Search in sources :

Example 16 with SSLEngine

use of javax.net.ssl.SSLEngine in project java-chassis by ServiceComb.

the class SSLManagerTest method testCreateSSLEngine.

@Test
public void testCreateSSLEngine() {
    SSLOption option = SSLOption.build(DIR + "/server.ssl.properties");
    SSLCustom custom = new SSLCustom() {

        @Override
        public String getFullPath(String filename) {
            return DIR + "/ssl/" + filename;
        }

        @Override
        public char[] decode(char[] encrypted) {
            return encrypted;
        }
    };
    SSLEngine aSSLEngine = SSLManager.createSSLEngine(option, custom);
    Assert.assertEquals(false, aSSLEngine.getUseClientMode());
    Assert.assertNotNull(aSSLEngine);
}
Also used : SSLEngine(javax.net.ssl.SSLEngine) Test(org.junit.Test)

Example 17 with SSLEngine

use of javax.net.ssl.SSLEngine in project java-chassis by ServiceComb.

the class SSLManager method createSSLEngine.

public static SSLEngine createSSLEngine(SSLOption option, SSLCustom custom) {
    SSLContext context = createSSLContext(option, custom);
    SSLEngine engine = context.createSSLEngine();
    engine.setEnabledProtocols(option.getProtocols().split(","));
    String[] supported = engine.getSupportedCipherSuites();
    String[] eanbled = option.getCiphers().split(",");
    engine.setEnabledCipherSuites(getEnabledCiphers(supported, eanbled));
    engine.setNeedClientAuth(option.isAuthPeer());
    return engine;
}
Also used : SSLEngine(javax.net.ssl.SSLEngine) SSLContext(javax.net.ssl.SSLContext)

Example 18 with SSLEngine

use of javax.net.ssl.SSLEngine in project java-chassis by ServiceComb.

the class SSLManager method createSSLEngine.

public static SSLEngine createSSLEngine(SSLOption option, SSLCustom custom, String peerHost, int peerPort) {
    SSLContext context = createSSLContext(option, custom);
    SSLEngine engine = context.createSSLEngine(peerHost, peerPort);
    engine.setEnabledProtocols(option.getProtocols().split(","));
    String[] supported = engine.getSupportedCipherSuites();
    String[] eanbled = option.getCiphers().split(",");
    engine.setEnabledCipherSuites(getEnabledCiphers(supported, eanbled));
    engine.setNeedClientAuth(option.isAuthPeer());
    return engine;
}
Also used : SSLEngine(javax.net.ssl.SSLEngine) SSLContext(javax.net.ssl.SSLContext)

Example 19 with SSLEngine

use of javax.net.ssl.SSLEngine in project java-chassis by ServiceComb.

the class TrustManagerExtTest method testCheckClientTrusted.

@Test
public void testCheckClientTrusted(@Mocked CertificateUtil certificateUtil) {
    MyX509Certificate myX509Certificate1 = new MyX509Certificate();
    MyX509Certificate myX509Certificate2 = new MyX509Certificate();
    MyX509Certificate[] MyX509CertificateArray = new MyX509Certificate[2];
    MyX509CertificateArray[0] = myX509Certificate1;
    MyX509CertificateArray[1] = myX509Certificate2;
    new Expectations() {

        {
            CertificateUtil.findOwner((X509Certificate[]) any);
            result = any;
            CertificateUtil.getCN((X509Certificate) any);
            result = "10.67.147.115";
        }
    };
    MyX509ExtendedTrustManager myX509ExtendedTrustManager = new MyX509ExtendedTrustManager();
    TrustManagerExt trustManagerExt = new TrustManagerExt(myX509ExtendedTrustManager, option, custom);
    Socket socket = null;
    SSLEngine sslengine = null;
    boolean validAssert = true;
    try {
        trustManagerExt.checkClientTrusted(MyX509CertificateArray, "pks", socket);
        trustManagerExt.checkClientTrusted(MyX509CertificateArray, "pks", sslengine);
        trustManagerExt.checkServerTrusted(MyX509CertificateArray, "pks", socket);
        trustManagerExt.checkServerTrusted(MyX509CertificateArray, "pks", sslengine);
    } catch (Exception e) {
        validAssert = false;
    }
    Assert.assertTrue(validAssert);
}
Also used : Expectations(mockit.Expectations) SSLEngine(javax.net.ssl.SSLEngine) X509Certificate(java.security.cert.X509Certificate) Socket(java.net.Socket) CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException) CertificateExpiredException(java.security.cert.CertificateExpiredException) SignatureException(java.security.SignatureException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) NoSuchProviderException(java.security.NoSuchProviderException) CertificateEncodingException(java.security.cert.CertificateEncodingException) Test(org.junit.Test)

Example 20 with SSLEngine

use of javax.net.ssl.SSLEngine in project jdk8u_jdk by JetBrains.

the class AcceptLargeFragments method main.

public static void main(String[] args) throws Exception {
    SSLContext context = SSLContext.getDefault();
    // set the property before initialization SSLEngine.
    System.setProperty("jsse.SSLEngine.acceptLargeFragments", "true");
    SSLEngine cliEngine = context.createSSLEngine();
    cliEngine.setUseClientMode(true);
    SSLEngine srvEngine = context.createSSLEngine();
    srvEngine.setUseClientMode(false);
    SSLSession cliSession = cliEngine.getSession();
    SSLSession srvSession = srvEngine.getSession();
    // check packet buffer sizes.
    if (cliSession.getPacketBufferSize() < 33049 || srvSession.getPacketBufferSize() < 33049) {
        throw new Exception("Don't accept large SSL/TLS fragments");
    }
    // check application data buffer sizes.
    if (cliSession.getApplicationBufferSize() < 32768 || srvSession.getApplicationBufferSize() < 32768) {
        throw new Exception("Don't accept large SSL/TLS application data ");
    }
}
Also used : SSLEngine(javax.net.ssl.SSLEngine) SSLSession(javax.net.ssl.SSLSession) SSLContext(javax.net.ssl.SSLContext)

Aggregations

SSLEngine (javax.net.ssl.SSLEngine)494 IOException (java.io.IOException)97 SSLContext (javax.net.ssl.SSLContext)97 ByteBuffer (java.nio.ByteBuffer)91 SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)75 SSLException (javax.net.ssl.SSLException)71 Test (org.junit.Test)64 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)54 SslHandler (io.netty.handler.ssl.SslHandler)52 SSLEngineResult (javax.net.ssl.SSLEngineResult)50 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)47 MethodSource (org.junit.jupiter.params.provider.MethodSource)44 SSLParameters (javax.net.ssl.SSLParameters)43 InetSocketAddress (java.net.InetSocketAddress)42 KeyManagementException (java.security.KeyManagementException)42 ReadOnlyBufferException (java.nio.ReadOnlyBufferException)35 KeyStore (java.security.KeyStore)28 Test (org.junit.jupiter.api.Test)22 ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)21 Socket (java.net.Socket)21