Java Code Examples for javax.net.ssl.SSLSocket#getSupportedCipherSuites()

The following examples show how to use javax.net.ssl.SSLSocket#getSupportedCipherSuites() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ConnectionSpec.java    From styT with Apache License 2.0 6 votes vote down vote up 
/**
 * Returns a copy of this that omits cipher suites and TLS versions not enabled by {@code
 * sslSocket}.
 */
private ConnectionSpec supportedSpec(SSLSocket sslSocket, boolean isFallback) {
  String[] cipherSuitesIntersection = cipherSuites != null
      ? intersect(CipherSuite.ORDER_BY_NAME, sslSocket.getEnabledCipherSuites(), cipherSuites)
      : sslSocket.getEnabledCipherSuites();
  String[] tlsVersionsIntersection = tlsVersions != null
      ? intersect(Util.NATURAL_ORDER, sslSocket.getEnabledProtocols(), tlsVersions)
      : sslSocket.getEnabledProtocols();

  // In accordance with https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00
  // the SCSV cipher is added to signal that a protocol fallback has taken place.
  String[] supportedCipherSuites = sslSocket.getSupportedCipherSuites();
  int indexOfFallbackScsv = indexOf(
      CipherSuite.ORDER_BY_NAME, supportedCipherSuites, "TLS_FALLBACK_SCSV");
  if (isFallback && indexOfFallbackScsv != -1) {
    cipherSuitesIntersection = concat(
        cipherSuitesIntersection, supportedCipherSuites[indexOfFallbackScsv]);
  }

  return new Builder(this)
      .cipherSuites(cipherSuitesIntersection)
      .tlsVersions(tlsVersionsIntersection)
      .build();
}
Example 2
Source File: ConnectionSpec.java    From AndroidProjects with MIT License 6 votes vote down vote up 
/**
 * Returns a copy of this that omits cipher suites and TLS versions not enabled by {@code
 * sslSocket}.
 */
private ConnectionSpec supportedSpec(SSLSocket sslSocket, boolean isFallback) {
  String[] cipherSuitesIntersection = cipherSuites != null
      ? intersect(CipherSuite.ORDER_BY_NAME, sslSocket.getEnabledCipherSuites(), cipherSuites)
      : sslSocket.getEnabledCipherSuites();
  String[] tlsVersionsIntersection = tlsVersions != null
      ? intersect(Util.NATURAL_ORDER, sslSocket.getEnabledProtocols(), tlsVersions)
      : sslSocket.getEnabledProtocols();

  // In accordance with https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00
  // the SCSV cipher is added to signal that a protocol fallback has taken place.
  String[] supportedCipherSuites = sslSocket.getSupportedCipherSuites();
  int indexOfFallbackScsv = indexOf(
      CipherSuite.ORDER_BY_NAME, supportedCipherSuites, "TLS_FALLBACK_SCSV");
  if (isFallback && indexOfFallbackScsv != -1) {
    cipherSuitesIntersection = concat(
        cipherSuitesIntersection, supportedCipherSuites[indexOfFallbackScsv]);
  }

  return new Builder(this)
      .cipherSuites(cipherSuitesIntersection)
      .tlsVersions(tlsVersionsIntersection)
      .build();
}
Example 3
Source File: SslCiphersTest.java    From wildfly-openssl with Apache License 2.0 5 votes vote down vote up 
@Test
public void testCipherSuiteConverter() throws IOException {

    final SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
    for (String cipher : socket.getSupportedCipherSuites()) {
        if (cipher.contains("EMPTY")) {
            continue;
        }
        String openSslCipherSuite = CipherSuiteConverter.toOpenSsl(cipher);
        Assert.assertNotNull(cipher, openSslCipherSuite);
        Assert.assertEquals(cipher, CipherSuiteConverter.toJava(openSslCipherSuite, cipher.substring(0, 3)));
    }
}
Example 4
Source File: SSLSocketTest.java    From j2objc with Apache License 2.0 5 votes vote down vote up 
/**
 * javax.net.ssl.SSLSocket#getSupportedCipherSuites()
 */
public void j2objcNotImplemented_test_getSupportedCipherSuites() throws IOException {
    SSLSocket ssl = getSSLSocket();
    String[] res = ssl.getSupportedCipherSuites();
    assertTrue("no supported cipher suites", res.length > 0);
    ssl.close();
}
Example 5
Source File: SSLUtils.java    From hasting with MIT License 5 votes vote down vote up 
public static void postSSLSocket(SSLSocket socket,int sslmode){
       String[] pwdsuits = socket.getSupportedCipherSuites();  
       socket.setEnabledCipherSuites(pwdsuits);
       if(sslmode == 2){//双向认证  
           socket.setUseClientMode(false);  
           socket.setNeedClientAuth(true);  
       }else{  
           socket.setUseClientMode(true);  
           socket.setWantClientAuth(true);  
       } 
}