|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
org.mozilla.jss.ssl
Class SSLSocket
java.lang.Object java.net.Socket org.mozilla.jss.ssl.SSLSocket
public class SSLSocket
- extends java.net.Socket
SSL client socket.
Nested Class Summary | |
---|---|
static class |
SSLSocket.CipherPolicy
|
Constructor Summary | |
---|---|
SSLSocket(java.net.InetAddress address,
int port)
Creates an SSL client socket and connects to the specified address and port. |
|
SSLSocket(java.net.InetAddress address,
int port,
java.net.InetAddress localAddr,
int localPort)
Creates an SSL client socket and connects to the specified address and port. |
|
SSLSocket(java.net.InetAddress address,
int port,
java.net.InetAddress localAddr,
int localPort,
boolean stream,
SSLCertificateApprovalCallback certApprovalCallback,
SSLClientCertificateSelectionCallback clientCertSelectionCallback)
Deprecated. As of JSS 3.0. The stream parameter is ignored, because only stream sockets are supported. |
|
SSLSocket(java.net.InetAddress address,
int port,
java.net.InetAddress localAddr,
int localPort,
SSLCertificateApprovalCallback certApprovalCallback,
SSLClientCertificateSelectionCallback clientCertSelectionCallback)
Creates an SSL client socket and connects to the specified address and port. |
|
SSLSocket(java.net.Socket s,
java.lang.String host,
SSLCertificateApprovalCallback certApprovalCallback,
SSLClientCertificateSelectionCallback clientCertSelectionCallback)
Creates an SSL client socket using the given Java socket for underlying I/O. |
|
SSLSocket(java.lang.String host,
int port)
Creates an SSL client socket and connects to the specified host and port. |
|
SSLSocket(java.lang.String host,
int port,
java.net.InetAddress localAddr,
int localPort)
Creates an SSL client socket and connects to the specified host and port. |
|
SSLSocket(java.lang.String host,
int port,
java.net.InetAddress localAddr,
int localPort,
SSLCertificateApprovalCallback certApprovalCallback,
SSLClientCertificateSelectionCallback clientCertSelectionCallback)
Creates an SSL client socket and connects to the specified host and port. |
Method Summary | |
---|---|
void |
addHandshakeCompletedListener(SSLHandshakeCompletedListener l)
Adds a listener to be notified when an SSL handshake completes. |
void |
bypassPKCS11(boolean enable)
Enables bypass of PKCS11 on this socket. |
static void |
bypassPKCS11Default(boolean enable)
Sets the default to bypass PKCS11 layer (except for public keys) for all new sockets. |
void |
close()
Closes this socket. |
void |
enableFDX(boolean enable)
Enable simultaneous read/write by separate read and write threads (full duplex) for this socket. |
void |
enableRollbackDetection(boolean enable)
Enable rollback detection for this socket. |
void |
enableSSL2(boolean enable)
Enables SSL v2 on this socket. |
static void |
enableSSL2Default(boolean enable)
Sets the default for SSL v2 for all new sockets. |
void |
enableSSL3(boolean enable)
Enables SSL v3 on this socket. |
static void |
enableSSL3Default(boolean enable)
Sets the default for SSL v3 for all new sockets. |
void |
enableStepDown(boolean enable)
This option, enableStepDown, is concerned with the generation of step-down keys which are used with export suites. |
void |
enableTLS(boolean enable)
Enables TLS on this socket. |
static void |
enableTLSDefault(boolean enable)
Sets the default for TLS for all new sockets. |
void |
enableV2CompatibleHello(boolean enable)
Enable sending v3 client hello in v2 format for this socket. |
protected void |
finalize()
|
void |
forceHandshake()
Force an already started SSL handshake to complete. |
boolean |
getCipherPreference(int cipher)
Returns whether this cipher is enabled or disabled on this socket. |
static boolean |
getCipherPreferenceDefault(int cipher)
Returns the default for whether this cipher is enabled or disabled. |
static int[] |
getImplementedCipherSuites()
Returns a list of cipher suites that are implemented by NSS. |
java.net.InetAddress |
getInetAddress()
|
java.io.InputStream |
getInputStream()
Returns the input stream for reading from this socket. |
boolean |
getKeepAlive()
Returns the current setting of the SO_KEEPALIVE socket option. |
java.net.InetAddress |
getLocalAddress()
|
int |
getLocalPort()
|
java.io.OutputStream |
getOutputStream()
Returns the output stream for writing to this socket. |
int |
getPort()
|
int |
getReceiveBufferSize()
Returnst he size (in bytes) of the receive buffer. |
int |
getSendBufferSize()
Returns the size (in bytes) of the send buffer. |
int |
getSoLinger()
Returns the current value of the SO_LINGER socket option. |
int |
getSoTimeout()
Returns the current value of the SO_TIMEOUT socket option. |
static java.lang.String |
getSSLDefaultOptions()
|
java.lang.String |
getSSLOptions()
|
SSLSecurityStatus |
getStatus()
Returns the security status of this socket. |
boolean |
getTcpNoDelay()
Returns the current setting of the TCP_NO_DELAY socket option. |
boolean |
getUseClientMode()
|
void |
invalidateSession()
Removes the current session from the session cache. |
static boolean |
isFipsCipherSuite(int ciphersuite)
isFipsCipherSuite |
void |
redoHandshake()
Causes SSL to begin a full, new SSL 3.0 handshake from scratch on a connection that has already completed one handshake. |
void |
redoHandshake(boolean flushCache)
Causes SSL to begin a full, new SSL 3.0 handshake from scratch on a connection that has already completed one handshake. |
void |
removeHandshakeCompletedListener(SSLHandshakeCompletedListener l)
Removes a previously registered listener for handshake completion. |
void |
requestClientAuth(boolean b)
Enables/disables the request of client authentication. |
void |
requireClientAuth(boolean require,
boolean onRedo)
Deprecated. use requireClientAuth(int) |
void |
requireClientAuth(int mode)
Sets whether the socket requires client authentication from the remote peer. |
void |
requireClientAuthDefault(boolean require,
boolean onRedo)
Deprecated. use requireClientAuthDefault(int) |
static void |
requireClientAuthDefault(int mode)
Sets the default setting for requiring client authorization. |
void |
resetHandshake()
Resets the handshake state. |
static void |
setCipherPolicy(SSLSocket.CipherPolicy cp)
Sets the SSL cipher policy. |
void |
setCipherPreference(int cipher,
boolean enable)
Enables/disables the cipher on this socket. |
static void |
setCipherPreferenceDefault(int cipher,
boolean enable)
Sets the default for whether this cipher is enabled or disabled. |
void |
setClientCert(X509Certificate cert)
Sets the certificate to use for client authentication. |
void |
setClientCertNickname(java.lang.String nick)
Sets the nickname of the certificate to use for client authentication. |
void |
setKeepAlive(boolean on)
Enables or disables the SO_KEEPALIVE socket option. |
void |
setNeedClientAuth(boolean b)
Deprecated. As of JSS 3.0. This method is misnamed. Use requestClientAuth instead. |
void |
setNeedClientAuthNoExpiryCheck(boolean b)
Deprecated. As of JSS 3.0. This method is misnamed. Use requestClientAuthNoExpiryCheck instead. |
void |
setReceiveBufferSize(int size)
Sets the size (in bytes) of the receive buffer. |
void |
setSendBufferSize(int size)
Sets the size (in bytes) of the send buffer. |
void |
setSoLinger(boolean on,
int linger)
Sets the SO_LINGER socket option. |
void |
setSoTimeout(int timeout)
Sets the SO_TIMEOUT socket option. |
void |
setTcpNoDelay(boolean on)
Enables or disables the TCP_NO_DELAY socket option. |
void |
setUseClientMode(boolean b)
Determines whether this end of the socket is the client or the server for purposes of the SSL protocol. |
void |
shutdownInput()
Shuts down the input side of the socket. |
void |
shutdownOutput()
Shuts down the output side of the socket. |
java.lang.String |
toString()
Returns the addresses and ports of this socket or an error message if the socket is not in a valid state. |
void |
useCache(boolean b)
Enables/disables the session cache. |
void |
useCacheDefault(boolean b)
Sets the default setting for use of the session cache. |
Methods inherited from class java.net.Socket |
---|
bind, connect, connect, getChannel, getLocalSocketAddress, getOOBInline, getRemoteSocketAddress, getReuseAddress, getTrafficClass, isBound, isClosed, isConnected, isInputShutdown, isOutputShutdown, sendUrgentData, setOOBInline, setPerformancePreferences, setReuseAddress, setSocketImplFactory, setTrafficClass |
Methods inherited from class java.lang.Object |
---|
clone, equals, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
SSL_REQUIRE_NEVER
public static final int SSL_REQUIRE_NEVER
- See Also:
- Constant Field Values
SSL_REQUIRE_ALWAYS
public static final int SSL_REQUIRE_ALWAYS
- See Also:
- Constant Field Values
SSL_REQUIRE_FIRST_HANDSHAKE
public static final int SSL_REQUIRE_FIRST_HANDSHAKE
- See Also:
- Constant Field Values
SSL_REQUIRE_NO_ERROR
public static final int SSL_REQUIRE_NO_ERROR
- See Also:
- Constant Field Values
SSL2_RC4_128_WITH_MD5
public static final int SSL2_RC4_128_WITH_MD5
- Note the following cipher-suites constants are not all implemented.
You need to call getImplementedCiphersuites.
- See Also:
- Constant Field Values
SSL2_RC4_128_EXPORT40_WITH_MD5
public static final int SSL2_RC4_128_EXPORT40_WITH_MD5
- See Also:
- Constant Field Values
SSL2_RC2_128_CBC_WITH_MD5
public static final int SSL2_RC2_128_CBC_WITH_MD5
- See Also:
- Constant Field Values
SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
public static final int SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
- See Also:
- Constant Field Values
SSL2_IDEA_128_CBC_WITH_MD5
public static final int SSL2_IDEA_128_CBC_WITH_MD5
- See Also:
- Constant Field Values
SSL2_DES_64_CBC_WITH_MD5
public static final int SSL2_DES_64_CBC_WITH_MD5
- See Also:
- Constant Field Values
SSL2_DES_192_EDE3_CBC_WITH_MD5
public static final int SSL2_DES_192_EDE3_CBC_WITH_MD5
- See Also:
- Constant Field Values
SSL3_RSA_WITH_NULL_MD5
public static final int SSL3_RSA_WITH_NULL_MD5
- See Also:
- Constant Field Values
SSL3_RSA_WITH_NULL_SHA
public static final int SSL3_RSA_WITH_NULL_SHA
- See Also:
- Constant Field Values
SSL3_RSA_EXPORT_WITH_RC4_40_MD5
public static final int SSL3_RSA_EXPORT_WITH_RC4_40_MD5
- See Also:
- Constant Field Values
SSL3_RSA_WITH_RC4_128_MD5
public static final int SSL3_RSA_WITH_RC4_128_MD5
- See Also:
- Constant Field Values
SSL3_RSA_WITH_RC4_128_SHA
public static final int SSL3_RSA_WITH_RC4_128_SHA
- See Also:
- Constant Field Values
SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5
public static final int SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5
- See Also:
- Constant Field Values
SSL3_RSA_WITH_IDEA_CBC_SHA
public static final int SSL3_RSA_WITH_IDEA_CBC_SHA
- See Also:
- Constant Field Values
SSL3_RSA_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_RSA_EXPORT_WITH_DES40_CBC_SHA
- See Also:
- Constant Field Values
SSL3_RSA_WITH_DES_CBC_SHA
public static final int SSL3_RSA_WITH_DES_CBC_SHA
- See Also:
- Constant Field Values
SSL3_RSA_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_RSA_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DH_DSS_WITH_DES_CBC_SHA
public static final int SSL3_DH_DSS_WITH_DES_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DH_DSS_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_DH_DSS_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DH_RSA_WITH_DES_CBC_SHA
public static final int SSL3_DH_RSA_WITH_DES_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DH_RSA_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_DH_RSA_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DHE_DSS_WITH_DES_CBC_SHA
public static final int SSL3_DHE_DSS_WITH_DES_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DHE_DSS_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_DHE_DSS_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DHE_RSA_WITH_DES_CBC_SHA
public static final int SSL3_DHE_RSA_WITH_DES_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DHE_RSA_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DH_ANON_EXPORT_WITH_RC4_40_MD5
public static final int SSL3_DH_ANON_EXPORT_WITH_RC4_40_MD5
- See Also:
- Constant Field Values
SSL3_DH_ANON_WITH_RC4_128_MD5
public static final int SSL3_DH_ANON_WITH_RC4_128_MD5
- See Also:
- Constant Field Values
SSL3_DH_ANON_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_DH_ANON_EXPORT_WITH_DES40_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DH_ANON_WITH_DES_CBC_SHA
public static final int SSL3_DH_ANON_WITH_DES_CBC_SHA
- See Also:
- Constant Field Values
SSL3_DH_ANON_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_DH_ANON_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
SSL3_FORTEZZA_DMS_WITH_NULL_SHA
public static final int SSL3_FORTEZZA_DMS_WITH_NULL_SHA
- Deprecated. As of NSS 3.11, FORTEZZA is no longer supported.
SSL3_FORTEZZA_DMS_WITH_NULL_SHA, SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA
and SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA are placeholders for
backward compatibility.
