use of javax.net.ssl.SSLParameters in project GNS by MobilityFirst.
the class GNSHttpsServer method tryPort.
/**
* Try to start the http server at the port.
*
* @param port
* @return true if it was started
*/
@Override
public boolean tryPort(int port) {
try {
InetSocketAddress addr = new InetSocketAddress(port);
httpsServer = HttpsServer.create(addr, 0);
SSLContext sslContext = createSSLContext();
httpsServer.setHttpsConfigurator(new HttpsConfigurator(sslContext) {
@Override
public void configure(HttpsParameters parameters) {
// initialise the SSL context
SSLContext context = getSSLContext();
SSLEngine engine = context.createSSLEngine();
//parameters.setNeedClientAuth(false);
parameters.setCipherSuites(engine.getEnabledCipherSuites());
parameters.setProtocols(engine.getEnabledProtocols());
// get the default parameters
SSLParameters sslParameters = context.getDefaultSSLParameters();
sslParameters.setNeedClientAuth(true);
parameters.setNeedClientAuth(true);
parameters.setSSLParameters(sslParameters);
}
});
httpsServer.createContext("/", new EchoHttpHandler());
httpsServer.createContext("/" + GNS_PATH, new DefaultHttpHandler());
httpsServer.setExecutor(Executors.newCachedThreadPool());
httpsServer.start();
// Need to do this for the places where we expose the secure http service to the user
requestHandler.setHttpsServerPort(port);
LOG.log(Level.INFO, "HTTPS server is listening on port {0}", port);
return true;
} catch (BindException e) {
LOG.log(Level.FINE, "HTTPS server failed to start on port {0} due to {1}", new Object[] { port, e.getMessage() });
return false;
} catch (IOException | NoSuchAlgorithmException | KeyStoreException | CertificateException | UnrecoverableKeyException | KeyManagementException e) {
LOG.log(Level.FINE, "HTTPS server failed to start on port {0} due to {1}", new Object[] { port, e.getMessage() });
e.printStackTrace();
return false;
}
}
use of javax.net.ssl.SSLParameters in project camel by apache.
the class BaseSSLContextParameters method getSSLSocketFactorySSLSocketConfigurers.
/**
* Returns the list of configurers to apply to an {@link SSLSocket} in order
* to fully configure it in compliance with the provided configuration
* options. These configurers are intended for sockets produced by a
* {@link SSLSocketFactory}, see
* {@link #getSSLServerSocketFactorySSLServerSocketConfigurers(SSLContext)} for
* configurers related to sockets produced by a
* {@link SSLServerSocketFactory}. The configurers are to be applied in
* the order in which they appear in the list.
*
* @param context the context that serves as the factory for
* {@code SSLSocketFactory} instances
*
* @return the needed configurers
*/
protected List<Configurer<SSLSocket>> getSSLSocketFactorySSLSocketConfigurers(SSLContext context) {
final List<String> enabledCipherSuites = this.getCipherSuites() == null ? null : this.parsePropertyValues(this.getCipherSuites().getCipherSuite());
final Patterns enabledCipherSuitePatterns;
final Patterns defaultEnabledCipherSuitePatterns = this.getDefaultCipherSuitesFilter().getPatterns();
if (this.getCipherSuitesFilter() != null) {
enabledCipherSuitePatterns = this.getCipherSuitesFilter().getPatterns();
} else {
enabledCipherSuitePatterns = null;
}
///
final List<String> enabledSecureSocketProtocols = this.getSecureSocketProtocols() == null ? null : this.parsePropertyValues(this.getSecureSocketProtocols().getSecureSocketProtocol());
final Patterns enabledSecureSocketProtocolsPatterns;
final Patterns defaultEnabledSecureSocketProtocolsPatterns = this.getDefaultSecureSocketProcotolFilter().getPatterns();
if (this.getSecureSocketProtocolsFilter() != null) {
enabledSecureSocketProtocolsPatterns = this.getSecureSocketProtocolsFilter().getPatterns();
} else {
enabledSecureSocketProtocolsPatterns = null;
}
//
final boolean allowPassthrough = getAllowPassthrough();
//////
Configurer<SSLSocket> sslSocketConfigurer = new Configurer<SSLSocket>() {
@Override
public SSLSocket configure(SSLSocket socket) {
if (!getSNIHostNames().isEmpty()) {
SSLParameters sslParameters = socket.getSSLParameters();
sslParameters.setServerNames(getSNIHostNames());
socket.setSSLParameters(sslParameters);
}
