Java Code Examples for javax.net.ssl.SSLSocket#getSSLParameters()

The following examples show how to use javax.net.ssl.SSLSocket#getSSLParameters() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: Client.java    From jdk9-jigsaw with Creative Commons Zero v1.0 Universal 7 votes vote down vote up
public static void main(String[] args) throws InterruptedException {
	
	try {
		System.setProperty("javax.net.ssl.trustStore", "C:/Users/Martin/sample.pfx");
		System.setProperty("javax.net.ssl.trustStorePassword", "sample");

		SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault();
		SSLSocket s = (SSLSocket) ssf.createSocket("127.0.0.1", 4444);
		SSLParameters params = s.getSSLParameters();
		s.setSSLParameters(params);
		
		PrintWriter out = new PrintWriter(s.getOutputStream(), true);
		out.println("Hi, server.");
		BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream()));
		String x = in.readLine();
		System.out.println(x);
		System.out.println("Used protocol: " + s.getApplicationProtocol());
		
		out.close();
		in.close();
		s.close();
	} catch (Exception ex) {
		ex.printStackTrace();
	}
	
}
 
Example 2
Source File: SSLSocketTest.java    From j2objc with Apache License 2.0 6 votes vote down vote up
public void test_SSLSocket_getSSLParameters() throws Exception {
    SSLSocketFactory sf = (SSLSocketFactory) SSLSocketFactory.getDefault();
    SSLSocket ssl = (SSLSocket) sf.createSocket();

    SSLParameters p = ssl.getSSLParameters();
    assertNotNull(p);

    String[] cipherSuites = p.getCipherSuites();
    assertNotSame(cipherSuites, ssl.getEnabledCipherSuites());
    assertEquals(Arrays.asList(cipherSuites), Arrays.asList(ssl.getEnabledCipherSuites()));

    String[] protocols = p.getProtocols();
    assertNotSame(protocols, ssl.getEnabledProtocols());
    assertEquals(Arrays.asList(protocols), Arrays.asList(ssl.getEnabledProtocols()));

    assertEquals(p.getWantClientAuth(), ssl.getWantClientAuth());
    assertEquals(p.getNeedClientAuth(), ssl.getNeedClientAuth());

    assertNull(p.getEndpointIdentificationAlgorithm());
    p.setEndpointIdentificationAlgorithm(null);
    assertNull(p.getEndpointIdentificationAlgorithm());
    p.setEndpointIdentificationAlgorithm("HTTPS");
    assertEquals("HTTPS", p.getEndpointIdentificationAlgorithm());
    p.setEndpointIdentificationAlgorithm("FOO");
    assertEquals("FOO", p.getEndpointIdentificationAlgorithm());
}
 
Example 3
Source File: Jdk9Platform.java    From styT with Apache License 2.0 6 votes vote down vote up
@RequiresApi(api = Build.VERSION_CODES.KITKAT)
@Override
public void configureTlsExtensions(SSLSocket sslSocket, String hostname,
    List<Protocol> protocols) {
  try {
    SSLParameters sslParameters = sslSocket.getSSLParameters();

    List<String> names = alpnProtocolNames(protocols);

    setProtocolMethod.invoke(sslParameters,
        new Object[] {names.toArray(new String[names.size()])});

    sslSocket.setSSLParameters(sslParameters);
  } catch (IllegalAccessException | InvocationTargetException e) {
    throw new AssertionError();
  }
}
 
Example 4
Source File: Server.java    From jdk9-jigsaw with Creative Commons Zero v1.0 Universal 6 votes vote down vote up
public static void main(String[] args) throws IOException{
	
	System.setProperty("javax.net.ssl.keyStore", "C:/Users/Martin/sample.pfx");
	System.setProperty("javax.net.ssl.keyStorePassword", "sample");
	
	SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
    ServerSocket ss = ssf.createServerSocket(4444);
    while (true) {
      SSLSocket s = (SSLSocket) ss.accept();
      SSLParameters params = s.getSSLParameters();
      
      s.setSSLParameters(params);
      
      BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream()));
      String line = null;
      PrintStream out = new PrintStream(s.getOutputStream());
      while (((line = in.readLine()) != null)) {
        System.out.println(line);
	    out.println("Hi, client");
      }
      in.close();
      out.close();
      s.close();
    }
    
}
 
Example 5
Source File: Jdk9Platform.java    From AndroidProjects with MIT License 6 votes vote down vote up
@Override
public void configureTlsExtensions(SSLSocket sslSocket, String hostname,
    List<Protocol> protocols) {
  try {
    SSLParameters sslParameters = sslSocket.getSSLParameters();

    List<String> names = alpnProtocolNames(protocols);

    setProtocolMethod.invoke(sslParameters,
        new Object[] {names.toArray(new String[names.size()])});

    sslSocket.setSSLParameters(sslParameters);
  } catch (IllegalAccessException | InvocationTargetException e) {
    throw new AssertionError();
  }
}
 
Example 6
Source File: Client.java    From jdk9-jigsaw with Creative Commons Zero v1.0 Universal 6 votes vote down vote up
public static void main(String[] args) throws InterruptedException {
	
	try {
		System.setProperty("javax.net.ssl.trustStore", "C:/Users/Martin/sample.pfx");
		System.setProperty("javax.net.ssl.trustStorePassword", "sample");
		
		SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault();
		SSLSocket s = (SSLSocket) ssf.createSocket("127.0.0.1", 4444);
		SSLParameters params = s.getSSLParameters();
		s.setSSLParameters(params);
		
		PrintWriter out = new PrintWriter(s.getOutputStream(), true);
		out.println("Hi, server.");
		BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream()));
		String x = in.readLine();
		System.out.println(x);
		System.out.println("Used protocol: " + s.getApplicationProtocol());
		
		out.close();
		in.close();
		s.close();
	} catch (Exception ex) {
		ex.printStackTrace();
	}
	
}
 
Example 7
Source File: Server.java    From jdk9-jigsaw with Creative Commons Zero v1.0 Universal 6 votes vote down vote up
public static void main(String[] args) throws IOException{
	
	System.setProperty("javax.net.ssl.keyStore", "C:/Users/Martin/sample.pfx");
	System.setProperty("javax.net.ssl.keyStorePassword", "sample");
	
	SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
    ServerSocket ss = ssf.createServerSocket(4444);
    while (true) {
      SSLSocket s = (SSLSocket) ss.accept();
      
      SSLParameters params = s.getSSLParameters();
      s.setSSLParameters(params);
      
      BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream()));
      String line = null;
      PrintStream out = new PrintStream(s.getOutputStream());
      while (((line = in.readLine()) != null)) {
        System.out.println(line);
	    out.println("Hi, client");
      }
      in.close();
      out.close();
      s.close();
    }
    
}
 
Example 8
Source File: CustomSslSocketFactory.java    From keystore-explorer with GNU General Public License v3.0 5 votes vote down vote up
private void disableSNI(SSLSocket socket) {
	// effectively disable SNI by passing an empty server name list (works only in Java 8 or higher)
	SSLParameters sslParameters = socket.getSSLParameters();
	Method setServerNamesMethod;
	try {
		setServerNamesMethod = sslParameters.getClass().getMethod("setServerNames", List.class);
		setServerNamesMethod.invoke(sslParameters, new ArrayList<Object>());
		socket.setSSLParameters(sslParameters);
	} catch (Exception e) {
		// Java 6/7, nothing we can do here (setting jsse.enableSNIExtension wouldn't work here anymore)
	}
}
 
Example 9
Source File: SdsX509TrustManager.java    From grpc-java with Apache License 2.0 5 votes vote down vote up
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket)
    throws CertificateException {
  if (socket instanceof SSLSocket) {
    SSLSocket sslSocket = (SSLSocket) socket;
    SSLParameters sslParams = sslSocket.getSSLParameters();
    if (sslParams != null) {
      sslParams.setEndpointIdentificationAlgorithm(null);
      sslSocket.setSSLParameters(sslParams);
    }
  }
  delegate.checkServerTrusted(chain, authType, socket);
  verifySubjectAltNameInChain(chain);
}
 
Example 10
Source File: SSLSocketTest.java    From j2objc with Apache License 2.0 5 votes vote down vote up
public void test_SSLSocket_SNIHostName() throws Exception {
    TestSSLContext c = TestSSLContext.create();

    final SSLSocket client = (SSLSocket) c.clientContext.getSocketFactory().createSocket();
    SSLParameters clientParams = client.getSSLParameters();
    clientParams.setServerNames(Collections.singletonList(
            (SNIServerName) new SNIHostName("www.example.com")));
    client.setSSLParameters(clientParams);

    SSLParameters serverParams = c.serverSocket.getSSLParameters();
    serverParams.setSNIMatchers(Collections.singletonList(
            SNIHostName.createSNIMatcher("www\\.example\\.com")));
    c.serverSocket.setSSLParameters(serverParams);

    client.connect(new InetSocketAddress(c.host, c.port));
    final SSLSocket server = (SSLSocket) c.serverSocket.accept();

    ExecutorService executor = Executors.newSingleThreadExecutor();
    Future<Void> future = executor.submit(new Callable<Void>() {
        @Override public Void call() throws Exception {
            client.startHandshake();
            return null;
        }
    });
    executor.shutdown();
    server.startHandshake();

    SSLSession serverSession = server.getSession();
    assertTrue(serverSession instanceof ExtendedSSLSession);
    ExtendedSSLSession extendedServerSession = (ExtendedSSLSession) serverSession;
    List<SNIServerName> requestedNames = extendedServerSession.getRequestedServerNames();
    assertNotNull(requestedNames);
    assertEquals(1, requestedNames.size());
    SNIServerName serverName = requestedNames.get(0);
    assertEquals(StandardConstants.SNI_HOST_NAME, serverName.getType());
    assertTrue(serverName instanceof SNIHostName);
    SNIHostName serverHostName = (SNIHostName) serverName;
    assertEquals("www.example.com", serverHostName.getAsciiName());
}
 
Example 11
Source File: EndpointIdentificationSocketFactory.java    From keywhiz with Apache License 2.0 5 votes vote down vote up
private Socket prepareSocket(Socket socket) {
  SSLSocket sslSocket = (SSLSocket)socket;
  SSLParameters parameters = sslSocket.getSSLParameters();
  parameters.setEndpointIdentificationAlgorithm("LDAPS");
  sslSocket.setSSLParameters(parameters);
  return sslSocket;
}
 
Example 12
Source File: Https.java    From PacketProxy with Apache License 2.0 5 votes vote down vote up
public static SSLSocket convertToServerSSLSocket(Socket socket, String commonName, CA ca, InputStream is) throws Exception {
	SSLContext sslContext = createSSLContext(commonName, ca);
	SSLSocketFactory ssf = sslContext.getSocketFactory();
	SSLSocket ssl_socket  = (SSLSocket)ssf.createSocket(socket, is, true);
	ssl_socket.setUseClientMode(false);

	SSLParameters sslp = ssl_socket.getSSLParameters();
	String[] serverAPs ={ "h2", "http/1.1", "http/1.0" };
	sslp.setApplicationProtocols(serverAPs);
	ssl_socket.setSSLParameters(sslp);

	ssl_socket.startHandshake();
	return ssl_socket;
}
 
Example 13
Source File: PeerAuthorizerTrustManager.java    From vespa with Apache License 2.0 5 votes vote down vote up
private void overrideHostnameVerificationForClient(Socket socket) {
    if (socket instanceof SSLSocket) {
        SSLSocket sslSocket = (SSLSocket) socket;
        SSLParameters params = sslSocket.getSSLParameters();
        if (overrideHostnameVerificationForClient(params)) {
            sslSocket.setSSLParameters(params);
        }
    }
}
 
Example 14
Source File: TrustManagerImpl.java    From cwac-netsecurity with Apache License 2.0 5 votes vote down vote up
/**
 * Returns the full trusted certificate chain found from {@code certs}.
 *
 * Throws {@link CertificateException} when no trusted chain can be found from {@code certs}.
 */
public List<X509Certificate> getTrustedChainForServer(X509Certificate[] certs,
        String authType, Socket socket) throws CertificateException {
    SSLSession session = null;
    SSLParameters parameters = null;
    if (socket instanceof SSLSocket) {
        SSLSocket sslSocket = (SSLSocket) socket;
        session = getHandshakeSessionOrThrow(sslSocket);
        parameters = sslSocket.getSSLParameters();
    }
    return checkTrusted(certs, authType, session, parameters, false /* client auth */);
}
 
Example 15
Source File: TrustManagerImpl.java    From cwac-netsecurity with Apache License 2.0 5 votes vote down vote up
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket)
        throws CertificateException {
    SSLSession session = null;
    SSLParameters parameters = null;
    if (socket instanceof SSLSocket) {
        SSLSocket sslSocket = (SSLSocket) socket;
        session = getHandshakeSessionOrThrow(sslSocket);
        parameters = sslSocket.getSSLParameters();
    }
    checkTrusted(chain, authType, session, parameters, true /* client auth */);
}
 
Example 16
Source File: Https.java    From PacketProxy with Apache License 2.0 5 votes vote down vote up
public static SSLSocket createClientSSLSocket(InetSocketAddress addr, String SNIServerName, String alpn) throws Exception {
	/* SNI */
	SNIHostName serverName = new SNIHostName(SNIServerName);
	/* Fetch Client Certificate from ClientKeyManager */
	Server server = Servers.getInstance().queryByAddress(addr);
	clientKeyManagers = ClientKeyManager.getKeyManagers(server);

	SSLSocketFactory ssf = createSSLSocketFactory();
	SSLSocket sock = (SSLSocket) ssf.createSocket(addr.getAddress(), addr.getPort());
	SSLParameters sslp = sock.getSSLParameters();
	String[] clientAPs;
	if (alpn != null && alpn.length() > 0) {
		clientAPs = new String[]{ alpn };
	} else {
		clientAPs = new String[]{ "h2", "http/1.1", "http/1.0" };
	}
	sslp.setApplicationProtocols(clientAPs);

	sock.setSSLParameters(sslp);
	List<SNIServerName> serverNames = new ArrayList<>();
	serverNames.add(serverName);
	SSLParameters params = sock.getSSLParameters();
	params.setServerNames(serverNames);
	sock.setSSLParameters(params);
	sock.startHandshake();
	return sock;
}
 
Example 17
Source File: Https.java    From PacketProxy with Apache License 2.0 5 votes vote down vote up
public static SSLSocket createClientSSLSocket(InetSocketAddress addr, String alpn) throws Exception {
	SSLSocketFactory ssf = createSSLSocketFactory();
	SSLSocket sock = (SSLSocket) ssf.createSocket(addr.getAddress(), addr.getPort());
	SSLParameters sslp = sock.getSSLParameters();
	String[] clientAPs;
	if (alpn != null && alpn.length() > 0) {
		clientAPs = new String[]{ alpn };
	} else {
		clientAPs = new String[]{ "h2", "http/1.1", "http/1.0" };
	}
	sslp.setApplicationProtocols(clientAPs);
	sock.setSSLParameters(sslp);
	sock.startHandshake();
	return sock;
}
 
Example 18
Source File: Https.java    From PacketProxy with Apache License 2.0 5 votes vote down vote up
public static SSLSocket convertToClientSSLSocket(Socket socket, String alpn) throws Exception {
	SSLSocketFactory ssf = createSSLSocketFactory();
	SSLSocket sock = (SSLSocket) ssf.createSocket(socket, null, socket.getPort(), false);
	SSLParameters sslp = sock.getSSLParameters();
	String[] clientAPs;
	if (alpn != null && alpn.length() > 0) {
		clientAPs = new String[]{ alpn };
	} else {
		clientAPs = new String[]{ "h2", "http/1.1", "http/1.0" };
	}
	sslp.setApplicationProtocols(clientAPs);
	sock.setSSLParameters(sslp);
	sock.startHandshake();
	return sock;
}