Added in API level 29

SSLSockets


public class SSLSockets
extends Object

java.lang.Object
   ↳ android.net.ssl.SSLSockets


Static utility methods for accessing additional functionality of supported instances of SSLSocket. Sockets from the platform TLS provider will be compatible with all methods in this class.

Summary

Public methods

static byte[] exportKeyingMaterial(SSLSocket socket, String label, byte[] context, int length)

Exports a value derived from the TLS master secret as described in RFC 5705.

static boolean isSupportedSocket(SSLSocket socket)

Returns whether the given socket can be used with the methods in this class.

static void setUseSessionTickets(SSLSocket socket, boolean useSessionTickets)

Enables or disables the use of session tickets.

Inherited methods

Public methods

exportKeyingMaterial

Added in API level 31
public static byte[] exportKeyingMaterial (SSLSocket socket, 
                String label, 
                byte[] context, 
                int length)

Exports a value derived from the TLS master secret as described in RFC 5705. A number of protocols leverage Transport Layer Security (TLS) to perform key establishment but then use some of the keying material for their own purposes. This method allows an application to export keying material from a TLS connection. The exported material will be the same on the client and server if they pass in the same values for label and context. See RFC 5705 for further details.

Parameters
socket SSLSocket: the socket to use for exporting keying material This value cannot be null.

label String: the label to use in calculating the exported value. This must be an ASCII-only string. This value cannot be null.

context byte: the application-specific context value to use in calculating the exported value. This may be null to use no application context, which is treated differently than an empty byte array.

length int: the number of bytes of keying material to return.

Returns
byte[] a value of the specified length, or null if the handshake has not yet completed or the connection has been closed.

Throws
SSLException if the value could not be exported.

isSupportedSocket

Added in API level 29
public static boolean isSupportedSocket (SSLSocket socket)

Returns whether the given socket can be used with the methods in this class. In general, only sockets from the platform TLS provider are supported.

Parameters
socket SSLSocket: This value cannot be null.

Returns
boolean

setUseSessionTickets

Added in API level 29
public static void setUseSessionTickets (SSLSocket socket, 
                boolean useSessionTickets)

Enables or disables the use of session tickets.

This function must be called before the handshake is started or it will have no effect.

Parameters
socket SSLSocket: the socket This value cannot be null.

useSessionTickets boolean: whether to enable or disable the use of session tickets

Throws
IllegalArgumentException if the given socket is not a platform socket