Package org.apache.tomcat.util.net.jsse

Class JSSESupport

  • All Implemented Interfaces:
    SSLSessionManager, SSLSupport
    public class JSSESupport
extends java.lang.Object
implements SSLSupport, SSLSessionManager
    JSSESupport. Concrete implementation class for JSSE Support classes.
    Author:
    EKR, Craig R. McClanahan Parts cribbed from JSSECertCompat Parts cribbed from CertificatesValve

    • Constructor Detail

      • JSSESupport

        @Deprecated
public JSSESupport​(javax.net.ssl.SSLSession session)
        Deprecated.
        This will be removed in Tomcat 10.1.x onwards Use JSSESupport(SSLSession, Map)
        Parameters:
        session - SSLSession from which information is to be extracted

      • JSSESupport

        public JSSESupport​(javax.net.ssl.SSLSession session,
                   java.util.Map<java.lang.String,​java.util.List<java.lang.String>> additionalAttributes)

    • Method Detail

      • getCipherSuite

        public java.lang.String getCipherSuite()
                                throws java.io.IOException
        Description copied from interface: SSLSupport
        The cipher suite being used on this connection.
        Specified by:
        getCipherSuite in interface SSLSupport
        Returns:
        The name of the cipher suite as returned by the SSL/TLS implementation
        Throws:
        java.io.IOException - If an error occurs trying to obtain the cipher suite

      • getLocalCertificateChain

        public java.security.cert.X509Certificate[] getLocalCertificateChain()
        Description copied from interface: SSLSupport
        The server certificate chain (if any) that were sent to the peer.
        Specified by:
        getLocalCertificateChain in interface SSLSupport
        Returns:
        The certificate chain sent with the server certificate first, followed by those of any certificate authorities

      • getPeerCertificateChain

        public java.security.cert.X509Certificate[] getPeerCertificateChain()
                                                             throws java.io.IOException
        Description copied from interface: SSLSupport
        The client certificate chain (if any).
        Specified by:
        getPeerCertificateChain in interface SSLSupport
        Returns:
        The certificate chain presented by the client with the peer's certificate first, followed by those of any certificate authorities
        Throws:
        java.io.IOException - If an error occurs trying to obtain the certificate chain

      • getKeySize

        public java.lang.Integer getKeySize()
                             throws java.io.IOException
        Get the keysize. What we're supposed to put here is ill-defined by the Servlet spec (S 4.7 again). There are at least 4 potential values that might go here: (a) The size of the encryption key (b) The size of the MAC key (c) The size of the key-exchange key (d) The size of the signature key used by the server Unfortunately, all of these values are nonsensical.

        This returns the effective bits for the current cipher suite.

        Specified by:
        getKeySize in interface SSLSupport
        Returns:
        The effective key size for the current cipher suite
        Throws:
        java.io.IOException - If an error occurs trying to obtain the key size

      • getSessionId

        public java.lang.String getSessionId()
                              throws java.io.IOException
        Description copied from interface: SSLSupport
        The current session Id.
        Specified by:
        getSessionId in interface SSLSupport
        Returns:
        The current SSL/TLS session ID
        Throws:
        java.io.IOException - If an error occurs trying to obtain the session ID

      • setSession

        public void setSession​(javax.net.ssl.SSLSession session)

      • invalidateSession

        public void invalidateSession()
        Invalidate the session this support object is associated with.
        Specified by:
        invalidateSession in interface SSLSessionManager

      • getProtocol

        public java.lang.String getProtocol()
                             throws java.io.IOException
        Specified by:
        getProtocol in interface SSLSupport
        Returns:
        the protocol String indicating how the SSL socket was created e.g. TLSv1 or TLSv1.2 etc.
        Throws:
        java.io.IOException - If an error occurs trying to obtain the protocol information from the socket

      • getRequestedProtocols

        public java.lang.String getRequestedProtocols()
                                       throws java.io.IOException
        Specified by:
        getRequestedProtocols in interface SSLSupport
        Returns:
        the list of SSL/TLS protocol versions requested by the client
        Throws:
        java.io.IOException - If an error occurs trying to obtain the client requested protocol information from the socket

      • getRequestedCiphers

        public java.lang.String getRequestedCiphers()
                                     throws java.io.IOException
        Specified by:
        getRequestedCiphers in interface SSLSupport
        Returns:
        the list of SSL/TLS ciphers requested by the client
        Throws:
        java.io.IOException - If an error occurs trying to obtain the client request cipher information from the socket