/** * A utility method that implements the shared functionality of getServerModeSslFilter and getClientModeSslFilter. * * This method is used to initialize and configure an instance of SslFilter for a particular pre-configured * SSLContext and SSLEngine. In most cases, developers will want to use getServerModeSslFilter or * getClientModeSslFilter instead of this method. * * @param sslContext a pre-configured SSL Context instance (cannot be null). * @param sslEngine a pre-configured SSL Engine instance (cannot be null). * @return A SslFilter instance (never null). */ private static SslFilter createSslFilter( SSLContext sslContext, SSLEngine sslEngine ) { final SslFilter filter = new SslFilter( sslContext ); // Copy configuration from the SSL Engine into the filter. filter.setUseClientMode( sslEngine.getUseClientMode() ); filter.setEnabledProtocols( sslEngine.getEnabledProtocols() ); filter.setEnabledCipherSuites( sslEngine.getEnabledCipherSuites() ); // Note that the setters for 'need' and 'want' influence each-other. Invoke only one of them! if ( sslEngine.getNeedClientAuth() ) { filter.setNeedClientAuth( true ); } else if ( sslEngine.getWantClientAuth() ) { filter.setWantClientAuth( true ); } return filter; }
final KeyStoreFactory keyStoreFactory = new KeyStoreFactory(); keyStoreFactory.setDataFile(keyStore); keyStoreFactory.setPassword(keystorePassword); final KeyStoreFactory trustStoreFactory = new KeyStoreFactory(); trustStoreFactory.setDataFile(trustStore); trustStoreFactory.setPassword(truststorePassword); final SslContextFactory sslContextFactory = new SslContextFactory(); final KeyStore ks = keyStoreFactory.newInstance(); sslContextFactory.setKeyManagerFactoryKeyStore(ks); final KeyStore ts = trustStoreFactory.newInstance(); sslContextFactory.setTrustManagerFactoryKeyStore(ts); sslContextFactory.setKeyManagerFactoryKeyStorePassword(keystorePassword); sslContext = sslContextFactory.newInstance(); log.debug("SSL provider is: {}", sslContext.getProvider()); SslFilter sslFilter = new SslFilter(sslContext); sslFilter.setUseClientMode(useClientMode); sslFilter.setNeedClientAuth(needClientAuth); sslFilter.setWantClientAuth(wantClientAuth); if (cipherSuites != null) { sslFilter.setEnabledCipherSuites(cipherSuites); sslFilter.setEnabledProtocols(protocols);
SslFilter filter = new SslFilter(sslContext); SSLParameters sslParameters = sslContext.getDefaultSSLParameters(); filter.setEnabledProtocols(getFilteredProtocols(sslParameters)); filter.setEnabledCipherSuites(getFilteredCipherSuites(sslParameters)); acceptor.getFilterChain().addFirst("ssl", filter); });
public void setCipherSuites(String[] cipherSuites) { super.setEnabledCipherSuites(cipherSuites); } }
private void initiateHandshake(NextFilter nextFilter, IoSession session) throws SSLException { LOGGER.debug("{} : Starting the first handshake", getSessionInfo(session)); SslHandler sslHandler = getSslSessionHandler(session); try { synchronized (sslHandler) { sslHandler.handshake(nextFilter); } sslHandler.flushScheduledEvents(); } catch (SSLException se) { sslHandler.release(); throw se; } }
private void handleSslData(NextFilter nextFilter, SslHandler sslHandler) throws SSLException { if (LOGGER.isDebugEnabled()) { LOGGER.debug("{}: Processing the SSL Data ", getSessionInfo(sslHandler.getSession())); } // Flush any buffered write requests occurred before handshaking. if (sslHandler.isHandshakeComplete()) { sslHandler.flushPreHandshakeEvents(); } // Write encrypted data to be written (if any) sslHandler.writeNetBuffer(nextFilter); // handle app. data read (if any) handleAppDataRead(nextFilter, sslHandler); }
private void handleSslData(NextFilter nextFilter, SslHandler handler) throws SSLException { // Flush any buffered write requests occurred before handshaking. if (handler.isHandshakeComplete()) { handler.flushPreHandshakeEvents(); } // Write encrypted data to be written (if any) handler.writeNetBuffer(nextFilter); // handle app. data read (if any) handleAppDataRead(nextFilter, handler); }
private void initiateHandshake(NextFilter nextFilter, IoSession session) throws SSLException { SslHandler handler = getSslSessionHandler(session); synchronized (handler) { handler.handshake(nextFilter); } handler.flushScheduledEvents(); }
@Override public void sessionClosed(NextFilter nextFilter, IoSession session) throws SSLException { SslHandler sslHandler = getSslSessionHandler(session); try { synchronized (sslHandler) { // release resources sslHandler.destroy(); } } finally { // notify closed session nextFilter.sessionClosed(session); } }
/** * Check if there is any need to complete handshake. */ /* no qualifier */boolean needToCompleteHandshake() { return handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP && !isInboundDone(); }
/** * Creates a new BogusTrustManagerFactory instance */ public BogusTrustManagerFactory() { super(new BogusTrustManagerFactorySpi(), new Provider("MinaBogus", 1.0, "") { private static final long serialVersionUID = -4024169055312053827L; }, "MinaBogus"); }
/** * Constuctor. * * @param sslc * @throws SSLException */ public SslHandler(SslFilter parent, SSLContext sslContext, IoSession session) throws SSLException { this.parent = parent; this.session = session; this.sslContext = sslContext; init(); }
public void setCipherSuites(String[] cipherSuites) { super.setEnabledCipherSuites(cipherSuites); } }
private void initiateHandshake(NextFilter nextFilter, IoSession session) throws SSLException { LOGGER.debug("{} : Starting the first handshake", getSessionInfo(session)); SslHandler sslHandler = getSslSessionHandler(session); try { synchronized (sslHandler) { sslHandler.handshake(nextFilter); } sslHandler.flushScheduledEvents(); } catch (SSLException se) { sslHandler.release(); throw se; } }
@Override public void sessionClosed(NextFilter nextFilter, IoSession session) throws SSLException { SslHandler sslHandler = getSslSessionHandler(session); try { synchronized (sslHandler) { // release resources sslHandler.destroy(); } } finally { // notify closed session nextFilter.sessionClosed(session); } }
/** * Check if there is any need to complete handshake. */ public boolean needToCompleteHandshake() { return handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP && !isInboundDone(); }
/** * Creates a new BogusTrustManagerFactory instance */ public BogusTrustManagerFactory() { super(new BogusTrustManagerFactorySpi(), new Provider("MinaBogus", 1.0, "") { private static final long serialVersionUID = -4024169055312053827L; }, "MinaBogus"); }
public void setCipherSuites(String[] cipherSuites) { super.setEnabledCipherSuites(cipherSuites); } }
/** * Check if there is any need to complete handshake. */ /* no qualifier */boolean needToCompleteHandshake() { return handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP && !isInboundDone(); }
public BogusTrustManagerFactory() { super(new BogusTrustManagerFactorySpi(), new Provider("MinaBogus", 1.0, "") { private static final long serialVersionUID = -4024169055312053827L; }, "MinaBogus"); }