Java SSLEngine.setEnabledProtocols 예제들

프로그래밍 언어: Java

네임스페이스/패키지 이름: javax.net.ssl

클래스/타입: SSLEngine

메소드/함수: setEnabledProtocols

hotexamples.com에서의 예제들: 5

Java SSLEngine.setEnabledProtocols - 5개의 예제가 발견되었습니다. 이것들은 오픈소스 프로젝트에서 추출된 Java의 javax.net.ssl.SSLEngine.setEnabledProtocols에 대한 실세계 최고 등급의 예제들입니다. 예제들을 평가하여 예제의 품질 향상에 도움을 줄 수 있습니다.

자주 사용되는 메소드들

보기 숨기기

getSession(30)

setUseClientMode(30)

wrap(25)

unwrap(21)

getHandshakeStatus(20)

closeOutbound(18)

getDelegatedTask(16)

beginHandshake(14)

closeInbound(10)

setNeedClientAuth(10)

getUseClientMode(9)

isOutboundDone(8)

setWantClientAuth(7)

getEnabledCipherSuites(6)

isInboundDone(6)

setSSLParameters(5)

getEnabledProtocols(5)

getNeedClientAuth(5)

setEnabledCipherSuites(5)

setEnabledProtocols(5)

getSSLParameters(4)

getWantClientAuth(4)

setEnableSessionCreation(2)

getSupportedProtocols(1)

getSupportedCipherSuites(1)

예제 #1

파일 보기

파일: TLSWrapper.java 프로젝트: kumarchavan/tigase-server

  /**
   * Creates a new <code>TLSWrapper</code> instance.
   *
   * @param sslc
   * @param eventHandler
   * @param clientMode
   */
  public TLSWrapper(
      SSLContext sslc, TLSEventHandler eventHandler, String[] sslProtocols, boolean clientMode) {
    tlsEngine = sslc.createSSLEngine();
    tlsEngine.setUseClientMode(clientMode);

    if (tls_jdk_nss_workaround) {
      // Workaround for TLS/SSL bug in new JDK used with new version of
      // nss library see also:
      // http://stackoverflow.com/q/10687200/427545
      // http://bugs.sun.com/bugdatabase/view_bug.do;jsessionid=b509d9cb5d8164d90e6731f5fc44?bug_id=6928796
      tlsEngine.setEnabledCipherSuites(tls_workaround_ciphers);
    }

    if (sslProtocols != null) {
      tlsEngine.setEnabledProtocols(sslProtocols);
    }

    netBuffSize = tlsEngine.getSession().getPacketBufferSize();
    appBuffSize = tlsEngine.getSession().getApplicationBufferSize();
    this.eventHandler = eventHandler;

    if (!clientMode) {
      tlsEngine.setWantClientAuth(true);
    }
  }

예제 #2

파일 보기

파일: JsseSslUtils.java 프로젝트: stuartwdouglas/xnio

 /**
  * Create a new client mode SSL engine, configured from an option map.
  *
  * @param sslContext the SSL context
  * @param optionMap the SSL options
  * @param peerAddress the peer address of the connection
  * @return the configured SSL engine
  */
 public static SSLEngine createSSLEngine(
     SSLContext sslContext, OptionMap optionMap, InetSocketAddress peerAddress) {
   final SSLEngine engine =
       sslContext.createSSLEngine(
           optionMap.get(Options.SSL_PEER_HOST_NAME, getHostNameNoResolve(peerAddress)),
           optionMap.get(Options.SSL_PEER_PORT, peerAddress.getPort()));
   engine.setUseClientMode(true);
   engine.setEnableSessionCreation(optionMap.get(Options.SSL_ENABLE_SESSION_CREATION, true));
   final Sequence<String> cipherSuites = optionMap.get(Options.SSL_ENABLED_CIPHER_SUITES);
   if (cipherSuites != null) {
     final Set<String> supported =
         new HashSet<String>(Arrays.asList(engine.getSupportedCipherSuites()));
     final List<String> finalList = new ArrayList<String>();
     for (String name : cipherSuites) {
       if (supported.contains(name)) {
         finalList.add(name);
       }
     }
     engine.setEnabledCipherSuites(finalList.toArray(new String[finalList.size()]));
   }
   final Sequence<String> protocols = optionMap.get(Options.SSL_ENABLED_PROTOCOLS);
   if (protocols != null) {
     final Set<String> supported =
         new HashSet<String>(Arrays.asList(engine.getSupportedProtocols()));
     final List<String> finalList = new ArrayList<String>();
     for (String name : protocols) {
       if (supported.contains(name)) {
         finalList.add(name);
       }
     }
     engine.setEnabledProtocols(finalList.toArray(new String[finalList.size()]));
   }
   return engine;
 }

예제 #3

파일 보기

파일: AbstractJsseEndpoint.java 프로젝트: faicm/tomcat

  protected SSLEngine createSSLEngine(String sniHostName, List<Cipher> clientRequestedCiphers) {
    SSLHostConfig sslHostConfig = getSSLHostConfig(sniHostName);

    SSLHostConfigCertificate certificate = selectCertificate(sslHostConfig, clientRequestedCiphers);

    SSLContextWrapper sslContextWrapper = certificate.getSslContextWrapper();
    if (sslContextWrapper == null) {
      throw new IllegalStateException(sm.getString("endpoint.jsse.noSslContext", sniHostName));
    }

    SSLEngine engine = sslContextWrapper.getSSLContext().createSSLEngine();
    switch (sslHostConfig.getCertificateVerification()) {
      case NONE:
        engine.setNeedClientAuth(false);
        engine.setWantClientAuth(false);
        break;
      case OPTIONAL:
      case OPTIONAL_NO_CA:
        engine.setWantClientAuth(true);
        break;
      case REQUIRED:
        engine.setNeedClientAuth(true);
        break;
    }
    engine.setUseClientMode(false);
    engine.setEnabledCipherSuites(sslContextWrapper.getEnabledCiphers());
    engine.setEnabledProtocols(sslContextWrapper.getEnabledProtocols());

    SSLParameters sslParameters = engine.getSSLParameters();
    sslParameters.setUseCipherSuitesOrder(sslHostConfig.getHonorCipherOrder());
    // In case the getter returns a defensive copy
    engine.setSSLParameters(sslParameters);

    return engine;
  }

예제 #4

파일 보기

파일: ServerSSLSetupHandler.java 프로젝트: GayashanNA/wso2-synapse

 public void initalize(final SSLEngine sslengine) throws SSLException {
   if (clientAuth != null) {
     switch (clientAuth) {
       case OPTIONAL:
         sslengine.setWantClientAuth(true);
         break;
       case REQUIRED:
         sslengine.setNeedClientAuth(true);
     }
   }
   // set handshake protocols if they are specified in transport
   // configuration.
   if (httpsProtocols != null) {
     sslengine.setEnabledProtocols(httpsProtocols);
   }
 }

예제 #5

파일 보기

파일: LDAPConnectionHandler.java 프로젝트: jefffu/OpenDJ

  private SSLEngine createSSLEngine(LDAPConnectionHandlerCfg config, SSLContext sslContext)
      throws DirectoryException {
    try {
      SSLEngine sslEngine = sslContext.createSSLEngine();
      sslEngine.setUseClientMode(false);

      final Set<String> protocols = config.getSSLProtocol();
      if (!protocols.isEmpty()) {
        sslEngine.setEnabledProtocols(protocols.toArray(new String[0]));
      }

      final Set<String> ciphers = config.getSSLCipherSuite();
      if (!ciphers.isEmpty()) {
        sslEngine.setEnabledCipherSuites(ciphers.toArray(new String[0]));
      }

      switch (config.getSSLClientAuthPolicy()) {
        case DISABLED:
          sslEngine.setNeedClientAuth(false);
          sslEngine.setWantClientAuth(false);
          break;
        case REQUIRED:
          sslEngine.setWantClientAuth(true);
          sslEngine.setNeedClientAuth(true);
          break;
        case OPTIONAL:
        default:
          sslEngine.setNeedClientAuth(false);
          sslEngine.setWantClientAuth(true);
          break;
      }

      return sslEngine;
    } catch (Exception e) {
      logger.traceException(e);
      ResultCode resCode = DirectoryServer.getServerErrorResultCode();
      LocalizableMessage message =
          ERR_CONNHANDLER_SSL_CANNOT_INITIALIZE.get(getExceptionMessage(e));
      throw new DirectoryException(resCode, message, e);
    }
  }