org.bouncycastle.jsse.BCSSLParameters Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bctls-fips Show documentation
Show all versions of bctls-fips Show documentation
The Bouncy Castle Java APIs for the TLS, including a JSSE provider. The APIs are designed primarily to be used in conjunction with the BC FIPS provider. The APIs may also be used with other providers although if being used in a FIPS context it is the responsibility of the user to ensure that any other providers used are FIPS certified and used appropriately.
package org.bouncycastle.jsse;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.bouncycastle.jsse.java.security.BCAlgorithmConstraints;
import org.bouncycastle.tls.TlsUtils;
/**
* A BCJSSE-specific interface providing access to extended SSL parameters in earlier JDKs.
*/
public final class BCSSLParameters
{
private static List copyList(Collection list)
{
if (list == null)
{
return null;
}
if (list.isEmpty())
{
return Collections.emptyList();
}
return Collections.unmodifiableList(new ArrayList(list));
}
private String[] cipherSuites;
private String[] protocols;
private boolean wantClientAuth;
private boolean needClientAuth;
private String endpointIdentificationAlgorithm;
private BCAlgorithmConstraints algorithmConstraints;
private List serverNames;
private List sniMatchers;
private boolean useCipherSuitesOrder;
private boolean enableRetransmissions = true;
private int maximumPacketSize = 0;
private String[] applicationProtocols = TlsUtils.EMPTY_STRINGS;
private String[] signatureSchemes = null;
private String[] namedGroups = null;
public BCSSLParameters()
{
}
public BCSSLParameters(String[] cipherSuites)
{
setCipherSuites(cipherSuites);
}
public BCSSLParameters(String[] cipherSuites, String[] protocols)
{
setCipherSuites(cipherSuites);
setProtocols(protocols);
}
public String[] getCipherSuites()
{
return TlsUtils.clone(cipherSuites);
}
public void setCipherSuites(String[] cipherSuites)
{
this.cipherSuites = TlsUtils.clone(cipherSuites);
}
public String[] getProtocols()
{
return TlsUtils.clone(protocols);
}
public void setProtocols(String[] protocols)
{
this.protocols = TlsUtils.clone(protocols);
}
public boolean getWantClientAuth()
{
return wantClientAuth;
}
public void setWantClientAuth(boolean wantClientAuth)
{
this.wantClientAuth = wantClientAuth;
this.needClientAuth = false;
}
public boolean getNeedClientAuth()
{
return needClientAuth;
}
public void setNeedClientAuth(boolean needClientAuth)
{
this.needClientAuth = needClientAuth;
this.wantClientAuth = false;
}
public String getEndpointIdentificationAlgorithm()
{
return endpointIdentificationAlgorithm;
}
public void setEndpointIdentificationAlgorithm(String endpointIdentificationAlgorithm)
{
this.endpointIdentificationAlgorithm = endpointIdentificationAlgorithm;
}
public BCAlgorithmConstraints getAlgorithmConstraints()
{
return algorithmConstraints;
}
public void setAlgorithmConstraints(BCAlgorithmConstraints algorithmConstraints)
{
this.algorithmConstraints = algorithmConstraints;
}
public List getServerNames()
{
return copyList(this.serverNames);
}
public void setServerNames(List serverNames)
{
if (serverNames == null)
{
this.serverNames = null;
}
else
{
List copy = copyList(serverNames);
Set types = new HashSet();
for (BCSNIServerName serverName : copy)
{
int type = serverName.getType();
if (!types.add(type))
{
throw new IllegalArgumentException("Found duplicate SNI server name entry of type " + type);
}
}
this.serverNames = copy;
}
}
public Collection getSNIMatchers()
{
return copyList(this.sniMatchers);
}
public void setSNIMatchers(Collection sniMatchers)
{
if (sniMatchers == null)
{
this.sniMatchers = null;
}
else
{
List copy = copyList(sniMatchers);
Set types = new HashSet();
for (BCSNIMatcher sniMatcher : copy)
{
int type = sniMatcher.getType();
if (!types.add(type))
{
throw new IllegalArgumentException("Found duplicate SNI matcher entry of type " + type);
}
}
this.sniMatchers = copy;
}
}
public boolean getUseCipherSuitesOrder()
{
return useCipherSuitesOrder;
}
public void setUseCipherSuitesOrder(boolean useCipherSuitesOrder)
{
this.useCipherSuitesOrder = useCipherSuitesOrder;
}
public boolean getEnableRetransmissions()
{
return enableRetransmissions;
}
public void setEnableRetransmissions(boolean enableRetransmissions)
{
this.enableRetransmissions = enableRetransmissions;
}
public int getMaximumPacketSize()
{
return maximumPacketSize;
}
public void setMaximumPacketSize(int maximumPacketSize)
{
if (maximumPacketSize < 0)
{
throw new IllegalArgumentException("The maximum packet size cannot be negative");
}
this.maximumPacketSize = maximumPacketSize;
}
public String[] getApplicationProtocols()
{
return TlsUtils.clone(applicationProtocols);
}
public void setApplicationProtocols(String[] applicationProtocols)
{
if (null == applicationProtocols)
{
throw new NullPointerException("'applicationProtocols' cannot be null");
}
String[] check = TlsUtils.clone(applicationProtocols);
for (String entry : check)
{
if (TlsUtils.isNullOrEmpty(entry))
{
throw new IllegalArgumentException("'applicationProtocols' entries cannot be null or empty strings");
}
}
this.applicationProtocols = check;
}
public String[] getSignatureSchemes()
{
return TlsUtils.clone(signatureSchemes);
}
public void setSignatureSchemes(String[] signatureSchemes)
{
String[] check = null;
if (signatureSchemes != null)
{
check = TlsUtils.clone(signatureSchemes);
for (String entry : check)
{
if (TlsUtils.isNullOrEmpty(entry))
{
throw new IllegalArgumentException("'signatureSchemes' entries cannot be null or empty strings");
}
}
}
this.signatureSchemes = check;
}
public String[] getNamedGroups()
{
return TlsUtils.clone(namedGroups);
}
public void setNamedGroups(String[] namedGroups)
{
String[] check = null;
if (namedGroups != null)
{
check = TlsUtils.clone(namedGroups);
HashSet seenEntries = new HashSet();
for (String entry : check)
{
if (TlsUtils.isNullOrEmpty(entry))
{
throw new IllegalArgumentException("'namedGroups' entries cannot be null or empty strings");
}
if (!seenEntries.add(entry))
{
throw new IllegalArgumentException("'namedGroups' contains duplicate entry: " + entry);
}
}
}
this.namedGroups = check;
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy