1adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/* 2adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Licensed to the Apache Software Foundation (ASF) under one or more 3adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * contributor license agreements. See the NOTICE file distributed with 4adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * this work for additional information regarding copyright ownership. 5adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASF licenses this file to You under the Apache License, Version 2.0 6adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * (the "License"); you may not use this file except in compliance with 7adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the License. You may obtain a copy of the License at 8adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 9adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 10adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 11adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Unless required by applicable law or agreed to in writing, software 12adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 13adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * See the License for the specific language governing permissions and 15adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * limitations under the License. 16adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 17adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 18f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilsonpackage javax.net.ssl; 19adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 20adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.nio.ByteBuffer; 21adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 22adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 23adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The abstract implementation of secure communications using SSL, TLS, or other 24f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * protocols. It includes the setup, handshake, and encrypt/decrypt 25f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * functionality needed to create a secure connection. 26f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 27b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <h3>Default configuration</h3> 28b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <p>{@code SSLEngine} instances obtained from default {@link SSLContext} are configured as 29b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * follows: 30b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * 31b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <h4>Protocols</h4> 32b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <table> 33b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <thead> 34b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 35b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Protocol</th> 36b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Supported (API Levels)</th> 37b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Enabled by default (API Levels)</th> 38b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 39b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </thead> 40b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tbody> 41b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 42b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSLv3</td> 43b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1+</td> 44b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1+</td> 45b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 46b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 47b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLSv1</td> 48b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1+</td> 49b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1+</td> 50b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 51024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 52024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLSv1.1</td> 53024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 54024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 55024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 56024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 57024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLSv1.2</td> 58024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 59024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 60024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 61b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tbody> 62b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </table> 63b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * 64b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <h4>Cipher suites</h4> 65b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <table> 66b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <thead> 67b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 68b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Cipher suite</th> 69b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Supported (API Levels)</th> 70b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Enabled by default (API Levels)</th> 71b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 72b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </thead> 73b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tbody> 74b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 75024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</td> 76b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 77024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 78b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 79b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 80024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</td> 81b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 82024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 83b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 84b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 85024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_DSS_WITH_DES_CBC_SHA</td> 86b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 87024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 88b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 89b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 90024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 91b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 92024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 93b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 94b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 95024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 96b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 97024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 98b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 99b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 100024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_RSA_WITH_DES_CBC_SHA</td> 101b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 102b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9-19</td> 103b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 104b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 105024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA</td> 106b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 107024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 108b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 109b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 110024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DH_anon_EXPORT_WITH_RC4_40_MD5</td> 111b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 112024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 113b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 114b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 115024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DH_anon_WITH_3DES_EDE_CBC_SHA</td> 116b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 117024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 118b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 119b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 120024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DH_anon_WITH_DES_CBC_SHA</td> 121b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 122024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 123b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 124b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 125024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DH_anon_WITH_RC4_128_MD5</td> 126b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 127024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 128b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 129b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 130b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 131b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 132b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9-19</td> 133b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 134b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 135b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_RC4_40_MD5</td> 136b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 137b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9-19</td> 138b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 139b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 140b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_3DES_EDE_CBC_SHA</td> 141b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 142024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 143b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 144b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 145b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_DES_CBC_SHA</td> 146b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 147b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9-19</td> 148b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 149b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 150b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_NULL_MD5</td> 151b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 152b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 153b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 154b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 155b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_NULL_SHA</td> 156b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 157b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 158b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 159b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 160b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_MD5</td> 161b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 162024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 163b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 164b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 165b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_SHA</td> 166b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 167b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 168b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 169b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 170024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</td> 171024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 172b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 173b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 174b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 175024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA</td> 176024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 177b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 178b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 179b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 180024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</td> 181b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 182024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9+</td> 183024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 184024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 185024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA256</td> 186024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 187b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 188b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 189b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 190024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_GCM_SHA256</td> 191024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 192024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 193024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 194024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 195024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</td> 196b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 197024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 198024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 199024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 200024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA256</td> 201024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 202b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 203b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 204b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 205024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_GCM_SHA384</td> 206024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 207024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 208024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 209024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 210024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_DES_CBC_SHA</td> 211024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 212b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 213024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 214024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 215024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 216024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 217024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 218024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 219024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 220024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 221024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 222024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 223024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 224024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 225024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</td> 226024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9+</td> 227024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9+</td> 228024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 229024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 230024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA256</td> 231024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 232024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 233024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 234024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 235024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_GCM_SHA256</td> 236024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 237024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 238024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 239024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 240024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</td> 241024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9+</td> 242024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 243024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 244024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 245024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA256</td> 246024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 247b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 248b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 249b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 250024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_GCM_SHA384</td> 251024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 252024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 253024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 254024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 255024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_DES_CBC_SHA</td> 256024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 257024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 258024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 259024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 260b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA</td> 261b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 262b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 263b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 264b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 265b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA</td> 266b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 267b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 268b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 269b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 270b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_DSS_WITH_DES_CBC_SHA</td> 271b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 272b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 273b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 274b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 275b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 276b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 277b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 278b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 279b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 280b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA</td> 281b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 282b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 283b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 284b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 285b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_RSA_WITH_DES_CBC_SHA</td> 286b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 287b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 288b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 289b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 290024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA</td> 291b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 292024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 293b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 294b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 295024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_3DES_EDE_CBC_SHA</td> 296b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 297024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 298b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 299b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 300024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_128_CBC_SHA</td> 301b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 302024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 303b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 304b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 305024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_128_CBC_SHA256</td> 306024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 307024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 308024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 309024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 310024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_128_GCM_SHA256</td> 311024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 312024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 313024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 314024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 315024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_256_CBC_SHA</td> 316b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 317024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 318024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 319024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 320024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_256_CBC_SHA256</td> 321b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>20+</td> 322024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 323b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 324b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 325024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_256_GCM_SHA384</td> 326024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 327024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 328b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 329b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 330024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_DES_CBC_SHA</td> 331b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 332024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 333b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 334b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 335024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA</td> 336024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 337024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 338b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 339b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 340024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</td> 341024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 342024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 343b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 344b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 345024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</td> 346b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>20+</td> 347024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 348b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 349b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 350024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</td> 351024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 352024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 353024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 354024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 355024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</td> 356024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 357024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 358024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 359024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 360024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384</td> 361024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 362024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 363024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 364024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 365024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</td> 366024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 367024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 368024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 369024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 370024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_NULL_SHA</td> 371024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 372024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 373024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 374024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 375024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</td> 376024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 377024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 378024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 379024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 380024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 381024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 382024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 383024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 384024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 385024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</td> 386024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 387024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 388024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 389024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 390024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256</td> 391024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 392024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 393024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 394024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 395024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</td> 396024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 397024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 398024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 399024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 400024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</td> 401024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 402024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 403024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 404024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 405024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</td> 406024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 407024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 408024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 409024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 410024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</td> 411024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 412024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 413024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 414024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 415024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_NULL_SHA</td> 416024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 417024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 418024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 419024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 420024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_RC4_128_SHA</td> 421024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 422024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 423024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 424024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 425024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA</td> 426024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 427024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 428024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 429024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 430024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA</td> 431024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 432024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 433024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 434024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 435024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256</td> 436024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 437024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 438024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 439024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 440024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256</td> 441024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 442024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 443024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 444024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 445024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA</td> 446024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 447024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 448024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 449024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 450024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384</td> 451024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 452024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 453024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 454024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 455024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384</td> 456024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 457024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 458024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 459024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 460024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_NULL_SHA</td> 461024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 462024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 463024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 464024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 465024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_RC4_128_SHA</td> 466024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 467024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 468024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 469024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 470024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA</td> 471024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 472024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 473024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 474024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 475024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA</td> 476024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 477024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 478024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 479024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 480024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256</td> 481024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 482024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 483024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 484024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 485024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256</td> 486024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 487024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 488024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 489024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 490024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA</td> 491024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 492024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 493024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 494024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 495024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384</td> 496024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 497024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 498024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 499024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 500024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384</td> 501024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 502024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 503024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 504024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 505024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_NULL_SHA</td> 506024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 507024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 508024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 509024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 510024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_RC4_128_SHA</td> 511024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 512024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 513024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 514024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 515024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA</td> 516024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 517024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 518024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 519024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 520024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_anon_WITH_AES_128_CBC_SHA</td> 521024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 522024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 523024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 524024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 525024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_anon_WITH_AES_256_CBC_SHA</td> 526024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 527024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 528024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 529024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 530024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_anon_WITH_NULL_SHA</td> 531024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 532024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 533024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 534024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 535024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_anon_WITH_RC4_128_SHA</td> 536024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 537024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 538024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 539024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 540024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_EMPTY_RENEGOTIATION_INFO_SCSV</td> 541024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 542024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 543b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 544b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 545e6a6e935e98f426c7000b2bf4086f87101f4441cKenny Root * <td>TLS_FALLBACK_SCSV</td> 546e6a6e935e98f426c7000b2bf4086f87101f4441cKenny Root * <td>21+</td> 547e6a6e935e98f426c7000b2bf4086f87101f4441cKenny Root * <td></td> 548e6a6e935e98f426c7000b2bf4086f87101f4441cKenny Root * </tr> 549e6a6e935e98f426c7000b2bf4086f87101f4441cKenny Root * <tr> 55082567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA</td> 55182567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 552b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * <td>21+</td> 553c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 554c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 55582567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA</td> 55682567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 557b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * <td>21+</td> 558c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 559c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 560b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_NULL_WITH_NULL_NULL</td> 561b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 562b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 563b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 564b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 565c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_3DES_EDE_CBC_SHA</td> 56682567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 567c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td></td> 568c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 569c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 570c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_AES_128_CBC_SHA</td> 57182567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 572b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * <td>21+</td> 573c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 574c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 575c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_AES_256_CBC_SHA</td> 57682567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 577b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * <td>21+</td> 578c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 579c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 580c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_RC4_128_SHA</td> 58182567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 582c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td></td> 583c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 584c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 585b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 586b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 587b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 588b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 589b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 590b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_3DES_EDE_CBC_SHA</td> 591b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 592b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 593b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 594b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 595b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_AES_128_CBC_SHA</td> 596b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 597b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 598b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 599b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 600024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_RSA_WITH_AES_128_CBC_SHA256</td> 601024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 602024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 603024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 604024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 605024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_RSA_WITH_AES_128_GCM_SHA256</td> 606024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 607024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 608024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 609024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 610b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_AES_256_CBC_SHA</td> 611b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 612b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>20+</td> 613b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 614b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 615024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_RSA_WITH_AES_256_CBC_SHA256</td> 616024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 617024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 618024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 619024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 620024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_RSA_WITH_AES_256_GCM_SHA384</td> 621024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 622024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 623024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 624024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 625b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_DES_CBC_SHA</td> 626b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 627b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 628b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 629b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 630b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_NULL_MD5</td> 631b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 632b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 633b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 634b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 635b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_NULL_SHA</td> 636b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 637b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 638b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 639024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 640024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_RSA_WITH_NULL_SHA256</td> 641024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 642024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 643024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 644b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tbody> 645b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </table> 646b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * 647b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * <p><em>NOTE</em>: PSK cipher suites are enabled by default only if the {@code SSLContext} through 648b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * which the engine was created has been initialized with a {@code PSKKeyManager}. 649b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * 650f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @since 1.5 651adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 652adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpublic abstract class SSLEngine { 653f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson private final String peerHost; 654f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson private final int peerPort; 655adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 656adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 657adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a new {@code SSLEngine} instance. 658adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 659adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project protected SSLEngine() { 660f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson peerHost = null; 661f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson peerPort = -1; 662adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 663adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 664adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 665adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a new {@code SSLEngine} instance with the specified host and 666adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * port. 667f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 668adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param host 669adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the name of the host. 670adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param port 671adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the port of the host. 672adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 673adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project protected SSLEngine(String host, int port) { 674f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson this.peerHost = host; 675f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson this.peerPort = port; 676f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson } 677f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 678f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson /** 679f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * Returns the name of the peer host. 680f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 681f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @return the name of the peer host, or {@code null} if none is available. 682f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson */ 683f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public String getPeerHost() { 684f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson return peerHost; 685f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson } 686f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 687f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson /** 688f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * Returns the port number of the peer host. 689f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 690f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @return the port number of the peer host, or {@code -1} is none is 691f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * available. 692f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson */ 693f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public int getPeerPort() { 694f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson return peerPort; 695adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 696adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 697adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 698adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Initiates a handshake on this engine. 699adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 700adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Calling this method is not needed for the initial handshake: it will be 701adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * called by {@code wrap} or {@code unwrap} if the initial handshake has not 702adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * been started yet. 703f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 704adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 705adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if starting the handshake fails. 706adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 707adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 708adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 709adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 710adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void beginHandshake() throws SSLException; 711adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 712adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 713adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Notifies this engine instance that no more inbound network data will be 714adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * sent to this engine. 715f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 716adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 717adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if this engine did not receive a needed protocol specific 718adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * close notification message from the peer. 719adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 720adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void closeInbound() throws SSLException; 721adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 722adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 723adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Notifies this engine instance that no more outbound application data will 724adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * be sent to this engine. 725adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 726adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void closeOutbound(); 727adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 728adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 729adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns a delegate task for this engine instance. Some engine operations 730adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * may require the results of blocking or long running operations, and the 731adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code SSLEngineResult} instances returned by this engine may indicate 732adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * that a delegated task result is needed. In this case the 733adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@link Runnable#run() run} method of the returned {@code Runnable} 734adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * delegated task must be called. 735f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 736adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return a delegate task, or {@code null} if none are available. 737adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 738adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract Runnable getDelegatedTask(); 739adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 740adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 741adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the SSL cipher suite names that are enabled in this engine 742adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. 743f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 744adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the SSL cipher suite names that are enabled in this engine 745adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. 746adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 747adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getEnabledCipherSuites(); 748adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 749adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 750adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the protocol version names that are enabled in this engine 751adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. 752f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 753adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the protocol version names that are enabled in this engine 754adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. 755adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 756adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getEnabledProtocols(); 757adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 758adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 759adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether new SSL sessions may be established by this engine. 760f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 761adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if new session may be established, {@code false} if 762adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * existing sessions must be reused. 763adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 764adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getEnableSessionCreation(); 765adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 766adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 767adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the status of the handshake of this engine instance. 768f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 769adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the status of the handshake of this engine instance. 770adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 771adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract SSLEngineResult.HandshakeStatus getHandshakeStatus(); 772adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 773adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 774adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether this engine instance will require client authentication. 775f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 776adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if this engine will require client authentication, 777adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if no client authentication is needed. 778adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 779adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getNeedClientAuth(); 780adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 781adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 782adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the SSL session for this engine instance. 783f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 784adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the SSL session for this engine instance. 785adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 786adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract SSLSession getSession(); 787adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 788adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 789adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the SSL cipher suite names that are supported by this engine. 790adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * These cipher suites can be enabled using 791adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@link #setEnabledCipherSuites(String[])}. 792f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 793adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the SSL cipher suite names that are supported by this engine. 794adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 795adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getSupportedCipherSuites(); 796adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 797adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 798adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the protocol names that are supported by this engine. These 799adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * protocols can be enables using {@link #setEnabledProtocols(String[])}. 800f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 801adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the protocol names that are supported by this engine. 802adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 803adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getSupportedProtocols(); 804adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 805adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 806adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether this engine is set to act in client mode when 807adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * handshaking. 808f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 809adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if the engine is set to do handshaking in client 810adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * mode. 811adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 812adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getUseClientMode(); 813adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 814adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 815adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether this engine will request client authentication. 816f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 817adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if client authentication will be requested, 818adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} otherwise. 819adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 820adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getWantClientAuth(); 821adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 822adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 823adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether no more inbound data will be accepted by this engine. 824f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 825adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if no more inbound data will be accepted by this 826adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * engine, {@code false} otherwise. 827adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 828adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean isInboundDone(); 829adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 830adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 831adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether no more outbound data will be produced by this engine. 832f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 833adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if no more outbound data will be producted by this 834adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * engine, {@code otherwise} false. 835adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 836adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean isOutboundDone(); 837adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 838adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 839adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets the SSL cipher suite names that should be enabled in this engine 840adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. Only cipher suites listed by {@code getSupportedCipherSuites()} 841adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * are allowed. 842f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 843adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param suites 844adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the SSL cipher suite names to be enabled. 845adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 846adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the specified cipher suites is not supported, or if 847adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code suites} is {@code null}. 848adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 849adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnabledCipherSuites(String[] suites); 850adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 851adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 852adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets the protocol version names that should be enabled in this engine 853adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. Only protocols listed by {@code getSupportedProtocols()} are 854adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * allowed. 855f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 856adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param protocols 857adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the protocol version names to be enabled. 858adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 859adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the protocol version names is not supported, or if 860adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code protocols} is {@code null}. 861adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 862adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnabledProtocols(String[] protocols); 863adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 864adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 865adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether new SSL sessions may be established by this engine instance. 866f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 867adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param flag 868adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code true} if new SSL sessions may be established, 869adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if existing SSL sessions must be reused. 870adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 871adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnableSessionCreation(boolean flag); 872adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 873adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 874adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether this engine must require client authentication. The client 875adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * authentication is one of: 876adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <ul> 877adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication required</li> 878adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication requested</li> 879adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>no authentication needed</li> 880adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </ul> 881adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This method overrides the setting of {@link #setWantClientAuth(boolean)}. 882f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 883adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param need 884adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code true} if client authentication is required, 885adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if no authentication is needed. 886adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 887adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setNeedClientAuth(boolean need); 888adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 889adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 890adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether this engine should act in client (or server) mode when 891adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * handshaking. 892f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 893adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param mode 894adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code true} if this engine should act in client mode, 895adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if not. 896adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 897adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if this method is called after starting the initial 898adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * handshake. 899adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 900adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setUseClientMode(boolean mode); 901adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 902adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 903adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether this engine should request client authentication. The client 904adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * authentication is one of the following: 905adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <ul> 906adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication required</li> 907adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication requested</li> 908adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>no authentication needed</li> 909adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </ul> 910adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This method overrides the setting of {@link #setNeedClientAuth(boolean)}. 911f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 912adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param want 913adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code true} if client authentication should be requested, 914adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if no authentication is needed. 915adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 916adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setWantClientAuth(boolean want); 917adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 918adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 919adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Decodes the incoming network data buffer into application data buffers. 920adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * If a handshake has not been started yet, it will automatically be 921adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * started. 922f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 923adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param src 924adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the buffer with incoming network data 925adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dsts 926adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the array of destination buffers for incoming application 927adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * data. 928adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param offset 929adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the offset in the array of destination buffers to which data 930adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * is to be transferred. 931adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param length 932f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * the maximum number of destination buffers to be used. 933adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 934adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 935adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 936adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IndexOutOfBoundsException 937adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code length} is greater than 938adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code dsts.length - offset}. 939f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 940adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the destination buffers is read-only. 941adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 942adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code src}, {@code dsts}, or one of the entries in 943adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code dsts} is {@code null}. 944adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 945adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 946adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 947adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 9480c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom public abstract SSLEngineResult unwrap(ByteBuffer src, 9490c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom ByteBuffer[] dsts, 9500c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom int offset, 9510c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom int length) throws SSLException; 952adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 953adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 954adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Encodes the outgoing application data buffers into the network data 955adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * buffer. If a handshake has not been started yet, it will automatically be 956adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * started. 957f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 958adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param srcs 959adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the array of source buffers of outgoing application data. 960adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param offset 961adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the offset in the array of source buffers from which data is 962adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * to be retrieved. 963adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param length 964adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the maximum number of source buffers to be used. 965adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dst 966adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the destination buffer for network data. 967adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 968adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 969adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 970adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IndexOutOfBoundsException 971adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code length} is greater than 972adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code srcs.length - offset}. 973f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 974adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the destination buffer is readonly. 975adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 976adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code srcs}, {@code dst}, or one the entries in 977adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code srcs} is {@code null}. 978adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 979adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 980adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 981adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 982f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public abstract SSLEngineResult wrap(ByteBuffer[] srcs, int offset, int length, ByteBuffer dst) 983f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson throws SSLException; 984adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 985adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 986adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Decodes the incoming network data buffer into the application data 987adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * buffer. If a handshake has not been started yet, it will automatically be 988adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * started. 989f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * 990adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param src 991adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the buffer with incoming network data 992adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dst 993adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the destination buffer for incoming application data. 994adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 995adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 996adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 997f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 998adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the destination buffers is read-only. 999adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 1000adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code src} or {@code dst} is {@code null}. 1001adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 1002adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 1003adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 1004f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson */ 1005f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public SSLEngineResult unwrap(ByteBuffer src, ByteBuffer dst) throws SSLException { 1006adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return unwrap(src, new ByteBuffer[] { dst }, 0, 1); 1007adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 1008adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 1009adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 1010adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Decodes the incoming network data buffer into the application data 1011adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * buffers. If a handshake has not been started yet, it will automatically 1012adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * be started. 1013f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 1014adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param src 1015adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the buffer with incoming network data 1016adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dsts 1017adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the array of destination buffers for incoming application 1018adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * data. 1019adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 1020adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 1021adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 1022f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 1023adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the destination buffers is read-only. 1024adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 1025adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code src} or {@code dsts} is {@code null}. 1026adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 1027adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 1028adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 1029adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 1030f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts) throws SSLException { 1031adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (dsts == null) { 1032adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new IllegalArgumentException("Byte buffer array dsts is null"); 1033adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 1034adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return unwrap(src, dsts, 0, dsts.length); 1035adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 1036adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 1037adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 1038adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Encodes the outgoing application data buffers into the network data 1039adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * buffer. If a handshake has not been started yet, it will automatically be 1040adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * started. 1041f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * 1042adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param srcs 1043adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the array of source buffers of outgoing application data. 1044adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dst 1045adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the destination buffer for network data. 1046adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 1047adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 1048adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 1049f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 1050adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the destination buffer is readonly. 1051adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 1052adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code srcs} or {@code dst} is {@code null}. 1053adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 1054adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 1055adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 1056adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 1057f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public SSLEngineResult wrap(ByteBuffer[] srcs, ByteBuffer dst) throws SSLException { 1058adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (srcs == null) { 1059adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new IllegalArgumentException("Byte buffer array srcs is null"); 1060adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 1061adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return wrap(srcs, 0, srcs.length, dst); 1062adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 1063adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 1064adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 1065adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Encodes the outgoing application data buffer into the network data 1066adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * buffer. If a handshake has not been started yet, it will automatically be 1067adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * started. 1068f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * 1069adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param src 1070adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the source buffers of outgoing application data. 1071adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dst 1072adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the destination buffer for network data. 1073adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 1074adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 1075adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 1076f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 1077adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the destination buffer is readonly. 1078adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 1079adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code src} or {@code dst} is {@code null}. 1080adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 1081adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 1082adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 1083f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson */ 1084f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public SSLEngineResult wrap(ByteBuffer src, ByteBuffer dst) throws SSLException { 1085adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return wrap(new ByteBuffer[] { src }, 0, 1, dst); 1086adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 10870c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom 10880c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom /** 10890c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * Returns a new SSLParameters based on this SSLSocket's current 10900c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * cipher suites, protocols, and client authentication settings. 10910c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * 10920c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * @since 1.6 10930c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom */ 10940c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom public SSLParameters getSSLParameters() { 10950c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom SSLParameters p = new SSLParameters(); 10960c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setCipherSuites(getEnabledCipherSuites()); 10970c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setProtocols(getEnabledProtocols()); 10980c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setNeedClientAuth(getNeedClientAuth()); 10990c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setWantClientAuth(getWantClientAuth()); 11000c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom return p; 11010c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 11020c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom 11030c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom /** 11040c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * Sets various SSL handshake parameters based on the SSLParameter 11050c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * argument. Specifically, sets the SSLEngine's enabled cipher 11060c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * suites if the parameter's cipher suites are non-null. Similarly 11070c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * sets the enabled protocols. If the parameters specify the want 11080c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * or need for client authentication, those requirements are set 11090c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * on the SSLEngine, otherwise both are set to false. 11100c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * @since 1.6 11110c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom */ 11120c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom public void setSSLParameters(SSLParameters p) { 11130c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom String[] cipherSuites = p.getCipherSuites(); 11140c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (cipherSuites != null) { 11150c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setEnabledCipherSuites(cipherSuites); 11160c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 11170c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom String[] protocols = p.getProtocols(); 11180c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (protocols != null) { 11190c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setEnabledProtocols(protocols); 11200c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 11210c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (p.getNeedClientAuth()) { 11220c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setNeedClientAuth(true); 11230c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } else if (p.getWantClientAuth()) { 11240c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setWantClientAuth(true); 11250c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } else { 11260c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setWantClientAuth(false); 11270c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 11280c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 1129adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project} 1130