Package org.conscrypt

Class ConscryptEngineSocket

    • Constructor Detail

      • ConscryptEngineSocket

        ConscryptEngineSocket​(SSLParametersImpl sslParameters)
                       throws java.io.IOException
        Throws:
        java.io.IOException
      • ConscryptEngineSocket

        ConscryptEngineSocket​(java.lang.String hostname,
                              int port,
                              SSLParametersImpl sslParameters)
                       throws java.io.IOException
        Throws:
        java.io.IOException
      • ConscryptEngineSocket

        ConscryptEngineSocket​(java.net.InetAddress address,
                              int port,
                              SSLParametersImpl sslParameters)
                       throws java.io.IOException
        Throws:
        java.io.IOException
      • ConscryptEngineSocket

        ConscryptEngineSocket​(java.lang.String hostname,
                              int port,
                              java.net.InetAddress clientAddress,
                              int clientPort,
                              SSLParametersImpl sslParameters)
                       throws java.io.IOException
        Throws:
        java.io.IOException
      • ConscryptEngineSocket

        ConscryptEngineSocket​(java.net.InetAddress address,
                              int port,
                              java.net.InetAddress clientAddress,
                              int clientPort,
                              SSLParametersImpl sslParameters)
                       throws java.io.IOException
        Throws:
        java.io.IOException
      • ConscryptEngineSocket

        ConscryptEngineSocket​(java.net.Socket socket,
                              java.lang.String hostname,
                              int port,
                              boolean autoClose,
                              SSLParametersImpl sslParameters)
                       throws java.io.IOException
        Throws:
        java.io.IOException
    • Method Detail

      • getDelegatingTrustManager

        private static javax.net.ssl.X509TrustManager getDelegatingTrustManager​(javax.net.ssl.X509TrustManager delegate,
                                                                                ConscryptEngineSocket socket)
      • getSSLParameters

        public final javax.net.ssl.SSLParameters getSSLParameters()
        Overrides:
        getSSLParameters in class javax.net.ssl.SSLSocket
      • setSSLParameters

        public final void setSSLParameters​(javax.net.ssl.SSLParameters sslParameters)
        Overrides:
        setSSLParameters in class javax.net.ssl.SSLSocket
      • startHandshake

        public final void startHandshake()
                                  throws java.io.IOException
        Specified by:
        startHandshake in class javax.net.ssl.SSLSocket
        Throws:
        java.io.IOException
      • doHandshake

        private void doHandshake()
                          throws java.io.IOException
        Throws:
        java.io.IOException
      • getSession

        public final javax.net.ssl.SSLSession getSession()
        Specified by:
        getSession in class javax.net.ssl.SSLSocket
      • getEnableSessionCreation

        public final boolean getEnableSessionCreation()
        Specified by:
        getEnableSessionCreation in class javax.net.ssl.SSLSocket
      • setEnableSessionCreation

        public final void setEnableSessionCreation​(boolean flag)
        Specified by:
        setEnableSessionCreation in class javax.net.ssl.SSLSocket
      • getSupportedCipherSuites

        public final java.lang.String[] getSupportedCipherSuites()
        Specified by:
        getSupportedCipherSuites in class javax.net.ssl.SSLSocket
      • getEnabledCipherSuites

        public final java.lang.String[] getEnabledCipherSuites()
        Specified by:
        getEnabledCipherSuites in class javax.net.ssl.SSLSocket
      • setEnabledCipherSuites

        public final void setEnabledCipherSuites​(java.lang.String[] suites)
        Specified by:
        setEnabledCipherSuites in class javax.net.ssl.SSLSocket
      • getSupportedProtocols

        public final java.lang.String[] getSupportedProtocols()
        Specified by:
        getSupportedProtocols in class javax.net.ssl.SSLSocket
      • getEnabledProtocols

        public final java.lang.String[] getEnabledProtocols()
        Specified by:
        getEnabledProtocols in class javax.net.ssl.SSLSocket
      • setEnabledProtocols

        public final void setEnabledProtocols​(java.lang.String[] protocols)
        Specified by:
        setEnabledProtocols in class javax.net.ssl.SSLSocket
      • setHostname

        public final void setHostname​(java.lang.String hostname)
        This method enables Server Name Indication. If the hostname is not a valid SNI hostname, the SNI extension will be omitted from the handshake.
        Overrides:
        setHostname in class OpenSSLSocketImpl
        Parameters:
        hostname - the desired SNI hostname, or null to disable
      • setUseSessionTickets

        public final void setUseSessionTickets​(boolean useSessionTickets)
        Description copied from class: AbstractConscryptSocket
        This method enables session ticket support.
        Specified by:
        setUseSessionTickets in class OpenSSLSocketImpl
        Parameters:
        useSessionTickets - True to enable session tickets
      • setChannelIdEnabled

        public final void setChannelIdEnabled​(boolean enabled)
        Description copied from class: AbstractConscryptSocket
        Enables/disables TLS Channel ID for this server socket.

