All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.bouncycastle.jsse.provider.ProvSSLParameters Maven / Gradle / Ivy

Go to download

The Bouncy Castle Java APIs for the TLS, including a JSSE provider. The APIs are designed primarily to be used in conjunction with the BC LTS provider but may also be used with other providers providing cryptographic services.

There is a newer version: 2.73.7
Show newest version
package org.bouncycastle.jsse.provider;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;

import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocket;

import org.bouncycastle.jsse.BCApplicationProtocolSelector;
import org.bouncycastle.jsse.BCSNIMatcher;
import org.bouncycastle.jsse.BCSNIServerName;
import org.bouncycastle.jsse.java.security.BCAlgorithmConstraints;
import org.bouncycastle.tls.TlsUtils;

final class ProvSSLParameters
{
    private static  List copyList(Collection list)
    {
        if (list == null)
        {
            return null;
        }
        if (list.isEmpty())
        {
            return Collections.emptyList();
        }
        return Collections.unmodifiableList(new ArrayList(list));
    }

    private final ProvSSLContextSpi context;

    private String[] cipherSuites;
    private String[] protocols;
    private boolean wantClientAuth = false;
    private boolean needClientAuth = false;
    private String endpointIdentificationAlgorithm;
    private BCAlgorithmConstraints algorithmConstraints = ProvAlgorithmConstraints.DEFAULT;
    private List sniServerNames;
    private List sniMatchers;
    private boolean useCipherSuitesOrder = true;
    private boolean enableRetransmissions = true;
    private int maximumPacketSize = 0;
    private String[] applicationProtocols = TlsUtils.EMPTY_STRINGS;
    private String[] signatureSchemes = null;
    private String[] namedGroups = null;

    private BCApplicationProtocolSelector engineAPSelector;
    private BCApplicationProtocolSelector socketAPSelector;
    private ProvSSLSession sessionToResume;

    ProvSSLParameters(ProvSSLContextSpi context, String[] cipherSuites, String[] protocols)
    {
        this.context = context;

        this.cipherSuites = cipherSuites;
        this.protocols = protocols;
    }

    ProvSSLParameters copy()
    {
        ProvSSLParameters p = new ProvSSLParameters(context, cipherSuites, protocols);
        p.wantClientAuth = wantClientAuth;
        p.needClientAuth = needClientAuth;
        p.endpointIdentificationAlgorithm = endpointIdentificationAlgorithm;
        p.algorithmConstraints = algorithmConstraints;
        p.sniServerNames = sniServerNames;
        p.sniMatchers = sniMatchers;
        p.useCipherSuitesOrder = useCipherSuitesOrder;
        p.enableRetransmissions = enableRetransmissions;
        p.maximumPacketSize = maximumPacketSize;
        p.applicationProtocols = applicationProtocols;
        p.signatureSchemes = signatureSchemes;
        p.namedGroups = namedGroups;
        p.engineAPSelector = engineAPSelector;
        p.socketAPSelector = socketAPSelector;
        p.sessionToResume = sessionToResume;
        return p;
    }

    ProvSSLParameters copyForConnection()
    {
        ProvSSLParameters p = copy();

        if (ProvAlgorithmConstraints.DEFAULT != p.algorithmConstraints)
        {
            p.algorithmConstraints = new ProvAlgorithmConstraints(p.algorithmConstraints, true);
        }

        return p;
    }

    public String[] getCipherSuites()
    {
        return cipherSuites.clone();
    }

    String[] getCipherSuitesArray()
    {
        // NOTE: ProvSSLContextSpi.updateDefaultSSLParameters depends on this not making a copy
        return cipherSuites;
    }

    public void setCipherSuites(String[] cipherSuites)
    {
        this.cipherSuites = context.getSupportedCipherSuites(cipherSuites);
    }

    void setCipherSuitesArray(String[] cipherSuites)
    {
        // NOTE: ProvSSLContextSpi.updateDefaultSSLParameters depends on this not making a copy
        this.cipherSuites = cipherSuites;
    }

    public String[] getProtocols()
    {
        return protocols.clone();
    }

    String[] getProtocolsArray()
    {
        // NOTE: ProvSSLContextSpi.updateDefaultSSLParameters depends on this not making a copy
        return protocols;
    }

