类javax.net.ssl.ExtendedSSLSession源码实例Demo

下面列出了怎么用javax.net.ssl.ExtendedSSLSession的API类实例代码及写法,或者点击链接到github查看源代码。

源代码1 项目: openjsse   文件: SSLContextImpl.java
private void checkAdditionalTrust(X509Certificate[] chain,
        String authType, javax.net.ssl.SSLEngine engine,
        boolean checkClientTrusted) throws CertificateException {
    if (engine != null) {
        SSLSession session = engine.getHandshakeSession();
        if (session == null) {
            throw new CertificateException("No handshake session");
        }

        // check endpoint identity
        String identityAlg = engine.getSSLParameters().
                                    getEndpointIdentificationAlgorithm();
        if (identityAlg != null && identityAlg.length() != 0) {
            X509TrustManagerImpl.checkIdentity(session, chain,
                                identityAlg, checkClientTrusted);
        }

        // try the best to check the algorithm constraints
        AlgorithmConstraints constraints;
        if (ProtocolVersion.useTLS12PlusSpec(session.getProtocol())) {
            if (session instanceof ExtendedSSLSession) {
                ExtendedSSLSession extSession =
                                (ExtendedSSLSession)session;
                String[] peerSupportedSignAlgs =
                        extSession.getLocalSupportedSignatureAlgorithms();

                constraints = new SSLAlgorithmConstraints(
                                (org.openjsse.javax.net.ssl.SSLEngine)engine, peerSupportedSignAlgs, true);
            } else {
                constraints =
                        new SSLAlgorithmConstraints((org.openjsse.javax.net.ssl.SSLEngine)engine, true);
            }
        } else {
            constraints = new SSLAlgorithmConstraints((org.openjsse.javax.net.ssl.SSLEngine)engine, true);
        }

        checkAlgorithmConstraints(chain, constraints, checkClientTrusted);
    }
}
 
源代码2 项目: j2objc   文件: SSLSocketTest.java
public void test_SSLSocket_SNIHostName() throws Exception {
    TestSSLContext c = TestSSLContext.create();

    final SSLSocket client = (SSLSocket) c.clientContext.getSocketFactory().createSocket();
    SSLParameters clientParams = client.getSSLParameters();
    clientParams.setServerNames(Collections.singletonList(
            (SNIServerName) new SNIHostName("www.example.com")));
    client.setSSLParameters(clientParams);

    SSLParameters serverParams = c.serverSocket.getSSLParameters();
    serverParams.setSNIMatchers(Collections.singletonList(
            SNIHostName.createSNIMatcher("www\\.example\\.com")));
    c.serverSocket.setSSLParameters(serverParams);

    client.connect(new InetSocketAddress(c.host, c.port));
    final SSLSocket server = (SSLSocket) c.serverSocket.accept();

    ExecutorService executor = Executors.newSingleThreadExecutor();
    Future<Void> future = executor.submit(new Callable<Void>() {
        @Override public Void call() throws Exception {
            client.startHandshake();
            return null;
        }
    });
    executor.shutdown();
    server.startHandshake();

    SSLSession serverSession = server.getSession();
    assertTrue(serverSession instanceof ExtendedSSLSession);
    ExtendedSSLSession extendedServerSession = (ExtendedSSLSession) serverSession;
    List<SNIServerName> requestedNames = extendedServerSession.getRequestedServerNames();
    assertNotNull(requestedNames);
    assertEquals(1, requestedNames.size());
    SNIServerName serverName = requestedNames.get(0);
    assertEquals(StandardConstants.SNI_HOST_NAME, serverName.getType());
    assertTrue(serverName instanceof SNIHostName);
    SNIHostName serverHostName = (SNIHostName) serverName;
    assertEquals("www.example.com", serverHostName.getAsciiName());
}
 
源代码3 项目: openjsse   文件: SSLContextImpl.java
private void checkAdditionalTrust(X509Certificate[] chain,
        String authType, Socket socket,
        boolean checkClientTrusted) throws CertificateException {
    if (socket != null && socket.isConnected() &&
                                socket instanceof SSLSocket) {

        SSLSocket sslSocket = (SSLSocket)socket;
        SSLSession session = sslSocket.getHandshakeSession();
        if (session == null) {
            throw new CertificateException("No handshake session");
        }

        // check endpoint identity
        String identityAlg = sslSocket.getSSLParameters().
                                    getEndpointIdentificationAlgorithm();
        if (identityAlg != null && identityAlg.length() != 0) {
            X509TrustManagerImpl.checkIdentity(session, chain,
                                identityAlg, checkClientTrusted);
        }

        // try the best to check the algorithm constraints
        AlgorithmConstraints constraints;
        if (ProtocolVersion.useTLS12PlusSpec(session.getProtocol())) {
            if (session instanceof ExtendedSSLSession) {
                ExtendedSSLSession extSession =
                                (ExtendedSSLSession)session;
                String[] peerSupportedSignAlgs =
                        extSession.getLocalSupportedSignatureAlgorithms();

                constraints = new SSLAlgorithmConstraints(
                                sslSocket, peerSupportedSignAlgs, true);
            } else {
                constraints =
                        new SSLAlgorithmConstraints(sslSocket, true);
            }
        } else {
            constraints = new SSLAlgorithmConstraints(sslSocket, true);
        }

        checkAlgorithmConstraints(chain, constraints, checkClientTrusted);
    }
}