All Classes and Interfaces
Class
Description
Base class for a TLS client.
Base class for a TlsCrypto implementation that provides some needed methods from elsewhere in the impl package.
Base class for supporting a TLS key exchange implementation.
Base class for supporting a TLS key exchange factory implementation.
Base class for a TLS client or server.
Base class for a TlsSecret implementation which captures common code and fields.
Base class for a TLS server.
RFC 5246 7.2.
RFC 5246 7.2
A basic PSK Identity holder.
A basic SRP Identity holder.
Credentialed class generating agreed secrets from a peer's public key for our end of the TLS connection using the BC light-weight API.
Credentialed class decrypting RSA encrypted secrets sent from a peer for our end of the TLS connection using the BC light-weight API.
Credentialed class for generating signatures based on the use of primitives from the BC light-weight API.
A BCJSSE-specific interface providing access to extended connection-specific functionality.
A BCJSSE-specific interface to expose extended functionality on
SSLEngine
implementations.A BCJSSE-specific interface providing access to extended SSL parameters in earlier JDKs.
A BCJSSE-specific interface to expose extended functionality on
SSLSocket
implementations.Implementation class for a single X.509 certificate based on the BC light-weight API.
Class for providing cryptographic services for TLS based on implementations in the BC light-weight API.
Support class for ephemeral Diffie-Hellman using the BC light-weight library.
BC light-weight support class for Diffie-Hellman key pair generation and key agreement over a specified Diffie-Hellman configuration.
Implementation class for generation of the raw DSA signature type using the BC light-weight API.
Implementation class for the verification of the raw DSA signature type using the BC light-weight API.
BC light-weight base class for the signers implementing the two DSA style algorithms from FIPS PUB 186-4: DSA and ECDSA.
BC light-weight base class for the verifiers supporting the two DSA style algorithms from FIPS PUB 186-4: DSA and ECDSA.
Support class for ephemeral Elliptic Curve Diffie-Hellman using the BC light-weight library.
EC domain class for generating key pairs and performing key agreement.
Implementation class for generation of ECDSA signatures in TLS 1.3+ using the BC light-weight API.
Implementation class for generation of the raw ECDSA signature type using the BC light-weight API.
Implementation class for the verification of the raw ECDSA signature type using the BC light-weight API.
Implementation class for a single X.509 certificate based on the BC light-weight API.
Operator supporting the generation of RSASSA-PSS signatures using the BC light-weight API.
Operator supporting the verification of RSASSA-PSS signatures using the BC light-weight API.
Operator supporting the generation of RSASSA-PKCS1-v1_5 signatures using the BC light-weight API.
Operator supporting the verification of RSASSA-PKCS1-v1_5 signatures using the BC light-weight API.
BC light-weight support class for handling TLS secrets and deriving key material and other secrets from them.
Support class for X25519 using the BC light-weight library.
Support class for X448 using the BC light-weight library.
Deprecated.
Will be removed.
A queue for bytes.
InputStream based on a ByteQueue implementation.
OutputStream based on a ByteQueue implementation.
Implementation of the RFC 3546 3.3.
Parsing and encoding of a Certificate struct from RFC 4346.
RFC 8879
Parsing and encoding of a CertificateRequest struct from RFC 4346:
Implementation of the RFC 3546 3.6.
Implementation of the RFC 6961 2.2.
RFC 6091
RFC 5056
RFC 2246 A.5
RFC 2246
A combined hash, which implements md5(m) || sha1(m).
RFC 2246 6.1
RFC 2246
RFC 2246 6.2.1
Base interface for an object sending and receiving DTLS data.
Container class for generating signatures that carries the signature type, parameters, public key certificate and public key's associated signer object.
Carrier class for Diffie-Hellman group parameters.
Standard Diffie-Hellman groups from various IETF specifications.
Implements cookie generation/verification for a DTLS server as described in RFC 4347,
4.2.1.
Deprecated.
Will be removed.
RFC 4492 5.4
RFC 4492 5.1.2
RFC 2246
RFC 5705
RFC 5246 7.4.1.4.1
RFC 6066
Credentialed class for generating signatures based on the use of primitives from the JCA.
Implementation class for a single X.509 certificate based on the JCA.
Class for providing cryptographic services for TLS based on implementations in the JCA/JCE.
Basic builder class for constructing standard JcaTlsCrypto classes.
Implementation class for generation of the raw DSA signature type using the JCA.
Implementation class for the verification of the raw DSA signature type using the JCA.
JCA base class for the signers implementing the two DSA style algorithms from FIPS PUB 186-4: DSA and ECDSA.
JCA base class for the verifiers implementing the two DSA style algorithms from FIPS PUB 186-4: DSA and ECDSA.
Implementation class for generation of ECDSA signatures in TLS 1.3+ using the JCA.
Implementation class for generation of the raw ECDSA signature type using the JCA.
Implementation class for the verification of the raw ECDSA signature type using the JCA.
Wrapper class for providing support methods for a TlsHash based on the JCA MessageDigest class.
Operator supporting the generation of RSASSA-PSS signatures.
Operator supporting the verification of RSASSA-PSS signatures.
Operator supporting the generation of RSASSA-PKCS1-v1_5 signatures.
Operator supporting the verification of RSASSA-PKCS1-v1_5 signatures.
A basic wrapper for a JCE Cipher class to provide the needed AEAD cipher functionality for TLS.
A basic wrapper for a JCE Cipher class to provide the needed block cipher functionality for TLS.
A basic wrapper for a JCE Cipher class to provide the needed block cipher functionality for TLS where the
cipher requires the IV to be continued between calls.
Credentialed class generating agreed secrets from a peer's public key for our end of the TLS connection using the JCE.
Credentialed class decrypting RSA encrypted secrets sent from a peer for our end of the TLS connection using the JCE.
Support class for ephemeral Diffie-Hellman using the JCE.
JCE support class for Diffie-Hellman key pair generation and key agreement over a specified Diffie-Hellman configuration.
Support class for ephemeral Elliptic Curve Diffie-Hellman using the JCE.
EC domain class for generating key pairs and performing key agreement.
Wrapper class for a JCE MAC based on HMAC to provide the necessary operations for TLS.
JCE support class for handling TLS secrets and deriving key material and other secrets from them.
Support class for X25519 using the JCE.
Support class for X448 using the JCE.
RFC 2246
RFC 8446 4.6.3
RFC 2246
RFC 7919
Note that the values here are implementation-specific and arbitrary.
RFC 3546 3.6
RFC 5246
RFC 7301 Represents a protocol name for use with ALPN.
Note that the values here are implementation-specific and arbitrary.
Carrier class for general security parameters.
RFC 6066 3.
RFC 5246 7.4.1.4.1 (in RFC 2246, there were no specific values assigned)
RFC 5246 7.4.1.4.1
An implementation of
TlsSRPIdentityManager that simulates the existence of "unknown" identities
to obscure the fact that there is no verifier for them.Implements the client side SRP-6a protocol.
Carrier class for SRP-6 group parameters.
Implements the server side SRP-6a protocol.
A selection of standard groups for SRP-6.
Generates new SRP verifier for user
Public class with a public default constructor, for use with the "ssl.ServerSocketFactory.provider"
property in the java.security file.
Public class with a public default constructor, for use with the "ssl.SocketFactory.provider"
property in the java.security file.
RFC 4680
Base interface for a TLS 1.3 signature verifier.
A generic TLS 1.2 AEAD cipher.
Base interface for services supporting AEAD encryption/decryption.
Base interface for ephemeral key agreement calculator.
Base interface to provide TLS authentication credentials.
A generic TLS 1.0-1.2 block cipher.
Interface for block cipher services.
Interface providing the functional representation of a single X.509 certificate.
Base interface for a TLS bulk cipher.
Interface describing a TLS client endpoint.
Marker interface to distinguish a TLS client context.
Base interface for a TLS context implementation.
Support interface for generating a secret based on the credentials sent by a TLS peer.
Base interface for a class that decrypts TLS secrets.
Support interface for generating a signature based on our private credentials.
Base interface for interfaces/classes carrying TLS credentials.
Service and object creation interface for the primitive types and services that are associated
with cryptography in the API.
Basic exception class for crypto services to pass back a cause.
Carrier class for context-related parameters needed for creating secrets and ciphers.
Interface that provider's of TlsCrypto implementations need to conform to.
(D)TLS DH_anon key exchange.
Basic config for Diffie-Hellman.
Domain interface to service factory for creating Diffie-Hellman operators.
Interface for verifying explicit Diffie-Hellman group parameters.
(D)TLS DH key exchange.
Carrier class for Elliptic Curve parameter configuration.
(D)TLS ECDH_anon key exchange (see RFC 4492).
(D)TLS ECDHE key exchange (see RFC 4492).
(D)TLS ECDH key exchange (see RFC 4492).
Domain interface to service factory for creating Elliptic-Curve (EC) based operators.
Base interface for an encryptor.
Base exception for various TLS alerts.
Base interface for an object that can calculate a handshake hash.
Interface for message digest, or hash, services.
Interface for MAC services based on HMAC.
Useful utility methods.
A generic interface for key exchange implementations in (D)TLS.
Interface for a key exchange factory offering a variety of specific algorithms.
Interface for MAC services.
This exception will be thrown (only) when the connection is closed by the peer without sending a
close_notify warning alert.The NULL cipher.
The cipher for TLS_NULL_WITH_NULL_NULL.
Object Identifiers associated with TLS extensions.
Base interface for a (D)TLS endpoint.
Processor interface for a PSK identity.
Base interface for an object that can process a PSK identity.
(D)TLS PSK key exchange (RFC 4279).
(D)TLS RSA key exchange.
RSA utility methods.
Interface supporting the generation of key material and other SSL/TLS secret values from PRFs.
Interface describing a TLS server endpoint.
Server certificate carrier interface.
Marker interface to distinguish a TLS server context.
Base interface for a carrier object for a TLS session.
Base interface for a TLS signer that works on raw message digests.
Basic interface for an SRP-6 client implementation.
Basic interface for an SRP-6 server implementation.
Base interface for a generator for SRP-6 verifiers.
Basic config for SRP.
Interface for verifying SRP config needs to conform to.
Processor interface for an SRP identity.
Base interface for an object that can return login parameters from an SRP identity.
(D)TLS SRP key exchange (RFC 5054).
RFC 5764 DTLS Extension to Establish Keys for SRTP.
A generic TLS MAC implementation, acting as an HMAC based on some underlying Digest.
Base interface for a generic TLS MAC implementation for use with a bulk cipher.
Some helper functions for the TLS API.
Base interface for a TLS verifier that works with signatures and either raw message digests, or
entire messages.
RFC 6066 5.
RFC 4681
RFC 5764 4.1.1