Collection<String> filteredCipherSuites = BaseSSLContextParameters.this.filter(enabledCipherSuites, Arrays.asList(socket.getSSLParameters().getCipherSuites()), Arrays.asList(socket.getEnabledCipherSuites()), enabledCipherSuitePatterns, defaultEnabledCipherSuitePatterns, !allowPassthrough);
if (LOG.isDebugEnabled()) {
LOG.debug(SSL_SOCKET_CIPHER_SUITE_LOG_MSG, new Object[] { socket, enabledCipherSuites, enabledCipherSuitePatterns, socket.getSSLParameters().getCipherSuites(), socket.getEnabledCipherSuites(), defaultEnabledCipherSuitePatterns, filteredCipherSuites });
}
socket.setEnabledCipherSuites(filteredCipherSuites.toArray(new String[filteredCipherSuites.size()]));
Collection<String> filteredSecureSocketProtocols = BaseSSLContextParameters.this.filter(enabledSecureSocketProtocols, Arrays.asList(socket.getSSLParameters().getProtocols()), Arrays.asList(socket.getEnabledProtocols()), enabledSecureSocketProtocolsPatterns, defaultEnabledSecureSocketProtocolsPatterns, !allowPassthrough);
if (LOG.isDebugEnabled()) {
LOG.debug(SSL_SOCKET_PROTOCOL_LOG_MSG, new Object[] { socket, enabledSecureSocketProtocols, enabledSecureSocketProtocolsPatterns, socket.getSSLParameters().getProtocols(), socket.getEnabledProtocols(), defaultEnabledSecureSocketProtocolsPatterns, filteredSecureSocketProtocols });
}
socket.setEnabledProtocols(filteredSecureSocketProtocols.toArray(new String[filteredSecureSocketProtocols.size()]));
return socket;
}
};
List<Configurer<SSLSocket>> sslSocketConfigurers = new LinkedList<Configurer<SSLSocket>>();
sslSocketConfigurers.add(sslSocketConfigurer);
return sslSocketConfigurers;
}
use of javax.net.ssl.SSLParameters in project robovm by robovm.
the class SSLSocketTest method test_SSLSocket_getSSLParameters.
public void test_SSLSocket_getSSLParameters() throws Exception {
SSLSocketFactory sf = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket ssl = (SSLSocket) sf.createSocket();
SSLParameters p = ssl.getSSLParameters();
assertNotNull(p);
String[] cipherSuites = p.getCipherSuites();
StandardNames.assertValidCipherSuites(StandardNames.CIPHER_SUITES, cipherSuites);
assertNotSame(cipherSuites, ssl.getEnabledCipherSuites());
assertEquals(Arrays.asList(cipherSuites), Arrays.asList(ssl.getEnabledCipherSuites()));
String[] protocols = p.getProtocols();
StandardNames.assertValidProtocols(StandardNames.SSL_SOCKET_PROTOCOLS, protocols);
assertNotSame(protocols, ssl.getEnabledProtocols());
assertEquals(Arrays.asList(protocols), Arrays.asList(ssl.getEnabledProtocols()));
assertEquals(p.getWantClientAuth(), ssl.getWantClientAuth());
assertEquals(p.getNeedClientAuth(), ssl.getNeedClientAuth());
}
use of javax.net.ssl.SSLParameters in project robovm by robovm.
the class SSLContextTest method test_SSLContext_getDefaultSSLParameters.
public void test_SSLContext_getDefaultSSLParameters() throws Exception {
for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) {
SSLContext sslContext = SSLContext.getInstance(protocol);
if (!protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) {
sslContext.init(null, null, null);
}
SSLParameters p = sslContext.getDefaultSSLParameters();
assertNotNull(p);
String[] cipherSuites = p.getCipherSuites();
assertNotNull(cipherSuites);
StandardNames.assertValidCipherSuites(StandardNames.CIPHER_SUITES, cipherSuites);
String[] protocols = p.getProtocols();
assertNotNull(protocols);
StandardNames.assertValidCipherSuites(StandardNames.SSL_SOCKET_PROTOCOLS, protocols);
assertFalse(p.getWantClientAuth());
assertFalse(p.getNeedClientAuth());
}
}
use of javax.net.ssl.SSLParameters in project robovm by robovm.
the class SSLContextTest method test_SSLContext_getSupportedSSLParameters.
public void test_SSLContext_getSupportedSSLParameters() throws Exception {
for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) {
SSLContext sslContext = SSLContext.getInstance(protocol);
if (!protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) {
sslContext.init(null, null, null);
}
SSLParameters p = sslContext.getSupportedSSLParameters();
assertNotNull(p);
String[] cipherSuites = p.getCipherSuites();
assertNotNull(cipherSuites);
StandardNames.assertSupportedCipherSuites(StandardNames.CIPHER_SUITES, cipherSuites);
String[] protocols = p.getProtocols();
assertNotNull(protocols);
StandardNames.assertSupportedProtocols(StandardNames.SSL_SOCKET_PROTOCOLS, protocols);
assertFalse(p.getWantClientAuth());
assertFalse(p.getNeedClientAuth());
}
}
Aggregations