下面列出了javax.net.ssl.SSLSocket#setSSLParameters ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
public static void main(String[] args) throws InterruptedException {
try {
System.setProperty("javax.net.ssl.trustStore", "C:/Users/Martin/sample.pfx");
System.setProperty("javax.net.ssl.trustStorePassword", "sample");
SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket s = (SSLSocket) ssf.createSocket("127.0.0.1", 4444);
SSLParameters params = s.getSSLParameters();
s.setSSLParameters(params);
PrintWriter out = new PrintWriter(s.getOutputStream(), true);
out.println("Hi, server.");
BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream()));
String x = in.readLine();
System.out.println(x);
System.out.println("Used protocol: " + s.getApplicationProtocol());
out.close();
in.close();
s.close();
} catch (Exception ex) {
ex.printStackTrace();
}
}
@RequiresApi(api = Build.VERSION_CODES.KITKAT)
@Override
public void configureTlsExtensions(SSLSocket sslSocket, String hostname,
List<Protocol> protocols) {
try {
SSLParameters sslParameters = sslSocket.getSSLParameters();
List<String> names = alpnProtocolNames(protocols);
setProtocolMethod.invoke(sslParameters,
new Object[] {names.toArray(new String[names.size()])});
sslSocket.setSSLParameters(sslParameters);
} catch (IllegalAccessException | InvocationTargetException e) {
throw new AssertionError();
}
}
@Override
public void configureTlsExtensions(SSLSocket sslSocket, String hostname,
List<Protocol> protocols) {
try {
SSLParameters sslParameters = sslSocket.getSSLParameters();
List<String> names = alpnProtocolNames(protocols);
setProtocolMethod.invoke(sslParameters,
new Object[] {names.toArray(new String[names.size()])});
sslSocket.setSSLParameters(sslParameters);
} catch (IllegalAccessException | InvocationTargetException e) {
throw new AssertionError();
}
}
@Test(expected = SSLException.class)
public void testWrongClientSideTrustManagerFailsValidation() throws IOException, NoSuchAlgorithmException, InterruptedException {
try (ServerSocket serverSocket = SSLTestUtils.createServerSocket()) {
final AtomicReference<byte[]> sessionID = new AtomicReference<>();
final SSLContext sslContext = SSLTestUtils.createSSLContext("openssl.TLSv1");
Thread acceptThread = new Thread(new EchoRunnable(serverSocket, sslContext, sessionID));
acceptThread.start();
final SSLSocket socket = (SSLSocket) SSLTestUtils.createSSLContext("openssl.TLSv1").getSocketFactory().createSocket();
socket.setSSLParameters(socket.getSSLParameters());
socket.connect(SSLTestUtils.createSocketAddress());
socket.getOutputStream().write(MESSAGE.getBytes(StandardCharsets.US_ASCII));
socket.getSession().invalidate();
socket.close();
serverSocket.close();
acceptThread.join();
}
}
public static void main(String[] args) throws IOException{
System.setProperty("javax.net.ssl.keyStore", "C:/Users/Martin/sample.pfx");
System.setProperty("javax.net.ssl.keyStorePassword", "sample");
SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
ServerSocket ss = ssf.createServerSocket(4444);
while (true) {
SSLSocket s = (SSLSocket) ss.accept();
SSLParameters params = s.getSSLParameters();
s.setSSLParameters(params);
BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream()));
String line = null;
PrintStream out = new PrintStream(s.getOutputStream());
while (((line = in.readLine()) != null)) {
System.out.println(line);
out.println("Hi, client");
}
in.close();
out.close();
s.close();
}
}
public static void main(String[] args) throws InterruptedException {
try {
System.setProperty("javax.net.ssl.trustStore", "C:/Users/Martin/sample.pfx");
System.setProperty("javax.net.ssl.trustStorePassword", "sample");
SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket s = (SSLSocket) ssf.createSocket("127.0.0.1", 4444);
SSLParameters params = s.getSSLParameters();
s.setSSLParameters(params);
PrintWriter out = new PrintWriter(s.getOutputStream(), true);
out.println("Hi, server.");
BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream()));
String x = in.readLine();
System.out.println(x);
System.out.println("Used protocol: " + s.getApplicationProtocol());
out.close();
in.close();
s.close();
} catch (Exception ex) {
ex.printStackTrace();
}
}
public static SSLSocket convertToServerSSLSocket(Socket socket, String commonName, CA ca, InputStream is) throws Exception {
SSLContext sslContext = createSSLContext(commonName, ca);
SSLSocketFactory ssf = sslContext.getSocketFactory();
SSLSocket ssl_socket = (SSLSocket)ssf.createSocket(socket, is, true);
