SSLUtil (Apache Qpid JMS AMQP 0-x 6.3.4 API)

java.lang.Object
- org.apache.qpid.transport.network.security.ssl.SSLUtil

```
public class SSLUtil
extends Object
```

Field Summary

Fields
Modifier and Type Field and Description

static String[] TLS_PROTOCOL_PREFERENCES

Fields
Modifier and Type	Field and Description
`static String[]`	`TLS_PROTOCOL_PREFERENCES`

Method Summary

Methods
Modifier and Type	Method and Description
`static String[]`	`filterEnabledCipherSuites(String[] enabledCipherSuites, String[] supportedCipherSuites, List<String> cipherSuiteWhiteList, List<String> cipherSuiteBlackList)`
`static String[]`	`filterEnabledProtocols(String[] enabledProtocols, String[] supportedProtocols, List<String> protocolWhiteList, List<String> protocolBlackList)`
`static String`	`getIdFromSubjectDN(String dn)`
`static KeyStore`	`getInitializedKeyStore(String storePath, String storePassword, String keyStoreType)`
`static KeyStore`	`getInitializedKeyStore(URL storePath, String storePassword, String keyStoreType)`
`static X509Certificate[]`	`readCertificates(InputStream input)`
`static X509Certificate[]`	`readCertificates(URL certFile)`
`static PrivateKey`	`readPrivateKey(byte[] content, String algorithm)`
`static PrivateKey`	`readPrivateKey(InputStream input)`
`static PrivateKey`	`readPrivateKey(URL url)`
`static String`	`retrieveIdentity(SSLEngine engine)`
`static SSLContext`	`tryGetSSLContext()`
`static SSLContext`	`tryGetSSLContext(String[] protocols)`
`static void`	`updateEnabledCipherSuites(SSLEngine engine, List<String> cipherSuitesWhiteList, List<String> cipherSuitesBlackList)`
`static void`	`updateEnabledCipherSuites(SSLSocket socket, List<String> cipherSuitesWhiteList, List<String> cipherSuitesBlackList)`
`static void`	`updateEnabledTlsProtocols(SSLEngine engine, List<String> protocolWhiteList, List<String> protocolBlackList)`
`static void`	`updateEnabledTlsProtocols(SSLSocket socket, List<String> protocolWhiteList, List<String> protocolBlackList)`
`static void`	`useCipherOrderIfPossible(SSLEngine sslEngine)`
`static void`	`verifyHostname(SSLEngine engine, String hostnameExpected)`
`static void`	`verifyHostname(String hostnameExpected, X509Certificate cert)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

TLS_PROTOCOL_PREFERENCES

public static final String[] TLS_PROTOCOL_PREFERENCES

Method Detail

verifyHostname

public static void verifyHostname(SSLEngine engine,
                  String hostnameExpected)

verifyHostname

public static void verifyHostname(String hostnameExpected,
                  X509Certificate cert)

getIdFromSubjectDN

public static String getIdFromSubjectDN(String dn)

retrieveIdentity

public static String retrieveIdentity(SSLEngine engine)

getInitializedKeyStore

public static KeyStore getInitializedKeyStore(String storePath,
                              String storePassword,
                              String keyStoreType)
                                       throws GeneralSecurityException,
                                              IOException

Throws:: GeneralSecurityException; IOException

getInitializedKeyStore

public static KeyStore getInitializedKeyStore(URL storePath,
                              String storePassword,
                              String keyStoreType)
                                       throws GeneralSecurityException,
                                              IOException

Throws:: GeneralSecurityException; IOException

readCertificates

public static X509Certificate[] readCertificates(URL certFile)
                                          throws IOException,
                                                 GeneralSecurityException

Throws:: IOException; GeneralSecurityException

readCertificates

public static X509Certificate[] readCertificates(InputStream input)
                                          throws IOException,
                                                 GeneralSecurityException

Throws:: IOException; GeneralSecurityException

readPrivateKey

public static PrivateKey readPrivateKey(URL url)
                                 throws IOException,
                                        GeneralSecurityException

Throws:: IOException; GeneralSecurityException

readPrivateKey

public static PrivateKey readPrivateKey(InputStream input)
                                 throws IOException,
                                        GeneralSecurityException

Throws:: IOException; GeneralSecurityException

readPrivateKey

public static PrivateKey readPrivateKey(byte[] content,
                        String algorithm)
                                 throws NoSuchAlgorithmException,
                                        InvalidKeySpecException

Throws:: NoSuchAlgorithmException; InvalidKeySpecException

updateEnabledTlsProtocols

public static void updateEnabledTlsProtocols(SSLEngine engine,
                             List<String> protocolWhiteList,
                             List<String> protocolBlackList)

updateEnabledTlsProtocols

public static void updateEnabledTlsProtocols(SSLSocket socket,
                             List<String> protocolWhiteList,
                             List<String> protocolBlackList)

filterEnabledProtocols

public static String[] filterEnabledProtocols(String[] enabledProtocols,
                              String[] supportedProtocols,
                              List<String> protocolWhiteList,
                              List<String> protocolBlackList)

filterEnabledCipherSuites

public static String[] filterEnabledCipherSuites(String[] enabledCipherSuites,
                                 String[] supportedCipherSuites,
                                 List<String> cipherSuiteWhiteList,
                                 List<String> cipherSuiteBlackList)

updateEnabledCipherSuites

public static void updateEnabledCipherSuites(SSLEngine engine,
                             List<String> cipherSuitesWhiteList,
                             List<String> cipherSuitesBlackList)

updateEnabledCipherSuites

public static void updateEnabledCipherSuites(SSLSocket socket,
                             List<String> cipherSuitesWhiteList,
                             List<String> cipherSuitesBlackList)

tryGetSSLContext

public static SSLContext tryGetSSLContext()
                                   throws NoSuchAlgorithmException

Throws:: NoSuchAlgorithmException

tryGetSSLContext

public static SSLContext tryGetSSLContext(String[] protocols)
                                   throws NoSuchAlgorithmException

Throws:: NoSuchAlgorithmException

useCipherOrderIfPossible

public static void useCipherOrderIfPossible(SSLEngine sslEngine)

Class SSLUtil

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

TLS_PROTOCOL_PREFERENCES

Method Detail

verifyHostname

verifyHostname

getIdFromSubjectDN

retrieveIdentity

getInitializedKeyStore

getInitializedKeyStore

readCertificates

readCertificates

readPrivateKey

readPrivateKey

readPrivateKey

updateEnabledTlsProtocols

updateEnabledTlsProtocols

filterEnabledProtocols

filterEnabledCipherSuites

updateEnabledCipherSuites

updateEnabledCipherSuites

tryGetSSLContext

tryGetSSLContext

useCipherOrderIfPossible