Using the ExtendedSSLSession interface - Java Network

Java examples for Network:SSL

Introduction

ExtendedSSLSession can be used to determine the specific local and peer supported signature algorithms that are used.

Demo Code

import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.AlgorithmConstraints;
import java.security.AlgorithmParameters;
import java.security.CryptoPrimitive;
import java.security.Key;
import java.security.interfaces.RSAKey;
import java.util.Date;
import java.util.Set;

import javax.net.ssl.ExtendedSSLSession;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;

public class Main {

  public EchoServer() {
    try {/*w  w  w  .j  ava2  s.  c om*/
      SSLServerSocketFactory sslServerSocketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
      SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketFactory.createServerSocket(9999);
      System.out.println("Waiting for a client ...");
      SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

      SSLParameters parameters = sslSocket.getSSLParameters();
      parameters.setAlgorithmConstraints(new SimpleConstraints());

      AlgorithmConstraints constraints = parameters.getAlgorithmConstraints();
      System.out.println("Constraint: " + constraints);

      String endPoint = parameters.getEndpointIdentificationAlgorithm();
      System.out.println("End Point: " + endPoint);

      System.out.println("Local Supported Signature Algorithms");
      if (sslSocket.getSession() instanceof ExtendedSSLSession) {
        ExtendedSSLSession extendedSSLSession = (ExtendedSSLSession) sslSocket.getSession();
        String alogrithms[] = extendedSSLSession.getLocalSupportedSignatureAlgorithms();
        for (String algorithm : alogrithms) {
          System.out.println("Algortihm: " + algorithm);
        }
      }

      System.out.println("Peer Supported Signature Algorithms");
      if (sslSocket.getSession() instanceof ExtendedSSLSession) {
        String alogrithms[] = ((ExtendedSSLSession) sslSocket.getSession()).getPeerSupportedSignatureAlgorithms();
        for (String algorithm : alogrithms) {
          System.out.println("Algortihm: " + algorithm);
        }
      }

      InputStream inputstream = sslSocket.getInputStream();
      InputStreamReader inputstreamreader = new InputStreamReader(inputstream);
      BufferedReader bufferedreader = new BufferedReader(inputstreamreader);

      SSLSession session = sslSocket.getHandshakeSession();
      if (session != null) {
        System.out.println("Last accessed: " + new Date(session.getLastAccessedTime()));
      }

      String string = null;
      while ((string = bufferedreader.readLine()) != null) {
        System.out.println(string);
        System.out.flush();
      }
    } catch (Exception exception) {
      exception.printStackTrace();
    }
  }
  public static void main(String[] arstring) {
    new EchoServer();
  }

}

class SimpleConstraints implements AlgorithmConstraints {
  public boolean permits(Set<CryptoPrimitive> primitives, String algorithm, AlgorithmParameters parameters) {
    return permits(primitives, algorithm, null, parameters);
  }

  public boolean permits(Set<CryptoPrimitive> primitives, Key key) {
    return permits(primitives, null, key, null);
  }

  public boolean permits(Set<CryptoPrimitive> primitives, String algorithm, Key key, AlgorithmParameters parameters) {
    if (algorithm == null)
      algorithm = key.getAlgorithm();

    if (algorithm.indexOf("RSA") == -1)
      return false;

    if (key != null) {
      RSAKey rsaKey = (RSAKey) key;
      int size = rsaKey.getModulus().bitLength();
      if (size < 2048)
        return false;
    }

    return true;
  }
}

Related Tutorials