org.bouncycastle.crypto.tls.SessionParameters Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bcprov-ext-debug-jdk15on Show documentation
Show all versions of bcprov-ext-debug-jdk15on Show documentation
The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8. Note: this package includes the NTRU encryption algorithms.
package org.bouncycastle.crypto.tls;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Hashtable;
import org.bouncycastle.util.Arrays;
public final class SessionParameters
{
public static final class Builder
{
private int cipherSuite = -1;
private short compressionAlgorithm = -1;
private byte[] masterSecret = null;
private Certificate peerCertificate = null;
private byte[] pskIdentity = null;
private byte[] srpIdentity = null;
private byte[] encodedServerExtensions = null;
private boolean extendedMasterSecret = false;
public Builder()
{
}
public SessionParameters build()
{
validate(this.cipherSuite >= 0, "cipherSuite");
validate(this.compressionAlgorithm >= 0, "compressionAlgorithm");
validate(this.masterSecret != null, "masterSecret");
return new SessionParameters(cipherSuite, compressionAlgorithm, masterSecret, peerCertificate, pskIdentity,
srpIdentity, encodedServerExtensions, extendedMasterSecret);
}
public Builder setCipherSuite(int cipherSuite)
{
this.cipherSuite = cipherSuite;
return this;
}
public Builder setCompressionAlgorithm(short compressionAlgorithm)
{
this.compressionAlgorithm = compressionAlgorithm;
return this;
}
public Builder setExtendedMasterSecret(boolean extendedMasterSecret)
{
this.extendedMasterSecret = extendedMasterSecret;
return this;
}
public Builder setMasterSecret(byte[] masterSecret)
{
this.masterSecret = masterSecret;
return this;
}
public Builder setPeerCertificate(Certificate peerCertificate)
{
this.peerCertificate = peerCertificate;
return this;
}
/**
* @deprecated Use {@link #setPSKIdentity(byte[])}
*/
public Builder setPskIdentity(byte[] pskIdentity)
{
this.pskIdentity = pskIdentity;
return this;
}
public Builder setPSKIdentity(byte[] pskIdentity)
{
this.pskIdentity = pskIdentity;
return this;
}
public Builder setSRPIdentity(byte[] srpIdentity)
{
this.srpIdentity = srpIdentity;
return this;
}
public Builder setServerExtensions(Hashtable serverExtensions) throws IOException
{
if (serverExtensions == null)
{
encodedServerExtensions = null;
}
else
{
ByteArrayOutputStream buf = new ByteArrayOutputStream();
TlsProtocol.writeExtensions(buf, serverExtensions);
encodedServerExtensions = buf.toByteArray();
}
return this;
}
private void validate(boolean condition, String parameter)
{
if (!condition)
{
throw new IllegalStateException("Required session parameter '" + parameter + "' not configured");
}
}
}
private int cipherSuite;
private short compressionAlgorithm;
private byte[] masterSecret;
private Certificate peerCertificate;
private byte[] pskIdentity = null;
private byte[] srpIdentity = null;
private byte[] encodedServerExtensions;
private boolean extendedMasterSecret;
private SessionParameters(int cipherSuite, short compressionAlgorithm, byte[] masterSecret,
Certificate peerCertificate, byte[] pskIdentity, byte[] srpIdentity, byte[] encodedServerExtensions,
boolean extendedMasterSecret)
{
this.cipherSuite = cipherSuite;
this.compressionAlgorithm = compressionAlgorithm;
this.masterSecret = Arrays.clone(masterSecret);
this.peerCertificate = peerCertificate;
this.pskIdentity = Arrays.clone(pskIdentity);
this.srpIdentity = Arrays.clone(srpIdentity);
this.encodedServerExtensions = encodedServerExtensions;
this.extendedMasterSecret = extendedMasterSecret;
}
public void clear()
{
if (this.masterSecret != null)
{
Arrays.fill(this.masterSecret, (byte)0);
}
}
public SessionParameters copy()
{
return new SessionParameters(cipherSuite, compressionAlgorithm, masterSecret, peerCertificate, pskIdentity,
srpIdentity, encodedServerExtensions, extendedMasterSecret);
}
public int getCipherSuite()
{
return cipherSuite;
}
public short getCompressionAlgorithm()
{
return compressionAlgorithm;
}
public byte[] getMasterSecret()
{
return masterSecret;
}
public Certificate getPeerCertificate()
{
return peerCertificate;
}
/**
* @deprecated Use {@link #getPSKIdentity()}
*/
public byte[] getPskIdentity()
{
return pskIdentity;
}
public byte[] getPSKIdentity()
{
return pskIdentity;
}
public byte[] getSRPIdentity()
{
return srpIdentity;
}
public boolean isExtendedMasterSecret()
{
return extendedMasterSecret;
}
public Hashtable readServerExtensions() throws IOException
{
if (encodedServerExtensions == null)
{
return null;
}
ByteArrayInputStream buf = new ByteArrayInputStream(encodedServerExtensions);
return TlsProtocol.readExtensions(buf);
}
}