SSLEngine.java revision 82567d6265458e51ddcfba20937128efecbeda4d
1adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/* 2adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Licensed to the Apache Software Foundation (ASF) under one or more 3adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * contributor license agreements. See the NOTICE file distributed with 4adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * this work for additional information regarding copyright ownership. 5adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASF licenses this file to You under the Apache License, Version 2.0 6adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * (the "License"); you may not use this file except in compliance with 7adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the License. You may obtain a copy of the License at 8adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 9adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 10adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 11adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Unless required by applicable law or agreed to in writing, software 12adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 13adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * See the License for the specific language governing permissions and 15adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * limitations under the License. 16adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 17adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 18f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilsonpackage javax.net.ssl; 19adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 20adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.nio.ByteBuffer; 21adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 22adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 23adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The abstract implementation of secure communications using SSL, TLS, or other 24f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * protocols. It includes the setup, handshake, and encrypt/decrypt 25f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * functionality needed to create a secure connection. 26f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 27b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <h3>Default configuration</h3> 28b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <p>{@code SSLEngine} instances obtained from default {@link SSLContext} are configured as 29b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * follows: 30b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * 31b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <h4>Protocols</h4> 32b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <table> 33b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <thead> 34b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 35b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Protocol</th> 36b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Supported (API Levels)</th> 37b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Enabled by default (API Levels)</th> 38b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 39b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </thead> 40b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tbody> 41b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 42b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSLv3</td> 43b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1+</td> 44b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1+</td> 45b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 46b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 47b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLSv1</td> 48b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1+</td> 49b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1+</td> 50b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 51024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 52024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLSv1.1</td> 53024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 54024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 55024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 56024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 57024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLSv1.2</td> 58024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 59024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 60024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 61b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tbody> 62b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </table> 63b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * 64b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <h4>Cipher suites</h4> 65b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <table> 66b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <thead> 67b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 68b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Cipher suite</th> 69b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Supported (API Levels)</th> 70b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <th>Enabled by default (API Levels)</th> 71b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 72b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </thead> 73b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tbody> 74b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 75024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</td> 76b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 77024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 78b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 79b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 80024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</td> 81b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 82024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 83b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 84b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 85024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_DSS_WITH_DES_CBC_SHA</td> 86b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 87024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 88b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 89b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 90024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 91b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 92024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 93b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 94b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 95024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 96b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 97024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 98b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 99b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 100024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DHE_RSA_WITH_DES_CBC_SHA</td> 101b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 102b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9-19</td> 103b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 104b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 105024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA</td> 106b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 107024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 108b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 109b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 110024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DH_anon_EXPORT_WITH_RC4_40_MD5</td> 111b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 112024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 113b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 114b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 115024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DH_anon_WITH_3DES_EDE_CBC_SHA</td> 116b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 117024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 118b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 119b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 120024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DH_anon_WITH_DES_CBC_SHA</td> 121b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 122024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 123b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 124b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 125024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>SSL_DH_anon_WITH_RC4_128_MD5</td> 126b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 127024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 128b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 129b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 130b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 131b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 132b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9-19</td> 133b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 134b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 135b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_RC4_40_MD5</td> 136b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 137b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9-19</td> 138b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 139b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 140b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_3DES_EDE_CBC_SHA</td> 141b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 142024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 143b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 144b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 145b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_DES_CBC_SHA</td> 146b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 147b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9-19</td> 148b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 149b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 150b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_NULL_MD5</td> 151b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 152b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 153b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 154b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 155b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_NULL_SHA</td> 156b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 157b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 158b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 159b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 160b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_MD5</td> 161b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 162024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9-19</td> 163b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 164b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 165b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_SHA</td> 166b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 167b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 168b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 169b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 170024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</td> 171024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 172b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 173b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 174b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 175024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA</td> 176024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 177b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 178b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 179b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 180024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</td> 181b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 182024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9+</td> 183024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 184024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 185024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA256</td> 186024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 187b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 188b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 189b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 190024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_GCM_SHA256</td> 191024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 192024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 193024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 194024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 195024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</td> 196b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 197024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 198024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 199024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 200024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA256</td> 201024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 202b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 203b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 204b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 205024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_GCM_SHA384</td> 206024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 207024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 208024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 209024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 210024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_DSS_WITH_DES_CBC_SHA</td> 211024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 212b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 213024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 214024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 215024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 216024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 217024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 218024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 219024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 220024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 221024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 222024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 223024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 224024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 225024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</td> 226024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9+</td> 227024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9+</td> 228024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 229024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 230024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA256</td> 231024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 232024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 233024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 234024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 235024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_GCM_SHA256</td> 236024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 237024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 238024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 239024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 240024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</td> 241024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>9+</td> 242024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 243024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 244024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 245024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA256</td> 246024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 247b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 248b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 249b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 250024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_GCM_SHA384</td> 251024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 252024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 253024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 254024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 255024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DHE_RSA_WITH_DES_CBC_SHA</td> 256024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 257024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>1-8</td> 258024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 259024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 260b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA</td> 261b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 262b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 263b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 264b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 265b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA</td> 266b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 267b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 268b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 269b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 270b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_DSS_WITH_DES_CBC_SHA</td> 271b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 272b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 273b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 274b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 275b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 276b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 277b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 278b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 279b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 280b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA</td> 281b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 282b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 283b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 284b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 285b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_DH_RSA_WITH_DES_CBC_SHA</td> 286b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 287b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 288b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 289b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 290024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA</td> 291b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 292024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 293b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 294b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 295024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_3DES_EDE_CBC_SHA</td> 296b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 297024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 298b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 299b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 300024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_128_CBC_SHA</td> 301b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 302024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 303b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 304b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 305024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_128_CBC_SHA256</td> 306024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 307024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 308024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 309024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 310024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_128_GCM_SHA256</td> 311024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 312024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 313024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 314024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 315024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_256_CBC_SHA</td> 316b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 317024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 318024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 319024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 320024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_256_CBC_SHA256</td> 321b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>20+</td> 322024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 323b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 324b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 325024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_AES_256_GCM_SHA384</td> 326024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 327024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 328b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 329b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 330024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_DH_anon_WITH_DES_CBC_SHA</td> 331b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 332024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 333b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 334b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 335024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA</td> 336024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 337024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 338b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 339b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 340024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</td> 341024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 342024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 343b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 344b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 345024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</td> 346b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>20+</td> 347024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 348b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 349b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 350024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</td> 351024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 352024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 353024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 354024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 355024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</td> 356024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 357024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 358024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 359024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 360024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384</td> 361024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 362024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 363024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 364024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 365024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</td> 366024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 367024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 368024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 369024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 370024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_NULL_SHA</td> 371024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 372024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 373024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 374024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 375024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</td> 376024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 377024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 378024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 379024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 380024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 381024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 382024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 383024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 384024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 385024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</td> 386024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 387024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 388024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 389024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 390024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256</td> 391024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 392024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 393024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 394024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 395024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</td> 396024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 397024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 398024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 399024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 400024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</td> 401024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 402024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 403024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 404024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 405024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</td> 406024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 407024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 408024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 409024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 410024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</td> 411024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 412024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 413024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 414024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 415024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_NULL_SHA</td> 416024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 417024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 418024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 419024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 420024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDHE_RSA_WITH_RC4_128_SHA</td> 421024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 422024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 423024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 424024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 425024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA</td> 426024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 427024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 428024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 429024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 430024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA</td> 431024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 432024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 433024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 434024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 435024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256</td> 436024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 437024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 438024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 439024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 440024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256</td> 441024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 442024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 443024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 444024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 445024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA</td> 446024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 447024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 448024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 449024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 450024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384</td> 451024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 452024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 453024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 454024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 455024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384</td> 456024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 457024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 458024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 459024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 460024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_NULL_SHA</td> 461024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 462024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 463024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 464024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 465024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_ECDSA_WITH_RC4_128_SHA</td> 466024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 467024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 468024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 469024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 470024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA</td> 471024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 472024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 473024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 474024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 475024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA</td> 476024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 477024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 478024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 479024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 480024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256</td> 481024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 482024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 483024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 484024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 485024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256</td> 486024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 487024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 488024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 489024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 490024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA</td> 491024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 492024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 493024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 494024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 495024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384</td> 496024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 497024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 498024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 499024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 500024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384</td> 501024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 502024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 503024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 504024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 505024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_NULL_SHA</td> 506024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 507024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 508024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 509024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 510024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_RSA_WITH_RC4_128_SHA</td> 511024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 512024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 513024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 514024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 515024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA</td> 516024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 517024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 518024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 519024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 520024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_anon_WITH_AES_128_CBC_SHA</td> 521024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 522024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 523024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 524024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 525024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_anon_WITH_AES_256_CBC_SHA</td> 526024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 527024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 528024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 529024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 530024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_anon_WITH_NULL_SHA</td> 531024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 532024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 533024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 534024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 535024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_ECDH_anon_WITH_RC4_128_SHA</td> 536024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 537024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 538024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 539024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 540024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_EMPTY_RENEGOTIATION_INFO_SCSV</td> 541024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 542024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 543b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 544b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 54582567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA</td> 54682567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 547c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td></td> 548c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 549c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 55082567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA</td> 55182567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 552c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td></td> 553c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 554c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 555b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_NULL_WITH_NULL_NULL</td> 556b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 557b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 558b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 559b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 560c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_3DES_EDE_CBC_SHA</td> 56182567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 562c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td></td> 563c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 564c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 565c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_AES_128_CBC_SHA</td> 56682567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 567c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td></td> 568c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 569c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 570c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_AES_256_CBC_SHA</td> 57182567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 572c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td></td> 573c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 574c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 575c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_RC4_128_SHA</td> 57682567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 577c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td></td> 578c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 579c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 580b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 581b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 582b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 583b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 584b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 585b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_3DES_EDE_CBC_SHA</td> 586b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 587b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 588b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 589b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 590b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_AES_128_CBC_SHA</td> 591b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 592b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 593b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 594b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 595024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_RSA_WITH_AES_128_CBC_SHA256</td> 596024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 597024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 598024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 599024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 600024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_RSA_WITH_AES_128_GCM_SHA256</td> 601024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 602024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 603024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 604024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 605b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_AES_256_CBC_SHA</td> 606b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>9+</td> 607b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>20+</td> 608b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 609b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 610024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_RSA_WITH_AES_256_CBC_SHA256</td> 611024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 612024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 613024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 614024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 615024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_RSA_WITH_AES_256_GCM_SHA384</td> 616024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 617024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 618024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 619024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 620b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_DES_CBC_SHA</td> 621b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 622b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 623b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 624b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 625b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_NULL_MD5</td> 626b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 627b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 628b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 629b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <tr> 630b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>TLS_RSA_WITH_NULL_SHA</td> 631b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td>1-8</td> 632b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * <td></td> 633b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tr> 634024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <tr> 635024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>TLS_RSA_WITH_NULL_SHA256</td> 636024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td>20+</td> 637024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * <td></td> 638024b80ccf9d9f2dc3b1527cfc46d28bfb2ba0d6dAlex Klyubin * </tr> 639b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </tbody> 640b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * </table> 641b4675a53abbbb55acad213485636cf6a0d8b5bf6Alex Klyubin * 642f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @since 1.5 643adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 644adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpublic abstract class SSLEngine { 645f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson private final String peerHost; 646f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson private final int peerPort; 647adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 648adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 649adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a new {@code SSLEngine} instance. 650adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 651adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project protected SSLEngine() { 652f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson peerHost = null; 653f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson peerPort = -1; 654adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 655adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 656adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 657adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a new {@code SSLEngine} instance with the specified host and 658adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * port. 659f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 660adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param host 661adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the name of the host. 662adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param port 663adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the port of the host. 664adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 665adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project protected SSLEngine(String host, int port) { 666f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson this.peerHost = host; 667f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson this.peerPort = port; 668f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson } 669f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 670f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson /** 671f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * Returns the name of the peer host. 672f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 673f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @return the name of the peer host, or {@code null} if none is available. 674f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson */ 675f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public String getPeerHost() { 676f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson return peerHost; 677f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson } 678f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 679f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson /** 680f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * Returns the port number of the peer host. 681f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 682f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @return the port number of the peer host, or {@code -1} is none is 683f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * available. 684f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson */ 685f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public int getPeerPort() { 686f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson return peerPort; 687adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 688adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 689adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 690adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Initiates a handshake on this engine. 691adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 692adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Calling this method is not needed for the initial handshake: it will be 693adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * called by {@code wrap} or {@code unwrap} if the initial handshake has not 694adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * been started yet. 695f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 696adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 697adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if starting the handshake fails. 698adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 699adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 700adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 701adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 702adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void beginHandshake() throws SSLException; 703adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 704adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 705adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Notifies this engine instance that no more inbound network data will be 706adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * sent to this engine. 707f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 708adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 709adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if this engine did not receive a needed protocol specific 710adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * close notification message from the peer. 711adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 712adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void closeInbound() throws SSLException; 713adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 714adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 715adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Notifies this engine instance that no more outbound application data will 716adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * be sent to this engine. 717adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 718adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void closeOutbound(); 719adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 720adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 721adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns a delegate task for this engine instance. Some engine operations 722adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * may require the results of blocking or long running operations, and the 723adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code SSLEngineResult} instances returned by this engine may indicate 724adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * that a delegated task result is needed. In this case the 725adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@link Runnable#run() run} method of the returned {@code Runnable} 726adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * delegated task must be called. 727f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 728adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return a delegate task, or {@code null} if none are available. 729adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 730adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract Runnable getDelegatedTask(); 731adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 732adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 733adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the SSL cipher suite names that are enabled in this engine 734adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. 735f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 736adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the SSL cipher suite names that are enabled in this engine 737adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. 738adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 739adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getEnabledCipherSuites(); 740adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 741adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 742adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the protocol version names that are enabled in this engine 743adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. 744f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 745adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the protocol version names that are enabled in this engine 746adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. 747adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 748adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getEnabledProtocols(); 749adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 750adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 751adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether new SSL sessions may be established by this engine. 752f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 753adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if new session may be established, {@code false} if 754adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * existing sessions must be reused. 755adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 756adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getEnableSessionCreation(); 757adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 758adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 759adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the status of the handshake of this engine instance. 760f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 761adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the status of the handshake of this engine instance. 762adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 763adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract SSLEngineResult.HandshakeStatus getHandshakeStatus(); 764adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 765adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 766adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether this engine instance will require client authentication. 767f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 768adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if this engine will require client authentication, 769adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if no client authentication is needed. 770adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 771adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getNeedClientAuth(); 772adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 773adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 774adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the SSL session for this engine instance. 775f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 776adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the SSL session for this engine instance. 777adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 778adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract SSLSession getSession(); 779adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 780adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 781adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the SSL cipher suite names that are supported by this engine. 782adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * These cipher suites can be enabled using 783adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@link #setEnabledCipherSuites(String[])}. 784f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 785adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the SSL cipher suite names that are supported by this engine. 786adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 787adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getSupportedCipherSuites(); 788adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 789adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 790adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the protocol names that are supported by this engine. These 791adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * protocols can be enables using {@link #setEnabledProtocols(String[])}. 792f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 793adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the protocol names that are supported by this engine. 794adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 795adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getSupportedProtocols(); 796adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 797adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 798adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether this engine is set to act in client mode when 799adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * handshaking. 800f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 801adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if the engine is set to do handshaking in client 802adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * mode. 803adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 804adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getUseClientMode(); 805adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 806adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 807adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether this engine will request client authentication. 808f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 809adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if client authentication will be requested, 810adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} otherwise. 811adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 812adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getWantClientAuth(); 813adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 814adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 815adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether no more inbound data will be accepted by this engine. 816f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 817adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if no more inbound data will be accepted by this 818adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * engine, {@code false} otherwise. 819adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 820adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean isInboundDone(); 821adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 822adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 823adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether no more outbound data will be produced by this engine. 824f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 825adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if no more outbound data will be producted by this 826adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * engine, {@code otherwise} false. 827adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 828adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean isOutboundDone(); 829adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 830adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 831adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets the SSL cipher suite names that should be enabled in this engine 832adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. Only cipher suites listed by {@code getSupportedCipherSuites()} 833adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * are allowed. 834f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 835adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param suites 836adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the SSL cipher suite names to be enabled. 837adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 838adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the specified cipher suites is not supported, or if 839adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code suites} is {@code null}. 840adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 841adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnabledCipherSuites(String[] suites); 842adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 843adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 844adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets the protocol version names that should be enabled in this engine 845adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * instance. Only protocols listed by {@code getSupportedProtocols()} are 846adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * allowed. 847f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 848adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param protocols 849adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the protocol version names to be enabled. 850adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 851adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the protocol version names is not supported, or if 852adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code protocols} is {@code null}. 853adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 854adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnabledProtocols(String[] protocols); 855adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 856adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 857adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether new SSL sessions may be established by this engine instance. 858f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 859adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param flag 860adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code true} if new SSL sessions may be established, 861adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if existing SSL sessions must be reused. 862adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 863adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnableSessionCreation(boolean flag); 864adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 865adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 866adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether this engine must require client authentication. The client 867adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * authentication is one of: 868adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <ul> 869adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication required</li> 870adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication requested</li> 871adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>no authentication needed</li> 872adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </ul> 873adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This method overrides the setting of {@link #setWantClientAuth(boolean)}. 874f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 875adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param need 876adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code true} if client authentication is required, 877adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if no authentication is needed. 878adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 879adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setNeedClientAuth(boolean need); 880adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 881adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 882adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether this engine should act in client (or server) mode when 883adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * handshaking. 884f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 885adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param mode 886adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code true} if this engine should act in client mode, 887adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if not. 888adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 889adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if this method is called after starting the initial 890adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * handshake. 891adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 892adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setUseClientMode(boolean mode); 893adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 894adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 895adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether this engine should request client authentication. The client 896adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * authentication is one of the following: 897adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <ul> 898adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication required</li> 899adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication requested</li> 900adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>no authentication needed</li> 901adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </ul> 902adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This method overrides the setting of {@link #setNeedClientAuth(boolean)}. 903f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 904adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param want 905adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code true} if client authentication should be requested, 906adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if no authentication is needed. 907adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 908adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setWantClientAuth(boolean want); 909adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 910adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 911adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Decodes the incoming network data buffer into application data buffers. 912adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * If a handshake has not been started yet, it will automatically be 913adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * started. 914f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 915adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param src 916adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the buffer with incoming network data 917adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dsts 918adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the array of destination buffers for incoming application 919adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * data. 920adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param offset 921adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the offset in the array of destination buffers to which data 922adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * is to be transferred. 923adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param length 924f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * the maximum number of destination buffers to be used. 925adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 926adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 927adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 928adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IndexOutOfBoundsException 929adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code length} is greater than 930adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code dsts.length - offset}. 931f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 932adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the destination buffers is read-only. 933adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 934adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code src}, {@code dsts}, or one of the entries in 935adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code dsts} is {@code null}. 936adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 937adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 938adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 939adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 9400c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom public abstract SSLEngineResult unwrap(ByteBuffer src, 9410c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom ByteBuffer[] dsts, 9420c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom int offset, 9430c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom int length) throws SSLException; 944adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 945adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 946adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Encodes the outgoing application data buffers into the network data 947adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * buffer. If a handshake has not been started yet, it will automatically be 948adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * started. 949f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 950adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param srcs 951adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the array of source buffers of outgoing application data. 952adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param offset 953adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the offset in the array of source buffers from which data is 954adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * to be retrieved. 955adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param length 956adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the maximum number of source buffers to be used. 957adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dst 958adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the destination buffer for network data. 959adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 960adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 961adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 962adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IndexOutOfBoundsException 963adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code length} is greater than 964adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code srcs.length - offset}. 965f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 966adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the destination buffer is readonly. 967adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 968adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code srcs}, {@code dst}, or one the entries in 969adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code srcs} is {@code null}. 970adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 971adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 972adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 973adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 974f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public abstract SSLEngineResult wrap(ByteBuffer[] srcs, int offset, int length, ByteBuffer dst) 975f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson throws SSLException; 976adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 977adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 978adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Decodes the incoming network data buffer into the application data 979adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * buffer. If a handshake has not been started yet, it will automatically be 980adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * started. 981f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * 982adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param src 983adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the buffer with incoming network data 984adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dst 985adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the destination buffer for incoming application data. 986adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 987adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 988adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 989f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 990adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the destination buffers is read-only. 991adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 992adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code src} or {@code dst} is {@code null}. 993adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 994adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 995adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 996f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson */ 997f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public SSLEngineResult unwrap(ByteBuffer src, ByteBuffer dst) throws SSLException { 998adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return unwrap(src, new ByteBuffer[] { dst }, 0, 1); 999adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 1000adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 1001adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 1002adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Decodes the incoming network data buffer into the application data 1003adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * buffers. If a handshake has not been started yet, it will automatically 1004adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * be started. 1005f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 1006adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param src 1007adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the buffer with incoming network data 1008adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dsts 1009adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the array of destination buffers for incoming application 1010adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * data. 1011adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 1012adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 1013adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 1014f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 1015adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the destination buffers is read-only. 1016adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 1017adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code src} or {@code dsts} is {@code null}. 1018adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 1019adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 1020adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 1021adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 1022f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts) throws SSLException { 1023adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (dsts == null) { 1024adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new IllegalArgumentException("Byte buffer array dsts is null"); 1025adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 1026adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return unwrap(src, dsts, 0, dsts.length); 1027adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 1028adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 1029adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 1030adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Encodes the outgoing application data buffers into the network data 1031adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * buffer. If a handshake has not been started yet, it will automatically be 1032adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * started. 1033f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * 1034adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param srcs 1035adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the array of source buffers of outgoing application data. 1036adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dst 1037adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the destination buffer for network data. 1038adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 1039adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 1040adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 1041f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 1042adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the destination buffer is readonly. 1043adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 1044adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code srcs} or {@code dst} is {@code null}. 1045adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 1046adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 1047adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 1048adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 1049f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public SSLEngineResult wrap(ByteBuffer[] srcs, ByteBuffer dst) throws SSLException { 1050adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (srcs == null) { 1051adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new IllegalArgumentException("Byte buffer array srcs is null"); 1052adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 1053adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return wrap(srcs, 0, srcs.length, dst); 1054adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 1055adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 1056adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 1057adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Encodes the outgoing application data buffer into the network data 1058adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * buffer. If a handshake has not been started yet, it will automatically be 1059adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * started. 1060f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes * 1061adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param src 1062adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the source buffers of outgoing application data. 1063adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param dst 1064adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the destination buffer for network data. 1065adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the result object of this operation. 1066adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws SSLException 1067adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if a problem occurred while processing the data. 1068f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * @throws java.nio.ReadOnlyBufferException 1069adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the destination buffer is readonly. 1070adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 1071adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code src} or {@code dst} is {@code null}. 1072adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalStateException 1073adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the engine does not have all the needed settings (e.g. 1074adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * client/server mode not set). 1075f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson */ 1076f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson public SSLEngineResult wrap(ByteBuffer src, ByteBuffer dst) throws SSLException { 1077adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return wrap(new ByteBuffer[] { src }, 0, 1, dst); 1078adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 10790c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom 10800c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom /** 10810c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * Returns a new SSLParameters based on this SSLSocket's current 10820c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * cipher suites, protocols, and client authentication settings. 10830c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * 10840c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * @since 1.6 10850c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom */ 10860c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom public SSLParameters getSSLParameters() { 10870c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom SSLParameters p = new SSLParameters(); 10880c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setCipherSuites(getEnabledCipherSuites()); 10890c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setProtocols(getEnabledProtocols()); 10900c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setNeedClientAuth(getNeedClientAuth()); 10910c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setWantClientAuth(getWantClientAuth()); 10920c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom return p; 10930c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 10940c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom 10950c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom /** 10960c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * Sets various SSL handshake parameters based on the SSLParameter 10970c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * argument. Specifically, sets the SSLEngine's enabled cipher 10980c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * suites if the parameter's cipher suites are non-null. Similarly 10990c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * sets the enabled protocols. If the parameters specify the want 11000c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * or need for client authentication, those requirements are set 11010c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * on the SSLEngine, otherwise both are set to false. 11020c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * @since 1.6 11030c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom */ 11040c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom public void setSSLParameters(SSLParameters p) { 11050c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom String[] cipherSuites = p.getCipherSuites(); 11060c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (cipherSuites != null) { 11070c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setEnabledCipherSuites(cipherSuites); 11080c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 11090c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom String[] protocols = p.getProtocols(); 11100c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (protocols != null) { 11110c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setEnabledProtocols(protocols); 11120c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 11130c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (p.getNeedClientAuth()) { 11140c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setNeedClientAuth(true); 11150c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } else if (p.getWantClientAuth()) { 11160c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setWantClientAuth(true); 11170c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } else { 11180c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setWantClientAuth(false); 11190c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 11200c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 1121adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project} 1122