Class OpenSSLContext

  • All Implemented Interfaces:
    SSLContext

    public class OpenSSLContext
    extends java.lang.Object
    implements SSLContext
    OpenSSL implementation of the SSL context.
    • Constructor Summary

      Constructors 
      Constructor Description
      OpenSSLContext​(SSLHostConfigCertificate certificate, java.util.List<java.lang.String> negotiableProtocols)
      Constructs an OpenSSLContext for the given certificate and protocols.
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void addCertificate​(SSLHostConfigCertificate certificate)
      Adds a certificate to this SSL context.
      protected static boolean applyConf​(OpenSSLConf conf, long cctx, long ctx)
      Applies the OpenSSL configuration commands to the given context.
      protected static boolean checkConf​(OpenSSLConf conf, long cctx)
      Checks the OpenSSL configuration commands against the given context.
      javax.net.ssl.SSLEngine createSSLEngine()
      Creates a new SSL engine.
      void destroy()
      Destroys this SSL context and releases any associated resources.
      java.security.cert.X509Certificate[] getAcceptedIssuers()
      Returns the accepted issuers.
      java.security.cert.X509Certificate[] getCertificateChain​(java.lang.String alias)
      Returns the certificate chain for the given alias.
      java.lang.String getEnabledProtocol()
      Returns the currently enabled SSL/TLS protocol.
      javax.net.ssl.SSLSessionContext getServerSessionContext()
      Returns the server session context.
      javax.net.ssl.SSLServerSocketFactory getServerSocketFactory()
      Returns the server socket factory.
      javax.net.ssl.SSLParameters getSupportedSSLParameters()
      Returns the supported SSL parameters.
      void init​(javax.net.ssl.KeyManager[] kms, javax.net.ssl.TrustManager[] tms, java.security.SecureRandom sr)
      Setup the SSL_CTX.
      void setEnabledProtocol​(java.lang.String protocol)
      Sets the enabled SSL/TLS protocol.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • OpenSSLContext

        public OpenSSLContext​(SSLHostConfigCertificate certificate,
                              java.util.List<java.lang.String> negotiableProtocols)
                       throws javax.net.ssl.SSLException
        Constructs an OpenSSLContext for the given certificate and protocols.
        Parameters:
        certificate - The SSL host config certificate
        negotiableProtocols - The list of negotiable protocols
        Throws:
        javax.net.ssl.SSLException - if initialization fails
    • Method Detail

      • getEnabledProtocol

        public java.lang.String getEnabledProtocol()
        Returns the currently enabled SSL/TLS protocol.
        Returns:
        The enabled protocol
      • setEnabledProtocol

        public void setEnabledProtocol​(java.lang.String protocol)
        Sets the enabled SSL/TLS protocol.
        Parameters:
        protocol - The protocol to enable, or null for the default
      • destroy

        public void destroy()
        Description copied from interface: SSLContext
        Destroys this SSL context and releases any associated resources.
        Specified by:
        destroy in interface SSLContext
      • checkConf

        protected static boolean checkConf​(OpenSSLConf conf,
                                           long cctx)
                                    throws java.lang.Exception
        Checks the OpenSSL configuration commands against the given context.
        Parameters:
        conf - The OpenSSL configuration
        cctx - The OpenSSL context
        Returns:
        true if all commands are valid
        Throws:
        java.lang.Exception - if an error occurs
      • applyConf

        protected static boolean applyConf​(OpenSSLConf conf,
                                           long cctx,
                                           long ctx)
                                    throws java.lang.Exception
        Applies the OpenSSL configuration commands to the given context.
        Parameters:
        conf - The OpenSSL configuration
        cctx - The OpenSSL context
        ctx - The SSL context
        Returns:
        true if all commands were applied successfully
        Throws:
        java.lang.Exception - if an error occurs
      • init

        public void init​(javax.net.ssl.KeyManager[] kms,
                         javax.net.ssl.TrustManager[] tms,
                         java.security.SecureRandom sr)
                  throws java.security.KeyManagementException
        Setup the SSL_CTX.
        Specified by:
        init in interface SSLContext
        Parameters:
        kms - Must contain a KeyManager of the type OpenSSLKeyManager
        tms - Must contain a TrustManager of the type X509TrustManager
        sr - Is not used for this implementation.
        Throws:
        java.security.KeyManagementException - if an error occurs
      • addCertificate

        public void addCertificate​(SSLHostConfigCertificate certificate)
                            throws java.lang.Exception
        Adds a certificate to this SSL context.
        Parameters:
        certificate - The certificate to add
        Throws:
        java.lang.Exception - if an error occurs
      • getServerSessionContext

        public javax.net.ssl.SSLSessionContext getServerSessionContext()
        Description copied from interface: SSLContext
        Returns the server session context.
        Specified by:
        getServerSessionContext in interface SSLContext
        Returns:
        The server session context
      • createSSLEngine

        public javax.net.ssl.SSLEngine createSSLEngine()
        Description copied from interface: SSLContext
        Creates a new SSL engine.
        Specified by:
        createSSLEngine in interface SSLContext
        Returns:
        The new SSL engine
      • getServerSocketFactory

        public javax.net.ssl.SSLServerSocketFactory getServerSocketFactory()
        Description copied from interface: SSLContext
        Returns the server socket factory.
        Specified by:
        getServerSocketFactory in interface SSLContext
        Returns:
        The server socket factory
      • getSupportedSSLParameters

        public javax.net.ssl.SSLParameters getSupportedSSLParameters()
        Description copied from interface: SSLContext
        Returns the supported SSL parameters.
        Specified by:
        getSupportedSSLParameters in interface SSLContext
        Returns:
        The supported SSL parameters
      • getCertificateChain

        public java.security.cert.X509Certificate[] getCertificateChain​(java.lang.String alias)
        Description copied from interface: SSLContext
        Returns the certificate chain for the given alias.
        Specified by:
        getCertificateChain in interface SSLContext
        Parameters:
        alias - The alias
        Returns:
        The certificate chain
      • getAcceptedIssuers

        public java.security.cert.X509Certificate[] getAcceptedIssuers()
        Description copied from interface: SSLContext
        Returns the accepted issuers.
        Specified by:
        getAcceptedIssuers in interface SSLContext
        Returns:
        The accepted issuers