How to bypass the SSL security check in Jython

In the past to bypass the SSL security check in Jython I have used the example published at jython.xhaus.com.¬†Unfortunately this doesn’t work anymore with Java 8 and Jython 2.7.0. Luckily I found a solution for Java at¬†log.rowanto.com. Now I only had to transform this into a solution for Jython. This can be seen below.¬†
Disclaimer: bypassing the SSL security check is not what you normally should do. Use it at your own risk.

Put the MyProvider code into a file MyProvider.java. Compile it, create a jar-file of it and put it into your Jython classpath. Then use it in your Jython program as showed below. For this I have used the Eclipse IDE with the Jython PyDev plugin.

import java.net.Socket;
import java.security.KeyStore;
import java.security.Provider;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;
import javax.net.ssl.X509ExtendedTrustManager;

public class MyProvider extends Provider {
    public MyProvider() {
        super("MyProvider", 1.0, "Trust certificates");
        put("TrustManagerFactory.TrustAllCertificates", MyTrustManagerFactory.class.getName());
    }

    public static class MyTrustManagerFactory extends TrustManagerFactorySpi {
        public MyTrustManagerFactory() {}
	    protected void engineInit( KeyStore keystore ) {}
	    protected void engineInit(ManagerFactoryParameters mgrparams ) {}
	    protected TrustManager[] engineGetTrustManagers() {
	    	return new TrustManager[] {
	    	    new X509ExtendedTrustManager() {
	    		    	        
	    	    	@Override
	    		public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {}
	    		    	        
	    		@Override
	    		public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {}
	    		    	        
	    		@Override    		    	        
	    		public X509Certificate[] getAcceptedIssuers() {
	    		    return null;
	    		}
	    		    	        
	    		@Override
	    		public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {}
	    		    	        
	    		@Override
	    		public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {}
	    		    	        
	    		@Override
	    		public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {}
	    		    	        
	    		@Override
	    		public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {}
	    	    }	    				    			
	    	};
	    }
    }
}
import java.security.Security
import MyProvider

# Install the all-trusting trust manager
java.security.Security.addProvider(MyProvider())
java.security.Security.setProperty("ssl.TrustManagerFactory.algorithm", "TrustAllCertificates")

# Your code

No Comments

Post a Comment