Package io.undertow.server.protocol.http
Class ALPNLimitingSSLEngine
java.lang.Object
javax.net.ssl.SSLEngine
io.undertow.server.protocol.http.ALPNLimitingSSLEngine
SSLEngine that will limit the cipher selection to HTTP/2 suitable protocols if the client is offering h2 as an option.
In theory this is not a perfect solution to the HTTP/2 cipher strength issue, but in practice it should be sufficient as any RFC compliant implementation should be able to negotiate TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- Author:
- Stuart Douglas
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidvoidvoidString[]String[]booleanbooleanintString[]String[]booleanbooleanbooleanbooleanvoidsetEnabledCipherSuites(String[] strings) voidsetEnabledProtocols(String[] strings) voidsetEnableSessionCreation(boolean b) voidsetNeedClientAuth(boolean b) voidsetSSLParameters(SSLParameters sslParameters) voidsetUseClientMode(boolean b) voidsetWantClientAuth(boolean b) unwrap(ByteBuffer src, ByteBuffer dst) unwrap(ByteBuffer src, ByteBuffer[] dsts) unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBuffers, int i, int i1) wrap(ByteBuffer[] srcs, int off, int len, ByteBuffer dst) wrap(ByteBuffer[] srcs, ByteBuffer dst) wrap(ByteBuffer src, ByteBuffer dst) Methods inherited from class javax.net.ssl.SSLEngine
getApplicationProtocol, getHandshakeApplicationProtocol, getHandshakeApplicationProtocolSelector, setHandshakeApplicationProtocolSelector
-
Constructor Details
-
ALPNLimitingSSLEngine
-
-
Method Details
-
getPeerHost
- Overrides:
getPeerHostin classSSLEngine
-
getPeerPort
public int getPeerPort()- Overrides:
getPeerPortin classSSLEngine
-
wrap
- Overrides:
wrapin classSSLEngine- Throws:
SSLException
-
wrap
- Overrides:
wrapin classSSLEngine- Throws:
SSLException
-
unwrap
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
unwrap
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
getHandshakeSession
- Overrides:
getHandshakeSessionin classSSLEngine
-
getSSLParameters
- Overrides:
getSSLParametersin classSSLEngine
-
setSSLParameters
- Overrides:
setSSLParametersin classSSLEngine
-
wrap
public SSLEngineResult wrap(ByteBuffer[] srcs, int off, int len, ByteBuffer dst) throws SSLException - Specified by:
wrapin classSSLEngine- Throws:
SSLException
-
unwrap
public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBuffers, int i, int i1) throws SSLException - Specified by:
unwrapin classSSLEngine- Throws:
SSLException
-
getDelegatedTask
- Specified by:
getDelegatedTaskin classSSLEngine
-
closeInbound
- Specified by:
closeInboundin classSSLEngine- Throws:
SSLException
-
isInboundDone
public boolean isInboundDone()- Specified by:
isInboundDonein classSSLEngine
-
closeOutbound
public void closeOutbound()- Specified by:
closeOutboundin classSSLEngine
-
isOutboundDone
public boolean isOutboundDone()- Specified by:
isOutboundDonein classSSLEngine
-
getSupportedCipherSuites
- Specified by:
getSupportedCipherSuitesin classSSLEngine
-
getEnabledCipherSuites
- Specified by:
getEnabledCipherSuitesin classSSLEngine
-
setEnabledCipherSuites
- Specified by:
setEnabledCipherSuitesin classSSLEngine
-
getSupportedProtocols
- Specified by:
getSupportedProtocolsin classSSLEngine
-
getEnabledProtocols
- Specified by:
getEnabledProtocolsin classSSLEngine
-
setEnabledProtocols
- Specified by:
setEnabledProtocolsin classSSLEngine
-
getSession
- Specified by:
getSessionin classSSLEngine
-
beginHandshake
- Specified by:
beginHandshakein classSSLEngine- Throws:
SSLException
-
getHandshakeStatus
- Specified by:
getHandshakeStatusin classSSLEngine
-
setUseClientMode
public void setUseClientMode(boolean b) - Specified by:
setUseClientModein classSSLEngine
-
getUseClientMode
public boolean getUseClientMode()- Specified by:
getUseClientModein classSSLEngine
-
setNeedClientAuth
public void setNeedClientAuth(boolean b) - Specified by:
setNeedClientAuthin classSSLEngine
-
getNeedClientAuth
public boolean getNeedClientAuth()- Specified by:
getNeedClientAuthin classSSLEngine
-
setWantClientAuth
public void setWantClientAuth(boolean b) - Specified by:
setWantClientAuthin classSSLEngine
-
getWantClientAuth
public boolean getWantClientAuth()- Specified by:
getWantClientAuthin classSSLEngine
-
setEnableSessionCreation
public void setEnableSessionCreation(boolean b) - Specified by:
setEnableSessionCreationin classSSLEngine
-
getEnableSessionCreation
public boolean getEnableSessionCreation()- Specified by:
getEnableSessionCreationin classSSLEngine
-