Java Code Examples for javax.net.ssl.SSLSession#getProtocol()

The following examples show how to use javax.net.ssl.SSLSession#getProtocol() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: Handshake.java    From styT with Apache License 2.0 6 votes vote down vote up
public static Handshake get(SSLSession session) {
  String cipherSuiteString = session.getCipherSuite();
  if (cipherSuiteString == null) throw new IllegalStateException("cipherSuite == null");
  CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString);

  String tlsVersionString = session.getProtocol();
  if (tlsVersionString == null) throw new IllegalStateException("tlsVersion == null");
  TlsVersion tlsVersion = TlsVersion.forJavaName(tlsVersionString);

  Certificate[] peerCertificates;
  try {
    peerCertificates = session.getPeerCertificates();
  } catch (SSLPeerUnverifiedException ignored) {
    peerCertificates = null;
  }
  List<Certificate> peerCertificatesList = peerCertificates != null
      ? Util.immutableList(peerCertificates)
      : Collections.<Certificate>emptyList();

  Certificate[] localCertificates = session.getLocalCertificates();
  List<Certificate> localCertificatesList = localCertificates != null
      ? Util.immutableList(localCertificates)
      : Collections.<Certificate>emptyList();

  return new Handshake(tlsVersion, cipherSuite, peerCertificatesList, localCertificatesList);
}
 
Example 2
Source File: TLSSocketFactory.java    From line-sdk-android with Apache License 2.0 6 votes vote down vote up
@Override
public void handshakeCompleted(HandshakeCompletedEvent event) {
    SSLSession session = event.getSession();
    String protocol = session.getProtocol();
    String cipherSuite = session.getCipherSuite();

    Log.d(TAG, "Handshake completed", new Throwable("This is not Error."));
    Log.d(TAG, String.format("Connected with: %s/%s", protocol, cipherSuite));
    String peerName = null;

    try {
        peerName = session.getPeerPrincipal().getName();
    } catch (SSLPeerUnverifiedException e) {
        e.printStackTrace();
    }
    Log.d(TAG, String.format("Peer name: %s\n", peerName));
}
 
Example 3
Source File: Connection.java    From J2ME-Loader with Apache License 2.0 6 votes vote down vote up
@Override
public SecurityInfo getSecurityInfo() throws IOException {
	if (securityInfo == null) {
		SSLSession session = ((SSLSocket) socket).getSession();

		Certificate[] certs = session.getPeerCertificates();
		if (certs.length == 0) {
			throw new IOException();
		}

		securityInfo = new SecurityInfoImpl(
				session.getCipherSuite(),
				session.getProtocol(),
				new CertificateImpl((X509Certificate) certs[0]));
	}

	return securityInfo;
}
 
Example 4
Source File: SocketChannelWrapperBar.java    From baratine with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Returns the secure cipher algorithm.
 */
@Override
public String secureProtocol()
{
  SSLSocket sslSocket = _sslSocket;
  
  if (sslSocket == null) {
    return super.secureProtocol();
  }
  
  SSLSession sslSession = sslSocket.getSession();
  
  if (sslSession != null) {
    return sslSession.getProtocol();
  }
  else {
    return null;
  }
}
 
Example 5
Source File: Handshake.java    From AndroidProjects with MIT License 6 votes vote down vote up
public static Handshake get(SSLSession session) {
  String cipherSuiteString = session.getCipherSuite();
  if (cipherSuiteString == null) throw new IllegalStateException("cipherSuite == null");
  CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString);

  String tlsVersionString = session.getProtocol();
  if (tlsVersionString == null) throw new IllegalStateException("tlsVersion == null");
  TlsVersion tlsVersion = TlsVersion.forJavaName(tlsVersionString);

  Certificate[] peerCertificates;
  try {
    peerCertificates = session.getPeerCertificates();
  } catch (SSLPeerUnverifiedException ignored) {
    peerCertificates = null;
  }
  List<Certificate> peerCertificatesList = peerCertificates != null
      ? Util.immutableList(peerCertificates)
      : Collections.<Certificate>emptyList();

  Certificate[] localCertificates = session.getLocalCertificates();
  List<Certificate> localCertificatesList = localCertificates != null
      ? Util.immutableList(localCertificates)
      : Collections.<Certificate>emptyList();

  return new Handshake(tlsVersion, cipherSuite, peerCertificatesList, localCertificatesList);
}
 
Example 6
Source File: SSLRequestHelper.java    From deprecated-security-ssl with Apache License 2.0 4 votes vote down vote up
public static SSLInfo getSSLInfo(final Settings settings, final Path configPath, final RestRequest request, PrincipalExtractor principalExtractor) throws SSLPeerUnverifiedException {

        if(request == null || !(request instanceof Netty4HttpRequest)) {
            return null;
        }
        
        final Netty4HttpRequest nettyHttpRequest = (Netty4HttpRequest) request;
        final SslHandler sslhandler = (SslHandler) nettyHttpRequest.getChannel().pipeline().get("ssl_http");
        
        if(sslhandler == null) {
            return null;
        }
        
        final SSLEngine engine = sslhandler.engine();
        final SSLSession session = engine.getSession();

        X509Certificate[] x509Certs = null;
        final String protocol = session.getProtocol();
        final String cipher = session.getCipherSuite();
        String principal = null;
        boolean validationFailure = false;

        if (engine.getNeedClientAuth() || engine.getWantClientAuth()) {

            try {
                final Certificate[] certs = session.getPeerCertificates();

                if (certs != null && certs.length > 0 && certs[0] instanceof X509Certificate) {
                    x509Certs = Arrays.copyOf(certs, certs.length, X509Certificate[].class);
                    final X509Certificate[] x509CertsF = x509Certs;
                    
                    final SecurityManager sm = System.getSecurityManager();

                    if (sm != null) {
                        sm.checkPermission(new SpecialPermission());
                    }

                    validationFailure = AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
                        @Override
                        public Boolean run() {                        
                            return !validate(x509CertsF, settings, configPath);
                        }
                    });

                    if(validationFailure) {
                        throw new SSLPeerUnverifiedException("Unable to validate certificate (CRL)");
                    }
                    principal = principalExtractor == null?null: principalExtractor.extractPrincipal(x509Certs[0], Type.HTTP);
                } else if (engine.getNeedClientAuth()) {
                    final ElasticsearchException ex = new ElasticsearchException("No client certificates found but such are needed (Security 9).");
                    throw ex;
                }

            } catch (final SSLPeerUnverifiedException e) {
                if (engine.getNeedClientAuth() || validationFailure) {
                    throw e;
                }
            }
        }

        Certificate[] localCerts = session.getLocalCertificates();
        return new SSLInfo(x509Certs, principal, protocol, cipher, localCerts==null?null:Arrays.copyOf(localCerts, localCerts.length, X509Certificate[].class));
    }
 
Example 7
Source File: NonBlockingConnectionTLSDelegate.java    From qpid-broker-j with Apache License 2.0 4 votes vote down vote up
@Override
public String getTransportInfo()
{
    SSLSession session = _sslEngine.getSession();
    return session.getProtocol() + " ; " + session.getCipherSuite() ;
}
 
Example 8
Source File: RecordedRequest.java    From j2objc with Apache License 2.0 4 votes vote down vote up
public RecordedRequest(String requestLine, List<String> headers, List<Integer> chunkSizes,
        int bodySize, byte[] body, int sequenceNumber, Socket socket) {
    this.requestLine = requestLine;
    this.headers = headers;
    this.chunkSizes = chunkSizes;
    this.bodySize = bodySize;
    this.body = body;
    this.sequenceNumber = sequenceNumber;

    if (socket instanceof SSLSocket) {
        SSLSocket sslSocket = (SSLSocket) socket;
        SSLSession session = sslSocket.getSession();
        sslProtocol = session.getProtocol();
        sslCipherSuite = session.getCipherSuite();
        sslLocalPrincipal = session.getLocalPrincipal();
        sslLocalCertificates = session.getLocalCertificates();
        Principal peerPrincipal = null;
        Certificate[] peerCertificates = null;
        try {
            peerPrincipal = session.getPeerPrincipal();
            peerCertificates = session.getPeerCertificates();
        } catch (SSLPeerUnverifiedException e) {
            // No-op: use nulls instead
        }
        sslPeerPrincipal = peerPrincipal;
        sslPeerCertificates = peerCertificates;
    } else {
        sslProtocol = null;
        sslCipherSuite = null;
        sslLocalPrincipal = null;
        sslLocalCertificates = null;
        sslPeerPrincipal = null;
        sslPeerCertificates = null;
    }

    if (requestLine != null) {
        int methodEnd = requestLine.indexOf(' ');
        int pathEnd = requestLine.indexOf(' ', methodEnd + 1);
        this.method = requestLine.substring(0, methodEnd);
        this.path = requestLine.substring(methodEnd + 1, pathEnd);
    } else {
        this.method = null;
        this.path = null;
    }
}