com.flat502.rox.processing
Class SSLConfiguration

java.lang.Object
  com.flat502.rox.processing.SSLConfiguration

public class SSLConfiguration
extends java.lang.Object

Nested Class Summary

static class

SSLConfiguration.ClientAuth

Field Summary

static java.lang.String	ALL_CIPHER_SUITES A regular expression that matches all cipher suites.
static java.lang.String	ALL_PROTOCOLS A regular expression that matches all protocols.
static java.lang.String	ANON_CIPHER_SUITES A regular expression that matches only cipher suites that allow for anonymous key exchange.
static java.lang.String	TLS_PROTOCOLS A regular expression that matches all TLS protocols.

Constructor Summary

SSLConfiguration()

SSLConfiguration(java.util.Properties props)

SSLConfiguration(javax.net.ssl.SSLContext context)

Method Summary

void	addIdentity(java.security.PrivateKey privateKey, java.security.cert.X509Certificate[] chain)
void	addTrustedEntities(java.util.Collection<java.security.cert.X509Certificate> certs)
void	addTrustedEntity(java.security.cert.X509Certificate cert)
javax.net.ssl.SSLContext	createContext()
SSLConfiguration.ClientAuth	getClientAuthentication()
int	getHandshakeTimeout()
protected java.lang.String[]	selectCiphersuites(java.lang.String[] supportedCipherSuites)
protected java.lang.String[]	selectProtocols(java.lang.String[] supportedProtocols)
void	setCipherSuitePattern(java.lang.String cipherSuitePattern) Set the regular expression used to select the SSL cipher suites to use during SSL handshaking.
void	setClientAuthentication(SSLConfiguration.ClientAuth auth)
void	setHandshakeTimeout(int timeout) Configure a timeout value for SSL handshaking.
void	setKeyStore(java.security.KeyStore ks, java.lang.String passphrase)
void	setKeyStore(java.lang.String storeFile, java.lang.String storePassphrase, java.lang.String entryPassphrase, java.lang.String storeType)
void	setProtocolPattern(java.lang.String protocolPattern) Set the regular expression used to select the SSL protocol suites to use during SSL handshaking.
void	setRandomNumberGenerator(java.security.SecureRandom rng)
void	setTrustStore(java.security.KeyStore ts)
void	setTrustStore(java.lang.String storeFile, java.lang.String passphrase, java.lang.String storeType)
java.lang.String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

ANON_CIPHER_SUITES

public static final java.lang.String ANON_CIPHER_SUITES

A regular expression that matches only cipher suites that allow for anonymous key exchange.

See Also:

Constant Field Values

ALL_CIPHER_SUITES

public static final java.lang.String ALL_CIPHER_SUITES

A regular expression that matches all cipher suites.

See Also:

Constant Field Values

ALL_PROTOCOLS

public static final java.lang.String ALL_PROTOCOLS

A regular expression that matches all protocols.

See Also:

Constant Field Values

TLS_PROTOCOLS

public static final java.lang.String TLS_PROTOCOLS

A regular expression that matches all TLS protocols.

See Also:

Constant Field Values

Constructor Detail

SSLConfiguration

public SSLConfiguration()

SSLConfiguration

public SSLConfiguration(javax.net.ssl.SSLContext context)

SSLConfiguration

public SSLConfiguration(java.util.Properties props)
                 throws java.security.GeneralSecurityException,
                        java.io.IOException

Throws:

java.security.GeneralSecurityException

java.io.IOException

Method Detail

setRandomNumberGenerator

public void setRandomNumberGenerator(java.security.SecureRandom rng)

setHandshakeTimeout

public void setHandshakeTimeout(int timeout)

Configure a timeout value for SSL handshaking.

If the remote server is not SSL enabled then it falls to some sort of timeout to determine this, since a non-SSL server is waiting for a request from a client, which is in turn waiting for an SSL handshake to be initiated by the server.

This method controls the length of that timeout.

This timeout defaults to 10 seconds.

The new timeout affects only connections initiated subsequent to the completion of this method call.

Parameters:

timeout - The timeout (in milliseconds). A value of 0 indicates no timeout should be enforced (not recommended).

Throws:

java.lang.IllegalArgumentException - If the timeout provided is negative.

getHandshakeTimeout

public int getHandshakeTimeout()

setCipherSuitePattern

public void setCipherSuitePattern(java.lang.String cipherSuitePattern)

Set the regular expression used to select the SSL cipher suites to use during SSL handshaking.

Parameters:

cipherSuitePattern - A regular expression for selecting the set of SSL cipher suites. A null value will treated as matching all cipher suites.

See Also:

ALL_CIPHER_SUITES, ANON_CIPHER_SUITES

setProtocolPattern

public void setProtocolPattern(java.lang.String protocolPattern)

Set the regular expression used to select the SSL protocol suites to use during SSL handshaking.

Parameters:

protocolPattern - A regular expression for selecting the set of SSL protocols. A null value will treated as matching all protocols.

See Also:

ALL_PROTOCOLS, TLS_PROTOCOLS

addTrustedEntities

public void addTrustedEntities(java.util.Collection<java.security.cert.X509Certificate> certs)
                        throws java.security.GeneralSecurityException,
                               java.io.IOException

Throws:

java.security.GeneralSecurityException

java.io.IOException

addTrustedEntity

public void addTrustedEntity(java.security.cert.X509Certificate cert)
                      throws java.security.GeneralSecurityException,
                             java.io.IOException

Throws:

java.security.GeneralSecurityException

java.io.IOException

addIdentity

public void addIdentity(java.security.PrivateKey privateKey,
                        java.security.cert.X509Certificate[] chain)
                 throws java.security.GeneralSecurityException,
                        java.io.IOException

Throws:

java.security.GeneralSecurityException

java.io.IOException

setClientAuthentication

public void setClientAuthentication(SSLConfiguration.ClientAuth auth)

getClientAuthentication

public SSLConfiguration.ClientAuth getClientAuthentication()

setKeyStore

public void setKeyStore(java.lang.String storeFile,
                        java.lang.String storePassphrase,
                        java.lang.String entryPassphrase,
                        java.lang.String storeType)
                 throws java.security.GeneralSecurityException,
                        java.io.IOException

Throws:

java.security.GeneralSecurityException

java.io.IOException

setKeyStore

public void setKeyStore(java.security.KeyStore ks,
                        java.lang.String passphrase)
                 throws java.security.GeneralSecurityException

Throws:

java.security.GeneralSecurityException

setTrustStore

public void setTrustStore(java.lang.String storeFile,
                          java.lang.String passphrase,
                          java.lang.String storeType)
                   throws java.security.GeneralSecurityException,
                          java.io.IOException

Throws:

java.security.GeneralSecurityException

java.io.IOException

setTrustStore

public void setTrustStore(java.security.KeyStore ts)
                   throws java.security.GeneralSecurityException

Throws:

java.security.GeneralSecurityException

createContext

public javax.net.ssl.SSLContext createContext()
                                       throws java.security.GeneralSecurityException

Throws:

java.security.GeneralSecurityException

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object

selectCiphersuites

protected java.lang.String[] selectCiphersuites(java.lang.String[] supportedCipherSuites)

selectProtocols

protected java.lang.String[] selectProtocols(java.lang.String[] supportedProtocols)