-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathMyTLSFileClient.java
More file actions
126 lines (103 loc) · 3.73 KB
/
MyTLSFileClient.java
File metadata and controls
126 lines (103 loc) · 3.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
// The client is usually much more straight forward
// Defaults will load Java’s set of Trusted Certificates
// Java will validate there is a path to a trusted CA
// By default, Java will NOT do hostname validation,
// but the more secure thing to do is to check!
// THE CODE BELOW IS INCOMPLETE AND HAS PROBLEMS
// FOR EXAMPLE, IT IS MISSING THE NECESSARY EXCEPTION HANDLING
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.security.cert.X509Certificate;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
public class MyTLSFileClient {
public static void main(String args[])
{
if(args.length != 3){
System.out.println("MyTLSFileClient Incorrect: <host> <port> <filename>");
System.exit(1);
}
String host = args[0];
int port = Integer.parseInt(args[1]);
String filename = args[2];
SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket socket = null;
try{
socket = (SSLSocket)factory.createSocket(host, port);
// set HTTPS-style checking of HostName _before_
// the handshake
SSLParameters params = new SSLParameters();
params.setEndpointIdentificationAlgorithm("HTTPS");
socket.setSSLParameters(params);
socket.startHandshake(); // explicitly starting the TLS handshake
// at this point, can use getInputStream and
// getOutputStream methods as you would in a regular Socket
// Send the file request to the server
sendRequest(socket, filename);
// get the X509Certificate for this session
SSLSession session = socket.getSession();
X509Certificate cert = (X509Certificate) session.getPeerCertificates()[0];
// extract the CommonName, and then compare
MyTLSFileClient client = new MyTLSFileClient();
client.getCommonName(cert);
}
catch(Exception e){
System.out.println(e);
System.out.println("Error creating socket");
}
}
String getCommonName(X509Certificate cert)
{
String name = cert.getSubjectX500Principal().getName();
LdapName ln = null;
String cn = null;
try{
ln = new LdapName(name);
} catch(Exception e){
System.out.println(e);
System.out.println("Error parsing name");
}
// Rdn: Relative Distinguished Name
for(Rdn rdn : ln.getRdns())
if("CN".equalsIgnoreCase(rdn.getType()))
cn = rdn.getValue().toString();
return cn;
}
public static void sendRequest(SSLSocket socket, String filename)
{
try{
// Send the request to the server
OutputStream outputStream = socket.getOutputStream();
outputStream.write((filename + "\n").getBytes());
outputStream.flush();
// Confim request was sent
System.out.println("Request sent: " + filename);
// Receive the file from the server
InputStream inputStream = socket.getInputStream();
FileOutputStream fileOutputStream = new FileOutputStream("recv_" + filename);
byte[] buffer = new byte[1024];
int bytesRead = 0;
while((bytesRead = inputStream.read(buffer)) != -1){
fileOutputStream.write(buffer, 0, bytesRead);
}
//Confim file was received
System.out.println("File received: " + filename);
// Close stream
fileOutputStream.close();
inputStream.close();
outputStream.close();
socket.close();
} catch(Exception e){
System.out.println(e);
System.out.println("Error sending request");
}
}
}