Package org.conscrypt
Class Java8EngineWrapper
java.lang.Object
javax.net.ssl.SSLEngine
org.conscrypt.AbstractConscryptEngine
org.conscrypt.Java8EngineWrapper
A wrapper around
ConscryptEngine
that adapts to the new Java 9 (and potentially later
patches of 8) setHandshakeApplicationProtocolSelector
API (which requires Java 8 for
compilation, due to the use of BiFunction
).-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate final ConscryptEngine
private BiFunction
<SSLEngine, List<String>, String> -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
void
void
(package private) byte[]
exportKeyingMaterial
(String label, byte[] context, int length) Exports a value derived from the TLS master secret as described in RFC 5705.(package private) String[]
Returns the list of supported ALPN protocols.(package private) byte[]
Gets the TLS Channel ID for this server engine.(package private) static SSLEngine
getDelegate
(SSLEngine engine) String[]
String[]
boolean
(package private) String
Returns the hostname fromAbstractConscryptEngine.setHostname(String)
or supplied by thePeerInfoProvider
upon creation.boolean
int
String[]
String[]
(package private) byte[]
Returns the tls-unique channel binding value for this connection, per RFC 5929.boolean
boolean
(package private) SSLSession
Work-around to allow this method to be called on older versions of Android.boolean
boolean
(package private) int
Returns the maximum overhead, in bytes, of sealing a record with SSL.(package private) void
setApplicationProtocols
(String[] protocols) Sets the list of ALPN protocols.(package private) void
Sets an application-provided ALPN protocol selector.(package private) void
setBufferAllocator
(BufferAllocator bufferAllocator) (package private) void
setChannelIdEnabled
(boolean enabled) Enables/disables TLS Channel ID for this server engine.(package private) void
setChannelIdPrivateKey
(PrivateKey privateKey) Sets thePrivateKey
to be used for TLS Channel ID by this client engine.void
setEnabledCipherSuites
(String[] suites) void
setEnabledProtocols
(String[] protocols) void
setEnableSessionCreation
(boolean flag) void
(package private) void
setHandshakeListener
(HandshakeListener handshakeListener) Sets the listener for the completion of the TLS handshake.(package private) void
setHostname
(String hostname) This method enables Server Name Indication (SNI) and overrides thePeerInfoProvider
supplied during engine creation.void
setNeedClientAuth
(boolean need) void
setSSLParameters
(SSLParameters sslParameters) void
setUseClientMode
(boolean mode) (package private) void
setUseSessionTickets
(boolean useSessionTickets) This method enables session ticket support.void
setWantClientAuth
(boolean want) private static ApplicationProtocolSelector
toApplicationProtocolSelector
(BiFunction<SSLEngine, List<String>, String> selector) (package private) SSLEngineResult
unwrap
(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) (package private) SSLEngineResult
unwrap
(ByteBuffer[] srcs, ByteBuffer[] dsts) unwrap
(ByteBuffer src, ByteBuffer dst) unwrap
(ByteBuffer src, ByteBuffer[] dsts) unwrap
(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) wrap
(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer dst) wrap
(ByteBuffer[] byteBuffers, ByteBuffer byteBuffer) wrap
(ByteBuffer src, ByteBuffer dst) Methods inherited from class org.conscrypt.AbstractConscryptEngine
getHandshakeSession
-
Field Details
-
delegate
-
selector
-
-
Constructor Details
-
Java8EngineWrapper
Java8EngineWrapper(ConscryptEngine delegate)
-
-
Method Details
-
getDelegate
-
wrap
- Overrides:
wrap
in classSSLEngine
- Throws:
SSLException
-
getSSLParameters
- Overrides:
getSSLParameters
in classSSLEngine
-
setSSLParameters
- Overrides:
setSSLParameters
in classSSLEngine
-
setBufferAllocator
- Specified by:
setBufferAllocator
in classAbstractConscryptEngine
-
maxSealOverhead
int maxSealOverhead()Description copied from class:AbstractConscryptEngine
Returns the maximum overhead, in bytes, of sealing a record with SSL.- Specified by:
maxSealOverhead
in classAbstractConscryptEngine
-
setChannelIdEnabled
void setChannelIdEnabled(boolean enabled) Description copied from class:AbstractConscryptEngine
Enables/disables TLS Channel ID for this server engine.This method needs to be invoked before the handshake starts.
- Specified by:
setChannelIdEnabled
in classAbstractConscryptEngine
-
getChannelId
Description copied from class:AbstractConscryptEngine
Gets the TLS Channel ID for this server engine. Channel ID is only available once the handshake completes.- Specified by:
getChannelId
in classAbstractConscryptEngine
- Returns:
- channel ID or
null
if not available. - Throws:
SSLException
- if channel ID is available but could not be obtained.
-
setChannelIdPrivateKey
Description copied from class:AbstractConscryptEngine
Sets thePrivateKey
to be used for TLS Channel ID by this client engine.This method needs to be invoked before the handshake starts.
- Specified by:
setChannelIdPrivateKey
in classAbstractConscryptEngine
- Parameters:
privateKey
- private key (enables TLS Channel ID) ornull
for no key (disables TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).
-
setHandshakeListener
Description copied from class:AbstractConscryptEngine
Sets the listener for the completion of the TLS handshake.- Specified by:
setHandshakeListener
in classAbstractConscryptEngine
-
setHostname
Description copied from class:AbstractConscryptEngine
This method enables Server Name Indication (SNI) and overrides thePeerInfoProvider
supplied during engine creation.- Specified by:
setHostname
in classAbstractConscryptEngine
-
getHostname
String getHostname()Description copied from class:AbstractConscryptEngine
Returns the hostname fromAbstractConscryptEngine.setHostname(String)
or supplied by thePeerInfoProvider
upon creation. No DNS resolution is attempted before returning the hostname.- Specified by:
getHostname
in classAbstractConscryptEngine
-
getPeerHost
- Specified by:
getPeerHost
in classAbstractConscryptEngine
-
getPeerPort
public int getPeerPort()- Specified by:
getPeerPort
in classAbstractConscryptEngine
-
beginHandshake
- Specified by:
beginHandshake
in classSSLEngine
- Throws:
SSLException
-
closeInbound
- Specified by:
closeInbound
in classSSLEngine
- Throws:
SSLException
-
closeOutbound
public void closeOutbound()- Specified by:
closeOutbound
in classSSLEngine
-
getDelegatedTask
- Specified by:
getDelegatedTask
in classSSLEngine
-
getEnabledCipherSuites
- Specified by:
getEnabledCipherSuites
in classSSLEngine
-
getEnabledProtocols
- Specified by:
getEnabledProtocols
in classSSLEngine
-
getEnableSessionCreation
public boolean getEnableSessionCreation()- Specified by:
getEnableSessionCreation
in classSSLEngine
-
getHandshakeStatus
- Specified by:
getHandshakeStatus
in classSSLEngine
-
getNeedClientAuth
public boolean getNeedClientAuth()- Specified by:
getNeedClientAuth
in classSSLEngine
-
handshakeSession
SSLSession handshakeSession()Description copied from class:AbstractConscryptEngine
Work-around to allow this method to be called on older versions of Android.- Specified by:
handshakeSession
in classAbstractConscryptEngine
-
getSession
- Specified by:
getSession
in classSSLEngine
-
getSupportedCipherSuites
- Specified by:
getSupportedCipherSuites
in classSSLEngine
-
getSupportedProtocols
- Specified by:
getSupportedProtocols
in classSSLEngine
-
getUseClientMode
public boolean getUseClientMode()- Specified by:
getUseClientMode
in classSSLEngine
-
getWantClientAuth
public boolean getWantClientAuth()- Specified by:
getWantClientAuth
in classSSLEngine
-
isInboundDone
public boolean isInboundDone()- Specified by:
isInboundDone
in classSSLEngine
-
isOutboundDone
public boolean isOutboundDone()- Specified by:
isOutboundDone
in classSSLEngine
-
setEnabledCipherSuites
- Specified by:
setEnabledCipherSuites
in classSSLEngine
-
setEnabledProtocols
- Specified by:
setEnabledProtocols
in classSSLEngine
-
setEnableSessionCreation
public void setEnableSessionCreation(boolean flag) - Specified by:
setEnableSessionCreation
in classSSLEngine
-
setNeedClientAuth
public void setNeedClientAuth(boolean need) - Specified by:
setNeedClientAuth
in classSSLEngine
-
setUseClientMode
public void setUseClientMode(boolean mode) - Specified by:
setUseClientMode
in classSSLEngine
-
setWantClientAuth
public void setWantClientAuth(boolean want) - Specified by:
setWantClientAuth
in classSSLEngine
-
unwrap
- Specified by:
unwrap
in classAbstractConscryptEngine
- Throws:
SSLException
-
unwrap
- Specified by:
unwrap
in classAbstractConscryptEngine
- Throws:
SSLException
-
unwrap
public SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) throws SSLException - Specified by:
unwrap
in classAbstractConscryptEngine
- Throws:
SSLException
-
unwrap
- Specified by:
unwrap
in classAbstractConscryptEngine
- Throws:
SSLException
-
unwrap
SSLEngineResult unwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException - Specified by:
unwrap
in classAbstractConscryptEngine
- Throws:
SSLException
-
wrap
- Specified by:
wrap
in classAbstractConscryptEngine
- Throws:
SSLException
-
wrap
public SSLEngineResult wrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer dst) throws SSLException - Specified by:
wrap
in classAbstractConscryptEngine
- Throws:
SSLException
-
setUseSessionTickets
void setUseSessionTickets(boolean useSessionTickets) Description copied from class:AbstractConscryptEngine
This method enables session ticket support.- Specified by:
setUseSessionTickets
in classAbstractConscryptEngine
- Parameters:
useSessionTickets
- True to enable session tickets
-
setApplicationProtocols
Description copied from class:AbstractConscryptEngine
Sets the list of ALPN protocols.- Specified by:
setApplicationProtocols
in classAbstractConscryptEngine
- Parameters:
protocols
- the list of ALPN protocols
-
getApplicationProtocols
String[] getApplicationProtocols()Description copied from class:AbstractConscryptEngine
Returns the list of supported ALPN protocols.- Specified by:
getApplicationProtocols
in classAbstractConscryptEngine
-
getApplicationProtocol
- Specified by:
getApplicationProtocol
in classAbstractConscryptEngine
-
setApplicationProtocolSelector
Description copied from class:AbstractConscryptEngine
Sets an application-provided ALPN protocol selector. If provided, this will override the list of protocols set byAbstractConscryptEngine.setApplicationProtocols(String[])
.- Specified by:
setApplicationProtocolSelector
in classAbstractConscryptEngine
-
getTlsUnique
byte[] getTlsUnique()Description copied from class:AbstractConscryptEngine
Returns the tls-unique channel binding value for this connection, per RFC 5929. This will returnnull
if there is no such value available, such as if the handshake has not yet completed or this connection is closed.- Specified by:
getTlsUnique
in classAbstractConscryptEngine
-
exportKeyingMaterial
Description copied from class:AbstractConscryptEngine
Exports a value derived from the TLS master secret as described in RFC 5705.- Specified by:
exportKeyingMaterial
in classAbstractConscryptEngine
- Parameters:
label
- the label to use in calculating the exported value. This must be an ASCII-only string.context
- the application-specific context value to use in calculating the exported value. This may benull
to use no application context, which is treated differently than an empty byte array.length
- the number of bytes of keying material to return.- Returns:
- a value of the specified length, or
null
if the handshake has not yet completed or the connection has been closed. - Throws:
SSLException
- if the value could not be exported.
-
getHandshakeApplicationProtocol
- Specified by:
getHandshakeApplicationProtocol
in classAbstractConscryptEngine
-
setHandshakeApplicationProtocolSelector
public void setHandshakeApplicationProtocolSelector(BiFunction<SSLEngine, List<String>, String> selector) - Overrides:
setHandshakeApplicationProtocolSelector
in classSSLEngine
-
getHandshakeApplicationProtocolSelector
- Overrides:
getHandshakeApplicationProtocolSelector
in classSSLEngine
-
toApplicationProtocolSelector
private static ApplicationProtocolSelector toApplicationProtocolSelector(BiFunction<SSLEngine, List<String>, String> selector)
-