Swift
summaryrefslogtreecommitdiffstats
path: root/src/com/isode/stroke/tls/java/JSSEContextFactory.java
blob: 666ee777ee6de5c20134e4f95cd6fb8df7624c8d (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63

/*  Copyright (c) 2012-2013, Isode Limited, London, England.
 *  All rights reserved.
 *
 *  Acquisition and use of this software and related materials for any
 *  purpose requires a written licence agreement from Isode Limited,
 *  or a written licence from an organisation licensed by Isode Limited Limited
 *  to grant such a licence.
 *
 */
 
package com.isode.stroke.tls.java;

import java.util.HashSet;
import java.util.Set;

import com.isode.stroke.tls.TLSContext;
import com.isode.stroke.tls.TLSOptions;
import com.isode.stroke.tls.TLSContextFactory;

/**
 * Concrete implementation of a TLSContextFactory which uses SSLEngine 
 * 
 * <p>Ciphersuite names recognised by this class correspond to the standard
 * names as described in 
 * <a href=http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#ciphersuites>
 * Oracle's "Java Cryptography Architecture Standard Algorithm Name Documentation"</a>.
 * 
 */
public class JSSEContextFactory implements TLSContextFactory {

    @Override
    public boolean canCreate() {
        return true;
    }

    @Override
    public TLSContext createTLSContext(TLSOptions tlsOptions) {
        return new JSSEContext(restrictedCipherSuites);
    }
    
    private static Set<String> restrictedCipherSuites = null;
    
    /**
     * Restrict which cipher suites are to be enabled for any TLSContexts
     * returned by this factory from now on. Any name which is
     * not recognised, or not available is ignored: this method cannot be 
     * used to enable otherwise unavailable ciphersuites.
     * 
     * @param cipherSuites a set of cipher suite names. If this parameter is
     * null, then no restriction on cipher suites applies (all suites available
     * to the implementation will be enabled). 
     * 
     */
    public static void setRestrictedCipherSuites(Set<String> cipherSuites) {
        if (cipherSuites == null) {
            restrictedCipherSuites = null;
            return;
        }
        
        restrictedCipherSuites = new HashSet<String>(cipherSuites);
    }    

}