Package org.conscrypt

Class AbstractConscryptEngine

java.lang.Object
javax.net.ssl.SSLEngine
org.conscrypt.AbstractConscryptEngine
Direct Known Subclasses:
ConscryptEngine, Java8EngineWrapper

abstract class AbstractConscryptEngine extends SSLEngine
Abstract base class for all Conscrypt SSLEngine classes.
  • Constructor Details

    • AbstractConscryptEngine

      AbstractConscryptEngine()
  • Method Details

    • setBufferAllocator

      abstract void setBufferAllocator(BufferAllocator bufferAllocator)
    • maxSealOverhead

      abstract int maxSealOverhead()
      Returns the maximum overhead, in bytes, of sealing a record with SSL.
    • setChannelIdEnabled

      abstract void setChannelIdEnabled(boolean enabled)
      Enables/disables TLS Channel ID for this server engine.

      This method needs to be invoked before the handshake starts.

      Throws:
      IllegalStateException - if this is a client engine or if the handshake has already started.
    • getChannelId

      abstract byte[] getChannelId() throws SSLException
      Gets the TLS Channel ID for this server engine. Channel ID is only available once the handshake completes.
      Returns:
      channel ID or null if not available.
      Throws:
      IllegalStateException - if this is a client engine or if the handshake has not yet completed.
      SSLException - if channel ID is available but could not be obtained.
    • setChannelIdPrivateKey

      abstract void setChannelIdPrivateKey(PrivateKey privateKey)
      Sets the PrivateKey to be used for TLS Channel ID by this client engine.

      This method needs to be invoked before the handshake starts.

      Parameters:
      privateKey - private key (enables TLS Channel ID) or null for no key (disables TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).
      Throws:
      IllegalStateException - if this is a server engine or if the handshake has already started.
    • setHandshakeListener

      abstract void setHandshakeListener(HandshakeListener handshakeListener)
      Sets the listener for the completion of the TLS handshake.
    • setHostname

      abstract void setHostname(String hostname)
      This method enables Server Name Indication (SNI) and overrides the PeerInfoProvider supplied during engine creation.
    • getHostname

      abstract String getHostname()
      Returns the hostname from setHostname(String) or supplied by the PeerInfoProvider upon creation. No DNS resolution is attempted before returning the hostname.
    • getPeerHost

      public abstract String getPeerHost()
      Overrides:
      getPeerHost in class SSLEngine
    • getPeerPort

      public abstract int getPeerPort()
      Overrides:
      getPeerPort in class SSLEngine
    • getHandshakeSession

      public final SSLSession getHandshakeSession()
      Overrides:
      getHandshakeSession in class SSLEngine
    • handshakeSession

      abstract SSLSession handshakeSession()
      Work-around to allow this method to be called on older versions of Android.
    • unwrap

      public abstract SSLEngineResult unwrap(ByteBuffer src, ByteBuffer dst) throws SSLException
      Overrides:
      unwrap in class SSLEngine
      Throws:
      SSLException
    • unwrap

      public abstract SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts) throws SSLException
      Overrides:
      unwrap in class SSLEngine
      Throws:
      SSLException
    • unwrap

      public abstract SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) throws SSLException
      Specified by:
      unwrap in class SSLEngine
      Throws:
      SSLException
    • unwrap

      abstract SSLEngineResult unwrap(ByteBuffer[] srcs, ByteBuffer[] dsts) throws SSLException
      Throws:
      SSLException
    • unwrap

      abstract SSLEngineResult unwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException
      Throws:
      SSLException
    • wrap

      public abstract SSLEngineResult wrap(ByteBuffer src, ByteBuffer dst) throws SSLException
      Overrides:
      wrap in class SSLEngine
      Throws:
      SSLException
    • wrap

      public abstract SSLEngineResult wrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer dst) throws SSLException
      Specified by:
      wrap in class SSLEngine
      Throws:
      SSLException
    • setUseSessionTickets

      abstract void setUseSessionTickets(boolean useSessionTickets)
      This method enables session ticket support.
      Parameters:
      useSessionTickets - True to enable session tickets
    • setApplicationProtocols

      abstract void setApplicationProtocols(String[] protocols)
      Sets the list of ALPN protocols.
      Parameters:
      protocols - the list of ALPN protocols
    • getApplicationProtocols

      abstract String[] getApplicationProtocols()
      Returns the list of supported ALPN protocols.
    • getApplicationProtocol

      public abstract String getApplicationProtocol()
      Overrides:
      getApplicationProtocol in class SSLEngine
    • getHandshakeApplicationProtocol

      public abstract String getHandshakeApplicationProtocol()
      Overrides:
      getHandshakeApplicationProtocol in class SSLEngine
    • setApplicationProtocolSelector

      abstract void setApplicationProtocolSelector(ApplicationProtocolSelector selector)
      Sets an application-provided ALPN protocol selector. If provided, this will override the list of protocols set by setApplicationProtocols(String[]).
    • getTlsUnique

      abstract byte[] getTlsUnique()
      Returns the tls-unique channel binding value for this connection, per RFC 5929. This will return null if there is no such value available, such as if the handshake has not yet completed or this connection is closed.
    • exportKeyingMaterial

      abstract byte[] exportKeyingMaterial(String label, byte[] context, int length) throws SSLException
      Exports a value derived from the TLS master secret as described in RFC 5705.
      Parameters:
      label - the label to use in calculating the exported value. This must be an ASCII-only string.
      context - the application-specific context value to use in calculating the exported value. This may be null to use no application context, which is treated differently than an empty byte array.
      length - the number of bytes of keying material to return.
      Returns:
      a value of the specified length, or null if the handshake has not yet completed or the connection has been closed.
      Throws:
      SSLException - if the value could not be exported.