Java密码套件 [英] Java cipher suites
问题描述
我正在尝试使用SSLSocketFactory.getSupportedCipherSuites()来确定返回密码套件的顺序 - 它似乎在Java 1.6& Java 1.7。
I'm trying to work out the order that cipher suites are returned using SSLSocketFactory.getSupportedCipherSuites() - it seems to differ between Java 1.6 & Java 1.7.
我认为这很容易确定,但遇到了一些问题。首先,这里是我正在使用的代码:
I thought this would be easy to determine but have run into a few problems. First, though, here is the code I'm using:
SSLContext context = SSLContext.getDefault();
SSLSocketFactory sf = context.getSocketFactory();
String[] cipherSuites = sf.getSupportedCipherSuites();
非常直接(如果我做了些蠢事,请纠正我)。
所以,我认为(使用eclipse)我可以进入getSupportedCipherSuites()方法,但似乎源代码不是那样做的(这有什么原因吗?)。我在jsse.jar中找到了这个类,并使用 JD-Eclipse 。
然而,这给了我一个抽象类,我无法看到抽象类的具体实现(我发现可以使用属性ssl.SocketFactory.provider设置类,但是这个尚未在java.security中指定)。
我也无法确定如何使用javax.net.debug属性打开登录(这会消失为本机方法)。
Pretty straight forward (do correct me if I've done something stupid). So, I thought (using eclipse) that I'd be able to step into the getSupportedCipherSuites() method, but it seems the source code isn't there to do that (is there a reason for that?). I found the class in jsse.jar and decompiled it using JD-Eclipse. This however gives me an abstract class and I've not been able to see the concrete implementation of the abstract class (I've discovered that the class can be set using a property "ssl.SocketFactory.provider" but this hasn't been specified in java.security). I've also not been able to determine how to turn logging on using the "javax.net.debug" property (this disappears into a native method).
有人可以指出我哪里出错吗?
Could someone point out where I'm going wrong?
推荐答案
支持(和启用)的密码套件列表可用在SunJSSE提供程序文档中:对于 Java 6 和 Java 7 。列表顺序确实不同。
The list of supported (and enabled) cipher suites are available in the SunJSSE provider documentation: for Java 6 and for Java 7. The list order differ indeed.
我必须承认我从未真正关注支持的密码套件列表中的订单。重要的是*启用的密码套件列表。
I must admit I have never really paid attention to the order in the supported cipher suite list. The one that matters is the *enabled" cipher suites list.
如果您对代码本身感兴趣,您应该在 sun.security.ssl.SSLContextImpl 和 sun。 security.ssl.CipherSuite 。请注意,这些类是Sun JSSE实现的一部分,而不是公共Java API的一部分。
If you're interested in the code itself, you should find it in sun.security.ssl.SSLContextImpl and sun.security.ssl.CipherSuite. Note that these classes are part of the Sun JSSE implementation and not part of the public Java API.
关于调试,你可以在 JSSE参考指南的调试部分。
这篇关于Java密码套件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
