Java Code Examples for javax.net.ssl.SSLParameters#getCipherSuites()

The following examples show how to use javax.net.ssl.SSLParameters#getCipherSuites() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AnonSslSocketFactoryProvider.java    From openAGV with Apache License 2.0 6 votes vote down vote up 
/**
 * Returns an array of anonym cipher suits supported by the default {@link SSLContext} or
 * {@code null}, if accessing the default SSLContext fails.
 * <p>
 * {@link SslRMIClientSocketFactory} and {@link SslRMIServerSocketFactory} and therefore
 * {@link AnonSslClientSocketFactory} and {@link AnonSslServerSocketFactory} use the
 * default SSLContext to create SSL sockets (unless it is set explicitly).
 * The default SSLContext is therefore used to access the supported chipher suites and filter
 * the anonym ones.
 * </p>
 * Note: Getting the default SSLContext only works, if the system properties for keystore and
 * truststore are not set or if they are set and the corresponding files exist.
 *
 * @return An array of anonym cipher suits supported by the default ssl context or {@code null},
 * if accessing the default SSLContext fails.
 */
@Nullable
public static String[] getAnonymousCipherSuites() {
  try {
    SSLParameters parameters = SSLContext.getDefault().getSupportedSSLParameters();
    List<String> anonymousCipherSuites = new ArrayList<>();
    for (String supportedCipherSuite : parameters.getCipherSuites()) {
      if (supportedCipherSuite.toLowerCase().contains("anon")) {
        anonymousCipherSuites.add(supportedCipherSuite);
      }
    }
    return anonymousCipherSuites.toArray(new String[anonymousCipherSuites.size()]);
  }
  catch (NoSuchAlgorithmException ex) {
    LOG.error("Error accessing the default SSLContext.", ex);
    return null;
  }
}
Example 2
Source File: SSLSocketTest.java    From j2objc with Apache License 2.0 6 votes vote down vote up 
public void test_SSLSocket_getSSLParameters() throws Exception {
    SSLSocketFactory sf = (SSLSocketFactory) SSLSocketFactory.getDefault();
    SSLSocket ssl = (SSLSocket) sf.createSocket();

    SSLParameters p = ssl.getSSLParameters();
    assertNotNull(p);

    String[] cipherSuites = p.getCipherSuites();
    assertNotSame(cipherSuites, ssl.getEnabledCipherSuites());
    assertEquals(Arrays.asList(cipherSuites), Arrays.asList(ssl.getEnabledCipherSuites()));

    String[] protocols = p.getProtocols();
    assertNotSame(protocols, ssl.getEnabledProtocols());
    assertEquals(Arrays.asList(protocols), Arrays.asList(ssl.getEnabledProtocols()));

    assertEquals(p.getWantClientAuth(), ssl.getWantClientAuth());
    assertEquals(p.getNeedClientAuth(), ssl.getNeedClientAuth());

    assertNull(p.getEndpointIdentificationAlgorithm());
    p.setEndpointIdentificationAlgorithm(null);
    assertNull(p.getEndpointIdentificationAlgorithm());
    p.setEndpointIdentificationAlgorithm("HTTPS");
    assertEquals("HTTPS", p.getEndpointIdentificationAlgorithm());
    p.setEndpointIdentificationAlgorithm("FOO");
    assertEquals("FOO", p.getEndpointIdentificationAlgorithm());
}
Example 3
Source File: SecureSocketFactoryProvider.java    From openAGV with Apache License 2.0 5 votes vote down vote up 
@Override
public RMIServerSocketFactory getServerSocketFactory() {
  SSLContext context = secureSslContextFactory.createServerContext();
  SSLParameters param = context.getSupportedSSLParameters();
  return new SslRMIServerSocketFactory(context,
                                       param.getCipherSuites(),
                                       param.getProtocols(),
                                       param.getWantClientAuth());
}
Example 4
Source File: ClientApplication.java    From chipster with MIT License 5 votes vote down vote up 
private String getConnectionDebugInfo() {
	String msg = "";

	msg += "\nSystem properties\n";
	for (Object key : System.getProperties().keySet()) {
		msg += key + ": \t" + System.getProperty(key.toString()) + "\n";
	}
	
	try {
		SSLParameters sslParams = SSLContext.getDefault().getSupportedSSLParameters();
		
		msg += "\nProtocols\n";
		for (String protocol : sslParams.getProtocols()) {
			msg += protocol + "\n";
		}
		
		msg += "\nCipher suites\n";
		for (String cipher : sslParams.getCipherSuites()) {
			msg += cipher + "\n";
		}
	} catch (NoSuchAlgorithmException e) {
		logger.error("failed to get ssl debug info", e);
		msg += "failed to get ssl debug info\n";
	}
	
	return msg;
}
Example 5
Source File: SSLConfiguration.java    From openjsse with GNU General Public License v2.0 4 votes vote down vote up 
void setSSLParameters(SSLParameters params) {
    AlgorithmConstraints ac = params.getAlgorithmConstraints();
    if (ac != null) {
        this.userSpecifiedAlgorithmConstraints = ac;
    }   // otherwise, use the default value

    String[] sa = params.getCipherSuites();
    if (sa != null) {
        this.enabledCipherSuites = CipherSuite.validValuesOf(sa);
    }   // otherwise, use the default values

    sa = params.getProtocols();
    if (sa != null) {
        this.enabledProtocols = ProtocolVersion.namesOf(sa);

        this.maximumProtocolVersion = ProtocolVersion.NONE;
        for (ProtocolVersion pv : enabledProtocols) {
            if (pv.compareTo(maximumProtocolVersion) > 0) {
                this.maximumProtocolVersion = pv;
            }
        }
    }   // otherwise, use the default values

    if (params.getNeedClientAuth()) {
        this.clientAuthType = ClientAuthType.CLIENT_AUTH_REQUIRED;
    } else if (params.getWantClientAuth()) {
        this.clientAuthType = ClientAuthType.CLIENT_AUTH_REQUESTED;
    } else {
        this.clientAuthType = ClientAuthType.CLIENT_AUTH_NONE;
    }

    String s = params.getEndpointIdentificationAlgorithm();
    if (s != null) {
        this.identificationProtocol = s;
    }   // otherwise, use the default value

    List<SNIServerName> sniNames = params.getServerNames();
    if (sniNames != null) {
        this.noSniExtension = sniNames.isEmpty();
        this.serverNames = sniNames;
    }   // null if none has been set

    Collection<SNIMatcher> matchers = params.getSNIMatchers();
    if (matchers != null) {
        this.noSniMatcher = matchers.isEmpty();
        this.sniMatchers = matchers;
    }   // null if none has been set

    if (params instanceof org.openjsse.javax.net.ssl.SSLParameters) {
        
        sa = ((org.openjsse.javax.net.ssl.SSLParameters)params).getApplicationProtocols();
        if (sa != null) {
            this.applicationProtocols = sa;
        }   // otherwise, use the default values

        this.enableRetransmissions = ((org.openjsse.javax.net.ssl.SSLParameters)params).getEnableRetransmissions();
        this.maximumPacketSize = ((org.openjsse.javax.net.ssl.SSLParameters)params).getMaximumPacketSize();
    }
    this.preferLocalCipherSuites = params.getUseCipherSuitesOrder();
}
Example 6
Source File: SSLConfiguration.java    From Bytecoder with Apache License 2.0 4 votes vote down vote up 
void setSSLParameters(SSLParameters params) {
    AlgorithmConstraints ac = params.getAlgorithmConstraints();
    if (ac != null) {
        this.algorithmConstraints = ac;
    }   // otherwise, use the default value

    String[] sa = params.getCipherSuites();
    if (sa != null) {
        this.enabledCipherSuites = CipherSuite.validValuesOf(sa);
    }   // otherwise, use the default values

    sa = params.getProtocols();
    if (sa != null) {
        this.enabledProtocols = ProtocolVersion.namesOf(sa);

        this.maximumProtocolVersion = ProtocolVersion.NONE;
        for (ProtocolVersion pv : enabledProtocols) {
            if (pv.compareTo(maximumProtocolVersion) > 0) {
                this.maximumProtocolVersion = pv;
            }
        }
    }   // otherwise, use the default values

    if (params.getNeedClientAuth()) {
        this.clientAuthType = ClientAuthType.CLIENT_AUTH_REQUIRED;
    } else if (params.getWantClientAuth()) {
        this.clientAuthType = ClientAuthType.CLIENT_AUTH_REQUESTED;
    } else {
        this.clientAuthType = ClientAuthType.CLIENT_AUTH_NONE;
    }

    String s = params.getEndpointIdentificationAlgorithm();
    if (s != null) {
        this.identificationProtocol = s;
    }   // otherwise, use the default value

    List<SNIServerName> sniNames = params.getServerNames();
    if (sniNames != null) {
        this.noSniExtension = sniNames.isEmpty();
        this.serverNames = sniNames;
    }   // null if none has been set

    Collection<SNIMatcher> matchers = params.getSNIMatchers();
    if (matchers != null) {
        this.noSniMatcher = matchers.isEmpty();
        this.sniMatchers = matchers;
    }   // null if none has been set

    sa = params.getApplicationProtocols();
    if (sa != null) {
        this.applicationProtocols = sa;
    }   // otherwise, use the default values

    this.preferLocalCipherSuites = params.getUseCipherSuitesOrder();
    this.enableRetransmissions = params.getEnableRetransmissions();
    this.maximumPacketSize = params.getMaximumPacketSize();
}
Example 7
Source File: VespaHttpClientBuilder.java    From vespa with Apache License 2.0 4 votes vote down vote up 
private static SSLConnectionSocketFactory createSslSocketFactory(TlsContext tlsContext) {
    SSLParameters parameters = tlsContext.parameters();
    return new SSLConnectionSocketFactory(tlsContext.context(), parameters.getProtocols(), parameters.getCipherSuites(), new NoopHostnameVerifier());
}