- java.lang.Object
-
- javax.net.ssl.SSLParameters
-
public class SSLParameters extends Object
Encapsulates parameters for an SSL/TLS connection. The parameters are the list of ciphersuites to be accepted in an SSL/TLS handshake, the list of protocols to be allowed, the endpoint identification algorithm during SSL/TLS handshaking, the algorithm constraints and whether SSL/TLS servers should request or require client authentication.SSLParameters can be created via the constructors in this class. Objects can also be obtained using the
getSSLParameters()
methods inSSLSocket
andSSLServerSocket
andSSLEngine
or thegetDefaultSSLParameters()
andgetSupportedSSLParameters()
methods inSSLContext
.SSLParameters can be applied to a connection via the methods
SSLSocket.setSSLParameters()
andSSLServerSocket.setSSLParameters()
andSSLEngine.getSSLParameters()
.- Since:
- 1.6
- See Also:
SSLSocket
,SSLEngine
,SSLContext
-
-
Constructor Summary
Constructors Constructor and Description SSLParameters()
Constructs SSLParameters.SSLParameters(String[] cipherSuites)
Constructs SSLParameters from the specified array of ciphersuites.SSLParameters(String[] cipherSuites, String[] protocols)
Constructs SSLParameters from the specified array of ciphersuites and protocols.
-
Method Summary
Methods Modifier and Type Method and Description AlgorithmConstraints
getAlgorithmConstraints()
Returns the cryptographic algorithm constraints.String[]
getCipherSuites()
Returns a copy of the array of ciphersuites or null if none have been set.String
getEndpointIdentificationAlgorithm()
Gets the endpoint identification algorithm.boolean
getNeedClientAuth()
Returns whether client authentication should be required.String[]
getProtocols()
Returns a copy of the array of protocols or null if none have been set.boolean
getWantClientAuth()
Returns whether client authentication should be requested.void
setAlgorithmConstraints(AlgorithmConstraints constraints)
Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment.void
setCipherSuites(String[] cipherSuites)
Sets the array of ciphersuites.void
setEndpointIdentificationAlgorithm(String algorithm)
Sets the endpoint identification algorithm.void
setNeedClientAuth(boolean needClientAuth)
Sets whether client authentication should be required.void
setProtocols(String[] protocols)
Sets the array of protocols.void
setWantClientAuth(boolean wantClientAuth)
Sets whether client authentication should be requested.
-
-
-
Constructor Detail
-
SSLParameters
public SSLParameters()
Constructs SSLParameters.The cipherSuites and protocols values are set to
null
, wantClientAuth and needClientAuth are set tofalse
.
-
SSLParameters
public SSLParameters(String[] cipherSuites)
Constructs SSLParameters from the specified array of ciphersuites.Calling this constructor is equivalent to calling the no-args constructor followed by
setCipherSuites(cipherSuites);
.- Parameters:
cipherSuites
- the array of ciphersuites (or null)
-
SSLParameters
public SSLParameters(String[] cipherSuites, String[] protocols)
Constructs SSLParameters from the specified array of ciphersuites and protocols.Calling this constructor is equivalent to calling the no-args constructor followed by
setCipherSuites(cipherSuites); setProtocols(protocols);
.- Parameters:
cipherSuites
- the array of ciphersuites (or null)protocols
- the array of protocols (or null)
-
-
Method Detail
-
getCipherSuites
public String[] getCipherSuites()
Returns a copy of the array of ciphersuites or null if none have been set.- Returns:
- a copy of the array of ciphersuites or null if none have been set.
-
setCipherSuites
public void setCipherSuites(String[] cipherSuites)
Sets the array of ciphersuites.- Parameters:
cipherSuites
- the array of ciphersuites (or null)
-
getProtocols
public String[] getProtocols()
Returns a copy of the array of protocols or null if none have been set.- Returns:
- a copy of the array of protocols or null if none have been set.
-
setProtocols
public void setProtocols(String[] protocols)
Sets the array of protocols.- Parameters:
protocols
- the array of protocols (or null)
-
getWantClientAuth
public boolean getWantClientAuth()
Returns whether client authentication should be requested.- Returns:
- whether client authentication should be requested.
-
setWantClientAuth
public void setWantClientAuth(boolean wantClientAuth)
Sets whether client authentication should be requested. Calling this method clears theneedClientAuth
flag.- Parameters:
wantClientAuth
- whether client authentication should be requested
-
getNeedClientAuth
public boolean getNeedClientAuth()
Returns whether client authentication should be required.- Returns:
- whether client authentication should be required.
-
setNeedClientAuth
public void setNeedClientAuth(boolean needClientAuth)
Sets whether client authentication should be required. Calling this method clears thewantClientAuth
flag.- Parameters:
needClientAuth
- whether client authentication should be required
-
getAlgorithmConstraints
public AlgorithmConstraints getAlgorithmConstraints()
Returns the cryptographic algorithm constraints.- Returns:
- the cryptographic algorithm constraints, or null if the constraints have not been set
- Since:
- 1.7
- See Also:
setAlgorithmConstraints(AlgorithmConstraints)
-
setAlgorithmConstraints
public void setAlgorithmConstraints(AlgorithmConstraints constraints)
Sets the cryptographic algorithm constraints, which will be used in addition to any configured by the runtime environment.If the
constraints
parameter is non-null, every cryptographic algorithm, key and algorithm parameters used in the SSL/TLS handshake must be permitted by the constraints.- Parameters:
constraints
- the algorithm constraints (or null)- Since:
- 1.7
-
getEndpointIdentificationAlgorithm
public String getEndpointIdentificationAlgorithm()
Gets the endpoint identification algorithm.- Returns:
- the endpoint identification algorithm, or null if none has been set.
- Since:
- 1.7
- See Also:
X509ExtendedTrustManager
,setEndpointIdentificationAlgorithm(String)
-
setEndpointIdentificationAlgorithm
public void setEndpointIdentificationAlgorithm(String algorithm)
Sets the endpoint identification algorithm.If the
algorithm
parameter is non-null or non-empty, the endpoint identification/verification procedures must be handled during SSL/TLS handshaking. This is to prevent man-in-the-middle attacks.- Parameters:
algorithm
- The standard string name of the endpoint identification algorithm (or null). See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names.- Since:
- 1.7
- See Also:
X509ExtendedTrustManager
-
-
Traduction non disponible
Les API Java ne sont pas encore traduites en français sur l'infobrol. Seule la version anglaise est disponible pour l'instant.
Version en cache
29/12/2024 20:13:00 Cette version de la page est en cache (à la date du 29/12/2024 20:13:00) afin d'accélérer le traitement. Vous pouvez activer le mode utilisateur dans le menu en haut pour afficher la dernère version de la page.Document créé le 11/06/2005, dernière modification le 04/03/2020
Source du document imprimé : https://www.gaudry.be/java-api-rf-javax/net/ssl/sslparameters.html
L'infobrol est un site personnel dont le contenu n'engage que moi. Le texte est mis à disposition sous licence CreativeCommons(BY-NC-SA). Plus d'info sur les conditions d'utilisation et sur l'auteur.
Références
Ces références et liens indiquent des documents consultés lors de la rédaction de cette page, ou qui peuvent apporter un complément d'information, mais les auteurs de ces sources ne peuvent être tenus responsables du contenu de cette page.
L'auteur de ce site est seul responsable de la manière dont sont présentés ici les différents concepts, et des libertés qui sont prises avec les ouvrages de référence. N'oubliez pas que vous devez croiser les informations de sources multiples afin de diminuer les risques d'erreurs.