本文整理汇总了Java中javax.net.ssl.SSLSession.getPeerCertificates方法的典型用法代码示例。如果您正苦于以下问题:Java SSLSession.getPeerCertificates方法的具体用法?Java SSLSession.getPeerCertificates怎么用?Java SSLSession.getPeerCertificates使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.net.ssl.SSLSession的用法示例。
在下文中一共展示了SSLSession.getPeerCertificates方法的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: get
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
public static Handshake get(SSLSession session) {
String cipherSuiteString = session.getCipherSuite();
if (cipherSuiteString == null) throw new IllegalStateException("cipherSuite == null");
CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString);
String tlsVersionString = session.getProtocol();
if (tlsVersionString == null) throw new IllegalStateException("tlsVersion == null");
TlsVersion tlsVersion = TlsVersion.forJavaName(tlsVersionString);
Certificate[] peerCertificates;
try {
peerCertificates = session.getPeerCertificates();
} catch (SSLPeerUnverifiedException ignored) {
peerCertificates = null;
}
List<Certificate> peerCertificatesList = peerCertificates != null
? Util.immutableList(peerCertificates)
: Collections.<Certificate>emptyList();
Certificate[] localCertificates = session.getLocalCertificates();
List<Certificate> localCertificatesList = localCertificates != null
? Util.immutableList(localCertificates)
: Collections.<Certificate>emptyList();
return new Handshake(tlsVersion, cipherSuite, peerCertificatesList, localCertificatesList);
}
示例2: get
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
public static Handshake get(SSLSession session) {
String cipherSuite = session.getCipherSuite();
if (cipherSuite == null) {
throw new IllegalStateException("cipherSuite == null");
}
Certificate[] peerCertificates;
List<Certificate> peerCertificatesList;
List<Certificate> localCertificatesList;
try {
peerCertificates = session.getPeerCertificates();
} catch (SSLPeerUnverifiedException e) {
peerCertificates = null;
}
if (peerCertificates != null) {
peerCertificatesList = Util.immutableList(peerCertificates);
} else {
peerCertificatesList = Collections.emptyList();
}
Certificate[] localCertificates = session.getLocalCertificates();
if (localCertificates != null) {
localCertificatesList = Util.immutableList(localCertificates);
} else {
localCertificatesList = Collections.emptyList();
}
return new Handshake(cipherSuite, peerCertificatesList, localCertificatesList);
}
示例3: verify
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
@Override
public boolean verify(String host, SSLSession session) {
try {
Certificate[] certificates = session.getPeerCertificates();
return verify(host, (X509Certificate) certificates[0]);
} catch (SSLException e) {
return false;
}
}
示例4: getX509Certificates
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
protected java.security.cert.X509Certificate[] getX509Certificates(SSLSession session) {
Certificate[] certs = null;
try {
certs = session.getPeerCertificates();
} catch (Throwable t) {
log.debug(sm.getString("jsseSupport.clientCertError"), t);
return null;
}
if (certs == null)
return null;
java.security.cert.X509Certificate[] x509Certs = new java.security.cert.X509Certificate[certs.length];
for (int i = 0; i < certs.length; i++) {
if (certs[i] instanceof java.security.cert.X509Certificate) {
// always currently true with the JSSE 1.1.x
x509Certs[i] = (java.security.cert.X509Certificate) certs[i];
} else {
try {
byte[] buffer = certs[i].getEncoded();
CertificateFactory cf = CertificateFactory.getInstance("X.509");
ByteArrayInputStream stream = new ByteArrayInputStream(buffer);
x509Certs[i] = (java.security.cert.X509Certificate) cf.generateCertificate(stream);
} catch (Exception ex) {
log.info(sm.getString("jseeSupport.certTranslationError", certs[i]), ex);
return null;
}
}
if (log.isTraceEnabled())
log.trace("Cert #" + i + " = " + x509Certs[i]);
}
if (x509Certs.length < 1)
return null;
return x509Certs;
}
示例5: verify
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
/**
* The javax.net.ssl.HostnameVerifier contract.
*
* @param host 'hostname' we used to create our socket
* @param session SSLSession with the remote server
* @return true if the host matched the one in the certificate.
*/
@Override
public boolean verify(String host, SSLSession session) {
try {
Certificate[] certs = session.getPeerCertificates();
X509Certificate x509 = (X509Certificate) certs[0];
check(new String[]{host}, x509);
return true;
}
catch (SSLException e) {
return false;
}
}
示例6: verify
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
@Override
public boolean verify(String host, SSLSession session) {
try {
Certificate[] certificates = session.getPeerCertificates();
return verify(host, (X509Certificate) certificates[0]);
} catch (SSLException e) {
return false;
}
}
示例7: getX509Certificates
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
protected java.security.cert.X509Certificate [] getX509Certificates(
SSLSession session) {
Certificate [] certs=null;
try {
certs = session.getPeerCertificates();
} catch( Throwable t ) {
log.debug(sm.getString("jsseSupport.clientCertError"), t);
return null;
}
if( certs==null ) return null;
java.security.cert.X509Certificate [] x509Certs =
new java.security.cert.X509Certificate[certs.length];
for(int i=0; i < certs.length; i++) {
if (certs[i] instanceof java.security.cert.X509Certificate ) {
// always currently true with the JSSE 1.1.x
x509Certs[i] = (java.security.cert.X509Certificate) certs[i];
} else {
try {
byte [] buffer = certs[i].getEncoded();
CertificateFactory cf =
CertificateFactory.getInstance("X.509");
ByteArrayInputStream stream =
new ByteArrayInputStream(buffer);
x509Certs[i] = (java.security.cert.X509Certificate)
cf.generateCertificate(stream);
} catch(Exception ex) {
log.info(sm.getString(
"jseeSupport.certTranslationError", certs[i]), ex);
return null;
}
}
if(log.isTraceEnabled())
log.trace("Cert #" + i + " = " + x509Certs[i]);
}
if(x509Certs.length < 1)
return null;
return x509Certs;
}
示例8: verify
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
@Override
public boolean verify(String hostname, SSLSession session) {
try {
Certificate[] certificates = session.getPeerCertificates();
X509Certificate cert = (X509Certificate) certificates[0];
String cn = cert.getSubjectDN().getName().split(",")[0].substring(3);
return cn.equals(mHostName) && verifyHostName(hostname, cn);
} catch (Exception e) {
e.printStackTrace();
return false;
}
}
示例9: verify
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
public final boolean verify(String host, SSLSession session) {
try {
Certificate[] certs = session.getPeerCertificates();
X509Certificate x509 = (X509Certificate) certs[0];
verify(host, x509);
return true;
}
catch(SSLException e) {
return false;
}
}
示例10: getX509Certificates
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
protected java.security.cert.X509Certificate [] getX509Certificates(SSLSession session)
throws IOException {
Certificate [] certs=null;
try {
certs = session.getPeerCertificates();
} catch( Throwable t ) {
log.debug("Error getting client certs",t);
return null;
}
if( certs==null ) return null;
java.security.cert.X509Certificate [] x509Certs =
new java.security.cert.X509Certificate[certs.length];
for(int i=0; i < certs.length; i++) {
if (certs[i] instanceof java.security.cert.X509Certificate ) {
// always currently true with the JSSE 1.1.x
x509Certs[i] = (java.security.cert.X509Certificate) certs[i];
} else {
try {
byte [] buffer = certs[i].getEncoded();
CertificateFactory cf =
CertificateFactory.getInstance("X.509");
ByteArrayInputStream stream =
new ByteArrayInputStream(buffer);
x509Certs[i] = (java.security.cert.X509Certificate) cf.generateCertificate(stream);
} catch(Exception ex) {
log.info("Error translating cert " + certs[i], ex);
return null;
}
}
if(log.isTraceEnabled())
log.trace("Cert #" + i + " = " + x509Certs[i]);
}
if(x509Certs.length < 1)
return null;
return x509Certs;
}
示例11: verify
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
public final boolean verify(final String host, final SSLSession session) {
try {
final Certificate[] certs = session.getPeerCertificates();
final X509Certificate x509 = (X509Certificate) certs[0];
verify(host, x509);
return true;
}
catch(final SSLException e) {
return false;
}
}
示例12: getHelloFromServer
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
/**
* Returned socket may be sslsocket if TLSEnabled.
