public static void main(String[] args) throws Exception { // reserve the security properties String reservedSSFacProvider = Security.getProperty("ssl.ServerSocketFactory.provider"); try { Security.setProperty("ssl.ServerSocketFactory.provider", "oops"); ServerSocketFactory ssocketFactory = SSLServerSocketFactory.getDefault(); SSLServerSocket sslServerSocket = (SSLServerSocket)ssocketFactory.createServerSocket(); } catch (Exception e) { if (!(e.getCause() instanceof ClassNotFoundException)) { throw e; } // get the expected exception } finally { // restore the security properties if (reservedSSFacProvider == null) { reservedSSFacProvider = ""; } Security.setProperty("ssl.ServerSocketFactory.provider", reservedSSFacProvider); } }
private SSLServerSocketFactory getSSLServerSF() throws Exception { char [] password = System.getProperty("javax.net.ssl.keyStorePassword").toCharArray(); String keyFilename = System.getProperty("javax.net.ssl.keyStore"); KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(keyFilename), password); KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509"); kmf.init(ks, password); KeyManager[] kms = kmf.getKeyManagers(); TrustManager[] tms = new MyX509TM[] {new MyX509TM()}; SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(kms, tms, null); return ctx.getServerSocketFactory(); }
/** * Creates an SSLSocketFactory for HTTPS. Pass a KeyStore resource with your * certificate and passphrase */ public static SSLServerSocketFactory makeSSLSocketFactory(String keyAndTrustStoreClasspathPath, char[] passphrase) throws IOException { try { KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); InputStream keystoreStream = NanoHTTPD.class.getResourceAsStream(keyAndTrustStoreClasspathPath); if (keystoreStream == null) { throw new IOException("Unable to load keystore from classpath: " + keyAndTrustStoreClasspathPath); } keystore.load(keystoreStream, passphrase); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keystore, passphrase); return makeSSLSocketFactory(keystore, keyManagerFactory); } catch (Exception e) { throw new IOException(e.getMessage()); } }
/** * Retrieves the underlying javax.net.ssl.SSLServerSocketFactory. * * @throws Exception if there is a problem retrieving the * underlying factory * @return the underlying javax.net.ssl.SSLServerSocketFactory */ protected SSLServerSocketFactory getServerSocketFactoryImpl() throws Exception { Object factory; synchronized (server_socket_factory_mutex) { factory = serverSocketFactory; if (factory == null) { factory = SSLServerSocketFactory.getDefault(); serverSocketFactory = factory; } } return (SSLServerSocketFactory) factory; }
public static SSLServerSocketFactory makeSSLSocketFactory(KeyStore loadedKeyStore, KeyManager[] keyManagers) { SSLServerSocketFactory res = null; try { TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(loadedKeyStore); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(keyManagers, trustManagerFactory.getTrustManagers(), null); res = ctx.getServerSocketFactory(); } catch (Exception e) { System.out.println(e.toString()); //throw new IOException(e.getMessage()); } return res; }
/** * Creates an SSLSocketFactory for HTTPS. Pass a KeyStore resource with your * certificate and passphrase */ public static SSLServerSocketFactory makeSSLSocketFactory(String keyAndTrustStoreClasspathPath, char[] passphrase) { try { KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); File keystrorefile = new File(keyAndTrustStoreClasspathPath); System.out.println(keystrorefile.getAbsolutePath()); InputStream keystoreStream = new FileInputStream(keystrorefile);//NanoHTTPD.class.getResourceAsStream(keyAndTrustStoreClasspathPath); // if (keystoreStream == null) // { // System.out.println("Unable to load keystore from classpath: " + keyAndTrustStoreClasspathPath); // //throw new IOException("Unable to load keystore from classpath: " + keyAndTrustStoreClasspathPath); // return null; // } keystore.load(keystoreStream, passphrase); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keystore, passphrase); return makeSSLSocketFactory(keystore, keyManagerFactory); } catch (Exception e) { System.out.println(e.toString()); //throw new IOException(e.getMessage()); } return null; }
public static void main(String[] args) throws Exception { System.setProperty("javax.net.ssl.keyStorePassword", "passphrase"); System.setProperty("javax.net.ssl.keyStore", System.getProperty("test.src", "./") + "/../../ssl/etc/keystore"); SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); final ServerSocket server = sslssf.createServerSocket(0); System.out.println(server.getLocalPort()); System.out.flush(); Thread t = new Thread() { public void run() { try { Thread.sleep(30000); server.close(); } catch (Exception e) { ; } throw new RuntimeException("Timeout"); } }; t.setDaemon(true); t.start(); ((SSLSocket)server.accept()).startHandshake(); }
JSSEServer(CipherTestUtils cipherTest, int serverPort, String protocol, String cipherSuite) throws Exception { super(cipherTest); this.serverPort = serverPort; SSLContext serverContext = SSLContext.getInstance("TLS"); serverContext.init(new KeyManager[]{cipherTest.getServerKeyManager()}, new TrustManager[]{cipherTest.getServerTrustManager()}, CipherTestUtils.secureRandom); SSLServerSocketFactory factory = (SSLServerSocketFactory)serverContext.getServerSocketFactory(); serverSocket = (SSLServerSocket) factory.createServerSocket(serverPort); serverSocket.setEnabledProtocols(protocol.split(",")); serverSocket.setEnabledCipherSuites(cipherSuite.split(",")); CipherTestUtils.printInfo(serverSocket); }
public static void main(String[] args) throws Exception { ServerSocketFactory ssf = SSLServerSocketFactory.getDefault(); ServerSocket ss = ssf.createServerSocket(Integer.parseInt(args[0])); System.out.println("Ready..."); SSLSimpleServer server = new SSLSimpleServer(ss); new Thread(server).start(); try { Thread.sleep(200 * 1000); } catch (InterruptedException e) { e.printStackTrace(); } System.out.println("Stopping Server"); }
final ServerSocket initSecure(int port) throws Exception { ServerSocketFactory fac; if (sslContext != null) { fac = sslContext.getServerSocketFactory(); } else { fac = SSLServerSocketFactory.getDefault(); } SSLServerSocket se = (SSLServerSocket) fac.createServerSocket(port); SSLParameters sslp = se.getSSLParameters(); sslp.setApplicationProtocols(new String[]{"h2"}); se.setSSLParameters(sslp); se.setEnabledCipherSuites(se.getSupportedCipherSuites()); se.setEnabledProtocols(se.getSupportedProtocols()); // other initialisation here return se; }
@Override public void run() { System.setProperty("javax.net.ssl.keyStorePassword", "passphrase"); System.setProperty("javax.net.ssl.keyStore", "keystore"); SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); try (ServerSocket server = sslssf.createServerSocket(0)) { this.serverPort = server.getLocalPort(); System.out.printf("%nServer started on: %s%n", getServerPort()); untilServerReady.countDown(); ((SSLSocket)server.accept()).startHandshake(); } catch (Throwable e) { e.printStackTrace(System.out); untilServerReady.countDown(); } }
void doServerSide() throws Exception { SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); SSLServerSocket sslServerSocket = (SSLServerSocket) sslssf.createServerSocket(serverPort); serverPort = sslServerSocket.getLocalPort(); /* * Signal Client, we're ready for his connect. */ serverReady = true; while (serverReady) { SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept(); // System.out.printf(" accept: %s%n", sslSocket); InputStream sslIS = sslSocket.getInputStream(); OutputStream sslOS = sslSocket.getOutputStream(); sslIS.read(); sslOS.write(85); sslOS.flush(); sslSocket.close(); } }
void doServerSide() throws Exception { SSLServerSocketFactory sslssf = getSSLServerSF(); SSLServerSocket sslServerSocket = (SSLServerSocket) sslssf.createServerSocket(serverPort); // require client authentication. sslServerSocket.setNeedClientAuth(true); serverPort = sslServerSocket.getLocalPort(); /* * Signal Client, we're ready for his connect. */ serverReady = true; SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept(); InputStream sslIS = sslSocket.getInputStream(); OutputStream sslOS = sslSocket.getOutputStream(); sslIS.read(); sslOS.write('A'); sslOS.flush(); sslSocket.close(); }
