org.bouncycastle.jsse.provider.TransportData Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bctls-lts8on Show documentation
Show all versions of bctls-lts8on Show documentation
The Bouncy Castle Java APIs for the TLS, including a JSSE provider. The APIs are designed primarily to be used in conjunction with the BC LTS provider but may also be used with other providers providing cryptographic services.
package org.bouncycastle.jsse.provider;
import java.net.Socket;
import java.util.Collections;
import java.util.List;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocket;
import org.bouncycastle.jsse.BCExtendedSSLSession;
import org.bouncycastle.jsse.BCSSLParameters;
import org.bouncycastle.jsse.java.security.BCAlgorithmConstraints;
class TransportData
{
static TransportData from(Socket socket)
{
if (!(socket instanceof SSLSocket && socket.isConnected()))
{
return null;
}
SSLSocket sslSocket = (SSLSocket)socket;
BCSSLParameters parameters = SSLSocketUtil.importSSLParameters(sslSocket);
if (null == parameters)
{
/*
* NOTE: For non-BCJSSE sockets, this could be null before JDK 1.6 (meaning neither
* parameters nor handshake session exist). For backward compatibility, our
* KeyManager/TrustManager implementations will behave as if no transport was provided.
*/
return null;
}
BCExtendedSSLSession handshakeSession = SSLSocketUtil.importHandshakeSession(sslSocket);
return new TransportData(parameters, handshakeSession);
}
static TransportData from(SSLEngine engine)
{
if (null == engine)
{
return null;
}
BCSSLParameters parameters = SSLEngineUtil.importSSLParameters(engine);
if (null == parameters)
{
/*
* NOTE: For non-BCJSSE engines, this could be null before JDK 1.6 (meaning neither
* parameters nor handshake session exist). For backward compatibility, our
* KeyManager/TrustManager implementations will behave as if no transport was provided.
*/
return null;
}
BCExtendedSSLSession handshakeSession = SSLEngineUtil.importHandshakeSession(engine);
return new TransportData(parameters, handshakeSession);
}
static BCAlgorithmConstraints getAlgorithmConstraints(TransportData transportData, boolean peerSigAlgs)
{
return null == transportData
? ProvAlgorithmConstraints.DEFAULT
: transportData.getAlgorithmConstraints(peerSigAlgs);
}
static List getStatusResponses(TransportData transportData)
{
return null == transportData
? Collections. emptyList()
: transportData.getStatusResponses();
}
private final BCSSLParameters parameters;
private final BCExtendedSSLSession handshakeSession;
private TransportData(BCSSLParameters parameters, BCExtendedSSLSession handshakeSession)
{
this.parameters = parameters;
this.handshakeSession = handshakeSession;
}
BCSSLParameters getParameters()
{
return parameters;
}
BCExtendedSSLSession getHandshakeSession()
{
return handshakeSession;
}
BCAlgorithmConstraints getAlgorithmConstraints(boolean peerSigAlgs)
{
BCAlgorithmConstraints configAlgorithmConstraints = parameters.getAlgorithmConstraints();
if (ProvAlgorithmConstraints.DEFAULT == configAlgorithmConstraints)
{
configAlgorithmConstraints = null;
}
if (null != handshakeSession && JsseUtils.isTLSv12(handshakeSession.getProtocol()))
{
String[] sigAlgsCert = peerSigAlgs
? handshakeSession.getPeerSupportedSignatureAlgorithmsBC()
: handshakeSession.getLocalSupportedSignatureAlgorithmsBC();
if (null != sigAlgsCert)
{
return new ProvAlgorithmConstraints(configAlgorithmConstraints, sigAlgsCert, true);
}
}
return null == configAlgorithmConstraints
? ProvAlgorithmConstraints.DEFAULT
: new ProvAlgorithmConstraints(configAlgorithmConstraints, true);
}
List getStatusResponses()
{
return null == handshakeSession
? Collections. emptyList()
: handshakeSession.getStatusResponses();
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy