Package org.jboss.netty.handler.ssl

Class JdkSslServerContext

  • public final class JdkSslServerContext
extends JdkSslContext
    A server-side SslContext which uses JDK's SSL/TLS implementation.

    • Field Detail

      • ctx

        private final javax.net.ssl.SSLContext ctx

      • nextProtocols

        private final java.util.List<java.lang.String> nextProtocols

    • Constructor Detail

      • JdkSslServerContext

        public JdkSslServerContext​(java.io.File certChainFile,
                           java.io.File keyFile)
                    throws javax.net.ssl.SSLException
        Creates a new instance.
        Parameters:
        certChainFile - an X.509 certificate chain file in PEM format
        keyFile - a PKCS#8 private key file in PEM format
        Throws:
        javax.net.ssl.SSLException

      • JdkSslServerContext

        public JdkSslServerContext​(java.io.File certChainFile,
                           java.io.File keyFile,
                           java.lang.String keyPassword)
                    throws javax.net.ssl.SSLException
        Creates a new instance.
        Parameters:
        certChainFile - an X.509 certificate chain file in PEM format
        keyFile - a PKCS#8 private key file in PEM format
        keyPassword - the password of the keyFile. null if it's not password-protected.
        Throws:
        javax.net.ssl.SSLException

      • JdkSslServerContext

        public JdkSslServerContext​(SslBufferPool bufPool,
                           java.io.File certChainFile,
                           java.io.File keyFile,
                           java.lang.String keyPassword,
                           java.lang.Iterable<java.lang.String> ciphers,
                           java.lang.Iterable<java.lang.String> nextProtocols,
                           long sessionCacheSize,
                           long sessionTimeout)
                    throws javax.net.ssl.SSLException
        Creates a new instance.
        Parameters:
        bufPool - the buffer pool which will be used by this context. null to use the default buffer pool.
        certChainFile - an X.509 certificate chain file in PEM format
        keyFile - a PKCS#8 private key file in PEM format
        keyPassword - the password of the keyFile. null if it's not password-protected.
        ciphers - the cipher suites to enable, in the order of preference. null to use the default cipher suites.
        nextProtocols - the application layer protocols to accept, in the order of preference. null to disable TLS NPN/ALPN extension.
        sessionCacheSize - the size of the cache used for storing SSL session objects. 0 to use the default value.
        sessionTimeout - the timeout for the cached SSL session objects, in seconds. 0 to use the default value.
        Throws:
        javax.net.ssl.SSLException

    • Method Detail

      • isClient

        public boolean isClient()
        Description copied from class: SslContext
        Returns the true if and only if this context is for client-side.
        Specified by:
        isClient in class SslContext

      • nextProtocols

        public java.util.List<java.lang.String> nextProtocols()
        Description copied from class: SslContext
        Returns the list of application layer protocols for the TLS NPN/ALPN extension, in the order of preference.
        Specified by:
        nextProtocols in class SslContext
        Returns:
        the list of application layer protocols. null if NPN/ALPN extension has been disabled.

      • context

        public javax.net.ssl.SSLContext context()
        Description copied from class: JdkSslContext
        Returns the JDK SSLContext object held by this context.
        Specified by:
        context in class JdkSslContext

      • generateKeySpec

        private static java.security.spec.PKCS8EncodedKeySpec generateKeySpec​(char[] password,
                                                                      byte[] key)
                                                               throws java.io.IOException,
                                                                      java.security.NoSuchAlgorithmException,
                                                                      javax.crypto.NoSuchPaddingException,
                                                                      java.security.spec.InvalidKeySpecException,
                                                                      java.security.InvalidKeyException,
                                                                      java.security.InvalidAlgorithmParameterException
        Generates a key specification for an (encrypted) private key.
        Parameters:
        password - characters, if null or empty an unencrypted key is assumed
        key - bytes of the DER encoded private key
        Returns:
        a key specification
        Throws:
        java.io.IOException - if parsing key fails
        java.security.NoSuchAlgorithmException - if the algorithm used to encrypt key is unkown
        javax.crypto.NoSuchPaddingException - if the padding scheme specified in the decryption algorithm is unkown
        java.security.spec.InvalidKeySpecException - if the decryption key based on password cannot be generated
        java.security.InvalidKeyException - if the decryption key based on password cannot be used to decrypt key
        java.security.InvalidAlgorithmParameterException - if decryption algorithm parameters are somehow faulty