Java Code Examples for javax.net.ssl.SSLContext#getDefault()
The following examples show how to use
javax.net.ssl.SSLContext#getDefault() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ServerIdentityTest.java From openjdk-jdk9 with GNU General Public License v2.0 | 7 votes |
|
private static void initialize(String[] args) throws Exception {
keystore = args[0];
hostname = args[1];
String password = "changeit";
String keyFilename =
System.getProperty("test.src", ".") + "/" + keystore;
String trustFilename =
System.getProperty("test.src", ".") + "/" + keystore;
System.setProperty("javax.net.ssl.keyStore", keyFilename);
System.setProperty("javax.net.ssl.keyStorePassword", password);
System.setProperty("javax.net.ssl.trustStore", trustFilename);
System.setProperty("javax.net.ssl.trustStorePassword", password);
context = SSLContext.getDefault();
HttpsURLConnection.setDefaultSSLSocketFactory(
context.getSocketFactory());
}
Example 2
| Source File: SdkTlsSocketFactoryTest.java From aws-sdk-java-v2 with Apache License 2.0 | 6 votes |
|
@Test
public void typical() throws NoSuchAlgorithmException, IOException {
SdkTlsSocketFactory f = new SdkTlsSocketFactory(SSLContext.getDefault(), null);
try (SSLSocket socket = new TestSSLSocket() {
@Override
public String[] getSupportedProtocols() {
return shuffle(new String[] {"SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"});
}
@Override
public String[] getEnabledProtocols() {
return shuffle(new String[] {"SSLv3", "TLSv1"});
}
@Override
public void setEnabledProtocols(String[] protocols) {
assertTrue(Arrays.equals(protocols, new String[] {"TLSv1.2", "TLSv1.1", "TLSv1", "SSLv3"}));
}
}) {
f.prepareSocket(socket);
}
}
Example 3
| Source File: SdkTlsSocketFactoryTest.java From aws-sdk-java-v2 with Apache License 2.0 | 6 votes |
|
/**
* Test when the edge case when the both supported and enabled protocols are null.
*/
@Test
public void preparedSocket_NullProtocols() throws NoSuchAlgorithmException, IOException {
SdkTlsSocketFactory f = new SdkTlsSocketFactory(SSLContext.getDefault(), null);
try (SSLSocket socket = new TestSSLSocket() {
@Override
public String[] getSupportedProtocols() {
return null;
}
@Override
public String[] getEnabledProtocols() {
return null;
}
@Override
public void setEnabledProtocols(String[] protocols) {
fail();
}
}) {
f.prepareSocket(socket);
}
}
Example 4
| Source File: SdkTLSSocketFactoryTest.java From ibm-cos-sdk-java with Apache License 2.0 | 6 votes |
|
@Test
public void typical() throws NoSuchAlgorithmException {
SdkTLSSocketFactory f = new SdkTLSSocketFactory(SSLContext.getDefault(), null);
f.prepareSocket(new TestSSLSocket() {
@Override
public String[] getSupportedProtocols() {
return shuffle(new String[]{"SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"});
}
@Override
public String[] getEnabledProtocols() {
return shuffle(new String[]{"SSLv3", "TLSv1"});
}
@Override
public void setEnabledProtocols(String[] protocols) {
assertTrue(Arrays.equals(protocols, new String[] {"TLSv1.2", "TLSv1.1", "TLSv1", "SSLv3" }));
}
});
}
Example 5
| Source File: TLSClientPropertyTest.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* The parameter passed is the user enforced protocol. Does not catch
* NoSuchAlgorithmException, WrongProperty test will use it.
*/
public void test(String expectedContextProto,
String[] expectedDefaultProtos) throws NoSuchAlgorithmException {
SSLContext context = null;
try {
if (expectedContextProto != null) {
context = SSLContext.getInstance(expectedContextProto);
context.init(null, null, null);
} else {
context = SSLContext.getDefault();
}
printContextDetails(context);
} catch (KeyManagementException ex) {
error(null, ex);
}
validateContext(expectedContextProto, expectedDefaultProtos, context);
}
Example 6
| Source File: AcceptLargeFragments.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
public static void main (String[] args) throws Exception {
SSLContext context = SSLContext.getDefault();
// set the property before initialization SSLEngine.
System.setProperty("jsse.SSLEngine.acceptLargeFragments", "true");
SSLEngine cliEngine = context.createSSLEngine();
cliEngine.setUseClientMode(true);
SSLEngine srvEngine = context.createSSLEngine();
srvEngine.setUseClientMode(false);
SSLSession cliSession = cliEngine.getSession();
SSLSession srvSession = srvEngine.getSession();
// check packet buffer sizes.
if (cliSession.getPacketBufferSize() < 33049 ||
srvSession.getPacketBufferSize() < 33049) {
throw new Exception("Don't accept large SSL/TLS fragments");
}
// check application data buffer sizes.
if (cliSession.getApplicationBufferSize() < 32768 ||
srvSession.getApplicationBufferSize() < 32768) {
throw new Exception(
"Don't accept large SSL/TLS application data ");
}
}
Example 7
| Source File: AcceptLargeFragments.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
public static void main (String[] args) throws Exception {
SSLContext context = SSLContext.getDefault();
// set the property before initialization SSLEngine.
System.setProperty("jsse.SSLEngine.acceptLargeFragments", "true");
SSLEngine cliEngine = context.createSSLEngine();
cliEngine.setUseClientMode(true);
SSLEngine srvEngine = context.createSSLEngine();
srvEngine.setUseClientMode(false);
SSLSession cliSession = cliEngine.getSession();
SSLSession srvSession = srvEngine.getSession();
// check packet buffer sizes.
if (cliSession.getPacketBufferSize() < 33049 ||
srvSession.getPacketBufferSize() < 33049) {
throw new Exception("Don't accept large SSL/TLS fragments");
}
// check application data buffer sizes.
if (cliSession.getApplicationBufferSize() < 32768 ||
srvSession.getApplicationBufferSize() < 32768) {
throw new Exception(
"Don't accept large SSL/TLS application data ");
}
}
Example 8
| Source File: UnboundSSLUtils.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
|
static SSLClient init(String host, int port, String cipherSuiteFilter,
String sniHostName) throws NoSuchAlgorithmException, IOException {
SSLContext sslContext = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
SSLParameters params = new SSLParameters();
if (cipherSuiteFilter != null) {
String[] cipherSuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Client: enabled cipher suites: "
+ Arrays.toString(cipherSuites));
params.setCipherSuites(cipherSuites);
}
if (sniHostName != null) {
System.out.println("Client: set SNI hostname: " + sniHostName);
SNIHostName serverName = new SNIHostName(sniHostName);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
params.setServerNames(serverNames);
}
socket.setSSLParameters(params);
return new SSLClient(socket);
}
Example 9
| Source File: DisabledAlgorithms.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
static SSLClient init(int port, String ciphersuite)
throws NoSuchAlgorithmException, IOException {
SSLContext context = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory)
context.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket("localhost", port);
if (ciphersuite != null) {
System.out.println("Client: enable cipher suite: "
+ ciphersuite);
socket.setEnabledCipherSuites(new String[] { ciphersuite });
}
return new SSLClient(socket);
}
Example 10
| Source File: JNDIRealm.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* @return the list of supported ssl protocols by the default
* {@link SSLContext}
*/
private String[] getSupportedSslProtocols() {
try {
SSLContext sslContext = SSLContext.getDefault();
return sslContext.getSupportedSSLParameters().getProtocols();
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(sm.getString("jndiRealm.exception"), e);
}
}
Example 11
| Source File: AcceptLargeFragments.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
public static void main (String[] args) throws Exception {
SSLContext context = SSLContext.getDefault();
// set the property before initialization SSLEngine.
System.setProperty("jsse.SSLEngine.acceptLargeFragments", "true");
SSLEngine cliEngine = context.createSSLEngine();
cliEngine.setUseClientMode(true);
SSLEngine srvEngine = context.createSSLEngine();
srvEngine.setUseClientMode(false);
SSLSession cliSession = cliEngine.getSession();
SSLSession srvSession = srvEngine.getSession();
// check packet buffer sizes.
if (cliSession.getPacketBufferSize() < 33049 ||
srvSession.getPacketBufferSize() < 33049) {
throw new Exception("Don't accept large SSL/TLS fragments");
}
// check application data buffer sizes.
if (cliSession.getApplicationBufferSize() < 32768 ||
srvSession.getApplicationBufferSize() < 32768) {
throw new Exception(
"Don't accept large SSL/TLS application data ");
}
}
Example 12
| Source File: SimpleBlockingClient.java From tls-channel with MIT License | 5 votes |
|
public static void main(String[] args) throws IOException, NoSuchAlgorithmException {
// initialize the SSLContext, a configuration holder, reusable object
SSLContext sslContext = SSLContext.getDefault();
// connect raw socket channel normally
try (SocketChannel rawChannel = SocketChannel.open()) {
rawChannel.connect(new InetSocketAddress(domain, 443));
// create TlsChannel builder, combining the raw channel and the SSLEngine, using minimal
// options
ClientTlsChannel.Builder builder = ClientTlsChannel.newBuilder(rawChannel, sslContext);
// instantiate TlsChannel
try (TlsChannel tlsChannel = builder.build()) {
// do HTTP interaction and print result
tlsChannel.write(ByteBuffer.wrap(httpLine.getBytes(StandardCharsets.US_ASCII)));
ByteBuffer res = ByteBuffer.allocate(10000);
// being HTTP 1.0, the server will just close the connection at the end
while (tlsChannel.read(res) != -1) ;
res.flip();
System.out.println(utf8.decode(res).toString());
}
}
}
Example 13
| Source File: UnboundSSLUtils.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
static SSLEchoServer init(String cipherSuiteFilter,
String sniPattern) throws NoSuchAlgorithmException, IOException {
SSLContext context = SSLContext.getDefault();
SSLServerSocketFactory ssf =
(SSLServerSocketFactory) context.getServerSocketFactory();
SSLServerSocket ssocket =
(SSLServerSocket) ssf.createServerSocket(0);
// specify enabled cipher suites
if (cipherSuiteFilter != null) {
String[] ciphersuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Server: enabled cipher suites: "
+ Arrays.toString(ciphersuites));
ssocket.setEnabledCipherSuites(ciphersuites);
}
// specify SNI matcher pattern
if (sniPattern != null) {
System.out.println("Server: set SNI matcher: " + sniPattern);
SNIMatcher matcher = SNIHostName.createSNIMatcher(sniPattern);
List<SNIMatcher> matchers = new ArrayList<>();
matchers.add(matcher);
SSLParameters params = ssocket.getSSLParameters();
params.setSNIMatchers(matchers);
ssocket.setSSLParameters(params);
}
return new SSLEchoServer(ssocket);
}
Example 14
| Source File: AcceptLargeFragments.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
public static void main (String[] args) throws Exception {
SSLContext context = SSLContext.getDefault();
// set the property before initialization SSLEngine.
System.setProperty("jsse.SSLEngine.acceptLargeFragments", "true");
SSLEngine cliEngine = context.createSSLEngine();
cliEngine.setUseClientMode(true);
SSLEngine srvEngine = context.createSSLEngine();
srvEngine.setUseClientMode(false);
SSLSession cliSession = cliEngine.getSession();
SSLSession srvSession = srvEngine.getSession();
// check packet buffer sizes.
if (cliSession.getPacketBufferSize() < 33049 ||
srvSession.getPacketBufferSize() < 33049) {
throw new Exception("Don't accept large SSL/TLS fragments");
}
// check application data buffer sizes.
if (cliSession.getApplicationBufferSize() < 32768 ||
srvSession.getApplicationBufferSize() < 32768) {
throw new Exception(
"Don't accept large SSL/TLS application data ");
}
}
Example 15
| Source File: JdbcThinConnectionSSLTest.java From ignite with Apache License 2.0 | 5 votes |
|
/**
* @throws Exception If failed.
*/
@Test
public void testDefaultContext() throws Exception {
// Store exists default SSL context to restore after test.
final SSLContext dfltSslCtx = SSLContext.getDefault();
// Setup default context
SSLContext.setDefault(getTestSslContextFactory().create());
setSslCtxFactoryToCli = true;
// Factory return default SSL context
sslCtxFactory = new Factory<SSLContext>() {
@Override public SSLContext create() {
try {
return SSLContext.getDefault();
}
catch (NoSuchAlgorithmException e) {
throw new IgniteException(e);
}
}
};
startGrids(1);
try (Connection conn = DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require")) {
checkConnection(conn);
}
finally {
stopAllGrids();
// Restore SSL context.
SSLContext.setDefault(dfltSslCtx);
}
}
Example 16
| Source File: AcceptLargeFragments.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
|
public static void main (String[] args) throws Exception {
SSLContext context = SSLContext.getDefault();
// set the property before initialization SSLEngine.
System.setProperty("jsse.SSLEngine.acceptLargeFragments", "true");
SSLEngine cliEngine = context.createSSLEngine();
cliEngine.setUseClientMode(true);
SSLEngine srvEngine = context.createSSLEngine();
srvEngine.setUseClientMode(false);
SSLSession cliSession = cliEngine.getSession();
SSLSession srvSession = srvEngine.getSession();
// check packet buffer sizes.
if (cliSession.getPacketBufferSize() < 33049 ||
srvSession.getPacketBufferSize() < 33049) {
throw new Exception("Don't accept large SSL/TLS fragments");
}
// check application data buffer sizes.
if (cliSession.getApplicationBufferSize() < 32768 ||
srvSession.getApplicationBufferSize() < 32768) {
throw new Exception(
"Don't accept large SSL/TLS application data ");
}
}
Example 17
| Source File: UnboundSSLUtils.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
static SSLEchoServer init(String cipherSuiteFilter,
String sniPattern) throws NoSuchAlgorithmException, IOException {
SSLContext context = SSLContext.getDefault();
SSLServerSocketFactory ssf =
(SSLServerSocketFactory) context.getServerSocketFactory();
SSLServerSocket ssocket =
(SSLServerSocket) ssf.createServerSocket(0);
// specify enabled cipher suites
if (cipherSuiteFilter != null) {
String[] ciphersuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Server: enabled cipher suites: "
+ Arrays.toString(ciphersuites));
ssocket.setEnabledCipherSuites(ciphersuites);
}
// specify SNI matcher pattern
if (sniPattern != null) {
System.out.println("Server: set SNI matcher: " + sniPattern);
SNIMatcher matcher = SNIHostName.createSNIMatcher(sniPattern);
List<SNIMatcher> matchers = new ArrayList<>();
matchers.add(matcher);
SSLParameters params = ssocket.getSSLParameters();
params.setSNIMatchers(matchers);
ssocket.setSSLParameters(params);
}
return new SSLEchoServer(ssocket);
}
Example 18
| Source File: SlaveConnectionManagerTest.java From pentaho-kettle with Apache License 2.0 | 4 votes |
|
@Before
public void setUp() throws Exception {
SlaveConnectionManager.reset();
defaultContext = SSLContext.getDefault();
}
Example 19
| Source File: KeyStoreAwareSocketFactory.java From ribbon with Apache License 2.0 | 4 votes |
|
public KeyStoreAwareSocketFactory(X509HostnameVerifier hostnameVerifier) throws NoSuchAlgorithmException, KeyStoreException{
super(SSLContext.getDefault(), hostnameVerifier);
this.keyStore = null;
this.trustStore = null;
}
Example 20
| Source File: SSLContexts.java From java-android-websocket-client with Apache License 2.0 | 3 votes |
|
/**
* Creates default SSL context based on system properties. This method obtains
* default SSL context by calling {@code SSLContext.getInstance("Default")}.
* Please note that {@code Default} algorithm is supported as of Java 6.
* This method will fall back onto {@link #createDefault()} when
* {@code Default} algorithm is not available.
*
* @return default system SSL context
*/
public static SSLContext createSystemDefault() throws SSLInitializationException {
try {
return SSLContext.getDefault();
} catch (final NoSuchAlgorithmException ex) {
return createDefault();
}
}
