Most visited

Recently visited

Results for

Added in API level 9

Summary: Ctors | Methods | Inherited Methods | [Expand All]

SSLParameters

public class SSLParameters
extends Object

java.lang.Object
↳	javax.net.ssl.SSLParameters

Encapsulates parameters for an SSL/TLS connection. The parameters are the list of ciphersuites to be accepted in an SSL/TLS handshake, the list of protocols to be allowed, the endpoint identification algorithm during SSL/TLS handshaking, the Server Name Indication (SNI), the algorithm constraints and whether SSL/TLS servers should request or require client authentication, etc.

SSLParameters can be created via the constructors in this class. Objects can also be obtained using the getSSLParameters() methods in SSLSocket and SSLServerSocket and SSLEngine or the getDefaultSSLParameters() and getSupportedSSLParameters() methods in SSLContext.

SSLParameters can be applied to a connection via the methods SSLSocket.setSSLParameters() and SSLServerSocket.setSSLParameters() and SSLEngine.setSSLParameters().

See also:

Summary

Public constructors
`SSLParameters()` Constructs SSLParameters.
`SSLParameters(String[] cipherSuites)` Constructs SSLParameters from the specified array of ciphersuites.
`SSLParameters(String[] cipherSuites, String[] protocols)` Constructs SSLParameters from the specified array of ciphersuites and protocols.

Public methods
`AlgorithmConstraints`	`getAlgorithmConstraints()` Returns the cryptographic algorithm constraints.
`String[]`	`getCipherSuites()` Returns a copy of the array of ciphersuites or null if none have been set.
`String`	`getEndpointIdentificationAlgorithm()` Gets the endpoint identification algorithm.
`boolean`	`getNeedClientAuth()` Returns whether client authentication should be required.
`String[]`	`getProtocols()` Returns a copy of the array of protocols or null if none have been set.
`final Collection<SNIMatcher>`	`getSNIMatchers()` Returns a `Collection` containing all `SNIMatcher`s of the Server Name Indication (SNI) parameter, or null if none has been set.
`final List<SNIServerName>`	`getServerNames()` Returns a `List` containing all `SNIServerName`s of the Server Name Indication (SNI) parameter, or null if none has been set.
`final boolean`	`getUseCipherSuitesOrder()` Returns whether the local cipher suites preference should be honored.
`boolean`	`getWantClientAuth()` Returns whether client authentication should be requested.
`void`	`setAlgorithmConstraints(AlgorithmConstraints constraints)` Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment.
`void`	`setCipherSuites(String[] cipherSuites)` Sets the array of ciphersuites.
`void`	`setEndpointIdentificationAlgorithm(String algorithm)` Sets the endpoint identification algorithm.
`void`	`setNeedClientAuth(boolean needClientAuth)` Sets whether client authentication should be required.
`void`	`setProtocols(String[] protocols)` Sets the array of protocols.
`final void`	`setSNIMatchers(Collection<SNIMatcher> matchers)` Sets the `SNIMatcher`s of the Server Name Indication (SNI) parameter.
`final void`	`setServerNames(List<SNIServerName> serverNames)` Sets the desired `SNIServerName`s of the Server Name Indication (SNI) parameter.
`final void`	`setUseCipherSuitesOrder(boolean honorOrder)` Sets whether the local cipher suites preference should be honored.
`void`	`setWantClientAuth(boolean wantClientAuth)` Sets whether client authentication should be requested.

Inherited methods

From class


  
    java.lang.Object

`Object`	`clone()` Creates and returns a copy of this object.
`boolean`	`equals(Object obj)` Indicates whether some other object is "equal to" this one.
`void`	`finalize()` Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.
`final Class<?>`	`getClass()` Returns the runtime class of this `Object`.
`int`	`hashCode()` Returns a hash code value for the object.
`final void`	`notify()` Wakes up a single thread that is waiting on this object's monitor.
`final void`	`notifyAll()` Wakes up all threads that are waiting on this object's monitor.
`String`	`toString()` Returns a string representation of the object.
`final void`	`wait(long millis, int nanos)` Causes the current thread to wait until another thread invokes the `notify()` method or the `notifyAll()` method for this object, or some other thread interrupts the current thread, or a certain amount of real time has elapsed.
`final void`	`wait(long millis)` Causes the current thread to wait until either another thread invokes the `notify()` method or the `notifyAll()` method for this object, or a specified amount of time has elapsed.
`final void`	`wait()` Causes the current thread to wait until another thread invokes the `notify()` method or the `notifyAll()` method for this object.

Public constructors

SSLParameters

Added in API level 9

SSLParameters ()

Constructs SSLParameters.

The values of cipherSuites, protocols, cryptographic algorithm constraints, endpoint identification algorithm, server names and server name matchers are set to null, useCipherSuitesOrder, wantClientAuth and needClientAuth are set to false.

SSLParameters

Added in API level 9

SSLParameters (String[] cipherSuites)

Constructs SSLParameters from the specified array of ciphersuites.

Calling this constructor is equivalent to calling the no-args constructor followed by setCipherSuites(cipherSuites);.

Parameters
`cipherSuites`	`String`: the array of ciphersuites (or null)

SSLParameters

Added in API level 9

SSLParameters (String[] cipherSuites, 
                String[] protocols)

Constructs SSLParameters from the specified array of ciphersuites and protocols.

Calling this constructor is equivalent to calling the no-args constructor followed by setCipherSuites(cipherSuites); setProtocols(protocols);.

Parameters
`cipherSuites`	`String`: the array of ciphersuites (or null)
`protocols`	`String`: the array of protocols (or null)

Public methods

getAlgorithmConstraints

Added in API level 24

AlgorithmConstraints getAlgorithmConstraints ()

Returns the cryptographic algorithm constraints.

Returns
`AlgorithmConstraints`	the cryptographic algorithm constraints, or null if the constraints have not been set

See also:

setAlgorithmConstraints(AlgorithmConstraints)

getCipherSuites

Added in API level 9

String[] getCipherSuites ()

Returns a copy of the array of ciphersuites or null if none have been set.

Returns
`String[]`	a copy of the array of ciphersuites or null if none have been set.

getEndpointIdentificationAlgorithm

Added in API level 24

String getEndpointIdentificationAlgorithm ()

Gets the endpoint identification algorithm.

Returns
`String`	the endpoint identification algorithm, or null if none has been set.

See also:

getNeedClientAuth

Added in API level 9

boolean getNeedClientAuth ()

Returns whether client authentication should be required.

Returns
`boolean`	whether client authentication should be required.

getProtocols

Added in API level 9

String[] getProtocols ()

Returns a copy of the array of protocols or null if none have been set.

Returns
`String[]`	a copy of the array of protocols or null if none have been set.

getSNIMatchers

Added in API level 24

Collection<SNIMatcher> getSNIMatchers ()

Returns a Collection containing all SNIMatchers of the Server Name Indication (SNI) parameter, or null if none has been set.

This method is only useful to SSLSockets or SSLEngines operating in server mode.

For better interoperability, providers generally will not define default matchers so that by default servers will ignore the SNI extension and continue the handshake.

Returns
`Collection<SNIMatcher>`	null or an immutable collection of non-null `SNIMatcher`s

See also:

getServerNames

Added in API level 24

List<SNIServerName> getServerNames ()

Returns a List containing all SNIServerNames of the Server Name Indication (SNI) parameter, or null if none has been set.

This method is only useful to SSLSockets or SSLEngines operating in client mode.

For SSL/TLS connections, the underlying SSL/TLS provider may specify a default value for a certain server name type. In client mode, it is recommended that, by default, providers should include the server name indication whenever the server can be located by a supported server name type.

It is recommended that providers initialize default Server Name Indications when creating SSLSocket/SSLEngines. In the following examples, the server name could be represented by an instance of SNIHostName which has been initialized with the hostname "www.example.com" and type SNI_HOST_NAME.

     Socket socket =
         sslSocketFactory.createSocket("www.example.com", 443);

     SSLEngine engine =
         sslContext.createSSLEngine("www.example.com", 443);

Returns
`List<SNIServerName>`	null or an immutable list of non-null `SNIServerName`s

See also:

List
setServerNames(List)

getUseCipherSuitesOrder

Added in API level 24

boolean getUseCipherSuitesOrder ()

Returns whether the local cipher suites preference should be honored.

Returns
`boolean`	whether local cipher suites order in `#getCipherSuites` should be honored during SSL/TLS handshaking.

See also:

setUseCipherSuitesOrder(boolean)

getWantClientAuth

Added in API level 9

boolean getWantClientAuth ()

Returns whether client authentication should be requested.

Returns
`boolean`	whether client authentication should be requested.

setAlgorithmConstraints

Added in API level 24

void setAlgorithmConstraints (AlgorithmConstraints constraints)

Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment.

If the constraints parameter is non-null, every cryptographic algorithm, key and algorithm parameters used in the SSL/TLS handshake must be permitted by the constraints.

Parameters
`constraints`	`AlgorithmConstraints`: the algorithm constraints (or null)

setCipherSuites

Added in API level 9

void setCipherSuites (String[] cipherSuites)

Sets the array of ciphersuites.

Parameters
`cipherSuites`	`String`: the array of ciphersuites (or null)

setEndpointIdentificationAlgorithm

Added in API level 24

void setEndpointIdentificationAlgorithm (String algorithm)

Sets the endpoint identification algorithm.

If the algorithm parameter is non-null or non-empty, the endpoint identification/verification procedures must be handled during SSL/TLS handshaking. This is to prevent man-in-the-middle attacks.

Parameters
`algorithm`	`String`: The standard string name of the endpoint identification algorithm (or null). See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names.

See also:

X509ExtendedTrustManager

setNeedClientAuth

Added in API level 9

void setNeedClientAuth (boolean needClientAuth)

Sets whether client authentication should be required. Calling this method clears the wantClientAuth flag.

Parameters
`needClientAuth`	`boolean`: whether client authentication should be required

setProtocols

Added in API level 9

void setProtocols (String[] protocols)

Sets the array of protocols.

Parameters
`protocols`	`String`: the array of protocols (or null)

setSNIMatchers

Added in API level 24

void setSNIMatchers (Collection<SNIMatcher> matchers)

Sets the SNIMatchers of the Server Name Indication (SNI) parameter.

This method is only useful to SSLSockets or SSLEngines operating in server mode.

Note that the matchers collection is cloned to protect against subsequent modification.

Parameters
`matchers`	`Collection`: the collection of `SNIMatcher`s (or null)

Throws
`NullPointerException`	if the `matchers` contains `null` element
`IllegalArgumentException`	if the `matchers` contains more than one name of the same name type

See also:

setServerNames

Added in API level 24

void setServerNames (List<SNIServerName> serverNames)

Sets the desired SNIServerNames of the Server Name Indication (SNI) parameter.

This method is only useful to SSLSockets or SSLEngines operating in client mode.

Note that the serverNames list is cloned to protect against subsequent modification.

Parameters
`serverNames`	`List`: the list of desired `SNIServerName`s (or null)

Throws
`NullPointerException`	if the `serverNames` contains `null` element
`IllegalArgumentException`	if the `serverNames` contains more than one name of the same name type

See also:

setUseCipherSuitesOrder

Added in API level 24

void setUseCipherSuitesOrder (boolean honorOrder)

Sets whether the local cipher suites preference should be honored.

Parameters
`honorOrder`	`boolean`: whether local cipher suites order in `#getCipherSuites` should be honored during SSL/TLS handshaking.

See also:

getUseCipherSuitesOrder()

setWantClientAuth

Added in API level 9

void setWantClientAuth (boolean wantClientAuth)

Sets whether client authentication should be requested. Calling this method clears the needClientAuth flag.

Parameters
`wantClientAuth`	`boolean`: whether client authentication should be requested

Interfaces

Classes

Enums

Exceptions

Most visited

Recently visited

Results for

SSLParameters

Summary

Public constructors

Public methods

Inherited methods

Public constructors

SSLParameters

SSLParameters

SSLParameters

Public methods

getAlgorithmConstraints

getCipherSuites

getEndpointIdentificationAlgorithm

getNeedClientAuth

getProtocols

getSNIMatchers

getServerNames

getUseCipherSuitesOrder

getWantClientAuth

setAlgorithmConstraints

setCipherSuites

setEndpointIdentificationAlgorithm

setNeedClientAuth

setProtocols

setSNIMatchers

setServerNames

setUseCipherSuitesOrder

setWantClientAuth