Package org.apache.tomcat.util.net.jsse
Class JSSESupport
java.lang.Object
org.apache.tomcat.util.net.jsse.JSSESupport
- All Implemented Interfaces:
SSLSessionManager,SSLSupport
JSSESupport.
Concrete implementation class for JSSE Support classes.
- Author:
- EKR, Craig R. McClanahan Parts cribbed from JSSECertCompat Parts cribbed from CertificatesValve
-
Field Summary
Fields inherited from interface org.apache.tomcat.util.net.SSLSupport
CERTIFICATE_KEY, CIPHER_SUITE_KEY, KEY_SIZE_KEY, PROTOCOL_VERSION_KEY, REQUESTED_CIPHERS_KEY, REQUESTED_PROTOCOL_VERSIONS_KEY, SECURE_PROTOCOL_KEY, SESSION_ID_KEY, SESSION_MGR -
Constructor Summary
ConstructorsConstructorDescriptionJSSESupport(SSLSession session, Map<String, List<String>> additionalAttributes) -
Method Summary
Modifier and TypeMethodDescriptionThe cipher suite being used on this connection.Get the keysize.The server certificate chain (if any) that were sent to the peer.The client certificate chain (if any).The current session Id.voidInvalidate the session this support object is associated with.voidsetSession(SSLSession session)
-
Constructor Details
-
JSSESupport
-
-
Method Details
-
getCipherSuite
Description copied from interface:SSLSupportThe cipher suite being used on this connection.- Specified by:
getCipherSuitein interfaceSSLSupport- Returns:
- The name of the cipher suite as returned by the SSL/TLS implementation
- Throws:
IOException- If an error occurs trying to obtain the cipher suite
-
getLocalCertificateChain
Description copied from interface:SSLSupportThe server certificate chain (if any) that were sent to the peer.- Specified by:
getLocalCertificateChainin interfaceSSLSupport- Returns:
- The certificate chain sent with the server certificate first, followed by those of any certificate authorities
-
getPeerCertificateChain
Description copied from interface:SSLSupportThe client certificate chain (if any).- Specified by:
getPeerCertificateChainin interfaceSSLSupport- Returns:
- The certificate chain presented by the client with the peer's certificate first, followed by those of any certificate authorities
- Throws:
IOException- If an error occurs trying to obtain the certificate chain
-
getKeySize
Get the keysize. What we're supposed to put here is ill-defined by the Servlet spec (S 4.7 again). There are at least 4 potential values that might go here: (a) The size of the encryption key (b) The size of the MAC key (c) The size of the key-exchange key (d) The size of the signature key used by the server Unfortunately, all of these values are nonsensical.This returns the effective bits for the current cipher suite.
- Specified by:
getKeySizein interfaceSSLSupport- Returns:
- The effective key size for the current cipher suite
- Throws:
IOException- If an error occurs trying to obtain the key size
-
getSessionId
Description copied from interface:SSLSupportThe current session Id.- Specified by:
getSessionIdin interfaceSSLSupport- Returns:
- The current SSL/TLS session ID
- Throws:
IOException- If an error occurs trying to obtain the session ID
-
setSession
-
invalidateSession
public void invalidateSession()Invalidate the session this support object is associated with.- Specified by:
invalidateSessionin interfaceSSLSessionManager
-
getProtocol
- Specified by:
getProtocolin interfaceSSLSupport- Returns:
- the protocol String indicating how the SSL socket was created e.g. TLSv1 or TLSv1.2 etc.
- Throws:
IOException- If an error occurs trying to obtain the protocol information from the socket
-
getRequestedProtocols
- Specified by:
getRequestedProtocolsin interfaceSSLSupport- Returns:
- the list of SSL/TLS protocol versions requested by the client
- Throws:
IOException- If an error occurs trying to obtain the client requested protocol information from the socket
-
getRequestedCiphers
- Specified by:
getRequestedCiphersin interfaceSSLSupport- Returns:
- the list of SSL/TLS ciphers requested by the client
- Throws:
IOException- If an error occurs trying to obtain the client request cipher information from the socket
-