Created
August 21, 2014 06:07
-
-
Save uemuraj/49ef16c5d15d73a28169 to your computer and use it in GitHub Desktop.
サーバとして使用可能な SSL 接続パラメータを出力します。
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.io.IOException; | |
import java.security.GeneralSecurityException; | |
import java.security.Provider; | |
import java.security.Provider.Service; | |
import java.security.SecureRandom; | |
import java.security.Security; | |
import javax.net.ssl.KeyManager; | |
import javax.net.ssl.SSLContext; | |
import javax.net.ssl.SSLServerSocket; | |
import javax.net.ssl.SSLServerSocketFactory; | |
import javax.net.ssl.TrustManager; | |
/** | |
* サーバとして使用可能な SSL 接続パラメータを出力します。 | |
*/ | |
public class SSLServerSocketSupports { | |
public static void main(String[] args) throws Exception { | |
System.out.println("=== Default Context ==="); | |
pint(SSLContext.getDefault()); | |
// プロトコルの標準名、以下の URL を参照 | |
// http://docs.oracle.com/javase/jp/6/technotes/guides/security/StandardNames.html#SSLContext | |
// http://docs.oracle.com/javase/jp/7/technotes/guides/security/StandardNames.html#SSLContext | |
// http://docs.oracle.com/javase/jp/8/technotes/guides/security/StandardNames.html#SSLContext | |
String[] protocols = { "SSL", "SSLv2", "SSLv3", "TLS", "TLSv1", "TLSv1.1", "TLSv1.2" }; | |
for (String protocol : protocols) { | |
for (Provider provider : Security.getProviders()) { | |
if (!hasServiceType(provider, "SSLContext")) { | |
continue; | |
} | |
System.out.printf("%n=== SSLContext '%s' by '%s' ===%n", protocol, provider); | |
try { | |
SSLContext context = SSLContext.getInstance(protocol, provider); | |
init(context); | |
pint(context); | |
} catch (GeneralSecurityException e) { | |
System.out.printf(" %s%n", e.getLocalizedMessage()); | |
} | |
} | |
} | |
} | |
private static boolean hasServiceType(Provider provider, String type) { | |
for (Service service : provider.getServices()) { | |
if (type.equalsIgnoreCase(service.getType())) { | |
return true; | |
} | |
} | |
return false; | |
} | |
private static void init(SSLContext context) throws Exception { | |
// デフォルトコンテキストでなければ、それぞれ初期化が必要です | |
context.init(getKeyManagers(), getTrustManagers(), getSecureRandom()); | |
} | |
private static void pint(SSLContext context) throws IOException { | |
// サーバソケットがサポートするプロトコルと暗号を出力します | |
// http://docs.oracle.com/javase/jp/6/technotes/guides/security/StandardNames.html#jssenames | |
// http://docs.oracle.com/javase/jp/7/technotes/guides/security/StandardNames.html#jssenames | |
// http://docs.oracle.com/javase/jp/8/technotes/guides/security/StandardNames.html#jssenames | |
SSLServerSocketFactory factory = context.getServerSocketFactory(); | |
SSLServerSocket socket = (SSLServerSocket) factory.createServerSocket(); | |
try { | |
System.out.println("--- Supported Protocols ---"); | |
for (String protocol : socket.getSupportedProtocols()) { | |
System.out.printf(" %s,%n", protocol); | |
} | |
System.out.println("--- Supported Cipher Suites ---"); | |
for (String suite : socket.getSupportedCipherSuites()) { | |
System.out.printf(" %s,%n", suite); | |
} | |
} finally { | |
socket.close(); | |
} | |
} | |
private static KeyManager[] getKeyManagers() throws Exception { | |
// このツールのオプションで構成できる様にするべき( null でも適当に初期化されます) | |
return null; | |
} | |
private static TrustManager[] getTrustManagers() throws Exception { | |
// このツールのオプションで構成できる様にするべき( null でも適当に初期化されます) | |
return null; | |
} | |
private static SecureRandom getSecureRandom() throws Exception { | |
// このツールのオプションで構成できる様にするべき( null でも適当に初期化されます) | |
return null; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment