本文整理汇总了Java中javax.net.ssl.SSLContext.createSSLEngine方法的典型用法代码示例。如果您正苦于以下问题:Java SSLContext.createSSLEngine方法的具体用法?Java SSLContext.createSSLEngine怎么用?Java SSLContext.createSSLEngine使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.net.ssl.SSLContext
的用法示例。
在下文中一共展示了SSLContext.createSSLEngine方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: init
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
public void init(boolean clientMode) throws Exception, CertificateException, FileNotFoundException, IOException {
SSLContext ctx = clientMode ?
((NioTlsWebSocketMessageProcessor)messageProcessor).sslClientCtx:
((NioTlsWebSocketMessageProcessor)messageProcessor).sslServerCtx;
sslStateMachine = new SSLStateMachine(ctx.createSSLEngine(), this);
sslStateMachine.sslEngine.setUseClientMode(clientMode);
String auth = ((SipStackImpl)super.sipStack).
getConfigurationProperties().getProperty("gov.nist.javax.sip.TLS_CLIENT_AUTH_TYPE");
sslStateMachine.sslEngine.setNeedClientAuth(false);
sslStateMachine.sslEngine.setWantClientAuth(false);
String clientProtocols = ((SipStackImpl)super.sipStack)
.getConfigurationProperties().getProperty("gov.nist.javax.sip.TLS_CLIENT_PROTOCOLS");
if(clientProtocols != null) {
sslStateMachine.sslEngine.setEnabledProtocols(clientProtocols.split(","));
}
}
示例2: emmit
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
private void emmit(FlowableEmitter<Message> emitter, String roomId) throws Exception {
SSLContext sslCtx = SSLContext.getDefault();
SSLEngine sslEngine = sslCtx.createSSLEngine("stream.gitter.im", 443);
sslEngine.setUseClientMode(true);
HttpClient
.newClient("stream.gitter.im", 443)
.secure(sslEngine)
.createGet("/v1/rooms/" + roomId + "/chatMessages")
.addHeader("Authorization", "Bearer 3cd4820adf59b6a7116f99d92f68a1b786895ce7")
.flatMap(HttpClientResponse::getContent)
.filter(bb -> bb.capacity() > 2)
.map(MessageEncoder::mapToMessage)
.doOnNext(m -> System.out.println("Log Emit: " + m))
.subscribe(emitter::onNext, emitter::onError, emitter::onComplete);
}
示例3: newChannel
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
@Override
public SocketChannel newChannel(ChannelPipeline pipeline) {
try {
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[]{new PermissiveTrustManager()},
null);
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(true);
// addFirst() will make SSL handling the first stage of decoding
// and the last stage of encoding
pipeline.addFirst("ssl", new SslHandler(sslEngine));
return super.newChannel(pipeline);
} catch (Exception ex) {
throw new RuntimeException("Cannot create SSL channel", ex);
}
}
示例4: getClientSSLEngine
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
/**
* Returns client ssl engine.
*
* @param context - SSLContext to get SSLEngine from.
* @param useSNI - flag used to enable or disable using SNI extension.
* Needed for Kerberos.
*/
public static SSLEngine getClientSSLEngine(
SSLContext context, boolean useSNI) {
SSLEngine clientEngine = context.createSSLEngine(HOST, 80);
clientEngine.setUseClientMode(true);
if (useSNI) {
SNIHostName serverName = new SNIHostName(SERVER_NAME);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
SSLParameters params = clientEngine.getSSLParameters();
params.setServerNames(serverNames);
clientEngine.setSSLParameters(params);
}
return clientEngine;
}
示例5: getServerSSLEngine
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
/**
* Returns server ssl engine.
*
* @param context - SSLContext to get SSLEngine from.
* @param useSNI - flag used to enable or disable using SNI extension.
* Needed for Kerberos.
