Example 16 with SSLSession
use of javax.net.ssl.SSLSession in project ORCID-Source by ORCID.
the class OrcidJerseyT2ClientOAuthConfig method afterPropertiesSet.
@Override
public void afterPropertiesSet() throws Exception {
SSLContext ctx = createSslContext();
HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
}, ctx));
}
Also used :
SSLSession(javax.net.ssl.SSLSession)
SSLContext(javax.net.ssl.SSLContext)
HTTPSProperties(com.sun.jersey.client.urlconnection.HTTPSProperties)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
Example 17 with SSLSession
use of javax.net.ssl.SSLSession in project jdk8u_jdk by JetBrains.
the class JSSEClient method runTest.
@Override
void runTest(CipherTestUtils.TestParameters params) throws Exception {
SSLSocket socket = null;
try {
System.out.println("Connecting to server...");
keyManager.setAuthType(params.clientAuth);
sslContext.init(new KeyManager[] { keyManager }, new TrustManager[] { cipherTest.getClientTrustManager() }, CipherTestUtils.secureRandom);
SSLSocketFactory factory = (SSLSocketFactory) sslContext.getSocketFactory();
socket = (SSLSocket) factory.createSocket(serverHost, serverPort);
socket.setSoTimeout(CipherTestUtils.TIMEOUT);
socket.setEnabledCipherSuites(params.cipherSuite.split(","));
if (params.protocol != null && !params.protocol.trim().equals("") && !params.protocol.trim().equals(DEFAULT)) {
socket.setEnabledProtocols(params.protocol.split(","));
}
CipherTestUtils.printInfo(socket);
InputStream in = socket.getInputStream();
OutputStream out = socket.getOutputStream();
sendRequest(in, out);
SSLSession session = socket.getSession();
session.invalidate();
String cipherSuite = session.getCipherSuite();
if (params.cipherSuite.equals(cipherSuite) == false) {
throw new RuntimeException("Negotiated ciphersuite mismatch: " + cipherSuite + " != " + params.cipherSuite);
}
String protocol = session.getProtocol();
if (!DEFAULT.equals(params.protocol) && !params.protocol.contains(protocol)) {
throw new RuntimeException("Negotiated protocol mismatch: " + protocol + " != " + params.protocol);
}
if (!cipherSuite.contains("DH_anon")) {
session.getPeerCertificates();
}
Certificate[] certificates = session.getLocalCertificates();
if (params.clientAuth == null) {
if (certificates != null) {
throw new RuntimeException("Local certificates " + "should be null");
}
} else {
if ((certificates == null) || (certificates.length == 0)) {
throw new RuntimeException("Certificates missing");
}
String keyAlg = certificates[0].getPublicKey().getAlgorithm();
if ("EC".equals(keyAlg)) {
keyAlg = "ECDSA";
}
if (params.clientAuth == null ? keyAlg != null : !params.clientAuth.equals(keyAlg)) {
throw new RuntimeException("Certificate type mismatch: " + keyAlg + " != " + params.clientAuth);
}
}
} finally {
if (socket != null) {
socket.close();
}
}
}
Also used :
InputStream(java.io.InputStream)
SSLSocket(javax.net.ssl.SSLSocket)
OutputStream(java.io.OutputStream)
SSLSession(javax.net.ssl.SSLSession)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
Certificate(java.security.cert.Certificate)
Example 18 with SSLSession
use of javax.net.ssl.SSLSession in project jdk8u_jdk by JetBrains.
the class AcceptLargeFragments method main.
public static void main(String[] args) throws Exception {
SSLContext context = SSLContext.getDefault();
// set the property before initialization SSLEngine.
System.setProperty("jsse.SSLEngine.acceptLargeFragments", "true");
SSLEngine cliEngine = context.createSSLEngine();
cliEngine.setUseClientMode(true);
SSLEngine srvEngine = context.createSSLEngine();
srvEngine.setUseClientMode(false);
SSLSession cliSession = cliEngine.getSession();
SSLSession srvSession = srvEngine.getSession();
// check packet buffer sizes.
if (cliSession.getPacketBufferSize() < 33049 || srvSession.getPacketBufferSize() < 33049) {
throw new Exception("Don't accept large SSL/TLS fragments");
}
// check application data buffer sizes.
if (cliSession.getApplicationBufferSize() < 32768 || srvSession.getApplicationBufferSize() < 32768) {
throw new Exception("Don't accept large SSL/TLS application data ");
}
}
Also used :
SSLEngine(javax.net.ssl.SSLEngine)
SSLSession(javax.net.ssl.SSLSession)
SSLContext(javax.net.ssl.SSLContext)
Example 19 with SSLSession
use of javax.net.ssl.SSLSession in project pictureapp by EyeSeeTea.
the class UnsafeOkHttpsClientFactory method getUnsafeOkHttpClient.
public static OkHttpClient getUnsafeOkHttpClient() {
try {
// Create a trust manager that does not validate certificate chains
final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
} };
// Install the all-trusting trust manager
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
// Create an ssl socket factory with our all-trusting manager
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
OkHttpClient okHttpClient = new OkHttpClient();
okHttpClient.setSslSocketFactory(sslSocketFactory);
okHttpClient.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
return okHttpClient;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
Also used :
OkHttpClient(com.squareup.okhttp.OkHttpClient)
SSLSession(javax.net.ssl.SSLSession)
SSLContext(javax.net.ssl.SSLContext)
CertificateException(java.security.cert.CertificateException)
X509TrustManager(javax.net.ssl.X509TrustManager)
TrustManager(javax.net.ssl.TrustManager)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
X509TrustManager(javax.net.ssl.X509TrustManager)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
Example 20 with SSLSession
use of javax.net.ssl.SSLSession in project geode by apache.
the class ConnectCommandWithHttpAndSSLDUnitTest method connect.
@Override
protected void connect(final String host, final int jmxPort, final int httpPort, final HeadlessGfsh shell) {
assertNotNull(host);
assertNotNull(shell);
final CommandStringBuilder command = new CommandStringBuilder(CONNECT);
String endpoint;
// This is for testing purpose only. If we remove this piece of code we will
// get a java.security.cert.CertificateException
// as matching hostname can not be obtained in all test environment.
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String string, SSLSession ssls) {
return true;
}
});
endpoint = "https://" + host + ":" + httpPort + urlContext + "/v1";
command.addOption(CONNECT__USE_HTTP, Boolean.TRUE.toString());
command.addOption(CONNECT__URL, endpoint);
command.addOption(CONNECT__USE_SSL, Boolean.TRUE.toString());
if (sslInfoHolder.get().getProperty(CONNECT__KEY_STORE) != null) {
command.addOption(CONNECT__KEY_STORE, sslInfoHolder.get().getProperty(CONNECT__KEY_STORE));
}
if (sslInfoHolder.get().getProperty(CONNECT__KEY_STORE_PASSWORD) != null) {
command.addOption(CONNECT__KEY_STORE_PASSWORD, sslInfoHolder.get().getProperty(CONNECT__KEY_STORE_PASSWORD));
}
if (sslInfoHolder.get().getProperty(CONNECT__TRUST_STORE) != null) {
command.addOption(CONNECT__TRUST_STORE, sslInfoHolder.get().getProperty(CONNECT__TRUST_STORE));
}
if (sslInfoHolder.get().getProperty(CONNECT__TRUST_STORE_PASSWORD) != null) {
command.addOption(CONNECT__TRUST_STORE_PASSWORD, sslInfoHolder.get().getProperty(CONNECT__TRUST_STORE_PASSWORD));
}
if (sslInfoHolder.get().getProperty(CONNECT__SSL_PROTOCOLS) != null) {
command.addOption(CONNECT__SSL_PROTOCOLS, sslInfoHolder.get().getProperty(CONNECT__SSL_PROTOCOLS));
}
if (sslInfoHolder.get().getProperty(CONNECT__SSL_CIPHERS) != null) {
command.addOption(CONNECT__SSL_CIPHERS, sslInfoHolder.get().getProperty(CONNECT__SSL_CIPHERS));
}
CommandResult result = executeCommand(shell, command.toString());
if (!shell.isConnectedAndReady()) {
fail("Connect command failed to connect to manager " + endpoint + " result=" + commandResultToString(result));
}
info("Successfully connected to managing node using HTTPS");
assertEquals(true, shell.isConnectedAndReady());
}
Also used :
CommandStringBuilder(org.apache.geode.management.internal.cli.util.CommandStringBuilder)
SSLSession(javax.net.ssl.SSLSession)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
CommandResult(org.apache.geode.management.internal.cli.result.CommandResult)
Aggregations
SSLSession (javax.net.ssl.SSLSession)340
HostnameVerifier (javax.net.ssl.HostnameVerifier)121
SSLContext (javax.net.ssl.SSLContext)74
IOException (java.io.IOException)65
X509Certificate (java.security.cert.X509Certificate)64
CertificateException (java.security.cert.CertificateException)49
SSLSocket (javax.net.ssl.SSLSocket)49
TrustManager (javax.net.ssl.TrustManager)45
X509TrustManager (javax.net.ssl.X509TrustManager)43
Test (org.junit.Test)39
Certificate (java.security.cert.Certificate)33
SecureRandom (java.security.SecureRandom)31
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)29
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)28
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)28
URL (java.net.URL)24
HttpsURLConnection (javax.net.ssl.HttpsURLConnection)24
KeyManagementException (java.security.KeyManagementException)23
SSLException (javax.net.ssl.SSLException)22
InputStream (java.io.InputStream)18
