List of usage examples for javax.net.ssl SSLServerSocket setEnabledCipherSuites
public abstract void setEnabledCipherSuites(String suites[]);
From source file:Main.java
public static void main(String[] argv) throws Exception { SSLServerSocketFactory factory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); SSLServerSocket serverSocket = (SSLServerSocket) factory.createServerSocket(8080); String[] suites = serverSocket.getSupportedCipherSuites(); for (int i = 0; i < suites.length; i++) { System.out.println(suites[i]); }// w w w .j a va 2 s.c o m serverSocket.setEnabledCipherSuites(suites); String[] protocols = serverSocket.getSupportedProtocols(); for (int i = 0; i < protocols.length; i++) { System.out.println(protocols[i]); } SSLSocket socket = (SSLSocket) serverSocket.accept(); socket.startHandshake(); System.out.println(socket.getRemoteSocketAddress()); }
From source file:MainClass.java
public static void main(String[] args) { int port = Integer.parseInt(args[0]); try {//from w ww. j a v a 2s . c om System.out.println("Locating server socket factory for SSL..."); SSLServerSocketFactory factory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); System.out.println("Creating a server socket on port " + port); SSLServerSocket serverSocket = (SSLServerSocket) factory.createServerSocket(port); String[] suites = serverSocket.getSupportedCipherSuites(); System.out.println("Support cipher suites are:"); for (int i = 0; i < suites.length; i++) { System.out.println(suites[i]); } serverSocket.setEnabledCipherSuites(suites); System.out.println("Support protocols are:"); String[] protocols = serverSocket.getSupportedProtocols(); for (int i = 0; i < protocols.length; i++) { System.out.println(protocols[i]); } System.out.println("Waiting for client..."); SSLSocket socket = (SSLSocket) serverSocket.accept(); System.out.println("Starting handshake..."); socket.startHandshake(); System.out.println("Just connected to " + socket.getRemoteSocketAddress()); } catch (IOException e) { e.printStackTrace(); } }
From source file:net.i2p.util.I2PSSLSocketFactory.java
/** * Select protocols and cipher suites to be used * based on configured inclusion and exclusion lists * as well as enabled and supported protocols and cipher suites. * * Adapted from Jetty SslContextFactory.java * * @since 0.9.16/*from w ww .j a v a 2 s . c om*/ */ public static void setProtocolsAndCiphers(SSLServerSocket socket) { String[] p = selectProtocols(socket.getEnabledProtocols(), socket.getSupportedProtocols()); for (int i = 0; i < p.length; i++) { // if we left SSLv3 in there, we don't support TLS, // so we should't remove the SSL ciphers if (p[i].equals("SSLv3")) return; } socket.setEnabledProtocols(p); socket.setEnabledCipherSuites( selectCipherSuites(socket.getEnabledCipherSuites(), socket.getSupportedCipherSuites())); }
From source file:com.apporiented.hermesftp.server.impl.SecureFtpServer.java
private void enableCipherSuites(SSLServerSocket sslServerSocket) { String[] cipherSuites = getOptions().getStringArray(OPT_SSL_CIPHER_SUITES, null); if (cipherSuites != null) { if (cipherSuites.length == 1 && "*".equals(cipherSuites[0])) { sslServerSocket.setEnabledCipherSuites(sslServerSocket.getSupportedCipherSuites()); } else {/*www. j a v a2s .c om*/ sslServerSocket.setEnabledCipherSuites(cipherSuites); } } }
From source file:com.apporiented.hermesftp.cmd.PassiveModeSocketProvider.java
/** * Enables the configured cipher suites in the passed server socket. * //from w w w .ja v a2s . co m * @param sslServerSocket The server socket. */ private void enableCipherSuites(SSLServerSocket sslServerSocket) { String[] cipherSuites = ctx.getOptions().getStringArray(FtpConstants.OPT_SSL_CIPHER_SUITES, null); if (cipherSuites != null) { if (cipherSuites.length == 1 && FtpConstants.WILDCARD.equals(cipherSuites[0])) { sslServerSocket.setEnabledCipherSuites(sslServerSocket.getSupportedCipherSuites()); } else { sslServerSocket.setEnabledCipherSuites(cipherSuites); } } }
From source file:com.predic8.membrane.core.transport.ssl.SSLContext.java
public void applyCiphers(SSLServerSocket sslServerSocket) { if (ciphers != null) { if (getSSLParametersMethod == null || setSSLParametersMethod == null) { sslServerSocket.setEnabledCipherSuites(ciphers); } else {/*ww w. j av a 2 s.c om*/ SSLParameters sslParameters; try { // "sslParameters = sslServerSocket.getSSLParameters();" works only on Java 7+ sslParameters = (SSLParameters) getSSLParametersMethod.invoke(sslServerSocket, new Object[] {}); applyCipherOrdering(sslParameters); sslParameters.setCipherSuites(ciphers); // "sslServerSocket.setSSLParameters(sslParameters);" works only on Java 7+ setSSLParametersMethod.invoke(sslServerSocket, new Object[] { sslParameters }); } catch (IllegalAccessException e) { throw new RuntimeException(e); } catch (InvocationTargetException e) { throw new RuntimeException(e); } } } }
From source file:net.jradius.server.TCPListener.java
public void setConfiguration(ListenerConfigurationItem cfg, boolean noKeepAlive) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException, IOException { keepAlive = !noKeepAlive;//w w w . j av a 2 s. c om config = cfg; Map props = config.getProperties(); String s = (String) props.get("port"); if (s != null) port = new Integer(s).intValue(); s = (String) props.get("backlog"); if (s != null) backlog = new Integer(s).intValue(); if (keepAlive) { s = (String) props.get("keepAlive"); if (s != null) keepAlive = new Boolean(s).booleanValue(); } String useSSL = (String) props.get("useSSL"); String trustAll = (String) props.get("trustAll"); if (requiresSSL || "true".equalsIgnoreCase(useSSL)) { KeyManager[] keyManagers = null; TrustManager[] trustManagers = null; String keyManager = (String) props.get("keyManager"); if (keyManager != null && keyManager.length() > 0) { try { KeyManager manager = (KeyManager) Configuration.getBean(keyManager); keyManagers = new KeyManager[] { manager }; } catch (Exception e) { e.printStackTrace(); } } else { String keystore = (String) props.get("keyStore"); String keystoreType = (String) props.get("keyStoreType"); String keystorePassword = (String) props.get("keyStorePassword"); String keyPassword = (String) props.get("keyPassword"); if (keystore != null) { if (keystoreType == null) keystoreType = "pkcs12"; KeyStore ks = KeyStore.getInstance(keystoreType); ks.load(new FileInputStream(keystore), keystorePassword == null ? null : keystorePassword.toCharArray()); KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, keyPassword == null ? null : keyPassword.toCharArray()); keyManagers = kmf.getKeyManagers(); } } String trustManager = (String) props.get("trustManager"); if (trustManager != null && trustManager.length() > 0) { try { TrustManager manager = (TrustManager) Configuration.getBean(trustManager); trustManagers = new TrustManager[] { manager }; } catch (Exception e) { e.printStackTrace(); } } else if ("true".equalsIgnoreCase(trustAll)) { trustManagers = new TrustManager[] { new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) { } public void checkServerTrusted(X509Certificate[] chain, String authType) { } public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } } }; } else { String keystore = (String) props.get("caStore"); String keystoreType = (String) props.get("caStoreType"); String keystorePassword = (String) props.get("caStorePassword"); if (keystore != null) { if (keystoreType == null) keystoreType = "pkcs12"; KeyStore caKeys = KeyStore.getInstance(keystoreType); caKeys.load(new FileInputStream(keystore), keystorePassword == null ? null : keystorePassword.toCharArray()); TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); tmf.init(caKeys); trustManagers = tmf.getTrustManagers(); } } SSLContext sslContext = SSLContext.getInstance("SSLv3"); sslContext.init(keyManagers, trustManagers, null); ServerSocketFactory socketFactory = sslContext.getServerSocketFactory(); SSLServerSocket sslServerSocket = (SSLServerSocket) socketFactory.createServerSocket(port, backlog); serverSocket = sslServerSocket; if (sslWantClientAuth) sslServerSocket.setWantClientAuth(true); if (sslNeedClientAuth) sslServerSocket.setNeedClientAuth(true); if (sslEnabledProtocols != null) sslServerSocket.setEnabledProtocols(sslEnabledProtocols); if (sslEnabledCiphers != null) sslServerSocket.setEnabledCipherSuites(sslEnabledCiphers); usingSSL = true; } else { serverSocket = new ServerSocket(port, backlog); } serverSocket.setReuseAddress(true); setActive(true); }
