javax.net.ssl.SSLHandshakeException类的使用及代码示例

x33g5p2x  于2022-01-29 转载在 其他  
字(11.5k)|赞(0)|评价(0)|浏览(167)

本文整理了Java中javax.net.ssl.SSLHandshakeException类的一些代码示例,展示了SSLHandshakeException类的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。SSLHandshakeException类的具体详情如下:
包路径:javax.net.ssl.SSLHandshakeException
类名称:SSLHandshakeException

SSLHandshakeException介绍

[英]The exception that is thrown when a handshake could not be completed successfully.
[中]无法成功完成握手时引发的异常。

代码示例

代码示例来源:origin: redisson/redisson

@Override
public void handle(long ssl, byte[] keyTypeBytes, byte[][] asn1DerEncodedPrincipals) throws Exception {
  final ReferenceCountedOpenSslEngine engine = engineMap.get(ssl);
  try {
    final Set<String> keyTypesSet = supportedClientKeyTypes(keyTypeBytes);
    final String[] keyTypes = keyTypesSet.toArray(new String[0]);
    final X500Principal[] issuers;
    if (asn1DerEncodedPrincipals == null) {
      issuers = null;
    } else {
      issuers = new X500Principal[asn1DerEncodedPrincipals.length];
      for (int i = 0; i < asn1DerEncodedPrincipals.length; i++) {
        issuers[i] = new X500Principal(asn1DerEncodedPrincipals[i]);
      }
    }
    keyManagerHolder.setKeyMaterialClientSide(engine, keyTypes, issuers);
  } catch (Throwable cause) {
    logger.debug("request of key failed", cause);
    SSLHandshakeException e = new SSLHandshakeException("General OpenSslEngine problem");
    e.initCause(cause);
    engine.handshakeException = e;
  }
}

代码示例来源:origin: jenkinsci/jenkins

private void testConnection(URL url) throws IOException {
    try {
      URLConnection connection = (URLConnection) ProxyConfiguration.open(url);
      if(connection instanceof HttpURLConnection) {
        int responseCode = ((HttpURLConnection)connection).getResponseCode();
        if(HttpURLConnection.HTTP_OK != responseCode) {
          throw new HttpRetryException("Invalid response code (" + responseCode + ") from URL: " + url, responseCode);
        }
      } else {
        try (InputStream is = connection.getInputStream()) {
          IOUtils.copy(is, new NullOutputStream());
        }
      }
    } catch (SSLHandshakeException e) {
      if (e.getMessage().contains("PKIX path building failed"))
        // fix up this crappy error message from JDK
        throw new IOException("Failed to validate the SSL certificate of "+url,e);
    }
  }
}

代码示例来源:origin: redisson/redisson

/**
 * Converts the given exception to a {@link SSLHandshakeException}, if it isn't already.
 */
static SSLHandshakeException toSSLHandshakeException(Throwable e) {
  if (e instanceof SSLHandshakeException) {
    return (SSLHandshakeException) e;
  }
  return (SSLHandshakeException) new SSLHandshakeException(e.getMessage()).initCause(e);
}

代码示例来源:origin: wildfly/wildfly

@Override
public final SSLHandshakeException noContextForSslConnection() {
  final SSLHandshakeException result = new SSLHandshakeException(String.format(getLoggingLocale(), noContextForSslConnection$str()));
  final StackTraceElement[] st = result.getStackTrace();
  result.setStackTrace(Arrays.copyOfRange(st, 1, st.length));
  return result;
}
private static final String sslClosed = "ELY04007: SSL channel is closed";

代码示例来源:origin: apache/nifi

final ByteBuffer appDataOut = ByteBuffer.wrap(emptyMessage);
  final ByteBuffer outboundBuffer = streamOutManager.prepareForWrite(engine.getSession().getApplicationBufferSize());
  if (wrapHelloResult.getStatus() == Status.BUFFER_OVERFLOW) {
    streamOutManager.prepareForWrite(engine.getSession().getApplicationBufferSize());
    continue;
  if (wrapHelloResult.getStatus() != Status.OK) {
    throw new SSLHandshakeException("Could not generate SSL Handshake information: SSLEngineResult: "
        + wrapHelloResult.toString());
case NEED_UNWRAP: {
  final ByteBuffer readableDataIn = streamInManager.prepareForRead(0);
  final ByteBuffer appData = appDataManager.prepareForWrite(engine.getSession().getApplicationBufferSize());
      throw new SSLHandshakeException("Reached End-of-File marker while performing handshake");
  } else if (handshakeResponseResult.getStatus() == Status.CLOSED) {

