Package org.apache.tomcat.util.net.jsse

Class JSSESupport

java.lang.Object

org.apache.tomcat.util.net.jsse.JSSESupport

All Implemented Interfaces:

SSLSessionManager, SSLSupport

public class JSSESupport
extends java.lang.Object
implements SSLSupport, SSLSessionManager

JSSESupport. Concrete implementation class for JSSE Support classes.

Author:

EKR, Craig R. McClanahan Parts cribbed from JSSECertCompat Parts cribbed from CertificatesValve

Field Summary

Fields inherited from interface org.apache.tomcat.util.net.SSLSupport

CERTIFICATE_KEY, CIPHER_SUITE_KEY, KEY_SIZE_KEY, PROTOCOL_VERSION_KEY, REQUESTED_CIPHERS_KEY, REQUESTED_PROTOCOL_VERSIONS_KEY, SESSION_ID_KEY, SESSION_MGR

Constructor Summary

Constructors

Constructor	Description
JSSESupport(javax.net.ssl.SSLSession session)	Deprecated. This will be removed in Tomcat 10.1.x onwards Use JSSESupport(SSLSession, Map)
JSSESupport(javax.net.ssl.SSLSession session, java.util.Map<java.lang.String,java.util.List<java.lang.String>> additionalAttributes)

Method Summary

Modifier and Type	Method	Description
java.lang.String	getCipherSuite()	The cipher suite being used on this connection.
java.lang.Integer	getKeySize()	Get the keysize.
java.security.cert.X509Certificate[]	getPeerCertificateChain()	The client certificate chain (if any).
java.lang.String	getProtocol()
java.lang.String	getRequestedCiphers()
java.lang.String	getRequestedProtocols()
java.lang.String	getSessionId()	The current session Id.
void	invalidateSession()	Invalidate the session this support object is associated with.
void	setSession(javax.net.ssl.SSLSession session)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JSSESupport

@Deprecated
public JSSESupport(javax.net.ssl.SSLSession session)

Deprecated.

This will be removed in Tomcat 10.1.x onwards Use JSSESupport(SSLSession, Map)

Parameters:

session - SSLSession from which information is to be extracted

JSSESupport

public JSSESupport(javax.net.ssl.SSLSession session,
                   java.util.Map<java.lang.String,java.util.List<java.lang.String>> additionalAttributes)

Method Detail

getCipherSuite

public java.lang.String getCipherSuite()
                                throws java.io.IOException

Description copied from interface: SSLSupport

The cipher suite being used on this connection.

Specified by:

getCipherSuite in interface SSLSupport

Returns:

The name of the cipher suite as returned by the SSL/TLS implementation

Throws:

java.io.IOException - If an error occurs trying to obtain the cipher suite

getPeerCertificateChain

public java.security.cert.X509Certificate[] getPeerCertificateChain()
                                                             throws java.io.IOException

Description copied from interface: SSLSupport

The client certificate chain (if any).

Specified by:

getPeerCertificateChain in interface SSLSupport

Returns:

The certificate chain presented by the client with the peer's certificate first, followed by those of any certificate authorities

Throws:

java.io.IOException - If an error occurs trying to obtain the certificate chain

getKeySize

public java.lang.Integer getKeySize()
                             throws java.io.IOException

Get the keysize. What we're supposed to put here is ill-defined by the Servlet spec (S 4.7 again). There are at least 4 potential values that might go here: (a) The size of the encryption key (b) The size of the MAC key (c) The size of the key-exchange key (d) The size of the signature key used by the server Unfortunately, all of these values are nonsensical.

This returns the effective bits for the current cipher suite.

Specified by:

getKeySize in interface SSLSupport

Returns:

The effective key size for the current cipher suite

Throws:

java.io.IOException - If an error occurs trying to obtain the key size

getSessionId

public java.lang.String getSessionId()
                              throws java.io.IOException

Description copied from interface: SSLSupport

The current session Id.

Specified by:

getSessionId in interface SSLSupport

Returns:

The current SSL/TLS session ID

Throws:

java.io.IOException - If an error occurs trying to obtain the session ID

setSession

public void setSession(javax.net.ssl.SSLSession session)

invalidateSession

public void invalidateSession()

Invalidate the session this support object is associated with.

Specified by:

invalidateSession in interface SSLSessionManager

getProtocol

public java.lang.String getProtocol()
                             throws java.io.IOException

Specified by:

getProtocol in interface SSLSupport

Returns:

the protocol String indicating how the SSL socket was created e.g. TLSv1 or TLSv1.2 etc.

Throws:

java.io.IOException - If an error occurs trying to obtain the protocol information from the socket

getRequestedProtocols

public java.lang.String getRequestedProtocols()
                                       throws java.io.IOException

Specified by:

getRequestedProtocols in interface SSLSupport

Returns:

the list of SSL/TLS protocol versions requested by the client

Throws:

java.io.IOException - If an error occurs trying to obtain the client requested protocol information from the socket

getRequestedCiphers

public java.lang.String getRequestedCiphers()
                                     throws java.io.IOException

Specified by:

getRequestedCiphers in interface SSLSupport

Returns:

the list of SSL/TLS ciphers requested by the client

Throws:

java.io.IOException - If an error occurs trying to obtain the client request cipher information from the socket