Package io.ktor.network.tls

Types

class CertificateAndKey(certificateChain: Array<X509Certificate>, key: PrivateKey)

Client certificate chain with private key.

CIO cipher suites collection https://www.ietf.org/rfc/rfc5289.txt https://tools.ietf.org/html/rfc5288#section-3

data class CipherSuite(code: Short, name: String, openSSLName: String, exchangeType: SecretExchangeType, jdkCipherName: String, keyStrength: Int, fixedIvLength: Int, ivLength: Int, cipherTagSizeInBytes: Int, macName: String, macStrength: Int, hash: HashAlgorithm, signatureAlgorithm: SignatureAlgorithm, cipherType: CipherType)

Represents a TLS cipher suite

CipherType

enum CipherType : Enum<CipherType>

Cipher type.

NoPrivateKeyException

class NoPrivateKeyException(alias: String, store: KeyStore) : IllegalStateException, CopyableThrowable<NoPrivateKeyException>

Throws if failed to find PrivateKey for any alias in KeyStore.

OID

data class OID(identifier: String)

SecretExchangeType

enum SecretExchangeType : Enum<SecretExchangeType>

TLS secret key exchange type.

ServerKeyExchangeType

enum ServerKeyExchangeType : Enum<ServerKeyExchangeType>

Server key exchange type with it's code

TLSAlertLevel

enum TLSAlertLevel : Enum<TLSAlertLevel>

TLS alert level

TLSAlertType

enum TLSAlertType : Enum<TLSAlertType>

TLS alert types with codes

TLSConfig

expect class TLSConfig

actual class TLSConfig

TLS configuration.

actual class TLSConfig

TLSConfigBuilder

expect class TLSConfigBuilder

TLSConfig builder.

actual class TLSConfigBuilder

TLSConfig builder.

actual class TLSConfigBuilder

TLSConfig builder.

TLSHandshakeType

enum TLSHandshakeType : Enum<TLSHandshakeType>

TLS handshake record type

TLSRecordType

enum TLSRecordType : Enum<TLSRecordType>

TLS record type with it's numeric code

TLSVersion

enum TLSVersion : Enum<TLSVersion>

TLS version

Functions

addCertificateChain

fun TLSConfigBuilder.addCertificateChain(chain: Array<X509Certificate>, key: PrivateKey)

Add client certificate chain to use.

addKeyStore

@JvmName(name = "addKeyStoreNullablePassword")

fun TLSConfigBuilder.addKeyStore(store: KeyStore, password: CharArray?, alias: String? = null)

Add client certificates from store by using the certificate with specific alias or all certificates, if alias is null.

keysGenerationAlgorithm

fun keysGenerationAlgorithm(algorithm: String): String

takeFrom

expect fun TLSConfigBuilder.takeFrom(other: TLSConfigBuilder)

Append config from other builder.

actual fun TLSConfigBuilder.takeFrom(other: TLSConfigBuilder)

Append config from other builder.

actual fun TLSConfigBuilder.takeFrom(other: TLSConfigBuilder)

Append config from other builder.

tls

suspend fun <ERROR CLASS>.tls(coroutineContext: CoroutineContext): <ERROR CLASS>

Make Socket connection secure with TLS.

suspend fun <ERROR CLASS>.tls(coroutineContext: CoroutineContext, config: TLSConfig): <ERROR CLASS>

expect suspend fun <ERROR CLASS>.tls(coroutineContext: CoroutineContext, config: TLSConfig): <ERROR CLASS>

Make Socket connection secure with TLS using TLSConfig.

suspend fun <ERROR CLASS>.tls(coroutineContext: CoroutineContext, block: TLSConfigBuilder.() -> Unit): <ERROR CLASS>

expect suspend fun <ERROR CLASS>.tls(coroutineContext: CoroutineContext, block: TLSConfigBuilder.() -> Unit): <ERROR CLASS>

Make Socket connection secure with TLS configured with block.

suspend fun Socket.tls(coroutineContext: CoroutineContext, trustManager: X509TrustManager? = null, randomAlgorithm: String = "NativePRNGNonBlocking", cipherSuites: List<CipherSuite> = CIOCipherSuites.SupportedSuites, serverName: String? = null): Socket

Make Socket connection secure with TLS.