Package org.conscrypt
Class Java8EngineWrapper
java.lang.Object
javax.net.ssl.SSLEngine
org.conscrypt.AbstractConscryptEngine
org.conscrypt.Java8EngineWrapper
A wrapper around
ConscryptEngine that adapts to the new Java 9 (and potentially later
patches of 8) setHandshakeApplicationProtocolSelector API (which requires Java 8 for
compilation, due to the use of BiFunction).-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate final ConscryptEngineprivate BiFunction<SSLEngine, List<String>, String> -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidvoidvoid(package private) byte[]exportKeyingMaterial(String label, byte[] context, int length) Exports a value derived from the TLS master secret as described in RFC 5705.(package private) String[]Returns the list of supported ALPN protocols.(package private) byte[]Gets the TLS Channel ID for this server engine.(package private) static SSLEnginegetDelegate(SSLEngine engine) String[]String[]boolean(package private) StringReturns the hostname fromAbstractConscryptEngine.setHostname(String)or supplied by thePeerInfoProviderupon creation.booleanintString[]String[](package private) byte[]Returns the tls-unique channel binding value for this connection, per RFC 5929.booleanboolean(package private) SSLSessionWork-around to allow this method to be called on older versions of Android.booleanboolean(package private) intReturns the maximum overhead, in bytes, of sealing a record with SSL.(package private) voidsetApplicationProtocols(String[] protocols) Sets the list of ALPN protocols.(package private) voidSets an application-provided ALPN protocol selector.(package private) voidsetBufferAllocator(BufferAllocator bufferAllocator) (package private) voidsetChannelIdEnabled(boolean enabled) Enables/disables TLS Channel ID for this server engine.(package private) voidsetChannelIdPrivateKey(PrivateKey privateKey) Sets thePrivateKeyto be used for TLS Channel ID by this client engine.voidsetEnabledCipherSuites(String[] suites) voidsetEnabledProtocols(String[] protocols) voidsetEnableSessionCreation(boolean flag) void(package private) voidsetHandshakeListener(HandshakeListener handshakeListener) Sets the listener for the completion of the TLS handshake.(package private) voidsetHostname(String hostname) This method enables Server Name Indication (SNI) and overrides thePeerInfoProvidersupplied during engine creation.voidsetNeedClientAuth(boolean need) voidsetSSLParameters(SSLParameters sslParameters) voidsetUseClientMode(boolean mode) (package private) voidsetUseSessionTickets(boolean useSessionTickets) This method enables session ticket support.voidsetWantClientAuth(boolean want) private static ApplicationProtocolSelectortoApplicationProtocolSelector(BiFunction<SSLEngine, List<String>, String> selector) (package private) SSLEngineResultunwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) (package private) SSLEngineResultunwrap(ByteBuffer[] srcs, ByteBuffer[] dsts) unwrap(ByteBuffer src, ByteBuffer dst) unwrap(ByteBuffer src, ByteBuffer[] dsts) unwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) wrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer dst) wrap(ByteBuffer[] byteBuffers, ByteBuffer byteBuffer) wrap(ByteBuffer src, ByteBuffer dst) Methods inherited from class org.conscrypt.AbstractConscryptEngine
getHandshakeSession
-
Field Details
-
delegate
-
selector
-
-
Constructor Details
-
Java8EngineWrapper
Java8EngineWrapper(ConscryptEngine delegate)
-
-
Method Details
-
getDelegate
-
wrap
- Overrides:
wrapin classSSLEngine- Throws:
SSLException
-
getSSLParameters
- Overrides:
getSSLParametersin classSSLEngine
-
setSSLParameters
- Overrides:
setSSLParametersin classSSLEngine
-
setBufferAllocator
- Specified by:
setBufferAllocatorin classAbstractConscryptEngine
-
maxSealOverhead
int maxSealOverhead()Description copied from class:AbstractConscryptEngineReturns the maximum overhead, in bytes, of sealing a record with SSL.- Specified by:
maxSealOverheadin classAbstractConscryptEngine
-
setChannelIdEnabled
void setChannelIdEnabled(boolean enabled) Description copied from class:AbstractConscryptEngineEnables/disables TLS Channel ID for this server engine.This method needs to be invoked before the handshake starts.
- Specified by:
setChannelIdEnabledin classAbstractConscryptEngine
-
getChannelId
Description copied from class:AbstractConscryptEngineGets the TLS Channel ID for this server engine. Channel ID is only available once the handshake completes.- Specified by:
getChannelIdin classAbstractConscryptEngine- Returns:
- channel ID or
nullif not available. - Throws:
SSLException- if channel ID is available but could not be obtained.
-
setChannelIdPrivateKey
Description copied from class:AbstractConscryptEngineSets thePrivateKeyto be used for TLS Channel ID by this client engine.This method needs to be invoked before the handshake starts.
- Specified by:
setChannelIdPrivateKeyin classAbstractConscryptEngine- Parameters:
privateKey- private key (enables TLS Channel ID) ornullfor no key (disables TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).
-
setHandshakeListener
Description copied from class:AbstractConscryptEngineSets the listener for the completion of the TLS handshake.- Specified by:
setHandshakeListenerin classAbstractConscryptEngine
-
setHostname
Description copied from class:AbstractConscryptEngineThis method enables Server Name Indication (SNI) and overrides thePeerInfoProvidersupplied during engine creation.- Specified by:
setHostnamein classAbstractConscryptEngine
-
getHostname
String getHostname()Description copied from class:AbstractConscryptEngineReturns the hostname fromAbstractConscryptEngine.setHostname(String)or supplied by thePeerInfoProviderupon creation. No DNS resolution is attempted before returning the hostname.- Specified by:
getHostnamein classAbstractConscryptEngine
-
getPeerHost
- Specified by:
getPeerHostin classAbstractConscryptEngine
-
getPeerPort
public int getPeerPort()- Specified by:
getPeerPortin classAbstractConscryptEngine
-
beginHandshake
- Specified by:
beginHandshakein classSSLEngine- Throws:
SSLException
-
closeInbound
- Specified by:
closeInboundin classSSLEngine- Throws:
SSLException
-
closeOutbound
public void closeOutbound()- Specified by:
closeOutboundin classSSLEngine
-
getDelegatedTask
- Specified by:
getDelegatedTaskin classSSLEngine
-
getEnabledCipherSuites
- Specified by:
getEnabledCipherSuitesin classSSLEngine
-
getEnabledProtocols
- Specified by:
getEnabledProtocolsin classSSLEngine
-
getEnableSessionCreation
public boolean getEnableSessionCreation()- Specified by:
getEnableSessionCreationin classSSLEngine
-
getHandshakeStatus
- Specified by:
getHandshakeStatusin classSSLEngine
-
getNeedClientAuth
public boolean getNeedClientAuth()- Specified by:
getNeedClientAuthin classSSLEngine
-
handshakeSession
SSLSession handshakeSession()Description copied from class:AbstractConscryptEngineWork-around to allow this method to be called on older versions of Android.- Specified by:
handshakeSessionin classAbstractConscryptEngine
-
getSession
- Specified by:
getSessionin classSSLEngine
-
getSupportedCipherSuites
- Specified by:
getSupportedCipherSuitesin classSSLEngine
-
getSupportedProtocols
- Specified by:
getSupportedProtocolsin classSSLEngine
-
getUseClientMode
public boolean getUseClientMode()- Specified by:
getUseClientModein classSSLEngine
-
getWantClientAuth
public boolean getWantClientAuth()- Specified by:
getWantClientAuthin classSSLEngine
-
isInboundDone
public boolean isInboundDone()- Specified by:
isInboundDonein classSSLEngine
-
isOutboundDone
public boolean isOutboundDone()- Specified by:
isOutboundDonein classSSLEngine
-
setEnabledCipherSuites
- Specified by:
setEnabledCipherSuitesin classSSLEngine
-
setEnabledProtocols
- Specified by:
setEnabledProtocolsin classSSLEngine
-
setEnableSessionCreation
public void setEnableSessionCreation(boolean flag) - Specified by:
setEnableSessionCreationin classSSLEngine
-
setNeedClientAuth
public void setNeedClientAuth(boolean need) - Specified by:
setNeedClientAuthin classSSLEngine
-
setUseClientMode
public void setUseClientMode(boolean mode) - Specified by:
setUseClientModein classSSLEngine
-
setWantClientAuth
public void setWantClientAuth(boolean want) - Specified by:
setWantClientAuthin classSSLEngine
-
unwrap
- Specified by:
unwrapin classAbstractConscryptEngine- Throws:
SSLException
-
unwrap
- Specified by:
unwrapin classAbstractConscryptEngine- Throws:
SSLException
-
unwrap
public SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) throws SSLException - Specified by:
unwrapin classAbstractConscryptEngine- Throws:
SSLException
-
unwrap
- Specified by:
unwrapin classAbstractConscryptEngine- Throws:
SSLException
-
unwrap
SSLEngineResult unwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException - Specified by:
unwrapin classAbstractConscryptEngine- Throws:
SSLException
-
wrap
- Specified by:
wrapin classAbstractConscryptEngine- Throws:
SSLException
-
wrap
public SSLEngineResult wrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer dst) throws SSLException - Specified by:
wrapin classAbstractConscryptEngine- Throws:
SSLException
-
setUseSessionTickets
void setUseSessionTickets(boolean useSessionTickets) Description copied from class:AbstractConscryptEngineThis method enables session ticket support.- Specified by:
setUseSessionTicketsin classAbstractConscryptEngine- Parameters:
useSessionTickets- True to enable session tickets
-
setApplicationProtocols
Description copied from class:AbstractConscryptEngineSets the list of ALPN protocols.- Specified by:
setApplicationProtocolsin classAbstractConscryptEngine- Parameters:
protocols- the list of ALPN protocols
-
getApplicationProtocols
String[] getApplicationProtocols()Description copied from class:AbstractConscryptEngineReturns the list of supported ALPN protocols.- Specified by:
getApplicationProtocolsin classAbstractConscryptEngine
-
getApplicationProtocol
- Specified by:
getApplicationProtocolin classAbstractConscryptEngine
-
setApplicationProtocolSelector
Description copied from class:AbstractConscryptEngineSets an application-provided ALPN protocol selector. If provided, this will override the list of protocols set byAbstractConscryptEngine.setApplicationProtocols(String[]).- Specified by:
setApplicationProtocolSelectorin classAbstractConscryptEngine
-
getTlsUnique
byte[] getTlsUnique()Description copied from class:AbstractConscryptEngineReturns the tls-unique channel binding value for this connection, per RFC 5929. This will returnnullif there is no such value available, such as if the handshake has not yet completed or this connection is closed.- Specified by:
getTlsUniquein classAbstractConscryptEngine
-
exportKeyingMaterial
Description copied from class:AbstractConscryptEngineExports a value derived from the TLS master secret as described in RFC 5705.- Specified by:
exportKeyingMaterialin classAbstractConscryptEngine- Parameters:
label- the label to use in calculating the exported value. This must be an ASCII-only string.context- the application-specific context value to use in calculating the exported value. This may benullto use no application context, which is treated differently than an empty byte array.length- the number of bytes of keying material to return.- Returns:
- a value of the specified length, or
nullif the handshake has not yet completed or the connection has been closed. - Throws:
SSLException- if the value could not be exported.
-
getHandshakeApplicationProtocol
- Specified by:
getHandshakeApplicationProtocolin classAbstractConscryptEngine
-
setHandshakeApplicationProtocolSelector
public void setHandshakeApplicationProtocolSelector(BiFunction<SSLEngine, List<String>, String> selector) - Overrides:
setHandshakeApplicationProtocolSelectorin classSSLEngine
-
getHandshakeApplicationProtocolSelector
- Overrides:
getHandshakeApplicationProtocolSelectorin classSSLEngine
-
toApplicationProtocolSelector
private static ApplicationProtocolSelector toApplicationProtocolSelector(BiFunction<SSLEngine, List<String>, String> selector)
-