*
* @param socket
* @param TLSEnabled
* @param host
* @param charset
* @return
* @throws IOException
*/
public static Socket getHelloFromServer(Socket socket, boolean TLSEnabled, String host, Charset charset) throws SSLPeerUnverifiedException, IOException, SocketTimeoutException{
PrintWriter out = new PrintWriter(new OutputStreamWriter(socket.getOutputStream(), charset));
BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream(), charset));
String line = in.readLine();
if (line == null || (!line.startsWith("200") && !line.startsWith("201") )){
Log.get().log(Level.WARNING, "Bad Hello from host {0} : {1}",
new Object[]{host, line});
throw new IOException();
}
if (TLSEnabled){
SSLSocket sslsocket = TLS.createSSLClientSocket(socket);
out.print("STARTTLS"+NNTPConnection.NEWLINE);
out.flush();
line = in.readLine();
if (line == null || !line.startsWith("382")) { //"382 Continue with TLS negotiation"
Log.get().log(Level.WARNING, "From host {0} STARTTLS response: {1}",
new Object[]{host, line});
throw new IOException();
}
SSLSession session = sslsocket.getSession(); //handshake
//throw exception:
X509Certificate cert = (X509Certificate) session.getPeerCertificates()[0]; //I am not sure how to check that it is right cert. TrustManager must do it.
//ready for encrypted communication
//new encrypted streams
//this.out = new PrintWriter(new OutputStreamWriter(sslsocket.getOutputStream(), this.charset));
//this.in = new BufferedReader(new InputStreamReader(sslsocket.getInputStream(), this.charset));
return sslsocket;
}else
return socket;
}
示例13: verify
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
public boolean verify(String host, SSLSession session) {
try {
Certificate[] certificates = session.getPeerCertificates();
return verify(host, (X509Certificate) certificates[0]);
} catch (SSLException e) {
return false;
}
}
示例14: verifyHostName
import javax.net.ssl.SSLSession; //导入方法依赖的package包/类
/**
* Verifies that the given hostname in certicifate is the hostname we are trying to connect to
* http://www.cvedetails.com/cve/CVE-2012-5783/
* @param host
* @param ssl
* @throws IOException
*/
private static void verifyHostName(String host, SSLSocket ssl)
throws IOException {
if (host == null) {
throw new IllegalArgumentException("host to verify was null");
}
SSLSession session = ssl.getSession();
if (session == null) {
// In our experience this only happens under IBM 1.4.x when
// spurious (unrelated) certificates show up in the server's chain.
// Hopefully this will unearth the real problem:
InputStream in = ssl.getInputStream();
in.available();
/*
If you're looking at the 2 lines of code above because you're
running into a problem, you probably have two options:
#1. Clean up the certificate chain that your server
is presenting (e.g. edit "/etc/apache2/server.crt" or
wherever it is your server's certificate chain is
defined).
OR
#2. Upgrade to an IBM 1.5.x or greater JVM, or switch to a
non-IBM JVM.
*/
// If ssl.getInputStream().available() didn't cause an exception,
// maybe at least now the session is available?
session = ssl.getSession();
if (session == null) {
// If it's still null, probably a startHandshake() will
// unearth the real problem.
ssl.startHandshake();
// Okay, if we still haven't managed to cause an exception,
// might as well go for the NPE. Or maybe we're okay now?
session = ssl.getSession();
}
}
Certificate[] certs = session.getPeerCertificates();
verifyHostName(host.trim().toLowerCase(Locale.US), (X509Certificate) certs[0]);
}