- See Also:
- Constant Field Values
SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA
public static final int SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA
- See Also:
- Constant Field Values
SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA
public static final int SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA
- See Also:
- Constant Field Values
SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
public static final int SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
SSL_RSA_FIPS_WITH_DES_CBC_SHA
public static final int SSL_RSA_FIPS_WITH_DES_CBC_SHA
- See Also:
- Constant Field Values
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
public static final int TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
- See Also:
- Constant Field Values
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
public static final int TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
- See Also:
- Constant Field Values
TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
public static final int TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
- See Also:
- Constant Field Values
TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA
public static final int TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA
- See Also:
- Constant Field Values
TLS_DHE_DSS_WITH_RC4_128_SHA
public static final int TLS_DHE_DSS_WITH_RC4_128_SHA
- See Also:
- Constant Field Values
TLS_RSA_WITH_AES_128_CBC_SHA
public static final int TLS_RSA_WITH_AES_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_DSS_WITH_AES_128_CBC_SHA
public static final int TLS_DH_DSS_WITH_AES_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_RSA_WITH_AES_128_CBC_SHA
public static final int TLS_DH_RSA_WITH_AES_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
public static final int TLS_DHE_DSS_WITH_AES_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
public static final int TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_ANON_WITH_AES_128_CBC_SHA
public static final int TLS_DH_ANON_WITH_AES_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_RSA_WITH_AES_256_CBC_SHA
public static final int TLS_RSA_WITH_AES_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_DSS_WITH_AES_256_CBC_SHA
public static final int TLS_DH_DSS_WITH_AES_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_RSA_WITH_AES_256_CBC_SHA
public static final int TLS_DH_RSA_WITH_AES_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
public static final int TLS_DHE_DSS_WITH_AES_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
public static final int TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_ANON_WITH_AES_256_CBC_SHA
public static final int TLS_DH_ANON_WITH_AES_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
public static final int TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
public static final int TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
public static final int TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
public static final int TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
public static final int TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA
public static final int TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
public static final int TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA
public static final int TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA
public static final int TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
public static final int TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
public static final int TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA
public static final int TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDH_ECDSA_WITH_NULL_SHA
public static final int TLS_ECDH_ECDSA_WITH_NULL_SHA
- See Also:
- Constant Field Values
TLS_ECDH_ECDSA_WITH_RC4_128_SHA
public static final int TLS_ECDH_ECDSA_WITH_RC4_128_SHA
- See Also:
- Constant Field Values
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
public static final int TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
public static final int TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
public static final int TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDHE_ECDSA_WITH_NULL_SHA
public static final int TLS_ECDHE_ECDSA_WITH_NULL_SHA
- See Also:
- Constant Field Values
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
public static final int TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
- See Also:
- Constant Field Values
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
public static final int TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
public static final int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
public static final int TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDH_RSA_WITH_NULL_SHA
public static final int TLS_ECDH_RSA_WITH_NULL_SHA
- See Also:
- Constant Field Values
TLS_ECDH_RSA_WITH_RC4_128_SHA
public static final int TLS_ECDH_RSA_WITH_RC4_128_SHA
- See Also:
- Constant Field Values
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
public static final int TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
public static final int TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
public static final int TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDHE_RSA_WITH_NULL_SHA
public static final int TLS_ECDHE_RSA_WITH_NULL_SHA
- See Also:
- Constant Field Values
TLS_ECDHE_RSA_WITH_RC4_128_SHA
public static final int TLS_ECDHE_RSA_WITH_RC4_128_SHA
- See Also:
- Constant Field Values
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
public static final int TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
public static final int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
public static final int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDH_anon_WITH_NULL_SHA
public static final int TLS_ECDH_anon_WITH_NULL_SHA
- See Also:
- Constant Field Values
TLS_ECDH_anon_WITH_RC4_128_SHA
public static final int TLS_ECDH_anon_WITH_RC4_128_SHA
- See Also:
- Constant Field Values
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
public static final int TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
public static final int TLS_ECDH_anon_WITH_AES_128_CBC_SHA
- See Also:
- Constant Field Values
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
public static final int TLS_ECDH_anon_WITH_AES_256_CBC_SHA
- See Also:
- Constant Field Values
Constructor Detail |
---|
SSLSocket
public SSLSocket(java.lang.String host, int port) throws java.net.UnknownHostException, java.io.IOException
- Creates an SSL client socket and connects to the specified host and
port.
- Parameters:
host
- The hostname to connect to.port
- The port to connect to.- Throws:
java.net.UnknownHostException
java.io.IOException
SSLSocket
public SSLSocket(java.net.InetAddress address, int port) throws java.io.IOException
- Creates an SSL client socket and connects to the specified address and
port.
- Parameters:
address
- The IP address to connect to.port
- The port to connect to.- Throws:
java.io.IOException
SSLSocket
public SSLSocket(java.lang.String host, int port, java.net.InetAddress localAddr, int localPort) throws java.io.IOException
- Creates an SSL client socket and connects to the specified host and
port. Binds to the given local address and port.
- Parameters:
host
- The hostname to connect to.port
- The port to connect to.localAddr
- The local address to bind to. It can be null, in which case an unspecified local address will be chosen.localPort
- The local port to bind to. If 0, a random port will be assigned to the socket.- Throws:
java.io.IOException
SSLSocket
public SSLSocket(java.net.InetAddress address, int port, java.net.InetAddress localAddr, int localPort) throws java.io.IOException
- Creates an SSL client socket and connects to the specified address and
port. Binds to the given local address and port.
- Parameters:
address
- The IP address to connect to.port
- The port to connect to.localAddr
- The local address to bind to. It can be null, in which case an unspecified local address will be chosen.localPort
- The local port to bind to. If 0, a random port will be assigned to the socket.- Throws:
java.io.IOException
SSLSocket
public SSLSocket(java.lang.String host, int port, java.net.InetAddress localAddr, int localPort, SSLCertificateApprovalCallback certApprovalCallback, SSLClientCertificateSelectionCallback clientCertSelectionCallback) throws java.io.IOException
- Creates an SSL client socket and connects to the specified host and
port. Binds to the given local address and port. Installs the given
callbacks for certificate approval and client certificate selection.
