SSL client socket.
SSL2_DES_192_EDE3_CBC_WITH_MD5
public static final int SSL2_DES_192_EDE3_CBC_WITH_MD5
SSL2_DES_64_CBC_WITH_MD5
public static final int SSL2_DES_64_CBC_WITH_MD5
SSL2_IDEA_128_CBC_WITH_MD5
public static final int SSL2_IDEA_128_CBC_WITH_MD5
SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
public static final int SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
SSL2_RC2_128_CBC_WITH_MD5
public static final int SSL2_RC2_128_CBC_WITH_MD5
SSL2_RC4_128_EXPORT40_WITH_MD5
public static final int SSL2_RC4_128_EXPORT40_WITH_MD5
SSL2_RC4_128_WITH_MD5
public static final int SSL2_RC4_128_WITH_MD5
SSL3_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
SSL3_DHE_DSS_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL3_DHE_DSS_WITH_DES_CBC_SHA
public static final int SSL3_DHE_DSS_WITH_DES_CBC_SHA
SSL3_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL3_DHE_RSA_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL3_DHE_RSA_WITH_DES_CBC_SHA
public static final int SSL3_DHE_RSA_WITH_DES_CBC_SHA
SSL3_DH_ANON_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_DH_ANON_EXPORT_WITH_DES40_CBC_SHA
SSL3_DH_ANON_EXPORT_WITH_RC4_40_MD5
public static final int SSL3_DH_ANON_EXPORT_WITH_RC4_40_MD5
SSL3_DH_ANON_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_DH_ANON_WITH_3DES_EDE_CBC_SHA
SSL3_DH_ANON_WITH_DES_CBC_SHA
public static final int SSL3_DH_ANON_WITH_DES_CBC_SHA
SSL3_DH_ANON_WITH_RC4_128_MD5
public static final int SSL3_DH_ANON_WITH_RC4_128_MD5
SSL3_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
SSL3_DH_DSS_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_DH_DSS_WITH_3DES_EDE_CBC_SHA
SSL3_DH_DSS_WITH_DES_CBC_SHA
public static final int SSL3_DH_DSS_WITH_DES_CBC_SHA
SSL3_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL3_DH_RSA_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_DH_RSA_WITH_3DES_EDE_CBC_SHA
SSL3_DH_RSA_WITH_DES_CBC_SHA
public static final int SSL3_DH_RSA_WITH_DES_CBC_SHA
SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA
public static final int SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA
SSL3_FORTEZZA_DMS_WITH_NULL_SHA
public static final int SSL3_FORTEZZA_DMS_WITH_NULL_SHA
SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA
public static final int SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA
SSL3_RSA_EXPORT_WITH_DES40_CBC_SHA
public static final int SSL3_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5
public static final int SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5
SSL3_RSA_EXPORT_WITH_RC4_40_MD5
public static final int SSL3_RSA_EXPORT_WITH_RC4_40_MD5
SSL3_RSA_WITH_3DES_EDE_CBC_SHA
public static final int SSL3_RSA_WITH_3DES_EDE_CBC_SHA
SSL3_RSA_WITH_DES_CBC_SHA
public static final int SSL3_RSA_WITH_DES_CBC_SHA
SSL3_RSA_WITH_IDEA_CBC_SHA
public static final int SSL3_RSA_WITH_IDEA_CBC_SHA
SSL3_RSA_WITH_NULL_MD5
public static final int SSL3_RSA_WITH_NULL_MD5
SSL3_RSA_WITH_NULL_SHA
public static final int SSL3_RSA_WITH_NULL_SHA
SSL3_RSA_WITH_RC4_128_MD5
public static final int SSL3_RSA_WITH_RC4_128_MD5
SSL3_RSA_WITH_RC4_128_SHA
public static final int SSL3_RSA_WITH_RC4_128_SHA
SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
public static final int SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
SSL_RSA_FIPS_WITH_DES_CBC_SHA
public static final int SSL_RSA_FIPS_WITH_DES_CBC_SHA
TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
public static final int TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA
public static final int TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
public static final int TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
public static final int TLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_RC4_128_SHA
public static final int TLS_DHE_DSS_WITH_RC4_128_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
public static final int TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
public static final int TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DH_ANON_WITH_AES_128_CBC_SHA
public static final int TLS_DH_ANON_WITH_AES_128_CBC_SHA
TLS_DH_ANON_WITH_AES_256_CBC_SHA
public static final int TLS_DH_ANON_WITH_AES_256_CBC_SHA
TLS_DH_DSS_WITH_AES_128_CBC_SHA
public static final int TLS_DH_DSS_WITH_AES_128_CBC_SHA
TLS_DH_DSS_WITH_AES_256_CBC_SHA
public static final int TLS_DH_DSS_WITH_AES_256_CBC_SHA
TLS_DH_RSA_WITH_AES_128_CBC_SHA
public static final int TLS_DH_RSA_WITH_AES_128_CBC_SHA
TLS_DH_RSA_WITH_AES_256_CBC_SHA
public static final int TLS_DH_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
public static final int TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
public static final int TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
public static final int TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
public static final int TLS_RSA_WITH_AES_256_CBC_SHA
SSLSocket
public SSLSocket(InetAddress address,
int port)
throws IOException
Creates an SSL client socket and connects to the specified address and
port.
