Package org.conscrypt

Class OpenSSLEngineImpl

    • Method Detail

      • beginHandshake

        public void beginHandshake()
                    throws SSLException
        Description copied from class: SSLEngine
        Initiates a handshake on this engine.

        Calling this method is not needed for the initial handshake: it will be called by wrap or unwrap if the initial handshake has not been started yet.

        Specified by:
        beginHandshake in class SSLEngine
        Throws:
        SSLException - if starting the handshake fails.

      • closeInbound

        public void closeInbound()
                  throws SSLException
        Description copied from class: SSLEngine
        Notifies this engine instance that no more inbound network data will be sent to this engine.
        Specified by:
        closeInbound in class SSLEngine
        Throws:
        SSLException - if this engine did not receive a needed protocol specific close notification message from the peer.

      • closeOutbound

        public void closeOutbound()
        Description copied from class: SSLEngine
        Notifies this engine instance that no more outbound application data will be sent to this engine.
        Specified by:
        closeOutbound in class SSLEngine

      • getDelegatedTask

        public Runnable getDelegatedTask()
        Description copied from class: SSLEngine
        Returns a delegate task for this engine instance. Some engine operations may require the results of blocking or long running operations, and the SSLEngineResult instances returned by this engine may indicate that a delegated task result is needed. In this case the run method of the returned Runnable delegated task must be called.
        Specified by:
        getDelegatedTask in class SSLEngine
        Returns:
        a delegate task, or null if none are available.

      • getEnabledCipherSuites

        public String[] getEnabledCipherSuites()
        Description copied from class: SSLEngine
        Returns the SSL cipher suite names that are enabled in this engine instance.
        Specified by:
        getEnabledCipherSuites in class SSLEngine
        Returns:
        the SSL cipher suite names that are enabled in this engine instance.

      • getEnabledProtocols

        public String[] getEnabledProtocols()
        Description copied from class: SSLEngine
        Returns the protocol version names that are enabled in this engine instance.
        Specified by:
        getEnabledProtocols in class SSLEngine
        Returns:
        the protocol version names that are enabled in this engine instance.

      • getEnableSessionCreation

        public boolean getEnableSessionCreation()
        Description copied from class: SSLEngine
        Returns whether new SSL sessions may be established by this engine.
        Specified by:
        getEnableSessionCreation in class SSLEngine
        Returns:
        true if new session may be established, false if existing sessions must be reused.

      • getNeedClientAuth

        public boolean getNeedClientAuth()
        Description copied from class: SSLEngine
        Returns whether this engine instance will require client authentication.
        Specified by:
        getNeedClientAuth in class SSLEngine
        Returns:
        true if this engine will require client authentication, false if no client authentication is needed.

      • getSession

        public SSLSession getSession()
        Description copied from class: SSLEngine
        Returns the SSL session for this engine instance.
        Specified by:
        getSession in class SSLEngine
        Returns:
        the SSL session for this engine instance.

      • getUseClientMode

        public boolean getUseClientMode()
        Description copied from class: SSLEngine
        Returns whether this engine is set to act in client mode when handshaking.
        Specified by:
        getUseClientMode in class SSLEngine
        Returns:
        true if the engine is set to do handshaking in client mode.

      • getWantClientAuth

        public boolean getWantClientAuth()
        Description copied from class: SSLEngine
        Returns whether this engine will request client authentication.
        Specified by:
        getWantClientAuth in class SSLEngine
        Returns:
        true if client authentication will be requested, false otherwise.

      • isInboundDone

        public boolean isInboundDone()
        Description copied from class: SSLEngine
        Returns whether no more inbound data will be accepted by this engine.
        Specified by:
        isInboundDone in class SSLEngine
        Returns:
        true if no more inbound data will be accepted by this engine, false otherwise.

      • isOutboundDone

        public boolean isOutboundDone()
        Description copied from class: SSLEngine
        Returns whether no more outbound data will be produced by this engine.
        Specified by:
        isOutboundDone in class SSLEngine
        Returns:
        true if no more outbound data will be producted by this engine, otherwise false.

      • setEnabledCipherSuites

        public void setEnabledCipherSuites​(String[] suites)
        Description copied from class: SSLEngine
        Sets the SSL cipher suite names that should be enabled in this engine instance. Only cipher suites listed by getSupportedCipherSuites() are allowed.
        Specified by:
        setEnabledCipherSuites in class SSLEngine
        Parameters:
        suites - the SSL cipher suite names to be enabled.

      • setEnabledProtocols

        public void setEnabledProtocols​(String[] protocols)
        Description copied from class: SSLEngine
        Sets the protocol version names that should be enabled in this engine instance. Only protocols listed by getSupportedProtocols() are allowed.
        Specified by:
        setEnabledProtocols in class SSLEngine
        Parameters:
        protocols - the protocol version names to be enabled.

      • setEnableSessionCreation

        public void setEnableSessionCreation​(boolean flag)
        Description copied from class: SSLEngine
        Sets whether new SSL sessions may be established by this engine instance.
        Specified by:
        setEnableSessionCreation in class SSLEngine
        Parameters:
        flag - true if new SSL sessions may be established, false if existing SSL sessions must be reused.

      • setNeedClientAuth

        public void setNeedClientAuth​(boolean need)
        Description copied from class: SSLEngine
        Sets whether this engine must require client authentication. The client authentication is one of:
        • authentication required
        • authentication requested
        • no authentication needed
        This method overrides the setting of SSLEngine.setWantClientAuth(boolean).
        Specified by:
        setNeedClientAuth in class SSLEngine
        Parameters:
        need - true if client authentication is required, false if no authentication is needed.

      • setUseClientMode

        public void setUseClientMode​(boolean mode)
        Description copied from class: SSLEngine
        Sets whether this engine should act in client (or server) mode when handshaking.
        Specified by:
        setUseClientMode in class SSLEngine
        Parameters:
        mode - true if this engine should act in client mode, false if not.

      • setWantClientAuth

        public void setWantClientAuth​(boolean want)
        Description copied from class: SSLEngine
        Sets whether this engine should request client authentication. The client authentication is one of the following:
        • authentication required
        • authentication requested
        • no authentication needed
        This method overrides the setting of SSLEngine.setNeedClientAuth(boolean).
        Specified by:
        setWantClientAuth in class SSLEngine
        Parameters:
        want - true if client authentication should be requested, false if no authentication is needed.

      • unwrap

        public SSLEngineResult unwrap​(ByteBuffer src,
                              ByteBuffer[] dsts,
                              int offset,
                              int length)
                       throws SSLException
        Description copied from class: SSLEngine
        Decodes the incoming network data buffer into application data buffers. If a handshake has not been started yet, it will automatically be started.
        Specified by:
        unwrap in class SSLEngine
        Parameters:
        src - the buffer with incoming network data
        dsts - the array of destination buffers for incoming application data.
        offset - the offset in the array of destination buffers to which data is to be transferred.
        length - the maximum number of destination buffers to be used.
        Returns:
        the result object of this operation.
        Throws:
        SSLException - if a problem occurred while processing the data.

      • wrap

        public SSLEngineResult wrap​(ByteBuffer[] srcs,
                            int offset,
                            int length,
                            ByteBuffer dst)
                     throws SSLException
        Description copied from class: SSLEngine
        Encodes the outgoing application data buffers into the network data buffer. If a handshake has not been started yet, it will automatically be started.
        Specified by:
        wrap in class SSLEngine
        Parameters:
        srcs - the array of source buffers of outgoing application data.
        offset - the offset in the array of source buffers from which data is to be retrieved.
        length - the maximum number of source buffers to be used.
        dst - the destination buffer for network data.
        Returns:
        the result object of this operation.
        Throws:
        SSLException - if a problem occurred while processing the data.

      • clientPSKKeyRequested

        public int clientPSKKeyRequested​(String identityHint,
                                 byte[] identity,
                                 byte[] key)
        Description copied from interface: NativeCrypto.SSLHandshakeCallbacks
        Gets the key to be used in client mode for this connection in Pre-Shared Key (PSK) key exchange.
        Specified by:
        clientPSKKeyRequested in interface NativeCrypto.SSLHandshakeCallbacks
        Parameters:
        identityHint - PSK identity hint provided by the server or null if no hint provided.
        identity - buffer to be populated with PSK identity (NULL-terminated modified UTF-8) by this method. This identity will be provided to the server.
        key - buffer to be populated with key material by this method.
        Returns:
        number of bytes this method stored in the key buffer or 0 if an error occurred in which case the handshake will be aborted.

      • serverPSKKeyRequested

        public int serverPSKKeyRequested​(String identityHint,
                                 String identity,
                                 byte[] key)
        Description copied from interface: NativeCrypto.SSLHandshakeCallbacks
        Gets the key to be used in server mode for this connection in Pre-Shared Key (PSK) key exchange.
        Specified by:
        serverPSKKeyRequested in interface NativeCrypto.SSLHandshakeCallbacks
        Parameters:
        identityHint - PSK identity hint provided by this server to the client or null if no hint was provided.
        identity - PSK identity provided by the client.
        key - buffer to be populated with key material by this method.
        Returns:
        number of bytes this method stored in the key buffer or 0 if an error occurred in which case the handshake will be aborted.

      • finalize

        protected void finalize()
                 throws Throwable
        Description copied from class: Object
        Invoked when the garbage collector has detected that this instance is no longer reachable. The default implementation does nothing, but this method can be overridden to free resources.

        Note that objects that override finalize are significantly more expensive than objects that don't. Finalizers may be run a long time after the object is no longer reachable, depending on memory pressure, so it's a bad idea to rely on them for cleanup. Note also that finalizers are run on a single VM-wide finalizer thread, so doing blocking work in a finalizer is a bad idea. A finalizer is usually only necessary for a class that has a native peer and needs to call a native method to destroy that peer. Even then, it's better to provide an explicit close method (and implement Closeable), and insist that callers manually dispose of instances. This works well for something like files, but less well for something like a BigInteger where typical calling code would have to deal with lots of temporaries. Unfortunately, code that creates lots of temporaries is the worst kind of code from the point of view of the single finalizer thread.

        If you must use finalizers, consider at least providing your own ReferenceQueue and having your own thread process that queue.

        Unlike constructors, finalizers are not automatically chained. You are responsible for calling super.finalize() yourself.

        Uncaught exceptions thrown by finalizers are ignored and do not terminate the finalizer thread. See Effective Java Item 7, "Avoid finalizers" for more.

        Overrides:
        finalize in class Object
        Throws:
        Throwable