javax.net.ssl.SNIServerName Java Examples
The following examples show how to use
javax.net.ssl.SNIServerName.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: ServerNameExtension.java From openjsse with GNU General Public License v2.0 | 6 votes |
|
private static SNIServerName chooseSni(Collection<SNIMatcher> matchers,
List<SNIServerName> sniNames) {
if (sniNames != null && !sniNames.isEmpty()) {
for (SNIMatcher matcher : matchers) {
int matcherType = matcher.getType();
for (SNIServerName sniName : sniNames) {
if (sniName.getType() == matcherType) {
if (matcher.matches(sniName)) {
return sniName;
}
// no duplicated entry in the server names list.
break;
}
}
}
}
return null;
}
Example #2
| Source File: ServerNameExtension.java From hottub with GNU General Public License v2.0 | 6 votes |
|
ServerNameExtension(List<SNIServerName> serverNames)
throws IOException {
super(ExtensionType.EXT_SERVER_NAME);
listLength = 0;
sniMap = new LinkedHashMap<>();
for (SNIServerName serverName : serverNames) {
// check for duplicated server name type
if (sniMap.put(serverName.getType(), serverName) != null) {
// unlikely to happen, but in case ...
throw new RuntimeException(
"Duplicated server name of type " + serverName.getType());
}
listLength += serverName.getEncoded().length + NAME_HEADER_LENGTH;
}
// This constructor is used for ClientHello only. Empty list is
// not allowed in client mode.
if (listLength == 0) {
throw new RuntimeException("The ServerNameList cannot be empty");
}
}
Example #3
| Source File: ServerNameExtension.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
ServerNameExtension(List<SNIServerName> serverNames)
throws IOException {
super(ExtensionType.EXT_SERVER_NAME);
listLength = 0;
sniMap = new LinkedHashMap<>();
for (SNIServerName serverName : serverNames) {
// check for duplicated server name type
if (sniMap.put(serverName.getType(), serverName) != null) {
// unlikely to happen, but in case ...
throw new RuntimeException(
"Duplicated server name of type " + serverName.getType());
}
listLength += serverName.getEncoded().length + NAME_HEADER_LENGTH;
}
// This constructor is used for ClientHello only. Empty list is
// not allowed in client mode.
if (listLength == 0) {
throw new RuntimeException("The ServerNameList cannot be empty");
}
}
Example #4
| Source File: ServerNameExtension.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
ServerNameExtension(List<SNIServerName> serverNames)
throws IOException {
super(ExtensionType.EXT_SERVER_NAME);
listLength = 0;
sniMap = new LinkedHashMap<>();
for (SNIServerName serverName : serverNames) {
// check for duplicated server name type
if (sniMap.put(serverName.getType(), serverName) != null) {
// unlikely to happen, but in case ...
throw new RuntimeException(
"Duplicated server name of type " + serverName.getType());
}
listLength += serverName.getEncoded().length + NAME_HEADER_LENGTH;
}
// This constructor is used for ClientHello only. Empty list is
// not allowed in client mode.
if (listLength == 0) {
throw new RuntimeException("The ServerNameList cannot be empty");
}
}
Example #5
| Source File: ServerNameExtension.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
ServerNameExtension(List<SNIServerName> serverNames)
throws IOException {
super(ExtensionType.EXT_SERVER_NAME);
listLength = 0;
sniMap = new LinkedHashMap<>();
for (SNIServerName serverName : serverNames) {
// check for duplicated server name type
if (sniMap.put(serverName.getType(), serverName) != null) {
// unlikely to happen, but in case ...
throw new RuntimeException(
"Duplicated server name of type " + serverName.getType());
}
listLength += serverName.getEncoded().length + NAME_HEADER_LENGTH;
}
// This constructor is used for ClientHello only. Empty list is
// not allowed in client mode.
if (listLength == 0) {
throw new RuntimeException("The ServerNameList cannot be empty");
}
}
Example #6
| Source File: ServerNameExtension.java From Bytecoder with Apache License 2.0 | 6 votes |
|
private static SNIServerName chooseSni(Collection<SNIMatcher> matchers,
List<SNIServerName> sniNames) {
if (sniNames != null && !sniNames.isEmpty()) {
for (SNIMatcher matcher : matchers) {
int matcherType = matcher.getType();
for (SNIServerName sniName : sniNames) {
if (sniName.getType() == matcherType) {
if (matcher.matches(sniName)) {
return sniName;
}
// no duplicated entry in the server names list.
break;
}
}
}
}
return null;
}
Example #7
| Source File: SNISSLExplorer.java From lams with GNU General Public License v2.0 | 6 votes |
|
private static List<SNIServerName> exploreTLSRecord(
ByteBuffer input, byte firstByte, byte secondByte,
byte thirdByte) throws SSLException {
// Is it a handshake message?
if (firstByte != 22) { // 22: handshake record
throw UndertowMessages.MESSAGES.notHandshakeRecord();
}
// Is there enough data for a full record?
int recordLength = getInt16(input);
if (recordLength > input.remaining()) {
throw new BufferUnderflowException();
}
// We have already had enough source bytes.
try {
return exploreHandshake(input,
secondByte, thirdByte, recordLength);
} catch (BufferUnderflowException ignored) {
throw UndertowMessages.MESSAGES.invalidHandshakeRecord();
}
}
Example #8
| Source File: SNISSLExplorer.java From lams with GNU General Public License v2.0 | 6 votes |
|
private static List<SNIServerName> exploreHandshake(
ByteBuffer input, byte recordMajorVersion,
byte recordMinorVersion, int recordLength) throws SSLException {
// What is the handshake type?
byte handshakeType = input.get();
if (handshakeType != 0x01) { // 0x01: client_hello message
throw UndertowMessages.MESSAGES.expectedClientHello();
}
// What is the handshake body length?
int handshakeLength = getInt24(input);
// Theoretically, a single handshake message might span multiple
// records, but in practice this does not occur.
if (handshakeLength > recordLength - 4) { // 4: handshake header size
throw UndertowMessages.MESSAGES.multiRecordSSLHandshake();
}
input = input.duplicate();
input.limit(handshakeLength + input.position());
return exploreClientHello(input,
recordMajorVersion, recordMinorVersion);
}
Example #9
| Source File: SNISSLExplorer.java From lams with GNU General Public License v2.0 | 6 votes |
|
private static ExtensionInfo exploreExtensions(ByteBuffer input)
throws SSLException {
List<SNIServerName> sni = Collections.emptyList();
List<String> alpn = Collections.emptyList();
int length = getInt16(input); // length of extensions
while (length > 0) {
int extType = getInt16(input); // extension type
int extLen = getInt16(input); // length of extension data
if (extType == 0x00) { // 0x00: type of server name indication
sni = exploreSNIExt(input, extLen);
} else if (extType == 0x10) { // 0x10: type of alpn
alpn = exploreALPN(input, extLen);
} else { // ignore other extensions
ignoreByteVector(input, extLen);
}
length -= extLen + 4;
}
return new ExtensionInfo(sni, alpn);
}
Example #10
| Source File: Java8SslUtils.java From netty-4.1.22 with Apache License 2.0 | 6 votes |
|
static List<String> getSniHostNames(SSLParameters sslParameters) {
List<SNIServerName> names = sslParameters.getServerNames();
if (names == null || names.isEmpty()) {
return Collections.emptyList();
}
List<String> strings = new ArrayList<String>(names.size());
for (SNIServerName serverName : names) {
if (serverName instanceof SNIHostName) {
strings.add(((SNIHostName) serverName).getAsciiName());
} else {
throw new IllegalArgumentException("Only " + SNIHostName.class.getName()
+ " instances are supported, but found: " + serverName);
}
}
return strings;
}
Example #11
| Source File: SSLEngineTestCase.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns client ssl engine.
*
* @param context - SSLContext to get SSLEngine from.
* @param useSNI - flag used to enable or disable using SNI extension.
* Needed for Kerberos.
*/
public static SSLEngine getClientSSLEngine(
SSLContext context, boolean useSNI) {
SSLEngine clientEngine = context.createSSLEngine(HOST, 80);
clientEngine.setUseClientMode(true);
if (useSNI) {
SNIHostName serverName = new SNIHostName(SERVER_NAME);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
SSLParameters params = clientEngine.getSSLParameters();
params.setServerNames(serverNames);
clientEngine.setSSLParameters(params);
}
return clientEngine;
}
Example #12
| Source File: ServerNameExtension.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
|
boolean isIdentical(List<SNIServerName> other) {
if (other.size() == sniMap.size()) {
for(SNIServerName sniInOther : other) {
SNIServerName sniName = sniMap.get(sniInOther.getType());
if (sniName == null || !sniInOther.equals(sniName)) {
return false;
}
}
return true;
}
return false;
}
Example #13
| Source File: SSLSessionImpl.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
|
/**
* Obtains a <code>List</code> containing all {@link SNIServerName}s
* of the requested Server Name Indication (SNI) extension.
