javax.net.ssl: public class: SSLParameters

javax.net.ssl
public class: SSLParameters [javadoc | source]

java.lang.Object
   javax.net.ssl.SSLParameters

Encapsulates parameters for an SSL/TLS connection. The parameters are the list of ciphersuites to be accepted in an SSL/TLS handshake, the list of protocols to be allowed, the endpoint identification algorithm during SSL/TLS handshaking, the algorithm constraints and whether SSL/TLS servers should request or require client authentication.

SSLParameters can be created via the constructors in this class. Objects can also be obtained using the getSSLParameters() methods in SSLSocket and SSLServerSocket and SSLEngine or the getDefaultSSLParameters() and getSupportedSSLParameters() methods in SSLContext.

SSLParameters can be applied to a connection via the methods SSLSocket.setSSLParameters() and SSLServerSocket.setSSLParameters() and SSLEngine.getSSLParameters() .

Also see:

SSLSocket

SSLEngine

SSLContext

since: 1.6 -

Constructor:

Constructor:
public SSLParameters() { // empty } Constructs SSLParameters. The cipherSuites and protocols values are set to `null`, wantClientAuth and needClientAuth are set to `false`.
public SSLParameters(String[] cipherSuites) { setCipherSuites(cipherSuites); } Constructs SSLParameters from the specified array of ciphersuites. Calling this constructor is equivalent to calling the no-args constructor followed by `setCipherSuites(cipherSuites);`. Parameters: `cipherSuites` - the array of ciphersuites (or null)
public SSLParameters(String[] cipherSuites, String[] protocols) { setCipherSuites(cipherSuites); setProtocols(protocols); } Constructs SSLParameters from the specified array of ciphersuites and protocols. Calling this constructor is equivalent to calling the no-args constructor followed by `setCipherSuites(cipherSuites); setProtocols(protocols);`. Parameters: `cipherSuites` - the array of ciphersuites (or null) `protocols` - the array of protocols (or null)

 public SSLParameters() {
        // empty
}

Constructs SSLParameters.

The cipherSuites and protocols values are set to null, wantClientAuth and needClientAuth are set to false.

 public SSLParameters(String[] cipherSuites) {
        setCipherSuites(cipherSuites);
}

Calling this constructor is equivalent to calling the no-args constructor followed by setCipherSuites(cipherSuites);.

Parameters:

cipherSuites - the array of ciphersuites (or null)

 public SSLParameters(String[] cipherSuites,
    String[] protocols) {
        setCipherSuites(cipherSuites);
        setProtocols(protocols);
}

Calling this constructor is equivalent to calling the no-args constructor followed by setCipherSuites(cipherSuites); setProtocols(protocols);.

Parameters:

cipherSuites - the array of ciphersuites (or null)

protocols - the array of protocols (or null)

Method from javax.net.ssl.SSLParameters Summary:
getAlgorithmConstraints, getCipherSuites, getEndpointIdentificationAlgorithm, getNeedClientAuth, getProtocols, getWantClientAuth, setAlgorithmConstraints, setCipherSuites, setEndpointIdentificationAlgorithm, setNeedClientAuth, setProtocols, setWantClientAuth

Methods from java.lang.Object:
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method from javax.net.ssl.SSLParameters Detail:
public AlgorithmConstraints getAlgorithmConstraints() { return algorithmConstraints; } Returns the cryptographic algorithm constraints.
public String[] getCipherSuites() { return clone(cipherSuites); } Returns a copy of the array of ciphersuites or null if none have been set.
public String getEndpointIdentificationAlgorithm() { return identificationAlgorithm; } Gets the endpoint identification algorithm.
public boolean getNeedClientAuth() { return needClientAuth; } Returns whether client authentication should be required.
public String[] getProtocols() { return clone(protocols); } Returns a copy of the array of protocols or null if none have been set.
public boolean getWantClientAuth() { return wantClientAuth; } Returns whether client authentication should be requested.
public void setAlgorithmConstraints(AlgorithmConstraints constraints) { // the constraints object is immutable this.algorithmConstraints = constraints; } Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment. If the `constraints` parameter is non-null, every cryptographic algorithm, key and algorithm parameters used in the SSL/TLS handshake must be permitted by the constraints.
public void setCipherSuites(String[] cipherSuites) { this.cipherSuites = clone(cipherSuites); } Sets the array of ciphersuites.
public void setEndpointIdentificationAlgorithm(String algorithm) { this.identificationAlgorithm = algorithm; } Sets the endpoint identification algorithm. If the `algorithm` parameter is non-null or non-empty, the endpoint identification/verification procedures must be handled during SSL/TLS handshaking. This is to prevent man-in-the-middle attacks.
public void setNeedClientAuth(boolean needClientAuth) { this.wantClientAuth = false; this.needClientAuth = needClientAuth; } Sets whether client authentication should be required. Calling this method clears the `wantClientAuth` flag.
public void setProtocols(String[] protocols) { this.protocols = clone(protocols); } Sets the array of protocols.
public void setWantClientAuth(boolean wantClientAuth) { this.wantClientAuth = wantClientAuth; this.needClientAuth = false; } Sets whether client authentication should be requested. Calling this method clears the `needClientAuth` flag.

Method from javax.net.ssl.SSLParameters Detail:

 public AlgorithmConstraints getAlgorithmConstraints() {
        return algorithmConstraints;
}

Returns the cryptographic algorithm constraints.

 public String[] getCipherSuites() {
        return clone(cipherSuites);
}

Returns a copy of the array of ciphersuites or null if none have been set.

 public String getEndpointIdentificationAlgorithm() {
        return identificationAlgorithm;
}

Gets the endpoint identification algorithm.

 public boolean getNeedClientAuth() {
        return needClientAuth;
}

Returns whether client authentication should be required.

 public String[] getProtocols() {
        return clone(protocols);
}

Returns a copy of the array of protocols or null if none have been set.

 public boolean getWantClientAuth() {
        return wantClientAuth;
}

Returns whether client authentication should be requested.

 public  void setAlgorithmConstraints(AlgorithmConstraints constraints) {
        // the constraints object is immutable
        this.algorithmConstraints = constraints;
}

If the constraints parameter is non-null, every cryptographic algorithm, key and algorithm parameters used in the SSL/TLS handshake must be permitted by the constraints.

 public  void setCipherSuites(String[] cipherSuites) {
        this.cipherSuites = clone(cipherSuites);
}

Sets the array of ciphersuites.

 public  void setEndpointIdentificationAlgorithm(String algorithm) {
        this.identificationAlgorithm = algorithm;
}

If the algorithm parameter is non-null or non-empty, the endpoint identification/verification procedures must be handled during SSL/TLS handshaking. This is to prevent man-in-the-middle attacks.

 public  void setNeedClientAuth(boolean needClientAuth) {
        this.wantClientAuth = false;
        this.needClientAuth = needClientAuth;
}

wantClientAuth

 public  void setProtocols(String[] protocols) {
        this.protocols = clone(protocols);
}

Sets the array of protocols.

 public  void setWantClientAuth(boolean wantClientAuth) {
        this.wantClientAuth = wantClientAuth;
        this.needClientAuth = false;
}

needClientAuth