Class JSSServerSocket

  • All Implemented Interfaces:
    java.io.Closeable, java.lang.AutoCloseable

    public class JSSServerSocket
    extends javax.net.ssl.SSLServerSocket
    SSL-enabled server socket following the javax.net.ssl.SSLServerSocket interface. Most users will want to use the JSSServerSocketFactory provided by the Java Provider interface instead of using this class directly. This SSLSocket implementation is a wrapped implementation. In particular, we need to consume an existing ServerSocket (via the consumeSocket(...) call) which we actually use for the accept() call. When called from a socket factory, this additional socket will be automatically created for the caller. All JSSServerSocket instances have a underlying ServerSocketChannel, of type JSSServerSocketChannel. Notably lacking from javax.net.ssl is a javax.net.ssl.SSLServerSocketChannel interface, so JSSSocketChannel includes no additional SSL-specific options. This purely exists to facilitate creating JSSSocket instances. In order to interoperate with JSSEngine, many of the adjacent methods have been included in this class as well. This results in any accepted sockets cloning its configuration. To construct a (useful) new instance, the following calls must be made: - new JSSServerSocket(); - consumeSocket(inst); - initSSLEngine(...); - setKeyManagers(...); - setTrustManagers(...); Optionally, setSSLContext(...) could be called to provide the SSLContext from which the SSLEngine should be constructed. This should be called prior to initSSLEngine(...) being called.
    • Constructor Summary

      Constructors 
      Constructor Description
      JSSServerSocket()
      Start building a new JSSServerSocket.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      JSSSocket accept()  
      protected JSSSocket acceptSocket​(java.net.Socket child)
      Helper to upgrade a Socket into a JSSSocket.
      void bind​(java.net.SocketAddress endpoint)  
      void bind​(java.net.SocketAddress endpoint, int backlog)  
      void close()  
      void consumeSocket​(java.net.ServerSocket parent)
      Consume a parent socket, utilizing it for all accept operations.
      JSSServerSocketChannel getChannel()
      Get the underlying ServerSocketChannel for this Socket.
      java.lang.String[] getEnabledCipherSuites()
      Get the set of enabled cipher suites for this SSLSocket.
      java.lang.String[] getEnabledProtocols()
      Get the set of enabled protocol versions for this SSLSocket.
      boolean getEnableSessionCreation()
      Get whether or not this SSLSocket enables creation of new sessions.
      JSSEngine getEngine()
      Get the underlying JSSEngine instance.
      java.net.InetAddress getInetAddress()  
      protected JSSServerSocketChannel getInternalChannel()
      Get the internal ServerSocketChannel for this Socket.
      int getLocalPort()  
      java.net.SocketAddress getLocalSocketAddress()  
      boolean getNeedClientAuth()
      Get whether or not this SSLSocket needs client authentication.
      <T> T getOption​(java.net.SocketOption<T> name)  
      int getReceiveBufferSize()  
      boolean getReuseAddress()  
      int getSoTimeout()  
      protected javax.net.ssl.SSLContext getSSLContext()
      Get the SSLContext if one exists or create a new instance.
      JSSParameters getSSLParameters()
      Get the configuration of this SSLSocket as a JSSParameters object.
      java.lang.String[] getSupportedCipherSuites()
      Get the set of supported cipher suites for this SSLSocket.
      java.lang.String[] getSupportedProtocols()
      Get the set of supported protocol versions for this SSLSocket.
      boolean getUseClientMode()
      Get whether or not this SSLSocket is handshaking as a client.
      boolean getWantClientAuth()
      Get whether or not this SSLSocket wants client authentication.
      void initEngine()
      Explicitly initialize the SSLEngine with no session resumption information.
      void initEngine​(java.lang.String host, int port)
      Explicitly initialize the SSLEngine with information for session resumption, including peer's hostname and port.
      boolean isBound()  
      boolean isClosed()  
      void setCertFromAlias​(java.lang.String alias)
      Set the certificate this SSLSocket will utilize from an alias in the NSS DB.
      void setEnabledCipherSuites​(java.lang.String[] suites)
      Set the list of enabled cipher suites for this SSLSocket.
      void setEnabledProtocols​(java.lang.String[] protocols)
      Set the list of enabled protocol versions for this SSLSocket.
      void setEnableSessionCreation​(boolean enabled)
      Set whether or not this SSLSocket enables creation of new sessions.
      void setHostname​(java.lang.String name)
      Set the hostname this client socket is connecting to, for HTTPS TLS certificate validation purposes.
      void setKeyManager​(javax.net.ssl.X509KeyManager km)
      Set the KeyManager this SSLSocket will utilize to select a key.
      void setKeyManagers​(javax.net.ssl.X509KeyManager[] xkms)
      Set the key managers this SSLSocket will utilize to select a key.
      void setKeyMaterials​(PK11Cert our_cert, PK11PrivKey our_key)
      Set the certificate this SSLSocket will utilize from a certificate and its matching private key.
      void setNeedClientAuth​(boolean need)
      Set whether or not this SSLSocket needs client authentication.
      <T> java.net.ServerSocket setOption​(java.net.SocketOption<T> name, T value)  
      void setPerformancePreferences​(int connectionTime, int latency, int bandwidth)  
      void setReceiveBufferSize​(int size)  
      void setReuseAddress​(boolean on)  
      void setSoTimeout​(int timeout)  
      void setSSLContext​(javax.net.ssl.SSLContext ctx)
      Explicitly set the SSLContext utilized by this JSSSocket instance.
      void setSSLParameters​(javax.net.ssl.SSLParameters params)
      Set the configuration of this SSLSocket from the given SSLParameters instance.
      void setTrustManager​(JSSTrustManager tm)
      Set the trust manager this SSLSocket will utilize to validate a peer's certificate.
      void setTrustManagers​(javax.net.ssl.X509TrustManager[] xtms)
      Set the trust managers this SSLSocket will utilize to validate a peer's certificate.
      void setUseClientMode​(boolean client)
      Set whether or not this SSLSocket is handshaking as a client.
      void setWantClientAuth​(boolean want)
      Set whether or not this SSLSocket wants client authentication.
      java.util.Set<java.net.SocketOption<?>> supportedOptions()  
      java.lang.String toString()  
      • Methods inherited from class java.net.ServerSocket

        implAccept, setSocketFactory
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
    • Constructor Detail

      • JSSServerSocket

        public JSSServerSocket()
                        throws java.io.IOException
        Start building a new JSSServerSocket. We specifically avoid creating any other constructors as we wish to consume an existing socket rather than creating a new one.
        Throws:
        java.io.IOException
    • Method Detail

      • consumeSocket

        public void consumeSocket​(java.net.ServerSocket parent)
        Consume a parent socket, utilizing it for all accept operations. This JSSServerSocket instance will inherit all information about the connection from this underlying socket. When utilized in a JSSServerSocket, callers should refrain from interacting with the underlying socket unless selective protocol upgrade should occur. In that case, it may be more appropriate to use the JSSSocketFactory method that creates server JSSSocket instances.
      • getSSLContext

        protected javax.net.ssl.SSLContext getSSLContext()
                                                  throws java.io.IOException
        Get the SSLContext if one exists or create a new instance. This is used by initSSLEngine(..) to create the underlying SSLEngine.
        Throws:
        java.io.IOException
      • setSSLContext

        public void setSSLContext​(javax.net.ssl.SSLContext ctx)
                           throws java.io.IOException
        Explicitly set the SSLContext utilized by this JSSSocket instance. This enables JSSServerSocket to copy its SSLContext over to the accepted JSSSocket.
        Throws:
        java.io.IOException
      • initEngine

        public void initEngine()
                        throws java.io.IOException
        Explicitly initialize the SSLEngine with no session resumption information.
        Throws:
        java.io.IOException
      • initEngine

        public void initEngine​(java.lang.String host,
                               int port)
                        throws java.io.IOException
        Explicitly initialize the SSLEngine with information for session resumption, including peer's hostname and port.
        Throws:
        java.io.IOException
      • getEngine

        public JSSEngine getEngine()
        Get the underlying JSSEngine instance. Note that, just like accessing the underlying Socket instance while the JSSSocket instance is still open is dangerous, performing other TLS operations directly via JSSEngine is also dangerous. This is mostly exposed to enable advanced configuration of the JSSEngine that isn't otherwise allowed by JSSSocket, and to facilitate the accept() method on JSSServerSocket.
      • getChannel

        public JSSServerSocketChannel getChannel()
        Get the underlying ServerSocketChannel for this Socket.
        Overrides:
        getChannel in class java.net.ServerSocket
        See Also:
        ServerSocket.getChannel()
      • getInternalChannel

        protected JSSServerSocketChannel getInternalChannel()
        Get the internal ServerSocketChannel for this Socket.
      • acceptSocket

        protected JSSSocket acceptSocket​(java.net.Socket child)
                                  throws java.io.IOException
        Helper to upgrade a Socket into a JSSSocket. Called from accept in JSSServerSocket and JSSServerSocketChannel.
        Throws:
        java.io.IOException
      • setHostname

        public void setHostname​(java.lang.String name)
        Set the hostname this client socket is connecting to, for HTTPS TLS certificate validation purposes.
        See Also:
        JSSEngine.setHostname(String)
      • setCertFromAlias

        public void setCertFromAlias​(java.lang.String alias)
                              throws java.lang.IllegalArgumentException
        Set the certificate this SSLSocket will utilize from an alias in the NSS DB.
        Throws:
        java.lang.IllegalArgumentException
        See Also:
        JSSEngine.setCertFromAlias(String)
      • setTrustManagers

        public void setTrustManagers​(javax.net.ssl.X509TrustManager[] xtms)
        Set the trust managers this SSLSocket will utilize to validate a peer's certificate.
        See Also:
        JSSEngine.setTrustManagers(X509TrustManager[])
      • getEnabledCipherSuites

        public java.lang.String[] getEnabledCipherSuites()
        Get the set of enabled cipher suites for this SSLSocket.
        Specified by:
        getEnabledCipherSuites in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.getEnabledCipherSuites(), SSLSocket.getEnabledCipherSuites()
      • getSupportedCipherSuites

        public java.lang.String[] getSupportedCipherSuites()
        Get the set of supported cipher suites for this SSLSocket.
        Specified by:
        getSupportedCipherSuites in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.getSupportedCipherSuites(), SSLSocket.getSupportedCipherSuites()
      • setEnabledCipherSuites

        public void setEnabledCipherSuites​(java.lang.String[] suites)
        Set the list of enabled cipher suites for this SSLSocket.
        Specified by:
        setEnabledCipherSuites in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.setEnabledCipherSuites(String[]), SSLSocket.setEnabledCipherSuites(String[])
      • getEnabledProtocols

        public java.lang.String[] getEnabledProtocols()
        Get the set of enabled protocol versions for this SSLSocket.
        Specified by:
        getEnabledProtocols in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.getEnabledProtocols(), SSLSocket.getEnabledProtocols()
      • getSupportedProtocols

        public java.lang.String[] getSupportedProtocols()
        Get the set of supported protocol versions for this SSLSocket.
        Specified by:
        getSupportedProtocols in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.getSupportedProtocols(), SSLSocket.getSupportedProtocols()
      • setEnabledProtocols

        public void setEnabledProtocols​(java.lang.String[] protocols)
        Set the list of enabled protocol versions for this SSLSocket.
        Specified by:
        setEnabledProtocols in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.setEnabledProtocols(String[]), SSLSocket.setEnabledProtocols(String[])
      • getEnableSessionCreation

        public boolean getEnableSessionCreation()
        Get whether or not this SSLSocket enables creation of new sessions.
        Specified by:
        getEnableSessionCreation in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.getEnableSessionCreation(), SSLSocket.getEnableSessionCreation()
      • setEnableSessionCreation

        public void setEnableSessionCreation​(boolean enabled)
        Set whether or not this SSLSocket enables creation of new sessions.
        Specified by:
        setEnableSessionCreation in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.setEnableSessionCreation(boolean), SSLSocket.setEnableSessionCreation(boolean)
      • getUseClientMode

        public boolean getUseClientMode()
        Get whether or not this SSLSocket is handshaking as a client.
        Specified by:
        getUseClientMode in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.getUseClientMode(), SSLSocket.getUseClientMode()
      • setUseClientMode

        public void setUseClientMode​(boolean client)
        Set whether or not this SSLSocket is handshaking as a client.
        Specified by:
        setUseClientMode in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.setUseClientMode(boolean), SSLSocket.setUseClientMode(boolean)
      • getWantClientAuth

        public boolean getWantClientAuth()
        Get whether or not this SSLSocket wants client authentication.
        Specified by:
        getWantClientAuth in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.getWantClientAuth(), SSLSocket.getWantClientAuth()
      • setWantClientAuth

        public void setWantClientAuth​(boolean want)
        Set whether or not this SSLSocket wants client authentication.
        Specified by:
        setWantClientAuth in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.setWantClientAuth(boolean), SSLSocket.setWantClientAuth(boolean)
      • getNeedClientAuth

        public boolean getNeedClientAuth()
        Get whether or not this SSLSocket needs client authentication.
        Specified by:
        getNeedClientAuth in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.getNeedClientAuth(), SSLSocket.getNeedClientAuth()
      • setNeedClientAuth

        public void setNeedClientAuth​(boolean need)
        Set whether or not this SSLSocket needs client authentication.
        Specified by:
        setNeedClientAuth in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.setNeedClientAuth(boolean), SSLSocket.setNeedClientAuth(boolean)
      • getSSLParameters

        public JSSParameters getSSLParameters()
        Get the configuration of this SSLSocket as a JSSParameters object.
        Overrides:
        getSSLParameters in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.getSSLParameters(), SSLSocket.getSSLParameters()
      • setSSLParameters

        public void setSSLParameters​(javax.net.ssl.SSLParameters params)
        Set the configuration of this SSLSocket from the given SSLParameters instance.
        Overrides:
        setSSLParameters in class javax.net.ssl.SSLServerSocket
        See Also:
        JSSEngine.setSSLParameters(SSLParameters), SSLSocket.setSSLParameters(SSLParameters)
      • accept

        public JSSSocket accept()
                         throws java.io.IOException
        Overrides:
        accept in class java.net.ServerSocket
        Throws:
        java.io.IOException
      • bind

        public void bind​(java.net.SocketAddress endpoint)
                  throws java.io.IOException
        Overrides:
        bind in class java.net.ServerSocket
        Throws:
        java.io.IOException
      • bind

        public void bind​(java.net.SocketAddress endpoint,
                         int backlog)
                  throws java.io.IOException
        Overrides:
        bind in class java.net.ServerSocket
        Throws:
        java.io.IOException
      • close

        public void close()
                   throws java.io.IOException
        Specified by:
        close in interface java.lang.AutoCloseable
        Specified by:
        close in interface java.io.Closeable
        Overrides:
        close in class java.net.ServerSocket
        Throws:
        java.io.IOException
      • getInetAddress

        public java.net.InetAddress getInetAddress()
        Overrides:
        getInetAddress in class java.net.ServerSocket
      • getLocalPort

        public int getLocalPort()
        Overrides:
        getLocalPort in class java.net.ServerSocket
      • getLocalSocketAddress

        public java.net.SocketAddress getLocalSocketAddress()
        Overrides:
        getLocalSocketAddress in class java.net.ServerSocket
      • getSoTimeout

        public int getSoTimeout()
                         throws java.io.IOException
        Overrides:
        getSoTimeout in class java.net.ServerSocket
        Throws:
        java.io.IOException
      • setSoTimeout

        public void setSoTimeout​(int timeout)
                          throws java.net.SocketException
        Overrides:
        setSoTimeout in class java.net.ServerSocket
        Throws:
        java.net.SocketException
      • getReuseAddress

        public boolean getReuseAddress()
                                throws java.net.SocketException
        Overrides:
        getReuseAddress in class java.net.ServerSocket
        Throws:
        java.net.SocketException
      • setReuseAddress

        public void setReuseAddress​(boolean on)
                             throws java.net.SocketException
        Overrides:
        setReuseAddress in class java.net.ServerSocket
        Throws:
        java.net.SocketException
      • getReceiveBufferSize

        public int getReceiveBufferSize()
                                 throws java.net.SocketException
        Overrides:
        getReceiveBufferSize in class java.net.ServerSocket
        Throws:
        java.net.SocketException
      • setReceiveBufferSize

        public void setReceiveBufferSize​(int size)
                                  throws java.net.SocketException
        Overrides:
        setReceiveBufferSize in class java.net.ServerSocket
        Throws:
        java.net.SocketException
      • setPerformancePreferences

        public void setPerformancePreferences​(int connectionTime,
                                              int latency,
                                              int bandwidth)
        Overrides:
        setPerformancePreferences in class java.net.ServerSocket
      • isBound

        public boolean isBound()
        Overrides:
        isBound in class java.net.ServerSocket
      • isClosed

        public boolean isClosed()
        Overrides:
        isClosed in class java.net.ServerSocket
      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.net.ServerSocket
      • setOption

        public <T> java.net.ServerSocket setOption​(java.net.SocketOption<T> name,
                                                   T value)
                                            throws java.io.IOException
        Overrides:
        setOption in class java.net.ServerSocket
        Throws:
        java.io.IOException
      • getOption

        public <T> T getOption​(java.net.SocketOption<T> name)
                        throws java.io.IOException
        Overrides:
        getOption in class java.net.ServerSocket
        Throws:
        java.io.IOException
      • supportedOptions

        public java.util.Set<java.net.SocketOption<?>> supportedOptions()
        Overrides:
        supportedOptions in class java.net.ServerSocket