Package org.mozilla.jss.ssl.javax
Class JSSServerSocket
- java.lang.Object
-
- java.net.ServerSocket
-
- javax.net.ssl.SSLServerSocket
-
- org.mozilla.jss.ssl.javax.JSSServerSocket
-
- All Implemented Interfaces:
java.io.Closeable
,java.lang.AutoCloseable
public class JSSServerSocket extends javax.net.ssl.SSLServerSocket
SSL-enabled server socket following the javax.net.ssl.SSLServerSocket interface. Most users will want to use the JSSServerSocketFactory provided by the Java Provider interface instead of using this class directly. This SSLSocket implementation is a wrapped implementation. In particular, we need to consume an existing ServerSocket (via the consumeSocket(...) call) which we actually use for the accept() call. When called from a socket factory, this additional socket will be automatically created for the caller. All JSSServerSocket instances have a underlying ServerSocketChannel, of type JSSServerSocketChannel. Notably lacking from javax.net.ssl is a javax.net.ssl.SSLServerSocketChannel interface, so JSSSocketChannel includes no additional SSL-specific options. This purely exists to facilitate creating JSSSocket instances. In order to interoperate with JSSEngine, many of the adjacent methods have been included in this class as well. This results in any accepted sockets cloning its configuration. To construct a (useful) new instance, the following calls must be made: - new JSSServerSocket(); - consumeSocket(inst); - initSSLEngine(...); - setKeyManagers(...); - setTrustManagers(...); Optionally, setSSLContext(...) could be called to provide the SSLContext from which the SSLEngine should be constructed. This should be called prior to initSSLEngine(...) being called.
-
-
Constructor Summary
Constructors Constructor Description JSSServerSocket()
Start building a new JSSServerSocket.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description JSSSocket
accept()
protected JSSSocket
acceptSocket(java.net.Socket child)
Helper to upgrade a Socket into a JSSSocket.void
bind(java.net.SocketAddress endpoint)
void
bind(java.net.SocketAddress endpoint, int backlog)
void
close()
void
consumeSocket(java.net.ServerSocket parent)
Consume a parent socket, utilizing it for all accept operations.JSSServerSocketChannel
getChannel()
Get the underlying ServerSocketChannel for this Socket.java.lang.String[]
getEnabledCipherSuites()
Get the set of enabled cipher suites for this SSLSocket.java.lang.String[]
getEnabledProtocols()
Get the set of enabled protocol versions for this SSLSocket.boolean
getEnableSessionCreation()
Get whether or not this SSLSocket enables creation of new sessions.JSSEngine
getEngine()
Get the underlying JSSEngine instance.java.net.InetAddress
getInetAddress()
protected JSSServerSocketChannel
getInternalChannel()
Get the internal ServerSocketChannel for this Socket.java.util.Collection<? extends java.util.EventListener>
getListeners()
Gets the current list of event listeners this SSLSocket will fire on certain events.int
getLocalPort()
java.net.SocketAddress
getLocalSocketAddress()
boolean
getNeedClientAuth()
Get whether or not this SSLSocket needs client authentication.<T> T
getOption(java.net.SocketOption<T> name)
int
getReceiveBufferSize()
boolean
getReuseAddress()
int
getSoTimeout()
protected javax.net.ssl.SSLContext
getSSLContext()
Get the SSLContext if one exists or create a new instance.JSSParameters
getSSLParameters()
Get the configuration of this SSLSocket as a JSSParameters object.java.lang.String[]
getSupportedCipherSuites()
Get the set of supported cipher suites for this SSLSocket.java.lang.String[]
getSupportedProtocols()
Get the set of supported protocol versions for this SSLSocket.boolean
getUseClientMode()
Get whether or not this SSLSocket is handshaking as a client.boolean
getWantClientAuth()
Get whether or not this SSLSocket wants client authentication.void
initEngine()
Explicitly initialize the SSLEngine with no session resumption information.void
initEngine(java.lang.String host, int port)
Explicitly initialize the SSLEngine with information for session resumption, including peer's hostname and port.boolean
isBound()
boolean
isClosed()
void
setCertFromAlias(java.lang.String alias)
Set the certificate this SSLSocket will utilize from an alias in the NSS DB.void
setEnabledCipherSuites(java.lang.String[] suites)
Set the list of enabled cipher suites for this SSLSocket.void
setEnabledProtocols(java.lang.String[] protocols)
Set the list of enabled protocol versions for this SSLSocket.void
setEnableSessionCreation(boolean enabled)
Set whether or not this SSLSocket enables creation of new sessions.void
setHostname(java.lang.String name)
Set the hostname this client socket is connecting to, for HTTPS TLS certificate validation purposes.void
setKeyManager(javax.net.ssl.X509KeyManager km)
Set the KeyManager this SSLSocket will utilize to select a key.void
setKeyManagers(javax.net.ssl.X509KeyManager[] xkms)
Set the key managers this SSLSocket will utilize to select a key.void
setKeyMaterials(PK11Cert our_cert, PK11PrivKey our_key)
Set the certificate this SSLSocket will utilize from a certificate and its matching private key.void
setListeners(java.util.Collection<? extends java.util.EventListener> listeners)
Set the listeners this SSLSocket will fire on certain events.void
setNeedClientAuth(boolean need)
Set whether or not this SSLSocket needs client authentication.<T> java.net.ServerSocket
setOption(java.net.SocketOption<T> name, T value)
void
setPerformancePreferences(int connectionTime, int latency, int bandwidth)
void
setReceiveBufferSize(int size)
void
setReuseAddress(boolean on)
void
setSoTimeout(int timeout)
void
setSSLContext(javax.net.ssl.SSLContext ctx)
Explicitly set the SSLContext utilized by this JSSSocket instance.void
setSSLParameters(javax.net.ssl.SSLParameters params)
Set the configuration of this SSLSocket from the given SSLParameters instance.void
setTrustManager(JSSTrustManager tm)
Set the trust manager this SSLSocket will utilize to validate a peer's certificate.void
setTrustManagers(javax.net.ssl.X509TrustManager[] xtms)
Set the trust managers this SSLSocket will utilize to validate a peer's certificate.void
setUseClientMode(boolean client)
Set whether or not this SSLSocket is handshaking as a client.void
setWantClientAuth(boolean want)
Set whether or not this SSLSocket wants client authentication.java.util.Set<java.net.SocketOption<?>>
supportedOptions()
java.lang.String
toString()
-
-
-
Method Detail
-
consumeSocket
public void consumeSocket(java.net.ServerSocket parent)
Consume a parent socket, utilizing it for all accept operations. This JSSServerSocket instance will inherit all information about the connection from this underlying socket. When utilized in a JSSServerSocket, callers should refrain from interacting with the underlying socket unless selective protocol upgrade should occur. In that case, it may be more appropriate to use the JSSSocketFactory method that creates server JSSSocket instances.
-
getSSLContext
protected javax.net.ssl.SSLContext getSSLContext() throws java.io.IOException
Get the SSLContext if one exists or create a new instance. This is used by initSSLEngine(..) to create the underlying SSLEngine.- Throws:
java.io.IOException
-
setSSLContext
public void setSSLContext(javax.net.ssl.SSLContext ctx) throws java.io.IOException
Explicitly set the SSLContext utilized by this JSSSocket instance. This enables JSSServerSocket to copy its SSLContext over to the accepted JSSSocket.- Throws:
java.io.IOException
-
initEngine
public void initEngine() throws java.io.IOException
Explicitly initialize the SSLEngine with no session resumption information.- Throws:
java.io.IOException
-
initEngine
public void initEngine(java.lang.String host, int port) throws java.io.IOException
Explicitly initialize the SSLEngine with information for session resumption, including peer's hostname and port.- Throws:
java.io.IOException
-
getEngine
public JSSEngine getEngine()
Get the underlying JSSEngine instance. Note that, just like accessing the underlying Socket instance while the JSSSocket instance is still open is dangerous, performing other TLS operations directly via JSSEngine is also dangerous. This is mostly exposed to enable advanced configuration of the JSSEngine that isn't otherwise allowed by JSSSocket, and to facilitate the accept() method on JSSServerSocket.
-
getChannel
public JSSServerSocketChannel getChannel()
Get the underlying ServerSocketChannel for this Socket.- Overrides:
getChannel
in classjava.net.ServerSocket
- See Also:
ServerSocket.getChannel()
-
getInternalChannel
protected JSSServerSocketChannel getInternalChannel()
Get the internal ServerSocketChannel for this Socket.
-
acceptSocket
protected JSSSocket acceptSocket(java.net.Socket child) throws java.io.IOException
Helper to upgrade a Socket into a JSSSocket. Called from accept in JSSServerSocket and JSSServerSocketChannel.- Throws:
java.io.IOException
-
setHostname
public void setHostname(java.lang.String name)
Set the hostname this client socket is connecting to, for HTTPS TLS certificate validation purposes.- See Also:
JSSEngine.setHostname(String)
-
setCertFromAlias
public void setCertFromAlias(java.lang.String alias) throws java.lang.IllegalArgumentException
Set the certificate this SSLSocket will utilize from an alias in the NSS DB.- Throws:
java.lang.IllegalArgumentException
- See Also:
JSSEngine.setCertFromAlias(String)
-
setKeyMaterials
public void setKeyMaterials(PK11Cert our_cert, PK11PrivKey our_key) throws java.lang.IllegalArgumentException
Set the certificate this SSLSocket will utilize from a certificate and its matching private key.- Throws:
java.lang.IllegalArgumentException
- See Also:
JSSEngine.setKeyMaterials(PK11Cert, PK11PrivKey)
-
setKeyManager
public void setKeyManager(javax.net.ssl.X509KeyManager km)
Set the KeyManager this SSLSocket will utilize to select a key.- See Also:
JSSEngine.setKeyManager(X509KeyManager)
-
setKeyManagers
public void setKeyManagers(javax.net.ssl.X509KeyManager[] xkms)
Set the key managers this SSLSocket will utilize to select a key.
-
setTrustManager
public void setTrustManager(JSSTrustManager tm)
Set the trust manager this SSLSocket will utilize to validate a peer's certificate.
-
setTrustManagers
public void setTrustManagers(javax.net.ssl.X509TrustManager[] xtms)
Set the trust managers this SSLSocket will utilize to validate a peer's certificate.
-
setListeners
public void setListeners(java.util.Collection<? extends java.util.EventListener> listeners)
Set the listeners this SSLSocket will fire on certain events.- See Also:
JSSEngine.setListeners(Collection)
-
getListeners
public java.util.Collection<? extends java.util.EventListener> getListeners()
Gets the current list of event listeners this SSLSocket will fire on certain events.- See Also:
JSSEngine.getListeners()
-
getEnabledCipherSuites
public java.lang.String[] getEnabledCipherSuites()
Get the set of enabled cipher suites for this SSLSocket.- Specified by:
getEnabledCipherSuites
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.getEnabledCipherSuites()
,SSLSocket.getEnabledCipherSuites()
-
getSupportedCipherSuites
public java.lang.String[] getSupportedCipherSuites()
Get the set of supported cipher suites for this SSLSocket.- Specified by:
getSupportedCipherSuites
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.getSupportedCipherSuites()
,SSLSocket.getSupportedCipherSuites()
-
setEnabledCipherSuites
public void setEnabledCipherSuites(java.lang.String[] suites)
Set the list of enabled cipher suites for this SSLSocket.- Specified by:
setEnabledCipherSuites
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.setEnabledCipherSuites(String[])
,SSLSocket.setEnabledCipherSuites(String[])
-
getEnabledProtocols
public java.lang.String[] getEnabledProtocols()
Get the set of enabled protocol versions for this SSLSocket.- Specified by:
getEnabledProtocols
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.getEnabledProtocols()
,SSLSocket.getEnabledProtocols()
-
getSupportedProtocols
public java.lang.String[] getSupportedProtocols()
Get the set of supported protocol versions for this SSLSocket.- Specified by:
getSupportedProtocols
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.getSupportedProtocols()
,SSLSocket.getSupportedProtocols()
-
setEnabledProtocols
public void setEnabledProtocols(java.lang.String[] protocols)
Set the list of enabled protocol versions for this SSLSocket.- Specified by:
setEnabledProtocols
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.setEnabledProtocols(String[])
,SSLSocket.setEnabledProtocols(String[])
-
getEnableSessionCreation
public boolean getEnableSessionCreation()
Get whether or not this SSLSocket enables creation of new sessions.- Specified by:
getEnableSessionCreation
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.getEnableSessionCreation()
,SSLSocket.getEnableSessionCreation()
-
setEnableSessionCreation
public void setEnableSessionCreation(boolean enabled)
Set whether or not this SSLSocket enables creation of new sessions.- Specified by:
setEnableSessionCreation
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.setEnableSessionCreation(boolean)
,SSLSocket.setEnableSessionCreation(boolean)
-
getUseClientMode
public boolean getUseClientMode()
Get whether or not this SSLSocket is handshaking as a client.- Specified by:
getUseClientMode
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.getUseClientMode()
,SSLSocket.getUseClientMode()
-
setUseClientMode
public void setUseClientMode(boolean client)
Set whether or not this SSLSocket is handshaking as a client.- Specified by:
setUseClientMode
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.setUseClientMode(boolean)
,SSLSocket.setUseClientMode(boolean)
-
getWantClientAuth
public boolean getWantClientAuth()
Get whether or not this SSLSocket wants client authentication.- Specified by:
getWantClientAuth
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.getWantClientAuth()
,SSLSocket.getWantClientAuth()
-
setWantClientAuth
public void setWantClientAuth(boolean want)
Set whether or not this SSLSocket wants client authentication.- Specified by:
setWantClientAuth
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.setWantClientAuth(boolean)
,SSLSocket.setWantClientAuth(boolean)
-
getNeedClientAuth
public boolean getNeedClientAuth()
Get whether or not this SSLSocket needs client authentication.- Specified by:
getNeedClientAuth
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.getNeedClientAuth()
,SSLSocket.getNeedClientAuth()
-
setNeedClientAuth
public void setNeedClientAuth(boolean need)
Set whether or not this SSLSocket needs client authentication.- Specified by:
setNeedClientAuth
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.setNeedClientAuth(boolean)
,SSLSocket.setNeedClientAuth(boolean)
-
getSSLParameters
public JSSParameters getSSLParameters()
Get the configuration of this SSLSocket as a JSSParameters object.- Overrides:
getSSLParameters
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.getSSLParameters()
,SSLSocket.getSSLParameters()
-
setSSLParameters
public void setSSLParameters(javax.net.ssl.SSLParameters params)
Set the configuration of this SSLSocket from the given SSLParameters instance.- Overrides:
setSSLParameters
in classjavax.net.ssl.SSLServerSocket
- See Also:
JSSEngine.setSSLParameters(SSLParameters)
,SSLSocket.setSSLParameters(SSLParameters)
-
accept
public JSSSocket accept() throws java.io.IOException
- Overrides:
accept
in classjava.net.ServerSocket
- Throws:
java.io.IOException
-
bind
public void bind(java.net.SocketAddress endpoint) throws java.io.IOException
- Overrides:
bind
in classjava.net.ServerSocket
- Throws:
java.io.IOException
-
bind
public void bind(java.net.SocketAddress endpoint, int backlog) throws java.io.IOException
- Overrides:
bind
in classjava.net.ServerSocket
- Throws:
java.io.IOException
-
close
public void close() throws java.io.IOException
- Specified by:
close
in interfacejava.lang.AutoCloseable
- Specified by:
close
in interfacejava.io.Closeable
- Overrides:
close
in classjava.net.ServerSocket
- Throws:
java.io.IOException
-
getInetAddress
public java.net.InetAddress getInetAddress()
- Overrides:
getInetAddress
in classjava.net.ServerSocket
-
getLocalPort
public int getLocalPort()
- Overrides:
getLocalPort
in classjava.net.ServerSocket
-
getLocalSocketAddress
public java.net.SocketAddress getLocalSocketAddress()
- Overrides:
getLocalSocketAddress
in classjava.net.ServerSocket
-
getSoTimeout
public int getSoTimeout() throws java.io.IOException
- Overrides:
getSoTimeout
in classjava.net.ServerSocket
- Throws:
java.io.IOException
-
setSoTimeout
public void setSoTimeout(int timeout) throws java.net.SocketException
- Overrides:
setSoTimeout
in classjava.net.ServerSocket
- Throws:
java.net.SocketException
-
getReuseAddress
public boolean getReuseAddress() throws java.net.SocketException
- Overrides:
getReuseAddress
in classjava.net.ServerSocket
- Throws:
java.net.SocketException
-
setReuseAddress
public void setReuseAddress(boolean on) throws java.net.SocketException
- Overrides:
setReuseAddress
in classjava.net.ServerSocket
- Throws:
java.net.SocketException
-
getReceiveBufferSize
public int getReceiveBufferSize() throws java.net.SocketException
- Overrides:
getReceiveBufferSize
in classjava.net.ServerSocket
- Throws:
java.net.SocketException
-
setReceiveBufferSize
public void setReceiveBufferSize(int size) throws java.net.SocketException
- Overrides:
setReceiveBufferSize
in classjava.net.ServerSocket
- Throws:
java.net.SocketException
-
setPerformancePreferences
public void setPerformancePreferences(int connectionTime, int latency, int bandwidth)
- Overrides:
setPerformancePreferences
in classjava.net.ServerSocket
-
isBound
public boolean isBound()
- Overrides:
isBound
in classjava.net.ServerSocket
-
isClosed
public boolean isClosed()
- Overrides:
isClosed
in classjava.net.ServerSocket
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.net.ServerSocket
-
setOption
public <T> java.net.ServerSocket setOption(java.net.SocketOption<T> name, T value) throws java.io.IOException
- Overrides:
setOption
in classjava.net.ServerSocket
- Throws:
java.io.IOException
-
getOption
public <T> T getOption(java.net.SocketOption<T> name) throws java.io.IOException
- Overrides:
getOption
in classjava.net.ServerSocket
- Throws:
java.io.IOException
-
supportedOptions
public java.util.Set<java.net.SocketOption<?>> supportedOptions()
- Overrides:
supportedOptions
in classjava.net.ServerSocket
-
-