public interface SecureDatagramConnection extends UDPDatagramConnection
Secure datagram connections are similar to regular datagram connections except that all datagrams are encrypted using the DTLS protocol.
The parameter string describing the target of a connection takes the following form:
Connector.open a secure datagram connection can be only opened
in "client" mode.
A secure datagram connection for sending to a server:
A secure datagram connection for sending to a server using an IPv6 address:
The port number must be present and is that of the target port; the local port is always dynamically allocated. A receiving port is always opened and security checks occur to insure that the application is allowed by the security policy to listen for and receive secure datagrams.
SecureDatagramConnection follows the behavior of the
and provides the same API semantics with some additional constraints:
Connector.Openwill throw an
receivemethod only returns datagrams that were received from the host, that was used during
Connector.Open. Datagrams from any other host are silently ignored.
getNominalLengthreturns the nominal length of the unencrypted datagram.
getMaximumLengthreturns the maximum length of the unencrypted datagram.
SecureDatagramConnection supports the same connection options as
The following settings can be used during
customize the behavior of the connection.
The minimum protocol version of the DTLS protocol can be selected by using an additional
Protocol value of
Without an explicit choice the connection defaults to the highest version of
the DTLS protocol as available on the platform.
Customized behavior, such as the selection of a certificate or a cipher suite
can be achieved by using additional
as listed below.
The table lists all possible names for protocols and cipher suites;
the set of supported protocols and cipher suites are platform-dependent.
On any attempts to use a protocol unsupported by the platform or if none of the
selected cipher suites can be used for the connection,
fails with a
|"Certificate"||String||Subject distinguished name||Example: "cn=Duke Inc,dc=example,dc=com"|
|"Protocol"||String||"DTLS1.0", "DTLS1.2"||The protocol parameter is case insensitive, only one protocol option is permitted. It denotes the minimum requested protocol version.|
|"CipherSuite"||String||Those String values in the "Description" column of the TLS Cipher Suite Registry table at http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml, where the column "DTLS-OK" contains "Y".||Multiple cipher suites may be specified in one
Certificate is used to supply a string containing the Subject distinguished name
of the X.509 certificate in the string representation defined by clause 3 of
If the secure connection cannot be established due to errors related to certificates, a
CertificateException is thrown.
Options with invalid values or the use of "server"-mode options on a "client"
connection must result in
to be thrown from
|Modifier and Type||Method and Description|
Return the security information associated with this connection when it was opened.
getAccessPoint, getMaximumLength, getNominalLength, newDatagram, newDatagram, newDatagram, newDatagram, receive, send
SecurityInfo getSecurityInfo() throws java.io.IOException
java.io.IOException- if an arbitrary connection failure occurs
Copyright (c) 2014, Oracle and/or its affiliates. All Rights Reserved. Use of this specification is subject to license terms.