All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.bouncycastle.tls.SessionParameters Maven / Gradle / Ivy

There is a newer version: 1.0.7
Show newest version
package org.bouncycastle.tls;

import org.bouncycastle.tls.crypto.TlsSecret;
import org.bouncycastle.util.Arrays;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Map;

public final class SessionParameters
{
    public static final class Builder
    {
        private int cipherSuite = -1;
        private Certificate localCertificate = null;
        private TlsSecret masterSecret = null;
        private ProtocolVersion negotiatedVersion;
        private Certificate peerCertificate = null;
        private byte[] pskIdentity = null;
        private byte[] srpIdentity = null;
        private byte[] encodedServerExtensions = null;
        private boolean extendedMasterSecret = false;

        public Builder()
        {
        }

        public SessionParameters build()
        {
            validate(this.cipherSuite >= 0, "cipherSuite");
            validate(this.masterSecret != null, "masterSecret");
            return new SessionParameters(cipherSuite, localCertificate, masterSecret, negotiatedVersion,
                peerCertificate, pskIdentity, srpIdentity, encodedServerExtensions, extendedMasterSecret);
        }

        public Builder setCipherSuite(int cipherSuite)
        {
            this.cipherSuite = cipherSuite;
            return this;
        }

        public Builder setExtendedMasterSecret(boolean extendedMasterSecret)
        {
            this.extendedMasterSecret = extendedMasterSecret;
            return this;
        }

        public Builder setLocalCertificate(Certificate localCertificate)
        {
            this.localCertificate = localCertificate;
            return this;
        }

        public Builder setMasterSecret(TlsSecret masterSecret)
        {
            this.masterSecret = masterSecret;
            return this;
        }

        public Builder setNegotiatedVersion(ProtocolVersion negotiatedVersion)
        {
            this.negotiatedVersion = negotiatedVersion;
            return this;
        }

        public Builder setPeerCertificate(Certificate peerCertificate)
        {
            this.peerCertificate = peerCertificate;
            return this;
        }

        public Builder setPSKIdentity(byte[] pskIdentity)
        {
            this.pskIdentity = pskIdentity;
            return this;
        }

        public Builder setSRPIdentity(byte[] srpIdentity)
        {
            this.srpIdentity = srpIdentity;
            return this;
        }

        public Builder setServerExtensions(Map serverExtensions) throws IOException
        {
            if (serverExtensions == null || serverExtensions.isEmpty())
            {
                encodedServerExtensions = null;
            }
            else
            {
                ByteArrayOutputStream buf = new ByteArrayOutputStream();
                TlsProtocol.writeExtensions(buf, serverExtensions);
                encodedServerExtensions = buf.toByteArray();
            }
            return this;
        }

        private void validate(boolean condition, String parameter)
        {
            if (!condition)
            {
                throw new IllegalStateException("Required session parameter '" + parameter + "' not configured");
            }
        }
    }

    private int cipherSuite;
    private Certificate localCertificate;
    private TlsSecret masterSecret;
    private ProtocolVersion negotiatedVersion;
    private Certificate peerCertificate;
    private byte[] pskIdentity = null;
    private byte[] srpIdentity = null;
    private byte[] encodedServerExtensions;
    private boolean extendedMasterSecret;

    private SessionParameters(int cipherSuite, Certificate localCertificate, TlsSecret masterSecret,
        ProtocolVersion negotiatedVersion, Certificate peerCertificate, byte[] pskIdentity, byte[] srpIdentity,
        byte[] encodedServerExtensions, boolean extendedMasterSecret)
    {
        this.cipherSuite = cipherSuite;
        this.localCertificate = localCertificate;
        this.masterSecret = masterSecret;
        this.negotiatedVersion = negotiatedVersion;
        this.peerCertificate = peerCertificate;
        this.pskIdentity = Arrays.clone(pskIdentity);
        this.srpIdentity = Arrays.clone(srpIdentity);
        this.encodedServerExtensions = encodedServerExtensions;
        this.extendedMasterSecret = extendedMasterSecret;
    }

    public void clear()
    {
        if (this.masterSecret != null)
        {
            this.masterSecret.destroy();
        }
    }

    public SessionParameters copy()
    {
        return new SessionParameters(cipherSuite, localCertificate, masterSecret, negotiatedVersion, peerCertificate,
            pskIdentity, srpIdentity, encodedServerExtensions, extendedMasterSecret);
    }

    public int getCipherSuite()
    {
        return cipherSuite;
    }

    public Certificate getLocalCertificate()
    {
        return localCertificate;
    }

    public TlsSecret getMasterSecret()
    {
        return masterSecret;
    }

    public ProtocolVersion getNegotiatedVersion()
    {
        return negotiatedVersion;
    }

    public Certificate getPeerCertificate()
    {
        return peerCertificate;
    }

    public byte[] getPSKIdentity()
    {
        return pskIdentity;
    }

    public byte[] getSRPIdentity()
    {
        return srpIdentity;
    }

    public boolean isExtendedMasterSecret()
    {
        return extendedMasterSecret;
    }

    public Map readServerExtensions() throws IOException
    {
        if (encodedServerExtensions == null)
        {
            return null;
        }

        ByteArrayInputStream buf = new ByteArrayInputStream(encodedServerExtensions);
        return TlsProtocol.readExtensions(buf);
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy