Search in sources :

Example 1 with ExtendedSSLSession

use of javax.net.ssl.ExtendedSSLSession in project neo4j by neo4j.

the class CertConfiguredSecureSocketConnection method getSeenOcspResponses.

public Set<BasicOCSPResp> getSeenOcspResponses() throws IOException, OCSPException {
    Set<BasicOCSPResp> ocspResponses = new HashSet<>();
    List<byte[]> binaryStatusResponses = ((ExtendedSSLSession) ((SSLSocket) getSocket()).getSession()).getStatusResponses();
    for (byte[] bResp : binaryStatusResponses) {
        if (bResp.length > 0) {
            OCSPResp ocspResp = new OCSPResp(bResp);
            ocspResponses.add((BasicOCSPResp) ocspResp.getResponseObject());
        }
    }
    return ocspResponses;
}
Also used : BasicOCSPResp(org.bouncycastle.cert.ocsp.BasicOCSPResp) ExtendedSSLSession(javax.net.ssl.ExtendedSSLSession) HashSet(java.util.HashSet) OCSPResp(org.bouncycastle.cert.ocsp.OCSPResp) BasicOCSPResp(org.bouncycastle.cert.ocsp.BasicOCSPResp)

Example 2 with ExtendedSSLSession

use of javax.net.ssl.ExtendedSSLSession in project netty by netty.

the class SniClientJava8TestUtil method assertSSLSession.

private static void assertSSLSession(boolean clientSide, SSLSession session, SNIServerName name) {
    assertNotNull(session);
    if (session instanceof ExtendedSSLSession) {
        ExtendedSSLSession extendedSSLSession = (ExtendedSSLSession) session;
        List<SNIServerName> names = extendedSSLSession.getRequestedServerNames();
        assertEquals(1, names.size());
        assertEquals(name, names.get(0));
        assertTrue(extendedSSLSession.getLocalSupportedSignatureAlgorithms().length > 0);
        if (clientSide) {
            assertEquals(0, extendedSSLSession.getPeerSupportedSignatureAlgorithms().length);
        } else {
            assertTrue(extendedSSLSession.getPeerSupportedSignatureAlgorithms().length >= 0);
        }
    }
}
Also used : SNIServerName(javax.net.ssl.SNIServerName) ExtendedSSLSession(javax.net.ssl.ExtendedSSLSession)

Example 3 with ExtendedSSLSession

use of javax.net.ssl.ExtendedSSLSession in project j2objc by google.

the class SSLSocketTest method test_SSLSocket_SNIHostName.

public void test_SSLSocket_SNIHostName() throws Exception {
    TestSSLContext c = TestSSLContext.create();
    final SSLSocket client = (SSLSocket) c.clientContext.getSocketFactory().createSocket();
    SSLParameters clientParams = client.getSSLParameters();
    clientParams.setServerNames(Collections.singletonList((SNIServerName) new SNIHostName("www.example.com")));
    client.setSSLParameters(clientParams);
    SSLParameters serverParams = c.serverSocket.getSSLParameters();
    serverParams.setSNIMatchers(Collections.singletonList(SNIHostName.createSNIMatcher("www\\.example\\.com")));
    c.serverSocket.setSSLParameters(serverParams);
    client.connect(new InetSocketAddress(c.host, c.port));
    final SSLSocket server = (SSLSocket) c.serverSocket.accept();
    ExecutorService executor = Executors.newSingleThreadExecutor();
    Future<Void> future = executor.submit(new Callable<Void>() {

        @Override
        public Void call() throws Exception {
            client.startHandshake();
            return null;
        }
    });
    executor.shutdown();
    server.startHandshake();
    SSLSession serverSession = server.getSession();
    assertTrue(serverSession instanceof ExtendedSSLSession);
    ExtendedSSLSession extendedServerSession = (ExtendedSSLSession) serverSession;
    List<SNIServerName> requestedNames = extendedServerSession.getRequestedServerNames();
    assertNotNull(requestedNames);
    assertEquals(1, requestedNames.size());
    SNIServerName serverName = requestedNames.get(0);
    assertEquals(StandardConstants.SNI_HOST_NAME, serverName.getType());
    assertTrue(serverName instanceof SNIHostName);
    SNIHostName serverHostName = (SNIHostName) serverName;
    assertEquals("www.example.com", serverHostName.getAsciiName());
}
Also used : InetSocketAddress(java.net.InetSocketAddress) SSLSocket(javax.net.ssl.SSLSocket) ExtendedSSLSession(javax.net.ssl.ExtendedSSLSession) ExtendedSSLSession(javax.net.ssl.ExtendedSSLSession) SSLSession(javax.net.ssl.SSLSession) SSLProtocolException(javax.net.ssl.SSLProtocolException) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) KeyManagementException(java.security.KeyManagementException) EOFException(java.io.EOFException) SSLException(javax.net.ssl.SSLException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SocketException(java.net.SocketException) SocketTimeoutException(java.net.SocketTimeoutException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) SNIServerName(javax.net.ssl.SNIServerName) SSLParameters(javax.net.ssl.SSLParameters) SNIHostName(javax.net.ssl.SNIHostName) ExecutorService(java.util.concurrent.ExecutorService)

Example 4 with ExtendedSSLSession

use of javax.net.ssl.ExtendedSSLSession in project hono by eclipse.

the class SniExtensionHelperTest method testGetRequestedHostNamesExtractsAllHostNames.

/**
 * Verifies that all host names are extracted from a TLS session.
 */
@Test
public void testGetRequestedHostNamesExtractsAllHostNames() {
    final ExtendedSSLSession session = mock(ExtendedSSLSession.class);
    when(session.getRequestedServerNames()).thenReturn(List.of(new SNIHostName("tenant.hono.eclipse.org"), new UndefinedServerName(new byte[] { 0x01, 0x02, 0x03 }), new SNIHostName("bumlux.eclipse.org")));
    final List<String> hostNames = SniExtensionHelper.getHostNames(session);
    assertThat(hostNames).containsExactly("tenant.hono.eclipse.org", "bumlux.eclipse.org");
}
Also used : SNIHostName(javax.net.ssl.SNIHostName) ExtendedSSLSession(javax.net.ssl.ExtendedSSLSession) Test(org.junit.jupiter.api.Test)

Aggregations

ExtendedSSLSession (javax.net.ssl.ExtendedSSLSession)4 SNIHostName (javax.net.ssl.SNIHostName)2 SNIServerName (javax.net.ssl.SNIServerName)2 EOFException (java.io.EOFException)1 IOException (java.io.IOException)1 InetSocketAddress (java.net.InetSocketAddress)1 SocketException (java.net.SocketException)1 SocketTimeoutException (java.net.SocketTimeoutException)1 KeyManagementException (java.security.KeyManagementException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 CertificateException (java.security.cert.CertificateException)1 HashSet (java.util.HashSet)1 ExecutorService (java.util.concurrent.ExecutorService)1 SSLException (javax.net.ssl.SSLException)1 SSLHandshakeException (javax.net.ssl.SSLHandshakeException)1 SSLParameters (javax.net.ssl.SSLParameters)1 SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)1 SSLProtocolException (javax.net.ssl.SSLProtocolException)1 SSLSession (javax.net.ssl.SSLSession)1 SSLSocket (javax.net.ssl.SSLSocket)1