diff options
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java | 32 |
1 files changed, 28 insertions, 4 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java index fff942ba6ab..6a530718363 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java @@ -1,9 +1,14 @@ // Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.security.tls; +import com.yahoo.security.X509SslContext; + import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLParameters; +import javax.net.ssl.SSLServerSocket; +import javax.net.ssl.SSLSocket; +import java.io.IOException; import java.security.KeyManagementException; import java.security.NoSuchAlgorithmException; import java.util.Arrays; @@ -92,13 +97,32 @@ public interface TlsContext extends AutoCloseable { } catch (KeyManagementException e) { throw new IllegalStateException(e); } } - SSLContext context(); - + X509SslContext sslContext(); SSLParameters parameters(); - SSLEngine createSslEngine(); + default SSLEngine createSslEngine() { + SSLEngine sslEngine = sslContext().context().createSSLEngine(); + sslEngine.setSSLParameters(parameters()); + return sslEngine; + } + + default SSLEngine createSslEngine(String peerHost, int peerPort) { + SSLEngine sslEngine = sslContext().context().createSSLEngine(peerHost, peerPort); + sslEngine.setSSLParameters(parameters()); + return sslEngine; + } + + default SSLSocket createClientSslSocket() throws IOException { + var socket = (SSLSocket) sslContext().context().getSocketFactory().createSocket(); + socket.setSSLParameters(parameters()); + return socket; + } - SSLEngine createSslEngine(String peerHost, int peerPort); + default SSLServerSocket createServerSslSocket() throws IOException { + var socket = (SSLServerSocket) sslContext().context().getServerSocketFactory().createServerSocket(); + socket.setSSLParameters(parameters()); + return socket; + } @Override default void close() {} |