Examples with SSLParameters javax.net.ssl.SSLParameters used on opensource projects

Example 61 with SSLParameters

use of javax.net.ssl.SSLParameters in project GNS by MobilityFirst.

the class GNSHttpsServer method tryPort.

/**
   * Try to start the http server at the port.
   *
   * @param port
   * @return true if it was started
   */
@Override
public boolean tryPort(int port) {
    try {
        InetSocketAddress addr = new InetSocketAddress(port);
        httpsServer = HttpsServer.create(addr, 0);
        SSLContext sslContext = createSSLContext();
        httpsServer.setHttpsConfigurator(new HttpsConfigurator(sslContext) {

            @Override
            public void configure(HttpsParameters parameters) {
                // initialise the SSL context
                SSLContext context = getSSLContext();
                SSLEngine engine = context.createSSLEngine();
                //parameters.setNeedClientAuth(false);
                parameters.setCipherSuites(engine.getEnabledCipherSuites());
                parameters.setProtocols(engine.getEnabledProtocols());
                // get the default parameters
                SSLParameters sslParameters = context.getDefaultSSLParameters();
                sslParameters.setNeedClientAuth(true);
                parameters.setNeedClientAuth(true);
                parameters.setSSLParameters(sslParameters);
            }
        });
        httpsServer.createContext("/", new EchoHttpHandler());
        httpsServer.createContext("/" + GNS_PATH, new DefaultHttpHandler());
        httpsServer.setExecutor(Executors.newCachedThreadPool());
        httpsServer.start();
        // Need to do this for the places where we expose the secure http service to the user
        requestHandler.setHttpsServerPort(port);
        LOG.log(Level.INFO, "HTTPS server is listening on port {0}", port);
        return true;
    } catch (BindException e) {
        LOG.log(Level.FINE, "HTTPS server failed to start on port {0} due to {1}", new Object[] { port, e.getMessage() });
        return false;
    } catch (IOException | NoSuchAlgorithmException | KeyStoreException | CertificateException | UnrecoverableKeyException | KeyManagementException e) {
        LOG.log(Level.FINE, "HTTPS server failed to start on port {0} due to {1}", new Object[] { port, e.getMessage() });
        e.printStackTrace();
        return false;
    }
}

Example 62 with SSLParameters

use of javax.net.ssl.SSLParameters in project camel by apache.

the class BaseSSLContextParameters method getSSLSocketFactorySSLSocketConfigurers.

/**
     * Returns the list of configurers to apply to an {@link SSLSocket} in order
     * to fully configure it in compliance with the provided configuration
     * options. These configurers are intended for sockets produced by a
     * {@link SSLSocketFactory}, see
     * {@link #getSSLServerSocketFactorySSLServerSocketConfigurers(SSLContext)} for
     * configurers related to sockets produced by a
     * {@link SSLServerSocketFactory}. The configurers are to be applied in
     * the order in which they appear in the list.
     * 
     * @param context the context that serves as the factory for
     *            {@code SSLSocketFactory} instances
     *
     * @return the needed configurers
     */
protected List<Configurer<SSLSocket>> getSSLSocketFactorySSLSocketConfigurers(SSLContext context) {
    final List<String> enabledCipherSuites = this.getCipherSuites() == null ? null : this.parsePropertyValues(this.getCipherSuites().getCipherSuite());
    final Patterns enabledCipherSuitePatterns;
    final Patterns defaultEnabledCipherSuitePatterns = this.getDefaultCipherSuitesFilter().getPatterns();
    if (this.getCipherSuitesFilter() != null) {
        enabledCipherSuitePatterns = this.getCipherSuitesFilter().getPatterns();
    } else {
        enabledCipherSuitePatterns = null;
    }
    ///
    final List<String> enabledSecureSocketProtocols = this.getSecureSocketProtocols() == null ? null : this.parsePropertyValues(this.getSecureSocketProtocols().getSecureSocketProtocol());
    final Patterns enabledSecureSocketProtocolsPatterns;
    final Patterns defaultEnabledSecureSocketProtocolsPatterns = this.getDefaultSecureSocketProcotolFilter().getPatterns();
    if (this.getSecureSocketProtocolsFilter() != null) {
        enabledSecureSocketProtocolsPatterns = this.getSecureSocketProtocolsFilter().getPatterns();
    } else {
        enabledSecureSocketProtocolsPatterns = null;
    }
    //
    final boolean allowPassthrough = getAllowPassthrough();
    //////
    Configurer<SSLSocket> sslSocketConfigurer = new Configurer<SSLSocket>() {

        @Override
        public SSLSocket configure(SSLSocket socket) {
            if (!getSNIHostNames().isEmpty()) {
                SSLParameters sslParameters = socket.getSSLParameters();
                sslParameters.setServerNames(getSNIHostNames());
                socket.setSSLParameters(sslParameters);
            }
            Collection<String> filteredCipherSuites = BaseSSLContextParameters.this.filter(enabledCipherSuites, Arrays.asList(socket.getSSLParameters().getCipherSuites()), Arrays.asList(socket.getEnabledCipherSuites()), enabledCipherSuitePatterns, defaultEnabledCipherSuitePatterns, !allowPassthrough);
            if (LOG.isDebugEnabled()) {
                LOG.debug(SSL_SOCKET_CIPHER_SUITE_LOG_MSG, new Object[] { socket, enabledCipherSuites, enabledCipherSuitePatterns, socket.getSSLParameters().getCipherSuites(), socket.getEnabledCipherSuites(), defaultEnabledCipherSuitePatterns, filteredCipherSuites });
            }
            socket.setEnabledCipherSuites(filteredCipherSuites.toArray(new String[filteredCipherSuites.size()]));
            Collection<String> filteredSecureSocketProtocols = BaseSSLContextParameters.this.filter(enabledSecureSocketProtocols, Arrays.asList(socket.getSSLParameters().getProtocols()), Arrays.asList(socket.getEnabledProtocols()), enabledSecureSocketProtocolsPatterns, defaultEnabledSecureSocketProtocolsPatterns, !allowPassthrough);
            if (LOG.isDebugEnabled()) {
                LOG.debug(SSL_SOCKET_PROTOCOL_LOG_MSG, new Object[] { socket, enabledSecureSocketProtocols, enabledSecureSocketProtocolsPatterns, socket.getSSLParameters().getProtocols(), socket.getEnabledProtocols(), defaultEnabledSecureSocketProtocolsPatterns, filteredSecureSocketProtocols });
            }
            socket.setEnabledProtocols(filteredSecureSocketProtocols.toArray(new String[filteredSecureSocketProtocols.size()]));
            return socket;
        }
    };
    List<Configurer<SSLSocket>> sslSocketConfigurers = new LinkedList<Configurer<SSLSocket>>();
    sslSocketConfigurers.add(sslSocketConfigurer);
    return sslSocketConfigurers;
}

Example 63 with SSLParameters

use of javax.net.ssl.SSLParameters in project robovm by robovm.

the class SSLSocketTest method test_SSLSocket_getSSLParameters.

public void test_SSLSocket_getSSLParameters() throws Exception {
    SSLSocketFactory sf = (SSLSocketFactory) SSLSocketFactory.getDefault();
    SSLSocket ssl = (SSLSocket) sf.createSocket();
    SSLParameters p = ssl.getSSLParameters();
    assertNotNull(p);
    String[] cipherSuites = p.getCipherSuites();
    StandardNames.assertValidCipherSuites(StandardNames.CIPHER_SUITES, cipherSuites);
    assertNotSame(cipherSuites, ssl.getEnabledCipherSuites());
    assertEquals(Arrays.asList(cipherSuites), Arrays.asList(ssl.getEnabledCipherSuites()));
    String[] protocols = p.getProtocols();
    StandardNames.assertValidProtocols(StandardNames.SSL_SOCKET_PROTOCOLS, protocols);
    assertNotSame(protocols, ssl.getEnabledProtocols());
    assertEquals(Arrays.asList(protocols), Arrays.asList(ssl.getEnabledProtocols()));
    assertEquals(p.getWantClientAuth(), ssl.getWantClientAuth());
    assertEquals(p.getNeedClientAuth(), ssl.getNeedClientAuth());
}

Example 64 with SSLParameters

use of javax.net.ssl.SSLParameters in project robovm by robovm.

the class SSLContextTest method test_SSLContext_getDefaultSSLParameters.

public void test_SSLContext_getDefaultSSLParameters() throws Exception {
    for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) {
        SSLContext sslContext = SSLContext.getInstance(protocol);
        if (!protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) {
            sslContext.init(null, null, null);
        }
        SSLParameters p = sslContext.getDefaultSSLParameters();
        assertNotNull(p);
        String[] cipherSuites = p.getCipherSuites();
        assertNotNull(cipherSuites);
        StandardNames.assertValidCipherSuites(StandardNames.CIPHER_SUITES, cipherSuites);
        String[] protocols = p.getProtocols();
        assertNotNull(protocols);
        StandardNames.assertValidCipherSuites(StandardNames.SSL_SOCKET_PROTOCOLS, protocols);
        assertFalse(p.getWantClientAuth());
        assertFalse(p.getNeedClientAuth());
    }
}

Example 65 with SSLParameters

use of javax.net.ssl.SSLParameters in project robovm by robovm.

the class SSLContextTest method test_SSLContext_getSupportedSSLParameters.

public void test_SSLContext_getSupportedSSLParameters() throws Exception {
    for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) {
        SSLContext sslContext = SSLContext.getInstance(protocol);
        if (!protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) {
            sslContext.init(null, null, null);
        }
        SSLParameters p = sslContext.getSupportedSSLParameters();
        assertNotNull(p);
        String[] cipherSuites = p.getCipherSuites();
        assertNotNull(cipherSuites);
        StandardNames.assertSupportedCipherSuites(StandardNames.CIPHER_SUITES, cipherSuites);
        String[] protocols = p.getProtocols();
        assertNotNull(protocols);
        StandardNames.assertSupportedProtocols(StandardNames.SSL_SOCKET_PROTOCOLS, protocols);
        assertFalse(p.getWantClientAuth());
        assertFalse(p.getNeedClientAuth());
    }
}