代码示例来源:origin: redisson/redisson

private SSLException shutdownWithError(String operation, int sslError, int error) {
  String errorString = SSL.getErrorString(error);
  if (logger.isDebugEnabled()) {
    logger.debug("{} failed with {}: OpenSSL error: {} {}",
           operation, sslError, error, errorString);
  }
  // There was an internal error -- shutdown
  shutdown();
  if (handshakeState == HandshakeState.FINISHED) {
    return new SSLException(errorString);
  }
  return new SSLHandshakeException(errorString);
}

代码示例来源:origin: apache/geode

throws IOException, InterruptedException {
if (peerNetData.capacity() < engine.getSession().getPacketBufferSize()) {
 if (logger.isDebugEnabled()) {
  logger.debug("Allocating new buffer for SSL handshake");
   Buffers.acquireReceiveBuffer(engine.getSession().getPacketBufferSize(), stats);
} else {
 this.handshakeBuffer = peerNetData;
   engineResult = engine.unwrap(handshakeBuffer, peerAppData);
   handshakeBuffer.compact();
   status = engineResult.getHandshakeStatus();
   if (engineResult.getStatus() == BUFFER_OVERFLOW) {
    peerAppData =
      expandWriteBuffer(TRACKED_RECEIVER, peerAppData, peerAppData.capacity() * 2,
   status = engineResult.getHandshakeStatus();
 throw new SSLHandshakeException("SSL Handshake terminated with status " + status);

代码示例来源:origin: ibinti/bugvm

throw new SSLHandshakeException("SSL session not available");
this.log.debug(" negotiated protocol: " + session.getProtocol());
this.log.debug(" negotiated cipher suite: " + session.getCipherSuite());
  final Certificate[] certs = session.getPeerCertificates();
  final X509Certificate x509 = (X509Certificate) certs[0];
  final X500Principal peer = x509.getSubjectX500Principal();
  this.log.debug(" peer principal: " + peer.toString());
  final Collection<List<?>> altNames1 = x509.getSubjectAlternativeNames();
  if (altNames1 != null) {
  this.log.debug(" issuer principal: " + issuer.toString());
  final Collection<List<?>> altNames2 = x509.getIssuerAlternativeNames();
  if (altNames2 != null) {
final X500Principal x500Principal = x509.getSubjectX500Principal();
throw new SSLPeerUnverifiedException("Host name '" + hostname + "' does not match " +
    "the certificate subject provided by the peer (" + x500Principal.toString() + ")");

代码示例来源:origin: igniterealtime/Openfire

} catch (javax.net.ssl.SSLException ex) {
  if ("Inbound closed before receiving peer's close_notify: possible truncation attack?".equals( ex.getMessage() ) ) {
    throw new SSLHandshakeException( "The peer closed the connection while performing a TLS handshake." );
incomingNetBB.compact();
initialHSStatus = result.getHandshakeStatus();
switch (result.getStatus()) {
  throw new IOException("Received" + result.getStatus()
      + "during initial handshaking");

代码示例来源:origin: apache/geode

if (result.getStatus() != SSLEngineResult.Status.CLOSED) {
 throw new SSLHandshakeException(
   "Error closing SSL session.  Status=" + result.getStatus());

代码示例来源:origin: NightscoutFoundation/xDrip

UserError.Log.d(TAG, "\tProtocol : " + sslSession.getProtocol());
    UserError.Log.d(TAG, "\tCipher suite : " + sslSession.getCipherSuite());
  UserError.Log.e(TAG, "SSL ERROR: " + e.toString());
  return;
} catch (Exception e) {

代码示例来源:origin: redisson/redisson

private SSLEngineResult sslReadErrorResult(int error, int stackError, int bytesConsumed, int bytesProduced)
    throws SSLException {
  // Check if we have a pending handshakeException and if so see if we need to consume all pending data from the
  // BIO first or can just shutdown and throw it now.
  // This is needed so we ensure close_notify etc is correctly send to the remote peer.
  // See https://github.com/netty/netty/issues/3900
  if (SSL.bioLengthNonApplication(networkBIO) > 0) {
    if (handshakeException == null && handshakeState != HandshakeState.FINISHED) {
      // we seems to have data left that needs to be transferred and so the user needs
      // call wrap(...). Store the error so we can pick it up later.
      handshakeException = new SSLHandshakeException(SSL.getErrorString(stackError));
    }
    // We need to clear all errors so we not pick up anything that was left on the stack on the next
    // operation. Note that shutdownWithError(...) will cleanup the stack as well so its only needed here.
    SSL.clearError();
    return new SSLEngineResult(OK, NEED_WRAP, bytesConsumed, bytesProduced);
  }
  throw shutdownWithError("SSL_read", error, stackError);
}

代码示例来源:origin: org.glassfish.grizzly/grizzly-websockets-server

sslEngine.getSession().invalidate();
  if (e.toString().toLowerCase().contains("insecure renegotiation")) {
    if (LOGGER.isLoggable(Level.SEVERE)) {
      LOGGER.severe("Secure SSL/TLS renegotiation is not "

代码示例来源:origin: redisson/redisson

@Override
  protected void noSelectedMatchFound(String protocol) throws Exception {
    throw new SSLHandshakeException("No compatible protocols found");
  }
}

代码示例来源:origin: org.tmatesoft.svnkit/svnkit

final SSLSession session = ((SSLSocket)mySocket).getSession();
   if (session != null) {
    myRepository.getDebugLog().logFine(SVNLogType.NETWORK, "Connected to " + myRepository.getLocation() + " using " + session.getProtocol());
    myLogSSLParams = false;
myRepository.getDebugLog().logFine(SVNLogType.NETWORK, ssl);
close();
if (ssl.getCause() instanceof SVNSSLUtil.CertificateNotTrustedException
    || ssl.getCause() instanceof SVNSSLUtil.CertificateDoesNotConformConstraints) {
  SVNErrorManager.cancel(ssl.getCause().getMessage(), SVNLogType.NETWORK);
SVNErrorMessage sslErr = SVNErrorMessage.create(SVNErrorCode.RA_NOT_AUTHORIZED, "SSL handshake failed: ''{0}''", new Object[] { ssl.getMessage() }, SVNErrorMessage.TYPE_ERROR, ssl);
if (keyManager != null && keyManager.isInitialized()) {
  keyManager.acknowledgeAndClearAuthentication(sslErr);
} else {
  sslErr = SVNErrorMessage.create(SVNErrorCode.RA_DAV_REQUEST_FAILED, "SSL handshake failed: ''{0}''", new Object[] { ssl.getMessage() }, SVNErrorMessage.TYPE_ERROR, ssl);
  SVNErrorManager.error(sslErr, SVNLogType.NETWORK);

代码示例来源:origin: stackoverflow.com

// Open SSLSocket directly to gmail.com
SocketFactory sf = SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket) sf.createSocket("gmail.com", 443);
HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
SSLSession s = socket.getSession();

// Verify that the certicate hostname is for mail.google.com
// This is due to lack of SNI support in the current SSLSocket.
if (!hv.verify("mail.google.com", s)) {
  throw new SSLHandshakeException("Expected mail.google.com, "
                  "found " + s.getPeerPrincipal());
}

// At this point SSLSocket performed certificate verificaiton and
// we have performed hostname verification, so it is safe to proceed.

// ... use socket ...
socket.close();

代码示例来源:origin: org.codehaus.jtstand/jtstand-svnkit

myRepository.getDebugLog().logFine(SVNLogType.NETWORK, ssl);
close();
if (ssl.getCause() instanceof SVNSSLUtil.CertificateNotTrustedException) {
  SVNErrorManager.cancel(ssl.getCause().getMessage(), SVNLogType.NETWORK);
SVNErrorMessage sslErr = SVNErrorMessage.create(SVNErrorCode.RA_NOT_AUTHORIZED, "SSL handshake failed: ''{0}''", new Object[] { ssl.getMessage() }, SVNErrorMessage.TYPE_ERROR, ssl);
  if (keyManager != null) {
    keyManager.acknowledgeAndClearAuthentication(sslErr);

代码示例来源:origin: com.51degrees/device-detection-webapp

"establilshed and threw error '%s'",
    newDevicesUrl,
    ex.getCause().toString()));
stop = true;
continue;

代码示例来源:origin: apache/nifi

final ByteBuffer appDataBuffer = appDataManager.prepareForWrite(engine.getSession().getApplicationBufferSize());
unwrapResponse = engine.unwrap(streamInBuffer, appDataBuffer);
logger.trace("{} When reading data, (handshake={}) Unwrap response: {}", this, handshaking, unwrapResponse);
switch (unwrapResponse.getStatus()) {
  case BUFFER_OVERFLOW:
    throw new SSLHandshakeException("Buffer Overflow, which is not allowed to happen from an unwrap");
  case BUFFER_UNDERFLOW: {
    final ByteBuffer writableInBuffer = streamInManager.prepareForWrite(engine.getSession().getPacketBufferSize());
    final int bytesRead = readData(writableInBuffer);
    if (bytesRead < 0) {

代码示例来源:origin: wildfly/wildfly

private SSLException shutdownWithError(String operation, String err) {
  if (logger.isDebugEnabled()) {
    logger.debug("{} failed: OpenSSL error: {}", operation, err);
  }
  // There was an internal error -- shutdown
  shutdown();
  if (handshakeState == HandshakeState.FINISHED) {
    return new SSLException(err);
  }
  return new SSLHandshakeException(err);
}

相关文章