Java Code Examples for javax.net.ssl.SSLContext#getSupportedSSLParameters()

The following examples show how to use javax.net.ssl.SSLContext#getSupportedSSLParameters() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SecureSocketFactoryProvider.java    From openAGV with Apache License 2.0 5 votes vote down vote up
@Override
public RMIServerSocketFactory getServerSocketFactory() {
  SSLContext context = secureSslContextFactory.createServerContext();
  SSLParameters param = context.getSupportedSSLParameters();
  return new SslRMIServerSocketFactory(context,
                                       param.getCipherSuites(),
                                       param.getProtocols(),
                                       param.getWantClientAuth());
}
 
Example 2
Source File: CustomSslRMIClientSocketFactory.java    From openAGV with Apache License 2.0 5 votes vote down vote up
@Override
public Socket createSocket(String host, int port)
    throws IOException {
  SSLContext context = secureSslContextFactory.createClientContext();
  SSLSocketFactory sf = context.getSocketFactory();
  SSLSocket socket = (SSLSocket) sf.createSocket(host, port);
  SSLParameters param = context.getSupportedSSLParameters();
  socket.setEnabledCipherSuites(param.getCipherSuites());
  socket.setEnabledProtocols(param.getProtocols());
  return socket;
}
 
Example 3
Source File: SSLConfigurationAsserts.java    From j2objc with Apache License 2.0 5 votes vote down vote up
/**
 * Asserts that the provided {@link SSLContext} has the expected default configuration, and that
 * {@link SSLSocketFactory}, {@link SSLServerSocketFactory}, {@link SSLSocket},
 * {@link SSLServerSocket} and {@link SSLEngine} instances created from the context match the
 * configuration.
 */
public static void assertSSLContextDefaultConfiguration(SSLContext sslContext)
    throws IOException {
  SSLParameters defaultParameters = sslContext.getDefaultSSLParameters();
  StandardNames.assertSSLContextEnabledProtocols(sslContext.getProtocol(),
      defaultParameters.getProtocols());
  StandardNames.assertDefaultCipherSuites(defaultParameters.getCipherSuites());
  assertFalse(defaultParameters.getWantClientAuth());
  assertFalse(defaultParameters.getNeedClientAuth());

  SSLParameters supportedParameters = sslContext.getSupportedSSLParameters();
  StandardNames.assertSupportedCipherSuites(supportedParameters.getCipherSuites());
  StandardNames.assertSupportedProtocols(supportedParameters.getProtocols());
  assertFalse(supportedParameters.getWantClientAuth());
  assertFalse(supportedParameters.getNeedClientAuth());

  assertContainsAll("Unsupported enabled cipher suites", supportedParameters.getCipherSuites(),
      defaultParameters.getCipherSuites());
  assertContainsAll("Unsupported enabled protocols", supportedParameters.getProtocols(),
      defaultParameters.getProtocols());

  assertSSLSocketFactoryConfigSameAsSSLContext(sslContext.getSocketFactory(), sslContext);
  assertSSLServerSocketFactoryConfigSameAsSSLContext(sslContext.getServerSocketFactory(),
      sslContext);

  SSLEngine sslEngine = sslContext.createSSLEngine();
  assertFalse(sslEngine.getUseClientMode());
  assertSSLEngineConfigSameAsSSLContext(sslEngine, sslContext);
}
 
Example 4
Source File: SSLContextService.java    From wildfly-core with GNU Lesser General Public License v2.1 5 votes vote down vote up
protected static SSLContext wrapSslContext(SSLContext sslContext, Set<String> enabledCipherSuites, Set<String> enabledProtocols) throws StartException {
    if (enabledCipherSuites.isEmpty() != true || enabledProtocols.isEmpty() != true) {
        SSLParameters parameters = sslContext.getSupportedSSLParameters();

        String[] commonCiphers;
        if (enabledCipherSuites.isEmpty()) {
            commonCiphers = new String[0];
        } else {
            commonCiphers = calculateCommon(parameters.getCipherSuites(), enabledCipherSuites);
            // Not valid to be empty now as there was an attempt to find a common set.
            if (commonCiphers.length == 0) {
                throw DomainManagementLogger.ROOT_LOGGER.noCipherSuitesInCommon(
                        Arrays.asList(parameters.getCipherSuites()).toString(), enabledCipherSuites.toString());
            }
        }

        String[] commonProtocols;
        if (enabledProtocols.isEmpty()) {
            commonProtocols = new String[0];
        } else {
            commonProtocols = calculateCommon(parameters.getProtocols(), enabledProtocols);
            // Not valid to be empty now as there was an attempt to find a common set.
            if (commonProtocols.length == 0) {
                throw DomainManagementLogger.ROOT_LOGGER.noProtocolsInCommon(Arrays.asList(parameters.getProtocols())
                        .toString(), enabledProtocols.toString());
            }
        }

        sslContext = new WrapperSSLContext(sslContext, commonCiphers, commonProtocols);
    }
    return sslContext;
}
 
Example 5
Source File: HttpClientImpl.java    From openjdk-jdk9 with GNU General Public License v2.0 4 votes vote down vote up
private static SSLParameters getDefaultParams(SSLContext ctx) {
    SSLParameters params = ctx.getSupportedSSLParameters();
    params.setProtocols(new String[]{"TLSv1.2"});
    return params;
}
 
Example 6
Source File: ErrorTest.java    From openjdk-jdk9 with GNU General Public License v2.0 4 votes vote down vote up
@Test
public void test() throws Exception {
    SSLContext sslContext = (new SimpleSSLContext()).get();
    ExecutorService exec = Executors.newCachedThreadPool();
    HttpClient client = HttpClient.newBuilder()
                                  .executor(exec)
                                  .sslContext(sslContext)
                                  .sslParameters(new SSLParameters(CIPHER_SUITES))
                                  .version(HTTP_2)
                                  .build();

    Http2TestServer httpsServer = null;
    try {
        SSLContext serverContext = (new SimpleSSLContext()).get();
        SSLParameters p = serverContext.getSupportedSSLParameters();
        p.setApplicationProtocols(new String[]{"h2"});
        httpsServer = new Http2TestServer(true,
                                          0,
                                          exec,
                                          serverContext);
        httpsServer.addHandler(new Http2EchoHandler(), "/");
        int httpsPort = httpsServer.getAddress().getPort();
        String httpsURIString = "https://127.0.0.1:" + httpsPort + "/bar/";

        httpsServer.start();
        URI uri = URI.create(httpsURIString);
        System.err.println("Request to " + uri);

        HttpRequest req = HttpRequest.newBuilder(uri)
                                .POST(fromString(SIMPLE_STRING))
                                .build();
        HttpResponse response;
        try {
            response = client.send(req, discard(null));
            throw new RuntimeException("Unexpected response: " + response);
        } catch (IOException e) {
            System.err.println("Caught Expected IOException: " + e);
        }
        System.err.println("DONE");
    } finally {
        if (httpsServer != null )  { httpsServer.stop(); }
        exec.shutdownNow();
    }
}