Package org.jboss.netty.handler.ssl

Class JdkSslServerContext

java.lang.Object

org.jboss.netty.handler.ssl.SslContext

org.jboss.netty.handler.ssl.JdkSslContext

org.jboss.netty.handler.ssl.JdkSslServerContext

public final class JdkSslServerContext
extends JdkSslContext

A server-side SslContext which uses JDK's SSL/TLS implementation.

Field Summary

Fields

Modifier and Type	Field	Description
private final SSLContext	ctx
private final List<String>	nextProtocols

Fields inherited from class org.jboss.netty.handler.ssl.JdkSslContext

DEFAULT_CIPHERS, PROTOCOL, PROTOCOLS

Constructor Summary

Constructors

Constructor	Description
JdkSslServerContext(File certChainFile, File keyFile)	Creates a new instance.
JdkSslServerContext(File certChainFile, File keyFile, String keyPassword)	Creates a new instance.
JdkSslServerContext(SslBufferPool bufPool, File certChainFile, File keyFile, String keyPassword, Iterable<String> ciphers, Iterable<String> nextProtocols, long sessionCacheSize, long sessionTimeout)	Creates a new instance.

Method Summary

Modifier and Type	Method	Description
SSLContext	context()	Returns the JDK SSLContext object held by this context.
private static PKCS8EncodedKeySpec	generateKeySpec(char[] password, byte[] key)	Generates a key specification for an (encrypted) private key.
boolean	isClient()	Returns the true if and only if this context is for client-side.
List<String>	nextProtocols()	Returns the list of application layer protocols for the TLS NPN/ALPN extension, in the order of preference.

Methods inherited from class org.jboss.netty.handler.ssl.JdkSslContext

cipherSuites, newEngine, newEngine, sessionCacheSize, sessionContext, sessionTimeout

Methods inherited from class org.jboss.netty.handler.ssl.SslContext

bufferPool, defaultClientProvider, defaultServerProvider, isServer, newBufferPool, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newHandler, newHandler, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

ctx

private final SSLContext ctx

nextProtocols

private final List<String> nextProtocols

Constructor Details

JdkSslServerContext

public JdkSslServerContext(File certChainFile,
 File keyFile)
                    throws SSLException

Creates a new instance.

Parameters:

certChainFile - an X.509 certificate chain file in PEM format

keyFile - a PKCS#8 private key file in PEM format

Throws:

SSLException

JdkSslServerContext

public JdkSslServerContext(File certChainFile,
 File keyFile,
 String keyPassword)
                    throws SSLException

Creates a new instance.

Parameters:

certChainFile - an X.509 certificate chain file in PEM format

keyFile - a PKCS#8 private key file in PEM format

keyPassword - the password of the keyFile. null if it's not password-protected.

Throws:

SSLException

JdkSslServerContext

public JdkSslServerContext(SslBufferPool bufPool,
 File certChainFile,
 File keyFile,
 String keyPassword,
 Iterable<String> ciphers,
 Iterable<String> nextProtocols,
 long sessionCacheSize,
 long sessionTimeout)
                    throws SSLException

Creates a new instance.

Parameters:

bufPool - the buffer pool which will be used by this context. null to use the default buffer pool.

certChainFile - an X.509 certificate chain file in PEM format

keyFile - a PKCS#8 private key file in PEM format

keyPassword - the password of the keyFile. null if it's not password-protected.

ciphers - the cipher suites to enable, in the order of preference. null to use the default cipher suites.

nextProtocols - the application layer protocols to accept, in the order of preference. null to disable TLS NPN/ALPN extension.

sessionCacheSize - the size of the cache used for storing SSL session objects. 0 to use the default value.

sessionTimeout - the timeout for the cached SSL session objects, in seconds. 0 to use the default value.

Throws:

SSLException

Method Details

isClient

public boolean isClient()

Description copied from class: SslContext

Returns the true if and only if this context is for client-side.

Specified by:

isClient in class SslContext

nextProtocols

public List<String> nextProtocols()

Description copied from class: SslContext

Returns the list of application layer protocols for the TLS NPN/ALPN extension, in the order of preference.

Specified by:

nextProtocols in class SslContext

Returns:

the list of application layer protocols. null if NPN/ALPN extension has been disabled.

context

public SSLContext context()

Description copied from class: JdkSslContext

Returns the JDK SSLContext object held by this context.

Specified by:

context in class JdkSslContext

generateKeySpec

private static PKCS8EncodedKeySpec generateKeySpec(char[] password,
 byte[] key)
                                            throws IOException,
NoSuchAlgorithmException,
NoSuchPaddingException,
InvalidKeySpecException,
InvalidKeyException,
InvalidAlgorithmParameterException

Generates a key specification for an (encrypted) private key.

Parameters:

password - characters, if null or empty an unencrypted key is assumed

key - bytes of the DER encoded private key

Returns:

a key specification

Throws:

IOException - if parsing key fails

NoSuchAlgorithmException - if the algorithm used to encrypt key is unkown

NoSuchPaddingException - if the padding scheme specified in the decryption algorithm is unkown

InvalidKeySpecException - if the decryption key based on password cannot be generated

InvalidKeyException - if the decryption key based on password cannot be used to decrypt key

InvalidAlgorithmParameterException - if decryption algorithm parameters are somehow faulty