Java Code Examples for javax.net.ssl.SSLContext#getSocketFactory()

The following examples show how to use javax.net.ssl.SSLContext#getSocketFactory() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SSLUtils.java    From ssltest with Apache License 2.0 6 votes vote down vote up
/**
     * Creates an SSLSocketFactory that supports only the specified protocols
     * and ciphers.
     */
    public static SSLSocketFactory getSSLSocketFactory(String protocol,
                                                       String[] sslEnabledProtocols,
                                                       String[] sslCipherSuites,
                                                       SecureRandom random,
                                                       TrustManager[] tms,
                                                       KeyManager[] kms)
        throws NoSuchAlgorithmException, KeyManagementException
    {
        SSLContext sc = SSLContext.getInstance(protocol);

//        System.out.println("Wanted protocol: " + protocol);
//        System.out.println("Got protocol:    " + sc.getProtocol());

        sc.init(kms, tms, random);

        SSLSocketFactory sf = sc.getSocketFactory();

        if(null != sslEnabledProtocols
           || null != sslCipherSuites)
            sf = new CustomSSLSocketFactory(sf,
                                            sslEnabledProtocols,
                                            sslCipherSuites);

        return sf;
    }
 
Example 2
Source File: HttpsUtils.java    From styT with Apache License 2.0 6 votes vote down vote up
public static SSLParams getSslSocketFactory(InputStream[] certificates, InputStream bksFile, String password) {
    SSLParams sslParams = new SSLParams();
    try {
        TrustManager[] trustManagers = prepareTrustManager(certificates);
        KeyManager[] keyManagers = prepareKeyManager(bksFile, password);
        SSLContext sslContext = SSLContext.getInstance("TLS");
        X509TrustManager trustManager = null;
        if (trustManagers != null) {
            trustManager = new MyTrustManager(chooseTrustManager(trustManagers));
        } else {
            trustManager = new UnSafeTrustManager();
        }
        sslContext.init(keyManagers, new TrustManager[]{trustManager}, null);
        sslParams.sSLSocketFactory = sslContext.getSocketFactory();
        sslParams.trustManager = trustManager;
        return sslParams;
    } catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException e) {
        throw new AssertionError(e);
    }
}
 
Example 3
Source File: SslUtils.java    From ats-framework with Apache License 2.0 6 votes vote down vote up
/**
 * @param host the host
 * @param port the port
 * 
 * @return array with all server-side certificates obtained from direct socket connection
 */
public static synchronized Certificate[] getCertificatesFromSocket( String host, String port ) {

    TrustManager[] trustAllCerts = new TrustManager[]{ new DefaultTrustManager() {} };

    try {
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
        final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

        SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(host, Integer.valueOf(port));
        sslSocket.startHandshake();
        return sslSocket.getSession().getPeerCertificates();
    } catch (Exception e) {
        throw new RuntimeException("Could not get certificate of secure socket to " + host + ":" + port + ".!", e);
    }
}
 
Example 4
Source File: BasicSslSocketFactory.java    From ats-framework with Apache License 2.0 5 votes vote down vote up
/**
 *
 * @throws SecurityException if the {@link SSLSocketFactory} instantiation failed
 */
public BasicSslSocketFactory() {

    try {
        SSLContext sslcontext = SSLContext.getInstance("TLS");
        sslcontext.init(null, new TrustManager[]{ new BasicTrustManager() }, null);
        factory = sslcontext.getSocketFactory();
    } catch (Exception e) {
        throw new SecurityException("Failed to instantiate SSLSocketFactory", e);
    }
}
 
Example 5
Source File: DisabledAlgorithms.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
static SSLClient init(int port, String ciphersuite)
        throws NoSuchAlgorithmException, IOException {
    SSLContext context = SSLContext.getDefault();
    SSLSocketFactory ssf = (SSLSocketFactory)
            context.getSocketFactory();
    SSLSocket socket = (SSLSocket) ssf.createSocket("localhost", port);

    if (ciphersuite != null) {
        System.out.println("Client: enable cipher suite: "
                + ciphersuite);
        socket.setEnabledCipherSuites(new String[] { ciphersuite });
    }

    return new SSLClient(socket);
}
 
Example 6
Source File: TrustAllTrustManager.java    From Javacord with Apache License 2.0 5 votes vote down vote up
/**
 * Creates a new SSL socket factory that generates SSL sockets that trust all certificates unconditionally.
 *
 * @return A new SSL socket factory that generates SSL sockets that trust all certificates unconditionally.
 */
public SSLSocketFactory createSslSocketFactory() {
    try {
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(null, new TrustManager[]{this}, null);
        return sslContext.getSocketFactory();
    } catch (NoSuchAlgorithmException | KeyManagementException e) {
        throw new AssertionError(e);
    }
}
 
Example 7
Source File: JSSEClient.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    System.out.println("Client: arguments=" + String.join("; ", args));

    int port = Integer.valueOf(args[0]);
    String[] trustNames = args[1].split(TLSRestrictions.DELIMITER);
    String[] certNames = args[2].split(TLSRestrictions.DELIMITER);
    String constraint = args[3];

    TLSRestrictions.setConstraint("Client", constraint);

    SSLContext context = TLSRestrictions.createSSLContext(
            trustNames, certNames);
    SSLSocketFactory socketFactory = context.getSocketFactory();
    try (SSLSocket socket = (SSLSocket) socketFactory.createSocket()) {
        socket.connect(new InetSocketAddress("localhost", port),
                TLSRestrictions.TIMEOUT);
        socket.setSoTimeout(TLSRestrictions.TIMEOUT);
        System.out.println("Client: connected");

        InputStream sslIS = socket.getInputStream();
        OutputStream sslOS = socket.getOutputStream();
        sslOS.write('C');
        sslOS.flush();
        sslIS.read();
        System.out.println("Client: finished");
    } catch (Exception e) {
        throw new RuntimeException("Client: failed.", e);
    }
}
 
Example 8
Source File: HttpClientFactory.java    From teamcity-oauth with Apache License 2.0 5 votes vote down vote up
private static SSLSocketFactory createInsecureSslSocketFactory() {
    try {
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, new TrustManager[]{new AcceptEverythingTrustManager()}, null);
        return context.getSocketFactory();
    } catch (Exception e) {
        throw new AssertionError(e);
    }
}
 
Example 9
Source File: Https.java    From xian with Apache License 2.0 5 votes vote down vote up
public static SSLSocketFactory getSslSocketFactory(InputStream cerIn, String storePass) {
	SSLSocketFactory sslSocketFactory = null;
	try {
		TrustManager[] trustManagers = prepareTrustManager(cerIn, storePass);
		X509TrustManager manager;

		// 优先使用自定义的证书管理器
		if (trustManagers != null) {
			manager = chooseTrustManager(trustManagers);
			LOG.debug("---https访问,使用自定义证书---");
		} else {
			// 否则使用无证书认证的证书管理器
			manager = UnSafeTrustManager;
			LOG.debug("---https访问,无证书---");
		}
		// 创建TLS类型的SSLContext对象
		SSLContext sslContext = SSLContext.getInstance("TLS");
		// 用上面得到的trustManagers初始化SSLContext,这样sslContext就会信任keyStore中的证书
		// 第一个参数是授权的密钥管理器,用来授权验证,比如授权自签名的证书验证。第二个是被授权的证书管理器,用来验证服务器端的证书
		sslContext.init(null, new TrustManager[] { manager }, null);
		// 通过sslContext获取SSLSocketFactory对象
		sslSocketFactory = sslContext.getSocketFactory();
		return sslSocketFactory;
	} catch (Exception e) {
		//LOG.error("--证书加载出错-", e);
		throw new RuntimeException("证书信息加载错误");
	}
}
 
Example 10
Source File: NetUtil.java    From rapidoid with Apache License 2.0 5 votes vote down vote up
private static SSLSocket sslSocket(String address, int port, int timeout) throws Exception {
	SSLContext sc = TLSUtil.createTrustingContext();
	SSLSocketFactory ssf = sc.getSocketFactory();
	SSLSocket socket = (SSLSocket) ssf.createSocket(address, port);
	socket.setSoTimeout(timeout);
	socket.startHandshake();
	return socket;
}
 
Example 11
Source File: SocketDataPort.java    From nats.java with Apache License 2.0 5 votes vote down vote up
/**
 * Upgrade the port to SSL. If it is already secured, this is a no-op.
 * If the data port type doesn't support SSL it should throw an exception.
 */
public void upgradeToSecure() throws IOException {
    Options options = this.connection.getOptions();
    SSLContext context = options.getSslContext();
    
    SSLSocketFactory factory = context.getSocketFactory();
    Duration timeout = options.getConnectionTimeout();

    this.sslSocket = (SSLSocket) factory.createSocket(socket, this.host, this.port, true);
    this.sslSocket.setUseClientMode(true);

    final CompletableFuture<Void> waitForHandshake = new CompletableFuture<>();
    
    this.sslSocket.addHandshakeCompletedListener((evt) -> {
        waitForHandshake.complete(null);
    });

    this.sslSocket.startHandshake();

    try {
        waitForHandshake.get(timeout.toNanos(), TimeUnit.NANOSECONDS);
    } catch (Exception ex) {
        this.connection.handleCommunicationIssue(ex);
        return;
    }

    in = sslSocket.getInputStream();
    out = sslSocket.getOutputStream();
}
 
Example 12
Source File: AVStandardWebSocketClientTest.java    From java-unified-sdk with Apache License 2.0 5 votes vote down vote up
public void testConnect() throws Exception {
  String wsUrl = "wss://cn-n1-core-k8s-cell-12.leancloud.cn";
  SSLContext sslContext = SSLContext.getDefault();
  SSLSocketFactory sf = sslContext.getSocketFactory();
  AVStandardWebSocketClient client = new AVStandardWebSocketClient(URI.create(wsUrl),
          AVStandardWebSocketClient.SUB_PROTOCOL_2_3,
          true, true, sf, 0, this.monitor);
  boolean rst = client.connectBlocking();
  assertTrue(rst);
  final int requestId = 100;
  final String installation = "d45304813cf37c6c1a2177f84aee0bb8";

  LoginPacket lp = new LoginPacket();
  lp.setAppId(Configure.TEST_APP_ID);
  lp.setInstallationId(installation);
  lp.setRequestId(requestId - 1);
  client.send(lp);
  Thread.sleep(3000);

  SessionControlPacket scp = SessionControlPacket.genSessionCommand(
          "fengjunwen", null,
          SessionControlPacket.SessionControlOp.OPEN, null,
          0, 0, requestId);
  scp.setTag("mobile");
  scp.setAppId(Configure.TEST_APP_ID);
  scp.setInstallationId(installation);
  scp.setReconnectionRequest(false);
  client.send(scp);

  Thread.sleep(3000);
  client.close();
  Thread.sleep(3000);
}
 
Example 13
Source File: BaseHttp.java    From bcm-android with GNU General Public License v3.0 5 votes vote down vote up
private SSLSocketFactory trustAllSSLFactory() {
    SSLSocketFactory ssfFactory = null;
    try {
        SSLContext sc = SSLContext.getInstance("TLS");

        MyTrustManager[] trustManager = {new MyTrustManager()};
        sc.init(null, trustManager, new SecureRandom());
        ssfFactory = sc.getSocketFactory();
    } catch (Exception e) {
        e.printStackTrace();
    }
    return ssfFactory;
}
 
Example 14
Source File: BatchTool.java    From SPADE with GNU General Public License v3.0 5 votes vote down vote up
private static void setupClientSSLContext() throws Exception {
    SecureRandom secureRandom = new SecureRandom();
    secureRandom.nextInt();

    TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
    tmf.init(serverKeyStorePublic);
    KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
    kmf.init(clientKeyStorePrivate, "private".toCharArray());

    SSLContext sslContext = SSLContext.getInstance("TLS");
    sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), secureRandom);
    sslSocketFactory = sslContext.getSocketFactory();
}
 
Example 15
Source File: FileTransfer.java    From reader with MIT License 5 votes vote down vote up
/**
 * This function will install a trust manager that will blindly trust all SSL
 * certificates.  The reason this code is being added is to enable developers
 * to do development using self signed SSL certificates on their web server.
 *
 * The standard HttpsURLConnection class will throw an exception on self
 * signed certificates if this code is not run.
 */
private static SSLSocketFactory trustAllHosts(HttpsURLConnection connection) {
    // Install the all-trusting trust manager
    SSLSocketFactory oldFactory = connection.getSSLSocketFactory();
    try {
        // Install our all trusting manager
        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        SSLSocketFactory newFactory = sc.getSocketFactory();
        connection.setSSLSocketFactory(newFactory);
    } catch (Exception e) {
        Log.e(LOG_TAG, e.getMessage(), e);
    }
    return oldFactory;
}
 
Example 16
Source File: EnableTLSv12.java    From tutorials with MIT License 5 votes vote down vote up
public void enableTLSv12UsingSSLContext() throws NoSuchAlgorithmException, KeyManagementException, UnknownHostException, IOException {
    SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
    sslContext.init(null, null, new SecureRandom());
    SSLSocketFactory socketFactory = sslContext.getSocketFactory();
    SSLSocket socket = (SSLSocket) socketFactory.createSocket(url, port);
    handleCommunication(socket, "SSLContext");
}
 
Example 17
Source File: JSSEClient.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    System.out.println("Client: arguments=" + String.join("; ", args));

    int port = Integer.valueOf(args[0]);
    String[] trustNames = args[1].split(TLSRestrictions.DELIMITER);
    String[] certNames = args[2].split(TLSRestrictions.DELIMITER);
    String constraint = args[3];

    TLSRestrictions.setConstraint("Client", constraint);

    SSLContext context = TLSRestrictions.createSSLContext(
            trustNames, certNames);
    SSLSocketFactory socketFactory = context.getSocketFactory();
    try (SSLSocket socket = (SSLSocket) socketFactory.createSocket()) {
        socket.connect(new InetSocketAddress("localhost", port),
                TLSRestrictions.TIMEOUT);
        socket.setSoTimeout(TLSRestrictions.TIMEOUT);
        System.out.println("Client: connected");

        InputStream sslIS = socket.getInputStream();
        OutputStream sslOS = socket.getOutputStream();
        sslOS.write('C');
        sslOS.flush();
        sslIS.read();
        System.out.println("Client: finished");
    } catch (Exception e) {
        throw new RuntimeException("Client: failed.", e);
    }
}
 
Example 18
Source File: SSLSessionStrategyFactory.java    From apiman with Apache License 2.0 4 votes vote down vote up
/**
 * Build an {@link SSLSessionStrategy}.
 *
 * @param trustStore the trust store
 * @param trustStorePassword the truststore password (if any)
 * @param keyStore the keystore
 * @param keyStorePassword the keystore password (if any)
 * @param keyAliases the key aliases that are candidates for use (if any)
 * @param keyPassword the key password (if any)
 * @param allowedProtocols the allowed transport protocols.
 *            <strong><em>Avoid specifying insecure protocols</em></strong>
 * @param allowedCiphers allowed crypto ciphersuites, <tt>null</tt> to use system defaults
 * @param trustSelfSigned true if self signed certificates can be trusted.
 *             <strong><em>Use with caution</em></strong>
 * @param allowAnyHostname true if any hostname can be connected to (i.e. does not need to match
 *            certificate hostname). <strong><em>Do not use in production</em></strong>
 * @return the connection socket factory
 * @throws NoSuchAlgorithmException if the selected algorithm is not available on the system
 * @throws KeyStoreException if there was a problem with the keystore
 * @throws CertificateException if there was a problem with the certificate
 * @throws IOException if the truststore could not be found or was invalid
 * @throws KeyManagementException if there is a problem with keys
 * @throws UnrecoverableKeyException if the key cannot be recovered
 */
public static SSLSessionStrategy build(String trustStore,
        String trustStorePassword,
        String keyStore,
        String keyStorePassword,
        String[] keyAliases,
        String keyPassword,
        String[] allowedProtocols,
        String[] allowedCiphers,
        boolean allowAnyHostname,
        boolean trustSelfSigned)

throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException,
        KeyManagementException, UnrecoverableKeyException {

    Args.notNull(allowedProtocols, "Allowed protocols"); //$NON-NLS-1$
    Args.notNull(allowedCiphers, "Allowed ciphers"); //$NON-NLS-1$

    TrustStrategy trustStrategy = trustSelfSigned ?  SELF_SIGNED : null;
    HostnameVerifier hostnameVerifier = allowAnyHostname ? ALLOW_ANY :
        SSLConnectionSocketFactory.getDefaultHostnameVerifier();
    PrivateKeyStrategy privateKeyStrategy = keyAliases == null ? null : new SelectByAlias(keyAliases);
    boolean clientAuth = keyStore == null ? false : true;

    SSLContextBuilder builder = SSLContexts.custom();

    if (trustStore != null) {
        loadTrustMaterial(builder,
                new File(trustStore),
                trustStorePassword.toCharArray(),
                trustStrategy);
    }

    if (keyStore != null) {
        char[] ksp = keyStorePassword == null ? null : keyStorePassword.toCharArray();
        char[] kp = keyPassword == null ? null : keyPassword.toCharArray();
        loadKeyMaterial(builder, new File(keyStore), ksp, kp, privateKeyStrategy);
    }

    SSLContext sslContext = builder.build();
    return new SSLSessionStrategy(hostnameVerifier, new CipherSelectingSSLSocketFactory(
            sslContext.getSocketFactory(), allowedCiphers, allowedProtocols, clientAuth));
}
 
Example 19
Source File: WebSocketClient.java    From Leanplum-Android-SDK with Apache License 2.0 4 votes vote down vote up
private SSLSocketFactory getSSLSocketFactory() throws NoSuchAlgorithmException, KeyManagementException {
  SSLContext context = SSLContext.getInstance("TLS");
  context.init(null, sTrustManagers, null);
  return context.getSocketFactory();
}
 
Example 20
Source File: TenpayHttpClient.java    From jframe with Apache License 2.0 3 votes vote down vote up
/**
 * 以https get方式通信
 * 
 * @param url
 * @param sslContext
 * @throws IOException
 */
protected void httpsGetMethod(String url, SSLContext sslContext) throws IOException {

    SSLSocketFactory sf = sslContext.getSocketFactory();

    HttpsURLConnection conn = HttpClientUtil.getHttpsURLConnection(url);

    conn.setSSLSocketFactory(sf);

    this.doGet(conn);

}