Examples with SSLSessionContext - javax.net.ssl.SSLSessionContext

Example 6 with SSLSessionContext

use of javax.net.ssl.SSLSessionContext in project robovm by robovm.

the class SSLContextTest method test_SSLContext_getClientSessionContext.

public void test_SSLContext_getClientSessionContext() throws Exception {
    for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) {
        SSLContext sslContext = SSLContext.getInstance(protocol);
        SSLSessionContext sessionContext = sslContext.getClientSessionContext();
        assertNotNull(sessionContext);
        if (!StandardNames.IS_RI && protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) {
            assertSame(SSLContext.getInstance(protocol).getClientSessionContext(), sessionContext);
        } else {
            assertNotSame(SSLContext.getInstance(protocol).getClientSessionContext(), sessionContext);
        }
    }
}

Also used : SSLSessionContext(javax.net.ssl.SSLSessionContext) SSLContext(javax.net.ssl.SSLContext)

Example 7 with SSLSessionContext

use of javax.net.ssl.SSLSessionContext in project robovm by robovm.

the class SSLContextSpiTest method test_commonTest_01.

/**
     * SSLContextSpi#engineGetClientSessionContext()
     * SSLContextSpi#engineGetServerSessionContext()
     * SSLContextSpi#engineGetServerSocketFactory()
     * SSLContextSpi#engineGetSocketFactory()
     * Verify exception when SSLContextSpi object wasn't initialiazed.
     */
public void test_commonTest_01() {
    SSLContextSpiImpl ssl = new SSLContextSpiImpl();
    try {
        SSLSessionContext slsc = ssl.engineGetClientSessionContext();
        fail("RuntimeException wasn't thrown");
    } catch (RuntimeException re) {
        String str = re.getMessage();
        if (!str.equals("Not initialiazed"))
            fail("Incorrect exception message: " + str);
    } catch (Exception e) {
        fail("Incorrect exception " + e + " was thrown");
    }
    try {
        SSLSessionContext slsc = ssl.engineGetServerSessionContext();
        fail("RuntimeException wasn't thrown");
    } catch (RuntimeException re) {
        String str = re.getMessage();
        if (!str.equals("Not initialiazed"))
            fail("Incorrect exception message: " + str);
    } catch (Exception e) {
        fail("Incorrect exception " + e + " was thrown");
    }
    try {
        SSLServerSocketFactory sssf = ssl.engineGetServerSocketFactory();
        fail("RuntimeException wasn't thrown");
    } catch (RuntimeException re) {
        String str = re.getMessage();
        if (!str.equals("Not initialiazed"))
            fail("Incorrect exception message: " + str);
    } catch (Exception e) {
        fail("Incorrect exception " + e + " was thrown");
    }
    try {
        SSLSocketFactory ssf = ssl.engineGetSocketFactory();
        fail("RuntimeException wasn't thrown");
    } catch (RuntimeException re) {
        String str = re.getMessage();
        if (!str.equals("Not initialiazed"))
            fail("Incorrect exception message: " + str);
    } catch (Exception e) {
        fail("Incorrect exception " + e + " was thrown");
    }
}

Also used : SSLSessionContext(javax.net.ssl.SSLSessionContext) SSLServerSocketFactory(javax.net.ssl.SSLServerSocketFactory) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) SSLContextSpiImpl(org.apache.harmony.xnet.tests.support.SSLContextSpiImpl) KeyManagementException(java.security.KeyManagementException)

Example 8 with SSLSessionContext

use of javax.net.ssl.SSLSessionContext in project robovm by robovm.

the class SSLSessionContextTest method test_sessionCacheSize.

/**
     * @throws NoSuchAlgorithmException
     * @throws KeyManagementException
     * javax.net.ssl.SSLSessionContex#getSessionCacheSize()
     * javax.net.ssl.SSLSessionContex#setSessionCacheSize(int size)
     */
public final void test_sessionCacheSize() throws NoSuchAlgorithmException, KeyManagementException {
    SSLContext context = SSLContext.getInstance("TLS");
    context.init(null, null, null);
    SSLSessionContext sc = context.getClientSessionContext();
    sc.setSessionCacheSize(10);
    assertEquals("10 wasn't returned", 10, sc.getSessionCacheSize());
    sc.setSessionCacheSize(5);
    assertEquals("5 wasn't returned", 5, sc.getSessionCacheSize());
    try {
        sc.setSessionCacheSize(-1);
        fail("IllegalArgumentException wasn't thrown");
    } catch (IllegalArgumentException iae) {
    //expected
    }
}

Also used : SSLSessionContext(javax.net.ssl.SSLSessionContext) SSLContext(javax.net.ssl.SSLContext)

Example 9 with SSLSessionContext

use of javax.net.ssl.SSLSessionContext in project zaproxy by zaproxy.

the class SSLContextManager method invalidateSession.

private void invalidateSession(SSLContext sc) {
    SSLSessionContext sslsc = sc.getClientSessionContext();
    if (sslsc != null) {
        int timeout = sslsc.getSessionTimeout();
        // force sessions to be timed out
        sslsc.setSessionTimeout(1);
        sslsc.setSessionTimeout(timeout);
    }
    sslsc = sc.getServerSessionContext();
    if (sslsc != null) {
        int timeout = sslsc.getSessionTimeout();
        // force sessions to be timed out
        sslsc.setSessionTimeout(1);
        sslsc.setSessionTimeout(timeout);
    }
}

Also used : SSLSessionContext(javax.net.ssl.SSLSessionContext)

Example 10 with SSLSessionContext

use of javax.net.ssl.SSLSessionContext in project jetty.project by eclipse.

the class SslContextFactory method load.

private void load() throws Exception {
    SSLContext context = _setContext;
    KeyStore keyStore = _setKeyStore;
    KeyStore trustStore = _setTrustStore;
    if (context == null) {
        // Is this an empty factory?
        if (keyStore == null && _keyStoreResource == null && trustStore == null && _trustStoreResource == null) {
            TrustManager[] trust_managers = null;
            if (isTrustAll()) {
                if (LOG.isDebugEnabled())
                    LOG.debug("No keystore or trust store configured.  ACCEPTING UNTRUSTED CERTIFICATES!!!!!");
                // Create a trust manager that does not validate certificate chains
                trust_managers = TRUST_ALL_CERTS;
            }
            String algorithm = getSecureRandomAlgorithm();
            SecureRandom secureRandom = algorithm == null ? null : SecureRandom.getInstance(algorithm);
            context = _sslProvider == null ? SSLContext.getInstance(_sslProtocol) : SSLContext.getInstance(_sslProtocol, _sslProvider);
            context.init(null, trust_managers, secureRandom);
        } else {
            if (keyStore == null)
                keyStore = loadKeyStore(_keyStoreResource);
            if (trustStore == null)
                trustStore = loadTrustStore(_trustStoreResource);
            Collection<? extends CRL> crls = loadCRL(getCrlPath());
            // Look for X.509 certificates to create alias map
            if (keyStore != null) {
                for (String alias : Collections.list(keyStore.aliases())) {
                    Certificate certificate = keyStore.getCertificate(alias);
                    if (certificate != null && "X.509".equals(certificate.getType())) {
                        X509Certificate x509C = (X509Certificate) certificate;
                        // Exclude certificates with special uses
                        if (X509.isCertSign(x509C)) {
                            if (LOG.isDebugEnabled())
                                LOG.debug("Skipping " + x509C);
                            continue;
                        }
                        X509 x509 = new X509(alias, x509C);
                        _aliasX509.put(alias, x509);
                        if (isValidateCerts()) {
                            CertificateValidator validator = new CertificateValidator(trustStore, crls);
                            validator.setMaxCertPathLength(getMaxCertPathLength());
                            validator.setEnableCRLDP(isEnableCRLDP());
                            validator.setEnableOCSP(isEnableOCSP());
                            validator.setOcspResponderURL(getOcspResponderURL());
                            // TODO what about truststore?
                            validator.validate(keyStore, x509C);
                        }
                        LOG.info("x509={} for {}", x509, this);
                        for (String h : x509.getHosts()) _certHosts.put(h, x509);
                        for (String w : x509.getWilds()) _certWilds.put(w, x509);
                    }
                }
            }
            // Instantiate key and trust managers
            KeyManager[] keyManagers = getKeyManagers(keyStore);
            TrustManager[] trustManagers = getTrustManagers(trustStore, crls);
            // Initialize context
            SecureRandom secureRandom = (_secureRandomAlgorithm == null) ? null : SecureRandom.getInstance(_secureRandomAlgorithm);
            context = _sslProvider == null ? SSLContext.getInstance(_sslProtocol) : SSLContext.getInstance(_sslProtocol, _sslProvider);
            context.init(keyManagers, trustManagers, secureRandom);
        }
    }
    // Initialize cache
    SSLSessionContext serverContext = context.getServerSessionContext();
    if (serverContext != null) {
        if (getSslSessionCacheSize() > -1)
            serverContext.setSessionCacheSize(getSslSessionCacheSize());
        if (getSslSessionTimeout() > -1)
            serverContext.setSessionTimeout(getSslSessionTimeout());
    }
    // select the protocols and ciphers
    SSLParameters enabled = context.getDefaultSSLParameters();
    SSLParameters supported = context.getSupportedSSLParameters();
    selectCipherSuites(enabled.getCipherSuites(), supported.getCipherSuites());
    selectProtocols(enabled.getProtocols(), supported.getProtocols());
    _factory = new Factory(keyStore, trustStore, context);
    if (LOG.isDebugEnabled()) {
        LOG.debug("Selected Protocols {} of {}", Arrays.asList(_selectedProtocols), Arrays.asList(supported.getProtocols()));
        LOG.debug("Selected Ciphers   {} of {}", Arrays.asList(_selectedCipherSuites), Arrays.asList(supported.getCipherSuites()));
    }
}

Also used : SSLSessionContext(javax.net.ssl.SSLSessionContext) CertificateValidator(org.eclipse.jetty.util.security.CertificateValidator) SecureRandom(java.security.SecureRandom) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) SSLServerSocketFactory(javax.net.ssl.SSLServerSocketFactory) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) SSLContext(javax.net.ssl.SSLContext) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager) SSLParameters(javax.net.ssl.SSLParameters) KeyManager(javax.net.ssl.KeyManager) X509ExtendedKeyManager(javax.net.ssl.X509ExtendedKeyManager) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Aggregations

SSLSessionContext (javax.net.ssl.SSLSessionContext)18 SSLContext (javax.net.ssl.SSLContext)10 SSLServerSocketFactory (javax.net.ssl.SSLServerSocketFactory)3 IOException (java.io.IOException)2 SSLException (javax.net.ssl.SSLException)2 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)2 ByteBuf (io.netty.buffer.ByteBuf)1 Channel (io.netty.channel.Channel)1 SocketChannel (io.netty.channel.socket.SocketChannel)1 JdkSslContext (io.netty.handler.ssl.JdkSslContext)1 OpenSslServerContext (io.netty.handler.ssl.OpenSslServerContext)1 OpenSslServerSessionContext (io.netty.handler.ssl.OpenSslServerSessionContext)1 SslContext (io.netty.handler.ssl.SslContext)1 SslHandler (io.netty.handler.ssl.SslHandler)1 HttpServerOptions (io.vertx.core.http.HttpServerOptions)1 OpenSSLEngineOptions (io.vertx.core.net.OpenSSLEngineOptions)1 SSLHelper (io.vertx.core.net.impl.SSLHelper)1 InetSocketAddress (java.net.InetSocketAddress)1 KeyManagementException (java.security.KeyManagementException)1 KeyStore (java.security.KeyStore)1