SSLEngine - Android SDK

Summary: Protected Ctors | Methods | Inherited Methods | [Expand All]

Added in API level 1

public abstract class

SSLEngine

extends Object

java.lang.Object
↳	javax.net.ssl.SSLEngine

Class Overview

The abstract implementation of secure communications using SSL, TLS, or other protocols. It includes the setup, handshake, and encrypt/decrypt functionality needed to create a secure connection.

Default configuration

SSLEngine instances obtained from default SSLContext are configured as follows:

Protocols

Protocol	Supported (API Levels)	Enabled by default (API Levels)
SSLv3	1+	1+
TLSv1	1+	1+
TLSv1.1	20+	20+
TLSv1.2	20+	20+

Cipher suites

Cipher suite	Supported (API Levels)	Enabled by default (API Levels)
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA	9–22	9–19
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA	9–22	9–19
SSL_DHE_DSS_WITH_DES_CBC_SHA	9–22	9–19
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA	9–22	9–19
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA	9–22	9–19
SSL_DHE_RSA_WITH_DES_CBC_SHA	9–22	9–19
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA	9–22
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5	9–22
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA	9–22
SSL_DH_anon_WITH_DES_CBC_SHA	9–22
SSL_DH_anon_WITH_RC4_128_MD5	9–22
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA	9–22	9–19
SSL_RSA_EXPORT_WITH_RC4_40_MD5	9–22	9–19
SSL_RSA_WITH_3DES_EDE_CBC_SHA	9+	9–19
SSL_RSA_WITH_DES_CBC_SHA	9–22	9–19
SSL_RSA_WITH_NULL_MD5	9–22
SSL_RSA_WITH_NULL_SHA	9–22
SSL_RSA_WITH_RC4_128_MD5	9+	9–19
SSL_RSA_WITH_RC4_128_SHA	9+	9+
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA	1–8	1–8
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA	1–8	1–8
TLS_DHE_DSS_WITH_AES_128_CBC_SHA	9–22	9–22
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256	20–22
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256	20–22
TLS_DHE_DSS_WITH_AES_256_CBC_SHA	9–22	20–22
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256	20–22
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384	20–22
TLS_DHE_DSS_WITH_DES_CBC_SHA	1–8	1–8
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA	1–8	1–8
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA	1–8	1–8
TLS_DHE_RSA_WITH_AES_128_CBC_SHA	9+	9+
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256	20+
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256	20+	20+
TLS_DHE_RSA_WITH_AES_256_CBC_SHA	9+	20+
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256	20+
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384	20+	20+
TLS_DHE_RSA_WITH_DES_CBC_SHA	1–8	1–8
TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA	1–8
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA	1–8
TLS_DH_DSS_WITH_DES_CBC_SHA	1–8
TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA	1–8
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA	1–8
TLS_DH_RSA_WITH_DES_CBC_SHA	1–8
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA	1–8
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA	1–8
TLS_DH_anon_WITH_AES_128_CBC_SHA	9–22
TLS_DH_anon_WITH_AES_128_CBC_SHA256	20–22
TLS_DH_anon_WITH_AES_128_GCM_SHA256	20–22
TLS_DH_anon_WITH_AES_256_CBC_SHA	9–22
TLS_DH_anon_WITH_AES_256_CBC_SHA256	20–22
TLS_DH_anon_WITH_AES_256_GCM_SHA384	20–22
TLS_DH_anon_WITH_DES_CBC_SHA	1–8
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA	20–22
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA	20+	20+
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256	20+
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256	20+	20+
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA	20+	20+
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384	20+
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384	20+	20+
TLS_ECDHE_ECDSA_WITH_NULL_SHA	20–22
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA	20+	20+
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA	20–22
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA	20+	20+
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	20+
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256	20+	20+
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA	20+	20+
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384	20+
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384	20+	20+
TLS_ECDHE_RSA_WITH_NULL_SHA	20–22
TLS_ECDHE_RSA_WITH_RC4_128_SHA	20+	20+
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA	20–22
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA	20–22
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256	20–22
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256	20–22
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA	20–22
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384	20–22
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384	20–22
TLS_ECDH_ECDSA_WITH_NULL_SHA	20–22
TLS_ECDH_ECDSA_WITH_RC4_128_SHA	20–22
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA	20–22
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA	20–22
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256	20–22
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256	20–22
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA	20–22
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384	20–22
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384	20–22
TLS_ECDH_RSA_WITH_NULL_SHA	20–22
TLS_ECDH_RSA_WITH_RC4_128_SHA	20–22
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA	20–22
TLS_ECDH_anon_WITH_AES_128_CBC_SHA	20–22
TLS_ECDH_anon_WITH_AES_256_CBC_SHA	20–22
TLS_ECDH_anon_WITH_NULL_SHA	20–22
TLS_ECDH_anon_WITH_RC4_128_SHA	20–22
TLS_EMPTY_RENEGOTIATION_INFO_SCSV	20+	20+
TLS_FALLBACK_SCSV	21+
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA	21+	21+
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA	21+	21+
TLS_NULL_WITH_NULL_NULL	1–8
TLS_PSK_WITH_3DES_EDE_CBC_SHA	21–22
TLS_PSK_WITH_AES_128_CBC_SHA	21+	21+
TLS_PSK_WITH_AES_256_CBC_SHA	21+	21+
TLS_PSK_WITH_RC4_128_SHA	21+
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA	1–8	1–8
TLS_RSA_WITH_3DES_EDE_CBC_SHA	1–8	1–8
TLS_RSA_WITH_AES_128_CBC_SHA	9+	9+
TLS_RSA_WITH_AES_128_CBC_SHA256	20+
TLS_RSA_WITH_AES_128_GCM_SHA256	20+	20+
TLS_RSA_WITH_AES_256_CBC_SHA	9+	20+
TLS_RSA_WITH_AES_256_CBC_SHA256	20+
TLS_RSA_WITH_AES_256_GCM_SHA384	20+	20+
TLS_RSA_WITH_DES_CBC_SHA	1–8	1–8
TLS_RSA_WITH_NULL_MD5	1–8
TLS_RSA_WITH_NULL_SHA	1–8
TLS_RSA_WITH_NULL_SHA256	20–22

NOTE: PSK cipher suites are enabled by default only if the SSLContext through which the engine was created has been initialized with a PSKKeyManager.

Summary

Protected Constructors
	SSLEngine() Creates a new `SSLEngine` instance.
	SSLEngine(String host, int port) Creates a new `SSLEngine` instance with the specified host and port.

Public Methods
abstract void	beginHandshake() Initiates a handshake on this engine.
abstract void	closeInbound() Notifies this engine instance that no more inbound network data will be sent to this engine.
abstract void	closeOutbound() Notifies this engine instance that no more outbound application data will be sent to this engine.
abstract Runnable	getDelegatedTask() Returns a delegate task for this engine instance.
abstract boolean	getEnableSessionCreation() Returns whether new SSL sessions may be established by this engine.
abstract String[]	getEnabledCipherSuites() Returns the SSL cipher suite names that are enabled in this engine instance.
abstract String[]	getEnabledProtocols() Returns the protocol version names that are enabled in this engine instance.
abstract SSLEngineResult.HandshakeStatus	getHandshakeStatus() Returns the status of the handshake of this engine instance.
abstract boolean	getNeedClientAuth() Returns whether this engine instance will require client authentication.
String	getPeerHost() Returns the name of the peer host.
int	getPeerPort() Returns the port number of the peer host.
SSLParameters	getSSLParameters() Returns a new SSLParameters based on this SSLSocket's current cipher suites, protocols, and client authentication settings.
abstract SSLSession	getSession() Returns the SSL session for this engine instance.
abstract String[]	getSupportedCipherSuites() Returns the SSL cipher suite names that are supported by this engine.
abstract String[]	getSupportedProtocols() Returns the protocol names that are supported by this engine.
abstract boolean	getUseClientMode() Returns whether this engine is set to act in client mode when handshaking.
abstract boolean	getWantClientAuth() Returns whether this engine will request client authentication.
abstract boolean	isInboundDone() Returns whether no more inbound data will be accepted by this engine.
abstract boolean	isOutboundDone() Returns whether no more outbound data will be produced by this engine.
abstract void	setEnableSessionCreation(boolean flag) Sets whether new SSL sessions may be established by this engine instance.
abstract void	setEnabledCipherSuites(String[] suites) Sets the SSL cipher suite names that should be enabled in this engine instance.
abstract void	setEnabledProtocols(String[] protocols) Sets the protocol version names that should be enabled in this engine instance.
abstract void	setNeedClientAuth(boolean need) Sets whether this engine must require client authentication.
void	setSSLParameters(SSLParameters p) Sets various SSL handshake parameters based on the SSLParameter argument.
abstract void	setUseClientMode(boolean mode) Sets whether this engine should act in client (or server) mode when handshaking.
abstract void	setWantClientAuth(boolean want) Sets whether this engine should request client authentication.
SSLEngineResult	unwrap(ByteBuffer src, ByteBuffer dst) Decodes the incoming network data buffer into the application data buffer.
abstract SSLEngineResult	unwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) Decodes the incoming network data buffer into application data buffers.
SSLEngineResult	unwrap(ByteBuffer src, ByteBuffer[] dsts) Decodes the incoming network data buffer into the application data buffers.
SSLEngineResult	wrap(ByteBuffer[] srcs, ByteBuffer dst) Encodes the outgoing application data buffers into the network data buffer.
abstract SSLEngineResult	wrap(ByteBuffer[] srcs, int offset, int length, ByteBuffer dst) Encodes the outgoing application data buffers into the network data buffer.
SSLEngineResult	wrap(ByteBuffer src, ByteBuffer dst) Encodes the outgoing application data buffer into the network data buffer.

[Expand]

Inherited Methods

From class java.lang.Object

Object	clone() Creates and returns a copy of this `Object`.
boolean	equals(Object o) Compares this instance with the specified object and indicates if they are equal.
void	finalize() Invoked when the garbage collector has detected that this instance is no longer reachable.
final Class<?>	getClass() Returns the unique instance of `Class` that represents this object's class.
int	hashCode() Returns an integer hash code for this object.
final void	notify() Causes a thread which is waiting on this object's monitor (by means of calling one of the `wait()` methods) to be woken up.
final void	notifyAll() Causes all threads which are waiting on this object's monitor (by means of calling one of the `wait()` methods) to be woken up.
String	toString() Returns a string containing a concise, human-readable description of this object.
final void	wait() Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object.
final void	wait(long millis, int nanos) Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object or until the specified timeout expires.
final void	wait(long millis) Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object or until the specified timeout expires.

Protected Constructors

protected SSLEngine ()

Added in API level 1

Creates a new SSLEngine instance.

protected SSLEngine (String host, int port)

Added in API level 1

Creates a new SSLEngine instance with the specified host and port.

Parameters

host	the name of the host.
port	the port of the host.

Public Methods

public abstract void beginHandshake ()

Added in API level 1

Initiates a handshake on this engine.

Calling this method is not needed for the initial handshake: it will be called by wrap or unwrap if the initial handshake has not been started yet.

Throws

SSLException	if starting the handshake fails.
IllegalStateException	if the engine does not have all the needed settings (e.g. client/server mode not set).

public abstract void closeInbound ()

Added in API level 1

Notifies this engine instance that no more inbound network data will be sent to this engine.

Throws

SSLException	if this engine did not receive a needed protocol specific close notification message from the peer.

public abstract void closeOutbound ()

Added in API level 1

Notifies this engine instance that no more outbound application data will be sent to this engine.

public abstract Runnable getDelegatedTask ()

Added in API level 1

Returns a delegate task for this engine instance. Some engine operations may require the results of blocking or long running operations, and the SSLEngineResult instances returned by this engine may indicate that a delegated task result is needed. In this case the run method of the returned Runnable delegated task must be called.

Returns

a delegate task, or null if none are available.

public abstract boolean getEnableSessionCreation ()

Added in API level 1

Returns whether new SSL sessions may be established by this engine.

Returns

true if new session may be established, false if existing sessions must be reused.

public abstract String[] getEnabledCipherSuites ()

Added in API level 1

Returns the SSL cipher suite names that are enabled in this engine instance.

Returns

the SSL cipher suite names that are enabled in this engine instance.

public abstract String[] getEnabledProtocols ()

Added in API level 1

Returns the protocol version names that are enabled in this engine instance.

Returns

the protocol version names that are enabled in this engine instance.

public abstract SSLEngineResult.HandshakeStatus getHandshakeStatus ()

Added in API level 1

Returns the status of the handshake of this engine instance.

Returns

the status of the handshake of this engine instance.

public abstract boolean getNeedClientAuth ()

Added in API level 1

Returns whether this engine instance will require client authentication.

Returns

true if this engine will require client authentication, false if no client authentication is needed.

public String getPeerHost ()

Added in API level 1

Returns the name of the peer host.

Returns

the name of the peer host, or null if none is available.

public int getPeerPort ()

Added in API level 1

Returns the port number of the peer host.

Returns

the port number of the peer host, or -1 is none is available.

public SSLParameters getSSLParameters ()

Added in API level 9

Returns a new SSLParameters based on this SSLSocket's current cipher suites, protocols, and client authentication settings.

public abstract SSLSession getSession ()

Added in API level 1

Returns the SSL session for this engine instance.

Returns

the SSL session for this engine instance.

public abstract String[] getSupportedCipherSuites ()

Added in API level 1

Returns the SSL cipher suite names that are supported by this engine. These cipher suites can be enabled using setEnabledCipherSuites(String[]).

Returns

the SSL cipher suite names that are supported by this engine.

public abstract String[] getSupportedProtocols ()

Added in API level 1

Returns the protocol names that are supported by this engine. These protocols can be enables using setEnabledProtocols(String[]).

Returns

the protocol names that are supported by this engine.

public abstract boolean getUseClientMode ()

Added in API level 1

Returns whether this engine is set to act in client mode when handshaking.

Returns

true if the engine is set to do handshaking in client mode.

public abstract boolean getWantClientAuth ()

Added in API level 1

Returns whether this engine will request client authentication.

Returns

true if client authentication will be requested, false otherwise.

public abstract boolean isInboundDone ()

Added in API level 1

Returns whether no more inbound data will be accepted by this engine.

Returns

true if no more inbound data will be accepted by this engine, false otherwise.

public abstract boolean isOutboundDone ()

Added in API level 1

Returns whether no more outbound data will be produced by this engine.

Returns

true if no more outbound data will be producted by this engine, otherwise false.

public abstract void setEnableSessionCreation (boolean flag)

Added in API level 1

Sets whether new SSL sessions may be established by this engine instance.

Parameters

flag	`true` if new SSL sessions may be established, `false` if existing SSL sessions must be reused.

public abstract void setEnabledCipherSuites (String[] suites)

Added in API level 1

Sets the SSL cipher suite names that should be enabled in this engine instance. Only cipher suites listed by getSupportedCipherSuites() are allowed.

Parameters

suites	the SSL cipher suite names to be enabled.

Throws

IllegalArgumentException	if one of the specified cipher suites is not supported, or if `suites` is `null`.

public abstract void setEnabledProtocols (String[] protocols)

Added in API level 1

Sets the protocol version names that should be enabled in this engine instance. Only protocols listed by getSupportedProtocols() are allowed.

Parameters

protocols	the protocol version names to be enabled.

Throws

IllegalArgumentException	if one of the protocol version names is not supported, or if `protocols` is `null`.

public abstract void setNeedClientAuth (boolean need)

Added in API level 1

Sets whether this engine must require client authentication. The client authentication is one of:

authentication required
authentication requested
no authentication needed

This method overrides the setting of setWantClientAuth(boolean).

Parameters

need	`true` if client authentication is required, `false` if no authentication is needed.

public void setSSLParameters (SSLParameters p)

Added in API level 9

Sets various SSL handshake parameters based on the SSLParameter argument. Specifically, sets the SSLEngine's enabled cipher suites if the parameter's cipher suites are non-null. Similarly sets the enabled protocols. If the parameters specify the want or need for client authentication, those requirements are set on the SSLEngine, otherwise both are set to false.

public abstract void setUseClientMode (boolean mode)

Added in API level 1

Sets whether this engine should act in client (or server) mode when handshaking.

Parameters

mode	`true` if this engine should act in client mode, `false` if not.

Throws

IllegalArgumentException	if this method is called after starting the initial handshake.

public abstract void setWantClientAuth (boolean want)

Added in API level 1

Sets whether this engine should request client authentication. The client authentication is one of the following:

authentication required
authentication requested
no authentication needed

This method overrides the setting of setNeedClientAuth(boolean).

Parameters

want	`true` if client authentication should be requested, `false` if no authentication is needed.

public SSLEngineResult unwrap (ByteBuffer src, ByteBuffer dst)

Added in API level 1

Decodes the incoming network data buffer into the application data buffer. If a handshake has not been started yet, it will automatically be started.

Parameters

src	the buffer with incoming network data
dst	the destination buffer for incoming application data.

Returns

the result object of this operation.

Throws

SSLException	if a problem occurred while processing the data.
ReadOnlyBufferException	if one of the destination buffers is read-only.
IllegalArgumentException	if `src` or `dst` is `null`.
IllegalStateException	if the engine does not have all the needed settings (e.g. client/server mode not set).

public abstract SSLEngineResult unwrap (ByteBuffer src, ByteBuffer[] dsts, int offset, int length)

Added in API level 1

Decodes the incoming network data buffer into application data buffers. If a handshake has not been started yet, it will automatically be started.

Parameters

src	the buffer with incoming network data
dsts	the array of destination buffers for incoming application data.
offset	the offset in the array of destination buffers to which data is to be transferred.
length	the maximum number of destination buffers to be used.

Returns

the result object of this operation.

Throws

SSLException	if a problem occurred while processing the data.
IndexOutOfBoundsException	if `length` is greater than `dsts.length - offset`.
ReadOnlyBufferException	if one of the destination buffers is read-only.
IllegalArgumentException	if `src`, `dsts`, or one of the entries in `dsts` is `null`.
IllegalStateException	if the engine does not have all the needed settings (e.g. client/server mode not set).

public SSLEngineResult unwrap (ByteBuffer src, ByteBuffer[] dsts)

Added in API level 1

Decodes the incoming network data buffer into the application data buffers. If a handshake has not been started yet, it will automatically be started.

Parameters

src	the buffer with incoming network data
dsts	the array of destination buffers for incoming application data.

Returns

the result object of this operation.

Throws

SSLException	if a problem occurred while processing the data.
ReadOnlyBufferException	if one of the destination buffers is read-only.
IllegalArgumentException	if `src` or `dsts` is `null`.
IllegalStateException	if the engine does not have all the needed settings (e.g. client/server mode not set).

public SSLEngineResult wrap (ByteBuffer[] srcs, ByteBuffer dst)

Added in API level 1

Encodes the outgoing application data buffers into the network data buffer. If a handshake has not been started yet, it will automatically be started.

Parameters

srcs	the array of source buffers of outgoing application data.
dst	the destination buffer for network data.

Returns

the result object of this operation.

Throws

SSLException	if a problem occurred while processing the data.
ReadOnlyBufferException	if the destination buffer is readonly.
IllegalArgumentException	if `srcs` or `dst` is `null`.
IllegalStateException	if the engine does not have all the needed settings (e.g. client/server mode not set).

public abstract SSLEngineResult wrap (ByteBuffer[] srcs, int offset, int length, ByteBuffer dst)

Added in API level 1

Encodes the outgoing application data buffers into the network data buffer. If a handshake has not been started yet, it will automatically be started.

Parameters

srcs	the array of source buffers of outgoing application data.
offset	the offset in the array of source buffers from which data is to be retrieved.
length	the maximum number of source buffers to be used.
dst	the destination buffer for network data.

Returns

the result object of this operation.

Throws

SSLException	if a problem occurred while processing the data.
IndexOutOfBoundsException	if `length` is greater than `srcs.length - offset`.
ReadOnlyBufferException	if the destination buffer is readonly.
IllegalArgumentException	if `srcs`, `dst`, or one the entries in `srcs` is `null`.
IllegalStateException	if the engine does not have all the needed settings (e.g. client/server mode not set).

public SSLEngineResult wrap (ByteBuffer src, ByteBuffer dst)

Added in API level 1

Encodes the outgoing application data buffer into the network data buffer. If a handshake has not been started yet, it will automatically be started.

Parameters

src	the source buffers of outgoing application data.
dst	the destination buffer for network data.

Returns

the result object of this operation.

Throws

SSLException	if a problem occurred while processing the data.
ReadOnlyBufferException	if the destination buffer is readonly.
IllegalArgumentException	if `src` or `dst` is `null`.
IllegalStateException	if the engine does not have all the needed settings (e.g. client/server mode not set).

Results

Interfaces

Classes

Enums

Exceptions

SSLEngine

Class Overview

Default configuration

Protocols

Cipher suites

Summary

Protected Constructors

protected SSLEngine ()

protected SSLEngine (String host, int port)

Parameters

Public Methods

public abstract void beginHandshake ()

Throws

public abstract void closeInbound ()

Throws

public abstract void closeOutbound ()

public abstract Runnable getDelegatedTask ()

Returns

public abstract boolean getEnableSessionCreation ()

Returns

public abstract String[] getEnabledCipherSuites ()

Returns

public abstract String[] getEnabledProtocols ()

Returns

public abstract SSLEngineResult.HandshakeStatus getHandshakeStatus ()

Returns

public abstract boolean getNeedClientAuth ()

Returns

public String getPeerHost ()

Returns

public int getPeerPort ()

Returns

public SSLParameters getSSLParameters ()

public abstract SSLSession getSession ()

Returns

public abstract String[] getSupportedCipherSuites ()

Returns

public abstract String[] getSupportedProtocols ()

Returns

public abstract boolean getUseClientMode ()

Returns

public abstract boolean getWantClientAuth ()

Returns

public abstract boolean isInboundDone ()

Returns

public abstract boolean isOutboundDone ()

Returns

public abstract void setEnableSessionCreation (boolean flag)

Parameters

public abstract void setEnabledCipherSuites (String[] suites)

Parameters

Throws

public abstract void setEnabledProtocols (String[] protocols)

Parameters

Throws

public abstract void setNeedClientAuth (boolean need)

Parameters

public void setSSLParameters (SSLParameters p)

public abstract void setUseClientMode (boolean mode)

Parameters

Throws

public abstract void setWantClientAuth (boolean want)

Parameters

public SSLEngineResult unwrap (ByteBuffer src, ByteBuffer dst)

Parameters

Returns

Throws

public abstract SSLEngineResult unwrap (ByteBuffer src, ByteBuffer[] dsts, int offset, int length)

Parameters

Returns

Throws

public SSLEngineResult unwrap (ByteBuffer src, ByteBuffer[] dsts)

Parameters

Returns

Throws