SSLSocket.java revision 9a61ef3365ba5e33c65eec42fc80c7e47bc09958
1adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/* 2adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Licensed to the Apache Software Foundation (ASF) under one or more 3adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * contributor license agreements. See the NOTICE file distributed with 4adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * this work for additional information regarding copyright ownership. 5adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASF licenses this file to You under the Apache License, Version 2.0 6adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * (the "License"); you may not use this file except in compliance with 7adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the License. You may obtain a copy of the License at 8adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 9adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 10adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 11adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Unless required by applicable law or agreed to in writing, software 12adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 13adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * See the License for the specific language governing permissions and 15adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * limitations under the License. 16adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 17adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 18adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpackage javax.net.ssl; 19adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 20adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.IOException; 21adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.net.InetAddress; 22adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.net.Socket; 23adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.net.UnknownHostException; 24adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 25adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 26adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The extension of {@code Socket} providing secure protocols like SSL (Secure 270f38eccddbc8ea0ec3e331509d40650ad4b14d45Brian Carlstrom * Sockets Layer) or TLS (Transport Layer Security). 2850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 2950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <h3>Default configuration</h3> 3050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <p>{@code SSLSocket} instances obtained from default {@link SSLSocketFactory}, 3150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * {@link SSLServerSocketFactory}, and {@link SSLContext} are configured as follows: 3250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 3350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <h4>Protocols</h4> 3450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 3550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <p>Client socket: 3650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <table> 3750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <thead> 3850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 3950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Protocol</th> 4050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Supported (API Levels)</th> 4150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Enabled by default (API Levels)</th> 4250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 4350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </thead> 4450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tbody> 4550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 4650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSLv3</td> 4750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 4850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 4950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 5050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 5150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1</td> 5250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 5350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 5450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 5550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 5650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1.1</td> 5750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 5853360555a747056b8e599c3e3fb06532e7e30f61Alex Klyubin * <td>20+</td> 5950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 6050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 6150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1.2</td> 6250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 6353360555a747056b8e599c3e3fb06532e7e30f61Alex Klyubin * <td>20+</td> 6450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 6550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tbody> 6650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </table> 6750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 6850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <p>Server socket: 6950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <table> 7050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <thead> 7150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 7250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Protocol</th> 7350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Supported (API Levels)</th> 7450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Enabled by default (API Levels)</th> 7550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 7650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </thead> 7750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tbody> 7850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 7950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSLv3</td> 8050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 8150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 8250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 8350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 8450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1</td> 8550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 8650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 8750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 8850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 8950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1.1</td> 9050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 9150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 9250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 9350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 9450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLSv1.2</td> 9550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 9650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>16+</td> 9750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 9850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tbody> 9950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </table> 10050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 10150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <h4>Cipher suites</h4> 10250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 10350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <p>Methods that operate with cipher suite names (for example, 10450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * {@link #getSupportedCipherSuites() getSupportedCipherSuites}, 10550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * {@link #setEnabledCipherSuites(String[]) setEnabledCipherSuites}) have used 10650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * standard names for cipher suites since API Level 9, as listed in the table 10750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * below. Prior to API Level 9, non-standard (OpenSSL) names had been used (see 10850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * the table following this table). 10950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <table> 11050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <thead> 11150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 11250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Cipher suite</th> 11350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Supported (API Levels)</th> 11450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Enabled by default (API Levels)</th> 11550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 11650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </thead> 11750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tbody> 11850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 11950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</td> 12050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 12150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 12250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 12350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 12450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</td> 12550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 12650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 12750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 12850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 12950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_WITH_DES_CBC_SHA</td> 13050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 13150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 13250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 13350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 13450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 13550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 13650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 13750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 13850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 13950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 14050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 1419a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>9-19</td> 14250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 14350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 14450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_WITH_DES_CBC_SHA</td> 14550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 14650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 14750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 14850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 14950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA</td> 15050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 15150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 15250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 15350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 15450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DH_anon_EXPORT_WITH_RC4_40_MD5</td> 15550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 15650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 15750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 15850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 15950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DH_anon_WITH_3DES_EDE_CBC_SHA</td> 16050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 16150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 16250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 16350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 16450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DH_anon_WITH_DES_CBC_SHA</td> 16550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 16650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 16750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 16850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 16950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DH_anon_WITH_RC4_128_MD5</td> 17050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 17150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 17250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 17350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 17450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 17550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 17650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 17750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 17850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 17950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_RC4_40_MD5</td> 18050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 18150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 18250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 18350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 18450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_3DES_EDE_CBC_SHA</td> 18550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 1869a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>9-19</td> 18750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 18850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 18950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_DES_CBC_SHA</td> 19050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 19150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9-19</td> 19250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 19350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 19450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_NULL_MD5</td> 19550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 19650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 19750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 19850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 19950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_NULL_SHA</td> 20050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 20150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 20250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 20350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 20450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_MD5</td> 20550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 20650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 20750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 20850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 20950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_SHA</td> 21050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 21150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 21250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 21350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 21450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</td> 21550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 21650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 21750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 21850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2199e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA256</td> 2209e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2219e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2229e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2239e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2249e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_GCM_SHA256</td> 2259e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2269e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2279e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2289e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 22950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</td> 23050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 23150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 23250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 23350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2349e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA256</td> 2359e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2369e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2379e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2389e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2399e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_GCM_SHA384</td> 2409e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2419e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2429e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2439e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 24450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</td> 24550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 24650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 24750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 24850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2499e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA256</td> 2509e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2519e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2529e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2539e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2549e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_GCM_SHA256</td> 2559e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2560f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 2579e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2589e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 25950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</td> 26050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 26150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 26250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 26350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2649e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA256</td> 2659e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2669e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2679e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2689e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2699e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_GCM_SHA384</td> 2709e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2710f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 2729e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2739e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 27450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DH_anon_WITH_AES_128_CBC_SHA</td> 27550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 27650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 27750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 27850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2799e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DH_anon_WITH_AES_128_CBC_SHA256</td> 2809e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2819e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2829e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2839e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2849e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DH_anon_WITH_AES_128_GCM_SHA256</td> 2859e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2869e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2879e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2889e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 28950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DH_anon_WITH_AES_256_CBC_SHA</td> 29050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 29150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 29250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 29350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 2949e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DH_anon_WITH_AES_256_CBC_SHA256</td> 2959e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 2969e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 2979e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 2989e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 2999e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_DH_anon_WITH_AES_256_GCM_SHA384</td> 3009e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3019e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 3029e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3039e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 30450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA</td> 30550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 3069a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>11-19</td> 30750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 30850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 30950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</td> 31050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 31150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 31250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 31350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 3149e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</td> 3159e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3169e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 3179e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3189e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 3190f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</td> 3200f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 3219e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3229e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3239e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 32450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</td> 32550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 32650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 32750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 32850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 3299e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384</td> 3309e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3319e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 3329e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3339e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 3349e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</td> 3359e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3360f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 3379e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3389e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 33950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_NULL_SHA</td> 34050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 34150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 34250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 34350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 34450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</td> 34550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 34650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 34750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 34850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 34950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 35050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 3519a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>11-19</td> 35250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 35350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 35450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</td> 35550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 35650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 35750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 35850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 3599e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256</td> 3609e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3619e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 3629e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3639e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 3649e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</td> 3659e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3660f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 3679e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3689e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 36950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</td> 37050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 37150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 37250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 37350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 3749e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</td> 3759e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3769e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 3779e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3789e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 3799e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</td> 3809e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 3810f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 3829e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 3839e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 38450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_NULL_SHA</td> 38550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 38650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 38750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 38850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 38950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDHE_RSA_WITH_RC4_128_SHA</td> 39050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 39150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 39250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 39350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 39450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA</td> 39550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 3965b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 39750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 39850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 39950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA</td> 40050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4015b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 40250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 40350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 4049e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256</td> 4059e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4069e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4079e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4089e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 4099e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256</td> 4109e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4119e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4129e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4139e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 41450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA</td> 41550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4165b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 41750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 41850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 4199e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384</td> 4209e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4219e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4229e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4239e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 4249e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384</td> 4259e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4269e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4279e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4289e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 42950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_NULL_SHA</td> 43050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 43150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 43250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 43350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 43450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_ECDSA_WITH_RC4_128_SHA</td> 43550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4365b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 43750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 43850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 43950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA</td> 44050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4415b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 44250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 44350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 44450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA</td> 44550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4465b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 44750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 44850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 4499e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256</td> 4509e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4519e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4529e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4539e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 4549e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256</td> 4559e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4569e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4579e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4589e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 45950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA</td> 46050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4615b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 46250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 46350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 4649e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384</td> 4659e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4669e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4679e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4689e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 4699e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384</td> 4709e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 4719e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 4729e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 4739e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 47450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_RSA_WITH_NULL_SHA</td> 47550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 47650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 47750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 47850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 47950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_RSA_WITH_RC4_128_SHA</td> 48050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 4815b15ad6b3d508a97d1cd23667afaee8c55072718Alex Klyubin * <td>11-19</td> 48250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 48350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 48450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA</td> 48550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 48650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 48750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 48850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 48950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_anon_WITH_AES_128_CBC_SHA</td> 49050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 49150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 49250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 49350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 49450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_anon_WITH_AES_256_CBC_SHA</td> 49550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 49650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 49750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 49850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 49950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_anon_WITH_NULL_SHA</td> 50050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 50150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 50250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 50350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 50450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_EMPTY_RENEGOTIATION_INFO_SCSV</td> 50550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 50650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 50750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 50850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 50950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_ECDH_anon_WITH_RC4_128_SHA</td> 51050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 51150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td></td> 51250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 51350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 51450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_RSA_WITH_AES_128_CBC_SHA</td> 51550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 51650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 51750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 51850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 5199e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_RSA_WITH_AES_128_CBC_SHA256</td> 5209e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 5219e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 5229e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 5239e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 5249e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_RSA_WITH_AES_128_GCM_SHA256</td> 5259e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 5260f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 5279e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 5289e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 52950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_RSA_WITH_AES_256_CBC_SHA</td> 53050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>9+</td> 53150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>11+</td> 53250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 5339e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 5349e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_RSA_WITH_AES_256_CBC_SHA256</td> 5359e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 5369e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 5379e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 5389e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 5399e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_RSA_WITH_AES_256_GCM_SHA384</td> 5409e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 5410f0e96af6a1e9e6ed88e2b310c8650d0021cfd47Alex Klyubin * <td>20+</td> 5429e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 5439e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <tr> 5449e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>TLS_RSA_WITH_NULL_SHA256</td> 5459e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td>20+</td> 5469e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * <td></td> 5479e73d3f497461c5bd788bcfb7882e78c016e5876Alex Klyubin * </tr> 54850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tbody> 54950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </table> 55050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 55150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <p>API Levels 1 to 8 use OpenSSL names for cipher suites. The table below 55250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * lists these OpenSSL names and their corresponding standard names used in API 55350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * Levels 9 and newer. 55450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <table> 55550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <thead> 55650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 55750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>OpenSSL cipher suite</th> 55850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Standard cipher suite</th> 55950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Supported (API Levels)</th> 56050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <th>Enabled by default (API Levels)</th> 56150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 56250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </thead> 56350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * 56450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tbody> 56550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 56650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>AES128-SHA</td> 56750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_RSA_WITH_AES_128_CBC_SHA</td> 56850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 56950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 57050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 57150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 57250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>AES256-SHA</td> 57350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_RSA_WITH_AES_256_CBC_SHA</td> 57450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 57550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8, 11+</td> 57650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 57750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 57850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DES-CBC-MD5</td> 57950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_CK_DES_64_CBC_WITH_MD5</td> 58050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 58150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 58250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 58350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 58450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DES-CBC-SHA</td> 58550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_DES_CBC_SHA</td> 58650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 58750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 58850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 58950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 59050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DES-CBC3-MD5</td> 59150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_CK_DES_192_EDE3_CBC_WITH_MD5</td> 59250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 59350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 59450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 59550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 59650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DES-CBC3-SHA</td> 59750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_3DES_EDE_CBC_SHA</td> 59850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 5999a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>1-19</td> 60050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 60150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 60250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DHE-DSS-AES128-SHA</td> 60350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</td> 60450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 60550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 60650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 60750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 60850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DHE-DSS-AES256-SHA</td> 60950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</td> 61050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 61150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8, 11+</td> 61250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 61350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 61450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DHE-RSA-AES128-SHA</td> 61550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</td> 61650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 61750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 61850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 61950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 62050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>DHE-RSA-AES256-SHA</td> 62150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</td> 62250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 62350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8, 11+</td> 62450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 62550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 62650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EDH-DSS-DES-CBC-SHA</td> 62750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_WITH_DES_CBC_SHA</td> 62850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 62950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 63050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 63150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 63250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EDH-DSS-DES-CBC3-SHA</td> 63350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</td> 63450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 6359a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>1-19</td> 63650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 63750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 63850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EDH-RSA-DES-CBC-SHA</td> 63950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_WITH_DES_CBC_SHA</td> 64050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 64150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 64250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 64350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 64450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EDH-RSA-DES-CBC3-SHA</td> 64550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</td> 64650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 6479a61ef3365ba5e33c65eec42fc80c7e47bc09958Alex Klyubin * <td>1-19</td> 64850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 64950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 65050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EXP-DES-CBC-SHA</td> 65150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 65250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 65350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 65450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 65550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 65650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EXP-EDH-DSS-DES-CBC-SHA</td> 65750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</td> 65850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 65950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 66050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 66150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 66250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EXP-EDH-RSA-DES-CBC-SHA</td> 66350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</td> 66450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 66550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 66650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 66750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 66850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EXP-RC2-CBC-MD5</td> 66950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5</td> 67050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 67150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 67250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 67350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 67450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>EXP-RC4-MD5</td> 67550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_EXPORT_WITH_RC4_40_MD5</td> 67650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 67750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-19</td> 67850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 67950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 68050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>RC2-CBC-MD5</td> 68150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_CK_RC2_128_CBC_WITH_MD5</td> 68250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 68350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1-8</td> 68450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 68550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 68650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>RC4-MD5</td> 68750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_MD5</td> 68850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 68950ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 69050ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 69150ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <tr> 69250ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>RC4-SHA</td> 69350ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>SSL_RSA_WITH_RC4_128_SHA</td> 69450ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 69550ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * <td>1+</td> 69650ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tr> 69750ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </tbody> 69850ef556fd74a411bebdf0e33df75d7be1df1ed81Alex Klyubin * </table> 699adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 700adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpublic abstract class SSLSocket extends Socket { 701f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 702adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 703adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only to be used by subclasses. 704adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 705adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a TCP socket. 706adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 707adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project protected SSLSocket() { 708adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 709adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 710adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 711adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only to be used by subclasses. 712adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 713adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a TCP socket connection to the specified host at the specified 714adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * port. 715f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 716adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param host 717adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the host name to connect to. 718adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param port 719adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the port number to connect to. 720adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException 721adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if creating the socket fails. 722adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws UnknownHostException 723adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the specified host is not known. 724adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 725f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson protected SSLSocket(String host, int port) throws IOException, UnknownHostException { 726adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project super(host, port); 727adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 728adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 729adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 730adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only to be used by subclasses. 731adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 732adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a TCP socket connection to the specified address at the specified 733adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * port. 734f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 735adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param address 736adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the address to connect to. 737adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param port 738adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the port number to connect to. 739adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException 740adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if creating the socket fails. 741adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 742adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project protected SSLSocket(InetAddress address, int port) throws IOException { 743adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project super(address, port); 744adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 745adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 746adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 747adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only to be used by subclasses. 748adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 749adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a TCP socket connection to the specified host at the specified 750adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * port with the client side bound to the specified address and port. 751f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 752adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param host 753adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the host name to connect to. 754adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param port 755adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the port number to connect to. 756adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param clientAddress 757adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the client address to bind to 758adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param clientPort 759adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the client port number to bind to. 760adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException 761adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if creating the socket fails. 762adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws UnknownHostException 763adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the specified host is not known. 764adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 765f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson protected SSLSocket(String host, int port, InetAddress clientAddress, int clientPort) 766f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson throws IOException, UnknownHostException { 767adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project super(host, port, clientAddress, clientPort); 768adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 769adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 770adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 771adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only to be used by subclasses. 772adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 773adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a TCP socket connection to the specified address at the specified 774adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * port with the client side bound to the specified address and port. 775f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 776adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param address 777adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the address to connect to. 778adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param port 779adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the port number to connect to. 780adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param clientAddress 781adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the client address to bind to. 782adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param clientPort 783adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the client port number to bind to. 784adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException 785adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if creating the socket fails. 786adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 787f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson protected SSLSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort) 788f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson throws IOException { 789adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project super(address, port, clientAddress, clientPort); 790adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 791f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 792adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 7930c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Unsupported for SSL because reading from an SSL socket may require 7940c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * writing to the network. 7950c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson */ 7960c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson @Override public void shutdownInput() throws IOException { 7970c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson throw new UnsupportedOperationException(); 7980c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson } 7990c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson 8000c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson /** 8010c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Unsupported for SSL because writing to an SSL socket may require reading 8020c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * from the network. 8030c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson */ 8040c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson @Override public void shutdownOutput() throws IOException { 8050c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson throw new UnsupportedOperationException(); 8060c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson } 8070c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson 8080c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson /** 809adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the names of the supported cipher suites. 810adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 811adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getSupportedCipherSuites(); 812f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 813adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 814adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the names of the enabled cipher suites. 815adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 816adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getEnabledCipherSuites(); 817f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 818adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 819adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets the names of the cipher suites to be enabled. 820adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Only cipher suites returned by {@link #getSupportedCipherSuites()} are 821adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * allowed. 822f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 823adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param suites 824adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the names of the to be enabled cipher suites. 825adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 826adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the cipher suite names is not supported. 827adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 828adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnabledCipherSuites(String[] suites); 829f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 830adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 831adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the names of the supported protocols. 832adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 833adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getSupportedProtocols(); 834f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 835adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 836adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the names of the enabled protocols. 837adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 838adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String[] getEnabledProtocols(); 839f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 840adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 841adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets the names of the protocols to be enabled. Only 842adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * protocols returned by {@link #getSupportedProtocols()} are allowed. 843f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 844adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param protocols 845adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the names of the to be enabled protocols. 846adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 847adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if one of the protocols is not supported. 848adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 849adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnabledProtocols(String[] protocols); 850f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 851adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 852adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code SSLSession} for this connection. If necessary, a 853adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * handshake will be initiated, in which case this method will block until the handshake 854adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * has been established. If the handshake fails, an invalid session object 855adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * will be returned. 856f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 857adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the session object. 858adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 859adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract SSLSession getSession(); 860f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 861adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 862adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Registers the specified listener to receive notification on completion of a 863adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * handshake on this connection. 864f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 865adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param listener 866adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the listener to register. 867adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 868adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if {@code listener} is {@code null}. 869adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 870adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void addHandshakeCompletedListener(HandshakeCompletedListener listener); 871f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 872adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 873adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Removes the specified handshake completion listener. 874f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 875adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param listener 876adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the listener to remove. 877adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IllegalArgumentException 878adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the specified listener is not registered or {@code null}. 879adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 880adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void removeHandshakeCompletedListener(HandshakeCompletedListener listener); 881f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 882adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 883adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Starts a new SSL handshake on this connection. 884f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 885adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws IOException 886adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if an error occurs. 887adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 888adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void startHandshake() throws IOException; 889f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 890adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 891adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether this connection should act in client mode when handshaking. 892f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 893adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param mode 894adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code true} if this connection should act in client mode, 895adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false} if not. 896adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 897adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setUseClientMode(boolean mode); 898f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 899adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 9000c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Returns true if this connection will act in client mode when handshaking. 901adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 902adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getUseClientMode(); 903f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 904adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 9050c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Sets whether the server should require client authentication. This 9060c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * does not apply to sockets in {@link #getUseClientMode() client mode}. 9070c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Client authentication is one of the following: 908adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <ul> 909adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication required</li> 910adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication requested</li> 911adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>no authentication needed</li> 912adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </ul> 913adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This method overrides the setting of {@link #setWantClientAuth(boolean)}. 914adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 915adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setNeedClientAuth(boolean need); 916f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 917adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 9180c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Sets whether the server should request client authentication. Unlike 9190c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * {@link #setNeedClientAuth} this won't stop the negotiation if the client 9200c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * doesn't authenticate. This does not apply to sockets in {@link 9210c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * #getUseClientMode() client mode}.The client authentication is one of: 922adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <ul> 923adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication required</li> 924adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>authentication requested</li> 925adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <li>no authentication needed</li> 926adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </ul> 927adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This method overrides the setting of {@link #setNeedClientAuth(boolean)}. 928adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 929adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setWantClientAuth(boolean want); 930f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 931adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 9320c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Returns true if the server socket should require client authentication. 9330c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * This does not apply to sockets in {@link #getUseClientMode() client 9340c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * mode}. 9350c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson */ 9360c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson public abstract boolean getNeedClientAuth(); 9370c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson 9380c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson /** 9390c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * Returns true if the server should request client authentication. This 9400c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * does not apply to sockets in {@link #getUseClientMode() client mode}. 941adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 942adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getWantClientAuth(); 943f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 944adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 945adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Sets whether new SSL sessions may be created by this socket or if 9460c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * existing sessions must be reused. If {@code flag} is false and there are 9470c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * no sessions to resume, handshaking will fail. 948f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 9490c58d22d44cfb56f0c80f0fa1c69297ba45f3afcJesse Wilson * @param flag {@code true} if new sessions may be created. 950adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 951adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void setEnableSessionCreation(boolean flag); 952f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 953adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 954adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns whether new SSL sessions may be created by this socket or if 955adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * existing sessions must be reused. 956f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson * 957adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return {@code true} if new sessions may be created, otherwise 958adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * {@code false}. 959adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 960adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract boolean getEnableSessionCreation(); 961f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson 9620c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom /** 9630c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * Returns a new SSLParameters based on this SSLSocket's current 9640c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * cipher suites, protocols, and client authentication settings. 9650c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * 9660c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * @since 1.6 9670c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom */ 9680c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom public SSLParameters getSSLParameters() { 9690c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom SSLParameters p = new SSLParameters(); 9700c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setCipherSuites(getEnabledCipherSuites()); 9710c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setProtocols(getEnabledProtocols()); 9720c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setNeedClientAuth(getNeedClientAuth()); 9730c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom p.setWantClientAuth(getWantClientAuth()); 9740c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom return p; 9750c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 9760c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom 9770c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom /** 9780c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * Sets various SSL handshake parameters based on the SSLParameter 9790c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * argument. Specifically, sets the SSLSocket's enabled cipher 9800c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * suites if the parameter's cipher suites are non-null. Similarly 9810c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * sets the enabled protocols. If the parameters specify the want 9820c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * or need for client authentication, those requirements are set 9830c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * on the SSLSocket, otherwise both are set to false. 9840c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom * @since 1.6 9850c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom */ 9860c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom public void setSSLParameters(SSLParameters p) { 9870c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom String[] cipherSuites = p.getCipherSuites(); 9880c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (cipherSuites != null) { 9890c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setEnabledCipherSuites(cipherSuites); 9900c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 9910c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom String[] protocols = p.getProtocols(); 9920c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (protocols != null) { 9930c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setEnabledProtocols(protocols); 9940c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 9950c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom if (p.getNeedClientAuth()) { 9960c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setNeedClientAuth(true); 9970c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } else if (p.getWantClientAuth()) { 9980c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setWantClientAuth(true); 9990c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } else { 10000c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom setWantClientAuth(false); 10010c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 10020c131a2ca38465b7d1df4eaee63ac73ce4d5986dBrian Carlstrom } 1003f921579f87fa63204b4a4bef39ed27e7835aec45Jesse Wilson} 1004