From source file:net.lightbody.bmp.proxy.jetty.http.SslListener.java
/** * @param p_address/* w w w . j a va2s.c om*/ * @param p_acceptQueueSize * @return @exception IOException */ protected ServerSocket newServerSocket(InetAddrPort p_address, int p_acceptQueueSize) throws IOException { SSLServerSocketFactory factory = null; SSLServerSocket socket = null; try { factory = createFactory(); if (p_address == null) { socket = (SSLServerSocket) factory.createServerSocket(0, p_acceptQueueSize); } else { socket = (SSLServerSocket) factory.createServerSocket(p_address.getPort(), p_acceptQueueSize, p_address.getInetAddress()); } if (_needClientAuth) socket.setNeedClientAuth(true); else if (_wantClientAuth) socket.setWantClientAuth(true); if (cipherSuites != null && cipherSuites.length > 0) { socket.setEnabledCipherSuites(cipherSuites); for (int i = 0; i < cipherSuites.length; i++) { log.debug("SslListener enabled ciphersuite: " + cipherSuites[i]); } } } catch (IOException e) { throw e; } catch (Exception e) { log.warn(LogSupport.EXCEPTION, e); throw new IOException("Could not create JsseListener: " + e.toString()); } return socket; }
From source file:com.adito.server.jetty.CustomJsseListener.java
protected ServerSocket newServerSocket(InetAddrPort p_address, int p_acceptQueueSize) throws IOException { SSLServerSocket serverSocket = (SSLServerSocket) super.newServerSocket(p_address, p_acceptQueueSize); if (serverSocket.getNeedClientAuth()) { serverSocket.setNeedClientAuth(require); setNeedClientAuth(require);/* www .j av a 2 s . c o m*/ if (!require) serverSocket.setWantClientAuth(true); } String[] ciphers = serverSocket.getSupportedCipherSuites(); String[] protocols = serverSocket.getSupportedProtocols(); if (log.isInfoEnabled()) { log.info("The following protocols are supported:"); for (int i = 0; i < protocols.length; i++) { log.info(" " + protocols[i]); } } if (createAvailableCipherSuitesList) { File f = new File(ContextHolder.getContext().getTempDirectory(), "availableCipherSuites.txt"); BufferedWriter writer = null; try { writer = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(f))); if (log.isInfoEnabled()) log.info("The following cipher suites are supported:"); for (int i = 0; i < ciphers.length; i++) { if (log.isInfoEnabled()) log.info(" " + ciphers[i]); writer.write(ciphers[i]); writer.newLine(); } } catch (Throwable e) { log.error("Could not create cipher list!", e); configureContext = false; } finally { if (writer != null) writer.close(); } createAvailableCipherSuitesList = false; } if (configureContext) { PropertyList list = ContextHolder.getContext().getConfig() .retrievePropertyList(new ContextKey("ssl.supportedProtocols")); if (!list.isEmpty()) { serverSocket.setEnabledProtocols(list.asArray()); } list = ContextHolder.getContext().getConfig() .retrievePropertyList(new ContextKey("ssl.supportedCiphers")); if (!list.isEmpty()) { serverSocket.setEnabledCipherSuites(list.asArray()); } } protocols = serverSocket.getEnabledProtocols(); if (log.isInfoEnabled()) { log.info("The following protocols are enabled:"); for (int i = 0; i < protocols.length; i++) { log.info(" " + protocols[i]); } } ciphers = serverSocket.getEnabledCipherSuites(); if (log.isInfoEnabled()) { log.info("The following cipher suites are enabled:"); for (int i = 0; i < ciphers.length; i++) { log.info(" " + ciphers[i]); } } return serverSocket; }
From source file:org.apache.cassandra.security.SSLFactory.java
public static SSLServerSocket getServerSocket(EncryptionOptions options, InetAddress address, int port) throws IOException { SSLContext ctx = createSSLContext(options, true); SSLServerSocket serverSocket = (SSLServerSocket) ctx.getServerSocketFactory().createServerSocket(); serverSocket.setReuseAddress(true);/*from www .j av a 2 s . c o m*/ String[] suits = filterCipherSuites(serverSocket.getSupportedCipherSuites(), options.cipher_suites); serverSocket.setEnabledCipherSuites(suits); serverSocket.setNeedClientAuth(options.require_client_auth); serverSocket.setEnabledProtocols(ACCEPTED_PROTOCOLS); serverSocket.bind(new InetSocketAddress(address, port), 500); return serverSocket; }