iaik.security.ssl

Class SupportedEllipticCurves

java.lang.Object

iaik.security.ssl.Extension

iaik.security.ssl.SupportedEllipticCurves

All Implemented Interfaces:

java.lang.Cloneable

Direct Known Subclasses:

SupportedGroups

public class SupportedEllipticCurves
extends Extension
implements java.lang.Cloneable

This class implements the SupportedEllipticCurves (elliptic_curves) TLS extension as specified by RFC 4492, 8422.

Note that RFC 7919, RFC 8446 replace the SupportedEllipticCurves (elliptic_curves) extension by the SupportedGroups (supported_groups) extension to extend it about support for finite field based Diffie-Hellman (DH) key exchange. Although this SupportedEllipticCurves class can still be used for backwards compatibility to former iSaSiLk versions it is recommended to use the SupportedGroups implementation instead of it.

A SupportedEllipticCurves extension might be sent by the client within an extended ClientHello message to tell the server which curves are supported by the client when using an ECC based cipher suite. The server uses the information sent by the client to select an ECC cipher suite in accordance with the elliptic curves supported by the client. The server itself does not send a SupportedEllipticCurves extension.
TLS defines the SupportedEllipticCurves extension as list of named elliptic curves (see RFC 4492):

     enum {
         sect163k1 (1), sect163r1 (2), sect163r2 (3),
         sect193r1 (4), sect193r2 (5), sect233k1 (6),
         sect233r1 (7), sect239k1 (8), sect283k1 (9),
         sect283r1 (10), sect409k1 (11), sect409r1 (12),
         sect571k1 (13), sect571r1 (14), secp160k1 (15),
         secp160r1 (16), secp160r2 (17), secp192k1 (18),
         secp192r1 (19), secp224k1 (20), secp224r1 (21),
         secp256k1 (22), secp256r1 (23), secp384r1 (24),
         secp521r1 (25),
         reserved (0xFE00..0xFEFF),
         arbitrary_explicit_prime_curves(0xFF01),
         arbitrary_explicit_char2_curves(0xFF02),
         (0xFFFF)
     } NamedCurve;
     
     struct {
         NamedCurve elliptic_curve_list<1..2^16-1>
     } EllipticCurveList;
     
 

The client shall send the list of supported elliptic curves in its preference order.

RFC 4492 also specified arbitrary explicit prime curves and aArbitrary explicit char2 curves, but they are deprecated by RFC 8422 and therefore shall not be used anymore. RFC 8422 also deprecates any named curve other than secp256r1 (23), secp384r1 (24), secp521r1 (25) from above and adds support the x25519 and x448 curves:

 enum {
     deprecated(1..22),
     secp256r1 (23), secp384r1 (24), secp521r1 (25),
     x25519(29), x448(30),
     reserved (0xFE00..0xFEFF),
     deprecated(0xFF01..0xFF02),
     (0xFFFF)
 } NamedCurve;
 

In addition to the elliptic curves listed above, iSaSiLk supports the following Brainpool curves from RFC 7027:

      enum {
           brainpoolP256r1(26),
           brainpoolP384r1(27),
           brainpoolP512r1(28)
      } NamedCurve;
 

On the client side, when you create a SupportedEllipticCurves extension object you may explicitly specify the named curves to be included in preference order, e.g. (if you want to use secp192r1 (NIST P-192) and secp256r1 (NIST P-256) and prefer secp192r1):

 // the list of supported elliptic curves
 NamedCurve[] ecList = { SupportedEllipticCurves.NC_PRIME_SECP192R1,
                         SupportedEllipticCurves.NC_PRIME_SECP256R1 };
 // create SupportedEllipticCurves extension                                 
 SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves(ecList);
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedEllipticCurves);
 ...
 // set extensions for the SSLClientContext configuration:
 SSLClientContext clientContext = new SSLClientContext();
 ...
 clientContext.setExtensions(extensions);
 ...
 

Or you may use the default constructor which creates a SupportedEllipticCurves extension containing -- if cryptographically supported -- secp256r1, secp384r1, secp521r1 and x25519 (in that order) as default elliptic curve list:

 // create SupportedEllipticCurves extension
 SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves();
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedEllipticCurves);
 ...
 // set extensions for the SSLClientContext configuration:
 SSLClientContext clientContext = new SSLClientContext();
 ...
 clientContext.setExtensions(extensions);
 ...
 

The critical flag of a client-side SupportedEllipticCurves extension does not have any meaning because the server is not allowed to respond with a SupportedEllipticCurves extension.