        This method needs to be invoked before the handshake starts.

        Specified by:
        setChannelIdEnabled in class OpenSSLSocketImpl
      • getChannelId

        public final byte[] getChannelId()
                                  throws javax.net.ssl.SSLException
        Description copied from class: AbstractConscryptSocket
        Gets the TLS Channel ID for this server socket. Channel ID is only available once the handshake completes.
        Specified by:
        getChannelId in class OpenSSLSocketImpl
        Returns:
        channel ID or null if not available.
        Throws:
        javax.net.ssl.SSLException - if channel ID is available but could not be obtained.
      • setChannelIdPrivateKey

        public final void setChannelIdPrivateKey​(java.security.PrivateKey privateKey)
        Description copied from class: AbstractConscryptSocket
        Sets the PrivateKey to be used for TLS Channel ID by this client socket.

        This method needs to be invoked before the handshake starts.

        Specified by:
        setChannelIdPrivateKey in class OpenSSLSocketImpl
        Parameters:
        privateKey - private key (enables TLS Channel ID) or null for no key (disables TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).
      • getTlsUnique

        byte[] getTlsUnique()
        Description copied from class: AbstractConscryptSocket
        Returns the tls-unique channel binding value for this connection, per RFC 5929. This will return null if there is no such value available, such as if the handshake has not yet completed or this connection is closed.
        Specified by:
        getTlsUnique in class AbstractConscryptSocket
      • exportKeyingMaterial

        byte[] exportKeyingMaterial​(java.lang.String label,
                                    byte[] context,
                                    int length)
                             throws javax.net.ssl.SSLException
        Description copied from class: AbstractConscryptSocket
        Exports a value derived from the TLS master secret as described in RFC 5705.
        Specified by:
        exportKeyingMaterial in class AbstractConscryptSocket
        Parameters:
        label - the label to use in calculating the exported value. This must be an ASCII-only string.
        context - the application-specific context value to use in calculating the exported value. This may be null to use no application context, which is treated differently than an empty byte array.
        length - the number of bytes of keying material to return.
        Returns:
        a value of the specified length, or null if the handshake has not yet completed or the connection has been closed.
        Throws:
        javax.net.ssl.SSLException - if the value could not be exported.
      • getUseClientMode

        public final boolean getUseClientMode()
        Specified by:
        getUseClientMode in class javax.net.ssl.SSLSocket
      • setUseClientMode

        public final void setUseClientMode​(boolean mode)
        Specified by:
        setUseClientMode in class javax.net.ssl.SSLSocket
      • getWantClientAuth

        public final boolean getWantClientAuth()
        Specified by:
        getWantClientAuth in class javax.net.ssl.SSLSocket
      • getNeedClientAuth

        public final boolean getNeedClientAuth()
        Specified by:
        getNeedClientAuth in class javax.net.ssl.SSLSocket
      • setNeedClientAuth

        public final void setNeedClientAuth​(boolean need)
        Specified by:
        setNeedClientAuth in class javax.net.ssl.SSLSocket
      • setWantClientAuth

        public final void setWantClientAuth​(boolean want)
        Specified by:
        setWantClientAuth in class javax.net.ssl.SSLSocket
      • close

        public final void close()
                         throws java.io.IOException
        Specified by:
        close in interface java.lang.AutoCloseable
        Specified by:
        close in interface java.io.Closeable
        Overrides:
        close in class AbstractConscryptSocket
        Throws:
        java.io.IOException
      • setHandshakeTimeout

        public void setHandshakeTimeout​(int handshakeTimeoutMilliseconds)
                                 throws java.net.SocketException
        Description copied from class: AbstractConscryptSocket
        Set the handshake timeout on this socket. This timeout is specified in milliseconds and will be used only during the handshake process.
        Overrides:
        setHandshakeTimeout in class OpenSSLSocketImpl
        Throws:
        java.net.SocketException
      • setBufferAllocator

        void setBufferAllocator​(BufferAllocator bufferAllocator)
      • onHandshakeFinished

        private void onHandshakeFinished()
      • waitForHandshake

        private void waitForHandshake()
                               throws java.io.IOException
        Waits for the handshake to complete.
        Throws:
        java.io.IOException
      • drainOutgoingQueue

        private void drainOutgoingQueue()
      • getUnderlyingOutputStream

        private java.io.OutputStream getUnderlyingOutputStream()
                                                        throws java.io.IOException
        Throws:
        java.io.IOException
      • getUnderlyingInputStream

        private java.io.InputStream getUnderlyingInputStream()
                                                      throws java.io.IOException
        Throws:
        java.io.IOException
      • chooseClientAlias

        public final java.lang.String chooseClientAlias​(javax.net.ssl.X509KeyManager keyManager,
                                                        javax.security.auth.x500.X500Principal[] issuers,
                                                        java.lang.String[] keyTypes)
        Specified by:
        chooseClientAlias in interface SSLParametersImpl.AliasChooser