Package io.undertow.server
Interface SSLSessionInfo
-
- All Known Implementing Classes:
BasicSSLSessionInfo
,ConnectionSSLSessionInfo
public interface SSLSessionInfo
SSL session information.- Author:
- Stuart Douglas
-
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Default Methods Deprecated Methods Modifier and Type Method Description static int
calculateKeySize(java.lang.String cipherSuite)
Given the name of a TLS/SSL cipher suite, return an int representing it effective stream cipher key strength.java.lang.String
getCipherSuite()
default int
getKeySize()
javax.security.cert.X509Certificate[]
getPeerCertificateChain()
Deprecated.in favor ofgetPeerCertificates()
becauseSSLSession.getPeerCertificateChain()
throws java 15.java.security.cert.Certificate[]
getPeerCertificates()
Gets the peer certificates.byte[]
getSessionId()
javax.net.ssl.SSLSession
getSSLSession()
void
renegotiate(HttpServerExchange exchange, org.xnio.SslClientAuthMode sslClientAuthMode)
Renegotiate in a blocking manner.
-
-
-
Method Detail
-
calculateKeySize
static int calculateKeySize(java.lang.String cipherSuite)
Given the name of a TLS/SSL cipher suite, return an int representing it effective stream cipher key strength. i.e. How much entropy material is in the key material being fed into the encryption routines.TLS 1.3 https://wiki.openssl.org/index.php/TLS1.3
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
- Parameters:
cipherSuite
- String name of the TLS cipher suite.- Returns:
- int indicating the effective key entropy bit-length.
-
getSessionId
byte[] getSessionId()
- Returns:
- The SSL session ID, or null if this could not be determined.
-
getCipherSuite
java.lang.String getCipherSuite()
-
getKeySize
default int getKeySize()
-
getPeerCertificates
java.security.cert.Certificate[] getPeerCertificates() throws javax.net.ssl.SSLPeerUnverifiedException, RenegotiationRequiredException
Gets the peer certificates. This may force SSL renegotiation.- Returns:
- The peer certificates
- Throws:
javax.net.ssl.SSLPeerUnverifiedException
RenegotiationRequiredException
- If the session
-
getPeerCertificateChain
@Deprecated(since="2.2.3", forRemoval=false) javax.security.cert.X509Certificate[] getPeerCertificateChain() throws javax.net.ssl.SSLPeerUnverifiedException, RenegotiationRequiredException
Deprecated.in favor ofgetPeerCertificates()
becauseSSLSession.getPeerCertificateChain()
throws java 15.This method is no longer supported on java 15 and should be avoided.- Throws:
javax.net.ssl.SSLPeerUnverifiedException
RenegotiationRequiredException
- See Also:
SSLSession.getPeerCertificateChain()
-
renegotiate
void renegotiate(HttpServerExchange exchange, org.xnio.SslClientAuthMode sslClientAuthMode) throws java.io.IOException
Renegotiate in a blocking manner. This will set the client aut TODO: we also need a non-blocking version- Parameters:
exchange
- The exchangesslClientAuthMode
- The client cert mode to use when renegotiating- Throws:
java.io.IOException
-
getSSLSession
javax.net.ssl.SSLSession getSSLSession()
- Returns:
- The SSL session, or null if it is not applicable
-
-