On the server side this constructor may be used to indicate support for the SupportedEllipticCurves extension only (the server itself never sends a SupportedEllipticCurves extension):

 // create SupportedEllipticCurves extension
 SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves();
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedEllipticCurves);
 ...
 // set extensions for the SSLServerContext configuration:
 SSLServerContext serverContext = new SSLServerContext();
 ...
 serverContext.setExtensions(extensions);
 ...
 

It is also possible to explicitly specify the named curves to be supported on the server side. In this case the server side curve list will be merged with the curve list received from the client. When having specified to ignore the preference order of the client list the curves are merged in a way to prefer the curve list order of the server. If no common curve can be found the client curve list is taken, except for when having marked this extension as being critical. In this case the handshake will be aborted if client and server cannot agree on another (non-ECC) suite. When using the default constructor to create the a SupportedEllipticCurves extension on the server side the critical flag has no meaning.

Version:

File Revision 37

See Also:

Extension, ExtensionList, SupportedGroups

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	SupportedEllipticCurves.NamedCurve TLS NamedCurve.

Field Summary

Fields

Modifier and Type	Field and Description
static SupportedEllipticCurves.NamedCurve	NC_ARBITRARY_EXPLICIT_CHAR2 Deprecated. shall not be used anymore according to RFC 8422
static SupportedEllipticCurves.NamedCurve	NC_ARBITRARY_EXPLICIT_PRIME Deprecated. shall not be used anymore according to RFC 8422
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT163K1 Named binary curve sect163k1 (NIST K-163).
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT163R1 Named binary curve sect163r1.
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT163R2 Named binary curve sect163r2 (NIST B-163).
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT193R1 Named binary curve sect193r1.
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT193R2 Named binary curve sect193r2.
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT233K1 Named binary curve sect233k1 (NIST K-233).
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT233R1 Named binary curve sect233r1 (NIST B-233).
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT239K1 Named binary curve sect239k1.
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT283K1 Named binary curve sect283k1 (NIST K-283).
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT283R1 Named binary curve sect283r1 (NIST B-283).
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT409K1 Named binary curve sect409k1 (NIST K-409).
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT409R1 Named binary curve sect409r1 (NIST B-409).
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT571K1 Named binary curve sect571k1 (NIST K-571).
static SupportedEllipticCurves.NamedCurve	NC_CHAR2_SECT571R1 Named binary curve sect571r1 (NIST B-571).
static SupportedEllipticCurves.NamedCurve	NC_PRIME_BRAINPOOLP256R1 Named prime Brainpool curve brainpoolP256r1 (RFC 7027).
static SupportedEllipticCurves.NamedCurve	NC_PRIME_BRAINPOOLP384R1 Named prime Brainpool curve brainpoolP384r1 (RFC 7027).
static SupportedEllipticCurves.NamedCurve	NC_PRIME_BRAINPOOLP512R1 Named prime Brainpool curve brainpoolP521r1 (RFC 7027).
static SupportedEllipticCurves.NamedCurve	NC_PRIME_SECP160K1 Named prime curve secp160k1.
static SupportedEllipticCurves.NamedCurve	NC_PRIME_SECP160R1 Named prime curve secp160r1.
static SupportedEllipticCurves.NamedCurve	NC_PRIME_SECP160R2 Named prime curve secp160r2.
static SupportedEllipticCurves.NamedCurve	NC_PRIME_SECP192K1 Named prime curve secp192k1.
static SupportedEllipticCurves.NamedCurve	NC_PRIME_SECP192R1 Named prime curve secp192r1 (NIST P-192, ANSI X9.62 prime192v1).
static SupportedEllipticCurves.NamedCurve	NC_PRIME_SECP224K1 Named prime curve secp224k1.
static SupportedEllipticCurves.NamedCurve	NC_PRIME_SECP224R1 Named prime curve secp224r1 (NIST P-224).
static SupportedEllipticCurves.NamedCurve	NC_PRIME_SECP256K1 Named prime curve secp256k1.
static SupportedEllipticCurves.NamedCurve	NC_PRIME_SECP256R1 Named prime curve secp256r1 (NIST P-256, ANSI X9.62 prime256v1).
static SupportedEllipticCurves.NamedCurve	NC_PRIME_SECP384R1 Named prime curve secp384r1 (NIST P-384).
static SupportedEllipticCurves.NamedCurve	NC_PRIME_SECP521R1 Named prime curve secp521r1 (NIST P-521).
static SupportedEllipticCurves.NamedCurve	NC_X25519 Named prime curve x25519 (RFC 7748).
static SupportedEllipticCurves.NamedCurve	NC_X448 Named prime curve x448 (RFC 7748).
static ExtensionType	TYPE The type (10) of the elliptic_curves extension.

