package org.bouncycastle.crypto.tls;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Hashtable;
import org.bouncycastle.util.Arrays;
public final class SessionParameters
{
public static final class Builder
{
private int cipherSuite = -1;
private short compressionAlgorithm = -1;
private byte[] masterSecret = null;
private Certificate peerCertificate = null;
private byte[] pskIdentity = null;
private byte[] srpIdentity = null;
private byte[] encodedServerExtensions = null;
public Builder()
{
}
public SessionParameters build()
{
validate(this.cipherSuite >= 0, "cipherSuite");
validate(this.compressionAlgorithm >= 0, "compressionAlgorithm");
validate(this.masterSecret != null, "masterSecret");
return new SessionParameters(cipherSuite, compressionAlgorithm, masterSecret, peerCertificate, pskIdentity,
srpIdentity, encodedServerExtensions);
}
public Builder setCipherSuite(int cipherSuite)
{
this.cipherSuite = cipherSuite;
return this;
}
public Builder setCompressionAlgorithm(short compressionAlgorithm)
{
this.compressionAlgorithm = compressionAlgorithm;
return this;
}
public Builder setMasterSecret(byte[] masterSecret)
{
this.masterSecret = masterSecret;
return this;
}
public Builder setPeerCertificate(Certificate peerCertificate)
{
this.peerCertificate = peerCertificate;
return this;
}
/**
* @deprecated Use {@link #setPSKIdentity(byte[]))
*/
public Builder setPskIdentity(byte[] pskIdentity)
{
this.pskIdentity = pskIdentity;
return this;
}
public Builder setPSKIdentity(byte[] pskIdentity)
{
this.pskIdentity = pskIdentity;
return this;
}
public Builder setSRPIdentity(byte[] srpIdentity)
{
this.srpIdentity = srpIdentity;
return this;
}
public Builder setServerExtensions(Hashtable serverExtensions) throws IOException
{
if (serverExtensions == null)
{
encodedServerExtensions = null;
}
else
{
ByteArrayOutputStream buf = new ByteArrayOutputStream();
TlsProtocol.writeExtensions(buf, serverExtensions);
encodedServerExtensions = buf.toByteArray();
}
return this;
}
private void validate(boolean condition, String parameter)
{
if (!condition)
{
throw new IllegalStateException("Required session parameter '" + parameter + "' not configured");
}
}
}
private int cipherSuite;
private short compressionAlgorithm;
private byte[] masterSecret;
private Certificate peerCertificate;
private byte[] pskIdentity = null;
private byte[] srpIdentity = null;
private byte[] encodedServerExtensions;
private SessionParameters(int cipherSuite, short compressionAlgorithm, byte[] masterSecret,
Certificate peerCertificate, byte[] pskIdentity, byte[] srpIdentity, byte[] encodedServerExtensions)
{
this.cipherSuite = cipherSuite;
this.compressionAlgorithm = compressionAlgorithm;
this.masterSecret = Arrays.clone(masterSecret);
this.peerCertificate = peerCertificate;
this.pskIdentity = Arrays.clone(pskIdentity);
this.srpIdentity = Arrays.clone(srpIdentity);
this.encodedServerExtensions = encodedServerExtensions;
}
public void clear()
{
if (this.masterSecret != null)
{
Arrays.fill(this.masterSecret, (byte)0);
}
}
public SessionParameters copy()
{
return new SessionParameters(cipherSuite, compressionAlgorithm, masterSecret, peerCertificate, pskIdentity,
srpIdentity, encodedServerExtensions);
}
public int getCipherSuite()
{
return cipherSuite;
}
public short getCompressionAlgorithm()
{
return compressionAlgorithm;
}
public byte[] getMasterSecret()
{
return masterSecret;
}
public Certificate getPeerCertificate()
{
return peerCertificate;
}
/**
* @deprecated Use {@link #getPSKIdentity())
*/
public byte[] getPskIdentity()
{
return pskIdentity;
}
public byte[] getPSKIdentity()
{
return pskIdentity;
}
public byte[] getSRPIdentity()
{
return srpIdentity;
}
public Hashtable readServerExtensions() throws IOException
{
if (encodedServerExtensions == null)
{
return null;
}
ByteArrayInputStream buf = new ByteArrayInputStream(encodedServerExtensions);
return TlsProtocol.readExtensions(buf);
}
}