Monday, February 19, 2018
What’s new in Java 10: Episode 2
What’s new in Java 10: Episode 2: Since Java 10 is coming, it's time to have a look at the list of main updates targeted to Java 10. Here is a digest of the main features which are planned to be delivered in Java 10. Enjoy!
Monday, February 12, 2018
What’s new in Java 10: Episode 1
Since Java 10 is coming, it's time to have a look at the JEPs (Java Enhancement Proposal) targeted to Java 10. Here is a digest of the main features which are planned to be delivered in Java 10. Enjoy!
What’s new in Java 10: Episode 1
What’s new in Java 10: Episode 1
Saturday, September 30, 2017
Session tickets in TLS and possible security flaws
Here is an interesting post about session tickets in TLS 1.2 and possible security flaws. The author describes how session resumption works in TLS 1.2, and then discuss three possible flaws in this mechanism. He also mentions how the issues are going to be addressed in TLS 1.3
Enjoy!
WE NEED TO TALK ABOUT SESSION TICKETS
Thursday, September 14, 2017
Diffie-Hellman key exchange in Java
Diffie-Hellman key exchange is a method allows two parties that have no prior knowledge of each other to exchange a shared secret over a public (insecure) channel. This shared secret can then be used to derive a key for a symmetric cipher like AES (from high-level prospective, that's what happens when establishing a TLS connection).
Java supports Diffie-Hellman scheme via KeyAgreement class. Here is an example how Diffie-Hellman key exchange can be implemented with Java.
Monday, September 11, 2017
How to parse command line arguments in Java
Sometimes we need a simple parser of command line options. Here is a simple example how such a parser can be implemented in Java:
Wednesday, August 9, 2017
Starting TLS 1.3 server with OpenSSL
At the moment TLSv13 specification is still a draft. But OpenSSL already supports TLSv13. According to this blog post, OpenSSL git master branch contains our development TLS 1.3 code which can be used for testing purposes.
Here are steps how to build OpenSSL with TLS 1.3, and run a local server for testing.
Here are steps how to build OpenSSL with TLS 1.3, and run a local server for testing.
Thursday, March 23, 2017
Getting a caller's class and method names in Java
Sometimes a method needs to know which class and method called this method. For example, it can be helpful in a logger. A logger can print information about caller like this:
[SomeClass, main]: main() started [AnotherClass, method]: hello [SomeClass, main]: main() finishedThere is a couple of ways how we can get information about caller in Java. First of all, Java has an internal `sun.reflect.Reflection.getCallerClass(int)` method, but it might not be good to use classes in `sun` package because they can be changed/removed/updated in any new Java release. Another thing is that you'll need a permission to access `sun` package if you run your application with a security manager (is anybody doing this?). Let's try to use public API.
Subscribe to:
Posts (Atom)