Java Code Examples for javax.net.ssl.SSLServerSocket#getEnabledCipherSuites()

The following examples show how to use javax.net.ssl.SSLServerSocket#getEnabledCipherSuites() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SSLUtilsTest.java    From Flink-CEPplus with Apache License 2.0 6 votes vote down vote up
/**
 * Tests if SSLUtils set the right ssl version and cipher suites for SSLServerSocket.
 */
@Test
public void testSetSSLVersionAndCipherSuitesForSSLServerSocket() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1.1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, "TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256");

	try (ServerSocket socket = SSLUtils.createSSLServerSocketFactory(serverConfig).createServerSocket(0)) {
		assertTrue(socket instanceof SSLServerSocket);
		final SSLServerSocket sslSocket = (SSLServerSocket) socket;

		String[] protocols = sslSocket.getEnabledProtocols();
		String[] algorithms = sslSocket.getEnabledCipherSuites();

		assertEquals(1, protocols.length);
		assertEquals("TLSv1.1", protocols[0]);
		assertEquals(2, algorithms.length);
		assertThat(algorithms, arrayContainingInAnyOrder(
				"TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256"));
	}
}
 
Example 2
Source File: SSLUtilsTest.java    From flink with Apache License 2.0 6 votes vote down vote up
/**
 * Tests if SSLUtils set the right ssl version and cipher suites for SSLServerSocket.
 */
@Test
public void testSetSSLVersionAndCipherSuitesForSSLServerSocket() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1.1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, "TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256");

	try (ServerSocket socket = SSLUtils.createSSLServerSocketFactory(serverConfig).createServerSocket(0)) {
		assertTrue(socket instanceof SSLServerSocket);
		final SSLServerSocket sslSocket = (SSLServerSocket) socket;

		String[] protocols = sslSocket.getEnabledProtocols();
		String[] algorithms = sslSocket.getEnabledCipherSuites();

		assertEquals(1, protocols.length);
		assertEquals("TLSv1.1", protocols[0]);
		assertEquals(2, algorithms.length);
		assertThat(algorithms, arrayContainingInAnyOrder(
				"TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256"));
	}
}
 
Example 3
Source File: CipherTestUtils.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example 4
Source File: CipherTestUtils.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example 5
Source File: CipherTestUtils.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example 6
Source File: CipherTestUtils.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example 7
Source File: CipherTestUtils.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example 8
Source File: CipherTestUtils.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example 9
Source File: CipherTestUtils.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example 10
Source File: CipherTestUtils.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example 11
Source File: SSLUtilsTest.java    From flink with Apache License 2.0 6 votes vote down vote up
/**
 * Tests if SSLUtils set the right ssl version and cipher suites for SSLServerSocket.
 */
@Test
public void testSetSSLVersionAndCipherSuitesForSSLServerSocket() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1.1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, "TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256");

	try (ServerSocket socket = SSLUtils.createSSLServerSocketFactory(serverConfig).createServerSocket(0)) {
		assertTrue(socket instanceof SSLServerSocket);
		final SSLServerSocket sslSocket = (SSLServerSocket) socket;

		String[] protocols = sslSocket.getEnabledProtocols();
		String[] algorithms = sslSocket.getEnabledCipherSuites();

		assertEquals(1, protocols.length);
		assertEquals("TLSv1.1", protocols[0]);
		assertEquals(2, algorithms.length);
		assertThat(algorithms, arrayContainingInAnyOrder(
				"TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256"));
	}
}
 
Example 12
Source File: SSLFactoryJsse.java    From baratine with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Creates the SSL ServerSocket.
 */
public ServerSocketBar create(InetAddress host, int port)
  throws IOException, GeneralSecurityException
{
  SSLServerSocketFactory ssFactory = null;
  
  if (_keyStore != null) {
    SSLContext sslContext = SSLContext.getInstance(_sslContext);

    KeyManagerFactory kmf
      = KeyManagerFactory.getInstance(keyManagerFactory());
  
    kmf.init(_keyStore, keyStorePassword().toCharArray());
    
    sslContext.init(kmf.getKeyManagers(), null, null);

    /*
    if (_cipherSuites != null)
      sslContext.createSSLEngine().setEnabledCipherSuites(_cipherSuites);

    if (_protocols != null)
      sslContext.createSSLEngine().setEnabledProtocols(_protocols);
    */
    
    SSLEngine engine = sslContext.createSSLEngine();
    
    engine.setEnabledProtocols(enabledProtocols(engine.getSupportedProtocols()));

    ssFactory = sslContext.getServerSocketFactory();
  }
  else {
    ssFactory = createAnonymousServerFactory(host, port);
  }
  
  ServerSocket serverSocket;

  int listen = 100;

  if (host == null)
    serverSocket = ssFactory.createServerSocket(port, listen);
  else
    serverSocket = ssFactory.createServerSocket(port, listen, host);

  SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket;
  
  if (_cipherSuites != null) {
    sslServerSocket.setEnabledCipherSuites(_cipherSuites);
  }
  
  if (_cipherSuitesForbidden != null) {
    String []cipherSuites = sslServerSocket.getEnabledCipherSuites();
    
    if (cipherSuites == null)
      cipherSuites = sslServerSocket.getSupportedCipherSuites();
    
    ArrayList<String> cipherList = new ArrayList<String>();
    
    for (String cipher : cipherSuites) {
      if (! isCipherForbidden(cipher, _cipherSuitesForbidden)) {
        cipherList.add(cipher);
      }
    }
    
    cipherSuites = new String[cipherList.size()];
    cipherList.toArray(cipherSuites);
    
    sslServerSocket.setEnabledCipherSuites(cipherSuites);
  }

  sslServerSocket.setEnabledProtocols(enabledProtocols(sslServerSocket.getSupportedProtocols()));
  
  if ("required".equals(_verifyClient))
    sslServerSocket.setNeedClientAuth(true);
  else if ("optional".equals(_verifyClient))
    sslServerSocket.setWantClientAuth(true);

  return new ServerSocketWrapper(serverSocket);
}