本文整理汇总了Java中javax.net.ssl.SSLSocket.setEnabledCipherSuites方法的典型用法代码示例。如果您正苦于以下问题:Java SSLSocket.setEnabledCipherSuites方法的具体用法?Java SSLSocket.setEnabledCipherSuites怎么用?Java SSLSocket.setEnabledCipherSuites使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.net.ssl.SSLSocket的用法示例。
在下文中一共展示了SSLSocket.setEnabledCipherSuites方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createServerSocket
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
/**
* <p>Creates a server socket that accepts SSL connections
* configured according to this factory's SSL socket configuration
* parameters.</p>
*/
public ServerSocket createServerSocket(int port) throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
return new ServerSocket(port) {
public Socket accept() throws IOException {
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
};
}
示例2: allEnabledCipherSuites
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
@Test public void allEnabledCipherSuites() throws Exception {
ConnectionSpec tlsSpec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.allEnabledCipherSuites()
.build();
assertNull(tlsSpec.cipherSuites());
SSLSocket sslSocket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
sslSocket.setEnabledCipherSuites(new String[] {
CipherSuite.TLS_RSA_WITH_RC4_128_SHA.javaName,
CipherSuite.TLS_RSA_WITH_RC4_128_MD5.javaName,
});
tlsSpec.apply(sslSocket, false);
assertEquals(Arrays.asList(
CipherSuite.TLS_RSA_WITH_RC4_128_SHA.javaName,
CipherSuite.TLS_RSA_WITH_RC4_128_MD5.javaName),
Arrays.asList(sslSocket.getEnabledCipherSuites()));
}
示例3: accept
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
@Override
public Socket accept() throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
示例4: initSocket
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
/**
* Configures the given SSL server socket with the requested cipher suites,
* protocol versions, and need for client authentication
*/
private void initSocket(Socket ssocket) {
SSLSocket socket = (SSLSocket) ssocket;
if (enabledCiphers != null) {
socket.setEnabledCipherSuites(enabledCiphers);
}
setEnabledProtocols(socket, getEnabledProtocols(socket,
listener.getSslProtocol()));
// we don't know if client auth is needed -
// after parsing the request we may re-handshake
//configureClientAuth(socket);
}
示例5: runClientApplication
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
@Override
protected void runClientApplication(SSLSocket socket) throws Exception {
String ciphers[] = {
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"};
socket.setEnabledCipherSuites(ciphers);
socket.setUseClientMode(true);
InputStream sslIS = socket.getInputStream();
OutputStream sslOS = socket.getOutputStream();
sslOS.write(280);
sslOS.flush();
sslIS.read();
}
示例6: tls_missingRequiredCipher
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
@Test public void tls_missingRequiredCipher() throws Exception {
ConnectionSpec tlsSpec = new ConnectionSpec.Builder(true)
.cipherSuites(CipherSuite.TLS_RSA_WITH_RC4_128_MD5)
.tlsVersions(TlsVersion.TLS_1_2)
.supportsTlsExtensions(false)
.build();
SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
socket.setEnabledProtocols(new String[] {
TlsVersion.TLS_1_2.javaName,
TlsVersion.TLS_1_1.javaName,
});
socket.setEnabledCipherSuites(new String[] {
CipherSuite.TLS_RSA_WITH_RC4_128_SHA.javaName,
CipherSuite.TLS_RSA_WITH_RC4_128_MD5.javaName,
});
assertTrue(tlsSpec.isCompatible(socket));
socket.setEnabledCipherSuites(new String[] {
CipherSuite.TLS_RSA_WITH_RC4_128_SHA.javaName,
});
assertFalse(tlsSpec.isCompatible(socket));
}
示例7: hardenSocket
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
private static void hardenSocket(SSLSocket sock) {
if (ENABLED_CIPHERS != null) {
sock.setEnabledCipherSuites(ENABLED_CIPHERS);
}
if (ENABLED_PROTOCOLS != null) {
sock.setEnabledProtocols(ENABLED_PROTOCOLS);
