/** Create a new write cipher and return it to caller. */ CipherBox newWriteCipher() throws NoSuchAlgorithmException { BulkCipher cipher = cipherSuite.cipher; CipherBox box; if (isClient) { box = cipher.newCipher( protocolVersion, clntWriteKey, clntWriteIV, sslContext.getSecureRandom(), true); clntWriteKey = null; clntWriteIV = null; } else { box = cipher.newCipher( protocolVersion, svrWriteKey, svrWriteIV, sslContext.getSecureRandom(), true); svrWriteKey = null; svrWriteIV = null; } return box; }
private static synchronized boolean isAvailable(BulkCipher cipher) { Boolean b = availableCache.get(cipher); if (b == null) { try { SecretKey key = new SecretKeySpec(new byte[cipher.expandedKeySize], cipher.algorithm); IvParameterSpec iv = new IvParameterSpec(new byte[cipher.ivSize]); cipher.newCipher(ProtocolVersion.DEFAULT, key, iv, null, true); b = Boolean.TRUE; } catch (NoSuchAlgorithmException e) { b = Boolean.FALSE; } availableCache.put(cipher, b); } return b.booleanValue(); }
/** * Return whether this CipherSuite is available for use. A CipherSuite may be unavailable even if * it is supported (i.e. allowed == true) if the required JCE cipher is not installed. In some * configuration, this situation may change over time, call CipherSuiteList.clearAvailableCache() * before this method to obtain the most current status. */ boolean isAvailable() { return allowed && keyExchange.isAvailable() && cipher.isAvailable(); }