71 * @see SSLSocket
72 * @see SSLEngine
73 * @see SSLContext
74 *
75 * @since 1.6
76 */
77 public class SSLParameters {
78
79 private String[] cipherSuites;
80 private String[] protocols;
81 private boolean wantClientAuth;
82 private boolean needClientAuth;
83 private String identificationAlgorithm;
84 private AlgorithmConstraints algorithmConstraints;
85 private Map<Integer, SNIServerName> sniNames = null;
86 private Map<Integer, SNIMatcher> sniMatchers = null;
87 private boolean preferLocalCipherSuites;
88 private boolean enableRetransmissions = true;
89 private int maximumPacketSize = 0;
90 private String[] applicationProtocols = new String[0];
91
92 /**
93 * Constructs SSLParameters.
94 * <p>
95 * The values of cipherSuites, protocols, cryptographic algorithm
96 * constraints, endpoint identification algorithm, server names and
97 * server name matchers are set to {@code null}; useCipherSuitesOrder,
98 * wantClientAuth and needClientAuth are set to {@code false};
99 * enableRetransmissions is set to {@code true}; maximum network packet
100 * size is set to {@code 0}.
101 */
102 public SSLParameters() {
103 // empty
104 }
105
106 /**
107 * Constructs SSLParameters from the specified array of ciphersuites.
108 * <p>
109 * Calling this constructor is equivalent to calling the no-args
110 * constructor followed by
658 * any element in a non-empty array is null or an
659 * empty (zero-length) string
660 * @see #getApplicationProtocols
661 * @since 9
662 */
663 public void setApplicationProtocols(String[] protocols) {
664 if (protocols == null) {
665 throw new IllegalArgumentException("protocols was null");
666 }
667
668 String[] tempProtocols = protocols.clone();
669
670 for (String p : tempProtocols) {
671 if (p == null || p.equals("")) {
672 throw new IllegalArgumentException(
673 "An element of protocols was null/empty");
674 }
675 }
676 applicationProtocols = tempProtocols;
677 }
678 }
|
71 * @see SSLSocket
72 * @see SSLEngine
73 * @see SSLContext
74 *
75 * @since 1.6
76 */
77 public class SSLParameters {
78
79 private String[] cipherSuites;
80 private String[] protocols;
81 private boolean wantClientAuth;
82 private boolean needClientAuth;
83 private String identificationAlgorithm;
84 private AlgorithmConstraints algorithmConstraints;
85 private Map<Integer, SNIServerName> sniNames = null;
86 private Map<Integer, SNIMatcher> sniMatchers = null;
87 private boolean preferLocalCipherSuites;
88 private boolean enableRetransmissions = true;
89 private int maximumPacketSize = 0;
90 private String[] applicationProtocols = new String[0];
91 private boolean useCertificateAuthorities = false;
92
93 /**
94 * Constructs SSLParameters.
95 * <p>
96 * The values of cipherSuites, protocols, cryptographic algorithm
97 * constraints, endpoint identification algorithm, server names and
98 * server name matchers are set to {@code null}; useCipherSuitesOrder,
99 * wantClientAuth and needClientAuth are set to {@code false};
100 * enableRetransmissions is set to {@code true}; maximum network packet
101 * size is set to {@code 0}.
102 */
103 public SSLParameters() {
104 // empty
105 }
106
107 /**
108 * Constructs SSLParameters from the specified array of ciphersuites.
109 * <p>
110 * Calling this constructor is equivalent to calling the no-args
111 * constructor followed by
659 * any element in a non-empty array is null or an
660 * empty (zero-length) string
661 * @see #getApplicationProtocols
662 * @since 9
663 */
664 public void setApplicationProtocols(String[] protocols) {
665 if (protocols == null) {
666 throw new IllegalArgumentException("protocols was null");
667 }
668
669 String[] tempProtocols = protocols.clone();
670
671 for (String p : tempProtocols) {
672 if (p == null || p.equals("")) {
673 throw new IllegalArgumentException(
674 "An element of protocols was null/empty");
675 }
676 }
677 applicationProtocols = tempProtocols;
678 }
679
680 /**
681 * Returns whether or not the use of Certificate Authorities
682 * TLS extension is enabled on either a Client or a Server.
683 * <p>
684 * When the extension is enabled on a Client, information
685 * regarding its trusted certificate authorities is sent in
686 * a {@code ClientHello} message, during the TLS handshake.
687 * <p>
688 * When the extension is enabled on a Server, information
689 * regarding its trusted certificate authorities is sent in
690 * a {@code CertificateRequest} message, during the TLS handshake
691 * (assuming the Server requires client certificate authentication).
692 * <p>
693 * This is part of Certificate Authorities TLS extension (TLS 1.3).
694 * See further information in
695 * <a href="https://tools.ietf.org/html/draft-ietf-tls-tls13-20#section-4.2.4">TLS 1.3</a>.
696 *
697 * @return a boolean value indicating whether or not the use of
698 * Certificate Authorities TLS extension is enabled.
699 */
700 public boolean getUseCertificateAuthorities() {
701 return useCertificateAuthorities;
702 }
703
704 /**
705 * Sets whether or not the use of Certificate Authorities
706 * TLS extension should be enabled on either a Client or a Server.
707 * <p>
708 * When the extension is enabled on a Client, information
709 * regarding its trusted certificate authorities is sent in
710 * a {@code ClientHello} message, during the TLS handshake.
711 * <p>
712 * When the extension is enabled on a Server, information
713 * regarding its trusted certificate authorities is sent in
714 * a {@code CertificateRequest} message, during the TLS handshake
715 * (assuming the Server requires Client certificate authentication).
716 * <p>
717 * This is part of Certificate Authorities TLS extension (TLS 1.3).
718 * See further information in
719 * <a href="https://tools.ietf.org/html/draft-ietf-tls-tls13-20#section-4.2.4">TLS 1.3</a>.
720 *
721 * @param useCertificateAuthorities whether or not the use of Certificate
722 * Authorities TLS extension should be enabled.
723 * @throws UnsupportedOperationException if the underlying provider
724 * does not implement the operation.
725 */
726 public void setUseCertificateAuthorities(boolean useCertificateAuthorities) {
727 this.useCertificateAuthorities = useCertificateAuthorities;
728 }
729
730 }
|