Package org.conscrypt
Class Java8EngineWrapper
- java.lang.Object
-
- javax.net.ssl.SSLEngine
-
- org.conscrypt.AbstractConscryptEngine
-
- org.conscrypt.Java8EngineWrapper
-
final class Java8EngineWrapper extends AbstractConscryptEngine
A wrapper aroundConscryptEngine
that adapts to the new Java 9 (and potentially later patches of 8)setHandshakeApplicationProtocolSelector
API (which requires Java 8 for compilation, due to the use ofBiFunction
).
-
-
Field Summary
Fields Modifier and Type Field Description private ConscryptEngine
delegate
private java.util.function.BiFunction<javax.net.ssl.SSLEngine,java.util.List<java.lang.String>,java.lang.String>
selector
-
Constructor Summary
Constructors Constructor Description Java8EngineWrapper(ConscryptEngine delegate)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
beginHandshake()
void
closeInbound()
void
closeOutbound()
(package private) byte[]
exportKeyingMaterial(java.lang.String label, byte[] context, int length)
Exports a value derived from the TLS master secret as described in RFC 5705.java.lang.String
getApplicationProtocol()
(package private) java.lang.String[]
getApplicationProtocols()
Returns the list of supported ALPN protocols.(package private) byte[]
getChannelId()
Gets the TLS Channel ID for this server engine.(package private) static javax.net.ssl.SSLEngine
getDelegate(javax.net.ssl.SSLEngine engine)
java.lang.Runnable
getDelegatedTask()
java.lang.String[]
getEnabledCipherSuites()
java.lang.String[]
getEnabledProtocols()
boolean
getEnableSessionCreation()
java.lang.String
getHandshakeApplicationProtocol()
java.util.function.BiFunction<javax.net.ssl.SSLEngine,java.util.List<java.lang.String>,java.lang.String>
getHandshakeApplicationProtocolSelector()
javax.net.ssl.SSLEngineResult.HandshakeStatus
getHandshakeStatus()
(package private) java.lang.String
getHostname()
Returns the hostname fromAbstractConscryptEngine.setHostname(String)
or supplied by thePeerInfoProvider
upon creation.boolean
getNeedClientAuth()
java.lang.String
getPeerHost()
int
getPeerPort()
javax.net.ssl.SSLSession
getSession()
javax.net.ssl.SSLParameters
getSSLParameters()
java.lang.String[]
getSupportedCipherSuites()
java.lang.String[]
getSupportedProtocols()
(package private) byte[]
getTlsUnique()
Returns the tls-unique channel binding value for this connection, per RFC 5929.boolean
getUseClientMode()
boolean
getWantClientAuth()
(package private) javax.net.ssl.SSLSession
handshakeSession()
Work-around to allow this method to be called on older versions of Android.boolean
isInboundDone()
boolean
isOutboundDone()
(package private) int
maxSealOverhead()
Returns the maximum overhead, in bytes, of sealing a record with SSL.(package private) void
setApplicationProtocols(java.lang.String[] protocols)
Sets the list of ALPN protocols.(package private) void
setApplicationProtocolSelector(ApplicationProtocolSelector selector)
Sets an application-provided ALPN protocol selector.(package private) void
setBufferAllocator(BufferAllocator bufferAllocator)
(package private) void
setChannelIdEnabled(boolean enabled)
Enables/disables TLS Channel ID for this server engine.(package private) void
setChannelIdPrivateKey(java.security.PrivateKey privateKey)
Sets thePrivateKey
to be used for TLS Channel ID by this client engine.void
setEnabledCipherSuites(java.lang.String[] suites)
void
setEnabledProtocols(java.lang.String[] protocols)
void
setEnableSessionCreation(boolean flag)
void
setHandshakeApplicationProtocolSelector(java.util.function.BiFunction<javax.net.ssl.SSLEngine,java.util.List<java.lang.String>,java.lang.String> selector)
(package private) void
setHandshakeListener(HandshakeListener handshakeListener)
Sets the listener for the completion of the TLS handshake.(package private) void
setHostname(java.lang.String hostname)
This method enables Server Name Indication (SNI) and overrides thePeerInfoProvider
supplied during engine creation.void
setNeedClientAuth(boolean need)
void
setSSLParameters(javax.net.ssl.SSLParameters sslParameters)
void
setUseClientMode(boolean mode)
(package private) void
setUseSessionTickets(boolean useSessionTickets)
This method enables session ticket support.void
setWantClientAuth(boolean want)
private static ApplicationProtocolSelector
toApplicationProtocolSelector(java.util.function.BiFunction<javax.net.ssl.SSLEngine,java.util.List<java.lang.String>,java.lang.String> selector)
(package private) javax.net.ssl.SSLEngineResult
unwrap(java.nio.ByteBuffer[] srcs, int srcsOffset, int srcsLength, java.nio.ByteBuffer[] dsts, int dstsOffset, int dstsLength)
(package private) javax.net.ssl.SSLEngineResult
unwrap(java.nio.ByteBuffer[] srcs, java.nio.ByteBuffer[] dsts)
javax.net.ssl.SSLEngineResult
unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer dst)
javax.net.ssl.SSLEngineResult
unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer[] dsts)
javax.net.ssl.SSLEngineResult
unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer[] dsts, int offset, int length)
javax.net.ssl.SSLEngineResult
wrap(java.nio.ByteBuffer[] srcs, int srcsOffset, int srcsLength, java.nio.ByteBuffer dst)
javax.net.ssl.SSLEngineResult
wrap(java.nio.ByteBuffer[] byteBuffers, java.nio.ByteBuffer byteBuffer)
javax.net.ssl.SSLEngineResult
wrap(java.nio.ByteBuffer src, java.nio.ByteBuffer dst)
-
Methods inherited from class org.conscrypt.AbstractConscryptEngine
getHandshakeSession
-
-
-
-
Field Detail
-
delegate
private final ConscryptEngine delegate
-
selector
private java.util.function.BiFunction<javax.net.ssl.SSLEngine,java.util.List<java.lang.String>,java.lang.String> selector
-
-
Constructor Detail
-
Java8EngineWrapper
Java8EngineWrapper(ConscryptEngine delegate)
-
-
Method Detail
-
getDelegate
static javax.net.ssl.SSLEngine getDelegate(javax.net.ssl.SSLEngine engine)
-
wrap
public javax.net.ssl.SSLEngineResult wrap(java.nio.ByteBuffer[] byteBuffers, java.nio.ByteBuffer byteBuffer) throws javax.net.ssl.SSLException
- Overrides:
wrap
in classjavax.net.ssl.SSLEngine
- Throws:
javax.net.ssl.SSLException
-
getSSLParameters
public javax.net.ssl.SSLParameters getSSLParameters()
- Overrides:
getSSLParameters
in classjavax.net.ssl.SSLEngine
-
setSSLParameters
public void setSSLParameters(javax.net.ssl.SSLParameters sslParameters)
- Overrides:
setSSLParameters
in classjavax.net.ssl.SSLEngine
-
setBufferAllocator
void setBufferAllocator(BufferAllocator bufferAllocator)
- Specified by:
setBufferAllocator
in classAbstractConscryptEngine
-
maxSealOverhead
int maxSealOverhead()
Description copied from class:AbstractConscryptEngine
Returns the maximum overhead, in bytes, of sealing a record with SSL.- Specified by:
maxSealOverhead
in classAbstractConscryptEngine
-
setChannelIdEnabled
void setChannelIdEnabled(boolean enabled)
Description copied from class:AbstractConscryptEngine
Enables/disables TLS Channel ID for this server engine.This method needs to be invoked before the handshake starts.
- Specified by:
setChannelIdEnabled
in classAbstractConscryptEngine
-
getChannelId
byte[] getChannelId() throws javax.net.ssl.SSLException
Description copied from class:AbstractConscryptEngine
Gets the TLS Channel ID for this server engine. Channel ID is only available once the handshake completes.- Specified by:
getChannelId
in classAbstractConscryptEngine
- Returns:
- channel ID or
null
if not available. - Throws:
javax.net.ssl.SSLException
- if channel ID is available but could not be obtained.
-
setChannelIdPrivateKey
void setChannelIdPrivateKey(java.security.PrivateKey privateKey)
Description copied from class:AbstractConscryptEngine
Sets thePrivateKey
to be used for TLS Channel ID by this client engine.This method needs to be invoked before the handshake starts.
- Specified by:
setChannelIdPrivateKey
in classAbstractConscryptEngine
- Parameters:
privateKey
- private key (enables TLS Channel ID) ornull
for no key (disables TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).
-
setHandshakeListener
void setHandshakeListener(HandshakeListener handshakeListener)
Description copied from class:AbstractConscryptEngine
Sets the listener for the completion of the TLS handshake.- Specified by:
setHandshakeListener
in classAbstractConscryptEngine
-
setHostname
void setHostname(java.lang.String hostname)
Description copied from class:AbstractConscryptEngine
This method enables Server Name Indication (SNI) and overrides thePeerInfoProvider
supplied during engine creation.- Specified by:
setHostname
in classAbstractConscryptEngine
-
getHostname
java.lang.String getHostname()
Description copied from class:AbstractConscryptEngine
Returns the hostname fromAbstractConscryptEngine.setHostname(String)
or supplied by thePeerInfoProvider
upon creation. No DNS resolution is attempted before returning the hostname.- Specified by:
getHostname
in classAbstractConscryptEngine
-
getPeerHost
public java.lang.String getPeerHost()
- Specified by:
getPeerHost
in classAbstractConscryptEngine
-
getPeerPort
public int getPeerPort()
- Specified by:
getPeerPort
in classAbstractConscryptEngine
-
beginHandshake
public void beginHandshake() throws javax.net.ssl.SSLException
- Specified by:
beginHandshake
in classjavax.net.ssl.SSLEngine
- Throws:
javax.net.ssl.SSLException
-
closeInbound
public void closeInbound() throws javax.net.ssl.SSLException
- Specified by:
closeInbound
in classjavax.net.ssl.SSLEngine
- Throws:
javax.net.ssl.SSLException
-
closeOutbound
public void closeOutbound()
- Specified by:
closeOutbound
in classjavax.net.ssl.SSLEngine
-
getDelegatedTask
public java.lang.Runnable getDelegatedTask()
- Specified by:
getDelegatedTask
in classjavax.net.ssl.SSLEngine
-
getEnabledCipherSuites
public java.lang.String[] getEnabledCipherSuites()
- Specified by:
getEnabledCipherSuites
in classjavax.net.ssl.SSLEngine
-
getEnabledProtocols
public java.lang.String[] getEnabledProtocols()
- Specified by:
getEnabledProtocols
in classjavax.net.ssl.SSLEngine
-
getEnableSessionCreation
public boolean getEnableSessionCreation()
- Specified by:
getEnableSessionCreation
in classjavax.net.ssl.SSLEngine
-
getHandshakeStatus
public javax.net.ssl.SSLEngineResult.HandshakeStatus getHandshakeStatus()
- Specified by:
getHandshakeStatus
in classjavax.net.ssl.SSLEngine
-
getNeedClientAuth
public boolean getNeedClientAuth()
- Specified by:
getNeedClientAuth
in classjavax.net.ssl.SSLEngine
-
handshakeSession
javax.net.ssl.SSLSession handshakeSession()
Description copied from class:AbstractConscryptEngine
Work-around to allow this method to be called on older versions of Android.- Specified by:
handshakeSession
in classAbstractConscryptEngine
-
getSession
public javax.net.ssl.SSLSession getSession()
- Specified by:
getSession
in classjavax.net.ssl.SSLEngine
-
getSupportedCipherSuites
public java.lang.String[] getSupportedCipherSuites()
- Specified by:
getSupportedCipherSuites
in classjavax.net.ssl.SSLEngine
-
getSupportedProtocols
public java.lang.String[] getSupportedProtocols()
- Specified by:
getSupportedProtocols
in classjavax.net.ssl.SSLEngine
-
getUseClientMode
public boolean getUseClientMode()
- Specified by:
getUseClientMode
in classjavax.net.ssl.SSLEngine
-
getWantClientAuth
public boolean getWantClientAuth()
- Specified by:
getWantClientAuth
in classjavax.net.ssl.SSLEngine
-
isInboundDone
public boolean isInboundDone()
- Specified by:
isInboundDone
in classjavax.net.ssl.SSLEngine
-
isOutboundDone
public boolean isOutboundDone()
- Specified by:
isOutboundDone
in classjavax.net.ssl.SSLEngine
-
setEnabledCipherSuites
public void setEnabledCipherSuites(java.lang.String[] suites)
- Specified by:
setEnabledCipherSuites
in classjavax.net.ssl.SSLEngine
-
setEnabledProtocols
public void setEnabledProtocols(java.lang.String[] protocols)
- Specified by:
setEnabledProtocols
in classjavax.net.ssl.SSLEngine
-
setEnableSessionCreation
public void setEnableSessionCreation(boolean flag)
- Specified by:
setEnableSessionCreation
in classjavax.net.ssl.SSLEngine
-
setNeedClientAuth
public void setNeedClientAuth(boolean need)
- Specified by:
setNeedClientAuth
in classjavax.net.ssl.SSLEngine
-
setUseClientMode
public void setUseClientMode(boolean mode)
- Specified by:
setUseClientMode
in classjavax.net.ssl.SSLEngine
-
setWantClientAuth
public void setWantClientAuth(boolean want)
- Specified by:
setWantClientAuth
in classjavax.net.ssl.SSLEngine
-
unwrap
public javax.net.ssl.SSLEngineResult unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer dst) throws javax.net.ssl.SSLException
- Specified by:
unwrap
in classAbstractConscryptEngine
- Throws:
javax.net.ssl.SSLException
-
unwrap
public javax.net.ssl.SSLEngineResult unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer[] dsts) throws javax.net.ssl.SSLException
- Specified by:
unwrap
in classAbstractConscryptEngine
- Throws:
javax.net.ssl.SSLException
-
unwrap
public javax.net.ssl.SSLEngineResult unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer[] dsts, int offset, int length) throws javax.net.ssl.SSLException
- Specified by:
unwrap
in classAbstractConscryptEngine
- Throws:
javax.net.ssl.SSLException
-
unwrap
javax.net.ssl.SSLEngineResult unwrap(java.nio.ByteBuffer[] srcs, java.nio.ByteBuffer[] dsts) throws javax.net.ssl.SSLException
- Specified by:
unwrap
in classAbstractConscryptEngine
- Throws:
javax.net.ssl.SSLException
-
unwrap
javax.net.ssl.SSLEngineResult unwrap(java.nio.ByteBuffer[] srcs, int srcsOffset, int srcsLength, java.nio.ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws javax.net.ssl.SSLException
- Specified by:
unwrap
in classAbstractConscryptEngine
- Throws:
javax.net.ssl.SSLException
-
wrap
public javax.net.ssl.SSLEngineResult wrap(java.nio.ByteBuffer src, java.nio.ByteBuffer dst) throws javax.net.ssl.SSLException
- Specified by:
wrap
in classAbstractConscryptEngine
- Throws:
javax.net.ssl.SSLException
-
wrap
public javax.net.ssl.SSLEngineResult wrap(java.nio.ByteBuffer[] srcs, int srcsOffset, int srcsLength, java.nio.ByteBuffer dst) throws javax.net.ssl.SSLException
- Specified by:
wrap
in classAbstractConscryptEngine
- Throws:
javax.net.ssl.SSLException
-
setUseSessionTickets
void setUseSessionTickets(boolean useSessionTickets)