Constructor Summary

Constructors

Constructor and Description
SupportedEllipticCurves() Default Constructor.
SupportedEllipticCurves(SupportedEllipticCurves.NamedCurve[] ellipticCurveList) Creates a SupportedEllipticCurves extension from the given elliptic curve list.

Method Summary

Modifier and Type	Method and Description
java.lang.Object	clone() Returns a clone of this SupportedEllipticCurves extension object.
static SupportedEllipticCurves.NamedCurve[]	getAllRegisteredNamedCurves() Gets all registered named curves.
SupportedEllipticCurves.NamedCurve	getCurve(int id) Checks whether the elliptic curve with the given id is included in this SupportedEllipticCurves extension.
SupportedEllipticCurves.NamedCurve[]	getEllipticCurveList() Gets the list of supported curves included in this SupportedEllipticCurves extension.
static SupportedEllipticCurves.NamedCurve	getRegisteredCurveByID(int id) Gets the registered NamedCurve with the given id.
static SupportedEllipticCurves.NamedCurve	getRegisteredCurveByName(java.lang.String name) Gets the registered NamedCurve with the given name.
static SupportedEllipticCurves.NamedCurve	getRegisteredCurveByOID(java.lang.String oid) Gets the registered NamedCurve with the given oid.
void	setIgnorePeerPreferenceOrder(boolean ignore) Whether to ignore the preference order of the curve list sent by the peer (client) when selecting a curve for the current session.
java.lang.String	toString() Gets a String representation of this SupportedEllipticCurves object.

Methods inherited from class iaik.security.ssl.Extension

getAllowedProtocolVersions, getExtensionType, getName, getType, setCritical

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

TYPE

public static final ExtensionType TYPE

The type (10) of the elliptic_curves extension.

NC_CHAR2_SECT163K1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT163K1

Named binary curve sect163k1 (NIST K-163).

• TLS id: 1
• OID: 1.3.132.0.1
• name: sect163k1

NC_CHAR2_SECT163R1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT163R1

Named binary curve sect163r1.

• TLS id: 2
• OID: 1.3.132.0.2
• name: sect163r1

NC_CHAR2_SECT163R2

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT163R2

Named binary curve sect163r2 (NIST B-163).

• TLS id: 3
• OID: 1.3.132.0.15
• name: sect163r2

NC_CHAR2_SECT193R1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT193R1

Named binary curve sect193r1.

• TLS id: 4
• OID: 1.3.132.0.24
• name: sect193r1

NC_CHAR2_SECT193R2

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT193R2

Named binary curve sect193r2.

• TLS id: 5
• OID: 1.3.132.0.25
• name: sect193r2

NC_CHAR2_SECT233K1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT233K1

Named binary curve sect233k1 (NIST K-233).

• TLS id: 6
• OID: 1.3.132.0.26
• name: sect233k1

NC_CHAR2_SECT233R1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT233R1

Named binary curve sect233r1 (NIST B-233).

• TLS id: 7
• OID: 1.3.132.0.27
• name: sect233r1

NC_CHAR2_SECT239K1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT239K1

Named binary curve sect239k1.

• TLS id: 8
• OID: 1.3.132.0.3
• name: sect239k1

NC_CHAR2_SECT283K1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT283K1

Named binary curve sect283k1 (NIST K-283).

• TLS id: 9
• OID: 1.3.132.0.16
• name: sect283k1

NC_CHAR2_SECT283R1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT283R1

Named binary curve sect283r1 (NIST B-283).

• TLS id: 10
• OID: 1.3.132.0.17
• name: sect283r1

NC_CHAR2_SECT409K1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT409K1

Named binary curve sect409k1 (NIST K-409).

• TLS id: 11
• OID: 1.3.132.0.36
• name: sect409k1

NC_CHAR2_SECT409R1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT409R1

Named binary curve sect409r1 (NIST B-409).

• TLS id: 12
• OID: 1.3.132.0.37
• name: sect409r1

NC_CHAR2_SECT571K1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT571K1

Named binary curve sect571k1 (NIST K-571).

• TLS id: 13
• OID: 1.3.132.0.38
• name: sect571k1

NC_CHAR2_SECT571R1

public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT571R1

Named binary curve sect571r1 (NIST B-571).

• TLS id: 14
• OID: 1.3.132.0.39
• name: sect571r1

NC_PRIME_SECP160K1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP160K1

Named prime curve secp160k1.

• TLS id: 15
• OID: 1.3.132.0.9
• name: secp160k1

NC_PRIME_SECP160R1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP160R1

Named prime curve secp160r1.

