ru.CryptoPro.ssl

Class SSLServerSocketImpl

java.lang.Object

java.net.ServerSocket

javax.net.ssl.SSLServerSocket

ru.CryptoPro.ssl.SSLServerSocketImpl

All Implemented Interfaces:

java.io.Closeable, java.lang.AutoCloseable

public final class SSLServerSocketImpl
extends javax.net.ssl.SSLServerSocket

This class provides a simple way for servers to support conventional use of the Secure Sockets Layer (SSL). Application code uses an SSLServerSocketImpl exactly like it uses a regular TCP ServerSocket; the difference is that the connections established are secured using SSL.

Also, the constructors take an explicit authentication context parameter, giving flexibility with respect to how the server socket authenticates itself. That policy flexibility is not exposed through the standard SSLServerSocketFactory API.

System security defaults prevent server sockets from accepting connections if they the authentication context has not been given a certificate chain and its matching private key. If the clients of your application support "anonymous" cipher suites, you may be able to configure a server socket to accept those suites.

See Also:

SSLSocketImpl, SSLServerSocketFactoryImpl

Method Summary

Modifier and Type	Method and Description
java.net.Socket	accept() Accept a new SSL connection.
java.lang.String[]	getEnabledCipherSuites() Returns the list of cipher suites which are currently enabled for use by newly accepted connections.
java.lang.String[]	getEnabledProtocols()
boolean	getEnableSessionCreation() Returns true if new connections may cause creation of new SSL sessions.
boolean	getNeedClientAuth()
javax.net.ssl.SSLParameters	getSSLParameters() Returns the SSLParameters in effect for newly accepted connections.
java.lang.String[]	getSupportedCipherSuites() Returns the names of the cipher suites which could be enabled for use on an SSL connection.
java.lang.String[]	getSupportedProtocols()
boolean	getUseClientMode()
boolean	getWantClientAuth()
void	setEnabledCipherSuites(java.lang.String[] suites) Controls which particular SSL cipher suites are enabled for use by accepted connections.
void	setEnabledProtocols(java.lang.String[] protocols) Controls which protocols are enabled for use.
void	setEnableSessionCreation(boolean flag) Controls whether new connections may cause creation of new SSL sessions.
void	setNeedClientAuth(boolean flag) Controls whether the connections which are accepted must include client authentication.
void	setSSLParameters(javax.net.ssl.SSLParameters params) Applies SSLParameters to newly accepted connections.
void	setUseClientMode(boolean flag) Makes the returned sockets act in SSL "client" mode, not the usual server mode.
void	setWantClientAuth(boolean flag) Controls whether the connections which are accepted should request client authentication.
java.lang.String	toString() Provides a brief description of this SSL socket.

Methods inherited from class java.net.ServerSocket

bind, bind, close, getChannel, getInetAddress, getLocalPort, getLocalSocketAddress, getReceiveBufferSize, getReuseAddress, getSoTimeout, isBound, isClosed, setPerformancePreferences, setReceiveBufferSize, setReuseAddress, setSocketFactory, setSoTimeout

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

Method Detail

getSupportedCipherSuites

public java.lang.String[] getSupportedCipherSuites()

Returns the names of the cipher suites which could be enabled for use on an SSL connection. Normally, only a subset of these will actually be enabled by default, since this list may include cipher suites which do not support the mutual authentication of servers and clients, or which do not protect data confidentiality. Servers may also need certain kinds of certificates to use certain cipher suites.

Specified by:

getSupportedCipherSuites in class javax.net.ssl.SSLServerSocket

Returns:

an array of cipher suite names

getEnabledCipherSuites

public java.lang.String[] getEnabledCipherSuites()

Returns the list of cipher suites which are currently enabled for use by newly accepted connections. A null return indicates that the system defaults are in effect.

Specified by:

getEnabledCipherSuites in class javax.net.ssl.SSLServerSocket

setEnabledCipherSuites

public void setEnabledCipherSuites(java.lang.String[] suites)

Controls which particular SSL cipher suites are enabled for use by accepted connections.

Specified by:

setEnabledCipherSuites in class javax.net.ssl.SSLServerSocket

Parameters:

suites - Names of all the cipher suites to enable; null means to accept system defaults.

getSupportedProtocols

public java.lang.String[] getSupportedProtocols()

Specified by:

getSupportedProtocols in class javax.net.ssl.SSLServerSocket

setEnabledProtocols

public void setEnabledProtocols(java.lang.String[] protocols)

Controls which protocols are enabled for use. The protocols must have been listed by getSupportedProtocols() as being supported.

Specified by:

setEnabledProtocols in class javax.net.ssl.SSLServerSocket

Parameters:

protocols - protocols to enable.

Throws:

java.lang.IllegalArgumentException - when one of the protocols named by the parameter is not supported.

getEnabledProtocols

public java.lang.String[] getEnabledProtocols()

Specified by:

getEnabledProtocols in class javax.net.ssl.SSLServerSocket

setNeedClientAuth

public void setNeedClientAuth(boolean flag)

Controls whether the connections which are accepted must include client authentication.

Specified by:

setNeedClientAuth in class javax.net.ssl.SSLServerSocket

getNeedClientAuth

public boolean getNeedClientAuth()

Specified by:

getNeedClientAuth in class javax.net.ssl.SSLServerSocket

setWantClientAuth

public void setWantClientAuth(boolean flag)

Controls whether the connections which are accepted should request client authentication.

Specified by:

setWantClientAuth in class javax.net.ssl.SSLServerSocket

getWantClientAuth

public boolean getWantClientAuth()

Specified by:

getWantClientAuth in class javax.net.ssl.SSLServerSocket

setUseClientMode

public void setUseClientMode(boolean flag)

Makes the returned sockets act in SSL "client" mode, not the usual server mode. The canonical example of why this is needed is for FTP clients, which accept connections from servers and should be rejoining the already-negotiated SSL connection.

Specified by:

setUseClientMode in class javax.net.ssl.SSLServerSocket

getUseClientMode

public boolean getUseClientMode()

Specified by:

getUseClientMode in class javax.net.ssl.SSLServerSocket

setEnableSessionCreation

public void setEnableSessionCreation(boolean flag)

Controls whether new connections may cause creation of new SSL sessions.

Specified by:

setEnableSessionCreation in class javax.net.ssl.SSLServerSocket

getEnableSessionCreation

public boolean getEnableSessionCreation()

Returns true if new connections may cause creation of new SSL sessions.

Specified by:

getEnableSessionCreation in class javax.net.ssl.SSLServerSocket

getSSLParameters

public javax.net.ssl.SSLParameters getSSLParameters()

Returns the SSLParameters in effect for newly accepted connections.

Overrides:

getSSLParameters in class javax.net.ssl.SSLServerSocket

setSSLParameters

public void setSSLParameters(javax.net.ssl.SSLParameters params)

Applies SSLParameters to newly accepted connections.

Overrides:

setSSLParameters in class javax.net.ssl.SSLServerSocket

accept

public java.net.Socket accept()
                       throws java.io.IOException

Accept a new SSL connection. This server identifies itself with information provided in the authentication context which was presented during construction.

Overrides:

accept in class java.net.ServerSocket

Throws:

java.io.IOException

toString

public java.lang.String toString()

Provides a brief description of this SSL socket.

Overrides:

toString in class java.net.ServerSocket