Package org.conscrypt
Class AbstractConscryptEngine
java.lang.Object
javax.net.ssl.SSLEngine
org.conscrypt.AbstractConscryptEngine
- Direct Known Subclasses:
ConscryptEngine,Java8EngineWrapper
Abstract base class for all Conscrypt
SSLEngine classes.-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescription(package private) abstract byte[]exportKeyingMaterial(String label, byte[] context, int length) Exports a value derived from the TLS master secret as described in RFC 5705.abstract String(package private) abstract String[]Returns the list of supported ALPN protocols.(package private) abstract byte[]Gets the TLS Channel ID for this server engine.abstract Stringfinal SSLSession(package private) abstract StringReturns the hostname fromsetHostname(String)or supplied by thePeerInfoProviderupon creation.abstract Stringabstract int(package private) abstract byte[]Returns the tls-unique channel binding value for this connection, per RFC 5929.(package private) abstract SSLSessionWork-around to allow this method to be called on older versions of Android.(package private) abstract intReturns the maximum overhead, in bytes, of sealing a record with SSL.(package private) abstract voidsetApplicationProtocols(String[] protocols) Sets the list of ALPN protocols.(package private) abstract voidSets an application-provided ALPN protocol selector.(package private) abstract voidsetBufferAllocator(BufferAllocator bufferAllocator) (package private) abstract voidsetChannelIdEnabled(boolean enabled) Enables/disables TLS Channel ID for this server engine.(package private) abstract voidsetChannelIdPrivateKey(PrivateKey privateKey) Sets thePrivateKeyto be used for TLS Channel ID by this client engine.(package private) abstract voidsetHandshakeListener(HandshakeListener handshakeListener) Sets the listener for the completion of the TLS handshake.(package private) abstract voidsetHostname(String hostname) This method enables Server Name Indication (SNI) and overrides thePeerInfoProvidersupplied during engine creation.(package private) abstract voidsetUseSessionTickets(boolean useSessionTickets) This method enables session ticket support.(package private) abstract SSLEngineResultunwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) (package private) abstract SSLEngineResultunwrap(ByteBuffer[] srcs, ByteBuffer[] dsts) abstract SSLEngineResultunwrap(ByteBuffer src, ByteBuffer dst) abstract SSLEngineResultunwrap(ByteBuffer src, ByteBuffer[] dsts) abstract SSLEngineResultunwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) abstract SSLEngineResultwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer dst) abstract SSLEngineResultwrap(ByteBuffer src, ByteBuffer dst) Methods inherited from class javax.net.ssl.SSLEngine
beginHandshake, closeInbound, closeOutbound, getDelegatedTask, getEnabledCipherSuites, getEnabledProtocols, getEnableSessionCreation, getHandshakeApplicationProtocolSelector, getHandshakeStatus, getNeedClientAuth, getSession, getSSLParameters, getSupportedCipherSuites, getSupportedProtocols, getUseClientMode, getWantClientAuth, isInboundDone, isOutboundDone, setEnabledCipherSuites, setEnabledProtocols, setEnableSessionCreation, setHandshakeApplicationProtocolSelector, setNeedClientAuth, setSSLParameters, setUseClientMode, setWantClientAuth, wrap
-
Constructor Details
-
AbstractConscryptEngine
AbstractConscryptEngine()
-
-
Method Details
-
setBufferAllocator
-
maxSealOverhead
abstract int maxSealOverhead()Returns the maximum overhead, in bytes, of sealing a record with SSL. -
setChannelIdEnabled
abstract void setChannelIdEnabled(boolean enabled) Enables/disables TLS Channel ID for this server engine.This method needs to be invoked before the handshake starts.
- Throws:
IllegalStateException- if this is a client engine or if the handshake has already started.
-
getChannelId
Gets the TLS Channel ID for this server engine. Channel ID is only available once the handshake completes.- Returns:
- channel ID or
nullif not available. - Throws:
IllegalStateException- if this is a client engine or if the handshake has not yet completed.SSLException- if channel ID is available but could not be obtained.
-
setChannelIdPrivateKey
Sets thePrivateKeyto be used for TLS Channel ID by this client engine.This method needs to be invoked before the handshake starts.
- Parameters:
privateKey- private key (enables TLS Channel ID) ornullfor no key (disables TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).- Throws:
IllegalStateException- if this is a server engine or if the handshake has already started.
-
setHandshakeListener
Sets the listener for the completion of the TLS handshake. -
setHostname
This method enables Server Name Indication (SNI) and overrides thePeerInfoProvidersupplied during engine creation. -
getHostname
Returns the hostname fromsetHostname(String)or supplied by thePeerInfoProviderupon creation. No DNS resolution is attempted before returning the hostname. -
getPeerHost
- Overrides:
getPeerHostin classSSLEngine
-
getPeerPort
public abstract int getPeerPort()- Overrides:
getPeerPortin classSSLEngine
-
getHandshakeSession
- Overrides:
getHandshakeSessionin classSSLEngine
-
handshakeSession
Work-around to allow this method to be called on older versions of Android. -
unwrap
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
unwrap
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
unwrap
public abstract SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) throws SSLException - Specified by:
unwrapin classSSLEngine- Throws:
SSLException
-
unwrap
- Throws:
SSLException
-
unwrap
abstract SSLEngineResult unwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException - Throws:
SSLException
-
wrap
- Overrides:
wrapin classSSLEngine- Throws:
SSLException
-
wrap
public abstract SSLEngineResult wrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer dst) throws SSLException - Specified by:
wrapin classSSLEngine- Throws:
SSLException
-
setUseSessionTickets
abstract void setUseSessionTickets(boolean useSessionTickets) This method enables session ticket support.- Parameters:
useSessionTickets- True to enable session tickets
-
setApplicationProtocols
Sets the list of ALPN protocols.- Parameters:
protocols- the list of ALPN protocols
-
getApplicationProtocols
Returns the list of supported ALPN protocols. -
getApplicationProtocol
- Overrides:
getApplicationProtocolin classSSLEngine
-
getHandshakeApplicationProtocol
- Overrides:
getHandshakeApplicationProtocolin classSSLEngine
-
setApplicationProtocolSelector
Sets an application-provided ALPN protocol selector. If provided, this will override the list of protocols set bysetApplicationProtocols(String[]). -
getTlsUnique
abstract byte[] getTlsUnique()Returns the tls-unique channel binding value for this connection, per RFC 5929. This will returnnullif there is no such value available, such as if the handshake has not yet completed or this connection is closed. -
exportKeyingMaterial
Exports a value derived from the TLS master secret as described in RFC 5705.- Parameters:
label- the label to use in calculating the exported value. This must be an ASCII-only string.context- the application-specific context value to use in calculating the exported value. This may benullto use no application context, which is treated differently than an empty byte array.length- the number of bytes of keying material to return.- Returns:
- a value of the specified length, or
nullif the handshake has not yet completed or the connection has been closed. - Throws:
SSLException- if the value could not be exported.
-