sslProperties.getClientAuth().filter(auth-> auth.toLowerCase().equals("need")) .ifPresent(auth->sslConf.setNeedClientAuth(true)); Maybe.fromOptional(sslProperties.getCiphers()).peek(ciphers->sslConf.setEnabledCipherSuites(ciphers.split(","))) .forEach(c-> sslConf.setCipherConfigured(true)); Maybe.fromOptional(sslProperties.getProtocol()).peek(pr->sslConf.setEnabledProtocols(pr.split(",")))
void startTLS(final SSLContext sslContext, final List<String> protocols, final List<String> cipherSuites, final CompletionHandler<SSLEngine> completionHandler) throws IOException { synchronized (stateLock) { if (isTLSEnabled()) { throw new IllegalStateException("TLS already enabled"); } final SSLEngineConfigurator sslEngineConfigurator = new SSLEngineConfigurator(sslContext, true, false, false); sslEngineConfigurator.setEnabledProtocols(protocols.isEmpty() ? null : protocols .toArray(new String[protocols.size()])); sslEngineConfigurator.setEnabledCipherSuites(cipherSuites.isEmpty() ? null : cipherSuites.toArray(new String[cipherSuites.size()])); final SSLFilter sslFilter = new SSLFilter(DUMMY_SSL_ENGINE_CONFIGURATOR, sslEngineConfigurator); installFilter(sslFilter); sslFilter.handshake(connection, completionHandler); } }
@Override public void enableTLS(final SSLContext sslContext, final String[] protocols, final String[] suites, final boolean wantClientAuth, final boolean needClientAuth) { Validator.ensureNotNull(sslContext); synchronized (this) { if (isTLSEnabled()) { throw new IllegalStateException("TLS already enabled"); } final SSLEngineConfigurator sslEngineConfigurator = new SSLEngineConfigurator(sslContext, false, false, false); sslEngineConfigurator.setEnabledCipherSuites(suites); sslEngineConfigurator.setEnabledProtocols(protocols); sslEngineConfigurator.setWantClientAuth(wantClientAuth); sslEngineConfigurator.setNeedClientAuth(needClientAuth); installFilter(new SSLFilter(sslEngineConfigurator, DUMMY_SSL_ENGINE_CONFIGURATOR)); } }
sslProperties.getClientAuth().filter(auth-> auth.toLowerCase().equals("need")) .ifPresent(auth->sslConf.setNeedClientAuth(true)); Maybe.fromOptional(sslProperties.getCiphers()).peek(ciphers->sslConf.setEnabledCipherSuites(ciphers.split(","))) .forEach(c-> sslConf.setCipherConfigured(true)); Maybe.fromOptional(sslProperties.getProtocol()).peek(pr->sslConf.setEnabledProtocols(pr.split(",")))
sslProperties.getClientAuth().filter(auth-> auth.toLowerCase().equals("need")) .ifPresent(auth->sslConf.setNeedClientAuth(true)); Maybe.fromOptional(sslProperties.getCiphers()).peek(ciphers->sslConf.setEnabledCipherSuites(ciphers.split(","))) .forEach(c-> sslConf.setCipherConfigured(true)); Maybe.fromOptional(sslProperties.getProtocol()).peek(pr->sslConf.setEnabledProtocols(pr.split(",")))
sslEngineConfigurator.setNeedClientAuth(true); sslEngineConfigurator.setWantClientAuth(true); sslEngineConfigurator.setEnabledCipherSuites(new String[]{"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA"}); sslEngineConfigurator.setClientMode(false); NetworkListener listener = new NetworkListener("grizzly_ssl", uri.getHost(), 8443);
private SSLFilter createSslFilter(final TlsContextFactory tlsContextFactory) { try { boolean clientAuth = tlsContextFactory.isTrustStoreConfigured(); final SSLEngineConfigurator serverConfig = new SSLEngineConfigurator(tlsContextFactory.createSslContext(), false, clientAuth, false); final String[] enabledProtocols = tlsContextFactory.getEnabledProtocols(); if (enabledProtocols != null) { serverConfig.setEnabledProtocols(enabledProtocols); } final String[] enabledCipherSuites = tlsContextFactory.getEnabledCipherSuites(); if (enabledCipherSuites != null) { serverConfig.setEnabledCipherSuites(enabledCipherSuites); } final SSLEngineConfigurator clientConfig = serverConfig.copy().setClientMode(true); return new MuleSslFilter(serverConfig, clientConfig); } catch (Exception e) { throw new MuleRuntimeException(e); } }
private SSLFilter createSslFilter(final TlsContextFactory tlsContextFactory) { try { boolean clientAuth = tlsContextFactory.isTrustStoreConfigured(); final SSLEngineConfigurator serverConfig = new SSLEngineConfigurator(tlsContextFactory.createSslContext(), false, clientAuth, false); final String[] enabledProtocols = tlsContextFactory.getEnabledProtocols(); if (enabledProtocols != null) { serverConfig.setEnabledProtocols(enabledProtocols); } final String[] enabledCipherSuites = tlsContextFactory.getEnabledCipherSuites(); if (enabledCipherSuites != null) { serverConfig.setEnabledCipherSuites(enabledCipherSuites); } final SSLEngineConfigurator clientConfig = serverConfig.copy().setClientMode(true); return new MuleSslFilter(serverConfig, clientConfig); } catch (Exception e) { throw new MuleRuntimeException(e); } }