public class SSLParameters extends Object
SSLParameters can be created via the constructors in this class.
Objects can also be obtained using the getSSLParameters()
methods in
SSLSocket
and
SSLServerSocket
and
SSLEngine
or the
getDefaultSSLParameters()
and
getSupportedSSLParameters()
methods in SSLContext
.
SSLParameters can be applied to a connection via the methods
SSLSocket.setSSLParameters()
and
SSLServerSocket.setSSLParameters()
and SSLEngine.getSSLParameters()
.
SSLSocket
,
SSLEngine
,
SSLContext
Constructor and Description |
---|
SSLParameters()
Constructs SSLParameters.
|
SSLParameters(String[] cipherSuites)
Constructs SSLParameters from the specified array of ciphersuites.
|
SSLParameters(String[] cipherSuites,
String[] protocols)
Constructs SSLParameters from the specified array of ciphersuites
and protocols.
|
Modifier and Type | Method and Description |
---|---|
AlgorithmConstraints |
getAlgorithmConstraints()
Returns the cryptographic algorithm constraints.
|
String[] |
getCipherSuites()
Returns a copy of the array of ciphersuites or null if none
have been set.
|
String |
getEndpointIdentificationAlgorithm()
Gets the endpoint identification algorithm.
|
boolean |
getNeedClientAuth()
Returns whether client authentication should be required.
|
String[] |
getProtocols()
Returns a copy of the array of protocols or null if none
have been set.
|
boolean |
getWantClientAuth()
Returns whether client authentication should be requested.
|
void |
setAlgorithmConstraints(AlgorithmConstraints constraints)
Sets the cryptographic algorithm constraints, which will be used
in addition to any configured by the runtime environment.
|
void |
setCipherSuites(String[] cipherSuites)
Sets the array of ciphersuites.
|
void |
setEndpointIdentificationAlgorithm(String algorithm)
Sets the endpoint identification algorithm.
|
void |
setNeedClientAuth(boolean needClientAuth)
Sets whether client authentication should be required.
|
void |
setProtocols(String[] protocols)
Sets the array of protocols.
|
void |
setWantClientAuth(boolean wantClientAuth)
Sets whether client authentication should be requested.
|
public SSLParameters()
The cipherSuites and protocols values are set to null
,
wantClientAuth and needClientAuth are set to false
.
public SSLParameters(String[] cipherSuites)
Calling this constructor is equivalent to calling the no-args
constructor followed by
setCipherSuites(cipherSuites);
.
cipherSuites
- the array of ciphersuites (or null)public SSLParameters(String[] cipherSuites, String[] protocols)
Calling this constructor is equivalent to calling the no-args
constructor followed by
setCipherSuites(cipherSuites); setProtocols(protocols);
.
cipherSuites
- the array of ciphersuites (or null)protocols
- the array of protocols (or null)public String[] getCipherSuites()
public void setCipherSuites(String[] cipherSuites)
cipherSuites
- the array of ciphersuites (or null)public String[] getProtocols()
public void setProtocols(String[] protocols)
protocols
- the array of protocols (or null)public boolean getWantClientAuth()
public void setWantClientAuth(boolean wantClientAuth)
needClientAuth
flag.wantClientAuth
- whether client authentication should be requestedpublic boolean getNeedClientAuth()
public void setNeedClientAuth(boolean needClientAuth)
wantClientAuth
flag.needClientAuth
- whether client authentication should be requiredpublic AlgorithmConstraints getAlgorithmConstraints()
setAlgorithmConstraints(AlgorithmConstraints)
public void setAlgorithmConstraints(AlgorithmConstraints constraints)
If the constraints
parameter is non-null, every
cryptographic algorithm, key and algorithm parameters used in the
SSL/TLS handshake must be permitted by the constraints.
constraints
- the algorithm constraints (or null)public String getEndpointIdentificationAlgorithm()
X509ExtendedTrustManager
,
setEndpointIdentificationAlgorithm(String)
public void setEndpointIdentificationAlgorithm(String algorithm)
If the algorithm
parameter is non-null or non-empty, the
endpoint identification/verification procedures must be handled during
SSL/TLS handshaking. This is to prevent man-in-the-middle attacks.
algorithm
- The standard string name of the endpoint
identification algorithm (or null). See Appendix A in the
Java Cryptography Architecture API Specification & Reference
for information about standard algorithm names.X509ExtendedTrustManager
Submit a bug or feature
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
Copyright © 1993, 2011, Oracle and/or its affiliates. All rights reserved.
DRAFT ea-b138