• TLS id: 16
• OID: 1.3.132.0.8
• name: secp160r1

NC_PRIME_SECP160R2

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP160R2

Named prime curve secp160r2.

• TLS id: 17
• OID: 1.3.132.0.30
• name: secp160r2

NC_PRIME_SECP192K1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP192K1

Named prime curve secp192k1.

• TLS id: 18
• OID: 1.3.132.0.31
• name: secp192k1

NC_PRIME_SECP192R1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP192R1

Named prime curve secp192r1 (NIST P-192, ANSI X9.62 prime192v1).

• TLS id: 19
• OID: 1.2.840.10045.3.1.1
• name: secp192r1

NC_PRIME_SECP224K1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP224K1

Named prime curve secp224k1.

• TLS id: 20
• OID: 1.3.132.0.32
• name: secp224k1

NC_PRIME_SECP224R1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP224R1

Named prime curve secp224r1 (NIST P-224).

• TLS id: 21
• OID: 1.3.132.0.33
• name: secp224r1

NC_PRIME_SECP256K1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP256K1

Named prime curve secp256k1.

• TLS id: 22
• OID: 1.3.132.0.10
• name: secp256k1

NC_PRIME_SECP256R1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP256R1

Named prime curve secp256r1 (NIST P-256, ANSI X9.62 prime256v1).

• TLS id: 23
• OID: 1.2.840.10045.3.1.7
• name: secp256r1

NC_PRIME_SECP384R1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP384R1

Named prime curve secp384r1 (NIST P-384).

• TLS id: 24
• OID: 1.3.132.0.34
• name: secp384r1

NC_PRIME_SECP521R1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP521R1

Named prime curve secp521r1 (NIST P-521).

• TLS id: 25
• OID: 1.3.132.0.35
• name: secp521r1

NC_X25519

public static final SupportedEllipticCurves.NamedCurve NC_X25519

Named prime curve x25519 (RFC 7748).

• TLS id: 29
• OID: 1.3.101.110
• name: x25519

NC_X448

public static final SupportedEllipticCurves.NamedCurve NC_X448

Named prime curve x448 (RFC 7748).

• TLS id: 30
• OID: 1.3.101.111
• name: x448

NC_ARBITRARY_EXPLICIT_PRIME

public static final SupportedEllipticCurves.NamedCurve NC_ARBITRARY_EXPLICIT_PRIME

Deprecated. shall not be used anymore according to RFC 8422

Named prime curve place holder arbitrary_explicit_prime_curves. Indicates support for arbitrary prime curves (the curve parameters must be encoded explicitly in ECParameters).

• TLS id: 65281 (0xFF01)
• OID: -
• name: arbitrary_explicit_prime_curves

NC_ARBITRARY_EXPLICIT_CHAR2

public static final SupportedEllipticCurves.NamedCurve NC_ARBITRARY_EXPLICIT_CHAR2

Deprecated. shall not be used anymore according to RFC 8422

Named binary curve place holder arbitrary_explicit_char2_curves. Indicates support for arbitrary characteristic-2 curves (the curve parameters must be encoded explicitly in ECParameters).

• TLS id: 65282 (0xFF02)
• OID: -
• name: arbitrary_explicit_char2_curves

NC_PRIME_BRAINPOOLP256R1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_BRAINPOOLP256R1

Named prime Brainpool curve brainpoolP256r1 (RFC 7027).

• TLS id: 26
• OID: 1.3.36.3.3.2.8.1.1.7
• name: brainpoolP256r1

NC_PRIME_BRAINPOOLP384R1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_BRAINPOOLP384R1

Named prime Brainpool curve brainpoolP384r1 (RFC 7027).

• TLS id: 26
• OID: 1.3.36.3.3.2.8.1.1.11
• name: brainpoolP384r1

NC_PRIME_BRAINPOOLP512R1

public static final SupportedEllipticCurves.NamedCurve NC_PRIME_BRAINPOOLP512R1

Named prime Brainpool curve brainpoolP521r1 (RFC 7027).

• TLS id: 28
• OID: 1.3.36.3.3.2.8.1.1.13
• name: brainpoolP512r1

Constructor Detail

SupportedEllipticCurves

public SupportedEllipticCurves()

Default Constructor. Creates a new SupportedEllipticCurves extension containing -- if cryptographically supported -- secp256r1, secp384r1, secp521r1 and x25519 (in that order) as default elliptic curve list.
This constructor may be used on the client side if the client wants to use ECC based cipher suites with any of the four elliptic curves secp256r1, secp384r1, secp521r1 or x25519:

 // create SupportedEllipticCurves extension
 SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves();
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedEllipticCurves);
 ...
 // set extensions for the SSLClientContext configuration:
 SSLClientContext clientContext = new SSLClientContext();
 ...
 clientContext.setExtensions(extensions);
 ...
 

On the server side this constructor may be used to indicate support for the SupportedEllipticCurves extension only (the server itself never sends a SupportedEllipticCurves extension):

 // create SupportedEllipticCurves extension
 SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves();
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedEllipticCurves);
 ...
 // set extensions for the SSLServerContext configuration:
 SSLServerContext serverContext = new SSLServerContext();
 ...
 serverContext.setExtensions(extensions);
 ...
 

SupportedEllipticCurves

public SupportedEllipticCurves(SupportedEllipticCurves.NamedCurve[] ellipticCurveList)

Creates a SupportedEllipticCurves extension from the given elliptic curve list.
This constructor may be used on the client side to specify which elliptic curves the client wants to use with ECC based cipher suites. The elliptic curves shall be listed in preference order. For instance, a client that wants to use secp192r1 (NIST P-192) and secp256r1 (NIST P-256) and prefers secp192r1 will configure the SSLClientContext with the following SupportedEllipticCurves extension:

 // the list of supported elliptic curves
 NamedCurve[] ecList = { SupportedEllipticCurves.NC_PRIME_SECP192R1,
                         SupportedEllipticCurves.NC_PRIME_SECP256R1 };
 // create SupportedEllipticCurves extension                                 
 SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves(ecList);
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedEllipticCurves);
 ...
 // set extensions for the SSLClientContext configuration:
 SSLClientContext clientContext = new SSLClientContext();
 ...
 clientContext.setExtensions(extensions);
 ...
 

Parameters:

ellipticCurveList - the list of supported elliptic curves in preference order (the ellipticCurveList array is not cloned or copied by this method)

Throws:

java.lang.IllegalArgumentException - if the curve list is empty or any of the given curves is not supported by the installed cryptographic providers

Method Detail

getRegisteredCurveByName

public static final SupportedEllipticCurves.NamedCurve getRegisteredCurveByName(java.lang.String name)

Gets the registered NamedCurve with the given name.

Parameters:

name - the name of the curve

Returns:

the registered NamedCurve, or null if no curve with the given name is registered

getRegisteredCurveByOID

public static final SupportedEllipticCurves.NamedCurve getRegisteredCurveByOID(java.lang.String oid)

Gets the registered NamedCurve with the given oid.

Parameters:

oid - the oid of the curve

Returns:

the registered NamedCurve, or null if no curve with the given oid is registered

getRegisteredCurveByID

public static final SupportedEllipticCurves.NamedCurve getRegisteredCurveByID(int id)

Gets the registered NamedCurve with the given id.

Parameters:

id - the id of the curve

Returns:

the registered NamedCurve, or null if no curve with the given id is registered

getAllRegisteredNamedCurves

public static final SupportedEllipticCurves.NamedCurve[] getAllRegisteredNamedCurves()

Gets all registered named curves.

Returns:

an array of all registered named curves.

getEllipticCurveList

public SupportedEllipticCurves.NamedCurve[] getEllipticCurveList()

Gets the list of supported curves included in this SupportedEllipticCurves extension.

Returns:

the list of supported curves (in preference order) as array of NamedCurve objects; the array maybe null or empty if no curves are included in the list (the returned array is not cloned or copied by this method)

getCurve

public SupportedEllipticCurves.NamedCurve getCurve(int id)

Checks whether the elliptic curve with the given id is included in this SupportedEllipticCurves extension.

Parameters:

id - the TLS id of the curve to be checked

Returns:

the NamedCurve with the given id if it is included, or null if the curve with the given id is not included

setIgnorePeerPreferenceOrder

public void setIgnorePeerPreferenceOrder(boolean ignore)

Whether to ignore the preference order of the curve list sent by the peer (client) when selecting a curve for the current session. By default the curve is selected according to the preference order sent by the client.
This method is only meaningful on the server side since an elliptic_curve extension can only be sent by the client.

Parameters:

ignore - whether to ignore the peer (client) curve list preference order when selecting the curve for the current session

clone

public java.lang.Object clone()

Returns a clone of this SupportedEllipticCurves extension object.

Overrides:

clone in class Extension

Returns:

a clone of this SupportedEllipticCurves extension object

toString

public java.lang.String toString()

Gets a String representation of this SupportedEllipticCurves object.

Specified by:

toString in class Extension

Returns:

a String representation of the SupportedEllipticCurves object