Package org.mozilla.jss.ssl.javax

Class JSSSocket

java.lang.Object

java.net.Socket

javax.net.ssl.SSLSocket

org.mozilla.jss.ssl.javax.JSSSocket

All Implemented Interfaces:

Closeable, AutoCloseable

public class JSSSocket
extends SSLSocket

SSL-enabled socket following the javax.net.ssl.SSLSocket interface. Most users will want to use the JSSSocketFactory provided by the Java Provider interface instead of using this class directly. This SSLSocket implementation is a wrapped implementation. In particular, we need to consume an existing Socket (via the consumeSocket(...) call) which we actually send data over. When called from a socket factory, this additional socket will be automatically created for the caller. This is necessary because SSLSocketFactory includes a mode which wraps an existing socket. All JSSSocket instances have a underlying SocketChannel, of type JSSSocketChannel. Notably lacking is a javax.net.ssl.SSLSocketChannel type, so JSSSocketChannel includes no additional SSL-specific options. However, the core of the SSLEngine wrapping logic exists there. In order to interoperate with JSSEngine, many of the adjacent methods have been included in this class as well. This socket can either be a client or a server, depending on how it was created. For more information, see the javax.net.ssl.SSLSocket documentation. To construct a (useful) new instance, the following calls must be made: - new JSSSocket(); - consumeSocket(inst); - initSSLEngine(...); - setKeyManagers(...); - setTrustManagers(...); Optionally, setSSLContext(...) could be called to provide the SSLContext from which the SSLEngine should be constructed. This should be called prior to initSSLEngine(...) being called.

Constructor Summary

Constructors

Constructor	Description
JSSSocket()	Start building a new JSSSocket.

Method Summary

Modifier and Type	Method	Description
void	addHandshakeCompletedListener(HandshakeCompletedListener callback)	Add a callback to fire on handshake completion.
void	bind(SocketAddress bindpoint)
void	close()
void	connect(SocketAddress endpoint)
void	connect(SocketAddress endpoint, int timeout)
void	consumeSocket(Socket parent)	Consume a parent socket, utilizing it for all read/write operations.
boolean	getAutoClose()	Get the autoClose status of this socket, that is, whether or not its parent socket will be automatically closed.
JSSSocketChannel	getChannel()	Get the underlying SocketChannel for this Socket.
String[]	getEnabledCipherSuites()	Get the set of enabled cipher suites for this SSLSocket.
String[]	getEnabledProtocols()	Get the set of enabled protocol versions for this SSLSocket.
boolean	getEnableSessionCreation()	Get whether or not this SSLSocket enables creation of new sessions.
JSSEngine	getEngine()	Get the underlying JSSEngine instance.
SSLSession	getHandshakeSession()	Get the initial session constructed during handshaking.
InetAddress	getInetAddress()
InputStream	getInputStream()	Get a copy of an input stream for this Socket.
protected JSSSocketChannel	getInternalChannel()	Helper to always return the channel for this socket, initializing it if it isn't yet created.
boolean	getKeepAlive()
Collection<? extends EventListener>	getListeners()	Gets the current list of event listeners this SSLSocket will fire on certain events.
InetAddress	getLocalAddress()
int	getLocalPort()
SocketAddress	getLocalSocketAddress()
boolean	getNeedClientAuth()	Get whether or not this SSLSocket needs client authentication.
boolean	getOOBInline()
<T> T	getOption(SocketOption<T> name)
OutputStream	getOutputStream()	Get a copy of an output stream for this Socket.
int	getPort()
int	getReceiveBufferSize()
SocketAddress	getRemoteSocketAddress()
boolean	getReuseAddress()
int	getSendBufferSize()
SSLSession	getSession()	Get the established session for this SSLSocket.
int	getSoLinger()
int	getSoTimeout()
protected SSLContext	getSSLContext()	Get the SSLContext if one exists or create a new instance.
JSSParameters	getSSLParameters()	Get the configuration of this SSLSocket as a JSSParameters object.
String[]	getSupportedCipherSuites()	Get the set of supported cipher suites for this SSLSocket.
String[]	getSupportedProtocols()	Get the set of supported protocol versions for this SSLSocket.
boolean	getTcpNoDelay()
int	getTrafficClass()
boolean	getUseClientMode()	Get whether or not this SSLSocket is handshaking as a client.
boolean	getWantClientAuth()	Get whether or not this SSLSocket wants client authentication.
void	initEngine()	Explicitly initialize the SSLEngine with no session resumption information.
void	initEngine(String host, int port)	Explicitly initialize the SSLEngine with information for session resumption, including peer's hostname and port.
boolean	isBound()
boolean	isClosed()
boolean	isConnected()
boolean	isInputShutdown()
boolean	isOutputShutdown()
protected void	notifyHandshakeCompletedListeners()	Internal helper to fire callbacks on handshake completion.
void	removeHandshakeCompletedListener(HandshakeCompletedListener callback)	Remove a callback from firing on handshake completion.
void	sendUrgentData(int data)
void	setAutoClose(boolean on)	Set the autoClose status of this socket, that is, whether or not its parent socket will be automatically closed.
void	setCertFromAlias(String alias)	Set the certificate this SSLSocket will utilize from an alias in the NSS DB.
void	setConsumedData(InputStream consumed)	Helper to inform this socket of data already consumed from the wrapped socket.
void	setEnabledCipherSuites(String[] suites)	Set the list of enabled cipher suites for this SSLSocket.
void	setEnabledProtocols(String[] protocols)	Set the list of enabled protocol versions for this SSLSocket.
void	setEnableSessionCreation(boolean enabled)	Set whether or not this SSLSocket enables creation of new sessions.
void	setHostname(String name)	Set the hostname this client socket is connecting to, for HTTPS TLS certificate validation purposes.
void	setKeepAlive(boolean on)
void	setKeyManager(X509KeyManager km)	Set the KeyManager this SSLSocket will utilize to select a key.
void	setKeyManagers(X509KeyManager[] xkms)	Set the key managers this SSLSocket will utilize to select a key.
void	setKeyMaterials(PK11Cert ourCert, PK11PrivKey ourKey)	Set the certificate this SSLSocket will utilize from a certificate and its matching private key.
void	setListeners(Collection<? extends EventListener> listeners)	Set the listeners this SSLSocket will fire on certain events.
void	setNeedClientAuth(boolean need)	Set whether or not this SSLSocket needs client authentication.
void	setOOBInline(boolean on)
<T> Socket	setOption(SocketOption<T> name, T value)
void	setPerformancePreferences(int connectionTime, int latency, int bandwidth)
void	setReceiveBufferSize(int size)
void	setReuseAddress(boolean on)
void	setSendBufferSize(int size)
void	setSoLinger(boolean on, int linger)
void	setSoTimeout(int timeout)
void	setSSLContext(SSLContext ctx)	Explicitly set the SSLContext utilized by this JSSSocket instance.
void	setSSLParameters(SSLParameters params)	Set the configuration of this SSLSocket from the given SSLParameters instance.
void	setTcpNoDelay(boolean on)
void	setTrafficClass(int tc)
void	setTrustManager(JSSTrustManager tm)	Set the trust manager this SSLSocket will utilize to validate a peer's certificate.
void	setTrustManagers(X509TrustManager[] xtms)	Set the trust managers this SSLSocket will utilize to validate a peer's certificate.
void	setUseClientMode(boolean client)	Set whether or not this SSLSocket is handshaking as a client.
void	setWantClientAuth(boolean want)	Set whether or not this SSLSocket wants client authentication.
void	shutdownInput()
void	shutdownOutput()
void	startHandshake()	Begin a handshake, blocking to completion; this will begin a new handshake when one has already been issued.
Set<SocketOption<?>>	supportedOptions()
String	toString()

Methods inherited from class javax.net.ssl.SSLSocket

getApplicationProtocol, getHandshakeApplicationProtocol, getHandshakeApplicationProtocolSelector, setHandshakeApplicationProtocolSelector

Methods inherited from class java.net.Socket

setSocketImplFactory

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Details

JSSSocket

public JSSSocket()

Start building a new JSSSocket. We specifically avoid creating any other constructors as we wish to consume an existing socket rather than creating a new one.

Method Details

consumeSocket

public void consumeSocket(Socket parent)
                   throws IOException

Consume a parent socket, utilizing it for all read/write operations. This JSSSocket instance will inherit all information about the connection from this underlying socket. When utilized in a JSSSocket, callers should refrain from interacting with the underlying socket directly until the TLS connection is closed. Otherwise, messages may get dropped.

Throws:

IOException

getSSLContext

protected SSLContext getSSLContext()
                            throws IOException

Get the SSLContext if one exists or create a new instance. This is used by initSSLEngine(..) to create the underlying SSLEngine.

Throws:

IOException

setSSLContext

public void setSSLContext(SSLContext ctx)

Explicitly set the SSLContext utilized by this JSSSocket instance. This enables JSSServerSocket to copy its SSLContext over to the accepted JSSSocket.

initEngine

public void initEngine()
                throws IOException

Explicitly initialize the SSLEngine with no session resumption information.

Throws:

IOException

initEngine

public void initEngine(String host,
 int port)
                throws IOException

Explicitly initialize the SSLEngine with information for session resumption, including peer's hostname and port.

Throws:

IOException

getEngine

public JSSEngine getEngine()

Get the underlying JSSEngine instance. Note that, just like accessing the underlying Socket instance while the JSSSocket instance is still open is dangerous, performing other TLS operations directly via JSSEngine is also dangerous. This is mostly exposed to enable advanced configuration of the JSSEngine that isn't otherwise allowed by JSSSocket, and to facilitate the accept() method on JSSServerSocket.

getChannel

public JSSSocketChannel getChannel()

Get the underlying SocketChannel for this Socket.

Overrides:

getChannel in class Socket

See Also:

• Socket.getChannel()

getInternalChannel

protected JSSSocketChannel getInternalChannel()

Helper to always return the channel for this socket, initializing it if it isn't yet created.

getInputStream

public InputStream getInputStream()
                           throws IOException

Get a copy of an input stream for this Socket.

Overrides:

getInputStream in class Socket

Throws:

IOException

See Also:

• Socket.getInputStream()

getOutputStream

public OutputStream getOutputStream()
                             throws IOException

Get a copy of an output stream for this Socket.

Overrides:

getOutputStream in class Socket

Throws:

IOException

See Also:

• Socket.getOutputStream()

setConsumedData

public void setConsumedData(InputStream consumed)

Helper to inform this socket of data already consumed from the wrapped socket. This is provided to facilitate a SSLSocketFactory call which allows construction of SSLSocket instances from a non-SSL ServerSocket, allowing the application to check SNI information directly.

getAutoClose

public boolean getAutoClose()

Get the autoClose status of this socket, that is, whether or not its parent socket will be automatically closed.

setAutoClose

public void setAutoClose(boolean on)

Set the autoClose status of this socket, that is, whether or not its parent socket will be automatically closed.

setHostname

public void setHostname(String name)

Set the hostname this client socket is connecting to, for HTTPS TLS certificate validation purposes.

See Also:

• JSSEngine.setHostname(String)

setCertFromAlias

public void setCertFromAlias(String alias)
                      throws IllegalArgumentException

Set the certificate this SSLSocket will utilize from an alias in the NSS DB.

Throws:

IllegalArgumentException

See Also:

• JSSEngine.setCertFromAlias(String)

setKeyMaterials

public void setKeyMaterials(PK11Cert ourCert,
 PK11PrivKey ourKey)
                     throws IllegalArgumentException

Set the certificate this SSLSocket will utilize from a certificate and its matching private key.

Throws:

IllegalArgumentException

See Also:

• JSSEngine.setKeyMaterials(PK11Cert, PK11PrivKey)

setKeyManager

public void setKeyManager(X509KeyManager km)

Set the KeyManager this SSLSocket will utilize to select a key.

See Also:

• JSSEngine.setKeyManager(X509KeyManager)

setKeyManagers

public void setKeyManagers(X509KeyManager[] xkms)

Set the key managers this SSLSocket will utilize to select a key.

See Also:

• JSSEngine.setKeyManagers(X509KeyManager[])

setTrustManager

public void setTrustManager(JSSTrustManager tm)

Set the trust manager this SSLSocket will utilize to validate a peer's certificate.

See Also:

• JSSEngine.setTrustManager(JSSTrustManager)

setTrustManagers

public void setTrustManagers(X509TrustManager[] xtms)

Set the trust managers this SSLSocket will utilize to validate a peer's certificate.

See Also:

• JSSEngine.setTrustManagers(X509TrustManager[])

setListeners

public void setListeners(Collection<? extends EventListener> listeners)

Set the listeners this SSLSocket will fire on certain events.

See Also:

• JSSEngine.setListeners(Collection)

getListeners

public Collection<? extends EventListener> getListeners()

Gets the current list of event listeners this SSLSocket will fire on certain events.

See Also:

• JSSEngine.getListeners()

startHandshake

public void startHandshake()
                    throws IOException

Begin a handshake, blocking to completion; this will begin a new handshake when one has already been issued.

Specified by:

startHandshake in class SSLSocket

Throws:

IOException

See Also:

• SSLEngine.beginHandshake()
• SSLSocket.startHandshake()

addHandshakeCompletedListener

public void addHandshakeCompletedListener(HandshakeCompletedListener callback)
                                   throws IllegalArgumentException

Add a callback to fire on handshake completion.

Specified by:

addHandshakeCompletedListener in class SSLSocket

Throws:

IllegalArgumentException

See Also:

• SSLSocket.addHandshakeCompletedListener(HandshakeCompletedListener)

notifyHandshakeCompletedListeners

protected void notifyHandshakeCompletedListeners()

Internal helper to fire callbacks on handshake completion.

removeHandshakeCompletedListener

public void removeHandshakeCompletedListener(HandshakeCompletedListener callback)
                                      throws IllegalArgumentException

Remove a callback from firing on handshake completion.

Specified by:

removeHandshakeCompletedListener in class SSLSocket

Throws:

IllegalArgumentException

See Also:

• SSLSocket.removeHandshakeCompletedListener(HandshakeCompletedListener)

getEnabledCipherSuites

public String[] getEnabledCipherSuites()

Get the set of enabled cipher suites for this SSLSocket.

Specified by:

getEnabledCipherSuites in class SSLSocket

See Also:

• JSSEngine.getEnabledCipherSuites()
• SSLSocket.getEnabledCipherSuites()

getSupportedCipherSuites

public String[] getSupportedCipherSuites()

Get the set of supported cipher suites for this SSLSocket.

Specified by:

getSupportedCipherSuites in class SSLSocket

See Also:

• JSSEngine.getSupportedCipherSuites()
• SSLSocket.getSupportedCipherSuites()

setEnabledCipherSuites

public void setEnabledCipherSuites(String[] suites)

Set the list of enabled cipher suites for this SSLSocket.

Specified by:

setEnabledCipherSuites in class SSLSocket

See Also:

• JSSEngine.setEnabledCipherSuites(String[])
• SSLSocket.setEnabledCipherSuites(String[])

getEnabledProtocols

public String[] getEnabledProtocols()

Get the set of enabled protocol versions for this SSLSocket.

Specified by:

getEnabledProtocols in class SSLSocket

See Also:

• JSSEngine.getEnabledProtocols()
• SSLSocket.getEnabledProtocols()

getSupportedProtocols

public String[] getSupportedProtocols()

Get the set of supported protocol versions for this SSLSocket.

Specified by:

getSupportedProtocols in class SSLSocket

See Also:

• JSSEngine.getSupportedProtocols()
• SSLSocket.getSupportedProtocols()

setEnabledProtocols

public void setEnabledProtocols(String[] protocols)

Set the list of enabled protocol versions for this SSLSocket.

Specified by:

setEnabledProtocols in class SSLSocket

See Also:

• JSSEngine.setEnabledProtocols(String[])
• SSLSocket.setEnabledProtocols(String[])

getEnableSessionCreation

public boolean getEnableSessionCreation()

Get whether or not this SSLSocket enables creation of new sessions.

Specified by:

getEnableSessionCreation in class SSLSocket

See Also:

• JSSEngine.getEnableSessionCreation()
• SSLSocket.getEnableSessionCreation()

setEnableSessionCreation

public void setEnableSessionCreation(boolean enabled)

Set whether or not this SSLSocket enables creation of new sessions.

Specified by:

setEnableSessionCreation in class SSLSocket

See Also:

• JSSEngine.setEnableSessionCreation(boolean)
• SSLSocket.setEnableSessionCreation(boolean)

getHandshakeSession

public SSLSession getHandshakeSession()

Get the initial session constructed during handshaking.

Overrides:

getHandshakeSession in class SSLSocket

See Also:

• SSLEngine.getHandshakeSession()
• SSLSocket.getHandshakeSession()

getSession

public SSLSession getSession()

Get the established session for this SSLSocket.

Specified by:

getSession in class SSLSocket

See Also:

• JSSEngine.getSession()
• SSLSocket.getSession()

getUseClientMode

public boolean getUseClientMode()

Get whether or not this SSLSocket is handshaking as a client.

Specified by:

getUseClientMode in class SSLSocket

See Also:

• JSSEngine.getUseClientMode()
• SSLSocket.getUseClientMode()

setUseClientMode

public void setUseClientMode(boolean client)

Set whether or not this SSLSocket is handshaking as a client.

Specified by:

setUseClientMode in class SSLSocket

See Also:

• JSSEngine.setUseClientMode(boolean)
• SSLSocket.setUseClientMode(boolean)

getWantClientAuth

public boolean getWantClientAuth()

Get whether or not this SSLSocket wants client authentication.

Specified by:

getWantClientAuth in class SSLSocket

See Also:

• JSSEngine.getWantClientAuth()
• SSLSocket.getWantClientAuth()

setWantClientAuth

public void setWantClientAuth(boolean want)

Set whether or not this SSLSocket wants client authentication.

Specified by:

setWantClientAuth in class SSLSocket

See Also:

• JSSEngine.setWantClientAuth(boolean)
• SSLSocket.setWantClientAuth(boolean)

getNeedClientAuth

public boolean getNeedClientAuth()

Get whether or not this SSLSocket needs client authentication.

Specified by:

getNeedClientAuth in class SSLSocket

See Also:

• JSSEngine.getNeedClientAuth()
• SSLSocket.getNeedClientAuth()

setNeedClientAuth

public void setNeedClientAuth(boolean need)

Set whether or not this SSLSocket needs client authentication.

Specified by:

setNeedClientAuth in class SSLSocket

See Also:

• JSSEngine.setNeedClientAuth(boolean)
• SSLSocket.setNeedClientAuth(boolean)

getSSLParameters

public JSSParameters getSSLParameters()

Get the configuration of this SSLSocket as a JSSParameters object.

Overrides:

getSSLParameters in class SSLSocket

See Also:

• JSSEngine.getSSLParameters()
• SSLSocket.getSSLParameters()

setSSLParameters

public void setSSLParameters(SSLParameters params)

Set the configuration of this SSLSocket from the given SSLParameters instance.

Overrides:

setSSLParameters in class SSLSocket

See Also:

• JSSEngine.setSSLParameters(SSLParameters)
• SSLSocket.setSSLParameters(SSLParameters)

connect

public void connect(SocketAddress endpoint)
             throws IOException

Overrides:

connect in class Socket

Throws:

IOException

connect

public void connect(SocketAddress endpoint,
 int timeout)
             throws IOException

Overrides:

connect in class Socket

Throws:

IOException

bind

public void bind(SocketAddress bindpoint)
          throws IOException

Overrides:

bind in class Socket

Throws:

IOException

close

public void close()
           throws IOException

Specified by:

close in interface AutoCloseable

Specified by:

close in interface Closeable

Overrides:

close in class Socket

Throws:

IOException

shutdownInput

public void shutdownInput()
                   throws IOException

Overrides:

shutdownInput in class Socket

Throws:

IOException

shutdownOutput

public void shutdownOutput()
                    throws IOException

Overrides:

shutdownOutput in class Socket

Throws:

IOException

getInetAddress

public InetAddress getInetAddress()

Overrides:

getInetAddress in class Socket

getLocalAddress

public InetAddress getLocalAddress()

Overrides:

getLocalAddress in class Socket

getPort

public int getPort()

Overrides:

getPort in class Socket

getLocalPort

public int getLocalPort()

Overrides:

getLocalPort in class Socket

getLocalSocketAddress

public SocketAddress getLocalSocketAddress()

Overrides:

getLocalSocketAddress in class Socket

getRemoteSocketAddress

public SocketAddress getRemoteSocketAddress()

Overrides:

getRemoteSocketAddress in class Socket

getTcpNoDelay

public boolean getTcpNoDelay()
                      throws SocketException

Overrides:

getTcpNoDelay in class Socket

Throws:

SocketException

setTcpNoDelay

public void setTcpNoDelay(boolean on)
                   throws SocketException

Overrides:

setTcpNoDelay in class Socket

Throws:

SocketException

getSoLinger

public int getSoLinger()
                throws SocketException

Overrides:

getSoLinger in class Socket

Throws:

SocketException

setSoLinger

public void setSoLinger(boolean on,
 int linger)
                 throws SocketException

Overrides:

setSoLinger in class Socket

Throws:

SocketException

getSoTimeout

public int getSoTimeout()
                 throws SocketException

Overrides:

getSoTimeout in class Socket

Throws:

SocketException

setSoTimeout

public void setSoTimeout(int timeout)
                  throws SocketException

Overrides:

setSoTimeout in class Socket

Throws:

SocketException

getOOBInline

public boolean getOOBInline()
                     throws SocketException

Overrides:

getOOBInline in class Socket

Throws:

SocketException

setOOBInline

public void setOOBInline(boolean on)
                  throws SocketException

Overrides:

setOOBInline in class Socket

Throws:

SocketException

sendUrgentData

public void sendUrgentData(int data)
                    throws IOException

Overrides:

sendUrgentData in class Socket

Throws:

IOException

getSendBufferSize

public int getSendBufferSize()
                      throws SocketException

Overrides:

getSendBufferSize in class Socket

Throws:

SocketException

setSendBufferSize

public void setSendBufferSize(int size)
                       throws SocketException

Overrides:

setSendBufferSize in class Socket

Throws:

SocketException

getReceiveBufferSize

public int getReceiveBufferSize()
                         throws SocketException

Overrides:

getReceiveBufferSize in class Socket

Throws:

SocketException

setReceiveBufferSize

public void setReceiveBufferSize(int size)
                          throws SocketException

Overrides:

setReceiveBufferSize in class Socket

Throws:

SocketException

getKeepAlive

public boolean getKeepAlive()
                     throws SocketException

Overrides:

getKeepAlive in class Socket

Throws:

SocketException

setKeepAlive

public void setKeepAlive(boolean on)
                  throws SocketException

Overrides:

setKeepAlive in class Socket

Throws:

SocketException

getTrafficClass

public int getTrafficClass()
                    throws SocketException

Overrides:

getTrafficClass in class Socket

Throws:

SocketException

setTrafficClass

public void setTrafficClass(int tc)
                     throws SocketException

Overrides:

setTrafficClass in class Socket

Throws:

SocketException

getReuseAddress

public boolean getReuseAddress()
                        throws SocketException

Overrides:

getReuseAddress in class Socket

Throws:

SocketException

setReuseAddress

public void setReuseAddress(boolean on)
                     throws SocketException

Overrides:

setReuseAddress in class Socket

Throws:

SocketException

isConnected

public boolean isConnected()

Overrides:

isConnected in class Socket

isBound

public boolean isBound()

Overrides:

isBound in class Socket

isClosed

public boolean isClosed()

Overrides:

isClosed in class Socket

isInputShutdown

public boolean isInputShutdown()

Overrides:

isInputShutdown in class Socket

isOutputShutdown

public boolean isOutputShutdown()

Overrides:

isOutputShutdown in class Socket

setPerformancePreferences

public void setPerformancePreferences(int connectionTime,
 int latency,
 int bandwidth)

Overrides:

setPerformancePreferences in class Socket

toString

public String toString()

Overrides:

toString in class Socket

setOption

public <T> Socket setOption(SocketOption<T> name,
 T value)
                     throws IOException

Overrides:

setOption in class Socket

Throws:

IOException

getOption

public <T> T getOption(SocketOption<T> name)
                throws IOException

Overrides:

getOption in class Socket

Throws:

IOException

supportedOptions

public Set<SocketOption<?>> supportedOptions()

Overrides:

supportedOptions in class Socket