Another small test program. When run on the openjdk-6 PPA test package, it only sends a TLSv1.0 ClientHello. Compare what happens when you change the USE_DEFAULT constant to 'true':
*** ClientHello, TLSv1 RandomCookie: GMT: 1423929043 bytes = { 49, 232, 48, 176, 78, 19, 219, 62, 52, 29, 6, 29, 92, 141, 52, 166, 153, 216, 227, 36, 39, 184, 186, 184, 153, 115, 228, 168 } Session ID: {} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1} Extension ec_point_formats, formats: [uncompressed] ***
--- cut here --- import javax.net.SocketFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocketFactory; import java.net.Socket; import java.nio.charset.Charset;
/** * TLSSimple */ public class TLSSimple { private static final boolean USE_DEFAULT = false;
public static void main( String[] args ) { System.setProperty( "javax.net.debug", "all" );
try { Socket socket = null; try { SocketFactory socketFactory; if ( USE_DEFAULT ) { socketFactory = SSLSocketFactory.getDefault(); } else { SSLContext context = SSLContext.getInstance( "TLS" ); context.init( null, null, null ); socketFactory = context.getSocketFactory(); } socket = socketFactory.createSocket( "www.google.com", 443 ); socket.getOutputStream().write( "GET / HTTP/1.0\n\n".getBytes( Charset.forName( "ISO-8859-1" ) ) ); byte[] buf = new byte[ 80 ]; int len = socket.getInputStream().read( buf ); if ( len > 0 ) { System.out.println( "Success. First " + len + " bytes of response:" ); System.out.write( buf, 0, len ); } System.out.println( "..." ); } finally { if ( socket != null ) { socket.close(); } } } catch ( Exception e ) { System.err.println( e.toString() ); System.exit( 1 ); } } }
Another small test program. When run on the openjdk-6 PPA test package, it only sends a TLSv1.0 ClientHello. Compare what happens when you change the USE_DEFAULT constant to 'true':
*** ClientHello, TLSv1 ECDSA_WITH_ AES_256_ CBC_SHA, TLS_ECDHE_ RSA_WITH_ AES_256_ CBC_SHA, TLS_RSA_ WITH_AES_ 256_CBC_ SHA, TLS_ECDH_ ECDSA_WITH_ AES_256_ CBC_SHA, TLS_ECDH_ RSA_WITH_ AES_256_ CBC_SHA, TLS_DHE_ RSA_WITH_ AES_256_ CBC_SHA, TLS_DHE_ DSS_WITH_ AES_256_ CBC_SHA, TLS_ECDHE_ ECDSA_WITH_ AES_128_ CBC_SHA, TLS_ECDHE_ RSA_WITH_ AES_128_ CBC_SHA, TLS_RSA_ WITH_AES_ 128_CBC_ SHA, TLS_ECDH_ ECDSA_WITH_ AES_128_ CBC_SHA, TLS_ECDH_ RSA_WITH_ AES_128_ CBC_SHA, TLS_DHE_ RSA_WITH_ AES_128_ CBC_SHA, TLS_DHE_ DSS_WITH_ AES_128_ CBC_SHA, TLS_ECDHE_ ECDSA_WITH_ 3DES_EDE_ CBC_SHA, TLS_ECDHE_ RSA_WITH_ 3DES_EDE_ CBC_SHA, SSL_RSA_ WITH_3DES_ EDE_CBC_ SHA, TLS_ECDH_ ECDSA_WITH_ 3DES_EDE_ CBC_SHA, TLS_ECDH_ RSA_WITH_ 3DES_EDE_ CBC_SHA, SSL_DHE_ RSA_WITH_ 3DES_EDE_ CBC_SHA, SSL_DHE_ DSS_WITH_ 3DES_EDE_ CBC_SHA, TLS_EMPTY_ RENEGOTIATION_ INFO_SCSV]
RandomCookie: GMT: 1423929043 bytes = { 49, 232, 48, 176, 78, 19, 219, 62, 52, 29, 6, 29, 92, 141, 52, 166, 153, 216, 227, 36, 39, 184, 186, 184, 153, 115, 228, 168 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
***
--- cut here --- SocketFactory; ssl.SSLContext; ssl.SSLSocketFa ctory; charset. Charset;
import javax.net.
import javax.net.
import javax.net.
import java.net.Socket;
import java.nio.
/**
* TLSSimple
*/
public class TLSSimple
{
private static final boolean USE_DEFAULT = false;
public static void main( String[] args ) setProperty( "javax.net.debug", "all" );
{
System.
try
SocketFactory socketFactory;
socketFactor y = SSLSocketFactor y.getDefault( );
SSLContext context = SSLContext. getInstance( "TLS" );
context. init( null, null, null );
socketFactor y = context. getSocketFactor y(); createSocket( "www.google.com", 443 );
socket. getOutputStream ().write( "GET / HTTP/1. 0\n\n". getBytes( Charset.forName( "ISO-8859-1" ) ) ); getInputStream( ).read( buf );
System. out.println( "Success. First " + len + " bytes of response:" );
System. out.write( buf, 0, len );
System. out.println( "..." );
socket. close() ; err.println( e.toString() );
{
Socket socket = null;
try
{
if ( USE_DEFAULT )
{
}
else
{
}
socket = socketFactory.
byte[] buf = new byte[ 80 ];
int len = socket.
if ( len > 0 )
{
}
}
finally
{
if ( socket != null )
{
}
}
}
catch ( Exception e )
{
System.
System.exit( 1 );
}
}
}