}
}
示例8: upgradeTLS
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
private void upgradeTLS(SSLSocket ssl) {
if (protocols != null) {
ssl.setEnabledProtocols(protocols);
}
if (cipherSuites != null) {
ssl.setEnabledCipherSuites(cipherSuites);
}
}
示例9: tls_defaultCiphers_withFallbackIndicator
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
@Test public void tls_defaultCiphers_withFallbackIndicator() throws Exception {
ConnectionSpec tlsSpec = new ConnectionSpec.Builder(true)
.tlsVersions(TlsVersion.TLS_1_2)
.supportsTlsExtensions(false)
.build();
SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
socket.setEnabledCipherSuites(new String[] {
CipherSuite.TLS_RSA_WITH_RC4_128_MD5.javaName,
CipherSuite.TLS_RSA_WITH_RC4_128_SHA.javaName,
});
socket.setEnabledProtocols(new String[] {
TlsVersion.TLS_1_2.javaName,
TlsVersion.TLS_1_1.javaName,
});
assertTrue(tlsSpec.isCompatible(socket));
tlsSpec.apply(socket, true /* isFallback */);
assertEquals(set(TlsVersion.TLS_1_2.javaName), set(socket.getEnabledProtocols()));
Set<String> expectedCipherSet =
set(
CipherSuite.TLS_RSA_WITH_RC4_128_MD5.javaName,
CipherSuite.TLS_RSA_WITH_RC4_128_SHA.javaName);
if (Arrays.asList(socket.getSupportedCipherSuites()).contains("TLS_FALLBACK_SCSV")) {
expectedCipherSet.add("TLS_FALLBACK_SCSV");
}
assertEquals(expectedCipherSet, expectedCipherSet);
}
示例10: CustomCipherSuites
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
public CustomCipherSuites() throws GeneralSecurityException {
// Configure cipher suites to demonstrate how to customize which cipher suites will be used for
// an OkHttp request. In order to be selected a cipher suite must be included in both OkHttp's
// connection spec and in the SSLSocket's enabled cipher suites array. Most applications should
// not customize the cipher suites list.
List<CipherSuite> customCipherSuites = Arrays.asList(
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384);
final ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.cipherSuites(customCipherSuites.toArray(new CipherSuite[0]))
.build();
X509TrustManager trustManager = defaultTrustManager();
SSLSocketFactory sslSocketFactory = defaultSslSocketFactory(trustManager);
SSLSocketFactory customSslSocketFactory = new DelegatingSSLSocketFactory(sslSocketFactory) {
@Override protected SSLSocket configureSocket(SSLSocket socket) throws IOException {
socket.setEnabledCipherSuites(javaNames(spec.cipherSuites()));
return socket;
}
};
client = new OkHttpClient.Builder()
.connectionSpecs(Collections.singletonList(spec))
.sslSocketFactory(customSslSocketFactory, trustManager)
.build();
}
示例11: createSocket
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
@Override
public Socket createSocket(InetAddress ia, int i, InetAddress ia1, int i1)
throws IOException {
SSLSocket sslSocket = (SSLSocket) delegateSocketFactory.createSocket(ia,
i, ia1, i1);
if (null != enabledCipherSuites) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
return sslSocket;
}
示例12: createSocket
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
/**
* Create a client socket.
* @param serviceUrl jmx service url
* @return client socket
* @throws IOException if an I/O error occurs when creating the socket
*/
@Override
public Socket createSocket(final JMXServiceURL serviceUrl) throws IOException {
final SSLSocket baseSslSocket = (SSLSocket) sslContext.getSocketFactory().createSocket(serviceUrl.getHost(),
serviceUrl.getPort());
baseSslSocket.setEnabledProtocols(enabledProtocols);
baseSslSocket.setEnabledCipherSuites(enabledCiphersuites);
baseSslSocket.setKeepAlive(true);
LOGGER.log(Level.FINE, "Created client socket");
return baseSslSocket;
}
示例13: doClientSide
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
void doClientSide() throws Exception {
/*
* Wait for server to get started.
*/
while (!serverReady) {
Thread.sleep(50);
}
SSLSocketFactory sslsf =
(SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket)
sslsf.createSocket("localhost", serverPort);
// enable TLSv1.1 only
sslSocket.setEnabledProtocols(new String[] {"TLSv1.1"});
// enable a exportable block cipher
sslSocket.setEnabledCipherSuites(
new String[] {"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"});
InputStream sslIS = sslSocket.getInputStream();
OutputStream sslOS = sslSocket.getOutputStream();
boolean interrupted = false;
try {
sslOS.write('B');
sslOS.flush();
sslIS.read();
} catch (SSLException ssle) {
// get the expected exception
interrupted = true;
} finally {
sslSocket.close();
}
if (!interrupted) {
throw new SSLHandshakeException(
"A weak cipher suite is negotiated, " +
"TLSv1.1 must not negotiate the exportable cipher suites.");
}
}
示例14: startHandshake
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
private SSLSocket startHandshake(SSLSocketFactory factory)
throws IOException {
if (ldapConnection == null) {
throw new IllegalStateException("LDAP connection has not been set."
+ " TLS requires an existing LDAP connection.");
}
if (factory != currentFactory) {
// Create SSL socket layered over the existing connection
sslSocket = (SSLSocket) factory.createSocket(ldapConnection.sock,
ldapConnection.host, ldapConnection.port, false);
currentFactory = factory;
if (debug) {
System.out.println("StartTLS: Created socket : " + sslSocket);
}
}
if (suites != null) {
sslSocket.setEnabledCipherSuites(suites);
if (debug) {
System.out.println("StartTLS: Enabled cipher suites");
}
}
// Connection must be quite for handshake to proceed
try {
if (debug) {
System.out.println(
"StartTLS: Calling sslSocket.startHandshake");
}
sslSocket.startHandshake();
if (debug) {
System.out.println(
"StartTLS: + Finished sslSocket.startHandshake");
}
// Replace original streams with the new SSL streams
ldapConnection.replaceStreams(sslSocket.getInputStream(),
sslSocket.getOutputStream());
if (debug) {
System.out.println("StartTLS: Replaced IO Streams");
}
} catch (IOException e) {
if (debug) {
System.out.println("StartTLS: Got IO error during handshake");
e.printStackTrace();
}
sslSocket.close();
isClosed = true;
throw e; // pass up exception
}
return sslSocket;
}
示例15: getLocalAddressForTlsDst
import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
/**
* Creates and binds, if necessary, a socket connected to the specified
* destination address and port and then returns its local address.
*
* @param dst the destination address that the socket would need to connect
* to.
* @param dstPort the port number that the connection would be established
* with.
* @param localAddress the address that we would like to bind on (null for
* the "any" address).
*
* @param channel the message channel that will be servicing the socket
*
* @return the SocketAddress that this handler would use when connecting to
* the specified destination address and port.
*
* @throws IOException if we fail binding the socket
*/
public SocketAddress getLocalAddressForTlsDst(InetAddress dst, int dstPort,
InetAddress localAddress, TLSMessageChannel channel)
throws IOException {
String key = makeKey(dst, dstPort);
Socket clientSock = getSocket(key);
if (clientSock == null) {
clientSock = sipStack.getNetworkLayer()
.createSSLSocket(dst, dstPort, localAddress);
SSLSocket sslsock = (SSLSocket) clientSock;
if (logger.isLoggingEnabled(LogWriter.TRACE_DEBUG)) {
logger.logDebug(
"inaddr = " + dst);
logger.logDebug(
"port = " + dstPort);
}
HandshakeCompletedListenerImpl listner
= new HandshakeCompletedListenerImpl(channel, sslsock);
channel.setHandshakeCompletedListener(listner);
sslsock.addHandshakeCompletedListener(listner);
sslsock.setEnabledProtocols(sipStack.getEnabledProtocols());
sslsock.setEnabledCipherSuites(sipStack.getEnabledCipherSuites());
listner.startHandshakeWatchdog();
sslsock.startHandshake();
channel.setHandshakeCompleted(true);
if (logger.isLoggingEnabled(LogWriter.TRACE_DEBUG)) {
this.logger.logDebug(
"Handshake passed");
}
// allow application to enforce policy by validating the
// certificate
try {
sipStack.getTlsSecurityPolicy().enforceTlsPolicy(
channel.getEncapsulatedClientTransaction());
}
catch (SecurityException ex) {
throw new IOException(ex.getMessage());
}
if (logger.isLoggingEnabled(LogWriter.TRACE_DEBUG)) {
this.logger.logDebug(
"TLS Security policy passed");
}
putSocket(key, clientSock);
}
return clientSock.getLocalSocketAddress();
}