Class GenericSSLSocketFactory

java.lang.Object
org.jpos.util.SimpleLogSource
org.jpos.iso.GenericSSLSocketFactory
All Implemented Interfaces:
Configurable, ISOClientSocketFactory, ISOServerSocketFactory, LogSource
Direct Known Subclasses:
SunJSSESocketFactory
public class GenericSSLSocketFactory extends SimpleLogSource implements ISOServerSocketFactory, ISOClientSocketFactory, Configurable
SunJSSESocketFactory is used by BaseChannel and ISOServer in order to provide hooks for SSL implementations.
Since:
1.3.3

  • Constructor Details

  • Method Details

    • setKeyStore

      public void setKeyStore(String keyStore)
      Sets the path of the JKS key store used for the TLS handshake.
      Parameters:
      keyStore - filesystem path of the JKS key store

    • setPassword

      public void setPassword(String password)
      Sets the key store password.
      Parameters:
      password - key store password

    • setKeyPassword

      public void setKeyPassword(String keyPassword)
      Sets the password protecting the private key entry.
      Parameters:
      keyPassword - password protecting the private key entry

    • setServerName

      public void setServerName(String serverName)
      Sets the Common Name (CN) used to verify the peer certificate.
      Parameters:
      serverName - expected Common Name (CN) of the peer certificate

    • setClientAuthNeeded

      public void setClientAuthNeeded(boolean clientAuthNeeded)
      Toggles whether accepted sockets require TLS client authentication.
      Parameters:
      clientAuthNeeded - require TLS client authentication on accepted sockets

    • setServerAuthNeeded

      public void setServerAuthNeeded(boolean serverAuthNeeded)
      Toggles whether outbound sockets validate the server certificate chain.
      Parameters:
      serverAuthNeeded - validate the server certificate chain on outbound sockets

    • createServerSocketFactory

      protected SSLServerSocketFactory createServerSocketFactory() throws ISOException
      Create a socket factory
      Returns:
      the socket factory
      Throws:
      ISOException - if an error occurs during server socket creation

    • createSocketFactory

      protected SSLSocketFactory createSocketFactory() throws ISOException
      Create a socket factory
      Returns:
      the socket factory
      Throws:
      ISOException - if an error occurs during server socket creation

    • createServerSocket

      public ServerSocket createServerSocket(int port) throws IOException, ISOException
      Create a server socket on the specified port (port 0 indicates an anonymous port).
      Specified by:
      createServerSocket in interface ISOServerSocketFactory
      Parameters:
      port - the port number
      Returns:
      the server socket on the specified port
      Throws:
      IOException - should an I/O error occurs during
      ISOException - should an error occurs during creation

    • createSocket

      public Socket createSocket(String host, int port) throws IOException, ISOException
      Create a client socket connected to the specified host and port.
      Specified by:
      createSocket in interface ISOClientSocketFactory
      Parameters:
      host - the host name
      port - the port number
      Returns:
      a socket connected to the specified host and port.
      Throws:
      IOException - if an I/O error occurs during socket creation
      ISOException - should any other error occurs

    • getKeyStore

      public String getKeyStore()
      Returns the path of the configured JKS key store.
      Returns:
      filesystem path of the JKS key store

    • getPassword

      protected String getPassword()
      Hook returning the key store password. Subclasses are expected to override this to source the password from a secret manager rather than a system property.
      Returns:
      key store password

    • getKeyPassword

      protected String getKeyPassword()
      Hook returning the private-key entry password. Subclasses are expected to override this to source the password from a secret manager rather than a system property.
      Returns:
      private-key entry password

    • getServerName

      public String getServerName()
      Returns the configured peer certificate Common Name.
      Returns:
      expected Common Name (CN) of the peer certificate

    • getClientAuthNeeded

      public boolean getClientAuthNeeded()
      Returns whether accepted sockets require TLS client authentication.
      Returns:
      true when accepted sockets require TLS client authentication

    • getServerAuthNeeded

      public boolean getServerAuthNeeded()
      Returns whether outbound sockets validate the server certificate chain.
      Returns:
      true when outbound sockets validate the server certificate chain

    • setEnabledCipherSuites

      public void setEnabledCipherSuites(String[] enabledCipherSuites)
      Sets the explicit list of TLS cipher suites enabled on created sockets.
      Parameters:
      enabledCipherSuites - cipher suites to enable on created sockets; null or empty leaves provider defaults in place

    • getEnabledCipherSuites

      public String[] getEnabledCipherSuites()
      Returns the explicit list of TLS cipher suites enabled on created sockets.
      Returns:
      cipher suites enabled on created sockets, or null when provider defaults apply

    • setConfiguration

      public void setConfiguration(Configuration cfg) throws ConfigurationException
      Description copied from interface: Configurable
      Configures this object with the supplied Configuration.
      Specified by:
      setConfiguration in interface Configurable
      Parameters:
      cfg - Configuration object
      Throws:
      ConfigurationException - if the configuration is invalid

    • getConfiguration

      public Configuration getConfiguration()
      Returns the configuration applied via setConfiguration(Configuration).
      Returns:
      active configuration, or null if not yet configured