    public void setProtocols(String[] protocols)
    {
        if (!context.isSupportedProtocols(protocols))
        {
            throw new IllegalArgumentException("'protocols' cannot be null, or contain unsupported protocols");
        }

        this.protocols = protocols.clone();
    }

    void setProtocolsArray(String[] protocols)
    {
        // NOTE: ProvSSLContextSpi.updateDefaultSSLParameters depends on this not making a copy
        this.protocols = protocols;
    }

    public boolean getWantClientAuth()
    {
        return wantClientAuth;
    }

    public void setWantClientAuth(boolean wantClientAuth)
    {
        this.needClientAuth = false;
        this.wantClientAuth = wantClientAuth;
    }

    public boolean getNeedClientAuth()
    {
        return needClientAuth;
    }

    public void setNeedClientAuth(boolean needClientAuth)
    {
        this.needClientAuth = needClientAuth;
        this.wantClientAuth = false;
    }

    public String getEndpointIdentificationAlgorithm()
    {
        return endpointIdentificationAlgorithm;
    }

    public void setEndpointIdentificationAlgorithm(String endpointIdentificationAlgorithm)
    {
        this.endpointIdentificationAlgorithm = endpointIdentificationAlgorithm;
    }

    public BCAlgorithmConstraints getAlgorithmConstraints()
    {
        return algorithmConstraints;
    }

    public void setAlgorithmConstraints(BCAlgorithmConstraints algorithmConstraints)
    {
        this.algorithmConstraints = algorithmConstraints;
    }

    public List getServerNames()
    {
        return copyList(sniServerNames);
    }

    public void setServerNames(List serverNames)
    {
        this.sniServerNames = copyList(serverNames);
    }

    public Collection getSNIMatchers()
    {
        return copyList(sniMatchers);
    }

    public void setSNIMatchers(Collection matchers)
    {
        this.sniMatchers = copyList(matchers);
    }

    public boolean getUseCipherSuitesOrder()
    {
        return useCipherSuitesOrder;
    }

    public void setUseCipherSuitesOrder(boolean useCipherSuitesOrder)
    {
        this.useCipherSuitesOrder = useCipherSuitesOrder;
    }

    public boolean getEnableRetransmissions()
    {
        return enableRetransmissions;
    }

    public void setEnableRetransmissions(boolean enableRetransmissions)
    {
        this.enableRetransmissions = enableRetransmissions;
    }

    public int getMaximumPacketSize()
    {
        return maximumPacketSize;
    }

    public void setMaximumPacketSize(int maximumPacketSize)
    {
        if (maximumPacketSize < 0)
        {
            throw new IllegalArgumentException("The maximum packet size cannot be negative");
        }

        this.maximumPacketSize = maximumPacketSize;
    }

    public String[] getApplicationProtocols()
    {
        return applicationProtocols.clone();
    }

    public void setApplicationProtocols(String[] applicationProtocols)
    {
        this.applicationProtocols = applicationProtocols.clone();
    }

    public String[] getSignatureSchemes()
    {
        return TlsUtils.clone(signatureSchemes);
    }

    public void setSignatureSchemes(String[] signatureSchemes)
    {
        this.signatureSchemes = TlsUtils.clone(signatureSchemes);
    }

    public String[] getNamedGroups()
    {
        return TlsUtils.clone(namedGroups);
    }

    public void setNamedGroups(String[] namedGroups)
    {
        this.namedGroups = TlsUtils.clone(namedGroups);
    }

    public BCApplicationProtocolSelector getEngineAPSelector()
    {
        return engineAPSelector;
    }
    
    public void setEngineAPSelector(BCApplicationProtocolSelector engineAPSelector)
    {
        this.engineAPSelector = engineAPSelector;
    }

    public BCApplicationProtocolSelector getSocketAPSelector()
    {
        return socketAPSelector;
    }

    public void setSocketAPSelector(BCApplicationProtocolSelector socketAPSelector)
    {
        this.socketAPSelector = socketAPSelector;
    }

    public ProvSSLSession getSessionToResume()
    {
        return sessionToResume;
    }

    public void setSessionToResume(ProvSSLSession sessionToResume)
    {
        this.sessionToResume = sessionToResume;
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy