Trying to write a SSL Proxy, but having weird problems

I am currently trying to write a SSL proxy and it works for most sites but it dosn't work on a few. This demostrates the error:

import java.io.*;

import java.net.*;

import javax.net.ssl.*;

import java.security.*;

import java.util.*;

publicclass SSLInterceptor

{

static SSLServerSocketFactory sslServerSocketFactory;

static SSLSocketFactory sslSocketFactory;

static

{

System.getProperties().put("javax.net.ssl.keyStore",new File(".keystore").getAbsolutePath());

System.getProperties().put("javax.net.ssl.keyStorePassword","password");

sslServerSocketFactory = (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();

try

{

TrustManager[] trustAllCerts =new TrustManager[]

{

new X509TrustManager()

{

public java.security.cert.X509Certificate[] getAcceptedIssuers()

{

returnnull;

}

publicvoid checkClientTrusted(

java.security.cert.X509Certificate[] certs, String authType)

{

}

publicvoid checkServerTrusted(

java.security.cert.X509Certificate[] certs, String authType)

{

}

};

SSLContext sc = SSLContext.getInstance("SSL");

//SSLContext.getInstance("TLSv1");

sc.init(null, trustAllCerts,null);

sslSocketFactory = (SSLSocketFactory)SSLSocketFactory.getDefault();//sc.getSocketFactory();

}

catch(KeyManagementException e)

{

}

catch(NoSuchAlgorithmException e)

{

}

//sslSocketFactory = (SSLSocketFactory)SSLSocketFactory.getDefault();

}

publicstatic Socket intercept(String host,int port)throws IOException

{

SSLServerSocket sslServerSocket = (SSLServerSocket)sslServerSocketFactory.createServerSocket(0);

Socket forwardingSocket =new Socket("localhost", sslServerSocket.getLocalPort());

Socket plaintextSocket = sslServerSocket.accept();

sslServerSocket.close();

Socket sslSocket = sslSocketFactory.createSocket(host, port);

long time = System.currentTimeMillis();

Util.connect(plaintextSocket.getInputStream(), sslSocket.getOutputStream());

Util.connect(sslSocket.getInputStream(), plaintextSocket.getOutputStream());

return forwardingSocket;

}

import java.io.*;

import java.net.*;

import javax.net.ssl.*;

publicclass Test

{

/** Creates a new instance of Test */

public Test()

{

}

publicstaticvoid main(String[] args)throws Exception

{

Socket rawSocket = SSLInterceptor.intercept("localhost", 666);////("bugs.freenetproject.org", 443);

Socket plainText = SSLInterceptor.sslSocketFactory.createSocket(rawSocket, "login.yahoo.com", 443, true);

InputStream in = rawSocket.getInputStream();

int read;

while((read = in.read()) != -1)

{

System.out.println(read);

}

rawSocket.close();

}

import java.io.*;

import java.net.*;

import javax.net.ssl.*;

import javax.net.*;

publicfinalclass SSLServerimplements Runnable

{

int port;

static

{

System.getProperties().put("javax.net.ssl.keyStore", new File(".keystore").getAbsolutePath());

System.getProperties().put("javax.net.ssl.keyStorePassword", "secure");

System.getProperties().put("javax.net.ssl.keyStore",new File(".keystore").getAbsolutePath());

System.getProperties().put("javax.net.ssl.keyStorePassword","password");

}

public SSLServer(int port)

{

this.port = port;

}

publicstaticvoid main(String[] args)

{

new SSLServer(666).run();

}

publicvoid run()

{

try

{

ServerSocketFactory ssocketFactory = SSLServerSocketFactory.getDefault();

SSLServerSocket ssocket = (SSLServerSocket)ssocketFactory.createServerSocket(port);

//ssocket.setEnabledProtocols(new String[] {"TLSv1", "SSLv3"});

// Listen for connections

while(true)

{

Socket socket = ssocket.accept();

BufferedReader reader =new BufferedReader(new InputStreamReader(socket.getInputStream()));

while(true)

{

String str = reader.readLine();

if(str ==null)

{

break;

}

else

{

System.out.println(str);

}

catch(IOException e)

{e.printStackTrace();}

}

Basically, SSLInterceptor takes a host and port as an argument and returns a Socket which it can decrypt and which sends its data to the SSL server. To test this, I wrote Test.java. However, when running Test.java, it prints out junk and the SSLServer throws a exception:

javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1542)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:863)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:675)

at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)

at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:411)

at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:453)

at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:183)

at java.io.InputStreamReader.read(InputStreamReader.java:167)

at java.io.BufferedReader.fill(BufferedReader.java:136)

at java.io.BufferedReader.readLine(BufferedReader.java:299)

at java.io.BufferedReader.readLine(BufferedReader.java:362)

at SSLServer.run(SSLServer.java:54)

at SSLServer.main(SSLServer.java:37)

any help concerning this error would be *much* appreciated. Tahnks in advance.

[10514 byte] By [yongqiana] at [2007-10-2 22:40:29]

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

Trying to write a SSL Proxy, but having weird problems

Security New Topic

Security Hot Topic

Security

All Classified