study/uTools-Manuals
1
0
Fork 0
mirror of https://github.com/fofolee/uTools-Manuals.git synced 2025-07-05 08:12:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
uTools-Manuals/docs/java/javax/net/ssl/SSLEngine.html

1553 lines
91 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<div class="header">
<div class="subTitle">
compact1, compact2, compact3
</div>
<div class="subTitle">
javax.net.ssl
</div>
<h2 class="title" title="Class SSLEngine">Class SSLEngine</h2>
</div><div class="contentContainer">
<ul class="inheritance">
<li><a href="../../../java/lang/Object.html" title="class in java.lang">java.lang.Object</a></li>
<li>
<ul class="inheritance">
<li>javax.net.ssl.SSLEngine</li>
</ul> </li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<hr/> <br/> <pre>public abstract class <span class="typeNameLabel">SSLEngine</span>
extends <a href="../../../java/lang/Object.html" title="class in java.lang">Object</a></pre>
<div class="block">
<span>一种能够使用诸如安全套接字层SSL或协议的协议进行安全<a href="http://www.ietf.org/rfc/rfc2246.txt">通信的</a>类,但是是独立的传输。</span>
<p> <span>安全通信模式包括:</span> </p>
<ul>
<li> <span><em>诚信保障</em></span> <span>SSL / TLS防止活动的窃听器修改消息。</span> </li>
<li> <span><em>认证</em></span> <span>在大多数模式下SSL / TLS提供对等体认证。</span> <span>服务器通常被认证,客户端可以根据服务器的要求进行身份验证。</span> </li>
<li> <span><em>保密(隐私保护)</em></span> <span>在大多数模式下SSL / TLS加密在客户端和服务器之间发送的数据。</span> <span>这样可以保护数据的机密性,从而使被动窃听者不会看到诸如财务信息或者个人信息等敏感数据。</span> </li>
</ul>
<span>这些类型的保护由“密码套件”指定“密码套件”是由给定SSL连接使用的加密算法的组合。</span>
<span>在协商过程中,两个端点必须同意在两个环境中可用的密码套件。</span>
<span>如果没有这样的套件则不能建立SSL连接不能交换任何数据。</span>
<p> <span>所使用的密码套件是通过称为“握手”的协商过程建立的。</span> <span>此过程的目标是创建或重新加入“会话”,可以保护多个连接。</span> <span>握手完成后,您可以使用<a href="../../../javax/net/ssl/SSLEngine.html#getSession--"><code>getSession()</code></a>方法访问会话属性。</span> </p>
<p> <span><code>SSLSocket</code>类提供了大量相同的安全功能,但所有入站和出站数据都使用底层的<code>Socket</code>进行自动<a href="../../../java/net/Socket.html" title="java.net中的类">传输</a> ,设计使用了阻塞模型。</span> <span>虽然这适用于许多应用程序,但该模型不提供大型服务器所需的可扩展性。</span> </p>
<p> <span>一个的主要区别<code>SSLEngine</code>是,它在呼入和呼出字节流,独立的输送机构的操作。</span> <span><code>SSLEngine</code>用户有<code>SSLEngine</code>安排可靠的I / O传输到对端。</span> <span>通过从I / O传输机制中分离出SSL / TLS抽象所述<code>SSLEngine</code>可用于各种各样的I / O类型的<a href="../../../java/nio/channels/spi/AbstractSelectableChannel.html#configureBlocking-boolean-"><code>non-blocking I/O (polling)</code></a> <a href="../../../java/nio/channels/Selector.html" title="java.nio.channels中的类"><code>selectable non-blocking I/O</code></a> <a href="../../../java/net/Socket.html" title="java.net中的类"><code>Socket</code></a>和传统的输入/ OutputStreams本地<a href="../../../java/nio/ByteBuffer.html" title="java.nio中的类"><code>ByteBuffers</code></a>或字节数组, <a href="http://www.jcp.org/en/jsr/detail?id=203">future asynchronous I/O models</a>等。</span> </p>
<p> <span>在高水平上, <code>SSLEngine</code>出现:</span> </p>
<pre> <span>app data
| ^
| | |
v | |
+----+-----|-----+----+
| | |
| SSL|Engine |
wrap() | | | unwrap()
| OUTBOUND | INBOUND |
| | |
+----+-----|-----+----+
| | ^
| | |
v |
net data</span> </pre>
<span>应用程序数据(也称为明文或明文)是由应用程序生成或使用的数据。</span>
<span>其对应的是网络数据,它由握手和/或密文加密数据组成并且预定通过I / O机制传输。</span>
<span>入站数据是从对等体接收到的数据,出站数据指定给对等体。</span>
<p> <span>(在<code>SSLEngine</code>的上下文中术语“握手数据”是指交换的任何数据以建立和控制安全连接。握手数据包括SSL / TLS消息“alert”“change_cipher_spec”和“握手”。 </span> </p>
<p> <span><code>SSLEngine</code>有五个不同的阶段。</span> </p>
<ol>
<li> <span>创建 - <code>SSLEngine</code>已创建和初始化,但尚未使用。</span> <span>在此阶段期间,应用程序可以设置任何<code>SSLEngine</code>特定设置(启用的密码套件, <code>SSLEngine</code>是否应在客户端或服务器模式下握手,等等)。</span> <span>一旦握手已经开始,但是,任何新设置(客户端/服务器模式除外,见下文)将被用于下一次握手。</span> </li>
<li> <span>初始握手 - 初始握手是两个对等体交换通信参数直到建立SSLSession的过程。</span> <span>在此阶段不能发送应用程序数据。</span> </li>
<li> <span>应用数据 - 一旦建立了通信参数并且握手完成,应用程序数据可能会流经<code>SSLEngine</code></span> <span>出站应用程序消息被加密和完整性保护,入站消息反过来。</span> </li>
<li> <span>重新握手 - 任一方都可以在应用程序数据阶段的任何时间请求重新协商会话。</span> <span>新的握手数据可以在应用程序数据之间混合。</span> <span>在开始重新执行阶段之前应用程序可能会重置SSL / TLS通信参数例如启用密码列表以及是否使用客户端身份验证但不能在客户端/服务器模式之间更改。</span> <span>与之前一样,一旦握手已经开始,任何新的<code>SSLEngine</code>配置设置将不会被使用,直到下一次握手。</span> </li>
<li> <span>关闭 - 当不再需要连接时,应用程序应关闭<code>SSLEngine</code> ,并在关闭底层传输机制之前发送/接收剩余的消息给对等体。</span> <span>一旦发动机关闭,它不可重复使用:必须创建一个新的<code>SSLEngine</code></span> </li>
</ol>
<span>一个<code>SSLEngine</code>通过调用创建<a href="../../../javax/net/ssl/SSLContext.html#createSSLEngine--"><code>SSLContext.createSSLEngine()</code></a>从初始化<code>SSLContext</code></span>
<span>任何配置参数应使得在第一次调用之前设置<code>wrap()</code> <code>unwrap()</code> ,或<code>beginHandshake()</code></span>
<span>这些方法都触发初始握手。</span>
<p> <span>数据通过引擎分别<a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer-java.nio.ByteBuffer-">拨出<code>wrap()</code></a><a href="../../../javax/net/ssl/SSLEngine.html#unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer-"><code>unwrap()</code></a>来分析出站或入站数据。</span> <span>取决于状态<code>SSLEngine</code> ,一个<code>wrap()</code>呼叫可从源缓冲器消耗的应用数据,并在目标缓冲区可能会产生网络数据。</span> <span>出站数据可能包含应用程序和/或握手数据。</span> <span>如果数据是握手信息,则呼叫<code>unwrap()</code>将检查源缓冲区,并可以提前握手,或者如果数据是应用程序,则可以将应用程序数据放置在目标缓冲区中。</span> <span>底层SSL / TLS算法的状态将决定何时消耗和生成数据。</span> </p>
<p> <span>致电<code>wrap()</code><code>unwrap()</code>返回一个<code>SSLEngineResult</code>操作状态的SSLEngineResult以及可选如何与引擎进行交互以取得进展。</span> </p>
<p> <span><code>SSLEngine</code>生产/消费完整的SSL / TLS包并没有调用之间内部存储应用程序数据<code>wrap()/unwrap()</code></span> <span>因此,输入和输出<code>ByteBuffer</code>必须适当地确定大小以保存可以生成的最大记录。</span> <span>应使用呼叫<a href="../../../javax/net/ssl/SSLSession.html#getPacketBufferSize--"><code>SSLSession.getPacketBufferSize()</code></a><a href="../../../javax/net/ssl/SSLSession.html#getApplicationBufferSize--"><code>SSLSession.getApplicationBufferSize()</code></a>来确定适当的缓冲区大小。</span> <span>出站应用程序数据缓冲区的大小通常没有关系。</span> <span>如果缓冲区条件不允许正确消耗/生成数据,应用程序必须确定(通过<a href="../../../javax/net/ssl/SSLEngineResult.html" title="javax.net.ssl中的类"><code>SSLEngineResult</code></a> )并纠正问题,然后再次尝试该呼叫。</span> </p>
<p> <span>例如,如果引擎确定没有足够的目标缓冲区空间, <code>unwrap()</code>将返回<a href="../../../javax/net/ssl/SSLEngineResult.Status.html#BUFFER_OVERFLOW"><code>SSLEngineResult.Status.BUFFER_OVERFLOW</code></a>结果。</span> <span>应用程序应调用<a href="../../../javax/net/ssl/SSLSession.html#getApplicationBufferSize--"><code>SSLSession.getApplicationBufferSize()</code></a> ,并将该值与目标缓冲区中的可用空间进行比较,如有必要,放大缓冲区。</span> <span>同样地,如果<code>unwrap()</code>要返回一个<a href="../../../javax/net/ssl/SSLEngineResult.Status.html#BUFFER_UNDERFLOW"><code>SSLEngineResult.Status.BUFFER_UNDERFLOW</code></a> ,应用程序应该调用<a href="../../../javax/net/ssl/SSLSession.html#getPacketBufferSize--"><code>SSLSession.getPacketBufferSize()</code></a>以确保源缓冲区有足够的空间来保存一个记录(如有必要放大),然后获取更多的入站数据。</span> </p>
<pre> <span><code> SSLEngineResult r = engine.unwrap(src, dst); switch (r.getStatus()) { BUFFER_OVERFLOW: // Could attempt to drain the dst buffer of any already obtained // data, but we'll just increase it to the size needed. int appSize = engine.getSession().getApplicationBufferSize(); ByteBuffer b = ByteBuffer.allocate(appSize + dst.position()); dst.flip(); b.put(dst); dst = b; // retry the operation. break; BUFFER_UNDERFLOW: int netSize = engine.getSession().getPacketBufferSize(); // Resize buffer if needed. if (netSize &gt; dst.capacity()) { ByteBuffer b = ByteBuffer.allocate(netSize); src.flip(); b.put(src); src = b; } // Obtain more inbound network data for src, // then retry the operation. break; // other cases: CLOSED, OK. } </code></span> </pre>
<p> <span><code>SSLSocket</code>不同, <code>SSLSocket</code>所有方法都是非阻塞的。</span> <span><code>SSLEngine</code>实现可能需要可能需要较长时间才能完成或甚至可能阻止的任务的结果。</span> <span>例如TrustManager可能需要连接到远程证书验证服务或者KeyManager可能需要提示用户确定要作为客户端身份验证的一部分使用哪个证书。</span> <span>另外,创建加密签名并验证它们可能很慢,似乎阻塞。</span> </p>
<p> <span>对于可能会阻止的任何操作, <code>SSLEngine</code>将创建一个<a href="../../../java/lang/Runnable.html" title="java.lang中的接口"><code>Runnable</code></a>委托任务。</span> <span><code>SSLEngineResult</code>指示需要委派的任务结果时,应用程序必须调用<a href="../../../javax/net/ssl/SSLEngine.html#getDelegatedTask--"><code>getDelegatedTask()</code></a>获取未完成的委托任务并调用其<a href="../../../java/lang/Runnable.html#run--"><code>run()</code></a>方法(可能根据计算策略使用不同的线程)。</span> <span>应用程序应继续获取委托任务,直到不再存在,并再次尝试原始操作。</span> </p>
<p> <span>在通信会话结束时应用程序应正确关闭SSL / TLS链接。</span> <span>SSL / TLS协议具有闭合握手消息并且在释放<code>SSLEngine</code>并关闭底层传输机制之前,应将这些消息传递给对等体。</span> <span>关闭可以由以下之一启动SSLException入站关闭握手消息或其中一种关闭方法。</span> <span>在所有情况下,由发动机产生的关闭握手报文,并<code>wrap()</code>直至所得应被重复调用<code>SSLEngineResult</code> ‘封闭’的状态返回,或<a href="../../../javax/net/ssl/SSLEngine.html#isOutboundDone--"><code>isOutboundDone()</code></a>返回true。</span> <span><code>wrap()</code>方法获取的所有数据都应发送给对等体。</span> </p>
<p> <span><a href="../../../javax/net/ssl/SSLEngine.html#closeOutbound--"><code>closeOutbound()</code></a>用于向引擎发信号通知应用程序将不再发送任何数据。</span> </p>
<p> <span>通过发送自己的关闭握手消息,对等体将通知其意图关闭。</span> <span>此消息已被接收和处理的地方后<code>SSLEngine</code><code>unwrap()</code>调用应用程序可以检测调用close <code>unwrap()</code> ,并寻找一个<code>SSLEngineResult</code>状态为‘关闭’,或者如果<a href="../../../javax/net/ssl/SSLEngine.html#isInboundDone--"><code>isInboundDone()</code></a>返回true。</span> <span>如果由于某种原因对等体在没有发送适当的SSL / TLS闭合消息的情况下关闭通信链路则应用程序可以检测流终端并且可以通过<a href="../../../javax/net/ssl/SSLEngine.html#closeInbound--"><code>closeInbound()</code></a>信号<a href="../../../javax/net/ssl/SSLEngine.html#closeInbound--">通知</a>将不再有入站消息被处理。</span> <span>某些应用程序可能选择要求从对等体定期关闭消息,在这种情况下,它们可以检查闭包是由握手消息生成的,而不是流出尾流条件。</span> </p>
<p> <span>有两组密码套件,您需要知道何时管理密码套件:</span> </p>
<ul>
<li> <span><em>支持的</em>密码套件SSL实现支持的所有套件。</span> <span>此列表使用<a href="../../../javax/net/ssl/SSLEngine.html#getSupportedCipherSuites--"><code>getSupportedCipherSuites()</code></a>报告。</span> </li>
<li> <span><em>启用的</em>密码套件可能少于全套支持的套件。</span> <span>该组使用<a href="../../../javax/net/ssl/SSLEngine.html#setEnabledCipherSuites-java.lang.String:A-"><code>setEnabledCipherSuites(String [])</code></a>方法设置,并使用<a href="../../../javax/net/ssl/SSLEngine.html#getEnabledCipherSuites--"><code>getEnabledCipherSuites()</code></a>方法进行查询。</span> <span>最初,将在启动最小建议配置的新引擎上启用一组默认密码套件。</span> </li>
</ul>
<span>默认情况下,实现默认情况下,默认情况下仅启用验证服务器并提供机密性的密码套件。</span>
<span>只有双方明确同意未经身份验证和/或非私有(未加密)通信才能选择这样的密码套件。</span>
<p> <span>每个SSL / TLS连接必须有一个客户端和一个服务器因此每个端点必须决定要承担哪个角色。</span> <span>这个选择决定了谁开始握手过程以及每一方应该发送哪种类型的消息。</span> <span>方法<a href="../../../javax/net/ssl/SSLEngine.html#setUseClientMode-boolean-"><code>setUseClientMode(boolean)</code></a>配置该模式。</span> <span>一旦初始握手开始, <code>SSLEngine</code>无法在客户端和服务器模式之间切换,即使执行重新协商。</span> </p>
<p> <span>应用程序可能会选择在不同的线程中处理委托的任务。</span> <span><code>SSLEngine</code>创建,目前<a href="../../../java/security/AccessControlContext.html" title="java.security中的类"><code>AccessControlContext</code></a>被保存。</span> <span>将使用此上下文处理所有未来的委托任务:即,所有访问控制决定将使用在引擎创建时捕获的上下文进行。</span> </p>
<hr/>
<span><b>并发注意事项</b> :有两个并发问题需要注意:</span>
<ol>
<li> <span><code>wrap()</code><code>unwrap()</code>方法可以彼此<code>unwrap()</code>执行。</span> </li>
<li> <span>SSL / TLS协议采用有序数据包。</span> <span>应用程序必须注意确保生成的数据包按顺序传递。</span> <span>如果数据包无序到达,可能会发生意外或致命的结果。</span> <p> <span>例如:</span> </p><pre> <span>synchronized (outboundLock) {
sslEngine.wrap(src, dst);
outboundQueue.put(dst);
}</span> </pre> <span>作为推论,两个线程不能同时尝试调用相同的方法( <code>wrap()</code><code>unwrap()</code> ),因为无法保证最终的数据包顺序。</span> </li>
</ol>
</div>
<dl>
<dt>
<span class="simpleTagLabel">从以下版本开始:</span>
</dt>
<dd>
1.5
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<span><a href="../../../javax/net/ssl/SSLContext.html" title="javax.net.ssl中的类"><code>SSLContext</code></a> <a href="../../../javax/net/ssl/SSLSocket.html" title="javax.net.ssl中的类"><code>SSLSocket</code></a> <a href="../../../javax/net/ssl/SSLServerSocket.html" title="javax.net.ssl中的类"><code>SSLServerSocket</code></a> <a href="../../../javax/net/ssl/SSLSession.html" title="javax.net.ssl中的接口"><code>SSLSession</code></a> <a href="../../../java/net/Socket.html" title="java.net中的类"><code>Socket</code></a></span>
</dd>
</dl> </li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- ======== CONSTRUCTOR SUMMARY ======== -->
<ul class="blockList">
<li class="blockList"><a name="constructor.summary">
<!-- --> </a> <h3>构造方法摘要</h3>
<table border="0" cellpadding="3" cellspacing="0" class="memberSummary" summary="Constructor Summary table, listing constructors, and an explanation">
<caption>
<span>构造方法</span>
<span class="tabEnd"> </span>
</caption>
<tbody>
<tr>
<th class="colFirst" scope="col">Modifier</th>
<th class="colLast" scope="col">Constructor and Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code>protected </code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#SSLEngine--">SSLEngine</a></span>()</code>
<div class="block">
SSLEngine的
<code>SSLEngine</code>方法不提供内部会话重用策略的提示。
</div> </td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>protected </code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#SSLEngine-java.lang.String-int-">SSLEngine</a></span>(<a href="../../../java/lang/String.html" title="class in java.lang">String</a> peerHost, int peerPort)</code>
<div class="block">
SSLEngine的
<code>SSLEngine</code>
</div> </td>
</tr>
</tbody>
</table> </li>
</ul>
<!-- ========== METHOD SUMMARY =========== -->
<ul class="blockList">
<li class="blockList"><a name="method.summary">
<!-- --> </a> <h3>方法摘要</h3>
<table border="0" cellpadding="3" cellspacing="0" class="memberSummary" summary="Method Summary table, listing methods, and an explanation">
<caption>
<span class="activeTableTab" id="t0"><span>所有方法</span><span class="tabEnd"> </span></span>
<span class="tableTab" id="t2"><span><a href="javascript:show(2);">接口方法</a></span><span class="tabEnd"> </span></span>
<span class="tableTab" id="t3"><span><a href="javascript:show(4);">抽象方法</a></span><span class="tabEnd"> </span></span>
<span class="tableTab" id="t4"><span><a href="javascript:show(8);">具体的方法</a></span><span class="tabEnd"> </span></span>
</caption>
<tbody>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colLast" scope="col">Method and Description</th>
</tr>
<tr class="altColor" id="i0">
<td class="colFirst"><code>abstract void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#beginHandshake--">beginHandshake</a></span>()</code>
<div class="block">
在这个SSLEngine上启动握手初始或重新协商
</div> </td>
</tr>
<tr class="rowColor" id="i1">
<td class="colFirst"><code>abstract void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#closeInbound--">closeInbound</a></span>()</code>
<div class="block">
表示没有更多的入站网络数据将发送到此
<code>SSLEngine</code>
</div> </td>
</tr>
<tr class="altColor" id="i2">
<td class="colFirst"><code>abstract void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#closeOutbound--">closeOutbound</a></span>()</code>
<div class="block">
表示此
<code>SSLEngine</code>不会再发送外发应用程序数据。
</div> </td>
</tr>
<tr class="rowColor" id="i3">
<td class="colFirst"><code>abstract <a href="../../../java/lang/Runnable.html" title="interface in java.lang">Runnable</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getDelegatedTask--">getDelegatedTask</a></span>()</code>
<div class="block">
返回委派
<code>Runnable</code>这个任务
<code>SSLEngine</code>
</div> </td>
</tr>
<tr class="altColor" id="i4">
<td class="colFirst"><code>abstract <a href="../../../java/lang/String.html" title="class in java.lang">String</a>[]</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getEnabledCipherSuites--">getEnabledCipherSuites</a></span>()</code>
<div class="block">
返回当前启用此引擎使用的SSL密码套件的名称。
</div> </td>
</tr>
<tr class="rowColor" id="i5">
<td class="colFirst"><code>abstract <a href="../../../java/lang/String.html" title="class in java.lang">String</a>[]</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getEnabledProtocols--">getEnabledProtocols</a></span>()</code>
<div class="block">
返回当前与此使用而启用的协议版本的名称
<code>SSLEngine</code>
</div> </td>
</tr>
<tr class="altColor" id="i6">
<td class="colFirst"><code>abstract boolean</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getEnableSessionCreation--">getEnableSessionCreation</a></span>()</code>
<div class="block">
如果此引擎可能建立新的SSL会话则返回true。
</div> </td>
</tr>
<tr class="rowColor" id="i7">
<td class="colFirst"><code><a href="../../../javax/net/ssl/SSLSession.html" title="interface in javax.net.ssl">SSLSession</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getHandshakeSession--">getHandshakeSession</a></span>()</code>
<div class="block">
返回
<code>SSLSession</code>一个SSL / TLS握手期间正在建设。
</div> </td>
</tr>
<tr class="altColor" id="i8">
<td class="colFirst"><code>abstract <a href="../../../javax/net/ssl/SSLEngineResult.HandshakeStatus.html" title="enum in javax.net.ssl">SSLEngineResult.HandshakeStatus</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getHandshakeStatus--">getHandshakeStatus</a></span>()</code>
<div class="block">
返回此
<code>SSLEngine</code>的当前握手状态。
</div> </td>
</tr>
<tr class="rowColor" id="i9">
<td class="colFirst"><code>abstract boolean</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getNeedClientAuth--">getNeedClientAuth</a></span>()</code>
<div class="block">
如果引擎
<i>需要</i>客户端验证则返回true。
</div> </td>
</tr>
<tr class="altColor" id="i10">
<td class="colFirst"><code><a href="../../../java/lang/String.html" title="class in java.lang">String</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getPeerHost--">getPeerHost</a></span>()</code>
<div class="block">
返回对等体的主机名。
</div> </td>
</tr>
<tr class="rowColor" id="i11">
<td class="colFirst"><code>int</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getPeerPort--">getPeerPort</a></span>()</code>
<div class="block">
返回对端的端口号。
</div> </td>
</tr>
<tr class="altColor" id="i12">
<td class="colFirst"><code>abstract <a href="../../../javax/net/ssl/SSLSession.html" title="interface in javax.net.ssl">SSLSession</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getSession--">getSession</a></span>()</code>
<div class="block">
返回此
<code>SSLSession</code>中使用的
<code>SSLEngine</code>
</div> </td>
</tr>
<tr class="rowColor" id="i13">
<td class="colFirst"><code><a href="../../../javax/net/ssl/SSLParameters.html" title="class in javax.net.ssl">SSLParameters</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getSSLParameters--">getSSLParameters</a></span>()</code>
<div class="block">
返回此SSLEngine有效的SSLParameters。
</div> </td>
</tr>
<tr class="altColor" id="i14">
<td class="colFirst"><code>abstract <a href="../../../java/lang/String.html" title="class in java.lang">String</a>[]</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getSupportedCipherSuites--">getSupportedCipherSuites</a></span>()</code>
<div class="block">
返回可以在此引擎上使用的密码套件的名称。
</div> </td>
</tr>
<tr class="rowColor" id="i15">
<td class="colFirst"><code>abstract <a href="../../../java/lang/String.html" title="class in java.lang">String</a>[]</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getSupportedProtocols--">getSupportedProtocols</a></span>()</code>
<div class="block">
返回可与此
<code>SSLEngine</code>一起使用的
<code>SSLEngine</code>
</div> </td>
</tr>
<tr class="altColor" id="i16">
<td class="colFirst"><code>abstract boolean</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getUseClientMode--">getUseClientMode</a></span>()</code>
<div class="block">
如果在握手时将引擎设置为使用客户端模式则返回true。
</div> </td>
</tr>
<tr class="rowColor" id="i17">
<td class="colFirst"><code>abstract boolean</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#getWantClientAuth--">getWantClientAuth</a></span>()</code>
<div class="block">
如果引擎将
<i>请求</i>客户端身份验证则返回true。
</div> </td>
</tr>
<tr class="altColor" id="i18">
<td class="colFirst"><code>abstract boolean</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#isInboundDone--">isInboundDone</a></span>()</code>
<div class="block">
返回
<a href="../../../javax/net/ssl/SSLEngine.html#unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer-"><code>unwrap(ByteBuffer, ByteBuffer)</code></a>是否接受任何更多的入站数据消息。
</div> </td>
</tr>
<tr class="rowColor" id="i19">
<td class="colFirst"><code>abstract boolean</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#isOutboundDone--">isOutboundDone</a></span>()</code>
<div class="block">
返回
<a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer-java.nio.ByteBuffer-"><code>wrap(ByteBuffer, ByteBuffer)</code></a>是否会产生更多的出站数据消息。
</div> </td>
</tr>
<tr class="altColor" id="i20">
<td class="colFirst"><code>abstract void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#setEnabledCipherSuites-java.lang.String:A-">setEnabledCipherSuites</a></span>(<a href="../../../java/lang/String.html" title="class in java.lang">String</a>[] suites)</code>
<div class="block">
设置启用此引擎使用的密码套件。
</div> </td>
</tr>
<tr class="rowColor" id="i21">
<td class="colFirst"><code>abstract void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#setEnabledProtocols-java.lang.String:A-">setEnabledProtocols</a></span>(<a href="../../../java/lang/String.html" title="class in java.lang">String</a>[] protocols)</code>
<div class="block">
设置允许在此引擎上使用的协议版本。
</div> </td>
</tr>
<tr class="altColor" id="i22">
<td class="colFirst"><code>abstract void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#setEnableSessionCreation-boolean-">setEnableSessionCreation</a></span>(boolean flag)</code>
<div class="block">
控制此引擎是否可以建立新的SSL会话。
</div> </td>
</tr>
<tr class="rowColor" id="i23">
<td class="colFirst"><code>abstract void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#setNeedClientAuth-boolean-">setNeedClientAuth</a></span>(boolean need)</code>
<div class="block">
配置引擎
<i>要求</i>客户端认证。
</div> </td>
</tr>
<tr class="altColor" id="i24">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#setSSLParameters-javax.net.ssl.SSLParameters-">setSSLParameters</a></span>(<a href="../../../javax/net/ssl/SSLParameters.html" title="class in javax.net.ssl">SSLParameters</a> params)</code>
<div class="block">
将SSLParameters应用于此引擎。
</div> </td>
</tr>
<tr class="rowColor" id="i25">
<td class="colFirst"><code>abstract void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#setUseClientMode-boolean-">setUseClientMode</a></span>(boolean mode)</code>
<div class="block">
配置引擎在握手时使用客户端(或服务器)模式。
</div> </td>
</tr>
<tr class="altColor" id="i26">
<td class="colFirst"><code>abstract void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#setWantClientAuth-boolean-">setWantClientAuth</a></span>(boolean want)</code>
<div class="block">
配置引擎以
<i>请求</i>客户端身份验证。
</div> </td>
</tr>
<tr class="rowColor" id="i27">
<td class="colFirst"><code><a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer-">unwrap</a></span>(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> src, <a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> dst)</code>
<div class="block">
尝试将SSL / TLS网络数据解码为明文应用程序数据缓冲区。
</div> </td>
</tr>
<tr class="altColor" id="i28">
<td class="colFirst"><code><a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer:A-">unwrap</a></span>(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> src, <a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a>[] dsts)</code>
<div class="block">
尝试将SSL / TLS网络数据解码为一系列明文应用程序数据缓冲区。
</div> </td>
</tr>
<tr class="rowColor" id="i29">
<td class="colFirst"><code>abstract <a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer:A-int-int-">unwrap</a></span>(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> src, <a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a>[] dsts, int offset, int length)</code>
<div class="block">
尝试将SSL / TLS网络数据解码为明文应用程序数据缓冲区的子序列。
</div> </td>
</tr>
<tr class="altColor" id="i30">
<td class="colFirst"><code><a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-java.nio.ByteBuffer-">wrap</a></span>(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a>[] srcs, <a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> dst)</code>
<div class="block">
尝试将明文字节从一系列数据缓冲区编码成SSL / TLS网络数据。
</div> </td>
</tr>
<tr class="rowColor" id="i31">
<td class="colFirst"><code>abstract <a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer-">wrap</a></span>(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a>[] srcs, int offset, int length, <a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> dst)</code>
<div class="block">
尝试将明文字节从数据缓冲区的子序列编码为SSL / TLS网络数据。
</div> </td>
</tr>
<tr class="altColor" id="i32">
<td class="colFirst"><code><a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer-java.nio.ByteBuffer-">wrap</a></span>(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> src, <a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> dst)</code>
<div class="block">
尝试将明文应用程序数据的缓冲区编码到SSL / TLS网络数据中。
</div> </td>
</tr>
</tbody>
</table>
<ul class="blockList">
<li class="blockList"><a name="methods.inherited.from.class.java.lang.Object">
<!-- --> </a> <h3>Methods inherited from class java.lang.<a href="../../../java/lang/Object.html" title="class in java.lang">Object</a></h3> <code><a href="../../../java/lang/Object.html#clone--">clone</a>, <a href="../../../java/lang/Object.html#equals-java.lang.Object-">equals</a>, <a href="../../../java/lang/Object.html#finalize--">finalize</a>, <a href="../../../java/lang/Object.html#getClass--">getClass</a>, <a href="../../../java/lang/Object.html#hashCode--">hashCode</a>, <a href="../../../java/lang/Object.html#notify--">notify</a>, <a href="../../../java/lang/Object.html#notifyAll--">notifyAll</a>, <a href="../../../java/lang/Object.html#toString--">toString</a>, <a href="../../../java/lang/Object.html#wait--">wait</a>, <a href="../../../java/lang/Object.html#wait-long-">wait</a>, <a href="../../../java/lang/Object.html#wait-long-int-">wait</a></code></li>
</ul> </li>
</ul> </li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ========= CONSTRUCTOR DETAIL ======== -->
<ul class="blockList">
<li class="blockList"><a name="constructor.detail">
<!-- --> </a> <h3>构造方法详细信息</h3> <a name="SSLEngine--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>SSLEngine</h4> <pre>protected SSLEngine()</pre>
<div class="block">
SSLEngine的
<code>SSLEngine</code>函数不提供内部会话重用策略的提示。
</div>
<dl>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<span><a href="../../../javax/net/ssl/SSLContext.html#createSSLEngine--"><code>SSLContext.createSSLEngine()</code></a> <a href="../../../javax/net/ssl/SSLSessionContext.html" title="javax.net.ssl中的接口"><code>SSLSessionContext</code></a></span>
</dd>
</dl> </li>
</ul> <a name="SSLEngine-java.lang.String-int-">
<!-- --> </a>
<ul class="blockListLast">
<li class="blockList"> <h4>SSLEngine</h4> <pre>protected SSLEngine(<a href="../../../java/lang/String.html" title="class in java.lang">String</a> peerHost,
int peerPort)</pre>
<div class="block">
<span>SSLEngine的<code>SSLEngine</code></span>
<p> <span><code>SSLEngine</code>实现可以使用<code>peerHost</code><code>peerPort</code>参数作为其内部会话重用策略的提示。</span> </p>
<p> <span>某些密码套件如Kerberos需要远程主机名信息。</span> <span>这个类的实现应该使用这个构造函数来使用Kerberos。</span> </p>
<p> <span>这些参数不会被<code>SSLEngine</code></span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>peerHost</code> - 对等主机的名称
</dd>
<dd>
<code>peerPort</code> - 对等端口号
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<span><a href="../../../javax/net/ssl/SSLContext.html#createSSLEngine-java.lang.String-int-"><code>SSLContext.createSSLEngine(String, int)</code></a> <a href="../../../javax/net/ssl/SSLSessionContext.html" title="javax.net.ssl中的接口"><code>SSLSessionContext</code></a></span>
</dd>
</dl> </li>
</ul> </li>
</ul>
<!-- ============ METHOD DETAIL ========== -->
<ul class="blockList">
<li class="blockList"><a name="method.detail">
<!-- --> </a> <h3>方法详细信息</h3> <a name="getPeerHost--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getPeerHost</h4> <pre>public <a href="../../../java/lang/String.html" title="class in java.lang">String</a> getPeerHost()</pre>
<div class="block">
<span>返回对等体的主机名。</span>
<p> <span>请注意,该值未通过身份验证,不应被依赖。</span> </p>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
对等体的主机名如果没有可用则为null。
</dd>
</dl> </li>
</ul> <a name="getPeerPort--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getPeerPort</h4> <pre>public int getPeerPort()</pre>
<div class="block">
<span>返回对端的端口号。</span>
<p> <span>请注意,该值未通过身份验证,不应被依赖。</span> </p>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
对端的端口号,如果没有可用,则为-1。
</dd>
</dl> </li>
</ul> <a name="wrap-java.nio.ByteBuffer-java.nio.ByteBuffer-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>wrap</h4> <pre>public <a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a> wrap(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> src,
<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> dst)
throws <a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></pre>
<div class="block">
<span>尝试将明文应用程序数据的缓冲区编码到SSL / TLS网络数据中。</span>
<p> <span>调用此方法的行为方式与调用的方式完全相同:</span> </p>
<blockquote>
<span><pre>
<a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer-"><code>engine.wrap(new ByteBuffer [] { src }, 0, 1, dst);</code></a>
</pre></span>
</blockquote>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>src</code> -一个
<code>ByteBuffer</code>含有站应用程序数据
</dd>
<dd>
<code>dst</code> - 一个
<code>ByteBuffer</code>来保存出站网络数据
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
一个
<code>SSLEngineResult</code>此操作结果的SSLEngineResult。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<span><code><a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></code> - 处理导致<code>SSLEngine</code>中断的数据时遇到问题。</span>
<span>有关发动机关闭的更多信息,请参阅课程说明。</span>
</dd>
<dd>
<code><a href="../../../java/nio/ReadOnlyBufferException.html" title="class in java.nio">ReadOnlyBufferException</a></code> - 如果
<code>dst</code>缓冲区是只读的。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalArgumentException.html" title="class in java.lang">IllegalArgumentException</a></code> - 如果
<code>src</code>
<code>dst</code>为null。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果客户端/服务器模式尚未设置。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer-"><code>wrap(ByteBuffer [], int, int, ByteBuffer)</code></a>
</dd>
</dl> </li>
</ul> <a name="wrap-java.nio.ByteBuffer:A-java.nio.ByteBuffer-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>wrap</h4> <pre>public <a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a> wrap(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a>[] srcs,
<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> dst)
throws <a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></pre>
<div class="block">
<span>尝试将明文字节从一系列数据缓冲区编码成SSL / TLS网络数据。</span>
<p> <span>调用此方法的行为方式与调用的方式完全相同:</span> </p>
<blockquote>
<span><pre>
<a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer-"><code>engine.wrap(srcs, 0, srcs.length, dst);</code></a>
</pre></span>
</blockquote>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>srcs</code> - 包含出站应用程序数据的
<code>ByteBuffers</code>数组
</dd>
<dd>
<code>dst</code> - 一个
<code>ByteBuffer</code>来保存出站网络数据
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
一个
<code>SSLEngineResult</code>此操作的结果的SSLEngineResult。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<span><code><a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></code> - 处理导致<code>SSLEngine</code>中止的数据时遇到问题。</span>
<span>有关发动机关闭的更多信息,请参阅课程说明。</span>
</dd>
<dd>
<code><a href="../../../java/nio/ReadOnlyBufferException.html" title="class in java.nio">ReadOnlyBufferException</a></code> - 如果
<code>dst</code>缓冲区是只读的。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalArgumentException.html" title="class in java.lang">IllegalArgumentException</a></code> - 如果
<code>srcs</code>
<code>dst</code>为空,或
<code>srcs</code>中的任何元素为空。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果客户端/服务器模式尚未设置。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer-"><code>wrap(ByteBuffer [], int, int, ByteBuffer)</code></a>
</dd>
</dl> </li>
</ul> <a name="wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>wrap</h4> <pre>public abstract <a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a> wrap(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a>[] srcs,
int offset,
int length,
<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> dst)
throws <a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></pre>
<div class="block">
<span>尝试将明文字节从数据缓冲区的子序列编码为SSL / TLS网络数据。</span>
<span>这种<i>“收集”</i>操作在单个调用中编码来自一个或多个给定的缓冲器序列的字节序列。</span>
<span>在实现网络协议或文件格式时,收集包裹通常很有用,例如,将数据分组成由一个或多个固定长度的标头以及可变长度的主体组成的段。</span>
<span><a href="../../../java/nio/channels/GatheringByteChannel.html" title="java.nio.channels中的接口"><code>GatheringByteChannel</code></a>有关收集更多信息,并<a href="../../../java/nio/channels/GatheringByteChannel.html#write-java.nio.ByteBuffer:A-int-int-"><code>GatheringByteChannel.write(ByteBuffer[], int, int)</code></a>对序列行为的更多信息。</span>
<p> <span>根据SSLEngine的状态此方法可能会产生网络数据而不会消耗任何应用程序数据例如它可能会产生握手数据</span> </p>
<p> <span>应用程序负责将网络数据可靠地传输到对等体并确保通过多次调用wrap创建的数据按照生成的顺序进行传输。</span> <span>应用程序必须正确同步多个调用此方法。</span> </p>
<p> <span>如果这个<code>SSLEngine</code>尚未启动其初始握手,此方法将自动开始握手。</span> </p>
<p> <span>此方法将尝试生成SSL / TLS记录并且尽可能消耗尽可能多的源数据但绝对不会消耗每个缓冲区中剩余字节的总和。</span> <span>每个<code>ByteBuffer</code>的位置被更新以反映消耗或产生的数据量。</span> <span>极限保持不变。</span> </p>
<p> <span><code>srcs</code><code>dst ByteBuffer</code>使用的底层内存不能相同。</span> </p>
<p> <span>有关发动机关闭的更多信息,请参阅课程说明。</span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>srcs</code> - 包含出站应用程序数据的
<code>ByteBuffers</code>数组
</dd>
<dd>
<span><code>offset</code> - 要从中检索字节的第一个缓冲区的缓冲区数组中的偏移量;</span>
<span>它必须是非负数,不得大于<code>srcs.length</code></span>
</dd>
<dd>
<span><code>length</code> - 要访问的缓冲区的最大数量;</span>
<span>它必须是非负数,不得大于<code>srcs.length</code> - <code>offset</code></span>
</dd>
<dd>
<code>dst</code> - 一个
<code>ByteBuffer</code>来保存出站网络数据
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
一个
<code>SSLEngineResult</code>这个操作结果的SSLEngineResult。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<span><code><a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></code> - 处理导致<code>SSLEngine</code>中止的数据时遇到问题。</span>
<span>有关发动机关闭的更多信息,请参阅课程说明。</span>
</dd>
<dd>
<code><a href="../../../java/lang/IndexOutOfBoundsException.html" title="class in java.lang">IndexOutOfBoundsException</a></code> - 如果
<code>offset</code>
<code>length</code>参数的前提条件不成立。
</dd>
<dd>
<code><a href="../../../java/nio/ReadOnlyBufferException.html" title="class in java.nio">ReadOnlyBufferException</a></code> - 如果
<code>dst</code>缓冲区是只读的。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalArgumentException.html" title="class in java.lang">IllegalArgumentException</a></code> - 如果
<code>srcs</code>
<code>dst</code>为null或者指定的
<code>srcs</code>子序列中的任何元素为null。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果客户端/服务器模式尚未设置。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<span><a href="../../../java/nio/channels/GatheringByteChannel.html" title="java.nio.channels中的接口"><code>GatheringByteChannel</code></a> <a href="../../../java/nio/channels/GatheringByteChannel.html#write-java.nio.ByteBuffer:A-int-int-"><code>GatheringByteChannel.write( ByteBuffer[], int, int)</code></a></span>
</dd>
</dl> </li>
</ul> <a name="unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>unwrap</h4> <pre>public <a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a> unwrap(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> src,
<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> dst)
throws <a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></pre>
<div class="block">
<span>尝试将SSL / TLS网络数据解码为明文应用程序数据缓冲区。</span>
<p> <span>调用此方法的行为方式与调用的方式完全相同:</span> </p>
<blockquote>
<span><pre>
<a href="../../../javax/net/ssl/SSLEngine.html#unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer:A-int-int-"><code>engine.unwrap(src, new ByteBuffer [] { dst }, 0, 1);</code></a>
</pre></span>
</blockquote>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>src</code> - 包含入站网络数据的
<code>ByteBuffer</code>
</dd>
<dd>
<code>dst</code> - 一个
<code>ByteBuffer</code>来保存入站应用程序数据。
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
一个
<code>SSLEngineResult</code>此操作的结果的SSLEngineResult。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<span><code><a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></code> - 处理导致<code>SSLEngine</code>中止的数据时遇到问题。</span>
<span>有关发动机关闭的更多信息,请参阅课程说明。</span>
</dd>
<dd>
<code><a href="../../../java/nio/ReadOnlyBufferException.html" title="class in java.nio">ReadOnlyBufferException</a></code> - 如果
<code>dst</code>缓冲区是只读的。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalArgumentException.html" title="class in java.lang">IllegalArgumentException</a></code> - 如果
<code>src</code>
<code>dst</code>为null。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果客户端/服务器模式尚未设置。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer:A-int-int-"><code>unwrap(ByteBuffer, ByteBuffer [], int, int)</code></a>
</dd>
</dl> </li>
</ul> <a name="unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer:A-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>unwrap</h4> <pre>public <a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a> unwrap(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> src,
<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a>[] dsts)
throws <a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></pre>
<div class="block">
<span>尝试将SSL / TLS网络数据解码为一系列明文应用程序数据缓冲区。</span>
<p> <span>调用此方法的行为方式与调用的方式完全相同:</span> </p>
<blockquote>
<span><pre>
<a href="../../../javax/net/ssl/SSLEngine.html#unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer:A-int-int-"><code>engine.unwrap(src, dsts, 0, dsts.length);</code></a>
</pre></span>
</blockquote>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>src</code> - 包含入站网络数据的
<code>ByteBuffer</code>
</dd>
<dd>
<code>dsts</code> -的阵列
<code>ByteBuffer</code> s至保持入站应用程序数据。
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
一个
<code>SSLEngineResult</code>此操作结果的SSLEngineResult。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<span><code><a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></code> - 处理导致<code>SSLEngine</code>中止的数据时遇到问题。</span>
<span>有关发动机关闭的更多信息,请参阅课程说明。</span>
</dd>
<dd>
<code><a href="../../../java/nio/ReadOnlyBufferException.html" title="class in java.nio">ReadOnlyBufferException</a></code> - 如果任何一个
<code>dst</code>缓冲区是只读的。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalArgumentException.html" title="class in java.lang">IllegalArgumentException</a></code> - 如果
<code>src</code>
<code>dsts</code>为空,或者
<code>dsts</code>中的任何元素为空。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果客户端/服务器模式尚未设置。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer:A-int-int-"><code>unwrap(ByteBuffer, ByteBuffer [], int, int)</code></a>
</dd>
</dl> </li>
</ul> <a name="unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer:A-int-int-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>unwrap</h4> <pre>public abstract <a href="../../../javax/net/ssl/SSLEngineResult.html" title="class in javax.net.ssl">SSLEngineResult</a> unwrap(<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a> src,
<a href="../../../java/nio/ByteBuffer.html" title="class in java.nio">ByteBuffer</a>[] dsts,
int offset,
int length)
throws <a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></pre>
<div class="block">
<span>尝试将SSL / TLS网络数据解码为明文应用程序数据缓冲区的子序列。</span>
<span>这种<i>“散射”</i>操作在单次调用中将字节序列解码为给定的缓冲器序列中的一个或多个。</span>
<span>当实现网络协议或文件格式时,散射展开通常很有用,例如,将数据分组成由一个或多个固定长度的标题后跟可变长度的主体组成的段。</span>
<span><a href="../../../java/nio/channels/ScatteringByteChannel.html" title="java.nio.channels中的接口"><code>ScatteringByteChannel</code></a>关于分散的更多信息,并<a href="../../../java/nio/channels/ScatteringByteChannel.html#read-java.nio.ByteBuffer:A-int-int-"><code>ScatteringByteChannel.read(ByteBuffer[], int, int)</code></a>对序列行为的更多信息。</span>
<p> <span>根据SSLEngine的状态此方法可能会消耗网络数据而不会生成任何应用程序数据例如它可能会消耗握手数据</span> </p>
<p> <span>该应用程序负责从对等方可靠地获取网络数据并按照收到的顺序调用unwrap</span> <span>应用程序必须正确同步多个调用此方法。</span> </p>
<p> <span>如果这个<code>SSLEngine</code>还没有开始初始握手,这个方法会自动开始握手。</span> </p>
<p> <span>此方法将尝试使用一个完整的SSL / TLS网络数据包但绝对不会消耗大于缓冲区中剩余字节的总和。</span> <span>每个<code>ByteBuffer</code>的位置被更新以反映消耗或产生的数据量。</span> <span>极限保持不变。</span> </p>
<p> <span><code>src</code><code>dsts ByteBuffer</code>使用的底层内存不能相同。</span> </p>
<p> <span>作为此呼叫的结果,可能会修改入站网络缓冲区:因此,如果网络数据包需要某些次要目的,则在调用此方法之前应重复数据。</span> <span>注意网络数据对第二个SSLEngine不会有用因为每个SSLEngine都包含影响SSL / TLS消息的唯一随机状态。</span> </p>
<p> <span>有关发动机关闭的更多信息,请参阅课程说明。</span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>src</code> - 一个
<code>ByteBuffer</code>入站网络数据的
<code>ByteBuffer</code>
</dd>
<dd>
<code>dsts</code> -的阵列
<code>ByteBuffer</code> s至保持入站应用程序数据。
</dd>
<dd>
<span><code>offset</code> - 要传输字节的第一个缓冲区的缓冲区中的偏移量;</span>
<span>它必须是非负数,不得大于<code>dsts.length</code></span>
</dd>
<dd>
<span><code>length</code> - 要访问的缓冲区的最大数量;</span>
<span>它必须是非负数,不得大于<code>dsts.length</code> - <code>offset</code></span>
</dd>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
一个
<code>SSLEngineResult</code>此操作的结果的SSLEngineResult。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<span><code><a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></code> - 处理导致<code>SSLEngine</code>中断的数据时遇到问题。</span>
<span>有关发动机关闭的更多信息,请参阅课程说明。</span>
</dd>
<dd>
<code><a href="../../../java/lang/IndexOutOfBoundsException.html" title="class in java.lang">IndexOutOfBoundsException</a></code> - 如果
<code>offset</code>
<code>length</code>参数的前提条件不成立。
</dd>
<dd>
<code><a href="../../../java/nio/ReadOnlyBufferException.html" title="class in java.nio">ReadOnlyBufferException</a></code> - 如果任何
<code>dst</code>缓冲区是只读的。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalArgumentException.html" title="class in java.lang">IllegalArgumentException</a></code> - 如果
<code>src</code>
<code>dsts</code>为空,或者指定的
<code>dsts</code>子序列中的任何元素为空。
</dd>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果客户端/服务器模式尚未设置。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<span><a href="../../../java/nio/channels/ScatteringByteChannel.html" title="java.nio.channels中的接口"><code>ScatteringByteChannel</code></a> <a href="../../../java/nio/channels/ScatteringByteChannel.html#read-java.nio.ByteBuffer:A-int-int-"><code>ScatteringByteChannel.read( ByteBuffer[], int, int)</code></a></span>
</dd>
</dl> </li>
</ul> <a name="getDelegatedTask--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getDelegatedTask</h4> <pre>public abstract <a href="../../../java/lang/Runnable.html" title="interface in java.lang">Runnable</a> getDelegatedTask()</pre>
<div class="block">
<span>返回委派<code>Runnable</code>这个任务<code>SSLEngine</code></span>
<p> <span><code>SSLEngine</code>操作可能需要阻止或可能需要较长时间才能完成的操作结果。</span> <span>该方法用于获得一个优秀的<a href="../../../java/lang/Runnable.html" title="java.lang中的接口"><code>Runnable</code></a>操作(任务)。</span> <span>每个任务必须分配一个线程(可能是当前的)来执行<a href="../../../java/lang/Runnable.html#run--"><code>run</code></a>操作。</span> <span><code>run</code>方法返回后,不再需要<code>Runnable</code>对象,可能会被丢弃。</span> </p>
<p> <span>委托任务在创建此对象时运行在<code>AccessControlContext</code>中。</span> </p>
<p> <span>调用此方法将返回每个未完成的任务一次。</span> </p>
<p> <span>多个委托任务可以并行运行。</span> </p>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
一个委托的
<code>Runnable</code>任务如果没有可用则为null。
</dd>
</dl> </li>
</ul> <a name="closeInbound--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>closeInbound</h4> <pre>public abstract void closeInbound()
throws <a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></pre>
<div class="block">
<span>表示没有更多的入站网络数据将被发送到此<code>SSLEngine</code></span>
<p> <span>如果应用程序通过调用启动关闭过程<a href="../../../javax/net/ssl/SSLEngine.html#closeOutbound--"><code>closeOutbound()</code></a> ,在某些情况下不要求发起方等待同位体的相应关闭的消息。</span> <span>有关等待关闭警报的更多信息请参阅TLS规范 <a href="http://www.ietf.org/rfc/rfc2246.txt">RFC 2246</a> 的7.2.1节。)在这种情况下,不需要调用此方法。</span> </p>
<p> <span>但如果应用程序没有启动关闭过程或者如果上述情况不适用则每当到达SSL / TLS数据流的结尾时都应调用此方法。</span> <span>这确保入站端的关闭并检查对等体是否正确遵循SSL / TLS关闭过程从而检测可能的截断攻击。</span> </p>
<p> <span>该方法是幂等的:如果入站端已经关闭,则此方法不执行任何操作。</span> </p>
<p> <span><a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer-java.nio.ByteBuffer-"><code>wrap()</code></a>应该被称为刷新任何剩余的握手数据。</span> </p>
</div>
<dl>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></code> - 如果此引擎尚未收到来自对等体的适当的SSL / TLS关闭通知消息。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#isInboundDone--"><code>isInboundDone()</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#isOutboundDone--"><code>isOutboundDone()</code></a>
</dd>
</dl> </li>
</ul> <a name="isInboundDone--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>isInboundDone</h4> <pre>public abstract boolean isInboundDone()</pre>
<div class="block">
返回
<a href="../../../javax/net/ssl/SSLEngine.html#unwrap-java.nio.ByteBuffer-java.nio.ByteBuffer-"><code>unwrap(ByteBuffer, ByteBuffer)</code></a>是否接受任何更多的入站数据消息。
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
如果
<code>SSLEngine</code>不再消耗网络数据并且暗示不会产生任何更多的应用数据则为true。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#closeInbound--"><code>closeInbound()</code></a>
</dd>
</dl> </li>
</ul> <a name="closeOutbound--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>closeOutbound</h4> <pre>public abstract void closeOutbound()</pre>
<div class="block">
<span>表示在此<code>SSLEngine</code>不会再发送外部应用程序数据。</span>
<p> <span>这个方法是幂等的:如果出站方已经关闭了,这个方法什么都不做。</span> </p>
<p> <span><a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer-java.nio.ByteBuffer-"><code>wrap(ByteBuffer, ByteBuffer)</code></a>应该被称为刷新任何剩余的握手数据。</span> </p>
</div>
<dl>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#isOutboundDone--"><code>isOutboundDone()</code></a>
</dd>
</dl> </li>
</ul> <a name="isOutboundDone--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>isOutboundDone</h4> <pre>public abstract boolean isOutboundDone()</pre>
<div class="block">
<span>返回<a href="../../../javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer-java.nio.ByteBuffer-"><code>wrap(ByteBuffer, ByteBuffer)</code></a>是否会产生更多的出站数据消息。</span>
<p> <span>请注意,在关闭阶段, <code>SSLEngine</code>可能会生成必须发送给对等体的握手关闭数据。</span> <span>必须调用<code>wrap()</code>才能生成此数据。</span> <span>当此方法返回true时不会再创建更多的出站数据。</span> </p>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
如果
<code>SSLEngine</code>不会产生任何更多的网络数据则为true
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#closeOutbound--"><code>closeOutbound()</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#closeInbound--"><code>closeInbound()</code></a>
</dd>
</dl> </li>
</ul> <a name="getSupportedCipherSuites--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getSupportedCipherSuites</h4> <pre>public abstract <a href="../../../java/lang/String.html" title="class in java.lang">String</a>[] getSupportedCipherSuites()</pre>
<div class="block">
<span>返回可以在此引擎上使用的密码套件的名称。</span>
<span>通常,默认情况下实际上只能启用这些子集,因为此列表可能包括不符合这些默认值的服务质量要求的密码套件。</span>
<span>这样的密码套件在专门的应用中可能是有用的。</span>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
一组加密套件名称
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#getEnabledCipherSuites--"><code>getEnabledCipherSuites()</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#setEnabledCipherSuites-java.lang.String:A-"><code>setEnabledCipherSuites(String [])</code></a>
</dd>
</dl> </li>
</ul> <a name="getEnabledCipherSuites--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getEnabledCipherSuites</h4> <pre>public abstract <a href="../../../java/lang/String.html" title="class in java.lang">String</a>[] getEnabledCipherSuites()</pre>
<div class="block">
<span>返回当前启用此引擎使用的SSL密码套件的名称。</span>
<span>当首次创建SSLEngine时所有启用的密码套件都支持最低服务质量。</span>
<span>因此,在某些环境中,此值可能为空。</span>
<p> <span>即使已启用套件,也可能永远不会使用。</span> <span>(例如,对等体不支持它,套件的必需证书/私钥不可用,或启用匿名套件,但需要验证。)</span> </p>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
一组加密套件名称
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#getSupportedCipherSuites--"><code>getSupportedCipherSuites()</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#setEnabledCipherSuites-java.lang.String:A-"><code>setEnabledCipherSuites(String [])</code></a>
</dd>
</dl> </li>
</ul> <a name="setEnabledCipherSuites-java.lang.String:A-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>setEnabledCipherSuites</h4> <pre>public abstract void setEnabledCipherSuites(<a href="../../../java/lang/String.html" title="class in java.lang">String</a>[] suites)</pre>
<div class="block">
<span>设置启用此引擎使用的密码套件。</span>
<p> <span><code>suites</code>参数中的每个加密套件都必须由getSupportedCipherSuites列出否则该方法将失败。</span> <span>成功调用此方法后,只能启用<code>suites</code>参数中列出的<code>suites</code></span> </p>
<p> <span>有关为什么特定加密套件可能永远不会在引擎上使用的更多信息,请参阅<a href="../../../javax/net/ssl/SSLEngine.html#getEnabledCipherSuites--"><code>getEnabledCipherSuites()</code></a></span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>suites</code> - 要启用的所有密码套件的名称
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../java/lang/IllegalArgumentException.html" title="class in java.lang">IllegalArgumentException</a></code> - 当不支持由参数命名的一个或多个密码时,或当参数为空时。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#getSupportedCipherSuites--"><code>getSupportedCipherSuites()</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#getEnabledCipherSuites--"><code>getEnabledCipherSuites()</code></a>
</dd>
</dl> </li>
</ul> <a name="getSupportedProtocols--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getSupportedProtocols</h4> <pre>public abstract <a href="../../../java/lang/String.html" title="class in java.lang">String</a>[] getSupportedProtocols()</pre>
<div class="block">
返回可与此
<code>SSLEngine</code>一起使用的
<code>SSLEngine</code>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
支持的一系列协议
</dd>
</dl> </li>
</ul> <a name="getEnabledProtocols--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getEnabledProtocols</h4> <pre>public abstract <a href="../../../java/lang/String.html" title="class in java.lang">String</a>[] getEnabledProtocols()</pre>
<div class="block">
返回当前与此使用而启用的协议版本的名称
<code>SSLEngine</code>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
一系列协议
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#setEnabledProtocols-java.lang.String:A-"><code>setEnabledProtocols(String [])</code></a>
</dd>
</dl> </li>
</ul> <a name="setEnabledProtocols-java.lang.String:A-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>setEnabledProtocols</h4> <pre>public abstract void setEnabledProtocols(<a href="../../../java/lang/String.html" title="class in java.lang">String</a>[] protocols)</pre>
<div class="block">
<span>设置允许在此引擎上使用的协议版本。</span>
<p> <span>协议必须被getSupportedProtocols列为受支持。</span> <span>成功调用此方法后仅启用protocols参数中列出的<code>protocols</code>才能使用。</span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>protocols</code> - 启用的所有协议的名称。
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../java/lang/IllegalArgumentException.html" title="class in java.lang">IllegalArgumentException</a></code> - 当一个或多个由参数命名的协议不受支持或协议参数为null时。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#getEnabledProtocols--"><code>getEnabledProtocols()</code></a>
</dd>
</dl> </li>
</ul> <a name="getSession--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getSession</h4> <pre>public abstract <a href="../../../javax/net/ssl/SSLSession.html" title="interface in javax.net.ssl">SSLSession</a> getSession()</pre>
<div class="block">
<span>返回此<code>SSLSession</code>中使用的<code>SSLEngine</code></span>
<p> <span>这些可以长期存在,并且经常对应于一些用户的整个登录会话。</span> <span>会话指定了该会话中所有连接正在主动使用的特定加密套件,以及会话的客户端和服务器的身份。</span> </p>
<p> <span><a href="../../../javax/net/ssl/SSLSocket.html#getSession--"><code>SSLSocket.getSession()</code></a>不同,这种方法不会阻止,直到握手完成。</span> </p>
<p> <span>在初始握手完成之前此方法返回一个报告“SSL_NULL_WITH_NULL_NULL”无效加密套件的会话对象。</span> </p>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
<code>SSLSession</code>为这
<code>SSLEngine</code>
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<span><a href="../../../javax/net/ssl/SSLSession.html" title="javax.net.ssl中的接口"><code>SSLSession</code></a></span>
</dd>
</dl> </li>
</ul> <a name="getHandshakeSession--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getHandshakeSession</h4> <pre>public <a href="../../../javax/net/ssl/SSLSession.html" title="interface in javax.net.ssl">SSLSession</a> getHandshakeSession()</pre>
<div class="block">
<span>返回<code>SSLSession</code>一个SSL / TLS握手期间正在建设。</span>
<p> <span>TLS协议可以协商使用此类实例时需要的参数<code>SSLSession</code>已经被完全初始化并通过<code>getSession</code></span> <span>例如有效的签名算法列表可能限制在TrustManager决策期间可以使用的证书的类型或者可以调整最大TLS片段数据包大小以更好地支持网络环境。</span> </p>
<p> <span>此方法提供了早期访问<code>SSLSession</code>被构造。</span> <span>取决于握手进度有多远,有些数据可能尚未被使用。</span> <span>例如,如果远程服务器将发送一个证书链,但链尚未不被处理时, <code>getPeerCertificates</code>的方法<code>SSLSession</code>将抛出SSLPeerUnverifiedException。</span> <span>一旦该链已被处理, <code>getPeerCertificates</code>将返回正确的值。</span> </p>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
<span>如果此实例当前不是握手或者当前握手没有进展到足够大以创建基本SSLSession则为null。</span>
<span>否则,此方法返回<code>SSLSession</code>目前正在谈判。</span>
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../java/lang/UnsupportedOperationException.html" title="class in java.lang">UnsupportedOperationException</a></code> - 如果底层提供程序未实现该操作。
</dd>
<dt>
<span class="simpleTagLabel">从以下版本开始:</span>
</dt>
<dd>
1.7
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<span><a href="../../../javax/net/ssl/SSLSocket.html" title="javax.net.ssl中的类"><code>SSLSocket</code></a> <a href="../../../javax/net/ssl/SSLSession.html" title="javax.net.ssl中的接口"><code>SSLSession</code></a> <a href="../../../javax/net/ssl/ExtendedSSLSession.html" title="javax.net.ssl中的类"><code>ExtendedSSLSession</code></a> <a href="../../../javax/net/ssl/X509ExtendedKeyManager.html" title="javax.net.ssl中的类"><code>X509ExtendedKeyManager</code></a> <a href="../../../javax/net/ssl/X509ExtendedTrustManager.html" title="javax.net.ssl中的类"><code>X509ExtendedTrustManager</code></a></span>
</dd>
</dl> </li>
</ul> <a name="beginHandshake--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>beginHandshake</h4> <pre>public abstract void beginHandshake()
throws <a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></pre>
<div class="block">
<span>在这个SSLEngine上启动握手初始或重新协商</span>
<p> <span>初始握手不需要这种方法,因为<code>wrap()</code><code>unwrap()</code>方法将隐含地称之为握手尚未开始的方法。</span> </p>
<p> <span>请注意,对等体还可以通过发送适当的会话重新协商握手消息来请求与该<code>SSLEngine</code>的会话重新协商。</span> </p>
<p> <span><a href="../../../javax/net/ssl/SSLSocket.html#startHandshake--"><code>SSLSocket#startHandshake()</code></a>方法不同,该方法在<a href="../../../javax/net/ssl/SSLSocket.html#startHandshake--">握手</a>完成之前不会阻止。</span> </p>
<p> <span>要强制完成SSL / TLS会话重新协商在调用此方法之前当前会话应该被无效。</span> </p>
<p> <span>某些协议可能不支持现有引擎上的多次握手,并可能会导致<code>SSLException</code></span> </p>
</div>
<dl>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<span><code><a href="../../../javax/net/ssl/SSLException.html" title="class in javax.net.ssl">SSLException</a></code> - 如果在发信号通知<code>SSLEngine</code>开始新的握手时遇到问题。</span>
<span>有关发动机关闭的更多信息,请参阅课程说明。</span>
</dd>
<dd>
<code><a href="../../../java/lang/IllegalStateException.html" title="class in java.lang">IllegalStateException</a></code> - 如果客户端/服务器模式尚未设置。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLSession.html#invalidate--"><code>SSLSession.invalidate()</code></a>
</dd>
</dl> </li>
</ul> <a name="getHandshakeStatus--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getHandshakeStatus</h4> <pre>public abstract <a href="../../../javax/net/ssl/SSLEngineResult.HandshakeStatus.html" title="enum in javax.net.ssl">SSLEngineResult.HandshakeStatus</a> getHandshakeStatus()</pre>
<div class="block">
返回此
<code>SSLEngine</code>的当前握手状态。
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
目前
<code>SSLEngineResult.HandshakeStatus</code>
</dd>
</dl> </li>
</ul> <a name="setUseClientMode-boolean-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>setUseClientMode</h4> <pre>public abstract void setUseClientMode(boolean mode)</pre>
<div class="block">
<span>配置引擎在握手时使用客户端(或服务器)模式。</span>
<p> <span>在发生任何握手之前必须调用此方法。</span> <span>一旦握手已经开始,在该引擎的使用寿命内不能重置该模式。</span> </p>
<p> <span>服务器通常认证自己,客户端不需要这样做。</span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>mode</code> - 如果引擎应该以“客户端”模式开始
<code>mode</code> 则为true
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../java/lang/IllegalArgumentException.html" title="class in java.lang">IllegalArgumentException</a></code> - 如果在初始握手开始后尝试进行模式更改。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#getUseClientMode--"><code>getUseClientMode()</code></a>
</dd>
</dl> </li>
</ul> <a name="getUseClientMode--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getUseClientMode</h4> <pre>public abstract boolean getUseClientMode()</pre>
<div class="block">
如果在握手时将引擎设置为使用客户端模式则返回true。
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
如果引擎应该在“客户端”模式下进行握手,则为真
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#setUseClientMode-boolean-"><code>setUseClientMode(boolean)</code></a>
</dd>
</dl> </li>
</ul> <a name="setNeedClientAuth-boolean-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>setNeedClientAuth</h4> <pre>public abstract void setNeedClientAuth(boolean need)</pre>
<div class="block">
<span>配置引擎<i>要求</i>客户端认证。</span>
<span>此选项仅对服务器模式下的引擎有用。</span>
<p> <span>引擎的客户端验证设置是以下之一:</span> </p>
<ul>
<li> <span>需要客户端身份验证</span> </li>
<li> <span>客户端认证请求</span> </li>
<li> <span>不需要客户端认证</span> </li>
</ul>
<p> <span><a href="../../../javax/net/ssl/SSLEngine.html#setWantClientAuth-boolean-"><code>setWantClientAuth(boolean)</code></a>不同,如果设置此选项,并且客户机选择不提供有关其自身的认证信息, <i>则协商将停止,并且引擎将开始其关闭过程</i></span> </p>
<p> <span>调用此方法将覆盖此方法或<a href="../../../javax/net/ssl/SSLEngine.html#setWantClientAuth-boolean-"><code>setWantClientAuth(boolean)</code></a>所做的任何以前的设置。</span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>need</code> - 如果需要客户端验证则设置为true;如果不需要客户端验证则设置为false。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#getNeedClientAuth--"><code>getNeedClientAuth()</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#setWantClientAuth-boolean-"><code>setWantClientAuth(boolean)</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#getWantClientAuth--"><code>getWantClientAuth()</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#setUseClientMode-boolean-"><code>setUseClientMode(boolean)</code></a>
</dd>
</dl> </li>
</ul> <a name="getNeedClientAuth--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getNeedClientAuth</h4> <pre>public abstract boolean getNeedClientAuth()</pre>
<div class="block">
<span>如果引擎<i>需要</i>客户端验证则返回true。</span>
<span>此选项仅对服务器模式下的引擎有用。</span>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
如果需要客户端验证则为true;如果不需要客户端验证则为false。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#setNeedClientAuth-boolean-"><code>setNeedClientAuth(boolean)</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#setWantClientAuth-boolean-"><code>setWantClientAuth(boolean)</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#getWantClientAuth--"><code>getWantClientAuth()</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#setUseClientMode-boolean-"><code>setUseClientMode(boolean)</code></a>
</dd>
</dl> </li>
</ul> <a name="setWantClientAuth-boolean-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>setWantClientAuth</h4> <pre>public abstract void setWantClientAuth(boolean want)</pre>
<div class="block">
<span>配置引擎以<i>请求</i>客户端身份验证。</span>
<span>此选项仅对服务器模式下的引擎有用。</span>
<p> <span>引擎的客户端验证设置是以下之一:</span> </p>
<ul>
<li> <span>需要客户端身份验证</span> </li>
<li> <span>客户端认证请求</span> </li>
<li> <span>不需要客户端认证</span> </li>
</ul>
<p> <span><a href="../../../javax/net/ssl/SSLEngine.html#setNeedClientAuth-boolean-"><code>setNeedClientAuth(boolean)</code></a>不同,如果设置了此选项,并且客户端选择不提供有关其自身的身份验证信息, <i>则协商将继续进行</i></span> </p>
<p> <span>调用此方法将覆盖此方法或<a href="../../../javax/net/ssl/SSLEngine.html#setNeedClientAuth-boolean-"><code>setNeedClientAuth(boolean)</code></a>所做的任何以前的设置。</span> </p>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>want</code> - 如果请求客户端认证则设置为true;如果不需要客户端认证则设置为false。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#getWantClientAuth--"><code>getWantClientAuth()</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#setNeedClientAuth-boolean-"><code>setNeedClientAuth(boolean)</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#getNeedClientAuth--"><code>getNeedClientAuth()</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#setUseClientMode-boolean-"><code>setUseClientMode(boolean)</code></a>
</dd>
</dl> </li>
</ul> <a name="getWantClientAuth--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getWantClientAuth</h4> <pre>public abstract boolean getWantClientAuth()</pre>
<div class="block">
<span>如果引擎将<i>请求</i>客户端身份验证则返回true。</span>
<span>此选项仅对服务器模式下的引擎有用。</span>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
如果客户端认证被请求则为true;如果不需要客户端认证则为false。
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#setNeedClientAuth-boolean-"><code>setNeedClientAuth(boolean)</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#getNeedClientAuth--"><code>getNeedClientAuth()</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#setWantClientAuth-boolean-"><code>setWantClientAuth(boolean)</code></a>
<a href="../../../javax/net/ssl/SSLEngine.html#setUseClientMode-boolean-"><code>setUseClientMode(boolean)</code></a>
</dd>
</dl> </li>
</ul> <a name="setEnableSessionCreation-boolean-">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>setEnableSessionCreation</h4> <pre>public abstract void setEnableSessionCreation(boolean flag)</pre>
<div class="block">
<span>控制此引擎是否可以建立新的SSL会话。</span>
<span>如果不允许会话创建,并且没有现有的会话恢复,则不会有成功的握手。</span>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<span><code>flag</code> - true表示可以创建会话;</span>
<span>这是默认值。</span>
<span>false表示必须恢复现有会话</span>
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#getEnableSessionCreation--"><code>getEnableSessionCreation()</code></a>
</dd>
</dl> </li>
</ul> <a name="getEnableSessionCreation--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getEnableSessionCreation</h4> <pre>public abstract boolean getEnableSessionCreation()</pre>
<div class="block">
如果此引擎可能建立新的SSL会话则返回true。
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
<span>true表示可以创建会话;</span>
<span>这是默认值。</span>
<span>false表示必须恢复现有会话</span>
</dd>
<dt>
<span class="seeLabel">另请参见:</span>
</dt>
<dd>
<a href="../../../javax/net/ssl/SSLEngine.html#setEnableSessionCreation-boolean-"><code>setEnableSessionCreation(boolean)</code></a>
</dd>
</dl> </li>
</ul> <a name="getSSLParameters--">
<!-- --> </a>
<ul class="blockList">
<li class="blockList"> <h4>getSSLParameters</h4> <pre>public <a href="../../../javax/net/ssl/SSLParameters.html" title="class in javax.net.ssl">SSLParameters</a> getSSLParameters()</pre>
<div class="block">
<span>返回此SSLEngine有效的SSLParameters。</span>
<span>返回的SSLParameters的密码和协议始终不为空。</span>
</div>
<dl>
<dt>
<span class="returnLabel">结果</span>
</dt>
<dd>
此SSLEngine的SSLParameters有效。
</dd>
<dt>
<span class="simpleTagLabel">从以下版本开始:</span>
</dt>
<dd>
1.6
</dd>
</dl> </li>
</ul> <a name="setSSLParameters-javax.net.ssl.SSLParameters-">
<!-- --> </a>
<ul class="blockListLast">
<li class="blockList"> <h4>setSSLParameters</h4> <pre>public void setSSLParameters(<a href="../../../javax/net/ssl/SSLParameters.html" title="class in javax.net.ssl">SSLParameters</a> params)</pre>
<div class="block">
<span>将SSLParameters应用于此引擎。</span>
<p> <span>意即:</span> </p>
<ul>
<li> <span>如果<code>params.getCipherSuites()</code>是非空值,则使用该值调用<code>setEnabledCipherSuites()</code></span> </li>
<li> <span>如果<code>params.getProtocols()</code>为非空值,则使用该值调用<code>setEnabledProtocols()</code></span> </li>
<li> <span>如果<code>params.getNeedClientAuth()</code><code>params.getWantClientAuth()</code>回报<code>true</code> <code>setNeedClientAuth(true)</code><code>setWantClientAuth(true)</code>被称为,分别;</span> <span>否则<code>setWantClientAuth(false)</code></span> </li>
<li> <span>如果<code>params.getServerNames()</code>为非空值,引擎将使用该值配置其服务器名称。</span> </li>
<li> <span>如果<code>params.getSNIMatchers()</code>为非空值则引擎将使用该值配置其SNI匹配器。</span> </li>
</ul>
</div>
<dl>
<dt>
<span class="paramLabel">参数</span>
</dt>
<dd>
<code>params</code> - 参数
</dd>
<dt>
<span class="throwsLabel">异常</span>
</dt>
<dd>
<code><a href="../../../java/lang/IllegalArgumentException.html" title="class in java.lang">IllegalArgumentException</a></code> - 如果setEnabledCipherSuites或setEnabledProtocols调用失败
</dd>
<dt>
<span class="simpleTagLabel">从以下版本开始:</span>
</dt>
<dd>
1.6
</dd>
</dl> </li>
</ul> </li>
</ul> </li>
</ul>
</div>
</div>
Reference in New Issue View Git Blame Copy Permalink