本文整理汇总了Java中javax.net.ssl.SSLEngine.setNeedClientAuth方法的典型用法代码示例。如果您正苦于以下问题:Java SSLEngine.setNeedClientAuth方法的具体用法?Java SSLEngine.setNeedClientAuth怎么用?Java SSLEngine.setNeedClientAuth使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.net.ssl.SSLEngine的用法示例。
在下文中一共展示了SSLEngine.setNeedClientAuth方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createSSLEngine
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
public static SSLEngine createSSLEngine(SSLOption option, SSLCustom custom) {
SSLContext context = createSSLContext(option, custom);
SSLEngine engine =
context.createSSLEngine();
engine.setEnabledProtocols(option.getProtocols().split(","));
String[] supported = engine.getSupportedCipherSuites();
String[] eanbled = option.getCiphers().split(",");
engine.setEnabledCipherSuites(getEnabledCiphers(supported, eanbled));
engine.setNeedClientAuth(option.isAuthPeer());
return engine;
}
示例2: createSSLEngine
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
protected SSLEngine createSSLEngine() {
SSLEngine engine = sslContext.createSSLEngine();
if ("false".equals(getClientAuth())) {
engine.setNeedClientAuth(false);
engine.setWantClientAuth(false);
} else if ("true".equals(getClientAuth()) || "yes".equals(getClientAuth())) {
engine.setNeedClientAuth(true);
} else if ("want".equals(getClientAuth())) {
engine.setWantClientAuth(true);
}
engine.setUseClientMode(false);
engine.setEnabledCipherSuites(enabledCiphers);
engine.setEnabledProtocols(enabledProtocols);
configureUseServerCipherSuitesOrder(engine);
return engine;
}
示例3: createSSLEngine
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
protected SSLEngine createSSLEngine() {
SSLEngine engine = sslContext.createSSLEngine();
if ("false".equals(getClientAuth())) {
engine.setNeedClientAuth(false);
engine.setWantClientAuth(false);
} else if ("true".equals(getClientAuth()) || "yes".equals(getClientAuth())){
engine.setNeedClientAuth(true);
} else if ("want".equals(getClientAuth())) {
engine.setWantClientAuth(true);
}
engine.setUseClientMode(false);
engine.setEnabledCipherSuites(enabledCiphers);
engine.setEnabledProtocols(enabledProtocols);
configureUseServerCipherSuitesOrder(engine);
return engine;
}
示例4: createSslEngine
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
public SSLEngine createSslEngine(String peerHost, int peerPort) {
SSLEngine sslEngine = sslContext.createSSLEngine(peerHost, peerPort);
if (cipherSuites != null) sslEngine.setEnabledCipherSuites(cipherSuites);
if (enabledProtocols != null) sslEngine.setEnabledProtocols(enabledProtocols);
// SSLParameters#setEndpointIdentificationAlgorithm enables endpoint validation
// only in client mode. Hence, validation is enabled only for clients.
if (mode == Mode.SERVER) {
sslEngine.setUseClientMode(false);
if (needClientAuth)
sslEngine.setNeedClientAuth(needClientAuth);
else
sslEngine.setWantClientAuth(wantClientAuth);
} else {
sslEngine.setUseClientMode(true);
SSLParameters sslParams = sslEngine.getSSLParameters();
sslParams.setEndpointIdentificationAlgorithm(endpointIdentification);
sslEngine.setSSLParameters(sslParams);
}
return sslEngine;
}
示例5: testOneCipher
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
protected void testOneCipher(String cipher) {
SSLContext context = getContext();
int maxPacketSize = getMaxPacketSize();
boolean useSNI = !TEST_MODE.equals("norm");
SSLEngine clientEngine = getClientSSLEngine(context, useSNI);
SSLEngine serverEngine = getServerSSLEngine(context, useSNI);
clientEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setNeedClientAuth(!cipher.contains("anon"));
try {
doHandshake(clientEngine, serverEngine, maxPacketSize,
HandshakeMode.INITIAL_HANDSHAKE);
checkIncorrectAppDataUnwrap(clientEngine, serverEngine);
checkIncorrectAppDataUnwrap(serverEngine, clientEngine);
} catch (SSLException ssle) {
throw new AssertionError("Error during handshake or sending app data",
ssle);
}
}
示例6: closingTest
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
private void closingTest(String cipher, boolean clientCloses)
throws SSLException {
SSLContext context = getContext();
int maxPacketSize = getMaxPacketSize();
boolean useSNI = !TEST_MODE.equals("norm");
SSLEngine clientEngine = getClientSSLEngine(context, useSNI);
SSLEngine serverEngine = getServerSSLEngine(context, useSNI);
clientEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setNeedClientAuth(!cipher.contains("anon"));
doHandshake(clientEngine, serverEngine, maxPacketSize,
HandshakeMode.INITIAL_HANDSHAKE);
if (clientCloses) {
closeEngines(clientEngine, serverEngine);
} else {
closeEngines(serverEngine, clientEngine);
}
}
示例7: testOneCipher
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
protected void testOneCipher(String cipher) throws SSLException {
SSLContext context = getContext();
int maxPacketSize = getMaxPacketSize();
boolean useSNI = !TEST_MODE.equals("norm");
SSLEngine clientEngine = getClientSSLEngine(context, useSNI);
SSLEngine serverEngine = getServerSSLEngine(context, useSNI);
clientEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setNeedClientAuth(!cipher.contains("anon"));
doHandshake(clientEngine, serverEngine, maxPacketSize,
HandshakeMode.INITIAL_HANDSHAKE);
checkSeqNumPropertyWithAppDataSend(clientEngine, serverEngine);
checkSeqNumPropertyWithAppDataSend(serverEngine, clientEngine);
}
示例8: getSslHandler
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
public SslHandler getSslHandler() {
try {
URL ksUrl = Resources.getResource(keyStoreFile);
File ksFile = new File(ksUrl.toURI());
URL tsUrl = Resources.getResource(keyStoreFile);
File tsFile = new File(tsUrl.toURI());
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore trustStore = KeyStore.getInstance(keyStoreType);
trustStore.load(new FileInputStream(tsFile), keyStorePassword.toCharArray());
tmFactory.init(trustStore);
KeyStore ks = KeyStore.getInstance(keyStoreType);
ks.load(new FileInputStream(ksFile), keyStorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, keyPassword.toCharArray());
KeyManager[] km = kmf.getKeyManagers();
TrustManager x509wrapped = getX509TrustManager(tmFactory);
TrustManager[] tm = {x509wrapped};
SSLContext sslContext = SSLContext.getInstance(TLS);
sslContext.init(km, tm, null);
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(false);
sslEngine.setNeedClientAuth(false);
sslEngine.setWantClientAuth(true);
sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
sslEngine.setEnableSessionCreation(true);
return new SslHandler(sslEngine);
} catch (Exception e) {
log.error("Unable to set up SSL context. Reason: " + e.getMessage(), e);
throw new RuntimeException("Failed to get SSL handler", e);
}
}
示例9: initChannel
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
protected void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline pipeline = ch.pipeline();
// SSL的安全链接
if (ServerConfig.isSsl()) {
SSLContext sslcontext = SSLContext.getInstance("TLS");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
KeyStore ks = KeyStore.getInstance("JKS");
String keyStorePath = ServerConfig.getKeyStorePath();
String keyStorePassword = ServerConfig.getKeyStorePassword();
ks.load(new FileInputStream(keyStorePath), keyStorePassword.toCharArray());
String keyPassword = ServerConfig.getKeyPassword();
kmf.init(ks, keyPassword.toCharArray());
sslcontext.init(kmf.getKeyManagers(), null, null);
SSLEngine sslEngine = sslcontext.createSSLEngine();
sslEngine.setUseClientMode(false);
sslEngine.setNeedClientAuth(false);
/**
* 务必放在第一位
*/
pipeline.addLast(new SslHandler(sslEngine));
logger.info("initChannel: addLast SslHandler");
/**
* Generates a temporary self-signed certificate for testing purposes.
*/
/*SelfSignedCertificate ssc = new SelfSignedCertificate();
SslContext sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
//SslContext sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
if (sslCtx != null) {
pipeline.addLast(sslCtx.newHandler(ch.alloc()));
}*/
}
// Register HTTP handler chain.
this.appendHttpPipeline(pipeline);
}
示例10: initSSL
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
private synchronized void initSSL(ChannelPipeline p)
throws X509Exception, KeyManagementException, NoSuchAlgorithmException {
String authProviderProp = System.getProperty(ZKConfig.SSL_AUTHPROVIDER);
SSLContext sslContext;
if (authProviderProp == null) {
sslContext = X509Util.createSSLContext();
} else {
sslContext = SSLContext.getInstance("TLSv1");
X509AuthenticationProvider authProvider =
(X509AuthenticationProvider)ProviderRegistry.getProvider(
System.getProperty(ZKConfig.SSL_AUTHPROVIDER,
"x509"));
if (authProvider == null)
{
LOG.error("Auth provider not found: {}", authProviderProp);
throw new SSLContextException(
"Could not create SSLContext with specified auth provider: " +
authProviderProp);
}
sslContext.init(new X509KeyManager[] { authProvider.getKeyManager() },
new X509TrustManager[] { authProvider.getTrustManager() },
null);
}
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(false);
sslEngine.setNeedClientAuth(true);
p.addLast("ssl", new SslHandler(sslEngine));
LOG.info("SSL handler added for channel: {}", p.getChannel());
}
示例11: createSSLEngine
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
/**
* Returns a configured SSLEngine.
*
* @return the configured SSLEngine.
* @throws GeneralSecurityException thrown if the SSL engine could not
* be initialized.
* @throws IOException thrown if and IO error occurred while loading
* the server keystore.
*/
public SSLEngine createSSLEngine()
throws GeneralSecurityException, IOException {
SSLEngine sslEngine = context.createSSLEngine();
if (mode == Mode.CLIENT) {
sslEngine.setUseClientMode(true);
} else {
sslEngine.setUseClientMode(false);
sslEngine.setNeedClientAuth(requireClientCert);
}
sslEngine.setEnabledProtocols(enabledProtocols);
return sslEngine;
}
示例12: initChannel
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
protected void initChannel(SocketChannel channel) throws Exception {
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore ts = KeyStore.getInstance("JKS");
ts.load(new FileInputStream(tsLocation), tsPwd);
tmFactory.init(ts);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(ksLocation), ksPwd);
kmf.init(ks, ksPwd);
SSLContext serverContext = SSLContext.getInstance("TLS");
serverContext.init(kmf.getKeyManagers(), tmFactory.getTrustManagers(), null);
SSLEngine serverSslEngine = serverContext.createSSLEngine();
serverSslEngine.setNeedClientAuth(true);
serverSslEngine.setUseClientMode(false);
serverSslEngine.setEnabledProtocols(serverSslEngine.getSupportedProtocols());
serverSslEngine.setEnabledCipherSuites(serverSslEngine.getSupportedCipherSuites());
serverSslEngine.setEnableSessionCreation(true);
channel.pipeline().addLast("ssl", new io.netty.handler.ssl.SslHandler(serverSslEngine))
.addLast("encoder", encoder)
.addLast("decoder", new MessageDecoder())
.addLast("handler", dispatcher);
}
示例13: testOneCipher
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
protected void testOneCipher(String cipher) throws SSLException {
SSLContext context = getContext();
int maxPacketSize = getMaxPacketSize();
boolean useSNI = !TEST_MODE.equals("norm");
SSLEngine clientEngine = getClientSSLEngine(context, useSNI);
SSLEngine serverEngine = getServerSSLEngine(context, useSNI);
clientEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setNeedClientAuth(!cipher.contains("anon"));
doHandshake(clientEngine, serverEngine, maxPacketSize,
HandshakeMode.INITIAL_HANDSHAKE);
}
示例14: testOneCipher
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
protected void testOneCipher(String cipher) throws SSLException {
SSLContext context = getContext();
int maxPacketSize = getMaxPacketSize();
boolean useSNI = !TEST_MODE.equals("norm");
SSLEngine clientEngine = getClientSSLEngine(context, useSNI);
SSLEngine serverEngine = getServerSSLEngine(context, useSNI);
clientEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setNeedClientAuth(!cipher.contains("anon"));
doHandshake(clientEngine, serverEngine, maxPacketSize,
HandshakeMode.INITIAL_HANDSHAKE, true);
}
示例15: testOneCipher
import javax.net.ssl.SSLEngine; //导入方法依赖的package包/类
@Override
protected void testOneCipher(String cipher) throws SSLException {
SSLContext context = getContext();
int maxPacketSize = getMaxPacketSize();
boolean useSNI = !TEST_MODE.equals("norm");
SSLEngine clientEngine = getClientSSLEngine(context, useSNI);
SSLEngine serverEngine = getServerSSLEngine(context, useSNI);
clientEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setEnabledCipherSuites(new String[]{cipher});
serverEngine.setNeedClientAuth(!cipher.contains("anon"));
doHandshake(clientEngine, serverEngine, maxPacketSize,
HandshakeMode.INITIAL_HANDSHAKE);
sendApplicationData(clientEngine, serverEngine);
sendApplicationData(serverEngine, clientEngine);
}