1adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/* 2adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Licensed to the Apache Software Foundation (ASF) under one or more 3adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * contributor license agreements. See the NOTICE file distributed with 4adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * this work for additional information regarding copyright ownership. 5adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASF licenses this file to You under the Apache License, Version 2.0 6adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * (the "License"); you may not use this file except in compliance with 7adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the License. You may obtain a copy of the License at 8adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 9adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 10adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 11adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Unless required by applicable law or agreed to in writing, software 12adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 13adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * See the License for the specific language governing permissions and 15adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * limitations under the License. 16adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 17adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 18adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpackage javax.net.ssl; 19adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 20adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.IOException; 21adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.net.InetAddress; 22adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.net.Socket; 23adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.net.UnknownHostException; 24adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 25adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 26adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The extension of {@code Socket} providing secure protocols like SSL (Secure 270f38eccddbc8ea0ec3e331509d40650ad4b14d45Brian Carlstrom * Sockets Layer) or TLS (Transport Layer Security). 2850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 2950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <h3>Default configuration</h3> 3050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <p>{@code SSLSocket} instances obtained from default {@link SSLSocketFactory}, 3150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * {@link SSLServerSocketFactory}, and {@link SSLContext} are configured as follows: 3250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 3350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <h4>Protocols</h4> 3450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 3550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <p>Client socket: 3650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <table> 3750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <thead> 3850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 3950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Protocol</th> 4050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Supported (API Levels)</th> 4150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Enabled by default (API Levels)</th> 4250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 4350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </thead> 4450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tbody> 4550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 4650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSLv3</td> 4750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 4850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 4950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 5050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 5150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1</td> 5250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 5350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 5450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 5550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 5650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1.1</td> 5750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 5853360555a747056b8e599c3e3fb06532e7e30f61Alex Klyubin * <td>20+</td> 5950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 6050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 6150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1.2</td> 6250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 6353360555a747056b8e599c3e3fb06532e7e30f61Alex Klyubin * <td>20+</td> 6450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 6550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tbody> 6650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </table> 6750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 6850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <p>Server socket: 6950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <table> 7050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <thead> 7150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 7250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Protocol</th> 7350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Supported (API Levels)</th> 7450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Enabled by default (API Levels)</th> 7550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 7650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </thead> 7750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tbody> 7850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 7950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSLv3</td> 8050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 8150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 8250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 8350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 8450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1</td> 8550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 8650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 8750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 8850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 8950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1.1</td> 9050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 9150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 9250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 9350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 9450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1.2</td> 9550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 9650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 9750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 9850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tbody> 9950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </table> 10050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 10150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <h4>Cipher suites</h4> 10250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 10350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <p>Methods that operate with cipher suite names (for example, 10450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * {@link #getSupportedCipherSuites() getSupportedCipherSuites}, 10550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * {@link #setEnabledCipherSuites(String[]) setEnabledCipherSuites}) have used 10650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * standard names for cipher suites since API Level 9, as listed in the table 10750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * below. Prior to API Level 9, non-standard (OpenSSL) names had been used (see 10850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * the table following this table). 10950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <table> 11050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <thead> 11150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 11250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Cipher suite</th> 11350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Supported (API Levels)</th> 11450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Enabled by default (API Levels)</th> 11550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 11650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </thead> 11750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tbody> 11850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 11950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</td> 12050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 12150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 12250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 12350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 12450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</td> 12550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 12650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 12750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 12850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 12950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_WITH_DES_CBC_SHA</td> 13050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 13150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 13250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 13350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 13450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 13550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 13650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 13750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 13850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 13950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 14050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 1419a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>9-19</td> 14250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 14350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 14450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_WITH_DES_CBC_SHA</td> 14550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 14650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 14750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 14850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 14950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA</td> 15050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 15150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 15250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 15350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 15450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DH_anon_EXPORT_WITH_RC4_40_MD5</td> 15550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 15650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 15750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 15850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 15950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DH_anon_WITH_3DES_EDE_CBC_SHA</td> 16050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 16150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 16250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 16350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 16450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DH_anon_WITH_DES_CBC_SHA</td> 16550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 16650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 16750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 16850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 16950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DH_anon_WITH_RC4_128_MD5</td> 17050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 17150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 17250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 17350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 17450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 17550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 17650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 17750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 17850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 17950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_RC4_40_MD5</td> 18050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 18150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 18250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 18350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 18450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_3DES_EDE_CBC_SHA</td> 18550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 1869a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>9-19</td> 18750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 18850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 18950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_DES_CBC_SHA</td> 19050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 19150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 19250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 19350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 19450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_NULL_MD5</td> 19550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 19650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 19750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 19850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 19950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_NULL_SHA</td> 20050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 20150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 20250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 20350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 20450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_MD5</td> 20550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 20671fa3ffedf35aff964eb2545e9af5fecfb8fe8ceAlex Klyubin * <td>9-19</td> 20750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 20850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 20950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_SHA</td> 21050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 21150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 21250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 21350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 21450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</td> 21550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 21650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 21750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 21850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2199e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA256</td> 2209e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2219e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2229e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2239e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2249e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_GCM_SHA256</td> 2259e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2269e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2279e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2289e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 22950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</td> 23050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 23150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 23250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 23350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2349e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA256</td> 2359e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2369e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2379e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2389e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2399e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_GCM_SHA384</td> 2409e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2419e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2429e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2439e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 24450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</td> 24550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 24650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 24750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 24850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2499e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA256</td> 2509e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2519e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2529e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2539e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2549e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_GCM_SHA256</td> 2559e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2560f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 2579e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2589e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 25950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</td> 26050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 26150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 26250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 26350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2649e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA256</td> 2659e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2669e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2679e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2689e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2699e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_GCM_SHA384</td> 2709e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2710f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 2729e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2739e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 27450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DH_anon_WITH_AES_128_CBC_SHA</td> 27550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 27650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 27750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 27850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2799e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DH_anon_WITH_AES_128_CBC_SHA256</td> 2809e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2819e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2829e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2839e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2849e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DH_anon_WITH_AES_128_GCM_SHA256</td> 2859e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2869e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2879e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2889e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 28950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DH_anon_WITH_AES_256_CBC_SHA</td> 29050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 29150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 29250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 29350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2949e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DH_anon_WITH_AES_256_CBC_SHA256</td> 2959e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2969e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2979e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2989e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2999e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DH_anon_WITH_AES_256_GCM_SHA384</td> 3009e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3019e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 3029e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3039e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 30450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA</td> 30550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 3069a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>11-19</td> 30750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 30850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 30950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</td> 31050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 31150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 31250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 31350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 3149e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</td> 3159e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3169e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 3179e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3189e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 3190f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</td> 3200f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 3219e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3229e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3239e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 32450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</td> 32550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 32650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 32750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 32850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 3299e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384</td> 3309e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3319e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 3329e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3339e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 3349e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</td> 3359e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3360f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 3379e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3389e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 33950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_NULL_SHA</td> 34050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 34150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 34250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 34350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 34450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</td> 34550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 34650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 34750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 34850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 34982567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA</td> 35082567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 351b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * <td>21+</td> 352c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 353c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 35482567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA</td> 35582567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 356b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * <td>21+</td> 357c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 358c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 35950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 36050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 3619a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>11-19</td> 36250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 36350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 36450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</td> 36550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 36650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 36750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 36850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 3699e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256</td> 3709e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3719e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 3729e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3739e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 3749e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</td> 3759e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3760f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 3779e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3789e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 37950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</td> 38050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 38150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 38250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 38350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 3849e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</td> 3859e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3869e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 3879e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3889e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 3899e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</td> 3909e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3910f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 3929e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3939e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 39450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_NULL_SHA</td> 39550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 39650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 39750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 39850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 39950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_RC4_128_SHA</td> 40050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 40150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 40250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 40350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 40450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA</td> 40550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4065b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 40750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 40850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 40950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA</td> 41050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4115b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 41250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 41350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 4149e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256</td> 4159e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4169e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4179e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4189e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 4199e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256</td> 4209e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4219e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4229e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4239e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 42450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA</td> 42550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4265b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 42750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 42850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 4299e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384</td> 4309e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4319e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4329e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4339e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 4349e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384</td> 4359e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4369e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4379e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4389e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 43950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_NULL_SHA</td> 44050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 44150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 44250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 44350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 44450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_RC4_128_SHA</td> 44550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4465b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 44750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 44850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 44950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA</td> 45050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4515b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 45250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 45350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 45450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA</td> 45550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4565b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 45750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 45850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 4599e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256</td> 4609e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4619e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4629e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4639e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 4649e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256</td> 4659e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4669e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4679e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4689e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 46950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA</td> 47050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4715b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 47250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 47350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 4749e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384</td> 4759e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4769e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4779e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4789e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 4799e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384</td> 4809e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4819e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4829e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4839e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 48450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_RSA_WITH_NULL_SHA</td> 48550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 48650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 48750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 48850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 48950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_RSA_WITH_RC4_128_SHA</td> 49050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4915b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 49250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 49350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 49450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA</td> 49550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 49650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 49750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 49850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 49950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_anon_WITH_AES_128_CBC_SHA</td> 50050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 50150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 50250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 50350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 50450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_anon_WITH_AES_256_CBC_SHA</td> 50550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 50650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 50750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 50850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 50950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_anon_WITH_NULL_SHA</td> 51050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 51150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 51250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 51350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 514c0595af5666da10f75c46e7d00c51382af2366faAlex Klyubin * <td>TLS_ECDH_anon_WITH_RC4_128_SHA</td> 51550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 516c0595af5666da10f75c46e7d00c51382af2366faAlex Klyubin * <td></td> 51750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 51850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 519c0595af5666da10f75c46e7d00c51382af2366faAlex Klyubin * <td>TLS_EMPTY_RENEGOTIATION_INFO_SCSV</td> 520c0595af5666da10f75c46e7d00c51382af2366faAlex Klyubin * <td>11+</td> 52150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 52250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 52350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 524e6a6e935e98f426c7000b2bf4086f87101f4441cKenny Root * <td>TLS_FALLBACK_SCSV</td> 525e6a6e935e98f426c7000b2bf4086f87101f4441cKenny Root * <td>21+</td> 526e6a6e935e98f426c7000b2bf4086f87101f4441cKenny Root * <td></td> 527e6a6e935e98f426c7000b2bf4086f87101f4441cKenny Root * </tr> 528e6a6e935e98f426c7000b2bf4086f87101f4441cKenny Root * <tr> 529c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_3DES_EDE_CBC_SHA</td> 53082567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 531c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td></td> 532c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 533c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 534c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_AES_128_CBC_SHA</td> 53582567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 536b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * <td>21+</td> 537c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 538c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 539c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_AES_256_CBC_SHA</td> 54082567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 541b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * <td>21+</td> 542c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 543c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 544c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td>TLS_PSK_WITH_RC4_128_SHA</td> 54582567d6265458e51ddcfba20937128efecbeda4dAlex Klyubin * <td>21+</td> 546c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <td></td> 547c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * </tr> 548c9461f39290f815f560f2ec50e9ccde5ff4eb8f7Alex Klyubin * <tr> 54950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_RSA_WITH_AES_128_CBC_SHA</td> 55050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 55150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 55250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 55350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 5549e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_RSA_WITH_AES_128_CBC_SHA256</td> 5559e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 5569e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 5579e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 5589e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 5599e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_RSA_WITH_AES_128_GCM_SHA256</td> 5609e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 5610f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 5629e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 5639e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 56450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_RSA_WITH_AES_256_CBC_SHA</td> 56550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 56650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 56750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 5689e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 5699e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_RSA_WITH_AES_256_CBC_SHA256</td> 5709e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 5719e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 5729e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 5739e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 5749e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_RSA_WITH_AES_256_GCM_SHA384</td> 5759e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 5760f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 5779e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 5789e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 5799e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_RSA_WITH_NULL_SHA256</td> 5809e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 5819e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 5829e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 58350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tbody> 58450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </table> 58550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 586b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * <p><em>NOTE</em>: PSK cipher suites are enabled by default only if the {@code SSLContext} through 587b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * which the socket was created has been initialized with a {@code PSKKeyManager}. 