ssl_socket.setUseClientMode(false);
SSLParameters sslp = ssl_socket.getSSLParameters();
String[] serverAPs ={ "h2", "http/1.1", "http/1.0" };
sslp.setApplicationProtocols(serverAPs);
ssl_socket.setSSLParameters(sslp);
ssl_socket.startHandshake();
return ssl_socket;
}
public static SSLSocket convertToClientSSLSocket(Socket socket, String alpn) throws Exception {
SSLSocketFactory ssf = createSSLSocketFactory();
SSLSocket sock = (SSLSocket) ssf.createSocket(socket, null, socket.getPort(), false);
SSLParameters sslp = sock.getSSLParameters();
String[] clientAPs;
if (alpn != null && alpn.length() > 0) {
clientAPs = new String[]{ alpn };
} else {
clientAPs = new String[]{ "h2", "http/1.1", "http/1.0" };
}
sslp.setApplicationProtocols(clientAPs);
sock.setSSLParameters(sslp);
sock.startHandshake();
return sock;
}
public static SSLSocket createClientSSLSocket(InetSocketAddress addr, String alpn) throws Exception {
SSLSocketFactory ssf = createSSLSocketFactory();
SSLSocket sock = (SSLSocket) ssf.createSocket(addr.getAddress(), addr.getPort());
SSLParameters sslp = sock.getSSLParameters();
String[] clientAPs;
if (alpn != null && alpn.length() > 0) {
clientAPs = new String[]{ alpn };
} else {
clientAPs = new String[]{ "h2", "http/1.1", "http/1.0" };
}
sslp.setApplicationProtocols(clientAPs);
sock.setSSLParameters(sslp);
sock.startHandshake();
return sock;
}
static SSLClient init(String host, int port, String cipherSuiteFilter,
String sniHostName) throws NoSuchAlgorithmException, IOException {
SSLContext sslContext = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
SSLParameters params = new SSLParameters();
if (cipherSuiteFilter != null) {
String[] cipherSuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Client: enabled cipher suites: "
+ Arrays.toString(cipherSuites));
params.setCipherSuites(cipherSuites);
}
if (sniHostName != null) {
System.out.println("Client: set SNI hostname: " + sniHostName);
SNIHostName serverName = new SNIHostName(sniHostName);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
params.setServerNames(serverNames);
}
socket.setSSLParameters(params);
return new SSLClient(socket);
}
static SSLClient init(String host, int port, String cipherSuiteFilter,
String sniHostName) throws NoSuchAlgorithmException, IOException {
SSLContext sslContext = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
SSLParameters params = new SSLParameters();
if (cipherSuiteFilter != null) {
String[] cipherSuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Client: enabled cipher suites: "
+ Arrays.toString(cipherSuites));
params.setCipherSuites(cipherSuites);
}
if (sniHostName != null) {
System.out.println("Client: set SNI hostname: " + sniHostName);
SNIHostName serverName = new SNIHostName(sniHostName);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
params.setServerNames(serverNames);
}
socket.setSSLParameters(params);
return new SSLClient(socket);
}
static SSLClient init(String host, int port, String cipherSuiteFilter,
String sniHostName) throws NoSuchAlgorithmException, IOException {
SSLContext sslContext = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
SSLParameters params = new SSLParameters();
if (cipherSuiteFilter != null) {
String[] cipherSuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Client: enabled cipher suites: "
+ Arrays.toString(cipherSuites));
params.setCipherSuites(cipherSuites);
}
if (sniHostName != null) {
System.out.println("Client: set SNI hostname: " + sniHostName);
SNIHostName serverName = new SNIHostName(sniHostName);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
params.setServerNames(serverNames);
}
socket.setSSLParameters(params);
return new SSLClient(socket);
}
public void test_SSLSocket_SNIHostName() throws Exception {
TestSSLContext c = TestSSLContext.create();
final SSLSocket client = (SSLSocket) c.clientContext.getSocketFactory().createSocket();
SSLParameters clientParams = client.getSSLParameters();
clientParams.setServerNames(Collections.singletonList(
(SNIServerName) new SNIHostName("www.example.com")));
client.setSSLParameters(clientParams);
SSLParameters serverParams = c.serverSocket.getSSLParameters();
serverParams.setSNIMatchers(Collections.singletonList(
SNIHostName.createSNIMatcher("www\\.example\\.com")));
c.serverSocket.setSSLParameters(serverParams);
client.connect(new InetSocketAddress(c.host, c.port));
final SSLSocket server = (SSLSocket) c.serverSocket.accept();
ExecutorService executor = Executors.newSingleThreadExecutor();
Future<Void> future = executor.submit(new Callable<Void>() {
@Override public Void call() throws Exception {
client.startHandshake();
return null;
}
});
executor.shutdown();
server.startHandshake();
SSLSession serverSession = server.getSession();
assertTrue(serverSession instanceof ExtendedSSLSession);
ExtendedSSLSession extendedServerSession = (ExtendedSSLSession) serverSession;
List<SNIServerName> requestedNames = extendedServerSession.getRequestedServerNames();
assertNotNull(requestedNames);
assertEquals(1, requestedNames.size());
SNIServerName serverName = requestedNames.get(0);
assertEquals(StandardConstants.SNI_HOST_NAME, serverName.getType());
assertTrue(serverName instanceof SNIHostName);
SNIHostName serverHostName = (SNIHostName) serverName;
assertEquals("www.example.com", serverHostName.getAsciiName());
}
static SSLClient init(String host, int port, String cipherSuiteFilter,
String sniHostName) throws NoSuchAlgorithmException, IOException {
SSLContext sslContext = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
SSLParameters params = new SSLParameters();
if (cipherSuiteFilter != null) {
String[] cipherSuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Client: enabled cipher suites: "
+ Arrays.toString(cipherSuites));
params.setCipherSuites(cipherSuites);
}
if (sniHostName != null) {
System.out.println("Client: set SNI hostname: " + sniHostName);
SNIHostName serverName = new SNIHostName(sniHostName);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
params.setServerNames(serverNames);
}
socket.setSSLParameters(params);
return new SSLClient(socket);
}
static SSLClient init(String host, int port, String cipherSuiteFilter,
String sniHostName) throws NoSuchAlgorithmException, IOException {
SSLContext sslContext = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
SSLParameters params = new SSLParameters();
if (cipherSuiteFilter != null) {
String[] cipherSuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Client: enabled cipher suites: "
+ Arrays.toString(cipherSuites));
params.setCipherSuites(cipherSuites);
}
if (sniHostName != null) {
System.out.println("Client: set SNI hostname: " + sniHostName);
SNIHostName serverName = new SNIHostName(sniHostName);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
params.setServerNames(serverNames);
}
socket.setSSLParameters(params);
return new SSLClient(socket);
}
static SSLClient init(String host, int port, String cipherSuiteFilter,
String sniHostName) throws NoSuchAlgorithmException, IOException {
SSLContext sslContext = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
SSLParameters params = new SSLParameters();
if (cipherSuiteFilter != null) {
String[] cipherSuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Client: enabled cipher suites: "
+ Arrays.toString(cipherSuites));
params.setCipherSuites(cipherSuites);
}
if (sniHostName != null) {
System.out.println("Client: set SNI hostname: " + sniHostName);
SNIHostName serverName = new SNIHostName(sniHostName);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
params.setServerNames(serverNames);
}
socket.setSSLParameters(params);
return new SSLClient(socket);
}
private void overrideHostnameVerificationForClient(Socket socket) {
if (socket instanceof SSLSocket) {
SSLSocket sslSocket = (SSLSocket) socket;
SSLParameters params = sslSocket.getSSLParameters();
if (overrideHostnameVerificationForClient(params)) {
sslSocket.setSSLParameters(params);
}
}
}
public void enableTLSv12UsingSSLParameters() throws UnknownHostException, IOException {
SSLSocketFactory socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket) socketFactory.createSocket(url.trim(), port);
SSLParameters params = new SSLParameters();
params.setProtocols(new String[] { "TLSv1.2" });
sslSocket.setSSLParameters(params);
sslSocket.startHandshake();
handleCommunication(sslSocket, "SSLSocketFactory-SSLParameters");
}
@RequiresApi(api = Build.VERSION_CODES.N)
private static void setHostnameNougat(final SSLSocket socket, final String hostname) {
final SSLParameters parameters = new SSLParameters();
parameters.setServerNames(Collections.singletonList(new SNIHostName(hostname)));
socket.setSSLParameters(parameters);
}
@RequiresApi(api = Build.VERSION_CODES.N)
private static void setHostnameNougat(final SSLSocket socket, final String hostname) {
final SSLParameters parameters = new SSLParameters();
parameters.setServerNames(Collections.singletonList(new SNIHostName(hostname)));
socket.setSSLParameters(parameters);
}