Swift
summaryrefslogtreecommitdiffstats
path: root/src/com/isode/stroke/tls/java/JSSEContextFactory.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/com/isode/stroke/tls/java/JSSEContextFactory.java')
-rw-r--r--src/com/isode/stroke/tls/java/JSSEContextFactory.java35
1 files changed, 32 insertions, 3 deletions
diff --git a/src/com/isode/stroke/tls/java/JSSEContextFactory.java b/src/com/isode/stroke/tls/java/JSSEContextFactory.java
index 0ddb4fd..63b184d 100644
--- a/src/com/isode/stroke/tls/java/JSSEContextFactory.java
+++ b/src/com/isode/stroke/tls/java/JSSEContextFactory.java
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012, Isode Limited, London, England.
+/* Copyright (c) 2012-2013, Isode Limited, London, England.
* All rights reserved.
*
* Acquisition and use of this software and related materials for any
@@ -10,12 +10,19 @@
package com.isode.stroke.tls.java;
+import java.util.HashSet;
+import java.util.Set;
+
import com.isode.stroke.tls.TLSContext;
import com.isode.stroke.tls.TLSContextFactory;
/**
* Concrete implementation of a TLSContextFactory which uses SSLEngine
- * and maybe other stuff? ..tbs...
+ *
+ * <p>Ciphersuite names recognised by this class correspond to the standard
+ * names as described in
+ * <a href=http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#ciphersuites>
+ * Oracle's "Java Cryptography Architecture Standard Algorithm Name Documentation"</a>.
*
*/
public class JSSEContextFactory implements TLSContextFactory {
@@ -27,7 +34,29 @@ public class JSSEContextFactory implements TLSContextFactory {
@Override
public TLSContext createTLSContext() {
- return new JSSEContext();
+ return new JSSEContext(restrictedCipherSuites);
}
+
+ private static Set<String> restrictedCipherSuites = null;
+
+ /**
+ * Restrict which cipher suites are to be enabled for any TLSContexts
+ * returned by this factory from now on. Any name which is
+ * not recognised, or not available is ignored: this method cannot be
+ * used to enable otherwise unavailable ciphersuites.
+ *
+ * @param cipherSuites a set of cipher suite names. If this parameter is
+ * null, then no restriction on cipher suites applies (all suites available
+ * to the implementation will be enabled).
+ *
+ */
+ public static void setRestrictedCipherSuites(Set<String> cipherSuites) {
+ if (cipherSuites == null) {
+ restrictedCipherSuites = null;
+ return;
+ }
+
+ restrictedCipherSuites = new HashSet<String>(cipherSuites);
+ }
}