address
- The IP address to connect to.port
- The port to connect to.
SSLSocket
public SSLSocket(InetAddress address,
int port,
InetAddress localAddr,
int localPort)
throws IOException
Creates an SSL client socket and connects to the specified address and
port. Binds to the given local address and port.
address
- The IP address to connect to.port
- The port to connect to.localAddr
- The local address to bind to. It can be null, in which
case an unspecified local address will be chosen.localPort
- The local port to bind to. If 0, a random port will be
assigned to the socket.
SSLSocket
public SSLSocket(InetAddress address,
int port,
InetAddress localAddr,
int localPort,
boolean stream,
SSLCertificateApprovalCallback certApprovalCallback,
SSLClientCertificateSelectionCallback clientCertSelectionCallback)
throws IOException
As of JSS 3.0. The stream parameter is ignored, because
only stream sockets are supported.
Creates an SSL client socket and connects to the specified host and
port. Binds to the given local address and port. Installs the given
callbacks for certificate approval and client certificate selection.
port
- The port to connect to.localAddr
- The local address to bind to. It can be null, in which
case an unspecified local address will be chosen.localPort
- The local port to bind to. If 0, a random port will be
assigned to the socket.stream
- This parameter is ignored. All SSLSockets are stream
sockets.certApprovalCallback
- A callback that can be used to override
approval of the peer's certificate.clientCertSelectionCallback
- A callback to select the client
certificate to present to the peer.
SSLSocket
public SSLSocket(InetAddress address,
int port,
InetAddress localAddr,
int localPort,
SSLCertificateApprovalCallback certApprovalCallback,
SSLClientCertificateSelectionCallback clientCertSelectionCallback)
throws IOException
Creates an SSL client socket and connects to the specified address and
port. Binds to the given local address and port. Installs the given
callbacks for certificate approval and client certificate selection.
address
- The IP address to connect to.port
- The port to connect to.localAddr
- The local address to bind to. It can be null, in which
case an unspecified local address will be chosen.localPort
- The local port to bind to. If 0, a random port will be
assigned to the socket.certApprovalCallback
- A callback that can be used to override
approval of the peer's certificate.clientCertSelectionCallback
- A callback to select the client
certificate to present to the peer.
SSLSocket
public SSLSocket(String host,
int port)
throws UnknownHostException,
IOException
Creates an SSL client socket and connects to the specified host and
port.
host
- The hostname to connect to.port
- The port to connect to.
SSLSocket
public SSLSocket(String host,
int port,
InetAddress localAddr,
int localPort)
throws IOException
Creates an SSL client socket and connects to the specified host and
port. Binds to the given local address and port.
host
- The hostname to connect to.port
- The port to connect to.localAddr
- The local address to bind to. It can be null, in which
case an unspecified local address will be chosen.localPort
- The local port to bind to. If 0, a random port will be
assigned to the socket.
SSLSocket
public SSLSocket(String host,
int port,
InetAddress localAddr,
int localPort,
SSLCertificateApprovalCallback certApprovalCallback,
SSLClientCertificateSelectionCallback clientCertSelectionCallback)
throws IOException
Creates an SSL client socket and connects to the specified host and
port. Binds to the given local address and port. Installs the given
callbacks for certificate approval and client certificate selection.
host
- The hostname to connect to.port
- The port to connect to.localAddr
- The local address to bind to. It can be null, in which
case an unspecified local address will be chosen.localPort
- The local port to bind to. If 0, a random port will be
assigned to the socket.certApprovalCallback
- A callback that can be used to override
approval of the peer's certificate.clientCertSelectionCallback
- A callback to select the client
certificate to present to the peer.
SSLSocket
public SSLSocket(java.net.Socket s,
String host,
SSLCertificateApprovalCallback certApprovalCallback,
SSLClientCertificateSelectionCallback clientCertSelectionCallback)
throws IOException
Creates an SSL client socket using the given Java socket for underlying
I/O. Installs the given callbacks for certificate approval and
client certificate selection.
s
- The Java socket to use for underlying I/O.host
- The hostname of the remote side of the connection.
This name is used to verify the server's certificate.certApprovalCallback
- A callback that can be used to override
approval of the peer's certificate.clientCertSelectionCallback
- A callback to select the client
certificate to present to the peer.
addHandshakeCompletedListener
public void addHandshakeCompletedListener(SSLHandshakeCompletedListener l)
Adds a listener to be notified when an SSL handshake completes.
close
public void close()
throws IOException
Closes this socket.
enableSSL2
public void enableSSL2(boolean enable)
throws SocketException
Enables SSL v2 on this socket. It is enabled by default, unless the
default has been changed with enableSSL2Default
.
enableSSL2Default
public static void enableSSL2Default(boolean enable)
throws SocketException
Sets the default for SSL v2 for all new sockets.
enableSSL3
public void enableSSL3(boolean enable)
throws SocketException
Enables SSL v3 on this socket. It is enabled by default, unless the
default has been changed with enableSSL3Default
.
enableSSL3Default
public static void enableSSL3Default(boolean enable)
throws SocketException
Sets the default for SSL v2 for all new sockets.
finalize
protected void finalize()
throws Throwable
forceHandshake
public void forceHandshake()
throws SocketException
Force an already started SSL handshake to complete.
This method should block until the handshake has completed.
getCipherPreference
public boolean getCipherPreference(int cipher)
throws SocketException
Returns whether this cipher is enabled or disabled on this socket.
getCipherPreferenceDefault
public static boolean getCipherPreferenceDefault(int cipher)
throws SocketException
Returns the default for whether this cipher is enabled or disabled.
getImplementedCipherSuites
public static int[] getImplementedCipherSuites()
Returns a list of cipher suites that are implemented by NSS.
Each element in the array will be one of the cipher suite constants
defined in this class (for example,
TLS_RSA_WITH_AES_128_CBC_SHA).
getInetAddress
public InetAddress getInetAddress()
- The remote peer's IP address.
getInputStream
public InputStream getInputStream()
throws IOException
Returns the input stream for reading from this socket.
getKeepAlive
public boolean getKeepAlive()
throws SocketException
Returns the current setting of the SO_KEEPALIVE socket option.
getLocalAddress
public InetAddress getLocalAddress()
getLocalPort
public int getLocalPort()
getOutputStream
public OutputStream getOutputStream()
throws IOException
Returns the output stream for writing to this socket.
getPort
public int getPort()
getReceiveBufferSize
public int getReceiveBufferSize()
throws SocketException
Returnst he size (in bytes) of the receive buffer.
getSendBufferSize
public int getSendBufferSize()
throws SocketException
Returns the size (in bytes) of the send buffer.
getSoLinger
public int getSoLinger()
throws SocketException
Returns the current value of the SO_LINGER socket option.
getSoTimeout
public int getSoTimeout()
throws SocketException
Returns the current value of the SO_TIMEOUT socket option.
- The timeout time in milliseconds.
getStatus
public SSLSecurityStatus getStatus()
throws SocketException
Returns the security status of this socket.
getTcpNoDelay
public boolean getTcpNoDelay()
throws SocketException
Returns the current setting of the TCP_NO_DELAY socket option.
getUseClientMode
public boolean getUseClientMode()
- true if this end of the socket is the SSL client, false
if it is the SSL server.
invalidateSession
public void invalidateSession()
throws SocketException
Removes the current session from the session cache.
redoHandshake
public void redoHandshake()
throws SocketException
Causes SSL to begin a full, new SSL 3.0 handshake from scratch
on a connection that has already completed one handshake.
Does not flush the SSL3 cache entry first, so a full handshake
will not take place. Instead only the symmetric session keys will
be regenerated.
redoHandshake
public void redoHandshake(boolean flushCache)
throws SocketException
Causes SSL to begin a full, new SSL 3.0 handshake from scratch
on a connection that has already completed one handshake.
flushCache
- If true, this session will be flushed from the cache.
This will force a complete SSL handshake with a private key operation.
