SSLSocket Sınıfı - İstemci Tarafında Kullanılır

Giriş

Açıklaması şöyle

SSLSocket is an extension of Socket that adds a layer of security protections over the underlying network transport protocol, such as TCP and UDP, and provides the benefits of SSL and TLS.

Kullanım

Örnek

Şöyle yaparız

String[] protocols = new String[]{"TLSv1.3"};
String[] cipher_suites = new String[]{"TLS_AES_128_GCM_SHA256"};

SSLSocket socket = null;
PrintWriter out = null;
BufferedReader in = null;
try {
  // Step : 1
  SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
  // Step : 2
  socket = (SSLSocket) factory.createSocket("google.com", 443);
  // Step : 3
  socket.setEnabledProtocols(protocols);
  socket.setEnabledCipherSuites(cipher_suites); 
  // Step : 4 {optional}
  socket.startHandshake(); 
  // Step : 5
  out = new PrintWriter(
    new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())));
  out.println("GET / HTTP/1.0");
  out.println();
  out.flush();
  if (out.checkError()) {
    System.out.println("SSLSocketClient:  java.io.PrintWriter error");
  }
            
  // Step : 6
  in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
 
  String inputLine;
  while ((inputLine = in.readLine()) != null) {
    System.out.println(inputLine);
  }
} catch (Exception e) {
  ...
} finally {
  if (socket != null) {socket.close();}
  if (out != null) {out.close();}
  if (in != null) {in.close();}
}

constructor - istemci
SSLSocketFactory sınıfının overload edilmiş createSocket metodlarından bir tanesi çağrılarak yaratılır. Şöyle yaparız.

SocketFactory sf = ...;
SSLSocket socket = (SSLSocket) sf.createSocket("gmail.com", 443);

constructor - sunucu
Şöyle yaparız.

SSLServerSocket sslServerSocket = ...;
SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

close metodu
Şöyle yaparız.

socket.close();

getSession metodu
Şöyle yaparız.

SSLSession sslSession = socket.getSession();

setEnabledCipherSuites metodu
Açıklaması şöyle

You are enabling all the anonymous and low-grade cipher suites, so you are allowing the server not to send a certificate, so it doesn't send one, so it doesn't give you one in

Şöyle yaparız.

String cipherSuites[] ={
  "TLS_RSA_WITH_AES_128_CBC_SHA256"
  ,"TLS_RSA_WITH_AES_128_CBC_SHA"
  ,"TLS_RSA_WITH_AES_256_CBC_SHA"
  ,"TLS_RSA_WITH_AES_256_CBC_SHA256"              
  ...
}; 

socket.setEnabledCipherSuites(cipherSuites);

Şöyle yaparız.

sslSocket.setEnabledCipherSuites(sslSocket.getSupportedCipherSuites());

setEnabledProtocols metodu
Şöyle yaparız.

String tlsVersions[] = ...;
socket.setEnabledProtocols(tlsVersions);

startHandshake metodu
Şöyle yaparız.

sslSocket.startHandshake();