Class JdkSslContext

    • Field Detail

      • DEFAULT_PROTOCOLS

        private static final java.lang.String[] DEFAULT_PROTOCOLS
      • DEFAULT_CIPHERS

        private static final java.util.List<java.lang.String> DEFAULT_CIPHERS
      • DEFAULT_CIPHERS_NON_TLSV13

        private static final java.util.List<java.lang.String> DEFAULT_CIPHERS_NON_TLSV13
      • SUPPORTED_CIPHERS

        private static final java.util.Set<java.lang.String> SUPPORTED_CIPHERS
      • SUPPORTED_CIPHERS_NON_TLSV13

        private static final java.util.Set<java.lang.String> SUPPORTED_CIPHERS_NON_TLSV13
      • DEFAULT_PROVIDER

        private static final java.security.Provider DEFAULT_PROVIDER
      • protocols

        private final java.lang.String[] protocols
      • cipherSuites

        private final java.lang.String[] cipherSuites
      • unmodifiableCipherSuites

        private final java.util.List<java.lang.String> unmodifiableCipherSuites
      • sslContext

        private final javax.net.ssl.SSLContext sslContext
      • isClient

        private final boolean isClient
      • endpointIdentificationAlgorithm

        private final java.lang.String endpointIdentificationAlgorithm
    • Method Detail

      • defaultProtocols

        private static java.lang.String[] defaultProtocols​(javax.net.ssl.SSLContext context,
                                                           javax.net.ssl.SSLEngine engine)
      • supportedCiphers

        private static java.util.Set<java.lang.String> supportedCiphers​(javax.net.ssl.SSLEngine engine)
      • defaultCiphers

        private static java.util.List<java.lang.String> defaultCiphers​(javax.net.ssl.SSLEngine engine,
                                                                       java.util.Set<java.lang.String> supportedCiphers)
      • isTlsV13Supported

        private static boolean isTlsV13Supported​(java.lang.String[] protocols)
      • context

        public final javax.net.ssl.SSLContext context()
        Returns the JDK SSLContext object held by this context.
      • isClient

        public final boolean isClient()
        Description copied from class: SslContext
        Returns the true if and only if this context is for client-side.
        Specified by:
        isClient in class SslContext
      • sessionContext

        public final javax.net.ssl.SSLSessionContext sessionContext()
        Returns the JDK SSLSessionContext object held by this context.
        Specified by:
        sessionContext in class SslContext
      • cipherSuites

        public final java.util.List<java.lang.String> cipherSuites()
        Description copied from class: SslContext
        Returns the list of enabled cipher suites, in the order of preference.
        Specified by:
        cipherSuites in class SslContext
      • configureAndWrapEngine

        private javax.net.ssl.SSLEngine configureAndWrapEngine​(javax.net.ssl.SSLEngine engine,
                                                               ByteBufAllocator alloc)
      • configureEndpointVerification

        private void configureEndpointVerification​(javax.net.ssl.SSLEngine engine)
      • buildKeyManagerFactory

        static javax.net.ssl.KeyManagerFactory buildKeyManagerFactory​(java.io.File certChainFile,
                                                                      java.io.File keyFile,
                                                                      java.lang.String keyPassword,
                                                                      javax.net.ssl.KeyManagerFactory kmf,
                                                                      java.lang.String keyStore)
                                                               throws java.security.UnrecoverableKeyException,
                                                                      java.security.KeyStoreException,
                                                                      java.security.NoSuchAlgorithmException,
                                                                      javax.crypto.NoSuchPaddingException,
                                                                      java.security.spec.InvalidKeySpecException,
                                                                      java.security.InvalidAlgorithmParameterException,
                                                                      java.security.cert.CertificateException,
                                                                      java.security.KeyException,
                                                                      java.io.IOException
        Build a KeyManagerFactory based upon a key file, key file password, and a certificate chain.
        Parameters:
        certChainFile - an X.509 certificate chain file in PEM format
        keyFile - a PKCS#8 private key file in PEM format
        keyPassword - the password of the keyFile. null if it's not password-protected.
        kmf - The existing KeyManagerFactory that will be used if not null
        keyStore - the KeyStore that should be used in the KeyManagerFactory
        Returns:
        A KeyManagerFactory based upon a key file, key file password, and a certificate chain.
        Throws:
        java.security.UnrecoverableKeyException
        java.security.KeyStoreException
        java.security.NoSuchAlgorithmException
        javax.crypto.NoSuchPaddingException
        java.security.spec.InvalidKeySpecException
        java.security.InvalidAlgorithmParameterException
        java.security.cert.CertificateException
        java.security.KeyException
        java.io.IOException
      • buildKeyManagerFactory

