Java Code Examples for javax.net.ssl.SSLParameters#setCipherSuites()

The following examples show how to use javax.net.ssl.SSLParameters#setCipherSuites() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: Utils.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
public static SSLParameters copySSLParameters(SSLParameters p) {
    SSLParameters p1 = new SSLParameters();
    p1.setAlgorithmConstraints(p.getAlgorithmConstraints());
    p1.setCipherSuites(p.getCipherSuites());
    // JDK 8 EXCL START
    p1.setEnableRetransmissions(p.getEnableRetransmissions());
    p1.setMaximumPacketSize(p.getMaximumPacketSize());
    // JDK 8 EXCL END
    p1.setEndpointIdentificationAlgorithm(p.getEndpointIdentificationAlgorithm());
    p1.setNeedClientAuth(p.getNeedClientAuth());
    String[] protocols = p.getProtocols();
    if (protocols != null) {
        p1.setProtocols(protocols.clone());
    }
    p1.setSNIMatchers(p.getSNIMatchers());
    p1.setServerNames(p.getServerNames());
    p1.setUseCipherSuitesOrder(p.getUseCipherSuitesOrder());
    p1.setWantClientAuth(p.getWantClientAuth());
    return p1;
}
 
Example 2
Source File: DefaultTlsContext.java    From vespa with Apache License 2.0 6 votes vote down vote up
private SSLParameters createSslParameters() {
    SSLParameters newParameters = sslContext.getDefaultSSLParameters();
    newParameters.setCipherSuites(validCiphers);
    newParameters.setProtocols(validProtocols);
    switch (peerAuthentication) {
        case WANT:
            newParameters.setWantClientAuth(true);
            break;
        case NEED:
            newParameters.setNeedClientAuth(true);
            break;
        case DISABLED:
            break;
        default:
            throw new UnsupportedOperationException("Unknown peer authentication: " + peerAuthentication);
    }
    return newParameters;
}
 
Example 3
Source File: UnboundSSLUtils.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
static SSLClient init(String host, int port, String cipherSuiteFilter,
        String sniHostName) throws NoSuchAlgorithmException, IOException {
    SSLContext sslContext = SSLContext.getDefault();
    SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
    SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
    SSLParameters params = new SSLParameters();

    if (cipherSuiteFilter != null) {
        String[] cipherSuites = UnboundSSLUtils.filterStringArray(
                ssf.getSupportedCipherSuites(), cipherSuiteFilter);
        System.out.println("Client: enabled cipher suites: "
                + Arrays.toString(cipherSuites));
        params.setCipherSuites(cipherSuites);
    }

    if (sniHostName != null) {
        System.out.println("Client: set SNI hostname: " + sniHostName);
        SNIHostName serverName = new SNIHostName(sniHostName);
        List<SNIServerName> serverNames = new ArrayList<>();
        serverNames.add(serverName);
        params.setServerNames(serverNames);
    }

    socket.setSSLParameters(params);

    return new SSLClient(socket);
}
 
Example 4
Source File: UnboundSSLUtils.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
static SSLClient init(String host, int port, String cipherSuiteFilter,
        String sniHostName) throws NoSuchAlgorithmException, IOException {
    SSLContext sslContext = SSLContext.getDefault();
    SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
    SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
    SSLParameters params = new SSLParameters();

    if (cipherSuiteFilter != null) {
        String[] cipherSuites = UnboundSSLUtils.filterStringArray(
                ssf.getSupportedCipherSuites(), cipherSuiteFilter);
        System.out.println("Client: enabled cipher suites: "
                + Arrays.toString(cipherSuites));
        params.setCipherSuites(cipherSuites);
    }

    if (sniHostName != null) {
        System.out.println("Client: set SNI hostname: " + sniHostName);
        SNIHostName serverName = new SNIHostName(sniHostName);
        List<SNIServerName> serverNames = new ArrayList<>();
        serverNames.add(serverName);
        params.setServerNames(serverNames);
    }

    socket.setSSLParameters(params);

    return new SSLClient(socket);
}
 
Example 5
Source File: UnboundSSLUtils.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
static SSLClient init(String host, int port, String cipherSuiteFilter,
        String sniHostName) throws NoSuchAlgorithmException, IOException {
    SSLContext sslContext = SSLContext.getDefault();
    SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
    SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
    SSLParameters params = new SSLParameters();

    if (cipherSuiteFilter != null) {
        String[] cipherSuites = UnboundSSLUtils.filterStringArray(
                ssf.getSupportedCipherSuites(), cipherSuiteFilter);
        System.out.println("Client: enabled cipher suites: "
                + Arrays.toString(cipherSuites));
        params.setCipherSuites(cipherSuites);
    }

    if (sniHostName != null) {
        System.out.println("Client: set SNI hostname: " + sniHostName);
        SNIHostName serverName = new SNIHostName(sniHostName);
        List<SNIServerName> serverNames = new ArrayList<>();
        serverNames.add(serverName);
        params.setServerNames(serverNames);
    }

    socket.setSSLParameters(params);

    return new SSLClient(socket);
}
 
Example 6
Source File: UnboundSSLUtils.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
static SSLClient init(String host, int port, String cipherSuiteFilter,
        String sniHostName) throws NoSuchAlgorithmException, IOException {
    SSLContext sslContext = SSLContext.getDefault();
    SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
    SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
    SSLParameters params = new SSLParameters();

    if (cipherSuiteFilter != null) {
        String[] cipherSuites = UnboundSSLUtils.filterStringArray(
                ssf.getSupportedCipherSuites(), cipherSuiteFilter);
        System.out.println("Client: enabled cipher suites: "
                + Arrays.toString(cipherSuites));
        params.setCipherSuites(cipherSuites);
    }

    if (sniHostName != null) {
        System.out.println("Client: set SNI hostname: " + sniHostName);
        SNIHostName serverName = new SNIHostName(sniHostName);
        List<SNIServerName> serverNames = new ArrayList<>();
        serverNames.add(serverName);
        params.setServerNames(serverNames);
    }

    socket.setSSLParameters(params);

    return new SSLClient(socket);
}
 
Example 7
Source File: SSLConfiguration.java    From Bytecoder with Apache License 2.0 5 votes vote down vote up
SSLParameters getSSLParameters() {
    SSLParameters params = new SSLParameters();

    params.setAlgorithmConstraints(this.algorithmConstraints);
    params.setProtocols(ProtocolVersion.toStringArray(enabledProtocols));
    params.setCipherSuites(CipherSuite.namesOf(enabledCipherSuites));
    switch (this.clientAuthType) {
        case CLIENT_AUTH_REQUIRED:
            params.setNeedClientAuth(true);
            break;
        case CLIENT_AUTH_REQUESTED:
            params.setWantClientAuth(true);
            break;
        default:
            params.setWantClientAuth(false);
    }
    params.setEndpointIdentificationAlgorithm(this.identificationProtocol);

    if (serverNames.isEmpty() && !noSniExtension) {
        // 'null' indicates none has been set
        params.setServerNames(null);
    } else {
        params.setServerNames(this.serverNames);
    }

    if (sniMatchers.isEmpty() && !noSniMatcher) {
        // 'null' indicates none has been set
        params.setSNIMatchers(null);
    } else {
        params.setSNIMatchers(this.sniMatchers);
    }

    params.setApplicationProtocols(this.applicationProtocols);
    params.setUseCipherSuitesOrder(this.preferLocalCipherSuites);
    params.setEnableRetransmissions(this.enableRetransmissions);
    params.setMaximumPacketSize(this.maximumPacketSize);

    return params;
}
 
Example 8
Source File: UnboundSSLUtils.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
static SSLClient init(String host, int port, String cipherSuiteFilter,
        String sniHostName) throws NoSuchAlgorithmException, IOException {
    SSLContext sslContext = SSLContext.getDefault();
    SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
    SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
    SSLParameters params = new SSLParameters();

    if (cipherSuiteFilter != null) {
        String[] cipherSuites = UnboundSSLUtils.filterStringArray(
                ssf.getSupportedCipherSuites(), cipherSuiteFilter);
        System.out.println("Client: enabled cipher suites: "
                + Arrays.toString(cipherSuites));
        params.setCipherSuites(cipherSuites);
    }

    if (sniHostName != null) {
        System.out.println("Client: set SNI hostname: " + sniHostName);
        SNIHostName serverName = new SNIHostName(sniHostName);
        List<SNIServerName> serverNames = new ArrayList<>();
        serverNames.add(serverName);
        params.setServerNames(serverNames);
    }

    socket.setSSLParameters(params);

    return new SSLClient(socket);
}
 
Example 9
Source File: UnboundSSLUtils.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
static SSLClient init(String host, int port, String cipherSuiteFilter,
        String sniHostName) throws NoSuchAlgorithmException, IOException {
    SSLContext sslContext = SSLContext.getDefault();
    SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
    SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
    SSLParameters params = new SSLParameters();

    if (cipherSuiteFilter != null) {
        String[] cipherSuites = UnboundSSLUtils.filterStringArray(
                ssf.getSupportedCipherSuites(), cipherSuiteFilter);
        System.out.println("Client: enabled cipher suites: "
                + Arrays.toString(cipherSuites));
        params.setCipherSuites(cipherSuites);
    }

    if (sniHostName != null) {
        System.out.println("Client: set SNI hostname: " + sniHostName);
        SNIHostName serverName = new SNIHostName(sniHostName);
        List<SNIServerName> serverNames = new ArrayList<>();
        serverNames.add(serverName);
        params.setServerNames(serverNames);
    }

    socket.setSSLParameters(params);

    return new SSLClient(socket);
}
 
Example 10
Source File: UnboundSSLUtils.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
static SSLClient init(String host, int port, String cipherSuiteFilter,
        String sniHostName) throws NoSuchAlgorithmException, IOException {
    SSLContext sslContext = SSLContext.getDefault();
    SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
    SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
    SSLParameters params = new SSLParameters();

    if (cipherSuiteFilter != null) {
        String[] cipherSuites = UnboundSSLUtils.filterStringArray(
                ssf.getSupportedCipherSuites(), cipherSuiteFilter);
        System.out.println("Client: enabled cipher suites: "
                + Arrays.toString(cipherSuites));
        params.setCipherSuites(cipherSuites);
    }

    if (sniHostName != null) {
        System.out.println("Client: set SNI hostname: " + sniHostName);
        SNIHostName serverName = new SNIHostName(sniHostName);
        List<SNIServerName> serverNames = new ArrayList<>();
        serverNames.add(serverName);
        params.setServerNames(serverNames);
    }

    socket.setSSLParameters(params);

    return new SSLClient(socket);
}
 
Example 11
Source File: GridSslBasicContextFactory.java    From ignite with Apache License 2.0 2 votes vote down vote up
/** {@inheritDoc} */
@Override public SSLContext createSslContext() throws SSLException {
    checkParameters();

    try {
        KeyManagerFactory keyMgrFactory = KeyManagerFactory.getInstance(keyAlgorithm);

        KeyStore keyStore = loadKeyStore(keyStoreType, keyStoreFilePath, keyStorePwd);

        keyMgrFactory.init(keyStore, keyStorePwd);

        TrustManager[] mgrs = trustMgrs;

        if (mgrs == null) {
            TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance(keyAlgorithm);

            KeyStore trustStore = loadKeyStore(trustStoreType, trustStoreFilePath, trustStorePwd);

            trustMgrFactory.init(trustStore);

            mgrs = trustMgrFactory.getTrustManagers();
        }

        SSLContext ctx = SSLContext.getInstance(proto);

        if (cipherSuites != null || protocols != null) {
            SSLParameters sslParameters = new SSLParameters();

            if (cipherSuites != null)
                sslParameters.setCipherSuites(cipherSuites);

            if (protocols != null)
                sslParameters.setProtocols(protocols);

            ctx = new SSLContextWrapper(ctx, sslParameters);
        }

        ctx.init(keyMgrFactory.getKeyManagers(), mgrs, null);

        return ctx;
    }
    catch (GeneralSecurityException e) {
        throw new SSLException("Failed to initialize SSL context " + parameters(), e);
    }
}