本文整理了Java中javax.net.ssl.SSLEngine.setEnabledCipherSuites()方法的一些代码示例,展示了SSLEngine.setEnabledCipherSuites()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。SSLEngine.setEnabledCipherSuites()方法的具体详情如下:
包路径:javax.net.ssl.SSLEngine
类名称:SSLEngine
方法名:setEnabledCipherSuites
[英]Sets the SSL cipher suite names that should be enabled in this engine instance. Only cipher suites listed by getSupportedCipherSuites()are allowed.
[中]设置应在此引擎实例中启用的SSL密码套件名称。只允许使用GetSupportedCipherSuite()列出的密码套件。
代码示例来源:origin: TooTallNate/Java-WebSocket
@Overridepublic ByteChannel wrapChannel(SocketChannel channel, SelectionKey key) throws IOException {SSLEngine e = sslcontext.createSSLEngine();if (enabledProtocols != null) {e.setEnabledProtocols(enabledProtocols);}if (enabledCiphersuites != null) {e.setEnabledCipherSuites(enabledCiphersuites);}e.setUseClientMode(false);return new SSLSocketChannel2(channel, e, exec, key);}
代码示例来源:origin: TooTallNate/Java-WebSocket
@Overridepublic ByteChannel wrapChannel( SocketChannel channel, SelectionKey key ) throws IOException {SSLEngine e = sslcontext.createSSLEngine();/** See https://github.com/TooTallNate/Java-WebSocket/issues/466** We remove TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 from the enabled ciphers since it is just available when you patch your java installation directly.* E.g. firefox requests this cipher and this causes some dcs/instable connections*/List<String> ciphers = new ArrayList<String>( Arrays.asList(e.getEnabledCipherSuites()));ciphers.remove("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");e.setEnabledCipherSuites( ciphers.toArray( new String[ciphers.size()] ) );e.setUseClientMode( false );return new SSLSocketChannel2( channel, e, exec, key );}
代码示例来源:origin: igniterealtime/Openfire
/*** A utility method that implements the shared functionality of getClientModeSSLEngine and getServerModeSSLEngine.** This method is used to initialize and pre-configure an instance of SSLEngine for a particular connection type.* The returned value lacks further configuration. In most cases, developers will want to use getClientModeSSLEngine* or getServerModeSSLEngine instead of this method.** @return A new pre-configured SSLEngine instance (never null).*/private SSLEngine createSSLEngine() throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException{final SSLContext sslContext = getSSLContext();final SSLEngine sslEngine = sslContext.createSSLEngine();// Configure protocol support.final Set<String> protocols = configuration.getEncryptionProtocols();if ( !protocols.isEmpty() ){// When an explicit list of enabled protocols is defined, use only those (otherwise, an implementation-specific default will be used).sslEngine.setEnabledProtocols( protocols.toArray( new String[ protocols.size() ] ) );}// Configure cipher suite support.final Set<String> cipherSuites = configuration.getEncryptionCipherSuites();if ( !cipherSuites.isEmpty() ){// When an explicit list of enabled protocols is defined, use only those (otherwise, an implementation-specific default will be used)..sslEngine.setEnabledCipherSuites( cipherSuites.toArray( new String[ cipherSuites.size() ] ) );}return sslEngine;}
代码示例来源:origin: apache/kafka
private SSLEngine createSslEngine(SSLContext sslContext, String peerHost, int peerPort) {SSLEngine sslEngine = sslContext.createSSLEngine(peerHost, peerPort);if (cipherSuites != null) sslEngine.setEnabledCipherSuites(cipherSuites);if (enabledProtocols != null) sslEngine.setEnabledProtocols(enabledProtocols);// SSLParameters#setEndpointIdentificationAlgorithm enables endpoint validation// only in client mode. Hence, validation is enabled only for clients.if (mode == Mode.SERVER) {sslEngine.setUseClientMode(false);if (needClientAuth)sslEngine.setNeedClientAuth(needClientAuth);elsesslEngine.setWantClientAuth(wantClientAuth);} else {sslEngine.setUseClientMode(true);SSLParameters sslParams = sslEngine.getSSLParameters();sslParams.setEndpointIdentificationAlgorithm(endpointIdentification);sslEngine.setSSLParameters(sslParams);}return sslEngine;}
代码示例来源:origin: robovm/robovm
/*** Sets various SSL handshake parameters based on the SSLParameter* argument. Specifically, sets the SSLEngine's enabled cipher* suites if the parameter's cipher suites are non-null. Similarly* sets the enabled protocols. If the parameters specify the want* or need for client authentication, those requirements are set* on the SSLEngine, otherwise both are set to false.* @since 1.6*/public void setSSLParameters(SSLParameters p) {String[] cipherSuites = p.getCipherSuites();if (cipherSuites != null) {setEnabledCipherSuites(cipherSuites);}String[] protocols = p.getProtocols();if (protocols != null) {setEnabledProtocols(protocols);}if (p.getNeedClientAuth()) {setNeedClientAuth(true);} else if (p.getWantClientAuth()) {setWantClientAuth(true);} else {setWantClientAuth(false);}}}
代码示例来源:origin: com.datastax.cassandra/cassandra-driver-core
/*** Creates an SSL engine each time a connection is established.** <p>** <p>You might want to override this if you need to fine-tune the engine's configuration (for* example enabling hostname verification).** @param channel the Netty channel for that connection.* @return the engine.*/protected SSLEngine newSSLEngine(@SuppressWarnings("unused") SocketChannel channel) {SSLEngine engine = context.createSSLEngine();engine.setUseClientMode(true);if (cipherSuites != null) engine.setEnabledCipherSuites(cipherSuites);return engine;}
代码示例来源:origin: io.netty/netty
@Overridepublic final SSLEngine newEngine(String peerHost, int peerPort) {SSLEngine engine = context().createSSLEngine(peerHost, peerPort);engine.setEnabledCipherSuites(cipherSuites);engine.setEnabledProtocols(PROTOCOLS);engine.setUseClientMode(isClient());return wrapEngine(engine);}
代码示例来源:origin: apache/servicecomb-java-chassis
public static SSLEngine createSSLEngine(SSLOption option, SSLCustom custom) {SSLContext context = createSSLContext(option, custom);SSLEngine engine =context.createSSLEngine();engine.setEnabledProtocols(option.getProtocols().split(","));String[] supported = engine.getSupportedCipherSuites();String[] eanbled = option.getCiphers().split(",");engine.setEnabledCipherSuites(getEnabledCiphers(supported, eanbled));engine.setNeedClientAuth(option.isAuthPeer());return engine;}
代码示例来源:origin: com.datastax.cassandra/cassandra-driver-core
/*** Creates an SSL engine each time a connection is established.** <p>You might want to override this if you need to fine-tune the engine's configuration (for* example enabling hostname verification).** @param channel the Netty channel for that connection.* @param remoteEndpoint the remote endpoint we are connecting to.* @return the engine.* @since 3.2.0*/protected SSLEngine newSSLEngine(@SuppressWarnings("unused") SocketChannel channel, InetSocketAddress remoteEndpoint) {SSLEngine engine =remoteEndpoint == null? context.createSSLEngine(): context.createSSLEngine(remoteEndpoint.getHostName(), remoteEndpoint.getPort());engine.setUseClientMode(true);if (cipherSuites != null) engine.setEnabledCipherSuites(cipherSuites);return engine;}
代码示例来源:origin: io.netty/netty
@Overridepublic final SSLEngine newEngine() {SSLEngine engine = context().createSSLEngine();engine.setEnabledCipherSuites(cipherSuites);engine.setEnabledProtocols(PROTOCOLS);engine.setUseClientMode(isClient());return wrapEngine(engine);}
代码示例来源:origin: apache/servicecomb-java-chassis
public static SSLEngine createSSLEngine(SSLOption option, SSLCustom custom, String peerHost, int peerPort) {SSLContext context = createSSLContext(option, custom);SSLEngine engine =context.createSSLEngine(peerHost, peerPort);engine.setEnabledProtocols(option.getProtocols().split(","));String[] supported = engine.getSupportedCipherSuites();String[] eanbled = option.getCiphers().split(",");engine.setEnabledCipherSuites(getEnabledCiphers(supported, eanbled));engine.setNeedClientAuth(option.isAuthPeer());return engine;}
代码示例来源:origin: Atmosphere/nettosphere
@Overridepublic void onPostCreate(SSLEngine e) {e.setEnabledCipherSuites(enabledCipherSuites);e.setUseClientMode(false);}};
代码示例来源:origin: apache/flume
private Optional<SSLEngine> getSslEngine(boolean useClientMode) {return getSslContext().map(sslContext -> {SSLEngine sslEngine = sslContext.createSSLEngine();sslEngine.setUseClientMode(useClientMode);sslEngine.setEnabledProtocols(getFilteredProtocols(sslEngine.getEnabledProtocols()));sslEngine.setEnabledCipherSuites(getFilteredCipherSuites(sslEngine.getEnabledCipherSuites()));return sslEngine;});}
代码示例来源:origin: sscarduzio/elasticsearch-readonlyrest-plugin
public static boolean validateProtocolAndCiphers(SSLEngine eng, LoggerShim logger, BasicSettings basicSettings) {try {String[] defaultProtocols = eng.getEnabledProtocols();logger.info("ROR SSL: Available ciphers: " + Joiner.on(",").join(eng.getEnabledCipherSuites()));basicSettings.getAllowedSSLCiphers().map(x -> x.toArray(new String[x.size()])).ifPresent(p -> {eng.setEnabledCipherSuites(p);logger.info("ROR SSL: Restricting to ciphers: " + Joiner.on(",").join(eng.getEnabledCipherSuites()));});logger.info("ROR SSL: Available SSL protocols: " + Joiner.on(",").join(defaultProtocols));basicSettings.getAllowedSSLProtocols().map(x -> x.toArray(new String[x.size()])).ifPresent(p -> {eng.setEnabledProtocols(p);logger.info("ROR SSL: Restricting to SSL protocols: " + Joiner.on(",").join(eng.getEnabledProtocols()));});return true;} catch (Exception e) {logger.error("ROR SSL: cannot validate SSL protocols and ciphers! " + e.getClass().getSimpleName() + ": " + e.getMessage(), e);return false;}}
代码示例来源:origin: org.atmosphere/nettosphere
@Overridepublic void onPostCreate(SSLEngine e) {e.setEnabledCipherSuites(enabledCipherSuites);e.setUseClientMode(false);}};
代码示例来源:origin: eclipse-vertx/vert.x
public void configureEngine(SSLEngine engine, String serverName) {if (enabledCipherSuites != null && !enabledCipherSuites.isEmpty()) {String[] toUse = enabledCipherSuites.toArray(new String[enabledCipherSuites.size()]);engine.setEnabledCipherSuites(toUse);engine.setUseClientMode(client);Set<String> protocols = new LinkedHashSet<>(enabledProtocols);protocols.retainAll(Arrays.asList(engine.getSupportedProtocols()));log.warn("no SSL/TLS protocols are enabled due to configuration restrictions");engine.setEnabledProtocols(protocols.toArray(new String[protocols.size()]));if (!client) {switch (getClientAuth()) {
代码示例来源:origin: org.wildfly.core/wildfly-domain-management
private void setSslParams(final SSLEngine engine) {if (enabledCipherSuites.length > 0) {engine.setEnabledCipherSuites(enabledCipherSuites);}if (enabledProtocols.length > 0) {engine.setEnabledProtocols(enabledProtocols);}}
代码示例来源:origin: jsevellec/cassandra-unit
protected final SslHandler createSslHandler(){SSLEngine sslEngine = sslContext.createSSLEngine();sslEngine.setUseClientMode(false);String[] suites = SSLFactory.filterCipherSuites(sslEngine.getSupportedCipherSuites(), encryptionOptions.cipher_suites);sslEngine.setEnabledCipherSuites(suites);sslEngine.setNeedClientAuth(encryptionOptions.require_client_auth);return new SslHandler(sslEngine);}}
代码示例来源:origin: wildfly/wildfly
optionMap.get(Options.SSL_PEER_PORT, peerAddress.getPort()));engine.setUseClientMode(client);engine.setEnableSessionCreation(optionMap.get(Options.SSL_ENABLE_SESSION_CREATION, true));final Sequence<String> cipherSuites = optionMap.get(Options.SSL_ENABLED_CIPHER_SUITES);engine.setEnabledCipherSuites(finalList.toArray(new String[finalList.size()]));engine.setEnabledProtocols(finalList.toArray(new String[finalList.size()]));
代码示例来源:origin: wildfly/wildfly-core
private void setSslParams(final SSLEngine engine) {if (enabledCipherSuites.length > 0) {engine.setEnabledCipherSuites(enabledCipherSuites);}if (enabledProtocols.length > 0) {engine.setEnabledProtocols(enabledProtocols);}}
内容来源于网络,如有侵权,请联系作者删除!