588b5730a183c0ef94946bb04222f6219f83adef8f5Alex Klyubin * 58950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <p>API Levels 1 to 8 use OpenSSL names for cipher suites. The table below 59050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * lists these OpenSSL names and their corresponding standard names used in API 59150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * Levels 9 and newer. 59250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <table> 59350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <thead> 59450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 59550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>OpenSSL cipher suite</th> 59650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Standard cipher suite</th> 59750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Supported (API Levels)</th> 59850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Enabled by default (API Levels)</th> 59950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 60050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </thead> 60150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 60250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tbody> 60350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 60450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>AES128-SHA</td> 60550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_RSA_WITH_AES_128_CBC_SHA</td> 60650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 60750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 60850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 60950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 61050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>AES256-SHA</td> 61150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_RSA_WITH_AES_256_CBC_SHA</td> 61250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 61350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8, 11+</td> 61450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 61550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 61650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DES-CBC-MD5</td> 61750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_CK_DES_64_CBC_WITH_MD5</td> 61850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 61950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 62050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 62150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 62250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DES-CBC-SHA</td> 62350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_DES_CBC_SHA</td> 62450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 62550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 62650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 62750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 62850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DES-CBC3-MD5</td> 62950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_CK_DES_192_EDE3_CBC_WITH_MD5</td> 63050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 63150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 63250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 63350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 63450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DES-CBC3-SHA</td> 63550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_3DES_EDE_CBC_SHA</td> 63650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 6379a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>1-19</td> 63850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 63950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 64050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DHE-DSS-AES128-SHA</td> 64150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</td> 64250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 64350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 64450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 64550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 64650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DHE-DSS-AES256-SHA</td> 64750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</td> 64850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 64950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8, 11+</td> 65050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 65150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 65250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DHE-RSA-AES128-SHA</td> 65350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</td> 65450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 65550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 65650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 65750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 65850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DHE-RSA-AES256-SHA</td> 65950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</td> 66050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 66150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8, 11+</td> 66250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 66350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 66450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EDH-DSS-DES-CBC-SHA</td> 66550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_WITH_DES_CBC_SHA</td> 66650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 66750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 66850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 66950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 67050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EDH-DSS-DES-CBC3-SHA</td> 67150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</td> 67250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 6739a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>1-19</td> 67450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 67550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 67650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EDH-RSA-DES-CBC-SHA</td> 67750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_WITH_DES_CBC_SHA</td> 67850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 67950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 68050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 68150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 68250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EDH-RSA-DES-CBC3-SHA</td> 68350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 68450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 6859a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>1-19</td> 68650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 68750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 68850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EXP-DES-CBC-SHA</td> 68950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 69050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 69150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 69250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 69350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 69450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EXP-EDH-DSS-DES-CBC-SHA</td> 69550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</td> 69650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 69750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 69850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 69950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 70050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EXP-EDH-RSA-DES-CBC-SHA</td> 70150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 70250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 70350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 70450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 70550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 70650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EXP-RC2-CBC-MD5</td> 70750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5</td> 70850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 70950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 71050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 71150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 71250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EXP-RC4-MD5</td> 71350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_RC4_40_MD5</td> 71450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 71550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 71650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 71750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 71850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>RC2-CBC-MD5</td> 71950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_CK_RC2_128_CBC_WITH_MD5</td> 72050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 72150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 72250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 72350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 72450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>RC4-MD5</td> 72550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_MD5</td> 72650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 72771fa3ffedf35aff964eb2545e9af5fecfb8fe8ceAlex Klyubin * <td>1-19</td> 72850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 72950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 73050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>RC4-SHA</td> 73150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_SHA</td> 73250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 73350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 73450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 73550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tbody> 73650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </table> 737adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 738adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpublic abstract class SSLSocket extends Socket { 739f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 740adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 741adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only to be used by subclasses. 742adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 743adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a TCP socket. 744adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 745adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project protected SSLSocket() { 746adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 747adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 748adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 749adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only to be used by subclasses. 750adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 751adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a TCP socket connection to the specified host at the specified 752adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * port. 753f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 754adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param host 755adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the host name to connect to. 756adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param port 757adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the port number to connect to. 758adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException 759adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if creating the socket fails. 760adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws UnknownHostException 761adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the specified host is not known. 762adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 763f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson protected SSLSocket(String host, int port) throws IOException, UnknownHostException { 764adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project super(host, port); 765adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 766adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 767adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 768adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only to be used by subclasses. 769adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 770adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a TCP socket connection to the specified address at the specified 771adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * port. 772f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 773adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param address 774adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the address to connect to. 775adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param port 776adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the port number to connect to. 777adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException 778adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if creating the socket fails. 779adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 780adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project protected SSLSocket(InetAddress address, int port) throws IOException { 781adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project super(address, port); 782adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 783adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 784adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 785adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only to be used by subclasses. 786adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 787adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a TCP socket connection to the specified host at the specified 788adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * port with the client side bound to the specified address and port. 789f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 790adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param host 791adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the host name to connect to. 792adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param port 793adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the port number to connect to. 794adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param clientAddress 795adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the client address to bind to 796adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param clientPort 797adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the client port number to bind to. 798adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException 799adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if creating the socket fails. 800adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws UnknownHostException 801adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the specified host is not known. 802adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 803f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson protected SSLSocket(String host, int port, InetAddress clientAddress, int clientPort) 804f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson throws IOException, UnknownHostException { 805adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project super(host, port, clientAddress, clientPort); 806adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 807adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 808adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 809adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only to be used by subclasses. 810adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 811adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a TCP socket connection to the specified address at the specified 812adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * port with the client side bound to the specified address and port. 813f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 814adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param address 815adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the address to connect to. 816adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param port 817adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the port number to connect to. 818adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param clientAddress 819adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the client address to bind to. 820adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param clientPort 821adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the client port number to bind to. 822adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException 823adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if creating the socket fails. 824adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 825f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson protected SSLSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort) 826f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson throws IOException { 827adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project super(address, port, clientAddress, clientPort); 828adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 829f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 830adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 8310c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Unsupported for SSL because reading from an SSL socket may require 8320c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * writing to the network. 8330c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson */ 8340c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson @Override public void shutdownInput() throws IOException { 8350c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson throw new UnsupportedOperationException(); 8360c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson } 8370c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson 8380c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson /** 8390c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Unsupported for SSL because writing to an SSL socket may require reading 8400c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * from the network. 8410c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson */ 8420c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson @Override public void shutdownOutput() throws IOException { 8430c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson throw new UnsupportedOperationException(); 8440c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson } 8450c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson 8460c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson /** 847adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the names of the supported cipher suites. 848adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 849adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getSupportedCipherSuites(); 850f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 851adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 852adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the names of the enabled cipher suites. 853adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 854adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getEnabledCipherSuites(); 855f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 856adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 857adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets the names of the cipher suites to be enabled. 858adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only cipher suites returned by {@link #getSupportedCipherSuites()} are 859adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * allowed. 860f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 861adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param suites 862adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the names of the to be enabled cipher suites. 863adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 864adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the cipher suite names is not supported. 865adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 866adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnabledCipherSuites(String[] suites); 867f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 868adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 869adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the names of the supported protocols. 870adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 871adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getSupportedProtocols(); 872f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 873adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 874adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the names of the enabled protocols. 875adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 876adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getEnabledProtocols(); 877f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 878adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 879adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets the names of the protocols to be enabled. Only 880adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * protocols returned by {@link #getSupportedProtocols()} are allowed. 881f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 882adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param protocols 883adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the names of the to be enabled protocols. 884adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 885adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the protocols is not supported. 886adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 887adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnabledProtocols(String[] protocols); 888f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 889adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 890adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code SSLSession} for this connection. If necessary, a 891adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * handshake will be initiated, in which case this method will block until the handshake 892adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * has been established. If the handshake fails, an invalid session object 893adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * will be returned. 894f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 895adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the session object. 896adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 897adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract SSLSession getSession(); 898f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 899adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 90070bf6bc3ad78ed9a0a7a5767381ad6c25debbd70Kenny Root * Registers the specified listener to receive notification on completion of 90170bf6bc3ad78ed9a0a7a5767381ad6c25debbd70Kenny Root * a handshake on this connection. 90270bf6bc3ad78ed9a0a7a5767381ad6c25debbd70Kenny Root * 90370bf6bc3ad78ed9a0a7a5767381ad6c25debbd70Kenny Root * @param listener the listener to register. 90470bf6bc3ad78ed9a0a7a5767381ad6c25debbd70Kenny Root * @throws IllegalArgumentException if {@code listener} is {@code null}. 905adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 906adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void addHandshakeCompletedListener(HandshakeCompletedListener listener); 907f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 908adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 909adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Removes the specified handshake completion listener. 910f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 911adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param listener 912adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the listener to remove. 913adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 914adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the specified listener is not registered or {@code null}. 915adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 916adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void removeHandshakeCompletedListener(HandshakeCompletedListener listener); 917f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 918adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 919adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Starts a new SSL handshake on this connection. 920f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 921adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException 922adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if an error occurs. 923adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 924adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void startHandshake() throws IOException; 925f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 926adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 927adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether this connection should act in client mode when handshaking. 928f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 929adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param mode 930adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code true} if this connection should act in client mode, 931adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if not. 932adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 933adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setUseClientMode(boolean mode); 934f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 935adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 9360c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Returns true if this connection will act in client mode when handshaking. 937adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 938adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getUseClientMode(); 939f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 940adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 9410c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Sets whether the server should require client authentication. This 9420c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * does not apply to sockets in {@link #getUseClientMode() client mode}. 9430c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Client authentication is one of the following: 944adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <ul> 945adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication required</li> 946adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication requested</li> 947adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>no authentication needed</li> 948adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </ul> 949adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This method overrides the setting of {@link #setWantClientAuth(boolean)}. 950adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 951adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setNeedClientAuth(boolean need); 952f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 953adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 9540c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Sets whether the server should request client authentication. Unlike 9550c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * {@link #setNeedClientAuth} this won't stop the negotiation if the client 9560c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * doesn't authenticate. This does not apply to sockets in {@link 9570c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * #getUseClientMode() client mode}.The client authentication is one of: 958adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <ul> 959adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication required</li> 960adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication requested</li> 961adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>no authentication needed</li> 962adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </ul> 963adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This method overrides the setting of {@link #setNeedClientAuth(boolean)}. 964adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 965adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setWantClientAuth(boolean want); 966f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 967adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 9680c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Returns true if the server socket should require client authentication. 9690c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * This does not apply to sockets in {@link #getUseClientMode() client 9700c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * mode}. 9710c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson */ 9720c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson public abstract boolean getNeedClientAuth(); 9730c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson 9740c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson /** 9750c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Returns true if the server should request client authentication. This 9760c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * does not apply to sockets in {@link #getUseClientMode() client mode}. 977adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 978adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getWantClientAuth(); 979f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 980adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 981adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether new SSL sessions may be created by this socket or if 9820c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * existing sessions must be reused. If {@code flag} is false and there are 9830c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * no sessions to resume, handshaking will fail. 984f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 9850c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * @param flag {@code true} if new sessions may be created. 986adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 987adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnableSessionCreation(boolean flag); 988f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 989adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 990adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether new SSL sessions may be created by this socket or if 991adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * existing sessions must be reused. 992f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 993adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if new sessions may be created, otherwise 994adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false}. 995adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 996adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getEnableSessionCreation(); 997f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 9980c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom /** 9990c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * Returns a new SSLParameters based on this SSLSocket's current 10000c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * cipher suites, protocols, and client authentication settings. 10010c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * 10020c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * @since 1.6 10030c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom */ 10040c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom public SSLParameters getSSLParameters() { 10050c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom SSLParameters p = new SSLParameters(); 10060c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setCipherSuites(getEnabledCipherSuites()); 10070c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setProtocols(getEnabledProtocols()); 10080c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setNeedClientAuth(getNeedClientAuth()); 10090c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setWantClientAuth(getWantClientAuth()); 10100c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom return p; 10110c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 10120c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom 10130c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom /** 10140c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * Sets various SSL handshake parameters based on the SSLParameter 10150c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * argument. Specifically, sets the SSLSocket's enabled cipher 10160c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * suites if the parameter's cipher suites are non-null. Similarly 10170c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * sets the enabled protocols. If the parameters specify the want 10180c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * or need for client authentication, those requirements are set 10190c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * on the SSLSocket, otherwise both are set to false. 10200c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * @since 1.6 10210c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom */ 10220c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom public void setSSLParameters(SSLParameters p) { 10230c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom String[] cipherSuites = p.getCipherSuites(); 10240c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (cipherSuites != null) { 10250c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setEnabledCipherSuites(cipherSuites); 10260c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 10270c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom String[] protocols = p.getProtocols(); 10280c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (protocols != null) { 10290c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setEnabledProtocols(protocols); 10300c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 10310c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (p.getNeedClientAuth()) { 10320c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setNeedClientAuth(true); 10330c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } else if (p.getWantClientAuth()) { 10340c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setWantClientAuth(true); 10350c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } else { 10360c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setWantClientAuth(false); 10370c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 10380c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 1039f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson} 1040