Class SSL


  • public class SSL
    extends java.lang.Object
    • Field Detail

      • REQUEST_CERTIFICATE

        public static final int REQUEST_CERTIFICATE
        Request certificate from the remote peer. Value for use with OptionGet and OptionSet. See also: SSL_REQUEST_CERTIFICATE in /usr/include/nss3/ssl.h
      • REQUIRE_CERTIFICATE

        public static final int REQUIRE_CERTIFICATE
        Require certificate from the remote peer. Value for use with OptionGet and OptionSet. See also: SSL_REQUIRE_CERTIFICATE in /usr/include/nss3/ssl.h
      • SECSuccess

        public static final int SECSuccess
        Return value on success from NSS functions. See also: SECSuccess in /usr/include/nss3/seccomon.h
      • SECFailure

        public static final int SECFailure
        Return value on failure from NSS functions. See also: SECFailure in /usr/include/nss3/seccomon.h
      • SECWouldBlock

        public static final int SECWouldBlock
        Return value from NSS functions when the operation would block. See also: SECWouldBlock in /usr/include/nss3/seccomon.h
    • Constructor Detail

      • SSL

        public SSL()
    • Method Detail

      • ImportFD

        public static SSLFDProxy ImportFD​(PRFDProxy model,
                                          PRFDProxy fd)
        Import a file descriptor to create a new SSL file descriptor out of it. See also: SSL_ImportFD in /usr/include/nss3/ssl.h
      • OptionSet

        public static int OptionSet​(SSLFDProxy fd,
                                    int option,
                                    int val)
        Set the value of a SSL option on the specified PRFileDesc. See also: SSL_OptionSet in /usr/include/nss3/ssl.h
      • OptionGet

        public static int OptionGet​(SSLFDProxy fd,
                                    int option)
                             throws java.lang.Exception
        Get the value of a SSL option on the specified PRFileDesc. Note that this raises an exception in the case of an invalid option. See also: SSL_OptionGet in /usr/include/nss3/ssl.h
        Throws:
        java.lang.Exception
      • SetURL

        public static int SetURL​(SSLFDProxy fd,
                                 java.lang.String url)
        Set the hostname of a handshake on the specified PRFileDesc. See also: SSL_SetURL in /usr/include/nss3/ssl.h
      • CipherPrefSet

        public static int CipherPrefSet​(SSLFDProxy fd,
                                        int cipher,
                                        boolean enabled)
        Set the preference for a specific cipher suite on the specified PRFileDesc. See also: SSL_CipherPrefSet in /usr/include/nss3/ssl.h
      • CipherPrefGet

        public static boolean CipherPrefGet​(SSLFDProxy fd,
                                            int cipher)
                                     throws java.lang.Exception
        Get the preference for a specific cipher suite on the specified PRFileDesc. Note that this can raise an Exception when the cipher is unknown. See also: SSL_CipherPrefGet in /usr/include/nss3/ssl.h
        Throws:
        java.lang.Exception
      • VersionRangeSet

        public static int VersionRangeSet​(SSLFDProxy fd,
                                          SSLVersionRange range)
        Set the range of TLS versions enabled by this server by SSLVersionRange. See also: SSL_VersionRangeSet in /usr/include/nss3/ssl.h
      • VersionRangeGet

        public static SSLVersionRange VersionRangeGet​(SSLFDProxy fd)
                                               throws java.lang.Exception
        Get the range of TLS versions enabled by this server. See also: SSL_VersionRangeSet in /usr/include/nss3/ssl.h
        Throws:
        java.lang.Exception
      • SecurityStatus

        public static SecurityStatusResult SecurityStatus​(SSLFDProxy fd)
        Check the security status of a SSL handshake. See also: SSL_SecurityStatus in /usr/include/nss3/ssl.h
      • ResetHandshake

        public static int ResetHandshake​(SSLFDProxy fd,
                                         boolean asServer)
        Reset the handshake status, optionally handshaking as a server. See also: SSL_ResetHandshake in /usr/include/nss3/ssl.h
      • ForceHandshake

        public static int ForceHandshake​(SSLFDProxy fd)
        Force a handshake to occur if not started, else step one. See also: SSL_ForceHandshake in /usr/include/nss3/ssl.h
      • ConfigSecureServer

        @Deprecated
        public static int ConfigSecureServer​(SSLFDProxy fd,
                                             PK11Cert cert,
                                             PK11PrivKey key,
                                             int kea)
        Deprecated.
        replaced with ConfigServerCert See also: SSL_ConfigSecureServer in /usr/include/nss3/ssl.h
        Configure the certificate and private key for a server socket.
      • ConfigServerCert

        public static int ConfigServerCert​(SSLFDProxy fd,
                                           PK11Cert cert,
                                           PK11PrivKey key)
        Configure the certificate and private key for a server socket. This form assumes no additional data is passed. See also: SSL_ConfigServerCert in /usr/include/nss3/ssl.h
      • ConfigServerSessionIDCache

        public static int ConfigServerSessionIDCache​(int maxCacheEntries,
                                                     long timeout,
                                                     long ssl3_timeout,
                                                     java.lang.String directory)
        Configure the server's session cache. See also: SSL_ConfigServerSessionIDCache in /usr/include/nss3/ssl.h
      • PeerCertificate

        public static PK11Cert PeerCertificate​(SSLFDProxy fd)
        Introspect the peer's certificate. See also: SSL_PeerCertificate in /usr/include/nss3/ssl.h
      • PeerCertificateChain

        public static PK11Cert[] PeerCertificateChain​(SSLFDProxy fd)
                                               throws java.lang.Exception
        Introspect the peer's certificate chain. See also: SSL_PeerCertificateChain in /usr/include/nss3/ssl.h
        Throws:
        java.lang.Exception
      • AttachClientCertCallback

        public static int AttachClientCertCallback​(SSLFDProxy fd)
                                            throws java.lang.Exception
        Use client authentication; set client certificate from SSLFDProxy. See also: SSL_GetClientAuthDataHook in /usr/include/nss3/ssl.h, org.mozilla.jss.nss.SSLFDProxy.SetClientCert(...)
        Throws:
        java.lang.Exception