view src/org/eclipse/jetty/server/ssl/ServletSSL.java @ 1032:eca26899c4bc

minor
author Franklin Schmidt <fschmidt@gmail.com>
date Thu, 03 Nov 2016 03:19:50 -0600
parents 3428c60d7cfc
children
line wrap: on
line source

//
//  ========================================================================
//  Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
//  ------------------------------------------------------------------------
//  All rights reserved. This program and the accompanying materials
//  are made available under the terms of the Eclipse Public License v1.0
//  and Apache License v2.0 which accompanies this distribution.
//
//      The Eclipse Public License is available at
//      http://www.eclipse.org/legal/epl-v10.html
//
//      The Apache License v2.0 is available at
//      http://www.opensource.org/licenses/apache2.0.php
//
//  You may elect to redistribute this code under either of these licenses.
//  ========================================================================
//

package org.eclipse.jetty.server.ssl;

/* --------------------------------------------------------------------- */
/**
 * Jetty Servlet SSL support utilities.
 * <p>
 * A collection of utilities required to support the SSL requirements of the Servlet 2.2 and 2.3
 * specs.
 * 
 * <p>
 * Used by the SSL listener classes.
 * 
 * 
 */
public class ServletSSL
{
    /* ------------------------------------------------------------ */
    /**
     * Given the name of a TLS/SSL cipher suite, return an int representing it effective stream
     * cipher key strength. i.e. How much entropy material is in the key material being fed into the
     * encryption routines.
     * 
     * <p>
     * This is based on the information on effective key lengths in RFC 2246 - The TLS Protocol
     * Version 1.0, Appendix C. CipherSuite definitions:
     * 
     * <pre>
     *                         Effective 
     *     Cipher       Type    Key Bits 
     * 		       	       
     *     NULL       * Stream     0     
     *     IDEA_CBC     Block    128     
     *     RC2_CBC_40 * Block     40     
     *     RC4_40     * Stream    40     
     *     RC4_128      Stream   128     
     *     DES40_CBC  * Block     40     
     *     DES_CBC      Block     56     
     *     3DES_EDE_CBC Block    168     
     * </pre>
     * 
     * @param cipherSuite String name of the TLS cipher suite.
     * @return int indicating the effective key entropy bit-length.
     */
    public static int deduceKeyLength(String cipherSuite)
    {
        // Roughly ordered from most common to least common.
        if (cipherSuite == null)
            return 0;
        else if (cipherSuite.indexOf("WITH_AES_256_") >= 0)
            return 256;
        else if (cipherSuite.indexOf("WITH_RC4_128_") >= 0)
            return 128;
        else if (cipherSuite.indexOf("WITH_AES_128_") >= 0)
            return 128;
        else if (cipherSuite.indexOf("WITH_RC4_40_") >= 0)
            return 40;
        else if (cipherSuite.indexOf("WITH_3DES_EDE_CBC_") >= 0)
            return 168;
        else if (cipherSuite.indexOf("WITH_IDEA_CBC_") >= 0)
            return 128;
        else if (cipherSuite.indexOf("WITH_RC2_CBC_40_") >= 0)
            return 40;
        else if (cipherSuite.indexOf("WITH_DES40_CBC_") >= 0)
            return 40;
        else if (cipherSuite.indexOf("WITH_DES_CBC_") >= 0)
            return 56;
        else
            return 0;
    }
}