Java SSLContextParameters.setSecureSocketProtocols Examples

Example #1

File: SSLContextParametersTest.java Project: JSantosP/camel

  public void testPropertyPlaceholders() throws Exception {

    CamelContext camelContext = this.createPropertiesPlaceholderAwareContext();

    KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setCamelContext(camelContext);

    ksp.setType("{{keyStoreParameters.type}}");
    ksp.setProvider("{{keyStoreParameters.provider}}");
    ksp.setResource("{{keyStoreParameters.resource}}");
    ksp.setPassword("{{keyStoreParamerers.password}}");

    KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setCamelContext(camelContext);
    kmp.setKeyStore(ksp);

    kmp.setKeyPassword("{{keyManagersParameters.keyPassword}}");
    kmp.setAlgorithm("{{keyManagersParameters.algorithm}}");
    kmp.setProvider("{{keyManagersParameters.provider}}");

    TrustManagersParameters tmp = new TrustManagersParameters();
    tmp.setCamelContext(camelContext);
    tmp.setKeyStore(ksp);

    tmp.setAlgorithm("{{trustManagersParameters.algorithm}}");
    tmp.setProvider("{{trustManagersParameters.provider}}");

    CipherSuitesParameters csp = new CipherSuitesParameters();
    csp.getCipherSuite().add("{{cipherSuite.0}}");

    SecureSocketProtocolsParameters sspp = new SecureSocketProtocolsParameters();
    sspp.getSecureSocketProtocol().add("{{secureSocketProtocol.0}}");

    SSLContextServerParameters scsp = new SSLContextServerParameters();
    scsp.setCamelContext(camelContext);
    scsp.setClientAuthentication("{{sslContextServerParameters.clientAuthentication}}");

    SSLContextParameters scp = new SSLContextParameters();
    scp.setCamelContext(camelContext);
    scp.setKeyManagers(kmp);
    scp.setTrustManagers(tmp);
    scp.setServerParameters(scsp);

    scp.setProvider("{{sslContextParameters.provider}}");
    scp.setSecureSocketProtocol("{{sslContextParameters.protocol}}");
    scp.setSessionTimeout("{{sslContextParameters.sessionTimeout}}");

    scp.setCipherSuites(csp);
    scp.setSecureSocketProtocols(sspp);

    SSLContext context = scp.createSSLContext();
    SSLServerSocket serverSocket =
        (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
    assertTrue(serverSocket.getNeedClientAuth());
    context.getSocketFactory().createSocket();
    context.createSSLEngine();
  }

Example #2

File: SSLContextParametersTest.java Project: JSantosP/camel

  public void testSecureSocketProtocols() throws Exception {
    SSLContext controlContext = SSLContext.getInstance("TLS");
    controlContext.init(null, null, null);
    SSLEngine controlEngine = controlContext.createSSLEngine();
    SSLSocket controlSocket = (SSLSocket) controlContext.getSocketFactory().createSocket();
    SSLServerSocket controlServerSocket =
        (SSLServerSocket) controlContext.getServerSocketFactory().createServerSocket();

    // default
    SSLContextParameters scp = new SSLContextParameters();

    SSLContext context = scp.createSSLContext();

    SSLEngine engine = context.createSSLEngine();
    SSLSocket socket = (SSLSocket) context.getSocketFactory().createSocket();
    SSLServerSocket serverSocket =
        (SSLServerSocket) context.getServerSocketFactory().createServerSocket();

    assertTrue(Arrays.equals(controlEngine.getEnabledProtocols(), engine.getEnabledProtocols()));
    assertTrue(Arrays.equals(controlSocket.getEnabledProtocols(), socket.getEnabledProtocols()));
    checkProtocols(controlServerSocket.getEnabledProtocols(), serverSocket.getEnabledProtocols());

    // empty sspp

    SecureSocketProtocolsParameters sspp = new SecureSocketProtocolsParameters();
    scp.setSecureSocketProtocols(sspp);
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();

    assertEquals(0, engine.getEnabledProtocols().length);
    assertEquals(0, socket.getEnabledProtocols().length);
    assertEquals(0, serverSocket.getEnabledProtocols().length);

    // explicit sspp

    sspp.getSecureSocketProtocol().add("TLSv1");
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();

    assertEquals(1, engine.getEnabledProtocols().length);
    assertEquals("TLSv1", engine.getEnabledProtocols()[0]);
    assertEquals(1, socket.getEnabledProtocols().length);
    assertEquals("TLSv1", socket.getEnabledProtocols()[0]);
    assertEquals(1, serverSocket.getEnabledProtocols().length);
    assertEquals("TLSv1", serverSocket.getEnabledProtocols()[0]);

    // explicit sspp overrides filter

    FilterParameters filter = new FilterParameters();
    filter.getInclude().add(".*");
    scp.setSecureSocketProtocolsFilter(filter);
    context = scp.createSSLContext();
    engine = context.createSSLEngine();
    socket = (SSLSocket) context.getSocketFactory().createSocket();
    serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();

    // not all platforms/JDKs have these cipher suites
    if (!isPlatform("aix")) {
      assertEquals(1, engine.getEnabledProtocols().length);
      assertEquals("TLSv1", engine.getEnabledProtocols()[0]);
      assertEquals(1, socket.getEnabledProtocols().length);
      assertEquals("TLSv1", socket.getEnabledProtocols()[0]);
      assertEquals(1, socket.getEnabledProtocols().length);
      assertEquals("TLSv1", serverSocket.getEnabledProtocols()[0]);
    }
  }