Package org.apache.tomcat.util.net

Interface SSLSupport

  • All Known Implementing Classes:
    JSSESupport
    public interface SSLSupport
    Defines an interface to interact with SSL sessions.

    • Field Detail

      • CIPHER_SUITE_KEY

        static final String CIPHER_SUITE_KEY
        The Request attribute key for the cipher suite.
        See Also:
        Constant Field Values

      • CERTIFICATE_KEY

        static final String CERTIFICATE_KEY
        The Request attribute key for the client certificate chain.
        See Also:
        Constant Field Values

      • SESSION_ID_KEY

        static final String SESSION_ID_KEY
        The Request attribute key for the session id. This one is a Tomcat extension to the Servlet spec.
        See Also:
        Constant Field Values

      • SESSION_MGR

        static final String SESSION_MGR
        The request attribute key for the session manager. This one is a Tomcat extension to the Servlet spec.
        See Also:
        Constant Field Values

      • PROTOCOL_VERSION_KEY

        static final String PROTOCOL_VERSION_KEY
        The request attribute key under which the String indicating the protocol that created the SSL socket is recorded - e.g. TLSv1 or TLSv1.2 etc.
        See Also:
        Constant Field Values

      • REQUESTED_CIPHERS_KEY

        static final String REQUESTED_CIPHERS_KEY
        The request attribute key under which the String indicating the ciphers requested by the client are recorded.
        See Also:
        Constant Field Values

      • REQUESTED_PROTOCOL_VERSIONS_KEY

        static final String REQUESTED_PROTOCOL_VERSIONS_KEY
        The request attribute key under which the String indicating the protocols requested by the client are recorded.
        See Also:
        Constant Field Values

    • Method Detail

      • getCipherSuite

        String getCipherSuite()
               throws IOException
        The cipher suite being used on this connection.
        Returns:
        The name of the cipher suite as returned by the SSL/TLS implementation
        Throws:
        IOException - If an error occurs trying to obtain the cipher suite

      • getPeerCertificateChain

        X509Certificate[] getPeerCertificateChain()
                                   throws IOException
        The client certificate chain (if any).
        Returns:
        The certificate chain presented by the client with the peer's certificate first, followed by those of any certificate authorities
        Throws:
        IOException - If an error occurs trying to obtain the certificate chain

      • getLocalCertificateChain

        default X509Certificate[] getLocalCertificateChain()
        The server certificate chain (if any) that were sent to the peer.
        Returns:
        The certificate chain sent with the server certificate first, followed by those of any certificate authorities

      • getKeySize

        Integer getKeySize()
            throws IOException
        Get the keysize. What we're supposed to put here is ill-defined by the Servlet spec (S 4.7 again). There are at least 4 potential values that might go here: (a) The size of the encryption key (b) The size of the MAC key (c) The size of the key-exchange key (d) The size of the signature key used by the server Unfortunately, all of these values are nonsensical.
        Returns:
        The effective key size for the current cipher suite
        Throws:
        IOException - If an error occurs trying to obtain the key size

      • getSessionId

        String getSessionId()
             throws IOException
        The current session Id.
        Returns:
        The current SSL/TLS session ID
        Throws:
        IOException - If an error occurs trying to obtain the session ID

      • getProtocol

        String getProtocol()
            throws IOException
        Returns:
        the protocol String indicating how the SSL socket was created e.g. TLSv1 or TLSv1.2 etc.
        Throws:
        IOException - If an error occurs trying to obtain the protocol information from the socket

      • getRequestedProtocols

        String getRequestedProtocols()
                      throws IOException
        Returns:
        the list of SSL/TLS protocol versions requested by the client
        Throws:
        IOException - If an error occurs trying to obtain the client requested protocol information from the socket

      • getRequestedCiphers

        String getRequestedCiphers()
                    throws IOException
        Returns:
        the list of SSL/TLS ciphers requested by the client
        Throws:
        IOException - If an error occurs trying to obtain the client request cipher information from the socket