本文整理汇总了Java中javax.net.ssl.SSLEngine.setEnabledProtocols方法的典型用法代码示例。如果您正苦于以下问题:Java SSLEngine.setEnabledProtocols方法的具体用法?Java SSLEngine.setEnabledProtocols怎么用?Java SSLEngine.setEnabledProtocols使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.net.ssl.SSLEngine的用法示例。
在下文中一共展示了SSLEngine.setEnabledProtocols方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createSSLEngine
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
public static SSLEngine createSSLEngine(SSLOption option, SSLCustom custom) {
SSLContext context = createSSLContext(option, custom);
SSLEngine engine =
context.createSSLEngine();
engine.setEnabledProtocols(option.getProtocols().split(","));
String[] supported = engine.getSupportedCipherSuites();
String[] eanbled = option.getCiphers().split(",");
engine.setEnabledCipherSuites(getEnabledCiphers(supported, eanbled));
engine.setNeedClientAuth(option.isAuthPeer());
return engine;
}
示例2: createSSLEngine
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
protected SSLEngine createSSLEngine() {
SSLEngine engine = sslContext.createSSLEngine();
if ("false".equals(getClientAuth())) {
engine.setNeedClientAuth(false);
engine.setWantClientAuth(false);
} else if ("true".equals(getClientAuth()) || "yes".equals(getClientAuth())){
engine.setNeedClientAuth(true);
} else if ("want".equals(getClientAuth())) {
engine.setWantClientAuth(true);
}
engine.setUseClientMode(false);
engine.setEnabledCipherSuites(enabledCiphers);
engine.setEnabledProtocols(enabledProtocols);
configureUseServerCipherSuitesOrder(engine);
return engine;
}
示例3: createSSLEngine
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
protected SSLEngine createSSLEngine() {
SSLEngine engine = sslContext.createSSLEngine();
if ("false".equals(getClientAuth())) {
engine.setNeedClientAuth(false);
engine.setWantClientAuth(false);
} else if ("true".equals(getClientAuth()) || "yes".equals(getClientAuth())) {
engine.setNeedClientAuth(true);
} else if ("want".equals(getClientAuth())) {
engine.setWantClientAuth(true);
}
engine.setUseClientMode(false);
engine.setEnabledCipherSuites(enabledCiphers);
engine.setEnabledProtocols(enabledProtocols);
configureUseServerCipherSuitesOrder(engine);
return engine;
}
示例4: createSslEngine
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
public SSLEngine createSslEngine(String peerHost, int peerPort) {
SSLEngine sslEngine = sslContext.createSSLEngine(peerHost, peerPort);
if (cipherSuites != null) sslEngine.setEnabledCipherSuites(cipherSuites);
if (enabledProtocols != null) sslEngine.setEnabledProtocols(enabledProtocols);
// SSLParameters#setEndpointIdentificationAlgorithm enables endpoint validation
// only in client mode. Hence, validation is enabled only for clients.
if (mode == Mode.SERVER) {
sslEngine.setUseClientMode(false);
if (needClientAuth)
sslEngine.setNeedClientAuth(needClientAuth);
else
sslEngine.setWantClientAuth(wantClientAuth);
} else {
sslEngine.setUseClientMode(true);
SSLParameters sslParams = sslEngine.getSSLParameters();
sslParams.setEndpointIdentificationAlgorithm(endpointIdentification);
sslEngine.setSSLParameters(sslParams);
}
return sslEngine;
}
示例5: getPipeline
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
public ChannelPipeline getPipeline() throws Exception {
ChannelPipeline pipeline = Channels.pipeline();
OFChannelHandler handler = new OFChannelHandler(switchManager,
connectionListener,
pipeline,
debugCounters,
timer);
if (keyStore != null && keyStorePassword != null) {
try {
/* Set up factories and stores. */
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore tmpKS = null;
tmFactory.init(tmpKS);
/* Use keystore/pass defined in properties file. */
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keyStore), keyStorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, keyStorePassword.toCharArray());
KeyManager[] km = kmf.getKeyManagers();
TrustManager[] tm = tmFactory.getTrustManagers();
/* Set up SSL prereqs for Netty. */
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(km, tm, null);
SSLEngine sslEngine = sslContext.createSSLEngine();
/* We are the server and we will create secure sessions. */
sslEngine.setUseClientMode(false);
sslEngine.setEnableSessionCreation(true);
/* These are redundant (default), but for clarity... */
sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
/* First, decrypt w/handler+engine; then, proceed with rest of handlers. */
pipeline.addLast(PipelineHandler.SSL_TLS_ENCODER_DECODER, new SslHandler(sslEngine));
log.info("SSL OpenFlow socket initialized and handler ready for switch.");
} catch (Exception e) { /* There are lots of possible exceptions to catch, so this should get them all. */
log.error("Exception initializing SSL OpenFlow socket: {}", e.getMessage());
throw e; /* If we wanted secure but didn't get it, we should bail. */
}
}
/* SSL handler will have been added first if we're using it. */
pipeline.addLast(PipelineHandler.OF_MESSAGE_DECODER,
new OFMessageDecoder());
pipeline.addLast(PipelineHandler.OF_MESSAGE_ENCODER,
new OFMessageEncoder());
pipeline.addLast(PipelineHandler.MAIN_IDLE, idleHandler);
pipeline.addLast(PipelineHandler.READ_TIMEOUT, readTimeoutHandler);
pipeline.addLast(PipelineHandler.CHANNEL_HANDSHAKE_TIMEOUT,
new HandshakeTimeoutHandler(
handler,
timer,
PipelineHandshakeTimeout.CHANNEL));
pipeline.addLast(PipelineHandler.CHANNEL_HANDLER, handler);
return pipeline;
}
示例6: createSSLEngine
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
/**
* Returns a configured SSLEngine.
*
* @return the configured SSLEngine.
* @throws GeneralSecurityException thrown if the SSL engine could not
* be initialized.
* @throws IOException thrown if and IO error occurred while loading
* the server keystore.
*/
public SSLEngine createSSLEngine()
throws GeneralSecurityException, IOException {
SSLEngine sslEngine = context.createSSLEngine();
if (mode == Mode.CLIENT) {
sslEngine.setUseClientMode(true);
} else {
sslEngine.setUseClientMode(false);
sslEngine.setNeedClientAuth(requireClientCert);
}
sslEngine.setEnabledProtocols(enabledProtocols);
return sslEngine;
}
示例7: getSslHandler
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
public SslHandler getSslHandler() {
try {
URL ksUrl = Resources.getResource(keyStoreFile);
File ksFile = new File(ksUrl.toURI());
URL tsUrl = Resources.getResource(keyStoreFile);
File tsFile = new File(tsUrl.toURI());
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore trustStore = KeyStore.getInstance(keyStoreType);
trustStore.load(new FileInputStream(tsFile), keyStorePassword.toCharArray());
tmFactory.init(trustStore);
KeyStore ks = KeyStore.getInstance(keyStoreType);
ks.load(new FileInputStream(ksFile), keyStorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, keyPassword.toCharArray());
KeyManager[] km = kmf.getKeyManagers();
TrustManager x509wrapped = getX509TrustManager(tmFactory);
TrustManager[] tm = {x509wrapped};
SSLContext sslContext = SSLContext.getInstance(TLS);
sslContext.init(km, tm, null);
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(false);
sslEngine.setNeedClientAuth(false);
sslEngine.setWantClientAuth(true);
sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
sslEngine.setEnableSessionCreation(true);
return new SslHandler(sslEngine);
} catch (Exception e) {
log.error("Unable to set up SSL context. Reason: " + e.getMessage(), e);
throw new RuntimeException("Failed to get SSL handler", e);
}
}
示例8: getPipeline
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
public ChannelPipeline getPipeline() throws Exception {
ChannelPipeline pipeline = Channels.pipeline();
if (enableCompression) {
ZlibEncoder encoder = new ZlibEncoder(6);
pipeline.addFirst("deflater", encoder);
pipeline.addFirst("inflater", new ZlibDecoder());
}
if (enableSsl) {
SSLEngine sslEngine = createServerSSLContext().createSSLEngine();
sslEngine.setUseClientMode(false);
List<String> enabledProtocols = new ArrayList<String>();
for (String protocol : sslEngine.getEnabledProtocols()) {
if (!excludeProtocols.contains(protocol)) {
enabledProtocols.add(protocol);
}
}
sslEngine.setEnabledProtocols(enabledProtocols.toArray(new String[0]));
logger.info("SSLEngine protocols enabled: " +
Arrays.asList(sslEngine.getEnabledProtocols()));
// addFirst() will make SSL handling the first stage of decoding
// and the last stage of encoding this must be added after
// adding compression handling above
pipeline.addFirst("ssl", new SslHandler(sslEngine));
}
if (enableIpFilter) {
logger.info("Setting up ipFilter with the following rule definition: " +
patternRuleConfigDefinition);
IpFilterRuleHandler ipFilterHandler = new IpFilterRuleHandler();
ipFilterHandler.addAll(rules);
logger.info("Adding ipFilter with " + ipFilterHandler.size() + " rules");
pipeline.addFirst("ipFilter", ipFilterHandler);
}
return pipeline;
}
示例9: getPipeline
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
public ChannelPipeline getPipeline() throws Exception {
OFChannelHandler handler = new OFChannelHandler(controller);
ChannelPipeline pipeline = Channels.pipeline();
if (sslContext != null) {
log.debug("OpenFlow SSL enabled.");
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setNeedClientAuth(true);
sslEngine.setUseClientMode(false);
sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
sslEngine.setEnableSessionCreation(true);
SslHandler sslHandler = new SslHandler(sslEngine);
pipeline.addLast("ssl", sslHandler);
} else {
log.debug("OpenFlow SSL disabled.");
}
pipeline.addLast("ofmessagedecoder", new OFMessageDecoder());
pipeline.addLast("ofmessageencoder", new OFMessageEncoder());
pipeline.addLast("idle", idleHandler);
pipeline.addLast("timeout", readTimeoutHandler);
// XXX S ONOS: was 15 increased it to fix Issue #296
pipeline.addLast("handshaketimeout",
new HandshakeTimeoutHandler(handler, timer, 60));
if (pipelineExecutor != null) {
pipeline.addLast("pipelineExecutor",
new ExecutionHandler(pipelineExecutor));
}
pipeline.addLast("handler", handler);
return pipeline;
}
示例10: initChannel
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
protected void initChannel(SocketChannel channel) throws Exception {
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore ts = KeyStore.getInstance("JKS");
ts.load(new FileInputStream(tsLocation), tsPwd);
tmFactory.init(ts);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(ksLocation), ksPwd);
kmf.init(ks, ksPwd);
SSLContext serverContext = SSLContext.getInstance("TLS");
serverContext.init(kmf.getKeyManagers(), tmFactory.getTrustManagers(), null);
SSLEngine serverSslEngine = serverContext.createSSLEngine();
serverSslEngine.setNeedClientAuth(true);
serverSslEngine.setUseClientMode(false);
serverSslEngine.setEnabledProtocols(serverSslEngine.getSupportedProtocols());
serverSslEngine.setEnabledCipherSuites(serverSslEngine.getSupportedCipherSuites());
serverSslEngine.setEnableSessionCreation(true);
channel.pipeline().addLast("ssl", new io.netty.handler.ssl.SslHandler(serverSslEngine))
.addLast("encoder", encoder)
.addLast("decoder", new MessageDecoder())
.addLast("handler", dispatcher);
}
示例11: initChannel
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
protected void initChannel(Channel ch) throws Exception {
ChannelPipeline pipeline = ch.pipeline();
OFChannelHandler handler = new OFChannelHandler(
switchManager,
connectionListener,
pipeline,
debugCounters,
timer,
ofBitmaps,
defaultFactory);
if (keyStore != null && keyStorePassword != null) {
try {
/* Set up factories and stores. */
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore tmpKS = null;
tmFactory.init(tmpKS);
/* Use keystore/pass defined in properties file. */
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keyStore), keyStorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, keyStorePassword.toCharArray());
KeyManager[] km = kmf.getKeyManagers();
TrustManager[] tm = tmFactory.getTrustManagers();
/* Set up SSL prereqs for Netty. */
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(km, tm, null);
SSLEngine sslEngine = sslContext.createSSLEngine();
/* We are the server and we will create secure sessions. */
sslEngine.setUseClientMode(false);
sslEngine.setEnableSessionCreation(true);
/* These are redundant (default), but for clarity... */
sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
/* First, decrypt w/handler+engine; then, proceed with rest of handlers. */
pipeline.addLast(PipelineHandler.SSL_TLS_ENCODER_DECODER, new SslHandler(sslEngine));
log.info("SSL OpenFlow socket initialized and handler ready for switch.");
} catch (Exception e) { /* There are lots of possible exceptions to catch, so this should get them all. */
log.error("Exception initializing SSL OpenFlow socket: {}", e.getMessage());
throw e; /* If we wanted secure but didn't get it, we should bail. */
}
}
pipeline.addLast(PipelineHandler.OF_MESSAGE_DECODER,
new OFMessageDecoder());
pipeline.addLast(PipelineHandler.OF_MESSAGE_ENCODER,
new OFMessageEncoder());
pipeline.addLast(PipelineHandler.MAIN_IDLE,
new IdleStateHandler(PipelineIdleReadTimeout.MAIN,
PipelineIdleWriteTimeout.MAIN,
0));
pipeline.addLast(PipelineHandler.READ_TIMEOUT, new ReadTimeoutHandler(30));
pipeline.addLast(PipelineHandler.CHANNEL_HANDSHAKE_TIMEOUT,
new HandshakeTimeoutHandler(
handler,
timer,
PipelineHandshakeTimeout.CHANNEL));
pipeline.addLast(PipelineHandler.CHANNEL_HANDLER, handler);
}
示例12: newChannel
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
public SocketChannel newChannel(ChannelPipeline pipeline) {
TrustManager[] managers;
try {
if (enableCompression) {
ZlibEncoder encoder = new ZlibEncoder(compressionLevel);
pipeline.addFirst("deflater", encoder);
pipeline.addFirst("inflater", new ZlibDecoder());
}
if (enableSsl) {
if (trustAllCerts) {
logger.warn("No truststore configured, setting TrustManager to accept"
+ " all server certificates");
managers = new TrustManager[] { new PermissiveTrustManager() };
} else {
KeyStore keystore = null;
if (truststore != null) {
if (truststorePassword == null) {
throw new NullPointerException("truststore password is null");
}
InputStream truststoreStream = new FileInputStream(truststore);
keystore = KeyStore.getInstance(truststoreType);
keystore.load(truststoreStream, truststorePassword.toCharArray());
}
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
// null keystore is OK, with SunX509 it defaults to system CA Certs
// see http://docs.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#X509TrustManager
tmf.init(keystore);
managers = tmf.getTrustManagers();
}
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, managers, null);
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(true);
List<String> enabledProtocols = new ArrayList<String>();
for (String protocol : sslEngine.getEnabledProtocols()) {
if (!excludeProtocols.contains(protocol)) {
enabledProtocols.add(protocol);
}
}
sslEngine.setEnabledProtocols(enabledProtocols.toArray(new String[0]));
logger.info("SSLEngine protocols enabled: " +
Arrays.asList(sslEngine.getEnabledProtocols()));
// addFirst() will make SSL handling the first stage of decoding
// and the last stage of encoding this must be added after
// adding compression handling above
pipeline.addFirst("ssl", new SslHandler(sslEngine));
}
return super.newChannel(pipeline);
} catch (Exception ex) {
logger.error("Cannot create SSL channel", ex);
throw new RuntimeException("Cannot create SSL channel", ex);
}
}