        @Deprecated
        protected static javax.net.ssl.KeyManagerFactory buildKeyManagerFactory​(java.io.File certChainFile,
                                                                                java.io.File keyFile,
                                                                                java.lang.String keyPassword,
                                                                                javax.net.ssl.KeyManagerFactory kmf)
                                                                         throws java.security.UnrecoverableKeyException,
                                                                                java.security.KeyStoreException,
                                                                                java.security.NoSuchAlgorithmException,
                                                                                javax.crypto.NoSuchPaddingException,
                                                                                java.security.spec.InvalidKeySpecException,
                                                                                java.security.InvalidAlgorithmParameterException,
                                                                                java.security.cert.CertificateException,
                                                                                java.security.KeyException,
                                                                                java.io.IOException
        Deprecated.
        will be removed.
        Build a KeyManagerFactory based upon a key file, key file password, and a certificate chain.
        Parameters:
        certChainFile - an X.509 certificate chain file in PEM format
        keyFile - a PKCS#8 private key file in PEM format
        keyPassword - the password of the keyFile. null if it's not password-protected.
        kmf - The existing KeyManagerFactory that will be used if not null
        Returns:
        A KeyManagerFactory based upon a key file, key file password, and a certificate chain.
        Throws:
        java.security.UnrecoverableKeyException
        java.security.KeyStoreException
        java.security.NoSuchAlgorithmException
        javax.crypto.NoSuchPaddingException
        java.security.spec.InvalidKeySpecException
        java.security.InvalidAlgorithmParameterException
        java.security.cert.CertificateException
        java.security.KeyException
        java.io.IOException
      • buildKeyManagerFactory

        static javax.net.ssl.KeyManagerFactory buildKeyManagerFactory​(java.io.File certChainFile,
                                                                      java.lang.String keyAlgorithm,
                                                                      java.io.File keyFile,
                                                                      java.lang.String keyPassword,
                                                                      javax.net.ssl.KeyManagerFactory kmf,
                                                                      java.lang.String keyStore)
                                                               throws java.security.KeyStoreException,
                                                                      java.security.NoSuchAlgorithmException,
                                                                      javax.crypto.NoSuchPaddingException,
                                                                      java.security.spec.InvalidKeySpecException,
                                                                      java.security.InvalidAlgorithmParameterException,
                                                                      java.io.IOException,
                                                                      java.security.cert.CertificateException,
                                                                      java.security.KeyException,
                                                                      java.security.UnrecoverableKeyException
        Build a KeyManagerFactory based upon a key algorithm, key file, key file password, and a certificate chain.
        Parameters:
        certChainFile - an X.509 certificate chain file in PEM format
        keyAlgorithm - the standard name of the requested algorithm. See the Java Secure Socket Extension Reference Guide for information about standard algorithm names.
        keyFile - a PKCS#8 private key file in PEM format
        keyPassword - the password of the keyFile. null if it's not password-protected.
        kmf - The existing KeyManagerFactory that will be used if not null
        keyStore - the KeyStore that should be used in the KeyManagerFactory
        Returns:
        A KeyManagerFactory based upon a key algorithm, key file, key file password, and a certificate chain.
        Throws:
        java.security.KeyStoreException
        java.security.NoSuchAlgorithmException
        javax.crypto.NoSuchPaddingException
        java.security.spec.InvalidKeySpecException
        java.security.InvalidAlgorithmParameterException
        java.io.IOException
        java.security.cert.CertificateException
        java.security.KeyException
        java.security.UnrecoverableKeyException
      • buildKeyManagerFactory

        @Deprecated
        protected static javax.net.ssl.KeyManagerFactory buildKeyManagerFactory​(java.io.File certChainFile,
                                                                                java.lang.String keyAlgorithm,
                                                                                java.io.File keyFile,
                                                                                java.lang.String keyPassword,
                                                                                javax.net.ssl.KeyManagerFactory kmf)
                                                                         throws java.security.KeyStoreException,
                                                                                java.security.NoSuchAlgorithmException,
                                                                                javax.crypto.NoSuchPaddingException,
                                                                                java.security.spec.InvalidKeySpecException,
                                                                                java.security.InvalidAlgorithmParameterException,
                                                                                java.io.IOException,
                                                                                java.security.cert.CertificateException,
                                                                                java.security.KeyException,
                                                                                java.security.UnrecoverableKeyException
        Deprecated.
        will be removed.
        Build a KeyManagerFactory based upon a key algorithm, key file, key file password, and a certificate chain.
        Parameters:
        certChainFile - an buildKeyManagerFactory X.509 certificate chain file in PEM format
        keyAlgorithm - the standard name of the requested algorithm. See the Java Secure Socket Extension Reference Guide for information about standard algorithm names.
        keyFile - a PKCS#8 private key file in PEM format
        keyPassword - the password of the keyFile. null if it's not password-protected.
        kmf - The existing KeyManagerFactory that will be used if not null
        Returns:
        A KeyManagerFactory based upon a key algorithm, key file, key file password, and a certificate chain.
        Throws:
        java.security.KeyStoreException
        java.security.NoSuchAlgorithmException
        javax.crypto.NoSuchPaddingException
        java.security.spec.InvalidKeySpecException
        java.security.InvalidAlgorithmParameterException
        java.io.IOException
        java.security.cert.CertificateException
        java.security.KeyException
        java.security.UnrecoverableKeyException