All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.feilong.net.SSLProtocol Maven / Gradle / Ivy

Go to download

feilong is a suite of core and expanded libraries that include utility classes, http, excel,cvs, io classes, and much much more.

There is a newer version: 4.3.0
Show newest version
/*
 * Copyright (C) 2008 feilong
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *         http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.feilong.net;

/**
 * SSL协议.
 * 
 * 

历史:

* *
* *

* 互联网加密通信协议的历史,几乎与互联网一样长。 *

* *
    *
  1. 1994年,NetScape公司设计了SSL协议(Secure Sockets Layer)的1.0版,但是未发布。
  2. *
  3. 1995年,NetScape公司发布SSL 2.0版,很快发现有严重漏洞。
  4. *
  5. 1996年,SSL 3.0版问世,得到大规模应用。
  6. *
  7. 1999年,互联网标准化组织ISOC接替NetScape公司,发布了SSL的升级版TLS 1.0版。
  8. *
  9. 2006年和2008年,TLS进行了两次升级,分别为TLS 1.1版和TLS 1.2版。最新的变动是2011年TLS 1.2的修订版。
  10. *
* *

* 目前,应用最广泛的是TLS 1.0,接下来是SSL 3.0。但是,主流浏览器都已经实现了TLS 1.2的支持。 * TLS 1.0通常被标示为SSL 3.1,TLS 1.1为SSL 3.2,TLS 1.2为SSL 3.3。 *

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
协议时间建议说明
SSLv1//实际从未公开发布
SSLv21995弃用IETF已于2011年弃用
SSLv31996弃用IETF已于2015年弃用
TLSv1.01999兼容-
TLSv1.12006兼容-
TLSv1.22008主推目前最新可用版本
TLSv1.3//2016开始草案制定
* *
* * @author feilong * @see SSL/TLS协议运行机制的概述 * @since 1.10.6 */ public final class SSLProtocol{ /** Don't let anyone instantiate this class. */ private SSLProtocol(){ //AssertionError不是必须的. 但它可以避免不小心在类的内部调用构造器. 保证该类在任何情况下都不会被实例化. //see 《Effective Java》 2nd throw new AssertionError("No " + getClass().getName() + " instances for you!"); } //--------------------------------------------------------------- /** * Supports some version of TLS; may support other versions. * *

* SSL(Secure Sockets Layer)是网景公司(Netscape)设计的主要用于Web的安全传输协议。
* * IETF将SSL作了标准化,即RFC2246,并将其称为TLS(Transport Layer Security),其最新版本是RFC5246,版本1.2。
* * 从技术上讲,TLS1.0与SSL3.0的差异非常微小。 *

* */ public static final String TLS = "TLS"; /** Supports RFC 2246: TLS version 1.0 ; may support other versions */ public static final String TLSv1 = "TLSv1"; /** Supports RFC 4346: TLS version 1.1 ; may support other versions */ public static final String TLSv11 = "TLSv1.1"; /** * Supports RFC 5246: TLS version 1.2 ; may support other versions * *

* 由于TLSv1.1容易被黑客攻击,于是很多企业要求站点只提供TLSv1.2协议支持 *

* *

* TLSv1.2的实现中, oracle 从JDK1.7 update96以后的版本才开始支持 *

* *

现代浏览器对TLS 1.2 默认支持的版本如下:

*
*
    *
  1. Firefox: Next 6 months (either version 27 or 28)
  2. *
  3. IE version 11
  4. *
  5. Google Chrome 31
  6. *
  7. Opera 18 on Windows
  8. *
  9. Safari 7.0 on Mac
  10. *
*
* * @see JDK-7093640 * @see * @see 参见TLSv1.2支持的cipher list * @see https站点强制通信协议TLSv1.2 */ public static final String TLSv12 = "TLSv1.2"; //--------------------------------------------------------------- /** Supports some version of SSL; may support other versions. */ public static final String SSL = "SSL"; /** Supports SSL version 2 or later; may support other versions. */ public static final String SSLv2 = "SSLv2"; /** Supports SSL version 3; may support other versions. */ public static final String SSLv3 = "SSLv3"; }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy