Castle编辑Java中的加密套件列表

Castle编辑Java中的加密套件列表

本文介绍了如何使用Bouncy Castle编辑Java中的加密套件列表的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

以下代码列出了Java SE 8支持的密码套件:

The following code lists the supported cipher suites by Java SE 8:

import java.io.IOException;
import java.net.UnknownHostException;
import java.util.Arrays;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
public class ListCiphers {

    public static void main(String[] args) throws UnknownHostException, IOException
    {
        SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory();
        String[] cipherSuites = factory.getSupportedCipherSuites();
        System.out.println(Arrays.toString(cipherSuites));

    } //end main
}

使SSL客户端配置了一些特定的密码套件列表。我想使用的密码套件是标准化的,但是Jva SE 8不支持。例如,此密码列在firefox中:

I want to make SSL client which is configured with some specific list of cipher suites. The cipher suites I want to use are standardized but not supported by Jva SE 8. For example, this cipher is listed in firefox:

ECDHE_ECDSA_WITH_AES_256_SHA

请帮助我以任何方式编辑我的密码套件列表SSL客户端。 Bouncy城​​堡在这帮助吗?怎么样?请,一步一步给我清楚。此外,如果你knwo我想要的可以通过使用另一种语言,如python,也请帮助我实现。

Please, help me with any way that allows me to edit the list of cipher suite in my SSL client. Does Bouncy Castle help in this? How? Please, give me clear step by step. Also if you knwo what I want can be achieved by using another language such as python, also please help me.

推荐答案

请参阅。它是一个替代Java的

See Which Cipher Suites to enable for SSL Socket? and use SSLSocketFactoryEx. Its a drop-in replacement for Java's SSLSocketFactory

如果你不想使用 SSLSocketFactoryEx ,那么翻译代码找到密码套件。

If you don't want to use SSLSocketFactoryEx, then rip the code to find the intersection of cipher suites.

它控制协议和密码套件。没有意外的惊喜,例如从 SSLSocketFactory.getInstance(TLS);

It controls both protocols and cipher suites. There are no unexpected surprises, like getting a SSLv3 socket back from SSLSocketFactory.getInstance("TLS");.

没有什么是可配置的,所以用户不能在脚射击自己。它也准备好TLS 1.3

Nothing is configurable, so the user cannot shoot themselves in the foot. It's also ready for TLS 1.3

这篇关于如何使用Bouncy Castle编辑Java中的加密套件列表的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-24 14:14