*/
@Override
public List<SNIServerName> getRequestedServerNames() {
if (requestedServerNames != null && !requestedServerNames.isEmpty()) {
return Collections.<SNIServerName>unmodifiableList(
requestedServerNames);
}
return Collections.<SNIServerName>emptyList();
}
Example #14
| Source File: ServerNameExtension.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
|
boolean isIdentical(List<SNIServerName> other) {
if (other.size() == sniMap.size()) {
for(SNIServerName sniInOther : other) {
SNIServerName sniName = sniMap.get(sniInOther.getType());
if (sniName == null || !sniInOther.equals(sniName)) {
return false;
}
}
return true;
}
return false;
}
Example #15
| Source File: SNISSLEngine.java From lams with GNU General Public License v2.0 | 5 votes |
|
public SSLEngineResult unwrap(final ByteBuffer src, final ByteBuffer[] dsts, final int offset, final int length) throws SSLException {
SSLEngine next;
final int mark = src.position();
try {
if (src.remaining() < SNISSLExplorer.RECORD_HEADER_SIZE) {
packetBufferSize = SNISSLExplorer.RECORD_HEADER_SIZE;
return UNDERFLOW_UNWRAP;
}
final int requiredSize = SNISSLExplorer.getRequiredSize(src);
if (src.remaining() < requiredSize) {
packetBufferSize = requiredSize;
return UNDERFLOW_UNWRAP;
}
List<SNIServerName> names = SNISSLExplorer.explore(src);
SSLContext sslContext = selector.getContext(names);
if (sslContext == null) {
// no SSL context is available
throw UndertowMessages.MESSAGES.noContextForSslConnection();
}
next = engineFunction.apply(sslContext);
next.setUseClientMode(false);
final int flagsVal = flags.get();
if ((flagsVal & FL_WANT_C_AUTH) != 0) {
next.setWantClientAuth(true);
} else if ((flagsVal & FL_NEED_C_AUTH) != 0) {
next.setNeedClientAuth(true);
}
if ((flagsVal & FL_SESSION_CRE) != 0) {
next.setEnableSessionCreation(true);
}
next = selectionCallback.apply(next);
currentRef.set(next);
} finally {
src.position(mark);
}
return next.unwrap(src, dsts, offset, length);
}
Example #16
| Source File: ServerNameExtension.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
|
List<SNIServerName> getServerNames() {
if (sniMap != null && !sniMap.isEmpty()) {
return Collections.<SNIServerName>unmodifiableList(
new ArrayList<>(sniMap.values()));
}
return Collections.<SNIServerName>emptyList();
}
Example #17
| Source File: ServerNameExtension.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
@Override
void send(HandshakeOutStream s) throws IOException {
s.putInt16(type.id);
if (listLength == 0) {
s.putInt16(listLength); // in ServerHello, empty extension_data
} else {
s.putInt16(listLength + 2); // length of extension_data
s.putInt16(listLength); // length of ServerNameList
for (SNIServerName sniName : sniMap.values()) {
s.putInt8(sniName.getType()); // server name type
s.putBytes16(sniName.getEncoded()); // server name value
}
}
}
Example #18
| Source File: ServerNameExtension.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
|
boolean isMatched(Collection<SNIMatcher> matchers) {
if (sniMap != null && !sniMap.isEmpty()) {
for (SNIMatcher matcher : matchers) {
SNIServerName sniName = sniMap.get(matcher.getType());
if (sniName != null && (!matcher.matches(sniName))) {
return false;
}
}
}
return true;
}
Example #19
| Source File: SSLSessionImpl.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
|
/**
* Obtains a <code>List</code> containing all {@link SNIServerName}s
* of the requested Server Name Indication (SNI) extension.
*/
@Override
public List<SNIServerName> getRequestedServerNames() {
if (requestedServerNames != null && !requestedServerNames.isEmpty()) {
return Collections.<SNIServerName>unmodifiableList(
requestedServerNames);
}
return Collections.<SNIServerName>emptyList();
}
Example #20
| Source File: ServerNameExtension.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
List<SNIServerName> getServerNames() {
if (sniMap != null && !sniMap.isEmpty()) {
return Collections.<SNIServerName>unmodifiableList(
new ArrayList<>(sniMap.values()));
}
return Collections.<SNIServerName>emptyList();
}
Example #21
| Source File: ServerNameExtension.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
|
List<SNIServerName> getServerNames() {
if (sniMap != null && !sniMap.isEmpty()) {
return Collections.<SNIServerName>unmodifiableList(
new ArrayList<>(sniMap.values()));
}
return Collections.<SNIServerName>emptyList();
}
Example #22
| Source File: TlsExplorer.java From tls-channel with MIT License | 5 votes |
|
private static Map<Integer, SNIServerName> exploreClientHello(ByteBuffer input)
throws SSLProtocolException {
ignore(input, 2); // ignore version
ignore(input, 32); // ignore random; 32: the length of Random
ignoreByteVector8(input); // ignore session id
ignoreByteVector16(input); // ignore cipher_suites
ignoreByteVector8(input); // ignore compression methods
if (input.remaining() > 0) return exploreExtensions(input);
else return new HashMap<>();
}
Example #23
| Source File: ServerNameExtension.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
|
@Override
void send(HandshakeOutStream s) throws IOException {
s.putInt16(type.id);
if (listLength == 0) {
s.putInt16(listLength); // in ServerHello, empty extension_data
} else {
s.putInt16(listLength + 2); // length of extension_data
s.putInt16(listLength); // length of ServerNameList
for (SNIServerName sniName : sniMap.values()) {
s.putInt8(sniName.getType()); // server name type
s.putBytes16(sniName.getEncoded()); // server name value
}
}
}
Example #24
| Source File: ServerNameExtension.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
|
boolean isMatched(Collection<SNIMatcher> matchers) {
if (sniMap != null && !sniMap.isEmpty()) {
for (SNIMatcher matcher : matchers) {
SNIServerName sniName = sniMap.get(matcher.getType());
if (sniName != null && (!matcher.matches(sniName))) {
return false;
}
}
}
return true;
}
Example #25
| Source File: UnboundSSLUtils.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
static SSLClient init(String host, int port, String cipherSuiteFilter,
String sniHostName) throws NoSuchAlgorithmException, IOException {
SSLContext sslContext = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
SSLParameters params = new SSLParameters();
if (cipherSuiteFilter != null) {
String[] cipherSuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Client: enabled cipher suites: "
+ Arrays.toString(cipherSuites));
params.setCipherSuites(cipherSuites);
}
if (sniHostName != null) {
System.out.println("Client: set SNI hostname: " + sniHostName);
SNIHostName serverName = new SNIHostName(sniHostName);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
params.setServerNames(serverNames);
}
socket.setSSLParameters(params);
return new SSLClient(socket);
}
Example #26
| Source File: ServerNameExtension.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
@Override
public String toString() {
StringBuffer buffer = new StringBuffer();
for (SNIServerName sniName : sniMap.values()) {
buffer.append("[" + sniName + "]");
}
return "Extension " + type + ", server_name: " + buffer;
}
Example #27
| Source File: SSLSessionImpl.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
|
/**
* Obtains a <code>List</code> containing all {@link SNIServerName}s
* of the requested Server Name Indication (SNI) extension.
*/
@Override
public List<SNIServerName> getRequestedServerNames() {
if (requestedServerNames != null && !requestedServerNames.isEmpty()) {
return Collections.<SNIServerName>unmodifiableList(
requestedServerNames);
}
return Collections.<SNIServerName>emptyList();
}
Example #28
| Source File: ServerNameExtension.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
boolean isIdentical(List<SNIServerName> other) {
if (other.size() == sniMap.size()) {
for(SNIServerName sniInOther : other) {
SNIServerName sniName = sniMap.get(sniInOther.getType());
if (sniName == null || !sniInOther.equals(sniName)) {
return false;
}
}
return true;
}
return false;
}
Example #29
| Source File: ServerNameExtension.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
|
@Override
public String toString() {
StringBuffer buffer = new StringBuffer();
for (SNIServerName sniName : sniMap.values()) {
buffer.append("[" + sniName + "]");
}
return "Extension " + type + ", server_name: " + buffer;
}
Example #30
| Source File: UnboundSSLUtils.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
static SSLClient init(String host, int port, String cipherSuiteFilter,
String sniHostName) throws NoSuchAlgorithmException, IOException {
SSLContext sslContext = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
SSLParameters params = new SSLParameters();
if (cipherSuiteFilter != null) {
String[] cipherSuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Client: enabled cipher suites: "
+ Arrays.toString(cipherSuites));
params.setCipherSuites(cipherSuites);
}
if (sniHostName != null) {
System.out.println("Client: set SNI hostname: " + sniHostName);
SNIHostName serverName = new SNIHostName(sniHostName);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
params.setServerNames(serverNames);
}
socket.setSSLParameters(params);
return new SSLClient(socket);
}