Description copied from class:AbstractConscryptEngine
This method enables session ticket support.- Specified by:
setUseSessionTickets
in classAbstractConscryptEngine
- Parameters:
useSessionTickets
- True to enable session tickets
-
setApplicationProtocols
void setApplicationProtocols(java.lang.String[] protocols)
Description copied from class:AbstractConscryptEngine
Sets the list of ALPN protocols.- Specified by:
setApplicationProtocols
in classAbstractConscryptEngine
- Parameters:
protocols
- the list of ALPN protocols
-
getApplicationProtocols
java.lang.String[] getApplicationProtocols()
Description copied from class:AbstractConscryptEngine
Returns the list of supported ALPN protocols.- Specified by:
getApplicationProtocols
in classAbstractConscryptEngine
-
getApplicationProtocol
public java.lang.String getApplicationProtocol()
- Specified by:
getApplicationProtocol
in classAbstractConscryptEngine
-
setApplicationProtocolSelector
void setApplicationProtocolSelector(ApplicationProtocolSelector selector)
Description copied from class:AbstractConscryptEngine
Sets an application-provided ALPN protocol selector. If provided, this will override the list of protocols set byAbstractConscryptEngine.setApplicationProtocols(String[])
.- Specified by:
setApplicationProtocolSelector
in classAbstractConscryptEngine
-
getTlsUnique
byte[] getTlsUnique()
Description copied from class:AbstractConscryptEngine
Returns the tls-unique channel binding value for this connection, per RFC 5929. This will returnnull
if there is no such value available, such as if the handshake has not yet completed or this connection is closed.- Specified by:
getTlsUnique
in classAbstractConscryptEngine
-
exportKeyingMaterial
byte[] exportKeyingMaterial(java.lang.String label, byte[] context, int length) throws javax.net.ssl.SSLException
Description copied from class:AbstractConscryptEngine
Exports a value derived from the TLS master secret as described in RFC 5705.- Specified by:
exportKeyingMaterial
in classAbstractConscryptEngine
- Parameters:
label
- the label to use in calculating the exported value. This must be an ASCII-only string.context
- the application-specific context value to use in calculating the exported value. This may benull
to use no application context, which is treated differently than an empty byte array.length
- the number of bytes of keying material to return.- Returns:
- a value of the specified length, or
null
if the handshake has not yet completed or the connection has been closed. - Throws:
javax.net.ssl.SSLException
- if the value could not be exported.
-
getHandshakeApplicationProtocol
public java.lang.String getHandshakeApplicationProtocol()
- Specified by:
getHandshakeApplicationProtocol
in classAbstractConscryptEngine
-
setHandshakeApplicationProtocolSelector
public void setHandshakeApplicationProtocolSelector(java.util.function.BiFunction<javax.net.ssl.SSLEngine,java.util.List<java.lang.String>,java.lang.String> selector)
- Overrides:
setHandshakeApplicationProtocolSelector
in classjavax.net.ssl.SSLEngine
-
getHandshakeApplicationProtocolSelector
public java.util.function.BiFunction<javax.net.ssl.SSLEngine,java.util.List<java.lang.String>,java.lang.String> getHandshakeApplicationProtocolSelector()
- Overrides:
getHandshakeApplicationProtocolSelector
in classjavax.net.ssl.SSLEngine
-
toApplicationProtocolSelector
private static ApplicationProtocolSelector toApplicationProtocolSelector(java.util.function.BiFunction<javax.net.ssl.SSLEngine,java.util.List<java.lang.String>,java.lang.String> selector)
-
-