List of usage examples for javax.net.ssl SSLSocket setEnabledCipherSuites
public abstract void setEnabledCipherSuites(String suites[]);
From source file:org.eclipse.aether.transport.http.SslSocketFactory.java
@Override protected void prepareSocket(SSLSocket socket) throws IOException { super.prepareSocket(socket); if (cipherSuites != null) { socket.setEnabledCipherSuites(cipherSuites); }/*from w ww . j a v a 2s . c o m*/ if (protocols != null) { socket.setEnabledProtocols(protocols); } }
From source file:no.kantega.kwashc.server.test.SSLCipherSuiteTest.java
private HttpResponse checkClientForCiphers(Site site, int httpsPort, HttpClient httpclient, String[] ciphers) throws NoSuchAlgorithmException, KeyManagementException, IOException { SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(null, new TrustManager[] { allowAllTrustManager }, null); SSLSocketFactory sf = new SSLSocketFactory(sslcontext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpParams params = new BasicHttpParams(); params.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, 1000); params.setParameter(CoreConnectionPNames.SO_TIMEOUT, 1000); SSLSocket socket = (SSLSocket) sf.createSocket(params); socket.setEnabledCipherSuites(ciphers); URL url = new URL(site.getAddress()); InetSocketAddress address = new InetSocketAddress(url.getHost(), httpsPort); sf.connectSocket(socket, address, null, params); Scheme sch = new Scheme("https", httpsPort, sf); httpclient.getConnectionManager().getSchemeRegistry().register(sch); HttpGet request = new HttpGet( "https://" + url.getHost() + ":" + site.getSecureport() + url.getPath() + "blog"); return httpclient.execute(request); }
From source file:no.kantega.kwashc.server.test.SSLProtocolTest.java
private HttpResponse checkClient(Site site, int httpsPort, HttpClient httpclient, String[] protocols, String[] ciphers) throws NoSuchAlgorithmException, KeyManagementException, IOException { SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(null, new TrustManager[] { allowAllTrustManager }, null); SSLSocketFactory sf = new SSLSocketFactory(sslcontext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpParams params = new BasicHttpParams(); params.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, 1000); params.setParameter(CoreConnectionPNames.SO_TIMEOUT, 1000); SSLSocket socket = (SSLSocket) sf.createSocket(params); if (protocols != null) { socket.setEnabledProtocols(protocols); }//www . j a va2s. c om if (ciphers != null) { socket.setEnabledCipherSuites(ciphers); } URL url = new URL(site.getAddress()); InetSocketAddress address = new InetSocketAddress(url.getHost(), httpsPort); sf.connectSocket(socket, address, null, params); Scheme sch = new Scheme("https", httpsPort, sf); httpclient.getConnectionManager().getSchemeRegistry().register(sch); HttpGet request = new HttpGet( "https://" + url.getHost() + ":" + site.getSecureport() + url.getPath() + "blog"); return httpclient.execute(request); }
From source file:com.apporiented.hermesftp.cmd.impl.FtpCmdAuth.java
/** * Enables the configured cipher suites in the passed socket. * /* ww w.ja v a 2 s .c om*/ * @param sslSocket The socket. */ private void enableCipherSuites(SSLSocket sslSocket) { String[] cipherSuites = getCtx().getOptions().getStringArray(OPT_SSL_CIPHER_SUITES, null); if (cipherSuites != null) { if (cipherSuites.length == 1 && WILDCARD.equals(cipherSuites[0])) { sslSocket.setEnabledCipherSuites(sslSocket.getSupportedCipherSuites()); } else { sslSocket.setEnabledCipherSuites(cipherSuites); } } }
From source file:it.jnrpe.client.JNRPEClient.java
/** * Inovoke a command installed in JNRPE. * /*from ww w . ja va 2 s . com*/ * @param sCommandName * The name of the command to be invoked * @param arguments * The arguments to pass to the command (will substitute the * $ARGSx$ parameters) * @return The value returned by the server * @throws JNRPEClientException * Thrown on any communication error. */ public final ReturnValue sendCommand(final String sCommandName, final String... arguments) throws JNRPEClientException { SocketFactory socketFactory; Socket s = null; try { if (!useSSL) { socketFactory = SocketFactory.getDefault(); } else { SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); sslContext.init(null, new TrustManager[] { getTrustManager() }, new SecureRandom()); socketFactory = sslContext.getSocketFactory(); } s = socketFactory.createSocket(); if (weakCipherSuitesEnabled) { SSLSocket ssl = (SSLSocket) s; ssl.setEnabledCipherSuites(ssl.getSupportedCipherSuites()); } s.setSoTimeout((int) TimeUnit.SECOND.convert(communicationTimeout)); s.connect(new InetSocketAddress(serverIPorURL, serverPort)); JNRPERequest req = new JNRPERequest(sCommandName, arguments); s.getOutputStream().write(req.toByteArray()); InputStream in = s.getInputStream(); JNRPEResponse res = new JNRPEResponse(in); return new ReturnValue(Status.fromIntValue(res.getResultCode()), res.getMessage()); } catch (RuntimeException re) { throw re; } catch (Exception e) { throw new JNRPEClientException(e); } finally { if (s != null) { try { s.close(); } catch (IOException e) { // Ignore } } } }
From source file:de.vanita5.twittnuker.util.net.ssl.HostResolvedSSLConnectionSocketFactory.java
@Override public Socket createLayeredSocket(final Socket socket, final String target, final int port, final HttpContext context) throws IOException { final SSLSocket sslsock = (SSLSocket) socketfactory.createSocket(socket, target, port, true); if (supportedProtocols != null) { sslsock.setEnabledProtocols(supportedProtocols); }//w w w. j a v a 2s .com if (supportedCipherSuites != null) { sslsock.setEnabledCipherSuites(supportedCipherSuites); } prepareSocket(sslsock); // Android specific code to enable SNI if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) { if (socketfactory instanceof SSLCertificateSocketFactory) { if (Log.isLoggable(TAG, Log.DEBUG)) { Log.d(TAG, "Enabling SNI for " + target); } ((SSLCertificateSocketFactory) socketfactory).setHostname(sslsock, target); } } // End of Android specific code sslsock.startHandshake(); verifyHostname(sslsock, target, context); return sslsock; }
From source file:immf.MyWiser.java
/** * Create a new SMTP server with this class as the listener. * The default port is 25. Call setPort()/setHostname() before * calling start()./* ww w . j a v a 2 s. c o m*/ */ public MyWiser(UsernamePasswordValidator userPass, int port, MyWiserMailListener listener, final String tlsKeyStore, final String tlsKeyType, final String tlsKeyPasswd) { if (tlsKeyStore == null) { log.info("SMTP Server disable TLS"); this.server = new SMTPServer(this, new EasyAuthenticationHandlerFactory(userPass)); this.server.setHideTLS(true); // TLS? } else { // TLS log.info("SMTP Server enable TLS"); this.server = new SMTPServer(this, new EasyAuthenticationHandlerFactory(userPass)) { public SSLSocket createSSLSocket(Socket socket) throws IOException { SSLSocketFactory sf = createSslSocketFactory(tlsKeyStore, tlsKeyType, tlsKeyPasswd); InetSocketAddress remoteAddress = (InetSocketAddress) socket.getRemoteSocketAddress(); SSLSocket s = (SSLSocket) (sf.createSocket(socket, remoteAddress.getHostName(), socket.getPort(), true)); s.setUseClientMode(false); s.setEnabledCipherSuites(s.getSupportedCipherSuites()); return s; } }; this.server.setRequireTLS(true); // TLS } this.server.setPort(port); this.listener = listener; }
From source file:com.dubsar_dictionary.SecureClient.SecureSocketFactory.java
private void setupCrypto(SSLSocket socket) { // Log.d(TAG, "in setupCrypto"); String[] protocols = getEnabledProtocols(); if (protocols != null) { socket.setEnabledProtocols(protocols); }// www . java 2s .com String[] ciphers = getEnabledCipherSuites(); if (ciphers != null) { socket.setEnabledCipherSuites(ciphers); } protocols = socket.getEnabledProtocols(); if (protocols == null) { Log.e(TAG, "protocols is null"); return; } for (String protocol : protocols) { Log.d(TAG, protocol + " is enabled"); } ciphers = socket.getEnabledCipherSuites(); if (ciphers == null) { Log.e(TAG, "ciphers is null"); return; } for (String cipher : ciphers) { Log.d(TAG, cipher + " is enabled"); } // no? // socket.setHandshakeTimeout(mHandshakeTimeoutMillis); }
From source file:com.leetchi.api.client.ssl.SSLConnectionSocketFactory.java
public Socket createLayeredSocket(final Socket socket, final String target, final int port, final HttpContext context) throws IOException { final SSLSocket sslsock = (SSLSocket) this.socketfactory.createSocket(socket, target, port, true); // DEBUT PATCH POUR FORCER LA VERSION DE PROTOCOLE // if (supportedProtocols != null) { sslsock.setEnabledProtocols(new String[] { "TLSv1" }); // }//from w ww . j a va 2 s . c om if (supportedCipherSuites != null) { sslsock.setEnabledCipherSuites(supportedCipherSuites); } prepareSocket(sslsock); sslsock.startHandshake(); verifyHostname(sslsock, target); return sslsock; }
From source file:com.eviware.soapui.impl.wsdl.support.http.SoapUIEasySSLProtocolSocketFactory.java
private synchronized Socket enableSocket(SSLSocket socket) { socket.getSession().invalidate();//ww w . ja v a 2 s. c om String protocols = System.getProperty("soapui.https.protocols"); String ciphers = System.getProperty("soapui.https.ciphers"); if (StringUtils.hasContent(protocols)) { socket.setEnabledProtocols(protocols.split(",")); } else if (socket.getSupportedProtocols() != null) { socket.setEnabledProtocols(socket.getSupportedProtocols()); } if (StringUtils.hasContent(ciphers)) { socket.setEnabledCipherSuites(ciphers.split(",")); } else if (socket.getSupportedCipherSuites() != null) { socket.setEnabledCipherSuites(socket.getSupportedCipherSuites()); } return socket; }