If false, only the session key will be regenerated.
removeHandshakeCompletedListener
public void removeHandshakeCompletedListener(SSLHandshakeCompletedListener l)
Removes a previously registered listener for handshake completion.
requestClientAuth
public void requestClientAuth(boolean b)
throws SocketException
Enables/disables the request of client authentication. This is only
meaningful for the server end of the SSL connection. During the next
handshake, the remote peer will be asked to authenticate itself.
requireClientAuth
public void requireClientAuth(boolean require,
boolean onRedo)
throws SocketException
Sets whether the socket requires client authentication from the remote
peer. If requestClientAuth() has not already been called, this
method will tell the socket to request client auth as well as requiring
it.
requireClientAuthDefault
public void requireClientAuthDefault(boolean require,
boolean onRedo)
throws SocketException
Sets the default setting for requiring client authorization.
All subsequently created sockets will use this default setting.
resetHandshake
public void resetHandshake()
throws SocketException
Resets the handshake state.
setCipherPolicy
public static void setCipherPolicy(SSLSocket.CipherPolicy cp)
throws SocketException
Sets the SSL cipher policy. This must be called before creating any
SSL sockets.
setCipherPreference
public void setCipherPreference(int cipher,
boolean enable)
throws SocketException
Enables/disables the cipher on this socket.
setCipherPreferenceDefault
public static void setCipherPreferenceDefault(int cipher,
boolean enable)
throws SocketException
Sets the default for whether this cipher is enabled or disabled.
setClientCert
public void setClientCert(X509Certificate cert)
throws SocketException
Sets the certificate to use for client authentication.
Alternately, you can specify an SSLClientCertificateSelectionCallback,
which will receive a list of certificates that are valid for client
authentication.
setClientCertNickname
public void setClientCertNickname(String nick)
throws SocketException
Sets the nickname of the certificate to use for client authentication.
Alternately, you can specify an SSLClientCertificateSelectionCallback,
which will receive a list of certificates that are valid for client
authentication.
setKeepAlive
public void setKeepAlive(boolean on)
throws SocketException
Enables or disables the SO_KEEPALIVE socket option.
setNeedClientAuth
public void setNeedClientAuth(boolean b)
throws SocketException
As of JSS 3.0. This method is misnamed. Use
requestClientAuth
instead.
setNeedClientAuthNoExpiryCheck
public void setNeedClientAuthNoExpiryCheck(boolean b)
throws SocketException
As of JSS 3.0. This method is misnamed. Use
requestClientAuthNoExpiryCheck
instead.
Enables/disables the request of client authentication. This is only
meaningful for the server end of the SSL connection. During the next
handshake, the remote peer will be asked to authenticate itself.
In addition, the client certificate's expiration will not
prevent it from being accepted.
org.mozilla.jss.ssl.SSLSocket.requireClientAuth
public void requestClientAuthNoExpiryCheck(boolean b)
throws SocketException
{
base.requestClientAuthNoExpiryCheck(b);
}
/**
setReceiveBufferSize
public void setReceiveBufferSize(int size)
throws SocketException
Sets the size (in bytes) of the receive buffer.
setSendBufferSize
public void setSendBufferSize(int size)
throws SocketException
Sets the size (in bytes) of the send buffer.
setSoLinger
public void setSoLinger(boolean on,
int linger)
throws SocketException
Sets the SO_LINGER socket option.
param linger The time (in seconds) to linger for.
setSoTimeout
public void setSoTimeout(int timeout)
throws SocketException
Sets the SO_TIMEOUT socket option.
timeout
- The timeout time in milliseconds.
setTcpNoDelay
public void setTcpNoDelay(boolean on)
throws SocketException
Enables or disables the TCP_NO_DELAY socket option. Enabling this
option will disable the Nagle algorithm.
setUseClientMode
public void setUseClientMode(boolean b)
Determines whether this end of the socket is the client or the server
for purposes of the SSL protocol. By default, it is the client.
b
- true if this end of the socket is the SSL slient, false
if it is the SSL server.
shutdownInput
public void shutdownInput()
throws IOException
Shuts down the input side of the socket.
shutdownOutput
public void shutdownOutput()
throws IOException
Shuts down the output side of the socket.
toString
public String toString()
Returns the addresses and ports of this socket.
useCache
public void useCache(boolean b)
throws SocketException
Enables/disables the session cache. By default, the session cache
is enabled.
useCacheDefault
public void useCacheDefault(boolean b)
throws SocketException
Sets the default setting for use of the session cache.