Package org.apache.tomcat.util.net

Interface SSLSupport

All Known Implementing Classes:
AprSSLSupport, JSSESupport
public interface SSLSupport
Defines an interface to interact with SSL sessions.

  • Field Details

    • CIPHER_SUITE_KEY

      static final String CIPHER_SUITE_KEY
      The Request attribute key for the cipher suite.
      See Also:

    • KEY_SIZE_KEY

      static final String KEY_SIZE_KEY
      The Request attribute key for the key size.
      See Also:

    • CERTIFICATE_KEY

      static final String CERTIFICATE_KEY
      The Request attribute key for the client certificate chain.
      See Also:

    • SESSION_ID_KEY

      static final String SESSION_ID_KEY
      The Request attribute key for the session id. This one is a Tomcat extension to the Servlet spec.
      See Also:

    • SESSION_MGR

      static final String SESSION_MGR
      The request attribute key for the session manager. This one is a Tomcat extension to the Servlet spec.
      See Also:

    • PROTOCOL_VERSION_KEY

      static final String PROTOCOL_VERSION_KEY
      The request attribute key under which the String indicating the protocol that created the SSL socket is recorded - e.g. TLSv1 or TLSv1.2 etc.
      See Also:

    • REQUESTED_CIPHERS_KEY

      static final String REQUESTED_CIPHERS_KEY
      The request attribute key under which the String indicating the ciphers requested by the client are recorded.
      See Also:

    • REQUESTED_PROTOCOL_VERSIONS_KEY

      static final String REQUESTED_PROTOCOL_VERSIONS_KEY
      The request attribute key under which the String indicating the protocols requested by the client are recorded.
      See Also:

  • Method Details

    • getCipherSuite

      String getCipherSuite() throws IOException
      The cipher suite being used on this connection.
      Returns:
      The name of the cipher suite as returned by the SSL/TLS implementation
      Throws:
      IOException - If an error occurs trying to obtain the cipher suite

    • getPeerCertificateChain

      X509Certificate[] getPeerCertificateChain() throws IOException
      The client certificate chain (if any).
      Returns:
      The certificate chain presented by the client with the peer's certificate first, followed by those of any certificate authorities
      Throws:
      IOException - If an error occurs trying to obtain the certificate chain

    • getLocalCertificateChain

      default X509Certificate[] getLocalCertificateChain()
      The server certificate chain (if any) that were sent to the peer.
      Returns:
      The certificate chain sent with the server certificate first, followed by those of any certificate authorities

    • getKeySize

      Integer getKeySize() throws IOException
      Get the keysize. What we're supposed to put here is ill-defined by the Servlet spec (S 4.7 again). There are at least 4 potential values that might go here: (a) The size of the encryption key (b) The size of the MAC key (c) The size of the key-exchange key (d) The size of the signature key used by the server Unfortunately, all of these values are nonsensical.
      Returns:
      The effective key size for the current cipher suite
      Throws:
      IOException - If an error occurs trying to obtain the key size

    • getSessionId

      String getSessionId() throws IOException
      The current session Id.
      Returns:
      The current SSL/TLS session ID
      Throws:
      IOException - If an error occurs trying to obtain the session ID

    • getProtocol

      String getProtocol() throws IOException
      Returns:
      the protocol String indicating how the SSL socket was created e.g. TLSv1 or TLSv1.2 etc.
      Throws:
      IOException - If an error occurs trying to obtain the protocol information from the socket

    • getRequestedProtocols

      String getRequestedProtocols() throws IOException
      Returns:
      the list of SSL/TLS protocol versions requested by the client
      Throws:
      IOException - If an error occurs trying to obtain the client requested protocol information from the socket

    • getRequestedCiphers

      String getRequestedCiphers() throws IOException
      Returns:
      the list of SSL/TLS ciphers requested by the client
      Throws:
      IOException - If an error occurs trying to obtain the client request cipher information from the socket