org.conscrypt

Class Conscrypt.Engines

java.lang.Object

org.conscrypt.Conscrypt.Engines

Enclosing class:

Conscrypt

public static final class Conscrypt.Engines
extends Object

Utility methods for configuring Conscrypt engines.

Method Summary

Modifier and Type	Method and Description
static String	getAlpnSelectedProtocol(SSLEngine engine) Returns the ALPN protocol agreed upon by client and server.
static byte[]	getChannelId(SSLEngine engine) Gets the TLS Channel ID for the given server-side engine.
static String	getHostname(SSLEngine engine) Returns either the hostname supplied during socket creation or via Conscrypt.Engines.setHostname(SSLEngine, String).
static boolean	isConscrypt(SSLEngine engine) Indicates whether the given engine is a Conscrypt engine.
static int	maxSealOverhead(SSLEngine engine) Returns the maximum overhead, in bytes, of sealing a record with SSL.
static void	setAlpnProtocols(SSLEngine engine, String[] alpnProtocols) Sets the list of ALPN protocols supported by the engine.
static void	setChannelIdEnabled(SSLEngine engine, boolean enabled) Enables/disables TLS Channel ID for the given server-side engine.
static void	setChannelIdPrivateKey(SSLEngine engine, PrivateKey privateKey) Sets the PrivateKey to be used for TLS Channel ID by this client engine.
static void	setHandshakeListener(SSLEngine engine, HandshakeListener handshakeListener) Sets a listener on the given engine for completion of the TLS handshake
static void	setHostname(SSLEngine engine, String hostname) This method enables Server Name Indication (SNI) and overrides the hostname supplied during engine creation.
static void	setUseSessionTickets(SSLEngine engine, boolean useSessionTickets) This method enables session ticket support.
static SSLEngineResult	unwrap(SSLEngine engine, ByteBuffer[] srcs, ByteBuffer[] dsts) Extended unwrap method for multiple source and destination buffers.
static SSLEngineResult	unwrap(SSLEngine engine, ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) Exteneded unwrap method for multiple source and destination buffers.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

isConscrypt

public static boolean isConscrypt(SSLEngine engine)

Indicates whether the given engine is a Conscrypt engine.

setHostname

public static void setHostname(SSLEngine engine,
                               String hostname)

This method enables Server Name Indication (SNI) and overrides the hostname supplied during engine creation.

Parameters:

engine - the engine

hostname - the desired SNI hostname, or null to disable

getHostname

public static String getHostname(SSLEngine engine)

Returns either the hostname supplied during socket creation or via Conscrypt.Engines.setHostname(SSLEngine, String). No DNS resolution is attempted before returning the hostname.

maxSealOverhead

public static int maxSealOverhead(SSLEngine engine)

Returns the maximum overhead, in bytes, of sealing a record with SSL.

setHandshakeListener

public static void setHandshakeListener(SSLEngine engine,
                                        HandshakeListener handshakeListener)

Sets a listener on the given engine for completion of the TLS handshake

setChannelIdEnabled

public static void setChannelIdEnabled(SSLEngine engine,
                                       boolean enabled)

Enables/disables TLS Channel ID for the given server-side engine.

This method needs to be invoked before the handshake starts.

Parameters:

engine - the engine

enabled - Whether to enable channel ID.

Throws:

IllegalStateException - if this is a client engine or if the handshake has already started.

getChannelId

public static byte[] getChannelId(SSLEngine engine)
                           throws SSLException

Gets the TLS Channel ID for the given server-side engine. Channel ID is only available once the handshake completes.

Parameters:

engine - the engine

Returns:

channel ID or null if not available.

Throws:

IllegalStateException - if this is a client engine or if the handshake has not yet completed.

SSLException - if channel ID is available but could not be obtained.

setChannelIdPrivateKey

public static void setChannelIdPrivateKey(SSLEngine engine,
                                          PrivateKey privateKey)

Sets the PrivateKey to be used for TLS Channel ID by this client engine.

This method needs to be invoked before the handshake starts.

Parameters:

engine - the engine

privateKey - private key (enables TLS Channel ID) or null for no key (disables TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).

Throws:

IllegalStateException - if this is a server engine or if the handshake has already started.

unwrap

public static SSLEngineResult unwrap(SSLEngine engine,
                                     ByteBuffer[] srcs,
                                     ByteBuffer[] dsts)
                              throws SSLException

Extended unwrap method for multiple source and destination buffers.

Parameters:

engine - the target engine for the unwrap

srcs - the source buffers

dsts - the destination buffers

Returns:

the result of the unwrap operation

Throws:

SSLException - thrown if an SSL error occurred

unwrap

public static SSLEngineResult unwrap(SSLEngine engine,
                                     ByteBuffer[] srcs,
                                     int srcsOffset,
                                     int srcsLength,
                                     ByteBuffer[] dsts,
                                     int dstsOffset,
                                     int dstsLength)
                              throws SSLException

Exteneded unwrap method for multiple source and destination buffers.

Parameters:

engine - the target engine for the unwrap.

srcs - the source buffers

srcsOffset - the offset in the srcs array of the first source buffer

srcsLength - the number of source buffers starting at srcsOffset

dsts - the destination buffers

dstsOffset - the offset in the dsts array of the first destination buffer

dstsLength - the number of destination buffers starting at dstsOffset

Returns:

the result of the unwrap operation

Throws:

SSLException - thrown if an SSL error occurred

setUseSessionTickets

public static void setUseSessionTickets(SSLEngine engine,
                                        boolean useSessionTickets)

This method enables session ticket support.

Parameters:

engine - the engine

useSessionTickets - True to enable session tickets

setAlpnProtocols

public static void setAlpnProtocols(SSLEngine engine,
                                    String[] alpnProtocols)

Sets the list of ALPN protocols supported by the engine.

Parameters:

engine - the engine

alpnProtocols - the list of ALPN protocols

getAlpnSelectedProtocol

public static String getAlpnSelectedProtocol(SSLEngine engine)

Returns the ALPN protocol agreed upon by client and server.

Parameters:

engine - the engine

Returns:

the selected protocol or null if no protocol was agreed upon.