javax.net.ssl: public class: SSLContext

javax.net.ssl
public class: SSLContext [javadoc | source]

java.lang.Object
   javax.net.ssl.SSLContext

Instances of this class represent a secure socket protocol implementation which acts as a factory for secure socket factories or SSLEngines. This class is initialized with an optional set of key and trust managers and source of secure random bytes.

Every implementation of the Java platform is required to support the following standard SSLContext protocol:

TLSv1

This protocol is described in the SSLContext section of the Java Cryptography Architecture Standard Algorithm Name Documentation. Consult the release documentation for your implementation to see if any other algorithms are supported.

since: 1.4 -

Constructor:

Constructor:
protected SSLContext(SSLContextSpi contextSpi, Provider provider, String protocol) { this.contextSpi = contextSpi; this.provider = provider; this.protocol = protocol; } Creates an SSLContext object. Parameters: `contextSpi` - the delegate `provider` - the provider `protocol` - the protocol

 protected SSLContext(SSLContextSpi contextSpi,
    Provider provider,
    String protocol) {
        this.contextSpi = contextSpi;
        this.provider = provider;
        this.protocol = protocol;
}

Creates an SSLContext object.

Parameters:

contextSpi - the delegate

provider - the provider

protocol - the protocol

Method from javax.net.ssl.SSLContext Summary:
createSSLEngine, createSSLEngine, getClientSessionContext, getDefault, getDefaultSSLParameters, getInstance, getInstance, getInstance, getProtocol, getProvider, getServerSessionContext, getServerSocketFactory, getSocketFactory, getSupportedSSLParameters, init, setDefault

Methods from java.lang.Object:
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method from javax.net.ssl.SSLContext Detail:
public final SSLEngine createSSLEngine() { try { return contextSpi.engineCreateSSLEngine(); } catch (AbstractMethodError e) { UnsupportedOperationException unsup = new UnsupportedOperationException( "Provider: " + getProvider() + " doesn't support this operation"); unsup.initCause(e); throw unsup; } } Creates a new `SSLEngine` using this context. Applications using this factory method are providing no hints for an internal session reuse strategy. If hints are desired, #createSSLEngine(String, int) should be used instead. Some cipher suites (such as Kerberos) require remote hostname information, in which case this factory method should not be used.
public final SSLEngine createSSLEngine(String peerHost, int peerPort) { try { return contextSpi.engineCreateSSLEngine(peerHost, peerPort); } catch (AbstractMethodError e) { UnsupportedOperationException unsup = new UnsupportedOperationException( "Provider: " + getProvider() + " does not support this operation"); unsup.initCause(e); throw unsup; } } Creates a new `SSLEngine` using this context using advisory peer information. Applications using this factory method are providing hints for an internal session reuse strategy. Some cipher suites (such as Kerberos) require remote hostname information, in which case peerHost needs to be specified.
public final SSLSessionContext getClientSessionContext() { return contextSpi.engineGetClientSessionContext(); } Returns the client session context, which represents the set of SSL sessions available for use during the handshake phase of client-side SSL sockets. This context may be unavailable in some environments, in which case this method returns null. For example, when the underlying SSL provider does not provide an implementation of SSLSessionContext interface, this method returns null. A non-null session context is returned otherwise.
public static synchronized SSLContext getDefault() throws NoSuchAlgorithmException { if (defaultContext == null) { defaultContext = SSLContext.getInstance("Default"); } return defaultContext; } Returns the default SSL context. If a default context was set using the SSLContext.setDefault() method, it is returned. Otherwise, the first call of this method triggers the call `SSLContext.getInstance("Default")`. If successful, that object is made the default SSL context and returned. The default context is immediately usable and does not require {@linkplain #init initialization}.
public final SSLParameters getDefaultSSLParameters() { return contextSpi.engineGetDefaultSSLParameters(); } Returns a copy of the SSLParameters indicating the default settings for this SSL context. The parameters will always have the ciphersuites and protocols arrays set to non-null values.
public static SSLContext getInstance(String protocol) throws NoSuchAlgorithmException { GetInstance.Instance instance = GetInstance.getInstance ("SSLContext", SSLContextSpi.class, protocol); return new SSLContext((SSLContextSpi)instance.impl, instance.provider, protocol); } Returns a `SSLContext` object that implements the specified secure socket protocol. This method traverses the list of registered security Providers, starting with the most preferred Provider. A new SSLContext object encapsulating the SSLContextSpi implementation from the first Provider that supports the specified protocol is returned. Note that the list of registered providers may be retrieved via the Security.getProviders() method.
public static SSLContext getInstance(String protocol, String provider) throws NoSuchAlgorithmException, NoSuchProviderException { GetInstance.Instance instance = GetInstance.getInstance ("SSLContext", SSLContextSpi.class, protocol, provider); return new SSLContext((SSLContextSpi)instance.impl, instance.provider, protocol); } Returns a `SSLContext` object that implements the specified secure socket protocol. A new SSLContext object encapsulating the SSLContextSpi implementation from the specified provider is returned. The specified provider must be registered in the security provider list. Note that the list of registered providers may be retrieved via the Security.getProviders() method.
public static SSLContext getInstance(String protocol, Provider provider) throws NoSuchAlgorithmException { GetInstance.Instance instance = GetInstance.getInstance ("SSLContext", SSLContextSpi.class, protocol, provider); return new SSLContext((SSLContextSpi)instance.impl, instance.provider, protocol); } Returns a `SSLContext` object that implements the specified secure socket protocol. A new SSLContext object encapsulating the SSLContextSpi implementation from the specified Provider object is returned. Note that the specified Provider object does not have to be registered in the provider list.
public final String getProtocol() { return this.protocol; } Returns the protocol name of this `SSLContext` object. This is the same name that was specified in one of the `getInstance` calls that created this `SSLContext` object.
public final Provider getProvider() { return this.provider; } Returns the provider of this `SSLContext` object.
public final SSLSessionContext getServerSessionContext() { return contextSpi.engineGetServerSessionContext(); } Returns the server session context, which represents the set of SSL sessions available for use during the handshake phase of server-side SSL sockets. This context may be unavailable in some environments, in which case this method returns null. For example, when the underlying SSL provider does not provide an implementation of SSLSessionContext interface, this method returns null. A non-null session context is returned otherwise.
public final SSLServerSocketFactory getServerSocketFactory() { return contextSpi.engineGetServerSocketFactory(); } Returns a `ServerSocketFactory` object for this context.
public final SSLSocketFactory getSocketFactory() { return contextSpi.engineGetSocketFactory(); } Returns a `SocketFactory` object for this context.
public final SSLParameters getSupportedSSLParameters() { return contextSpi.engineGetSupportedSSLParameters(); } Returns a copy of the SSLParameters indicating the supported settings for this SSL context. The parameters will always have the ciphersuites and protocols arrays set to non-null values.
public final void init(KeyManager[] km, TrustManager[] tm, SecureRandom random) throws KeyManagementException { contextSpi.engineInit(km, tm, random); } Initializes this context. Either of the first two parameters may be null in which case the installed security providers will be searched for the highest priority implementation of the appropriate factory. Likewise, the secure random parameter may be null in which case the default implementation will be used. Only the first instance of a particular key and/or trust manager implementation type in the array is used. (For example, only the first javax.net.ssl.X509KeyManager in the array will be used.)
public static synchronized void setDefault(SSLContext context) { if (context == null) { throw new NullPointerException(); } SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(new SSLPermission("setDefaultSSLContext")); } defaultContext = context; } Sets the default SSL context. It will be returned by subsequent calls to #getDefault . The default context must be immediately usable and not require {@linkplain #init initialization}.

Method from javax.net.ssl.SSLContext Detail:

 public final SSLEngine createSSLEngine() {
        try {
            return contextSpi.engineCreateSSLEngine();
        } catch (AbstractMethodError e) {
            UnsupportedOperationException unsup =
                new UnsupportedOperationException(
                    "Provider: " + getProvider() +
                    " doesn't support this operation");
            unsup.initCause(e);
            throw unsup;
        }
}

SSLEngine

Applications using this factory method are providing no hints for an internal session reuse strategy. If hints are desired, #createSSLEngine(String, int) should be used instead.

Some cipher suites (such as Kerberos) require remote hostname information, in which case this factory method should not be used.

 public final SSLEngine createSSLEngine(String peerHost,
    int peerPort) {
        try {
            return contextSpi.engineCreateSSLEngine(peerHost, peerPort);
        } catch (AbstractMethodError e) {
            UnsupportedOperationException unsup =
                new UnsupportedOperationException(
                    "Provider: " + getProvider() +
                    " does not support this operation");
            unsup.initCause(e);
            throw unsup;
        }
}

SSLEngine

Applications using this factory method are providing hints for an internal session reuse strategy.

Some cipher suites (such as Kerberos) require remote hostname information, in which case peerHost needs to be specified.

 public final SSLSessionContext getClientSessionContext() {
        return contextSpi.engineGetClientSessionContext();
}

This context may be unavailable in some environments, in which case this method returns null. For example, when the underlying SSL provider does not provide an implementation of SSLSessionContext interface, this method returns null. A non-null session context is returned otherwise.

 public static synchronized SSLContext getDefault() throws NoSuchAlgorithmException {
        if (defaultContext == null) {
            defaultContext = SSLContext.getInstance("Default");
        }
        return defaultContext;
}

If a default context was set using the SSLContext.setDefault() method, it is returned. Otherwise, the first call of this method triggers the call SSLContext.getInstance("Default"). If successful, that object is made the default SSL context and returned.

The default context is immediately usable and does not require {@linkplain #init initialization}.

 public final SSLParameters getDefaultSSLParameters() {
        return contextSpi.engineGetDefaultSSLParameters();
}

The parameters will always have the ciphersuites and protocols arrays set to non-null values.

 public static SSLContext getInstance(String protocol) throws NoSuchAlgorithmException {
        GetInstance.Instance instance = GetInstance.getInstance
                ("SSLContext", SSLContextSpi.class, protocol);
        return new SSLContext((SSLContextSpi)instance.impl, instance.provider,
                protocol);
}

SSLContext

This method traverses the list of registered security Providers, starting with the most preferred Provider. A new SSLContext object encapsulating the SSLContextSpi implementation from the first Provider that supports the specified protocol is returned.

Note that the list of registered providers may be retrieved via the Security.getProviders() method.

 public static SSLContext getInstance(String protocol,
    String provider) throws NoSuchAlgorithmException, NoSuchProviderException {
        GetInstance.Instance instance = GetInstance.getInstance
                ("SSLContext", SSLContextSpi.class, protocol, provider);
        return new SSLContext((SSLContextSpi)instance.impl, instance.provider,
                protocol);
}

SSLContext

A new SSLContext object encapsulating the SSLContextSpi implementation from the specified provider is returned. The specified provider must be registered in the security provider list.

Note that the list of registered providers may be retrieved via the Security.getProviders() method.

 public static SSLContext getInstance(String protocol,
    Provider provider) throws NoSuchAlgorithmException {
        GetInstance.Instance instance = GetInstance.getInstance
                ("SSLContext", SSLContextSpi.class, protocol, provider);
        return new SSLContext((SSLContextSpi)instance.impl, instance.provider,
                protocol);
}

SSLContext

A new SSLContext object encapsulating the SSLContextSpi implementation from the specified Provider object is returned. Note that the specified Provider object does not have to be registered in the provider list.

 public final String getProtocol() {
        return this.protocol;
}

SSLContext

This is the same name that was specified in one of the getInstance calls that created this SSLContext object.

 public final Provider getProvider() {
        return this.provider;
}

SSLContext

 public final SSLSessionContext getServerSessionContext() {
        return contextSpi.engineGetServerSessionContext();
}

 public final SSLServerSocketFactory getServerSocketFactory() {
        return contextSpi.engineGetServerSocketFactory();
}

ServerSocketFactory

 public final SSLSocketFactory getSocketFactory() {
        return contextSpi.engineGetSocketFactory();
}

SocketFactory

 public final SSLParameters getSupportedSSLParameters() {
        return contextSpi.engineGetSupportedSSLParameters();
}

The parameters will always have the ciphersuites and protocols arrays set to non-null values.

 public final  void init(KeyManager[] km,
    TrustManager[] tm,
    SecureRandom random) throws KeyManagementException {
        contextSpi.engineInit(km, tm, random);
}

Only the first instance of a particular key and/or trust manager implementation type in the array is used. (For example, only the first javax.net.ssl.X509KeyManager in the array will be used.)

 public static synchronized  void setDefault(SSLContext context) {
        if (context == null) {
            throw new NullPointerException();
        }
        SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
            sm.checkPermission(new SSLPermission("setDefaultSSLContext"));
        }
        defaultContext = context;
}

#getDefault