Class ALPNLimitingSSLEngine


  • public class ALPNLimitingSSLEngine
    extends javax.net.ssl.SSLEngine
    SSLEngine that will limit the cipher selection to HTTP/2 suitable protocols if the client is offering h2 as an option.

    In theory this is not a perfect solution to the HTTP/2 cipher strength issue, but in practice it should be sufficent as any RFC compliant implementation should be able to negotiate TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

    Author:
    Stuart Douglas
    • Constructor Detail

      • ALPNLimitingSSLEngine

        public ALPNLimitingSSLEngine​(javax.net.ssl.SSLEngine delegate,
                                     java.lang.Runnable invalidAlpnRunnable)
    • Method Detail

      • getPeerHost

        public java.lang.String getPeerHost()
        Overrides:
        getPeerHost in class javax.net.ssl.SSLEngine
      • getPeerPort

        public int getPeerPort()
        Overrides:
        getPeerPort in class javax.net.ssl.SSLEngine
      • wrap

        public javax.net.ssl.SSLEngineResult wrap​(java.nio.ByteBuffer src,
                                                  java.nio.ByteBuffer dst)
                                           throws javax.net.ssl.SSLException
        Overrides:
        wrap in class javax.net.ssl.SSLEngine
        Throws:
        javax.net.ssl.SSLException
      • wrap

        public javax.net.ssl.SSLEngineResult wrap​(java.nio.ByteBuffer[] srcs,
                                                  java.nio.ByteBuffer dst)
                                           throws javax.net.ssl.SSLException
        Overrides:
        wrap in class javax.net.ssl.SSLEngine
        Throws:
        javax.net.ssl.SSLException
      • unwrap

        public javax.net.ssl.SSLEngineResult unwrap​(java.nio.ByteBuffer src,
                                                    java.nio.ByteBuffer dst)
                                             throws javax.net.ssl.SSLException
        Overrides:
        unwrap in class javax.net.ssl.SSLEngine
        Throws:
        javax.net.ssl.SSLException
      • unwrap

        public javax.net.ssl.SSLEngineResult unwrap​(java.nio.ByteBuffer src,
                                                    java.nio.ByteBuffer[] dsts)
                                             throws javax.net.ssl.SSLException
        Overrides:
        unwrap in class javax.net.ssl.SSLEngine
        Throws:
        javax.net.ssl.SSLException
      • getHandshakeSession

        public javax.net.ssl.SSLSession getHandshakeSession()
        Overrides:
        getHandshakeSession in class javax.net.ssl.SSLEngine
      • getSSLParameters

        public javax.net.ssl.SSLParameters getSSLParameters()
        Overrides:
        getSSLParameters in class javax.net.ssl.SSLEngine
      • setSSLParameters

        public void setSSLParameters​(javax.net.ssl.SSLParameters sslParameters)
        Overrides:
        setSSLParameters in class javax.net.ssl.SSLEngine
      • wrap

        public javax.net.ssl.SSLEngineResult wrap​(java.nio.ByteBuffer[] srcs,
                                                  int off,
                                                  int len,
                                                  java.nio.ByteBuffer dst)
                                           throws javax.net.ssl.SSLException
        Specified by:
        wrap in class javax.net.ssl.SSLEngine
        Throws:
        javax.net.ssl.SSLException
      • unwrap

        public javax.net.ssl.SSLEngineResult unwrap​(java.nio.ByteBuffer byteBuffer,
                                                    java.nio.ByteBuffer[] byteBuffers,
                                                    int i,
                                                    int i1)
                                             throws javax.net.ssl.SSLException
        Specified by:
        unwrap in class javax.net.ssl.SSLEngine
        Throws:
        javax.net.ssl.SSLException
      • getDelegatedTask

        public java.lang.Runnable getDelegatedTask()
        Specified by:
        getDelegatedTask in class javax.net.ssl.SSLEngine
      • closeInbound

        public void closeInbound()
                          throws javax.net.ssl.SSLException
        Specified by:
        closeInbound in class javax.net.ssl.SSLEngine
        Throws:
        javax.net.ssl.SSLException
      • isInboundDone

        public boolean isInboundDone()
        Specified by:
        isInboundDone in class javax.net.ssl.SSLEngine
      • closeOutbound

        public void closeOutbound()
        Specified by:
        closeOutbound in class javax.net.ssl.SSLEngine
      • isOutboundDone

        public boolean isOutboundDone()
        Specified by:
        isOutboundDone in class javax.net.ssl.SSLEngine
      • getSupportedCipherSuites

        public java.lang.String[] getSupportedCipherSuites()
        Specified by:
        getSupportedCipherSuites in class javax.net.ssl.SSLEngine
      • getEnabledCipherSuites

        public java.lang.String[] getEnabledCipherSuites()
        Specified by:
        getEnabledCipherSuites in class javax.net.ssl.SSLEngine
      • setEnabledCipherSuites

        public void setEnabledCipherSuites​(java.lang.String[] strings)
        Specified by:
        setEnabledCipherSuites in class javax.net.ssl.SSLEngine
      • getSupportedProtocols

        public java.lang.String[] getSupportedProtocols()
        Specified by:
        getSupportedProtocols in class javax.net.ssl.SSLEngine
      • getEnabledProtocols

        public java.lang.String[] getEnabledProtocols()
        Specified by:
        getEnabledProtocols in class javax.net.ssl.SSLEngine
      • setEnabledProtocols

        public void setEnabledProtocols​(java.lang.String[] strings)
        Specified by:
        setEnabledProtocols in class javax.net.ssl.SSLEngine
      • getSession

        public javax.net.ssl.SSLSession getSession()
        Specified by:
        getSession in class javax.net.ssl.SSLEngine
      • beginHandshake

        public void beginHandshake()
                            throws javax.net.ssl.SSLException
        Specified by:
        beginHandshake in class javax.net.ssl.SSLEngine
        Throws:
        javax.net.ssl.SSLException
      • getHandshakeStatus

        public javax.net.ssl.SSLEngineResult.HandshakeStatus getHandshakeStatus()
        Specified by:
        getHandshakeStatus in class javax.net.ssl.SSLEngine
      • setUseClientMode

        public void setUseClientMode​(boolean b)
        Specified by:
        setUseClientMode in class javax.net.ssl.SSLEngine
      • getUseClientMode

        public boolean getUseClientMode()
        Specified by:
        getUseClientMode in class javax.net.ssl.SSLEngine
      • setNeedClientAuth

        public void setNeedClientAuth​(boolean b)
        Specified by:
        setNeedClientAuth in class javax.net.ssl.SSLEngine
      • getNeedClientAuth

        public boolean getNeedClientAuth()
        Specified by:
        getNeedClientAuth in class javax.net.ssl.SSLEngine
      • setWantClientAuth

        public void setWantClientAuth​(boolean b)
        Specified by:
        setWantClientAuth in class javax.net.ssl.SSLEngine
      • getWantClientAuth

        public boolean getWantClientAuth()
        Specified by:
        getWantClientAuth in class javax.net.ssl.SSLEngine
      • setEnableSessionCreation

        public void setEnableSessionCreation​(boolean b)
        Specified by:
        setEnableSessionCreation in class javax.net.ssl.SSLEngine
      • getEnableSessionCreation

        public boolean getEnableSessionCreation()
        Specified by:
        getEnableSessionCreation in class javax.net.ssl.SSLEngine