*/
public static SSLEngine getServerSSLEngine(
SSLContext context, boolean useSNI) {
SSLEngine serverEngine = context.createSSLEngine();
serverEngine.setUseClientMode(false);
if (useSNI) {
SNIMatcher matcher = SNIHostName.createSNIMatcher(SNI_PATTERN);
List<SNIMatcher> matchers = new ArrayList<>();
matchers.add(matcher);
SSLParameters params = serverEngine.getSSLParameters();
params.setSNIMatchers(matchers);
serverEngine.setSSLParameters(params);
}
return serverEngine;
}
示例6: getSslHandler
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
public SslHandler getSslHandler() {
try {
URL ksUrl = Resources.getResource(keyStoreFile);
File ksFile = new File(ksUrl.toURI());
URL tsUrl = Resources.getResource(keyStoreFile);
File tsFile = new File(tsUrl.toURI());
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore trustStore = KeyStore.getInstance(keyStoreType);
trustStore.load(new FileInputStream(tsFile), keyStorePassword.toCharArray());
tmFactory.init(trustStore);
KeyStore ks = KeyStore.getInstance(keyStoreType);
ks.load(new FileInputStream(ksFile), keyStorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, keyPassword.toCharArray());
KeyManager[] km = kmf.getKeyManagers();
TrustManager x509wrapped = getX509TrustManager(tmFactory);
TrustManager[] tm = {x509wrapped};
SSLContext sslContext = SSLContext.getInstance(TLS);
sslContext.init(km, tm, null);
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(false);
sslEngine.setNeedClientAuth(false);
sslEngine.setWantClientAuth(true);
sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
sslEngine.setEnableSessionCreation(true);
return new SslHandler(sslEngine);
} catch (Exception e) {
log.error("Unable to set up SSL context. Reason: " + e.getMessage(), e);
throw new RuntimeException("Failed to get SSL handler", e);
}
}
示例7: createSSLEngine
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
public static SSLEngine createSSLEngine(SSLOption option, SSLCustom custom, String peerHost, int peerPort) {
SSLContext context = createSSLContext(option, custom);
SSLEngine engine =
context.createSSLEngine(peerHost, peerPort);
engine.setEnabledProtocols(option.getProtocols().split(","));
String[] supported = engine.getSupportedCipherSuites();
String[] eanbled = option.getCiphers().split(",");
engine.setEnabledCipherSuites(getEnabledCiphers(supported, eanbled));
engine.setNeedClientAuth(option.isAuthPeer());
return engine;
}
示例8: main
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
public static void main (String[] args) throws Exception {
SSLContext context = SSLContext.getDefault();
// set the property before initialization SSLEngine.
System.setProperty("jsse.SSLEngine.acceptLargeFragments", "true");
SSLEngine cliEngine = context.createSSLEngine();
cliEngine.setUseClientMode(true);
SSLEngine srvEngine = context.createSSLEngine();
srvEngine.setUseClientMode(false);
SSLSession cliSession = cliEngine.getSession();
SSLSession srvSession = srvEngine.getSession();
// check packet buffer sizes.
if (cliSession.getPacketBufferSize() < 33049 ||
srvSession.getPacketBufferSize() < 33049) {
throw new Exception("Don't accept large SSL/TLS fragments");
}
// check application data buffer sizes.
if (cliSession.getApplicationBufferSize() < 32768 ||
srvSession.getApplicationBufferSize() < 32768) {
throw new Exception(
"Don't accept large SSL/TLS application data ");
}
}
示例9: initChannel
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
@Override
protected void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline pipeline = ch.pipeline();
// SSL的安全链接
if (ServerConfig.isSsl()) {
SSLContext sslcontext = SSLContext.getInstance("TLS");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
KeyStore ks = KeyStore.getInstance("JKS");
String keyStorePath = ServerConfig.getKeyStorePath();
String keyStorePassword = ServerConfig.getKeyStorePassword();
ks.load(new FileInputStream(keyStorePath), keyStorePassword.toCharArray());
String keyPassword = ServerConfig.getKeyPassword();
kmf.init(ks, keyPassword.toCharArray());
sslcontext.init(kmf.getKeyManagers(), null, null);
SSLEngine sslEngine = sslcontext.createSSLEngine();
sslEngine.setUseClientMode(false);
sslEngine.setNeedClientAuth(false);
/**
* 务必放在第一位
*/
pipeline.addLast(new SslHandler(sslEngine));
logger.info("initChannel: addLast SslHandler");
/**
* Generates a temporary self-signed certificate for testing purposes.
*/
/*SelfSignedCertificate ssc = new SelfSignedCertificate();
SslContext sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
//SslContext sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
if (sslCtx != null) {
pipeline.addLast(sslCtx.newHandler(ch.alloc()));
}*/
}
// Register HTTP handler chain.
this.appendHttpPipeline(pipeline);
}
示例10: init
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
public void init(boolean clientMode) throws Exception, CertificateException, FileNotFoundException, IOException {
SSLContext ctx = clientMode ?
((NioTlsMessageProcessor)messageProcessor).sslClientCtx :
((NioTlsMessageProcessor)messageProcessor).sslServerCtx;
sslStateMachine = new SSLStateMachine(ctx.createSSLEngine(), this);
sslStateMachine.sslEngine.setUseClientMode(clientMode);
String auth = ((SipStackImpl)super.sipStack).
getConfigurationProperties().getProperty("gov.nist.javax.sip.TLS_CLIENT_AUTH_TYPE");
if(auth == null) {
auth = "Enabled";
}
if(auth.equals("Disabled") || auth.equals("DisabledAll")) {
sslStateMachine.sslEngine.setNeedClientAuth(false);
sslStateMachine.sslEngine.setWantClientAuth(false);
} else if(auth.equals("Enabled")) {
sslStateMachine.sslEngine.setNeedClientAuth(true);
} else if(auth.equals("Want")) {
sslStateMachine.sslEngine.setNeedClientAuth(false);
sslStateMachine.sslEngine.setWantClientAuth(true);
} else {
throw new RuntimeException("Invalid parameter for TLS authentication: " + auth);
}
// http://java.net/jira/browse/JSIP-451 - josemrecio
sslStateMachine.sslEngine.setEnabledProtocols(((SipStackImpl)sipStack).getEnabledProtocols());
// Added for https://java.net/jira/browse/JSIP-483
if(getHandshakeCompletedListener() == null) {
HandshakeCompletedListenerImpl listner = new HandshakeCompletedListenerImpl(this, getSocketChannel());
setHandshakeCompletedListener(listner);
}
}
示例11: getSsl
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
private SSLEngine getSsl(String proto) throws NoSuchAlgorithmException {
String protocol = (proto == null) ? "TLS" : proto;
SSLContext context = SSLContext.getInstance(protocol);
try {
context.init(null, null, null);
} catch (KeyManagementException e) {
System.err.println(e.getMessage());
}
return context.createSSLEngine();
}
示例12: initSSL
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
private synchronized void initSSL(ChannelPipeline p)
throws X509Exception, KeyManagementException, NoSuchAlgorithmException {
String authProviderProp = System.getProperty(ZKConfig.SSL_AUTHPROVIDER);
SSLContext sslContext;
if (authProviderProp == null) {
sslContext = X509Util.createSSLContext();
} else {
sslContext = SSLContext.getInstance("TLSv1");
X509AuthenticationProvider authProvider =
(X509AuthenticationProvider)ProviderRegistry.getProvider(
System.getProperty(ZKConfig.SSL_AUTHPROVIDER,
"x509"));
if (authProvider == null)
{
LOG.error("Auth provider not found: {}", authProviderProp);
throw new SSLContextException(
"Could not create SSLContext with specified auth provider: " +
authProviderProp);
}
sslContext.init(new X509KeyManager[] { authProvider.getKeyManager() },
new X509TrustManager[] { authProvider.getTrustManager() },
null);
}
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(false);
sslEngine.setNeedClientAuth(true);
p.addLast("ssl", new SslHandler(sslEngine));
LOG.info("SSL handler added for channel: {}", p.getChannel());
}
示例13: initChannel
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
@Override
protected void initChannel(SocketChannel channel) throws Exception {
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore ts = KeyStore.getInstance("JKS");
ts.load(new FileInputStream(tsLocation), tsPwd);
tmFactory.init(ts);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(ksLocation), ksPwd);
kmf.init(ks, ksPwd);
SSLContext serverContext = SSLContext.getInstance("TLS");
serverContext.init(kmf.getKeyManagers(), tmFactory.getTrustManagers(), null);
SSLEngine serverSslEngine = serverContext.createSSLEngine();
serverSslEngine.setNeedClientAuth(true);
serverSslEngine.setUseClientMode(false);
serverSslEngine.setEnabledProtocols(serverSslEngine.getSupportedProtocols());
serverSslEngine.setEnabledCipherSuites(serverSslEngine.getSupportedCipherSuites());
serverSslEngine.setEnableSessionCreation(true);
channel.pipeline().addLast("ssl", new io.netty.handler.ssl.SslHandler(serverSslEngine))
.addLast("encoder", encoder)
.addLast("decoder", new MessageDecoder())
.addLast("handler", dispatcher);
}
示例14: unsupTest
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
private void unsupTest(String cipher, boolean clientTest) {
SSLContext context = getContext();
SSLEngine clientEngine = context.createSSLEngine();
clientEngine.setUseClientMode(true);
SSLEngine serverEngine = context.createSSLEngine();
serverEngine.setUseClientMode(false);
if (clientTest) {
clientEngine.setEnabledCipherSuites(new String[]{cipher});
} else {
serverEngine.setEnabledCipherSuites(new String[]{cipher});
}
}
示例15: main
import javax.net.ssl.SSLContext; //导入方法依赖的package包/类
public static void main(String[] s) throws Exception {
SSLContext context = SSLEngineTestCase.getContext();
SSLEngine clientEngine = context.createSSLEngine();
clientEngine.setUseClientMode(true);
SSLEngine serverEngine = context.createSSLEngine();
serverEngine.setUseClientMode(false);
String[] cliEnabledCiphers = clientEngine.getEnabledCipherSuites();
rc4Test(cliEnabledCiphers, true);
String[] srvEnabledCiphers = serverEngine.getEnabledCipherSuites();
rc4Test(srvEnabledCiphers, false);
}