Examples with SSLServerSocket javax.net.ssl.SSLServerSocket used on opensource projects

Search in sources :

Example 1 with SSLServerSocket

use of javax.net.ssl.SSLServerSocket in project camel by apache.

the class BaseSSLContextParameters method getSSLServerSocketFactorySSLServerSocketConfigurers.

/**
     * Returns the list of configurers to apply to an {@link SSLServerSocket} in order
     * to fully configure it in compliance with the provided configuration
     * options. These configurers are intended for sockets produced by a
     * {@link SSLServerSocketFactory}, see
     * {@link #getSSLSocketFactorySSLSocketConfigurers(SSLContext)} for
     * configurers related to sockets produced by a
     * {@link SSLSocketFactory}. The configurers are to be applied in
     * the order in which they appear in the list.
     * 
     * @param context the context that serves as the factory for
     *            {@code SSLServerSocketFactory} instances
     * @return the needed configurers
     */
protected List<Configurer<SSLServerSocket>> getSSLServerSocketFactorySSLServerSocketConfigurers(SSLContext context) {
    final List<String> enabledCipherSuites = this.getCipherSuites() == null ? null : this.parsePropertyValues(this.getCipherSuites().getCipherSuite());
    final Patterns enabledCipherSuitePatterns;
    final Patterns defaultEnabledCipherSuitePatterns = this.getDefaultCipherSuitesFilter().getPatterns();
    if (this.getCipherSuitesFilter() != null) {
        enabledCipherSuitePatterns = this.getCipherSuitesFilter().getPatterns();
    } else {
        enabledCipherSuitePatterns = null;
    }
    ///
    final List<String> enabledSecureSocketProtocols = this.getSecureSocketProtocols() == null ? null : this.parsePropertyValues(this.getSecureSocketProtocols().getSecureSocketProtocol());
    final Patterns enabledSecureSocketProtocolsPatterns;
    final Patterns defaultEnabledSecureSocketProtocolsPatterns = this.getDefaultSecureSocketProcotolFilter().getPatterns();
    if (this.getSecureSocketProtocolsFilter() != null) {
        enabledSecureSocketProtocolsPatterns = this.getSecureSocketProtocolsFilter().getPatterns();
    } else {
        enabledSecureSocketProtocolsPatterns = null;
    }
    //
    final boolean allowPassthrough = getAllowPassthrough();
    //////
    Configurer<SSLServerSocket> sslServerSocketConfigurer = new Configurer<SSLServerSocket>() {

        @Override
        public SSLServerSocket configure(SSLServerSocket socket) {
            Collection<String> filteredCipherSuites = BaseSSLContextParameters.this.filter(enabledCipherSuites, Arrays.asList(socket.getSupportedCipherSuites()), Arrays.asList(socket.getEnabledCipherSuites()), enabledCipherSuitePatterns, defaultEnabledCipherSuitePatterns, !allowPassthrough);
            if (LOG.isDebugEnabled()) {
                LOG.debug(SSL_SERVER_SOCKET_CIPHER_SUITE_LOG_MSG, new Object[] { socket, enabledCipherSuites, enabledCipherSuitePatterns, socket.getSupportedCipherSuites(), socket.getEnabledCipherSuites(), defaultEnabledCipherSuitePatterns, filteredCipherSuites });
            }
            socket.setEnabledCipherSuites(filteredCipherSuites.toArray(new String[filteredCipherSuites.size()]));
            Collection<String> filteredSecureSocketProtocols = BaseSSLContextParameters.this.filter(enabledSecureSocketProtocols, Arrays.asList(socket.getSupportedProtocols()), Arrays.asList(socket.getEnabledProtocols()), enabledSecureSocketProtocolsPatterns, defaultEnabledSecureSocketProtocolsPatterns, !allowPassthrough);
            if (LOG.isDebugEnabled()) {
                LOG.debug(SSL_SERVER_SOCKET_PROTOCOL_LOG_MSG, new Object[] { socket, enabledSecureSocketProtocols, enabledSecureSocketProtocolsPatterns, socket.getSupportedProtocols(), socket.getEnabledProtocols(), defaultEnabledSecureSocketProtocolsPatterns, filteredSecureSocketProtocols });
            }
            socket.setEnabledProtocols(filteredSecureSocketProtocols.toArray(new String[filteredSecureSocketProtocols.size()]));
            return socket;
        }
    };
    List<Configurer<SSLServerSocket>> sslServerSocketConfigurers = new LinkedList<Configurer<SSLServerSocket>>();
    sslServerSocketConfigurers.add(sslServerSocketConfigurer);
    return sslServerSocketConfigurers;
}
Also used : CollectionHelper.collectionAsCommaDelimitedString(org.apache.camel.util.CollectionHelper.collectionAsCommaDelimitedString) SSLServerSocket(javax.net.ssl.SSLServerSocket) Patterns(org.apache.camel.util.jsse.FilterParameters.Patterns) LinkedList(java.util.LinkedList)

Example 2 with SSLServerSocket

use of javax.net.ssl.SSLServerSocket in project camel by apache.

the class SSLContextParametersTest method testSecureSocketProtocolsFilter.

public void testSecureSocketProtocolsFilter() throws Exception {
    SSLContext controlContext = SSLContext.getInstance("TLS");
    controlContext.init(null, null, null);
    SSLEngine controlEngine = controlContext.createSSLEngine();
    SSLSocket controlSocket = (SSLSocket) controlContext.getSocketFactory().createSocket();
    SSLServerSocket controlServerSocket = (SSLServerSocket) controlContext.getServerSocketFactory().createServerSocket();
    // default
    SSLContextParameters scp = new SSLContextParameters();
    SSLContext context = scp.createSSLContext();
    SSLEngine engine = context.createSSLEngine();
    SSLSocket socket = (SSLSocket) context.getSocketFactory().createSocket();
    SSLServerSocket serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    // default disable the SSL* protocols
    assertStartsWith(engine.getEnabledProtocols(), "TLS");
    assertStartsWith(socket.getEnabledProtocols(), "TLS");
    assertStartsWith(serverSocket.getEnabledProtocols(), "TLS");
    // empty filter
    FilterParameters filter = new FilterParameters();
    scp.setSecureSocketProtocolsFilter(filter);
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    assertEquals(0, engine.getEnabledProtocols().length);
    assertEquals(0, socket.getEnabledProtocols().length);
    assertEquals(0, serverSocket.getEnabledProtocols().length);
    // explicit filter
    filter.getInclude().add(".*");
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    assertTrue(Arrays.equals(controlEngine.getEnabledProtocols(), engine.getEnabledProtocols()));
    assertTrue(Arrays.equals(controlSocket.getEnabledProtocols(), socket.getEnabledProtocols()));
    checkProtocols(controlServerSocket.getEnabledProtocols(), serverSocket.getEnabledProtocols());
    // explicit filter with excludes (excludes overrides)
    filter.getExclude().add(".*");
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    assertEquals(0, engine.getEnabledProtocols().length);
    assertEquals(0, socket.getEnabledProtocols().length);
    assertEquals(0, serverSocket.getEnabledProtocols().length);
    // explicit filter single include
    filter.getInclude().clear();
    filter.getExclude().clear();
    filter.getInclude().add("TLS.*");
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    // not all platforms/JDKs have these cipher suites
    if (!isPlatform("aix")) {
        assertTrue(engine.getEnabledProtocols().length >= 1);
        assertStartsWith(engine.getEnabledProtocols(), "TLS");
        assertTrue(socket.getEnabledProtocols().length >= 1);
        assertStartsWith(socket.getEnabledProtocols(), "TLS");
        assertTrue(socket.getEnabledProtocols().length >= 1);
        assertStartsWith(serverSocket.getEnabledProtocols(), "TLS");
    }
}
Also used : SSLEngine(javax.net.ssl.SSLEngine) SSLSocket(javax.net.ssl.SSLSocket) SSLContext(javax.net.ssl.SSLContext) SSLServerSocket(javax.net.ssl.SSLServerSocket)

Example 3 with SSLServerSocket

use of javax.net.ssl.SSLServerSocket in project camel by apache.

the class SSLContextParametersTest method testCipherSuitesFilter.

public void testCipherSuitesFilter() throws Exception {
    SSLContext controlContext = SSLContext.getInstance("TLS");
    controlContext.init(null, null, null);
    SSLEngine controlEngine = controlContext.createSSLEngine();
    SSLSocket controlSocket = (SSLSocket) controlContext.getSocketFactory().createSocket();
    SSLServerSocket controlServerSocket = (SSLServerSocket) controlContext.getServerSocketFactory().createServerSocket();
    // default
    SSLContextParameters scp = new SSLContextParameters();
    SSLContext context = scp.createSSLContext();
    CipherSuitesParameters csp = new CipherSuitesParameters();
    scp.setCipherSuites(csp);
    SSLEngine engine = context.createSSLEngine();
    SSLSocket socket = (SSLSocket) context.getSocketFactory().createSocket();
    SSLServerSocket serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    assertTrue(Arrays.equals(controlEngine.getEnabledCipherSuites(), engine.getEnabledCipherSuites()));
    assertTrue(Arrays.equals(controlSocket.getEnabledCipherSuites(), socket.getEnabledCipherSuites()));
    assertTrue(Arrays.equals(this.getDefaultCipherSuiteIncludes(controlServerSocket.getSupportedCipherSuites()), serverSocket.getEnabledCipherSuites()));
    // empty filter
    FilterParameters filter = new FilterParameters();
    scp.setCipherSuitesFilter(filter);
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    assertEquals(0, engine.getEnabledCipherSuites().length);
    assertEquals(0, socket.getEnabledCipherSuites().length);
    assertEquals(0, serverSocket.getEnabledCipherSuites().length);
    // explicit filter
    filter.getInclude().add(".*");
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    assertEquals(0, engine.getEnabledCipherSuites().length);
    assertEquals(0, socket.getEnabledCipherSuites().length);
    assertEquals(0, serverSocket.getEnabledCipherSuites().length);
    // explicit filter with excludes (excludes overrides)
    filter.getExclude().add(".*");
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    assertEquals(0, engine.getEnabledCipherSuites().length);
    assertEquals(0, socket.getEnabledCipherSuites().length);
    assertEquals(0, serverSocket.getEnabledCipherSuites().length);
    // explicit filter single include
    filter.getInclude().clear();
    filter.getExclude().clear();
    csp.setCipherSuite(Collections.singletonList("TLS_RSA_WITH_AES_128_CBC_SHA"));
    filter.getInclude().add("TLS.*");
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    // not all platforms/JDKs have these cipher suites
    if (!isPlatform("aix")) {
        assertTrue(engine.getEnabledCipherSuites().length >= 1);
        assertStartsWith(engine.getEnabledCipherSuites(), "TLS");
        assertTrue(socket.getEnabledCipherSuites().length >= 1);
        assertStartsWith(socket.getEnabledCipherSuites(), "TLS");
        assertTrue(serverSocket.getEnabledCipherSuites().length >= 1);
        assertStartsWith(serverSocket.getEnabledCipherSuites(), "TLS");
    }
}
Also used : SSLEngine(javax.net.ssl.SSLEngine) SSLSocket(javax.net.ssl.SSLSocket) SSLContext(javax.net.ssl.SSLContext) SSLServerSocket(javax.net.ssl.SSLServerSocket)

Example 4 with SSLServerSocket

use of javax.net.ssl.SSLServerSocket in project camel by apache.

the class SSLContextParametersTest method testSecureSocketProtocol.

public void testSecureSocketProtocol() throws Exception {
    SSLContextParameters scp = new SSLContextParameters();
    scp.setSecureSocketProtocol("SSLv3");
    SSLContext context = scp.createSSLContext();
    assertEquals("SSLv3", context.getProtocol());
    SSLEngine engine = context.createSSLEngine();
    SSLSocket socket = (SSLSocket) context.getSocketFactory().createSocket();
    SSLServerSocket serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    // default disable the SSL* protocols
    assertStartsWith(engine.getEnabledProtocols(), "TLS");
    assertStartsWith(socket.getEnabledProtocols(), "TLS");
    assertStartsWith(serverSocket.getEnabledProtocols(), "TLS");
    // allow SSL* protocols by explicitly asking for them
    final SecureSocketProtocolsParameters protocols = new SecureSocketProtocolsParameters();
    protocols.setSecureSocketProtocol(Collections.singletonList("SSLv3"));
    scp.setSecureSocketProtocols(protocols);
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    assertEquals(engine.getEnabledProtocols().length, 1);
    assertEquals(engine.getEnabledProtocols()[0], "SSLv3");
    assertEquals(socket.getEnabledProtocols().length, 1);
    assertEquals(socket.getEnabledProtocols()[0], "SSLv3");
    assertEquals(serverSocket.getEnabledProtocols().length, 1);
    assertEquals(serverSocket.getEnabledProtocols()[0], "SSLv3");
}
Also used : SSLEngine(javax.net.ssl.SSLEngine) SSLSocket(javax.net.ssl.SSLSocket) SSLContext(javax.net.ssl.SSLContext) SSLServerSocket(javax.net.ssl.SSLServerSocket)

Example 5 with SSLServerSocket

use of javax.net.ssl.SSLServerSocket in project camel by apache.

the class SSLContextParametersTest method testPropertyPlaceholders.

public void testPropertyPlaceholders() throws Exception {
    CamelContext camelContext = this.createPropertiesPlaceholderAwareContext();
    KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setCamelContext(camelContext);
    ksp.setType("{{keyStoreParameters.type}}");
    ksp.setProvider("{{keyStoreParameters.provider}}");
    ksp.setResource("{{keyStoreParameters.resource}}");
    ksp.setPassword("{{keyStoreParamerers.password}}");
    KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setCamelContext(camelContext);
    kmp.setKeyStore(ksp);
    kmp.setKeyPassword("{{keyManagersParameters.keyPassword}}");
    kmp.setAlgorithm("{{keyManagersParameters.algorithm}}");
    kmp.setProvider("{{keyManagersParameters.provider}}");
    TrustManagersParameters tmp = new TrustManagersParameters();
    tmp.setCamelContext(camelContext);
    tmp.setKeyStore(ksp);
    tmp.setAlgorithm("{{trustManagersParameters.algorithm}}");
    tmp.setProvider("{{trustManagersParameters.provider}}");
    CipherSuitesParameters csp = new CipherSuitesParameters();
    csp.setCipherSuite(Collections.singletonList("{{cipherSuite.0}}"));
    SecureSocketProtocolsParameters sspp = new SecureSocketProtocolsParameters();
    sspp.setSecureSocketProtocol(Collections.singletonList("{{secureSocketProtocol.0}}"));
    SSLContextServerParameters scsp = new SSLContextServerParameters();
    scsp.setCamelContext(camelContext);
    scsp.setClientAuthentication("{{sslContextServerParameters.clientAuthentication}}");
    SSLContextParameters scp = new SSLContextParameters();
    scp.setCamelContext(camelContext);
    scp.setKeyManagers(kmp);
    scp.setTrustManagers(tmp);
    scp.setServerParameters(scsp);
    scp.setProvider("{{sslContextParameters.provider}}");
    scp.setSecureSocketProtocol("{{sslContextParameters.protocol}}");
    scp.setSessionTimeout("{{sslContextParameters.sessionTimeout}}");
    scp.setCipherSuites(csp);
    scp.setSecureSocketProtocols(sspp);
    SSLContext context = scp.createSSLContext();
    SSLServerSocket serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    assertTrue(serverSocket.getNeedClientAuth());
    context.getSocketFactory().createSocket();
    context.createSSLEngine();
}
Also used : CamelContext(org.apache.camel.CamelContext) SSLContext(javax.net.ssl.SSLContext) SSLServerSocket(javax.net.ssl.SSLServerSocket)

Aggregations

SSLServerSocket (javax.net.ssl.SSLServerSocket)61 SSLContext (javax.net.ssl.SSLContext)23 SSLSocket (javax.net.ssl.SSLSocket)19 InetSocketAddress (java.net.InetSocketAddress)14 SSLServerSocketFactory (javax.net.ssl.SSLServerSocketFactory)13 IOException (java.io.IOException)12 ServerSocket (java.net.ServerSocket)10 URL (java.net.URL)10 HttpsURLConnection (javax.net.ssl.HttpsURLConnection)10 SSLEngine (javax.net.ssl.SSLEngine)9 UnknownHostException (java.net.UnknownHostException)7 Proxy (java.net.Proxy)6 Test (org.junit.Test)6 InetAddress (java.net.InetAddress)5 Method (java.lang.reflect.Method)3 KeyManagementException (java.security.KeyManagementException)3 KeyStore (java.security.KeyStore)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 ServerSocketFactory (javax.net.ServerSocketFactory)3 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial