hunt-net ~master (2022-02-18T10:07:33Z)

SSLParametersImpl

hunt net secure conscrypt SSLParametersImpl

The instances of this class encapsulate all the info about enabled cipher suites and protocols, as well as the information about client/server mode of ssl socket, whether it require/want client authentication or not, and controls whether new SSL sessions may be established by this socket or not.

version(WITH_HUNT_SECURITY)
final
class SSLParametersImpl : Cloneable {
string[] enabledProtocols;
bool isEnabledProtocolsFiltered;
string[] enabledCipherSuites;
byte[] sctExtension;
byte[] ocspResponse;
ubyte[] applicationProtocols;
ApplicationProtocolSelectorAdapter applicationProtocolSelector;
bool useSessionTickets;
bool channelIdEnabled;
this(KeyCertOptions options, ClientSessionContext clientSessionContext, ServerSessionContext serverSessionContext, string[] protocols);
KeyCertOptions getKeyCertOptions();
AbstractSessionContext getSessionContext();
ClientSessionContext getClientSessionContext();
string[] getEnabledCipherSuites();
void setEnabledCipherSuites(string[] cipherSuites);
string[] getEnabledProtocols();
void setEnabledProtocols(string[] protocols);
void setApplicationProtocols(string[] protocols);
string[] getApplicationProtocols();
void setApplicationProtocolSelector(ApplicationProtocolSelectorAdapter applicationProtocolSelector);
void setUseClientMode(bool mode);
bool getUseClientMode();
void setNeedClientAuth(bool need);
bool getNeedClientAuth();
void setWantClientAuth(bool want);
bool getWantClientAuth();
void setEnableSessionCreation(bool flag);
bool getEnableSessionCreation();
void setUseSessionTickets(bool useSessionTickets);
void setUseSni(bool flag);
bool getUseSni();
void setCTVerificationEnabled(bool enabled);
void setSCTExtension(byte[] extension);
void setOCSPResponse(byte[] response);
byte[] getOCSPResponse();
mixin CloneMemberTemplate!(typeof(this), TopLevel.no, (typeof(this) from, typeof(this) to)) ;
bool isCTVerificationEnabled(string hostname);
}

Constructors

this
this(KeyCertOptions options, ClientSessionContext clientSessionContext, ServerSessionContext serverSessionContext, string[] protocols)

Initializes the parameters. Naturally this constructor is used in SSLContextImpl.engineInit method which directly passes its parameters. In other words this constructor holds all the functionality provided by SSLContext.init method. See {@link javax.net.ssl.SSLContext#init(KeyManager[],TrustManager[], SecureRandom)} for more information

Members

Functions

getApplicationProtocols
string[] getApplicationProtocols()
Undocumented in source. Be warned that the author may not have intended to support it.
getClientSessionContext
ClientSessionContext getClientSessionContext()

@return client session context

getEnableSessionCreation
bool getEnableSessionCreation()

Returns the value indicating if the peer with this parameters allowed to cteate new SSL session

getEnabledCipherSuites
string[] getEnabledCipherSuites()

@return the names of enabled cipher suites

getEnabledProtocols
string[] getEnabledProtocols()

@return the set of enabled protocols

getKeyCertOptions
KeyCertOptions getKeyCertOptions()
Undocumented in source. Be warned that the author may not have intended to support it.
getNeedClientAuth
bool getNeedClientAuth()

Returns the value indicating if the peer with this parameters tuned to require client authentication

getOCSPResponse
byte[] getOCSPResponse()
Undocumented in source. Be warned that the author may not have intended to support it.
getSessionContext
AbstractSessionContext getSessionContext()

Returns the appropriate session context.

getUseClientMode
bool getUseClientMode()

Returns the value indicating if the parameters configured to work in client mode.

getUseSni
bool getUseSni()

Returns whether connections using this SSL connection should use the TLS extension Server Name Indication (SNI).

getWantClientAuth
bool getWantClientAuth()

Returns the value indicating if the peer with this parameters tuned to request client authentication

isCTVerificationEnabled
bool isCTVerificationEnabled(string hostname)

Check if SCT verification is enforced for a given hostname.

setApplicationProtocolSelector
void setApplicationProtocolSelector(ApplicationProtocolSelectorAdapter applicationProtocolSelector)

Used for server-mode only. Sets or clears the application-provided ALPN protocol selector. If set, will override the protocol list provided by {@link #setApplicationProtocols(string[])}.

setApplicationProtocols
void setApplicationProtocols(string[] protocols)

Sets the list of ALPN protocols.

setCTVerificationEnabled
void setCTVerificationEnabled(bool enabled)

For testing only.

setEnableSessionCreation
void setEnableSessionCreation(bool flag)

Allows/disallows the peer holding this parameters to create new SSL session

setEnabledCipherSuites
void setEnabledCipherSuites(string[] cipherSuites)

Sets the enabled cipher suites after filtering through OpenSSL.

setEnabledProtocols
void setEnabledProtocols(string[] protocols)

Sets the list of available protocols for use in SSL connection. @throws IllegalArgumentException if {@code protocols is null}

setNeedClientAuth
void setNeedClientAuth(bool need)

Tunes the peer holding this parameters to require client authentication

setOCSPResponse
void setOCSPResponse(byte[] response)

For testing only.

setSCTExtension
void setSCTExtension(byte[] extension)

For testing only.

setUseClientMode
void setUseClientMode(bool mode)

Tunes the peer holding this parameters to work in client mode. @param mode if the peer is configured to work in client mode

setUseSessionTickets
void setUseSessionTickets(bool useSessionTickets)
Undocumented in source. Be warned that the author may not have intended to support it.
setUseSni
void setUseSni(bool flag)

Whether connections using this SSL connection should use the TLS extension Server Name Indication (SNI).

setWantClientAuth
void setWantClientAuth(bool want)

Tunes the peer holding this parameters to request client authentication

Mixins

__anonymous
mixin CloneMemberTemplate!(typeof(this), TopLevel.no, (typeof(this) from, typeof(this) to))

Returns the clone of this object. @return the clone.

Variables

applicationProtocolSelector
ApplicationProtocolSelectorAdapter applicationProtocolSelector;
Undocumented in source.
applicationProtocols
ubyte[] applicationProtocols;
Undocumented in source.
channelIdEnabled
bool channelIdEnabled;

Whether the TLS Channel ID extension is enabled. This field is server-side only.

enabledCipherSuites
string[] enabledCipherSuites;
Undocumented in source.
enabledProtocols
string[] enabledProtocols;
Undocumented in source.
isEnabledProtocolsFiltered
bool isEnabledProtocolsFiltered;
Undocumented in source.
ocspResponse
byte[] ocspResponse;
Undocumented in source.
sctExtension
byte[] sctExtension;
Undocumented in source.
useSessionTickets
bool useSessionTickets;
Undocumented in source.

Meta

Source

See Implementation

hunt net secure conscrypt SSLParametersImpl classes

Page generated by adrdox