View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.server.ssl;
20  
21  /* --------------------------------------------------------------------- */
22  /**
23   * Jetty Servlet SSL support utilities.
24   * <p>
25   * A collection of utilities required to support the SSL requirements of the Servlet 2.2 and 2.3
26   * specs.
27   * 
28   * <p>
29   * Used by the SSL listener classes.
30   * 
31   * 
32   */
33  public class ServletSSL
34  {
35      /* ------------------------------------------------------------ */
36      /**
37       * Given the name of a TLS/SSL cipher suite, return an int representing it effective stream
38       * cipher key strength. i.e. How much entropy material is in the key material being fed into the
39       * encryption routines.
40       * 
41       * <p>
42       * This is based on the information on effective key lengths in RFC 2246 - The TLS Protocol
43       * Version 1.0, Appendix C. CipherSuite definitions:
44       * 
45       * <pre>
46       *                         Effective 
47       *     Cipher       Type    Key Bits 
48       * 		       	       
49       *     NULL       * Stream     0     
50       *     IDEA_CBC     Block    128     
51       *     RC2_CBC_40 * Block     40     
52       *     RC4_40     * Stream    40     
53       *     RC4_128      Stream   128     
54       *     DES40_CBC  * Block     40     
55       *     DES_CBC      Block     56     
56       *     3DES_EDE_CBC Block    168     
57       * </pre>
58       * 
59       * @param cipherSuite String name of the TLS cipher suite.
60       * @return int indicating the effective key entropy bit-length.
61       */
62      public static int deduceKeyLength(String cipherSuite)
63      {
64          // Roughly ordered from most common to least common.
65          if (cipherSuite == null)
66              return 0;
67          else if (cipherSuite.indexOf("WITH_AES_256_") >= 0)
68              return 256;
69          else if (cipherSuite.indexOf("WITH_RC4_128_") >= 0)
70              return 128;
71          else if (cipherSuite.indexOf("WITH_AES_128_") >= 0)
72              return 128;
73          else if (cipherSuite.indexOf("WITH_RC4_40_") >= 0)
74              return 40;
75          else if (cipherSuite.indexOf("WITH_3DES_EDE_CBC_") >= 0)
76              return 168;
77          else if (cipherSuite.indexOf("WITH_IDEA_CBC_") >= 0)
78              return 128;
79          else if (cipherSuite.indexOf("WITH_RC2_CBC_40_") >= 0)
80              return 40;
81          else if (cipherSuite.indexOf("WITH_DES40_CBC_") >= 0)
82              return 40;
83          else if (cipherSuite.indexOf("WITH_DES_CBC_") >= 0)
84              return 56;
85          else
86              return 0;
87      }
88  }