byte[]	loadAsBytes(InputStream input) Reads all available data from provided InputStream.
static void	setBasicAuthenticationHeader(HttpURLConnection con, String username, String pwd) Adds basic-authentication header to a HttpURLConnection.
static void	setHostnameVerifier(HttpURLConnection con, HostnameVerifier verifier)
static void	setIgnoreServerCertificate(HttpURLConnection con) Skips server certificate verification for given connection.
static void	setIgnoreServerCertificate(Socket socket) Skips server certificate verification for a given socket.
static void	setProxyAuthentication(HttpURLConnection con, String proxyuser, String proxypwd) Adds proxy authentication header to a HttpURLConnection.
static void	setSSLDebugStream(HttpURLConnection con, OutputStream os) Replicates the debugging outputs to specified output stream (e.g.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Utils

public Utils()

Method Detail

getProxySocket

public static Socket getProxySocket(String host,
                                    int port)
                             throws IOException

Creates a socket for SSL over proxy, which can be used in createSocket-method.

The ProxyHost and ProxyPort are read from system properties https.proxyHost and https.proxyPort.

Parameters:

host - the hostname

port - the port

Returns:

Socket

Throws:

IOException -

getProxySocket

public static Socket getProxySocket(String host,
                                    int port,
                                    String proxyusr,
                                    String proxypwd)
                             throws IOException

Creates a socket for SSL over proxy, which can be used in createSocket-method.

The ProxyHost and ProxyPort are read from system properties https.proxyHost and https.proxyPort.

Parameters:

host - the hostname

port - the port

Returns:

Socket

Throws:

IOException -

getProxySocket

public static Socket getProxySocket(String host,
                                    int port,
                                    String proxyServer,
                                    int proxyPort)
                             throws IOException

Creates a socket for SSL over proxy, which can be used in createSocket-method.

Parameters:

host - the hostname

port - the port

proxyServer - the name of proxy server

proxyPort - the port of proxy server

Returns:

Socket

Throws:

IOException -

getProxySocket

public static Socket getProxySocket(String host,
                                    int port,
                                    String proxyServer,
                                    int proxyPort,
                                    String proxyusr,
                                    String proxypwd)
                             throws IOException

Creates a socket for SSL over proxy, which can be used in createSocket-method.

This method allows direct submission of proxy authentication. Only Basic-scheme is supported.

Parameters:

host - the hostname

port - the port

proxyServer - the name of proxy server

proxyPort - the port of proxy server

proxyusr - user name for proxy authentication

proxypwd - password for proxy authentication

Returns:

Socket

Throws:

IOException -

getProxySocket

protected static Socket getProxySocket(String host,
                                       int port,
                                       String authenticationMechanism,
                                       String proxyServer,
                                       int proxyPort,
                                       String proxyusr,
                                       String proxypwd)
                                throws IOException

getJavaDefaultKeystore

public static KeyStore getJavaDefaultKeystore()

Looks for default SUN Keystore (cacerts), loads and returns it as KeyStore object. This function is provided for testing purposes and should not be used in productive environment. Keystore Service is to be used instead.

Returns:

a keystore instance if one is found, null in other case

setBasicAuthenticationHeader

public static void setBasicAuthenticationHeader(HttpURLConnection con,
                                                String username,
                                                String pwd)

Adds basic-authentication header to a HttpURLConnection.

Parameters:

con - a HttpURLConnection object

username - the username

pwd - the password (in plain text)

setProxyAuthentication

public static void setProxyAuthentication(HttpURLConnection con,
                                          String proxyuser,
                                          String proxypwd)

Adds proxy authentication header to a HttpURLConnection. It can be used if proxy authentication information is not to be stored in system properties.

Parameters:

con - a HttpURLConnection object

proxyuser - the username for proxy authentication

proxypwd - the password (in plain text) for proxy authentication

loadAsBytes

public static byte[] loadAsBytes(HttpURLConnection con)
                          throws IOException

Reads all available data from InputStream provided by given connection. This method can be called only once after

Parameters:

con - a HttpURLConnection object

Returns:

a byte [] read from given Connection

Throws:

IOException - if occurs during reading from InputStream

loadAsBytes

public static byte[] loadAsBytes(InputStream input)
                          throws IOException

Reads all available data from provided InputStream.

Parameters:

input - the InputStream

Returns:

a byte [] read from InputStream

Throws:

IOException - if occurs during reading from InputStream

getHttpHeaders

public static Hashtable getHttpHeaders(HttpURLConnection con)

Extracts http-headers from HttpURLConnection

Parameters:

con - a HttpURLConnection object

Returns:

headers as Hashtable

headersToString

public static String headersToString(Hashtable headers)

Visualizes http-headers from HttpURLConnection.

Parameters:

con - a HttpURLConnection object

Returns:

a String containing all headers separated by line.separator

setIgnoreServerCertificate

public static void setIgnoreServerCertificate(HttpURLConnection con)

Skips server certificate verification for given connection.

Parameters:

con - a HttpURLConnection object

setIgnoreServerCertificate

public static void setIgnoreServerCertificate(Socket socket)

Skips server certificate verification for a given socket.

Parameters:

socket - a Socket object

setHostnameVerifier

public static void setHostnameVerifier(HttpURLConnection con,
                                       HostnameVerifier verifier)

setSSLDebugStream

public static void setSSLDebugStream(HttpURLConnection con,
                                     OutputStream os)

Replicates the debugging outputs to specified output stream (e.g. System.out) for given connection.

Parameters:

con - an instance of HttpURLConnection

out - OuputStram to write to

isNonProxyHost

public static boolean isNonProxyHost(String host)

Tests if the connection to the host should be established using proxy settings configured in system properties.

Parameters:

host - Hostname

Returns:

false for direct connection, true for proxy

convertPKCS7ToKeyStore

public KeyStore convertPKCS7ToKeyStore(InputStream is,
                                       char[] password)
                                throws KeyStoreException,
                                       CertificateException

converts a PKCS#7 chain of certificates to a java KeyStore instance

Parameters:

is - InputStream (pkcs#7 data)

password - (will be ignored)

Returns:

a keystore with certificates. The default KeyStore implementation of JRE is used.

convertCertificateToKeyStore

public KeyStore convertCertificateToKeyStore(InputStream is,
                                             char[] password)
                                      throws KeyStoreException,
                                             CertificateException

converts a single certificate to a java KeyStore instance, which can be used as trusted CA keystore for SecureConnectionFactory.

Parameters:

is - InputStream (X509 certificate)

password - (will be ignored)

Returns:

a keystore with certificates. The default KeyStore implementation of JRE is used.

convertPKCS12ToKeyStore

public static KeyStore convertPKCS12ToKeyStore(InputStream certStream,
                                               char[] password)
                                        throws KeyStoreException,
                                               CertificateException

converts a PKCS#12 structure to a java KeyStore instance, which can be used as credentials keystore for SecureConnectionFactory. The usage of KeyStore.getInstance("PKCS12") is possible beginning with JDK1.4 but it is not stable, according to SUN documentation. This implementation takes only private keys and certificates from given pkcs#12 structure. The certificate chain is created automaticaly based on local key ID for the first certificate and following issue names.

Parameters:

is - InputStream (with PKCS#12 format)

password -

Returns:

a keystore with certificates

getClientAliases

public static List getClientAliases(KeyStore keystore)
                             throws KeyStoreException

Returns a list of client aliases identifying client certificates

Returns:

a list of strings

hasClientCertificates

public boolean hasClientCertificates(KeyStore keystore)
                              throws KeyStoreException

Checks whether the keystore contains client certificates.

Returns:

true, if the keystore contains client certificates.