Java密码套件 [英] Java cipher suites
问题描述
我正在尝试使用SSLSocketFactory.getSupportedCipherSuites()来确定返回密码套件的顺序 - 它似乎在Java 1.6& Java 1.7。
I'm trying to work out the order that cipher suites are returned using SSLSocketFactory.getSupportedCipherSuites() - it seems to differ between Java 1.6 & Java 1.7.
我认为这很容易确定,但遇到了一些问题。首先,这里是我正在使用的代码:
I thought this would be easy to determine but have run into a few problems. First, though, here is the code I'm using:
SSLContext context = SSLContext.getDefault();
SSLSocketFactory sf = context.getSocketFactory();
String[] cipherSuites = sf.getSupportedCipherSuites();
非常直接(如果我做了些蠢事,请纠正我)。
所以,我认为(使用eclipse)我可以进入getSupportedCipherSuites()方法,但似乎源代码不是那样做的(这有什么原因吗?)。我在jsse.jar中找到了这个类,并使用 JD-Eclipse 一>。
然而,这给了我一个抽象类,我无法看到抽象类的具体实现(我发现可以使用属性ssl.SocketFactory.provider设置类,但是这个尚未在java.security中指定)。
我也无法确定如何使用javax.net.debug属性打开登录(这会消失为本机方法)。
Pretty straight forward (do correct me if I've done something stupid). So, I thought (using eclipse) that I'd be able to step into the getSupportedCipherSuites() method, but it seems the source code isn't there to do that (is there a reason for that?). I found the class in jsse.jar and decompiled it using JD-Eclipse. This however gives me an abstract class and I've not been able to see the concrete implementation of the abstract class (I've discovered that the class can be set using a property "ssl.SocketFactory.provider" but this hasn't been specified in java.security). I've also not been able to determine how to turn logging on using the "javax.net.debug" property (this disappears into a native method).
有人可以指出我哪里出错吗?
Could someone point out where I'm going wrong?
推荐答案
支持(和启用)的密码套件列表可用在SunJSSE提供程序文档中:对于 Java 6 和 Java 7 。列表顺序确实不同。
The list of supported (and enabled) cipher suites are available in the SunJSSE provider documentation: for Java 6 and for Java 7. The list order differ indeed.
我必须承认我从未真正关注支持的密码套件列表中的订单。重要的是*启用的密码套件列表。
I must admit I have never really paid attention to the order in the supported cipher suite list. The one that matters is the *enabled" cipher suites list.
如果您对代码本身感兴趣,您应该在 sun.security.ssl.SSLContextImpl
和 sun。 security.ssl.CipherSuite
。请注意,这些类是Sun JSSE实现的一部分,而不是公共Java API的一部分。
If you're interested in the code itself, you should find it in sun.security.ssl.SSLContextImpl
and sun.security.ssl.CipherSuite
. Note that these classes are part of the Sun JSSE implementation and not part of the public Java API.
关于调试,你可以在 JSSE参考指南的调试部分。
这篇关于Java密码套件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!