- Parameters:
host
- The hostname to connect to.port
- The port to connect to.localAddr
- The local address to bind to. It can be null, in which case an unspecified local address will be chosen.localPort
- The local port to bind to. If 0, a random port will be assigned to the socket.certApprovalCallback
- A callback that can be used to override approval of the peer's certificate.clientCertSelectionCallback
- A callback to select the client certificate to present to the peer.- Throws:
java.io.IOException
SSLSocket
public SSLSocket(java.net.InetAddress address, int port, java.net.InetAddress localAddr, int localPort, boolean stream, SSLCertificateApprovalCallback certApprovalCallback, SSLClientCertificateSelectionCallback clientCertSelectionCallback) throws java.io.IOException
- Deprecated. As of JSS 3.0. The stream parameter is ignored, because
only stream sockets are supported.
- Creates an SSL client socket and connects to the specified host and port. Binds to the given local address and port. Installs the given callbacks for certificate approval and client certificate selection.
- Parameters:
host
- The hostname to connect to.port
- The port to connect to.localAddr
- The local address to bind to. It can be null, in which case an unspecified local address will be chosen.localPort
- The local port to bind to. If 0, a random port will be assigned to the socket.stream
- This parameter is ignored. All SSLSockets are stream sockets.certApprovalCallback
- A callback that can be used to override approval of the peer's certificate.clientCertSelectionCallback
- A callback to select the client certificate to present to the peer.- Throws:
java.io.IOException
- Creates an SSL client socket and connects to the specified host and port. Binds to the given local address and port. Installs the given callbacks for certificate approval and client certificate selection.
SSLSocket
public SSLSocket(java.net.InetAddress address, int port, java.net.InetAddress localAddr, int localPort, SSLCertificateApprovalCallback certApprovalCallback, SSLClientCertificateSelectionCallback clientCertSelectionCallback) throws java.io.IOException
- Creates an SSL client socket and connects to the specified address and
port. Binds to the given local address and port. Installs the given
callbacks for certificate approval and client certificate selection.
- Parameters:
address
- The IP address to connect to.port
- The port to connect to.localAddr
- The local address to bind to. It can be null, in which case an unspecified local address will be chosen.localPort
- The local port to bind to. If 0, a random port will be assigned to the socket.certApprovalCallback
- A callback that can be used to override approval of the peer's certificate.clientCertSelectionCallback
- A callback to select the client certificate to present to the peer.- Throws:
java.io.IOException
SSLSocket
public SSLSocket(java.net.Socket s, java.lang.String host, SSLCertificateApprovalCallback certApprovalCallback, SSLClientCertificateSelectionCallback clientCertSelectionCallback) throws java.io.IOException
- Creates an SSL client socket using the given Java socket for underlying
I/O. Installs the given callbacks for certificate approval and
client certificate selection.
- Parameters:
s
- The Java socket to use for underlying I/O.host
- The hostname of the remote side of the connection. This name is used to verify the server's certificate.certApprovalCallback
- A callback that can be used to override approval of the peer's certificate.clientCertSelectionCallback
- A callback to select the client certificate to present to the peer.- Throws:
java.io.IOException
Method Detail |
---|
getInetAddress
public java.net.InetAddress getInetAddress()
- Overrides:
getInetAddress
in classjava.net.Socket
- Returns:
- The remote peer's IP address or null if the SSLSocket is closed.
getLocalAddress
public java.net.InetAddress getLocalAddress()
- Overrides:
getLocalAddress
in classjava.net.Socket
- Returns:
- The local IP address or null if the SSLSocket is closed.
getLocalPort
public int getLocalPort()
- Overrides:
getLocalPort
in classjava.net.Socket
- Returns:
- The local port or -1 if the SSLSocket is closed.
getPort
public int getPort()
- Overrides:
getPort
in classjava.net.Socket
- Returns:
- The remote port.
getInputStream
public java.io.InputStream getInputStream() throws java.io.IOException
- Returns the input stream for reading from this socket.
- Overrides:
getInputStream
in classjava.net.Socket
- Throws:
java.io.IOException
getOutputStream
public java.io.OutputStream getOutputStream() throws java.io.IOException
- Returns the output stream for writing to this socket.
- Overrides:
getOutputStream
in classjava.net.Socket
- Throws:
java.io.IOException
setTcpNoDelay
public void setTcpNoDelay(boolean on) throws java.net.SocketException
- Enables or disables the TCP_NO_DELAY socket option. Enabling this
option will disable the Nagle algorithm.
- Overrides:
setTcpNoDelay
in classjava.net.Socket
- Throws:
java.net.SocketException
getTcpNoDelay
public boolean getTcpNoDelay() throws java.net.SocketException
- Returns the current setting of the TCP_NO_DELAY socket option.
- Overrides:
getTcpNoDelay
in classjava.net.Socket
- Throws:
java.net.SocketException
setKeepAlive
public void setKeepAlive(boolean on) throws java.net.SocketException
- Enables or disables the SO_KEEPALIVE socket option.
- Overrides:
setKeepAlive
in classjava.net.Socket
- Throws:
java.net.SocketException
getKeepAlive
public boolean getKeepAlive() throws java.net.SocketException
- Returns the current setting of the SO_KEEPALIVE socket option.
- Overrides:
getKeepAlive
in classjava.net.Socket
- Throws:
java.net.SocketException
shutdownInput
public void shutdownInput() throws java.io.IOException
- Shuts down the input side of the socket.
- Overrides:
shutdownInput
in classjava.net.Socket
- Throws:
java.io.IOException
shutdownOutput
public void shutdownOutput() throws java.io.IOException
- Shuts down the output side of the socket.
- Overrides:
shutdownOutput
in classjava.net.Socket
- Throws:
java.io.IOException
setSoLinger
public void setSoLinger(boolean on, int linger) throws java.net.SocketException
- Sets the SO_LINGER socket option.
param linger The time (in seconds) to linger for.
- Overrides:
setSoLinger
in classjava.net.Socket
- Throws:
java.net.SocketException
getSoLinger
public int getSoLinger() throws java.net.SocketException
- Returns the current value of the SO_LINGER socket option.
- Overrides:
getSoLinger
in classjava.net.Socket
- Throws:
java.net.SocketException
setSoTimeout
public void setSoTimeout(int timeout) throws java.net.SocketException
- Sets the SO_TIMEOUT socket option.
- Overrides:
setSoTimeout
in classjava.net.Socket
- Parameters:
timeout
- The timeout time in milliseconds.- Throws:
java.net.SocketException
getSoTimeout
public int getSoTimeout() throws java.net.SocketException
- Returns the current value of the SO_TIMEOUT socket option.
- Overrides:
getSoTimeout
in classjava.net.Socket
- Returns:
- The timeout time in milliseconds.
- Throws:
java.net.SocketException
setSendBufferSize
public void setSendBufferSize(int size) throws java.net.SocketException
- Sets the size (in bytes) of the send buffer.
- Overrides:
setSendBufferSize
in classjava.net.Socket
- Throws:
java.net.SocketException
getSendBufferSize
public int getSendBufferSize() throws java.net.SocketException
- Returns the size (in bytes) of the send buffer.
- Overrides:
getSendBufferSize
in classjava.net.Socket
- Throws:
java.net.SocketException
setReceiveBufferSize
public void setReceiveBufferSize(int size) throws java.net.SocketException
- Sets the size (in bytes) of the receive buffer.
- Overrides:
setReceiveBufferSize
in classjava.net.Socket
- Throws:
java.net.SocketException
getReceiveBufferSize
public int getReceiveBufferSize() throws java.net.SocketException
- Returnst he size (in bytes) of the receive buffer.
- Overrides:
getReceiveBufferSize
in classjava.net.Socket
- Throws:
java.net.SocketException
close
public void close() throws java.io.IOException
- Closes this socket.
- Overrides:
close
in classjava.net.Socket
- Throws:
java.io.IOException
addHandshakeCompletedListener
public void addHandshakeCompletedListener(SSLHandshakeCompletedListener l)
- Adds a listener to be notified when an SSL handshake completes.
removeHandshakeCompletedListener
public void removeHandshakeCompletedListener(SSLHandshakeCompletedListener l)
- Removes a previously registered listener for handshake completion.
enableSSL2
public void enableSSL2(boolean enable) throws java.net.SocketException
- Enables SSL v2 on this socket. It is enabled by default, unless the
default has been changed with
enableSSL2Default
.- Throws:
java.net.SocketException
enableSSL2Default
public static void enableSSL2Default(boolean enable) throws java.net.SocketException
- Sets the default for SSL v2 for all new sockets.
- Throws:
java.net.SocketException
enableSSL3
public void enableSSL3(boolean enable) throws java.net.SocketException
- Enables SSL v3 on this socket. It is enabled by default, unless the
default has been changed with
enableSSL3Default
.- Throws:
java.net.SocketException
enableSSL3Default
public static void enableSSL3Default(boolean enable) throws java.net.SocketException
- Sets the default for SSL v3 for all new sockets.
- Throws:
java.net.SocketException
enableTLS
public void enableTLS(boolean enable) throws java.net.SocketException
- Enables TLS on this socket. It is enabled by default, unless the
default has been changed with
enableTLSDefault
.- Throws:
java.net.SocketException
enableTLSDefault
public static void enableTLSDefault(boolean enable) throws java.net.SocketException
- Sets the default for TLS for all new sockets.
- Throws:
java.net.SocketException
bypassPKCS11
public void bypassPKCS11(boolean enable) throws java.net.SocketException
- Enables bypass of PKCS11 on this socket.
It is disabled by default, unless the default has been changed
with
bypassPKCS11Default
.- Throws:
java.net.SocketException
bypassPKCS11Default
public static void bypassPKCS11Default(boolean enable) throws java.net.SocketException
- Sets the default to bypass PKCS11 layer (except for public keys)
for all new sockets.
- Throws:
java.net.SocketException
enableRollbackDetection
public void enableRollbackDetection(boolean enable) throws java.net.SocketException
- Enable rollback detection for this socket.
It is enabled by default, unless the default has been changed
with
enableRollbackDetectionDefault
.- Throws:
java.net.SocketException
enableStepDown
public void enableStepDown(boolean enable) throws java.net.SocketException
- This option, enableStepDown, is concerned with the generation
of step-down keys which are used with export suites.
If the server cert's public key is 512 bits or less
this option is ignored because step-down keys don't
need to be generated.
If the server cert's public key is more than 512 bits,
this option has the following effect:
enable=true: generate step-down keys
enable=false: don't generate step-down keys; disable
export cipher suites
This option is enabled by default; unless the default has
been changed with
SSLSocket.enableStepDownDefault
.- Throws:
java.net.SocketException
enableFDX
public void enableFDX(boolean enable) throws java.net.SocketException
- Enable simultaneous read/write by separate read and write threads
(full duplex) for this socket.
It is disabled by default, unless the default has been changed
with
enableFDXDefault
.- Throws:
java.net.SocketException
enableV2CompatibleHello
public void enableV2CompatibleHello(boolean enable) throws java.net.SocketException
- Enable sending v3 client hello in v2 format for this socket.
It is enabled by default, unless the default has been changed
with
enableV2CompatibleHelloDefault
.- Throws:
java.net.SocketException
getSSLOptions
public java.lang.String getSSLOptions()
- Returns:
- a String listing the current SSLOptions for this SSLSocket.
getSSLDefaultOptions
public static java.lang.String getSSLDefaultOptions()
- Returns:
- a String listing the Default SSLOptions for all SSLSockets.
requireClientAuth
public void requireClientAuth(boolean require, boolean onRedo) throws java.net.SocketException
- Deprecated. use requireClientAuth(int)
- Sets whether the socket requires client authentication from the remote peer. If requestClientAuth() has not already been called, this method will tell the socket to request client auth as well as requiring it.
- Throws:
java.net.SocketException
- Sets whether the socket requires client authentication from the remote peer. If requestClientAuth() has not already been called, this method will tell the socket to request client auth as well as requiring it.
requireClientAuth
public void requireClientAuth(int mode) throws java.net.SocketException
- Sets whether the socket requires client authentication from the remote
peer. If requestClientAuth() has not already been called, this method
will tell the socket to request client auth as well as requiring it.
This is only meaningful for the server end of the SSL connection.
During the next handshake, the remote peer will be asked to
authenticate itself with the requirement that was set.
- Parameters:
mode
- One of: SSLSocket.SSL_REQUIRE_NEVER, SSLSocket.SSL_REQUIRE_ALWAYS, SSLSocket.SSL_REQUIRE_FIRST_HANDSHAKE, SSLSocket.SSL_REQUIRE_NO_ERROR- Throws:
java.net.SocketException
requireClientAuthDefault
public void requireClientAuthDefault(boolean require, boolean onRedo) throws java.net.SocketException
- Deprecated. use requireClientAuthDefault(int)
- Sets the default setting for requiring client authorization. All subsequently created sockets will use this default setting.
- Throws:
java.net.SocketException
- Sets the default setting for requiring client authorization. All subsequently created sockets will use this default setting.
requireClientAuthDefault
public static void requireClientAuthDefault(int mode) throws java.net.SocketException
- Sets the default setting for requiring client authorization.
All subsequently created sockets will use this default setting
This is only meaningful for the server end of the SSL connection.
- Parameters:
mode
- One of: SSLSocket.SSL_REQUIRE_NEVER, SSLSocket.SSL_REQUIRE_ALWAYS, SSLSocket.SSL_REQUIRE_FIRST_HANDSHAKE, SSLSocket.SSL_REQUIRE_NO_ERROR- Throws:
java.net.SocketException
forceHandshake
public void forceHandshake() throws java.net.SocketException
- Force an already started SSL handshake to complete.
This method should block until the handshake has completed.
- Throws:
java.net.SocketException
setUseClientMode
public void setUseClientMode(boolean b)
- Determines whether this end of the socket is the client or the server
for purposes of the SSL protocol. By default, it is the client.
- Parameters:
b
- true if this end of the socket is the SSL slient, false if it is the SSL server.
getUseClientMode
public boolean getUseClientMode()
- Returns:
- true if this end of the socket is the SSL client, false if it is the SSL server.
resetHandshake
public void resetHandshake() throws java.net.SocketException
- Resets the handshake state.
- Throws:
java.net.SocketException
getStatus
public SSLSecurityStatus getStatus() throws java.net.SocketException
- Returns the security status of this socket.
- Throws:
java.net.SocketException
setClientCertNickname
public void setClientCertNickname(java.lang.String nick) throws java.net.SocketException
- Sets the nickname of the certificate to use for client authentication.
Alternately, you can specify an SSLClientCertificateSelectionCallback,
which will receive a list of certificates that are valid for client
authentication.
- Throws:
java.net.SocketException
- See Also:
SSLClientCertificateSelectionCallback
setClientCert
public void setClientCert(X509Certificate cert) throws java.net.SocketException
- Sets the certificate to use for client authentication.
Alternately, you can specify an SSLClientCertificateSelectionCallback,
which will receive a list of certificates that are valid for client
authentication.
- Throws:
java.net.SocketException
- See Also:
SSLClientCertificateSelectionCallback
requestClientAuth
public void requestClientAuth(boolean b) throws java.net.SocketException
- Enables/disables the request of client authentication. This is only
meaningful for the server end of the SSL connection. During the next
handshake, the remote peer will be asked to authenticate itself.
- Throws:
java.net.SocketException
- See Also:
requireClientAuth(boolean, boolean)
setNeedClientAuth
public void setNeedClientAuth(boolean b) throws java.net.SocketException
- Deprecated. As of JSS 3.0. This method is misnamed. Use
requestClientAuth
instead.- Throws:
java.net.SocketException
setNeedClientAuthNoExpiryCheck
public void setNeedClientAuthNoExpiryCheck(boolean b) throws java.net.SocketException
- Deprecated. As of JSS 3.0. This method is misnamed. Use
requestClientAuthNoExpiryCheck
instead.- Enables/disables the request of client authentication. This is only meaningful for the server end of the SSL connection. During the next handshake, the remote peer will be asked to authenticate itself.
In addition, the client certificate's expiration will not prevent it from being accepted.
- Throws:
java.net.SocketException
- See Also:
public void requestClientAuthNoExpiryCheck(boolean b) throws SocketException { base.requestClientAuthNoExpiryCheck(b); } /**
- Enables/disables the request of client authentication. This is only meaningful for the server end of the SSL connection. During the next handshake, the remote peer will be asked to authenticate itself.
useCache
public void useCache(boolean b) throws java.net.SocketException
- Enables/disables the session cache. By default, the session cache
is enabled.
- Throws:
java.net.SocketException
useCacheDefault
public void useCacheDefault(boolean b) throws java.net.SocketException
- Sets the default setting for use of the session cache.
- Throws:
java.net.SocketException
setCipherPreference
public void setCipherPreference(int cipher, boolean enable) throws java.net.SocketException
- Enables/disables the cipher on this socket.
- Throws:
java.net.SocketException
getCipherPreference
public boolean getCipherPreference(int cipher) throws java.net.SocketException
- Returns whether this cipher is enabled or disabled on this socket.
- Throws:
java.net.SocketException
setCipherPreferenceDefault
public static void setCipherPreferenceDefault(int cipher, boolean enable) throws java.net.SocketException
- Sets the default for whether this cipher is enabled or disabled.
- Throws:
java.net.SocketException
getCipherPreferenceDefault
public static boolean getCipherPreferenceDefault(int cipher) throws java.net.SocketException
- Returns the default for whether this cipher is enabled or disabled.
- Throws:
java.net.SocketException
invalidateSession
public void invalidateSession() throws java.net.SocketException
- Removes the current session from the session cache.
- Throws:
java.net.SocketException
redoHandshake
public void redoHandshake() throws java.net.SocketException
- Causes SSL to begin a full, new SSL 3.0 handshake from scratch
on a connection that has already completed one handshake.
Does not flush the SSL3 cache entry first, so a full handshake will not take place. Instead only the symmetric session keys will be regenerated.
- Throws:
java.net.SocketException
redoHandshake
public void redoHandshake(boolean flushCache) throws java.net.SocketException
- Causes SSL to begin a full, new SSL 3.0 handshake from scratch
on a connection that has already completed one handshake.
- Parameters:
flushCache
- If true, this session will be flushed from the cache. This will force a complete SSL handshake with a private key operation. If false, only the session key will be regenerated.- Throws:
java.net.SocketException
finalize
protected void finalize() throws java.lang.Throwable
- Overrides:
finalize
in classjava.lang.Object
- Throws:
java.lang.Throwable
setCipherPolicy
public static void setCipherPolicy(SSLSocket.CipherPolicy cp) throws java.net.SocketException
- Sets the SSL cipher policy. This must be called before creating any
SSL sockets.
- Throws:
java.net.SocketException
toString
public java.lang.String toString()
- Returns the addresses and ports of this socket
or an error message if the socket is not in a valid state.
- Overrides:
toString
in classjava.net.Socket
isFipsCipherSuite
public static boolean isFipsCipherSuite(int ciphersuite) throws java.net.SocketException
- isFipsCipherSuite
- Returns:
- true if the ciphersuite isFIPS, false otherwise
- Throws:
java.net.SocketException
getImplementedCipherSuites
public static int[] getImplementedCipherSuites()
- Returns a list of cipher suites that are implemented by NSS.
Each element in the array will be one of the cipher suite constants
defined in this class (for example,
TLS_RSA_WITH_AES_128_CBC_SHA).
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |