/** * Returns the name of the cipher suite negotiated during this handshake. * * @return the name of the cipher suite negotiated during this handshake. */ public String getCipherSuite() { return session.getCipherSuite(); }
@Override public String getCipherSuite() { return channel.getSslSession().getCipherSuite(); }
@Override public String getCipherSuite() { return channel.getSslSession().getCipherSuite(); }
public String getCipherSuite() { return unwrap().getCipherSuite(); }
/** * Checks if the handshake status is finished * Sets the interestOps for the selectionKey. */ private void handshakeFinished() throws IOException { // SSLEngine.getHandshakeStatus is transient and it doesn't record FINISHED status properly. // It can move from FINISHED status to NOT_HANDSHAKING after the handshake is completed. // Hence we also need to check handshakeResult.getHandshakeStatus() if the handshake finished or not if (handshakeResult.getHandshakeStatus() == HandshakeStatus.FINISHED) { //we are complete if we have delivered the last packet //remove OP_WRITE if we are complete, otherwise we still have data to write if (netWriteBuffer.hasRemaining()) key.interestOps(key.interestOps() | SelectionKey.OP_WRITE); else { state = State.READY; key.interestOps(key.interestOps() & ~SelectionKey.OP_WRITE); SSLSession session = sslEngine.getSession(); log.debug("SSL handshake completed successfully with peerHost '{}' peerPort {} peerPrincipal '{}' cipherSuite '{}'", session.getPeerHost(), session.getPeerPort(), peerPrincipal(), session.getCipherSuite()); } log.trace("SSLHandshake FINISHED channelId {}, appReadBuffer pos {}, netReadBuffer pos {}, netWriteBuffer pos {} ", channelId, appReadBuffer.position(), netReadBuffer.position(), netWriteBuffer.position()); } else { throw new IOException("NOT_HANDSHAKING during handshake"); } }
public static Handshake get(SSLSession session) throws IOException { String cipherSuiteString = session.getCipherSuite(); if (cipherSuiteString == null) throw new IllegalStateException("cipherSuite == null"); if ("SSL_NULL_WITH_NULL_NULL".equals(cipherSuiteString)) { throw new IOException("cipherSuite == SSL_NULL_WITH_NULL_NULL"); } CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString); String tlsVersionString = session.getProtocol(); if (tlsVersionString == null) throw new IllegalStateException("tlsVersion == null"); if ("NONE".equals(tlsVersionString)) throw new IOException("tlsVersion == NONE"); TlsVersion tlsVersion = TlsVersion.forJavaName(tlsVersionString); Certificate[] peerCertificates; try { peerCertificates = session.getPeerCertificates(); } catch (SSLPeerUnverifiedException ignored) { peerCertificates = null; } List<Certificate> peerCertificatesList = peerCertificates != null ? Util.immutableList(peerCertificates) : Collections.emptyList(); Certificate[] localCertificates = session.getLocalCertificates(); List<Certificate> localCertificatesList = localCertificates != null ? Util.immutableList(localCertificates) : Collections.emptyList(); return new Handshake(tlsVersion, cipherSuite, peerCertificatesList, localCertificatesList); }
/** * Notify all the handshake futures about the successfully handshake */ private void setHandshakeSuccess() { handshakePromise.trySuccess(ctx.channel()); if (logger.isDebugEnabled()) { logger.debug("{} HANDSHAKEN: {}", ctx.channel(), engine.getSession().getCipherSuite()); } ctx.fireUserEventTriggered(SslHandshakeCompletionEvent.SUCCESS); if (readDuringHandshake && !ctx.channel().config().isAutoRead()) { readDuringHandshake = false; ctx.read(); } }
sslSession = ((SslHandler) sslHandler).engine().getSession(); if (log.isDebugEnabled()) { log.debug("Verifying HostName for {}, Cipher {}, Protocols {}", hostname, sslSession.getCipherSuite(), sslSession.getProtocol());
public static Handshake get(SSLSession session) { String cipherSuiteString = session.getCipherSuite(); if (cipherSuiteString == null) throw new IllegalStateException("cipherSuite == null"); CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString); String tlsVersionString = session.getProtocol(); if (tlsVersionString == null) throw new IllegalStateException("tlsVersion == null"); TlsVersion tlsVersion = TlsVersion.forJavaName(tlsVersionString); Certificate[] peerCertificates; try { peerCertificates = session.getPeerCertificates(); } catch (SSLPeerUnverifiedException ignored) { peerCertificates = null; } List<Certificate> peerCertificatesList = peerCertificates != null ? Util.immutableList(peerCertificates) : Collections.<Certificate>emptyList(); Certificate[] localCertificates = session.getLocalCertificates(); List<Certificate> localCertificatesList = localCertificates != null ? Util.immutableList(localCertificates) : Collections.<Certificate>emptyList(); return new Handshake(tlsVersion, cipherSuite, peerCertificatesList, localCertificatesList); }
@Override public void userEventTriggered( ChannelHandlerContext ctx, Object evt ) throws Exception { if ( evt instanceof SslHandshakeCompletionEvent ) { SslHandshakeCompletionEvent sslHandshakeEvent = (SslHandshakeCompletionEvent) evt; if ( sslHandshakeEvent.cause() == null ) { SslHandler sslHandler = ctx.pipeline().get( SslHandler.class ); String ciphers = sslHandler.engine().getSession().getCipherSuite(); String protocols = sslHandler.engine().getSession().getProtocol(); ctx.fireUserEventTriggered( new SslHandlerDetailsRegisteredEvent( ciphers, protocols ) ); } } ctx.fireUserEventTriggered( evt ); } }
public static Handshake get(SSLSession session) throws IOException { String cipherSuiteString = session.getCipherSuite(); if (cipherSuiteString == null) throw new IllegalStateException("cipherSuite == null"); if ("SSL_NULL_WITH_NULL_NULL".equals(cipherSuiteString)) { throw new IOException("cipherSuite == SSL_NULL_WITH_NULL_NULL"); } CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString); String tlsVersionString = session.getProtocol(); if (tlsVersionString == null) throw new IllegalStateException("tlsVersion == null"); if ("NONE".equals(tlsVersionString)) throw new IOException("tlsVersion == NONE"); TlsVersion tlsVersion = TlsVersion.forJavaName(tlsVersionString); Certificate[] peerCertificates; try { peerCertificates = session.getPeerCertificates(); } catch (SSLPeerUnverifiedException ignored) { peerCertificates = null; } List<Certificate> peerCertificatesList = peerCertificates != null ? Util.immutableList(peerCertificates) : Collections.emptyList(); Certificate[] localCertificates = session.getLocalCertificates(); List<Certificate> localCertificatesList = localCertificates != null ? Util.immutableList(localCertificates) : Collections.emptyList(); return new Handshake(tlsVersion, cipherSuite, peerCertificatesList, localCertificatesList); }
/** * Notify all the handshake futures about the successfully handshake */ private void setHandshakeSuccess() { handshakePromise.trySuccess(ctx.channel()); if (logger.isDebugEnabled()) { logger.debug("{} HANDSHAKEN: {}", ctx.channel(), engine.getSession().getCipherSuite()); } ctx.fireUserEventTriggered(SslHandshakeCompletionEvent.SUCCESS); if (readDuringHandshake && !ctx.channel().config().isAutoRead()) { readDuringHandshake = false; ctx.read(); } }
private static SSLSession newSslSession() { final SSLSession sslSession = mock(SSLSession.class); when(sslSession.getId()).thenReturn(new byte[] { 1, 1, 2, 3, 5, 8, 13, 21 }); when(sslSession.getProtocol()).thenReturn("TLSv1.2"); when(sslSession.getCipherSuite()).thenReturn("some-cipher"); return sslSession; }
/** * Returns a String representing the Cipher Suite Name, or "NONE". * @return String */ @Override public String getCipherSuiteName() { SocketConnection s = (SocketConnection)getConnection(); if (s != null) { TLSStreamHandler t = s.getTLSStreamHandler(); if (t != null) { SSLSession ssl = t.getSSLSession(); if (ssl != null) { return ssl.getCipherSuite(); } } } return "NONE"; }
private void exportTlsProperties(Map<String, String> out, RequestContext ctx) { final SSLSession s = ctx.sslSession(); if (s != null) { if (builtIns.contains(TLS_SESSION_ID)) { final byte[] id = s.getId(); if (id != null) { out.put(TLS_SESSION_ID.mdcKey, lowerCasedBase16.encode(id)); } } if (builtIns.contains(TLS_CIPHER)) { final String cs = s.getCipherSuite(); if (cs != null) { out.put(TLS_CIPHER.mdcKey, cs); } } if (builtIns.contains(TLS_PROTO)) { final String p = s.getProtocol(); if (p != null) { out.put(TLS_PROTO.mdcKey, p); } } } }
SslHandshakeInfo info = new SslHandshakeInfo(isSSlFromIntermediary, session.getProtocol(), session.getCipherSuite(), clientAuth, serverCert, peerCert); ctx.channel().attr(ATTR_SSL_INFO).set(info);
local_addr, client_sock.getRemoteSocketAddress(), sslSession.getProtocol(), sslSession.getCipherSuite());
private void setHandshakeSuccess(Channel channel) { synchronized (handshakeLock) { handshaking = false; handshaken = true; if (handshakeFuture == null) { handshakeFuture = future(channel); } cancelHandshakeTimeout(); } if (logger.isDebugEnabled()) { logger.debug(channel + " HANDSHAKEN: " + engine.getSession().getCipherSuite()); } handshakeFuture.setSuccess(); }
protected SSLSocket createSocketTo(Address target) throws Exception { SSLContext ctx=getContext(); SSLSocketFactory sslSocketFactory=ctx.getSocketFactory(); IpAddress dest=(IpAddress)down_prot.down(new Event(Event.GET_PHYSICAL_ADDRESS, target)); SSLSocket sock=null; for(int i=0; i < port_range; i++) { try { sock=(SSLSocket)sslSocketFactory.createSocket(dest.getIpAddress(), port+i); sock.setSoTimeout(socket_timeout); sock.setEnabledCipherSuites(sock.getSupportedCipherSuites()); sock.startHandshake(); SSLSession sslSession=sock.getSession(); log.debug("%s: created SSL connection to %s (%s); protocol: %s, cipher suite: %s", local_addr, target, sock.getRemoteSocketAddress(), sslSession.getProtocol(), sslSession.getCipherSuite()); if(session_verifier != null) session_verifier.verify(sslSession); return sock; } catch(SecurityException sec_ex) { throw sec_ex; } catch(Throwable t) { } } throw new IllegalStateException(String.format("failed connecting to %s (port range [%d - %d])", dest.getIpAddress(), port, port+port_range)); }
SslHandshakeInfo info = new SslHandshakeInfo(isSSlFromIntermediary, session.getProtocol(), session.getCipherSuite(), clientAuth, serverCert, peerCert); ctx.channel().attr(ATTR_SSL_INFO).set(info);