SSLSocket Class

Definition

This class extends Sockets and provides secure socket using protocols such as the "Secure Sockets Layer" (SSL) or IETF "Transport Layer Security" (TLS) protocols.

[Android.Runtime.Register("javax/net/ssl/SSLSocket", DoNotGenerateAcw=true)]
public abstract class SSLSocket : Java.Net.Socket
[<Android.Runtime.Register("javax/net/ssl/SSLSocket", DoNotGenerateAcw=true)>]
type SSLSocket = class
    inherit Socket
Inheritance
SSLSocket
Attributes

Remarks

This class extends Sockets and provides secure socket using protocols such as the "Secure Sockets Layer" (SSL) or IETF "Transport Layer Security" (TLS) protocols.

Such sockets are normal stream sockets, but they add a layer of security protections over the underlying network transport protocol, such as TCP. Those protections include: <UL>

<LI> <em>Integrity Protection</em>. SSL protects against modification of messages by an active wiretapper.

<LI> <em>Authentication</em>. In most modes, SSL provides peer authentication. Servers are usually authenticated, and clients may be authenticated as requested by servers.

<LI> <em>Confidentiality (Privacy Protection)</em>. In most modes, SSL encrypts data being sent between client and server. This protects the confidentiality of data, so that passive wiretappers won't see sensitive data such as financial information or personal information of many kinds.

</UL>

These kinds of protection are specified by a "cipher suite", which is a combination of cryptographic algorithms used by a given SSL connection. During the negotiation process, the two endpoints must agree on a ciphersuite that is available in both environments. If there is no such suite in common, no SSL connection can be established, and no data can be exchanged.

The cipher suite used is established by a negotiation process called "handshaking". The goal of this process is to create or rejoin a "session", which may protect many connections over time. After handshaking has completed, you can access session attributes by using the <em>getSession</em> method. The initial handshake on this connection can be initiated in one of three ways: <UL>

<LI> calling startHandshake which explicitly begins handshakes, or <LI> any attempt to read or write application data on this socket causes an implicit handshake, or <LI> a call to getSession tries to set up a session if there is no currently valid session, and an implicit handshake is done. </UL>

If handshaking fails for any reason, the SSLSocket is closed, and no further communications can be done.

There are two groups of cipher suites which you will need to know about when managing cipher suites: <UL>

<LI> <em>Supported</em> cipher suites: all the suites which are supported by the SSL implementation. This list is reported using <em>getSupportedCipherSuites</em>.

<LI> <em>Enabled</em> cipher suites, which may be fewer than the full set of supported suites. This group is set using the <em>setEnabledCipherSuites</em> method, and queried using the <em>getEnabledCipherSuites</em> method. Initially, a default set of cipher suites will be enabled on a new socket that represents the minimum suggested configuration.

</UL>

Implementation defaults require that only cipher suites which authenticate servers and provide confidentiality be enabled by default. Only if both sides explicitly agree to unauthenticated and/or non-private (unencrypted) communications will such a ciphersuite be selected.

When SSLSockets are first created, no handshaking is done so that applications may first set their communication preferences: what cipher suites to use, whether the socket should be in client or server mode, etc. However, security is always provided by the time that application data is sent over the connection.

You may register to receive event notification of handshake completion. This involves the use of two additional classes. <em>HandshakeCompletedEvent</em> objects are passed to <em>HandshakeCompletedListener</em> instances, which are registered by users of this API.

SSLSockets are created by SSLSocketFactorys, or by accepting a connection from a SSLServerSocket.

A SSL socket must choose to operate in the client or server mode. This will determine who begins the handshaking process, as well as which messages should be sent by each party. Each connection must have one client and one server, or handshaking will not progress properly. Once the initial handshaking has started, a socket can not switch between client and server modes, even when performing renegotiations.

<h3>Default configuration for different Android versions</h3>

SSLSocket instances obtained from default SSLSocketFactory, SSLServerSocketFactory, and SSLContext are configured as follows:

<style type="text/css"> tr.deprecated { background-color: #ccc; color: #999; font-style: italic; }</style>

<h4>Protocols</h4>

Client socket: <table> <thead> <tr> <th>Protocol</th> <th>Supported (API Levels)</th> <th>Enabled by default (API Levels)</th> </tr> </thead> <tbody> <tr class="deprecated"> <td>SSLv3</td> <td>1&ndash;25</td> <td>1&ndash;22</td> </tr> <tr> <td>TLSv1</td> <td>1+</td> <td>1+</td> </tr> <tr> <td>TLSv1.1</td> <td>16+</td> <td>20+</td> </tr> <tr> <td>TLSv1.2</td> <td>16+</td> <td>20+</td> </tr> <tr> <td>TLSv1.3</td> <td>29+</td> <td>29+</td> </tr> </tbody> </table>

Server socket: <table> <thead> <tr> <th>Protocol</th> <th>Supported (API Levels)</th> <th>Enabled by default (API Levels)</th> </tr> </thead> <tbody> <tr class="deprecated"> <td>SSLv3</td> <td>1&ndash;25</td> <td>1&ndash;22</td> </tr> <tr> <td>TLSv1</td> <td>1+</td> <td>1+</td> </tr> <tr> <td>TLSv1.1</td> <td>16+</td> <td>16+</td> </tr> <tr> <td>TLSv1.2</td> <td>16+</td> <td>16+</td> </tr> <tr> <td>TLSv1.3</td> <td>29+</td> <td>29+</td> </tr> </tbody> </table>

<h4>Cipher suites</h4>

Methods that operate with cipher suite names (for example, #getSupportedCipherSuites() getSupportedCipherSuites, #setEnabledCipherSuites(String[]) setEnabledCipherSuites) have used standard names for cipher suites since API Level 9, as listed in the table below. Prior to API Level 9, non-standard (OpenSSL) names had been used (see the table following this table). <table> <thead> <tr> <th>Cipher suite</th> <th>Supported (API Levels)</th> <th>Enabled by default (API Levels)</th> </tr> </thead> <tbody> <tr class="deprecated"> <td>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</td> <td>9-22</td> <td>9-19</td> </tr> <tr class="deprecated"> <td>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</td> <td>9-22</td> <td>9-19</td> </tr> <tr class="deprecated"> <td>SSL_DHE_DSS_WITH_DES_CBC_SHA</td> <td>9-22</td> <td>9-19</td> </tr> <tr class="deprecated"> <td>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</td> <td>9-22</td> <td>9-19</td> </tr> <tr class="deprecated"> <td>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</td> <td>9-22</td> <td>9-19</td> </tr> <tr class="deprecated"> <td>SSL_DHE_RSA_WITH_DES_CBC_SHA</td> <td>9-22</td> <td>9-19</td> </tr> <tr class="deprecated"> <td>SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA</td> <td>9-22</td> <td></td> </tr> <tr class="deprecated"> <td>SSL_DH_anon_EXPORT_WITH_RC4_40_MD5</td> <td>9-22</td> <td></td> </tr> <tr class="deprecated"> <td>SSL_DH_anon_WITH_3DES_EDE_CBC_SHA</td> <td>9-22</td> <td></td> </tr> <tr class="deprecated"> <td>SSL_DH_anon_WITH_DES_CBC_SHA</td> <td>9-22</td> <td></td> </tr> <tr class="deprecated"> <td>SSL_DH_anon_WITH_RC4_128_MD5</td> <td>9-22</td> <td></td> </tr> <tr class="deprecated"> <td>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</td> <td>9-22</td> <td>9-19</td> </tr> <tr class="deprecated"> <td>SSL_RSA_EXPORT_WITH_RC4_40_MD5</td> <td>9-22</td> <td>9-19</td> </tr> <tr> <td>SSL_RSA_WITH_3DES_EDE_CBC_SHA</td> <td>9+</td> <td>9-19</td> </tr> <tr class="deprecated"> <td>SSL_RSA_WITH_DES_CBC_SHA</td> <td>9-22</td> <td>9-19</td> </tr> <tr class="deprecated"> <td>SSL_RSA_WITH_NULL_MD5</td> <td>9-22</td> <td></td> </tr> <tr class="deprecated"> <td>SSL_RSA_WITH_NULL_SHA</td> <td>9-22</td> <td></td> </tr> <tr class="deprecated"> <td>SSL_RSA_WITH_RC4_128_MD5</td> <td>9-25</td> <td>9-19</td> </tr> <tr class="deprecated"> <td>SSL_RSA_WITH_RC4_128_SHA</td> <td>9-25</td> <td>9-23</td> </tr> <tr> <td>TLS_AES_128_GCM_SHA256</td> <td>29+</td> <td>29+</td> </tr> <tr> <td>TLS_AES_256_GCM_SHA384</td> <td>29+</td> <td>29+</td> </tr> <tr> <td>TLS_CHACHA20_POLY1305_SHA256</td> <td>29+</td> <td>29+</td> </tr> <tr class="deprecated"> <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</td> <td>9-22</td> <td>9-22</td> </tr> <tr class="deprecated"> <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA256</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_DHE_DSS_WITH_AES_128_GCM_SHA256</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</td> <td>9-22</td> <td>11-22</td> </tr> <tr class="deprecated"> <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA256</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_DHE_DSS_WITH_AES_256_GCM_SHA384</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</td> <td>9-25</td> <td>9-25</td> </tr> <tr class="deprecated"> <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA256</td> <td>20-25</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_DHE_RSA_WITH_AES_128_GCM_SHA256</td> <td>20-25</td> <td>20-25</td> </tr> <tr class="deprecated"> <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</td> <td>9-25</td> <td>11-25</td> </tr> <tr class="deprecated"> <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA256</td> <td>20-25</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_DHE_RSA_WITH_AES_256_GCM_SHA384</td> <td>20-25</td> <td>20-25</td> </tr> <tr class="deprecated"> <td>TLS_DH_anon_WITH_AES_128_CBC_SHA</td> <td>9-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_DH_anon_WITH_AES_128_CBC_SHA256</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_DH_anon_WITH_AES_128_GCM_SHA256</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_DH_anon_WITH_AES_256_CBC_SHA</td> <td>9-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_DH_anon_WITH_AES_256_CBC_SHA256</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_DH_anon_WITH_AES_256_GCM_SHA384</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA</td> <td>11-22</td> <td>11-19</td> </tr> <tr> <td>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</td> <td>11+</td> <td>11+</td> </tr> <tr class="deprecated"> <td>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</td> <td>20-28</td> <td></td> </tr> <tr> <td>TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</td> <td>20+</td> <td>20+</td> </tr> <tr> <td>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</td> <td>11+</td> <td>11+</td> </tr> <tr class="deprecated"> <td>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384</td> <td>20-28</td> <td></td> </tr> <tr> <td>TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</td> <td>20+</td> <td>20+</td> </tr> <tr> <td>TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256</td> <td>24+</td> <td>24+</td> </tr> <tr class="deprecated"> <td>TLS_ECDHE_ECDSA_WITH_NULL_SHA</td> <td>11-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</td> <td>11-25</td> <td>11-23</td> </tr> <tr> <td>TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA</td> <td>21+</td> <td>21+</td> </tr> <tr> <td>TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA</td> <td>21+</td> <td>21+</td> </tr> <tr> <td>TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256</td> <td>24+</td> <td>24+</td> </tr> <tr class="deprecated"> <td>TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA</td> <td>11-22</td> <td>11-19</td> </tr> <tr> <td>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</td> <td>11+</td> <td>11+</td> </tr> <tr class="deprecated"> <td>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256</td> <td>20-28</td> <td></td> </tr> <tr> <td>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</td> <td>20+</td> <td>20+</td> </tr> <tr> <td>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</td> <td>11+</td> <td>11+</td> </tr> <tr class="deprecated"> <td>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</td> <td>20-28</td> <td></td> </tr> <tr> <td>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</td> <td>20+</td> <td>20+</td> </tr> <tr> <td>TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256</td> <td>24+</td> <td>24+</td> </tr> <tr class="deprecated"> <td>TLS_ECDHE_RSA_WITH_NULL_SHA</td> <td>11-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDHE_RSA_WITH_RC4_128_SHA</td> <td>11-25</td> <td>11-23</td> </tr> <tr class="deprecated"> <td>TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA</td> <td>11-22</td> <td>11-19</td> </tr> <tr class="deprecated"> <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA</td> <td>11-22</td> <td>11-19</td> </tr> <tr class="deprecated"> <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA</td> <td>11-22</td> <td>11-19</td> </tr> <tr class="deprecated"> <td>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_ECDSA_WITH_NULL_SHA</td> <td>11-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_ECDSA_WITH_RC4_128_SHA</td> <td>11-22</td> <td>11-19</td> </tr> <tr class="deprecated"> <td>TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA</td> <td>11-22</td> <td>11-19</td> </tr> <tr class="deprecated"> <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA</td> <td>11-22</td> <td>11-19</td> </tr> <tr class="deprecated"> <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA</td> <td>11-22</td> <td>11-19</td> </tr> <tr class="deprecated"> <td>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384</td> <td>20-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_RSA_WITH_NULL_SHA</td> <td>11-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_RSA_WITH_RC4_128_SHA</td> <td>11-22</td> <td>11-19</td> </tr> <tr class="deprecated"> <td>TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA</td> <td>11-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_anon_WITH_AES_128_CBC_SHA</td> <td>11-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_anon_WITH_AES_256_CBC_SHA</td> <td>11-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_anon_WITH_NULL_SHA</td> <td>11-22</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_ECDH_anon_WITH_RC4_128_SHA</td> <td>11-22</td> <td></td> </tr> <tr> <td>TLS_EMPTY_RENEGOTIATION_INFO_SCSV</td> <td>11+</td> <td>11+</td> </tr> <tr> <td>TLS_FALLBACK_SCSV</td> <td>21+</td> <td></td> </tr> <tr class="deprecated"> <td>TLS_PSK_WITH_3DES_EDE_CBC_SHA</td> <td>21-22</td> <td></td> </tr> <tr> <td>TLS_PSK_WITH_AES_128_CBC_SHA</td> <td>21+</td> <td>21+</td> </tr> <tr> <td>TLS_PSK_WITH_AES_256_CBC_SHA</td> <td>21+</td> <td>21+</td> </tr> <tr class="deprecated"> <td>TLS_PSK_WITH_RC4_128_SHA</td> <td>21-25</td> <td></td> </tr> <tr> <td>TLS_RSA_WITH_AES_128_CBC_SHA</td> <td>9+</td> <td>9+</td> </tr> <tr class="deprecated"> <td>TLS_RSA_WITH_AES_128_CBC_SHA256</td> <td>20-28</td> <td></td> </tr> <tr> <td>TLS_RSA_WITH_AES_128_GCM_SHA256</td> <td>20+</td> <td>20+</td> </tr> <tr> <td>TLS_RSA_WITH_AES_256_CBC_SHA</td> <td>9+</td> <td>11+</td> </tr> <tr class="deprecated"> <td>TLS_RSA_WITH_AES_256_CBC_SHA256</td> <td>20-28</td> <td></td> </tr> <tr> <td>TLS_RSA_WITH_AES_256_GCM_SHA384</td> <td>20+</td> <td>20+</td> </tr> <tr class="deprecated"> <td>TLS_RSA_WITH_NULL_SHA256</td> <td>20-22</td> <td></td> </tr> </tbody> </table>

<em>NOTE</em>: PSK cipher suites are enabled by default only if the SSLContext through which the socket was created has been initialized with a PSKKeyManager.

API Levels 1 to 8 use OpenSSL names for cipher suites. The table below lists these OpenSSL names and their corresponding standard names used in API Levels 9 and newer. <table> <thead> <tr> <th>OpenSSL cipher suite</th> <th>Standard cipher suite</th> <th>Supported (API Levels)</th> <th>Enabled by default (API Levels)</th> </tr> </thead>

<tbody> <tr> <td>AES128-SHA</td> <td>TLS_RSA_WITH_AES_128_CBC_SHA</td> <td>1+</td> <td>1+</td> </tr> <tr> <td>AES256-SHA</td> <td>TLS_RSA_WITH_AES_256_CBC_SHA</td> <td>1+</td> <td>1&ndash;8, 11+</td> </tr> <tr> <td>DES-CBC-MD5</td> <td>SSL_CK_DES_64_CBC_WITH_MD5</td> <td>1&ndash;8</td> <td>1&ndash;8</td> </tr> <tr class="deprecated"> <td>DES-CBC-SHA</td> <td>SSL_RSA_WITH_DES_CBC_SHA</td> <td>1&ndash;22</td> <td>1&ndash;19</td> </tr> <tr> <td>DES-CBC3-MD5</td> <td>SSL_CK_DES_192_EDE3_CBC_WITH_MD5</td> <td>1&ndash;8</td> <td>1&ndash;8</td> </tr> <tr> <td>DES-CBC3-SHA</td> <td>SSL_RSA_WITH_3DES_EDE_CBC_SHA</td> <td>1+</td> <td>1&ndash;19</td> </tr> <tr class="deprecated"> <td>DHE-DSS-AES128-SHA</td> <td>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</td> <td>1&ndash;22</td> <td>1&ndash;22</td> </tr> <tr class="deprecated"> <td>DHE-DSS-AES256-SHA</td> <td>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</td> <td>1&ndash;22</td> <td>1&ndash;8, 11&ndash;22</td> </tr> <tr> <td>DHE-RSA-AES128-SHA</td> <td>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</td> <td>1+</td> <td>1+</td> </tr> <tr> <td>DHE-RSA-AES256-SHA</td> <td>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</td> <td>1+</td> <td>1&ndash;8, 11+</td> </tr> <tr class="deprecated"> <td>EDH-DSS-DES-CBC-SHA</td> <td>SSL_DHE_DSS_WITH_DES_CBC_SHA</td> <td>1&ndash;22</td> <td>1&ndash;19</td> </tr> <tr class="deprecated"> <td>EDH-DSS-DES-CBC3-SHA</td> <td>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</td> <td>1&ndash;22</td> <td>1&ndash;19</td> </tr> <tr class="deprecated"> <td>EDH-RSA-DES-CBC-SHA</td> <td>SSL_DHE_RSA_WITH_DES_CBC_SHA</td> <td>1&ndash;22</td> <td>1&ndash;19</td> </tr> <tr class="deprecated"> <td>EDH-RSA-DES-CBC3-SHA</td> <td>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</td> <td>1&ndash;22</td> <td>1&ndash;19</td> </tr> <tr class="deprecated"> <td>EXP-DES-CBC-SHA</td> <td>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</td> <td>1&ndash;22</td> <td>1&ndash;19</td> </tr> <tr class="deprecated"> <td>EXP-EDH-DSS-DES-CBC-SHA</td> <td>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</td> <td>1&ndash;22</td> <td>1&ndash;19</td> </tr> <tr class="deprecated"> <td>EXP-EDH-RSA-DES-CBC-SHA</td> <td>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</td> <td>1&ndash;22</td> <td>1&ndash;19</td> </tr> <tr> <td>EXP-RC2-CBC-MD5</td> <td>SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5</td> <td>1&ndash;8</td> <td>1&ndash;8</td> </tr> <tr class="deprecated"> <td>EXP-RC4-MD5</td> <td>SSL_RSA_EXPORT_WITH_RC4_40_MD5</td> <td>1&ndash;22</td> <td>1&ndash;19</td> </tr> <tr> <td>RC2-CBC-MD5</td> <td>SSL_CK_RC2_128_CBC_WITH_MD5</td> <td>1&ndash;8</td> <td>1&ndash;8</td> </tr> <tr class="deprecated"> <td>RC4-MD5</td> <td>SSL_RSA_WITH_RC4_128_MD5</td> <td>1&ndash;25</td> <td>1&ndash;19</td> </tr> <tr class="deprecated"> <td>RC4-SHA</td> <td>SSL_RSA_WITH_RC4_128_SHA</td> <td>1&ndash;25</td> <td>1&ndash;23</td> </tr> </tbody> </table>

Added in 1.4.

Java documentation for javax.net.ssl.SSLSocket.

Portions of this page are modifications based on work created and shared by the Android Open Source Project and used according to terms described in the Creative Commons 2.5 Attribution License.

Constructors

SSLSocket()

Used only by subclasses.

SSLSocket(InetAddress, Int32, InetAddress, Int32)

Used only by subclasses.

SSLSocket(InetAddress, Int32)

Used only by subclasses.

SSLSocket(IntPtr, JniHandleOwnership)

A constructor used when creating managed representations of JNI objects; called by the runtime.

SSLSocket(String, Int32, InetAddress, Int32)

Used only by subclasses.

SSLSocket(String, Int32)

Used only by subclasses.

Properties

ApplicationProtocol

Returns the most recent application protocol value negotiated for this connection.

Channel

Returns the unique java.nio.channels.SocketChannel SocketChannel object associated with this socket, if any.

(Inherited from Socket)
Class

Returns the runtime class of this Object.

(Inherited from Object)
EnableSessionCreation

Returns whether new SSL sessions may be created by this socket or if existing sessions must be reused.

Handle

The handle to the underlying Android instance.

(Inherited from Object)
HandshakeApplicationProtocol

Returns the application protocol value negotiated on a SSL/TLS handshake currently in progress.

HandshakeApplicationProtocolSelector

Retrieves the callback function that selects an application protocol value during a SSL/TLS handshake. -or- Registers a callback function that selects an application protocol value for a SSL/TLS handshake.

HandshakeSession

Returns the SSLSession being constructed during a SSL/TLS handshake.

InetAddress

Returns the address to which the socket is connected.

(Inherited from Socket)
InputStream

Returns an input stream for this socket.

(Inherited from Socket)
IsBound

Returns the binding state of the socket.

(Inherited from Socket)
IsClosed

Returns the closed state of the socket.

(Inherited from Socket)
IsConnected

Returns the connection state of the socket.

(Inherited from Socket)
IsInputShutdown

Returns whether the read-half of the socket connection is closed.

(Inherited from Socket)
IsOutputShutdown

Returns whether the write-half of the socket connection is closed.

(Inherited from Socket)
JniIdentityHashCode (Inherited from Object)
JniPeerMembers
KeepAlive

Tests if SocketOptions#SO_KEEPALIVE SO_KEEPALIVE is enabled. -or- Enable/disable SocketOptions#SO_KEEPALIVE SO_KEEPALIVE.

(Inherited from Socket)
LocalAddress

Gets the local address to which the socket is bound.

(Inherited from Socket)
LocalPort

Returns the local port number to which this socket is bound.

(Inherited from Socket)
LocalSocketAddress

Returns the address of the endpoint this socket is bound to.

(Inherited from Socket)
NeedClientAuth

Returns true if the server socket should require client authentication.

OOBInline

Tests if SocketOptions#SO_OOBINLINE SO_OOBINLINE is enabled. -or- Enable/disable SocketOptions#SO_OOBINLINE SO_OOBINLINE (receipt of TCP urgent data)

        By default, this option is disabled and TCP urgent data received on a
        socket is silently discarded.
(Inherited from Socket)
OutputStream

Returns an output stream for this socket.

(Inherited from Socket)
PeerReference (Inherited from Object)
Port

Returns the remote port number to which this socket is connected.

(Inherited from Socket)
ReceiveBufferSize

Gets the value of the SocketOptions#SO_RCVBUF SO_RCVBUF option for this Socket, that is the buffer size used by the platform for input on this Socket. -or- Sets the SocketOptions#SO_RCVBUF SO_RCVBUF option to the specified value for this Socket.

(Inherited from Socket)
RemoteSocketAddress

Returns the address of the endpoint this socket is connected to, or null if it is unconnected.

(Inherited from Socket)
ReuseAddress

Tests if SocketOptions#SO_REUSEADDR SO_REUSEADDR is enabled. -or- Enable/disable the SocketOptions#SO_REUSEADDR SO_REUSEADDR socket option.

(Inherited from Socket)
SendBufferSize

Get value of the SocketOptions#SO_SNDBUF SO_SNDBUF option for this Socket, that is the buffer size used by the platform for output on this Socket. -or- Sets the SocketOptions#SO_SNDBUF SO_SNDBUF option to the specified value for this Socket.

(Inherited from Socket)
Session

Returns the SSLSession for this connection.

SoLinger

Returns setting for SocketOptions#SO_LINGER SO_LINGER.

(Inherited from Socket)
SoTimeout

Returns setting for SocketOptions#SO_TIMEOUT SO_TIMEOUT. -or- Enable/disable SocketOptions#SO_TIMEOUT SO_TIMEOUT with the specified timeout, in milliseconds.

(Inherited from Socket)
SSLParameters

Returns the SSLParameters in effect for this SSLSocket. -or- Applies SSLParameters to this socket.

TcpNoDelay

Tests if SocketOptions#TCP_NODELAY TCP_NODELAY is enabled. -or- Enable/disable SocketOptions#TCP_NODELAY TCP_NODELAY (disable/enable Nagle's algorithm).

(Inherited from Socket)
ThresholdClass

This API supports the Mono for Android infrastructure and is not intended to be used directly from your code.

ThresholdType

This API supports the Mono for Android infrastructure and is not intended to be used directly from your code.

TrafficClass

Gets traffic class or type-of-service in the IP header for packets sent from this Socket -or- Sets traffic class or type-of-service octet in the IP header for packets sent from this Socket.

(Inherited from Socket)
UseClientMode

Returns true if this connection will act in client mode when handshaking.

WantClientAuth

Returns true if the server should request client authentication.

Methods

AddHandshakeCompletedListener(IHandshakeCompletedListener)

Registers an event listener to receive notifications that an SSL handshake has completed on this connection.

Bind(SocketAddress)

Binds the socket to a local address.

(Inherited from Socket)
Clone()

Creates and returns a copy of this object.

(Inherited from Object)
Close()

Closes this socket.

(Inherited from Socket)
Connect(SocketAddress, Int32)

Connects this socket to the server with a specified timeout value.

(Inherited from Socket)
Connect(SocketAddress)

Connects this socket to the server.

(Inherited from Socket)
ConnectAsync(SocketAddress, Int32) (Inherited from Socket)
ConnectAsync(SocketAddress) (Inherited from Socket)
Dispose() (Inherited from Object)
Dispose(Boolean) (Inherited from Object)
Equals(Object)

Indicates whether some other object is "equal to" this one.

(Inherited from Object)
GetEnabledCipherSuites()

Returns the names of the SSL cipher suites which are currently enabled for use on this connection.

GetEnabledProtocols()

Returns the names of the protocol versions which are currently enabled for use on this connection.

GetHashCode()

Returns a hash code value for the object.

(Inherited from Object)
GetOption(ISocketOption)

Returns the value of a socket option.

(Inherited from Socket)
GetSupportedCipherSuites()

Returns the names of the cipher suites which could be enabled for use on this connection.

GetSupportedProtocols()

Returns the names of the protocols which could be enabled for use on an SSL connection.

JavaFinalize()

Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.

(Inherited from Object)
Notify()

Wakes up a single thread that is waiting on this object's monitor.

(Inherited from Object)
NotifyAll()

Wakes up all threads that are waiting on this object's monitor.

(Inherited from Object)
RemoveHandshakeCompletedListener(IHandshakeCompletedListener)

Removes a previously registered handshake completion listener.

SendUrgentData(Int32)

Send one byte of urgent data on the socket.

(Inherited from Socket)
SendUrgentDataAsync(Int32) (Inherited from Socket)
SetEnabledCipherSuites(String[])

Sets the cipher suites enabled for use on this connection.

SetEnabledProtocols(String[])

Sets the protocol versions enabled for use on this connection.

SetHandle(IntPtr, JniHandleOwnership)

Sets the Handle property.

(Inherited from Object)
SetOption(ISocketOption, Object)

Sets the value of a socket option.

(Inherited from Socket)
SetPerformancePreferences(Int32, Int32, Int32)

Sets performance preferences for this socket.

(Inherited from Socket)
SetSoLinger(Boolean, Int32)

Enable/disable SocketOptions#SO_LINGER SO_LINGER with the specified linger time in seconds.

(Inherited from Socket)
ShutdownInput()

Places the input stream for this socket at "end of stream".

(Inherited from Socket)
ShutdownOutput()

Disables the output stream for this socket.

(Inherited from Socket)
StartHandshake()

Starts an SSL handshake on this connection.

SupportedOptions()

Returns a set of the socket options supported by this socket.

(Inherited from Socket)
ToArray<T>() (Inherited from Object)
ToString()

Returns a string representation of the object.

(Inherited from Object)
UnregisterFromRuntime() (Inherited from Object)
Wait()

Causes the current thread to wait until it is awakened, typically by being <em>notified</em> or <em>interrupted</em>.

(Inherited from Object)
Wait(Int64, Int32)

Causes the current thread to wait until it is awakened, typically by being <em>notified</em> or <em>interrupted</em>, or until a certain amount of real time has elapsed.

(Inherited from Object)
Wait(Int64)

Causes the current thread to wait until it is awakened, typically by being <em>notified</em> or <em>interrupted</em>, or until a certain amount of real time has elapsed.

(Inherited from Object)

Explicit Interface Implementations

IJavaPeerable.Disposed() (Inherited from Object)
IJavaPeerable.DisposeUnlessReferenced() (Inherited from Object)
IJavaPeerable.Finalized() (Inherited from Object)
IJavaPeerable.JniManagedPeerState (Inherited from Object)
IJavaPeerable.SetJniIdentityHashCode(Int32) (Inherited from Object)
IJavaPeerable.SetJniManagedPeerState(JniManagedPeerStates) (Inherited from Object)
IJavaPeerable.SetPeerReference(JniObjectReference) (Inherited from Object)

Extension Methods

JavaCast<TResult>(IJavaObject)

Performs an Android runtime-checked type conversion.

JavaCast<TResult>(IJavaObject)
GetJniTypeName(IJavaPeerable)

Applies to