Java Code Examples for javax.net.ssl.SSLSession#getCipherSuite()

The following examples show how to use javax.net.ssl.SSLSession#getCipherSuite() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: Handshake.java    From styT with Apache License 2.0 6 votes vote down vote up
public static Handshake get(SSLSession session) {
  String cipherSuiteString = session.getCipherSuite();
  if (cipherSuiteString == null) throw new IllegalStateException("cipherSuite == null");
  CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString);

  String tlsVersionString = session.getProtocol();
  if (tlsVersionString == null) throw new IllegalStateException("tlsVersion == null");
  TlsVersion tlsVersion = TlsVersion.forJavaName(tlsVersionString);

  Certificate[] peerCertificates;
  try {
    peerCertificates = session.getPeerCertificates();
  } catch (SSLPeerUnverifiedException ignored) {
    peerCertificates = null;
  }
  List<Certificate> peerCertificatesList = peerCertificates != null
      ? Util.immutableList(peerCertificates)
      : Collections.<Certificate>emptyList();

  Certificate[] localCertificates = session.getLocalCertificates();
  List<Certificate> localCertificatesList = localCertificates != null
      ? Util.immutableList(localCertificates)
      : Collections.<Certificate>emptyList();

  return new Handshake(tlsVersion, cipherSuite, peerCertificatesList, localCertificatesList);
}
 
Example 2
Source File: TLSSocketFactory.java    From line-sdk-android with Apache License 2.0 6 votes vote down vote up
@Override
public void handshakeCompleted(HandshakeCompletedEvent event) {
    SSLSession session = event.getSession();
    String protocol = session.getProtocol();
    String cipherSuite = session.getCipherSuite();

    Log.d(TAG, "Handshake completed", new Throwable("This is not Error."));
    Log.d(TAG, String.format("Connected with: %s/%s", protocol, cipherSuite));
    String peerName = null;

    try {
        peerName = session.getPeerPrincipal().getName();
    } catch (SSLPeerUnverifiedException e) {
        e.printStackTrace();
    }
    Log.d(TAG, String.format("Peer name: %s\n", peerName));
}
 
Example 3
Source File: Connection.java    From J2ME-Loader with Apache License 2.0 6 votes vote down vote up
@Override
public SecurityInfo getSecurityInfo() throws IOException {
	if (securityInfo == null) {
		SSLSession session = ((SSLSocket) socket).getSession();

		Certificate[] certs = session.getPeerCertificates();
		if (certs.length == 0) {
			throw new IOException();
		}

		securityInfo = new SecurityInfoImpl(
				session.getCipherSuite(),
				session.getProtocol(),
				new CertificateImpl((X509Certificate) certs[0]));
	}

	return securityInfo;
}
 
Example 4
Source File: SocketWrapperBar.java    From baratine with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Returns the secure cipher algorithm.
 */
@Override
public String cipherSuite()
{
  if (! (_s instanceof SSLSocket)) {
    return super.cipherSuite();
  }

  SSLSocket sslSocket = (SSLSocket) _s;
  
  SSLSession sslSession = sslSocket.getSession();
  
  if (sslSession != null) {
    return sslSession.getCipherSuite();
  }
  else {
    return null;
  }
}
 
Example 5
Source File: SocketChannelWrapperBar.java    From baratine with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Returns the secure cipher algorithm.
 */
@Override
public String cipherSuite()
{
  SSLSocket sslSocket = _sslSocket;
  
  if (sslSocket == null) {
    return super.cipherSuite();
  }
  
  SSLSession sslSession = sslSocket.getSession();
  
  if (sslSession != null) {
    return sslSession.getCipherSuite();
  }
  else {
    return null;
  }
}
 
Example 6
Source File: Handshake.java    From AndroidProjects with MIT License 6 votes vote down vote up
public static Handshake get(SSLSession session) {
  String cipherSuiteString = session.getCipherSuite();
  if (cipherSuiteString == null) throw new IllegalStateException("cipherSuite == null");
  CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString);

  String tlsVersionString = session.getProtocol();
  if (tlsVersionString == null) throw new IllegalStateException("tlsVersion == null");
  TlsVersion tlsVersion = TlsVersion.forJavaName(tlsVersionString);

  Certificate[] peerCertificates;
  try {
    peerCertificates = session.getPeerCertificates();
  } catch (SSLPeerUnverifiedException ignored) {
    peerCertificates = null;
  }
  List<Certificate> peerCertificatesList = peerCertificates != null
      ? Util.immutableList(peerCertificates)
      : Collections.<Certificate>emptyList();

  Certificate[] localCertificates = session.getLocalCertificates();
  List<Certificate> localCertificatesList = localCertificates != null
      ? Util.immutableList(localCertificates)
      : Collections.<Certificate>emptyList();

  return new Handshake(tlsVersion, cipherSuite, peerCertificatesList, localCertificatesList);
}
 
Example 7
Source File: InternalChannelz.java    From grpc-nebula-java with Apache License 2.0 5 votes vote down vote up
/**
 * Creates an instance.
 */
public Tls(SSLSession session) {
  String cipherSuiteStandardName = session.getCipherSuite();
  Certificate localCert = null;
  Certificate remoteCert = null;
  Certificate[] localCerts = session.getLocalCertificates();
  if (localCerts != null) {
    localCert = localCerts[0];
  }
  try {
    Certificate[] peerCerts = session.getPeerCertificates();
    if (peerCerts != null) {
      // The javadoc of getPeerCertificate states that the peer's own certificate is the first
      // element of the list.
      remoteCert = peerCerts[0];
    }
  } catch (SSLPeerUnverifiedException e) {
    // peer cert is not available
    log.log(
        Level.FINE,
        String.format("Peer cert not available for peerHost=%s", session.getPeerHost()),
        e);
  }
  this.cipherSuiteStandardName = cipherSuiteStandardName;
  this.localCert = localCert;
  this.remoteCert = remoteCert;
}
 
Example 8
Source File: SslCipherAttribute.java    From quarkus with Apache License 2.0 5 votes vote down vote up
@Override
public String readAttribute(RoutingContext exchange) {
    SSLSession ssl = exchange.request().sslSession();
    if (ssl == null) {
        return null;
    }
    return ssl.getCipherSuite();
}
 
Example 9
Source File: LocalSession.java    From Openfire with Apache License 2.0 5 votes vote down vote up
/**
 * Returns a String representing the Cipher Suite Name, or "NONE".
 * @return String
 */
@Override
public String getCipherSuiteName() {
    SocketConnection s = (SocketConnection)getConnection();
    if (s != null) {
        TLSStreamHandler t = s.getTLSStreamHandler();
        if (t != null) {
            SSLSession ssl = t.getSSLSession();
            if (ssl != null) {
                return ssl.getCipherSuite();
            }
        }
    }
    return "NONE";
}
 
Example 10
Source File: InternalChannelz.java    From grpc-java with Apache License 2.0 5 votes vote down vote up
/**
 * Creates an instance.
 */
public Tls(SSLSession session) {
  String cipherSuiteStandardName = session.getCipherSuite();
  Certificate localCert = null;
  Certificate remoteCert = null;
  Certificate[] localCerts = session.getLocalCertificates();
  if (localCerts != null) {
    localCert = localCerts[0];
  }
  try {
    Certificate[] peerCerts = session.getPeerCertificates();
    if (peerCerts != null) {
      // The javadoc of getPeerCertificate states that the peer's own certificate is the first
      // element of the list.
      remoteCert = peerCerts[0];
    }
  } catch (SSLPeerUnverifiedException e) {
    // peer cert is not available
    log.log(
        Level.FINE,
        String.format("Peer cert not available for peerHost=%s", session.getPeerHost()),
        e);
  }
  this.cipherSuiteStandardName = cipherSuiteStandardName;
  this.localCert = localCert;
  this.remoteCert = remoteCert;
}
 
Example 11
Source File: SSLRequestHelper.java    From deprecated-security-ssl with Apache License 2.0 4 votes vote down vote up
public static SSLInfo getSSLInfo(final Settings settings, final Path configPath, final RestRequest request, PrincipalExtractor principalExtractor) throws SSLPeerUnverifiedException {

        if(request == null || !(request instanceof Netty4HttpRequest)) {
            return null;
        }
        
        final Netty4HttpRequest nettyHttpRequest = (Netty4HttpRequest) request;
        final SslHandler sslhandler = (SslHandler) nettyHttpRequest.getChannel().pipeline().get("ssl_http");
        
        if(sslhandler == null) {
            return null;
        }
        
        final SSLEngine engine = sslhandler.engine();
        final SSLSession session = engine.getSession();

        X509Certificate[] x509Certs = null;
        final String protocol = session.getProtocol();
        final String cipher = session.getCipherSuite();
        String principal = null;
        boolean validationFailure = false;

        if (engine.getNeedClientAuth() || engine.getWantClientAuth()) {

            try {
                final Certificate[] certs = session.getPeerCertificates();

                if (certs != null && certs.length > 0 && certs[0] instanceof X509Certificate) {
                    x509Certs = Arrays.copyOf(certs, certs.length, X509Certificate[].class);
                    final X509Certificate[] x509CertsF = x509Certs;
                    
                    final SecurityManager sm = System.getSecurityManager();

                    if (sm != null) {
                        sm.checkPermission(new SpecialPermission());
                    }

                    validationFailure = AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
                        @Override
                        public Boolean run() {                        
                            return !validate(x509CertsF, settings, configPath);
                        }
                    });

                    if(validationFailure) {
                        throw new SSLPeerUnverifiedException("Unable to validate certificate (CRL)");
                    }
                    principal = principalExtractor == null?null: principalExtractor.extractPrincipal(x509Certs[0], Type.HTTP);
                } else if (engine.getNeedClientAuth()) {
                    final ElasticsearchException ex = new ElasticsearchException("No client certificates found but such are needed (Security 9).");
                    throw ex;
                }

            } catch (final SSLPeerUnverifiedException e) {
                if (engine.getNeedClientAuth() || validationFailure) {
                    throw e;
                }
            }
        }

        Certificate[] localCerts = session.getLocalCertificates();
        return new SSLInfo(x509Certs, principal, protocol, cipher, localCerts==null?null:Arrays.copyOf(localCerts, localCerts.length, X509Certificate[].class));
    }
 
Example 12
Source File: NonBlockingConnectionTLSDelegate.java    From qpid-broker-j with Apache License 2.0 4 votes vote down vote up
@Override
public String getTransportInfo()
{
    SSLSession session = _sslEngine.getSession();
    return session.getProtocol() + " ; " + session.getCipherSuite() ;
}
 
Example 13
Source File: RecordedRequest.java    From j2objc with Apache License 2.0 4 votes vote down vote up
public RecordedRequest(String requestLine, List<String> headers, List<Integer> chunkSizes,
        int bodySize, byte[] body, int sequenceNumber, Socket socket) {
    this.requestLine = requestLine;
    this.headers = headers;
    this.chunkSizes = chunkSizes;
    this.bodySize = bodySize;
    this.body = body;
    this.sequenceNumber = sequenceNumber;

    if (socket instanceof SSLSocket) {
        SSLSocket sslSocket = (SSLSocket) socket;
        SSLSession session = sslSocket.getSession();
        sslProtocol = session.getProtocol();
        sslCipherSuite = session.getCipherSuite();
        sslLocalPrincipal = session.getLocalPrincipal();
        sslLocalCertificates = session.getLocalCertificates();
        Principal peerPrincipal = null;
        Certificate[] peerCertificates = null;
        try {
            peerPrincipal = session.getPeerPrincipal();
            peerCertificates = session.getPeerCertificates();
        } catch (SSLPeerUnverifiedException e) {
            // No-op: use nulls instead
        }
        sslPeerPrincipal = peerPrincipal;
        sslPeerCertificates = peerCertificates;
    } else {
        sslProtocol = null;
        sslCipherSuite = null;
        sslLocalPrincipal = null;
        sslLocalCertificates = null;
        sslPeerPrincipal = null;
        sslPeerCertificates = null;
    }

    if (requestLine != null) {
        int methodEnd = requestLine.indexOf(' ');
        int pathEnd = requestLine.indexOf(' ', methodEnd + 1);
        this.method = requestLine.substring(0, methodEnd);
        this.path = requestLine.substring(methodEnd + 1, pathEnd);
    } else {
        this.method = null;
        this.path = null;
    }
}