iaik.security.ssl
Class CipherSuiteList

java.lang.Object
  extended by iaik.security.ssl.CipherSuiteList
All Implemented Interfaces:
java.io.Serializable, java.lang.Cloneable

public class CipherSuiteList
extends java.lang.Object
implements java.io.Serializable, java.lang.Cloneable

This class implements a list of cipher suites to select the enabled cipher suites etc. Actually it is an ordered set and not a list, i.e. each elements can appear only once.

See Also:
Serialized Form

Field Summary
static int L_ALL
          Selection constant for a list with all known ciphersuites.
static int L_DEFAULT
          Selection constant for a list with the default ciphersuites.
static int L_IMPLEMENTED
          Selection constant for a list with all implemented ciphersuites.
static int L_NONE
          Selection constant for an empty list.
 
Constructor Summary
CipherSuiteList()
          Create an empty ciphersuite list.
CipherSuiteList(CipherSuite suite)
          Create a new ciphersuite list with the specified suite as its only element.
CipherSuiteList(CipherSuite[] suites)
          Create a new ciphersuite list from the contents of the given array.
CipherSuiteList(CipherSuiteList suites)
          Create a copy of the given ciphersuite list.
CipherSuiteList(int which)
          Create a new ciphersuite list with the contents determined by the selection value.
CipherSuiteList(java.lang.String[] suites)
          Create a new ciphersuite list from an array of cipher suite names.
 
Method Summary
 void add(CipherSuite suite)
          Add a ciphersuite to the end of this list.
 void add(CipherSuite[] suites)
          Add all ciphersuite from an array to this list in order.
 void clear()
          Remove all elements from this list.
 java.lang.Object clone()
          Return a clone of this ciphersuite list.
 boolean contains(CipherSuite suite)
          Test if the given cipher suite is an element of this list.
 CipherSuite elementAt(int i)
          Return the element at the given index.
 java.util.Enumeration elements()
          Return an Enumeration of the elements of this list.
 void ensureAvailable()
          Make sure this list only contains ciphersuites that can actually be used.
 int indexOf(CipherSuite suite)
          Gets the index of the given cipher suite in this list.
 void insertSorted(CipherSuite suite)
          Perform a sorted insertion of the given cipher suite into this list.
 void insertSorted(CipherSuite[] suites)
          Perform a sorted insertion of the ciphersuites from the given array into this list.
 void intersectWith(CipherSuiteList other)
          Compute the intersection of this list and another list.
 void remove(CipherSuite suite)
          Remove a ciphersuite from this list.
 void remove(CipherSuite[] suites)
          Remove all ciphersuite from an array from this list.
 int size()
          Return the number of elements in this list.
 void sort()
          Sort the ciphersuites by strength.
 CipherSuite[] toArray()
          Convert this list to an array of ciphersuites.
 java.lang.String toString()
          Return a string representation of this list.
 
Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

L_NONE

public static final int L_NONE
Selection constant for an empty list.

See Also:
Constant Field Values

L_DEFAULT

public static final int L_DEFAULT
Selection constant for a list with the default ciphersuites.

See Also:
Constant Field Values

L_IMPLEMENTED

public static final int L_IMPLEMENTED
Selection constant for a list with all implemented ciphersuites.

See Also:
Constant Field Values

L_ALL

public static final int L_ALL
Selection constant for a list with all known ciphersuites. Note that this list contains not implemented ciphersuites and therefore should be used for testing only.

See Also:
Constant Field Values
Constructor Detail

CipherSuiteList

public CipherSuiteList()
Create an empty ciphersuite list.


CipherSuiteList

public CipherSuiteList(int which)
Create a new ciphersuite list with the contents determined by the selection value. It should be one of L_xxx values defined for this class. The resulting list will be sorted and only contain the ciphersuites that are available, i.e. can be used with the installed security provider.

Note that ensureAvailable() is automatically called on the created list.


CipherSuiteList

public CipherSuiteList(CipherSuite suite)
Create a new ciphersuite list with the specified suite as its only element.


CipherSuiteList

public CipherSuiteList(CipherSuite[] suites)
Create a new ciphersuite list from the contents of the given array. If a ciphersuite occurs multiple times in the array only the first occurrence is used.


CipherSuiteList

public CipherSuiteList(java.lang.String[] suites)
                throws java.lang.IllegalArgumentException
Create a new ciphersuite list from an array of cipher suite names. If a ciphersuite occurs multiple times in the array only the first occurrence is used.

Parameters:
suites - the cipher suite names
Throws:
java.lang.IllegalArgumentException - if the list of suite names refers a cipher suite that is not supported

CipherSuiteList

public CipherSuiteList(CipherSuiteList suites)
Create a copy of the given ciphersuite list.

Method Detail

add

public void add(CipherSuite suite)
Add a ciphersuite to the end of this list. If it is already contained in the list the call is ignored.


remove

public void remove(CipherSuite suite)
Remove a ciphersuite from this list. If it is not contained in the list the call is ignored.


contains

public boolean contains(CipherSuite suite)
Test if the given cipher suite is an element of this list.


indexOf

public int indexOf(CipherSuite suite)
Gets the index of the given cipher suite in this list.

Returns:
the index of the cipher suite in the list or -1 if the suite is not included in the list

add

public void add(CipherSuite[] suites)
Add all ciphersuite from an array to this list in order.


remove

public void remove(CipherSuite[] suites)
Remove all ciphersuite from an array from this list.


clear

public void clear()
Remove all elements from this list.


toArray

public CipherSuite[] toArray()
Convert this list to an array of ciphersuites.


size

public int size()
Return the number of elements in this list.


elementAt

public CipherSuite elementAt(int i)
                      throws java.lang.ArrayIndexOutOfBoundsException
Return the element at the given index. An ArrayIndexOutOfBoundsException is thrown if the index is invalid.

Throws:
java.lang.ArrayIndexOutOfBoundsException

elements

public java.util.Enumeration elements()
Return an Enumeration of the elements of this list.


insertSorted

public void insertSorted(CipherSuite suite)
Perform a sorted insertion of the given cipher suite into this list. This list must already be sorted according to the criteria given below. If the suite is already contained in this list the call is ignored.

Cipher suites are sorted by cryptographic strength, the strongest come first. We define a cipher suite to be stronger than another by the following ordered criteria.

  1. Encryption algorithm: AES_256_CBC, CAMELLIA_256_CBC, AES_128_CBC, CAMELLIA_128_CBC, 3DES_EDE_CBC, RC4_128, IDEA_CBC, DES_CBC
  2. Key length (however, AES_128_CBC comes before 3DES_EDE_CBC)
  3. Export key size limit
  4. MAC algorithm SHA over MD5
  5. Key Exchange algorithm: ECDHE_RSA, ECDHE_ECDSA, DHE_RSA, DHE_DSS, RSA, ECDH_RSA, ECDH_ECDSA, DH_RSA, DH_DSS
    (EC)DHE and RSA key exchange are preferred over (EC)DH with fixed parameters are preferred over PSK key exchange (EC)DHE and PSK exchange are preferred over PSK exchange with symmetric keys only (EC)DH_anon and RSA_WITH_NULL are handled separately as they do not offer the full security of the other cipher suites. All other cipher suites are defined to be stronger than DH_anon except RSA_WITH_NULL which are weaker.
* PSK suites are interleaved, but this should be no problem because PSK suites and other suites will hardly be used at the same time. For cipher suites that are equally strong by this definition the resulting ordering is undefined.


insertSorted

public void insertSorted(CipherSuite[] suites)
Perform a sorted insertion of the ciphersuites from the given array into this list. This list must already be sorted, they array need not.


sort

public void sort()
Sort the ciphersuites by strength. For the criteria see insertSorted().


ensureAvailable

public void ensureAvailable()
Make sure this list only contains ciphersuites that can actually be used. This method disables all ciphersuites for which CipherSuite.isAvailable() returns false.

See Also:
CipherSuite.isAvailable()

intersectWith

public void intersectWith(CipherSuiteList other)
Compute the intersection of this list and another list. This object is modified to only contain ciphersuites enabled in both this and other.


clone

public java.lang.Object clone()
Return a clone of this ciphersuite list.

Overrides:
clone in class java.lang.Object

toString

public java.lang.String toString()
Return a string representation of this list.

Overrides:
toString in class java.lang.Object

This Javadoc may contain text parts from text parts from IETF Internet Standard specifications (see copyright note).

iSaSiLk 5.104, (c) 2002 IAIK, (c) 2003 - 2015 SIC