Package io.undertow.server.protocol.http
Class ALPNLimitingSSLEngine
java.lang.Object
javax.net.ssl.SSLEngine
io.undertow.server.protocol.http.ALPNLimitingSSLEngine
SSLEngine that will limit the cipher selection to HTTP/2 suitable protocols if the client is offering h2 as an option.
In theory this is not a perfect solution to the HTTP/2 cipher strength issue, but in practice it should be sufficient as any RFC compliant implementation should be able to negotiate TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- Author:
- Stuart Douglas
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
void
void
String[]
String[]
boolean
boolean
int
String[]
String[]
boolean
boolean
boolean
boolean
void
setEnabledCipherSuites
(String[] strings) void
setEnabledProtocols
(String[] strings) void
setEnableSessionCreation
(boolean b) void
setNeedClientAuth
(boolean b) void
setSSLParameters
(SSLParameters sslParameters) void
setUseClientMode
(boolean b) void
setWantClientAuth
(boolean b) unwrap
(ByteBuffer src, ByteBuffer dst) unwrap
(ByteBuffer src, ByteBuffer[] dsts) unwrap
(ByteBuffer byteBuffer, ByteBuffer[] byteBuffers, int i, int i1) wrap
(ByteBuffer[] srcs, int off, int len, ByteBuffer dst) wrap
(ByteBuffer[] srcs, ByteBuffer dst) wrap
(ByteBuffer src, ByteBuffer dst) Methods inherited from class javax.net.ssl.SSLEngine
getApplicationProtocol, getHandshakeApplicationProtocol, getHandshakeApplicationProtocolSelector, setHandshakeApplicationProtocolSelector
-
Constructor Details
-
ALPNLimitingSSLEngine
-
-
Method Details
-
getPeerHost
- Overrides:
getPeerHost
in classSSLEngine
-
getPeerPort
public int getPeerPort()- Overrides:
getPeerPort
in classSSLEngine
-
wrap
- Overrides:
wrap
in classSSLEngine
- Throws:
SSLException
-
wrap
- Overrides:
wrap
in classSSLEngine
- Throws:
SSLException
-
unwrap
- Overrides:
unwrap
in classSSLEngine
- Throws:
SSLException
-
unwrap
- Overrides:
unwrap
in classSSLEngine
- Throws:
SSLException
-
getHandshakeSession
- Overrides:
getHandshakeSession
in classSSLEngine
-
getSSLParameters
- Overrides:
getSSLParameters
in classSSLEngine
-
setSSLParameters
- Overrides:
setSSLParameters
in classSSLEngine
-
wrap
public SSLEngineResult wrap(ByteBuffer[] srcs, int off, int len, ByteBuffer dst) throws SSLException - Specified by:
wrap
in classSSLEngine
- Throws:
SSLException
-
unwrap
public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBuffers, int i, int i1) throws SSLException - Specified by:
unwrap
in classSSLEngine
- Throws:
SSLException
-
getDelegatedTask
- Specified by:
getDelegatedTask
in classSSLEngine
-
closeInbound
- Specified by:
closeInbound
in classSSLEngine
- Throws:
SSLException
-
isInboundDone
public boolean isInboundDone()- Specified by:
isInboundDone
in classSSLEngine
-
closeOutbound
public void closeOutbound()- Specified by:
closeOutbound
in classSSLEngine
-
isOutboundDone
public boolean isOutboundDone()- Specified by:
isOutboundDone
in classSSLEngine
-
getSupportedCipherSuites
- Specified by:
getSupportedCipherSuites
in classSSLEngine
-
getEnabledCipherSuites
- Specified by:
getEnabledCipherSuites
in classSSLEngine
-
setEnabledCipherSuites
- Specified by:
setEnabledCipherSuites
in classSSLEngine
-
getSupportedProtocols
- Specified by:
getSupportedProtocols
in classSSLEngine
-
getEnabledProtocols
- Specified by:
getEnabledProtocols
in classSSLEngine
-
setEnabledProtocols
- Specified by:
setEnabledProtocols
in classSSLEngine
-
getSession
- Specified by:
getSession
in classSSLEngine
-
beginHandshake
- Specified by:
beginHandshake
in classSSLEngine
- Throws:
SSLException
-
getHandshakeStatus
- Specified by:
getHandshakeStatus
in classSSLEngine
-
setUseClientMode
public void setUseClientMode(boolean b) - Specified by:
setUseClientMode
in classSSLEngine
-
getUseClientMode
public boolean getUseClientMode()- Specified by:
getUseClientMode
in classSSLEngine
-
setNeedClientAuth
public void setNeedClientAuth(boolean b) - Specified by:
setNeedClientAuth
in classSSLEngine
-
getNeedClientAuth
public boolean getNeedClientAuth()- Specified by:
getNeedClientAuth
in classSSLEngine
-
setWantClientAuth
public void setWantClientAuth(boolean b) - Specified by:
setWantClientAuth
in classSSLEngine
-
getWantClientAuth
public boolean getWantClientAuth()- Specified by:
getWantClientAuth
in classSSLEngine
-
setEnableSessionCreation
public void setEnableSessionCreation(boolean b) - Specified by:
setEnableSessionCreation
in classSSLEngine
-
getEnableSessionCreation
public boolean getEnableSessionCreation()- Specified by:
getEnableSessionCreation
in classSSLEngine
-