void doServerSide() throws Exception { SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); SSLServerSocket sslServerSocket = (SSLServerSocket) sslssf.createServerSocket(serverPort); serverPort = sslServerSocket.getLocalPort(); /* * Signal Client, we're ready for his connect. */ serverReady = true; SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept(); InputStream sslIS = sslSocket.getInputStream(); OutputStream sslOS = sslSocket.getOutputStream(); sslIS.read(); sslOS.write('A'); sslOS.flush(); sslSocket.close(); }
JSSEServer(CipherTestUtils cipherTest, int serverPort, String protocol, String cipherSuite) throws Exception { super(cipherTest); SSLContext serverContext = SSLContext.getInstance("TLS"); serverContext.init(new KeyManager[]{cipherTest.getServerKeyManager()}, new TrustManager[]{cipherTest.getServerTrustManager()}, CipherTestUtils.secureRandom); SSLServerSocketFactory factory = (SSLServerSocketFactory)serverContext.getServerSocketFactory(); serverSocket = (SSLServerSocket) factory.createServerSocket(serverPort); serverSocket.setEnabledProtocols(protocol.split(",")); serverSocket.setEnabledCipherSuites(cipherSuite.split(",")); CipherTestUtils.printInfo(serverSocket); }
@Override protected HttpServer createHttpService(HttpServer.Config config, Logger logger) { return new TefHttpServer(config, logger) { @Override protected ServerSocket createServerSocket(int port) throws IOException { return "ssl".equals(System.getProperty("http-socket-type")) ? SSLServerSocketFactory.getDefault().createServerSocket(port) : super.createServerSocket(port); } @Override protected HttpConnection newConnection(Socket socket) { return new TefHttpConnection(this, socket) { @Override protected boolean authenticate(HttpRequest request) { return authenticateHttpRequest(request); } }; } }; }
public static void main(String[] args) throws Exception { System.setProperty("javax.net.ssl.keyStorePassword", "passphrase"); System.setProperty("javax.net.ssl.keyStore", System.getProperty("test.src", "./") + "/../../../../javax/net/ssl/etc/keystore"); SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); final ServerSocket server = sslssf.createServerSocket(0); System.out.println(server.getLocalPort()); System.out.flush(); Thread t = new Thread() { public void run() { try { Thread.sleep(30000); server.close(); } catch (Exception e) { ; } throw new RuntimeException("Timeout"); } }; t.setDaemon(true); t.start(); ((SSLSocket)server.accept()).startHandshake(); }
public SSLServerSocket newSslServerSocket(String host,int port,int backlog) throws IOException { SSLServerSocketFactory factory = sslContext.getServerSocketFactory(); SSLServerSocket socket = (SSLServerSocket) (host==null ? factory.createServerSocket(port, backlog): factory.createServerSocket(port, backlog, InetAddress.getByName(host))); if (sslConfig.getWantClientAuth()) socket.setWantClientAuth(sslConfig.getWantClientAuth()); if (sslConfig.getNeedClientAuth()) socket.setNeedClientAuth(sslConfig.getNeedClientAuth()); socket.setEnabledCipherSuites(selectCipherSuites(socket.getEnabledCipherSuites(), socket.getSupportedCipherSuites())); socket.setEnabledProtocols(selectProtocols(socket.getEnabledProtocols(),socket.getSupportedProtocols())); return socket; }
/** * Get a configured SSL wrapped TServerSocket bound to the specified port and * interface. * <p> * If SocketParameters have SSL properties set, then they are used to set the * values for the algorithms, keystore, truststore and other settings. * <p> * Else if SocketParameters don't have SSL settings, then the default settings * are used. Default settings are retrieved from server System properties. * * Example system properties: -Djavax.net.ssl.trustStore=<truststore location> * -Djavax.net.ssl.trustStorePassword=password * -Djavax.net.ssl.keyStore=<keystore location> * -Djavax.net.ssl.keyStorePassword=password * * * @return An SSL wrapped {@link GfxdTSSLServerSocket} */ public static GfxdTSSLServerSocket getServerSocket( InetSocketAddress bindAddress, SocketParameters params) throws TTransportException { if (params.hasSSLParams()) { if (!params.isSSLKeyStoreSet() && !params.isSSLTrustStoreSet()) { throw new TTransportException( "Either one of the KeyStore or TrustStore must be set " + "for SocketParameters having SSL parameters"); } SSLContext ctx = GfxdTSSLSocketFactory.createSSLContext(params); return createServer(ctx.getServerSocketFactory(), bindAddress, params); } else { SSLServerSocketFactory factory = (SSLServerSocketFactory)SSLServerSocketFactory .getDefault(); return createServer(factory, bindAddress, params); } }
private static GfxdTSSLServerSocket createServer( SSLServerSocketFactory factory, InetSocketAddress bindAddress, SocketParameters params) throws TTransportException { try { SSLServerSocket serverSocket = (SSLServerSocket)factory .createServerSocket(bindAddress.getPort(), 100, bindAddress.getAddress()); if (params != null) { if (params.getSSLEnabledProtocols() != null) { serverSocket.setEnabledProtocols(params.getSSLEnabledProtocols()); } if (params.getSSLCipherSuites() != null) { serverSocket.setEnabledCipherSuites(params.getSSLCipherSuites()); } serverSocket.setNeedClientAuth(params.getSSLClientAuth()); } return new GfxdTSSLServerSocket(serverSocket, bindAddress, params); } catch (Exception e) { throw new TTransportException(TTransportException.NOT_OPEN, "Could not bind to host:port " + bindAddress.toString(), e); } }
/** * Returns the list of configurers to apply to an {@link SSLServerSocketFactory} in order * to fully configure it in compliance with the provided configuration options. * The configurers are to be applied in the order in which they appear in the list. * <p/> * It is preferred to use {@link #getSSLServerSocketFactorySSLServerSocketConfigurers(SSLContext)} instead * of this method as {@code SSLServerSocketFactory} does not contain any configuration options that * are non-proprietary. * * @param context the context that serves as the factory for {@code SSLServerSocketFactory} instances * * @return the needed configurers * * @see #getSSLServerSocketFactorySSLServerSocketConfigurers(SSLContext) */ protected List<Configurer<SSLServerSocketFactory>> getSSLServerSocketFactoryConfigurers(SSLContext context) { final List<Configurer<SSLServerSocket>> sslServerSocketConfigurers = this.getSSLServerSocketFactorySSLServerSocketConfigurers(context); Configurer<SSLServerSocketFactory> sslServerSocketFactoryConfigurer = new Configurer<SSLServerSocketFactory>() { @Override public SSLServerSocketFactory configure(SSLServerSocketFactory factory) { return new SSLServerSocketFactoryDecorator( factory, sslServerSocketConfigurers); } }; List<Configurer<SSLServerSocketFactory>> sslServerSocketFactoryConfigurers = new LinkedList<Configurer<SSLServerSocketFactory>>(); sslServerSocketFactoryConfigurers.add(sslServerSocketFactoryConfigurer); return sslServerSocketFactoryConfigurers; }
@Test public void test_SSLContext_getServerSocketFactory() throws Exception { for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { if (protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { SSLContext.getInstance(protocol).getServerSocketFactory(); } else { try { SSLContext.getInstance(protocol).getServerSocketFactory(); fail(); } catch (IllegalStateException expected) { // Ignored. } } SSLContext sslContext = SSLContext.getInstance(protocol); if (!protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { sslContext.init(null, null, null); } ServerSocketFactory ssf = sslContext.getServerSocketFactory(); assertNotNull(ssf); assertTrue(SSLServerSocketFactory.class.isAssignableFrom(ssf.getClass())); } }
/** * Starts the server. This method is automatically called after * <code>preStart()</code> and starts the actual and the listening thread. */ private void start() { server = null; try { if (secureMode) { server = ((SSLServerSocketFactory) SSLServerSocketFactory.getDefault()).createServerSocket(port); } else { server = new ServerSocket(port); } } catch (IOException e) { onLogError("Error opening ServerSocket"); e.printStackTrace(); } startListening(); }
private static SSLServerSocketFactory makeSSLSocketFactory(KeyStore loadedKeyStore, KeyManager[] keyManagers) throws IOException { final SSLServerSocketFactory factory; try { final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(loadedKeyStore); final SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagers, trustManagerFactory.getTrustManagers(), null); factory = sslContext.getServerSocketFactory(); } catch (Exception e) { // simplify exception handling throw new IOException(e.getMessage()); } return factory; }