ServletSSL xref

View Javadoc

1   // ========================================================================
2   // Copyright (c) 2001-2009 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // All rights reserved. This program and the accompanying materials
5   // are made available under the terms of the Eclipse Public License v1.0
6   // and Apache License v2.0 which accompanies this distribution.
7   // The Eclipse Public License is available at 
8   // http://www.eclipse.org/legal/epl-v10.html
9   // The Apache License v2.0 is available at
10  // http://www.opensource.org/licenses/apache2.0.php
11  // You may elect to redistribute this code under either of these licenses. 
12  // ========================================================================
13  
14  package org.eclipse.jetty.server.ssl;
15  
16  /* --------------------------------------------------------------------- */
17  /**
18   * Jetty Servlet SSL support utilities.
19   * <p>
20   * A collection of utilities required to support the SSL requirements of the Servlet 2.2 and 2.3
21   * specs.
22   * 
23   * <p>
24   * Used by the SSL listener classes.
25   * 
26   * 
27   */
28  public class ServletSSL
29  {
30      /* ------------------------------------------------------------ */
31      /**
32       * Given the name of a TLS/SSL cipher suite, return an int representing it effective stream
33       * cipher key strength. i.e. How much entropy material is in the key material being fed into the
34       * encryption routines.
35       * 
36       * <p>
37       * This is based on the information on effective key lengths in RFC 2246 - The TLS Protocol
38       * Version 1.0, Appendix C. CipherSuite definitions:
39       * 
40       * <pre>
41       *                         Effective 
42       *     Cipher       Type    Key Bits 
43       * 		       	       
44       *     NULL       * Stream     0     
45       *     IDEA_CBC     Block    128     
46       *     RC2_CBC_40 * Block     40     
47       *     RC4_40     * Stream    40     
48       *     RC4_128      Stream   128     
49       *     DES40_CBC  * Block     40     
50       *     DES_CBC      Block     56     
51       *     3DES_EDE_CBC Block    168     
52       * </pre>
53       * 
54       * @param cipherSuite String name of the TLS cipher suite.
55       * @return int indicating the effective key entropy bit-length.
56       */
57      public static int deduceKeyLength(String cipherSuite)
58      {
59          // Roughly ordered from most common to least common.
60          if (cipherSuite == null)
61              return 0;
62          else if (cipherSuite.indexOf("WITH_AES_256_") >= 0)
63              return 256;
64          else if (cipherSuite.indexOf("WITH_RC4_128_") >= 0)
65              return 128;
66          else if (cipherSuite.indexOf("WITH_AES_128_") >= 0)
67              return 128;
68          else if (cipherSuite.indexOf("WITH_RC4_40_") >= 0)
69              return 40;
70          else if (cipherSuite.indexOf("WITH_3DES_EDE_CBC_") >= 0)
71              return 168;
72          else if (cipherSuite.indexOf("WITH_IDEA_CBC_") >= 0)
73              return 128;
74          else if (cipherSuite.indexOf("WITH_RC2_CBC_40_") >= 0)
75              return 40;
76          else if (cipherSuite.indexOf("WITH_DES40_CBC_") >= 0)
77              return 40;
78          else if (cipherSuite.indexOf("WITH_DES_CBC_") >= 0)
79              return 56;
80          else
81              return 0;
82      }
83  }