SSLContext class.
All the abstract methods in this class must be implemented by each cryptographic service provider who wishes to supply the implementation of a particular SSL context.
- Since:
- 1.4
- See Also:
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected abstract SSLEngineCreates a newSSLEngineusing this context.protected abstract SSLEngineengineCreateSSLEngine(String host, int port) Creates aSSLEngineusing this context.protected abstract SSLSessionContextReturns a clientSSLSessionContextobject for this context.protected SSLParametersReturns a copy of the SSLParameters indicating the default settings for this SSL context.protected abstract SSLSessionContextReturns a serverSSLSessionContextobject for this context.protected abstract SSLServerSocketFactoryReturns aServerSocketFactoryobject for this context.protected abstract SSLSocketFactoryReturns aSocketFactoryobject for this context.protected SSLParametersReturns a copy of the SSLParameters indicating the maximum supported settings for this SSL context.protected abstract voidengineInit(KeyManager[] km, TrustManager[] tm, SecureRandom sr) Initializes this context.
-
Constructor Details
-
SSLContextSpi
public SSLContextSpi()Constructor for subclasses to call.
-
-
Method Details
-
engineInit
protected abstract void engineInit(KeyManager[] km, TrustManager[] tm, SecureRandom sr) throws KeyManagementException Initializes this context.- Parameters:
km- the sources of authentication keystm- the sources of peer authentication trust decisionssr- the source of randomness- Throws:
KeyManagementException- if this operation fails- See Also:
-
engineGetSocketFactory
Returns aSocketFactoryobject for this context.- Returns:
- the
SocketFactoryobject - Throws:
UnsupportedOperationException- if the underlying provider does not implement the operation.IllegalStateException- if the SSLContextImpl requires initialization and theengineInit()has not been called- See Also:
-
engineGetServerSocketFactory
Returns aServerSocketFactoryobject for this context.- Returns:
- the
ServerSocketFactoryobject - Throws:
UnsupportedOperationException- if the underlying provider does not implement the operation.IllegalStateException- if the SSLContextImpl requires initialization and theengineInit()has not been called- See Also:
-
engineCreateSSLEngine
Creates a newSSLEngineusing this context.Applications using this factory method are providing no hints for an internal session reuse strategy. If hints are desired,
engineCreateSSLEngine(String, int)should be used instead.Some cipher suites (such as Kerberos) require remote hostname information, in which case this factory method should not be used.
- Implementation Note:
- It is provider-specific if the returned SSLEngine uses client or
server mode by default for the (D)TLS connection. The JDK SunJSSE
provider implementation uses server mode by default. However, it
is recommended to always set the desired mode explicitly by calling
SSLEngine.setUseClientMode()before invoking other methods of the SSLEngine. - Returns:
- the
SSLEngineObject - Throws:
IllegalStateException- if the SSLContextImpl requires initialization and theengineInit()has not been called- Since:
- 1.5
- See Also:
-
engineCreateSSLEngine
Creates aSSLEngineusing this context.Applications using this factory method are providing hints for an internal session reuse strategy.
Some cipher suites (such as Kerberos) require remote hostname information, in which case peerHost needs to be specified.
- Implementation Note:
- It is provider-specific if the returned SSLEngine uses client or
server mode by default for the (D)TLS connection. The JDK SunJSSE
provider implementation uses server mode by default. However, it
is recommended to always set the desired mode explicitly by calling
SSLEngine.setUseClientMode()before invoking other methods of the SSLEngine. - Parameters:
host- the non-authoritative name of the hostport- the non-authoritative port- Returns:
- the
SSLEngineObject - Throws:
IllegalStateException- if the SSLContextImpl requires initialization and theengineInit()has not been called- Since:
- 1.5
- See Also:
-
engineGetServerSessionContext
Returns a serverSSLSessionContextobject for this context.- Returns:
- the
SSLSessionContextobject - See Also:
-
engineGetClientSessionContext
Returns a clientSSLSessionContextobject for this context.- Returns:
- the
SSLSessionContextobject - See Also:
-
engineGetDefaultSSLParameters
Returns a copy of the SSLParameters indicating the default settings for this SSL context.The parameters will always have the ciphersuite and protocols arrays set to non-null values.
The default implementation obtains the parameters from an SSLSocket created by calling the SocketFactory.createSocket() method of this context's SocketFactory.
- Returns:
- a copy of the SSLParameters object with the default settings
- Throws:
UnsupportedOperationException- if the default SSL parameters could not be obtained.- Since:
- 1.6
-
engineGetSupportedSSLParameters
Returns a copy of the SSLParameters indicating the maximum supported settings for this SSL context.The parameters will always have the ciphersuite and protocols arrays set to non-null values.
The default implementation obtains the parameters from an SSLSocket created by calling the SocketFactory.createSocket() method of this context's SocketFactory.
- Returns:
- a copy of the SSLParameters object with the maximum supported settings
- Throws:
UnsupportedOperationException- if the supported SSL parameters could not be obtained.- Since:
- 1.6
-