Package org.conscrypt
Class ActiveSession
- java.lang.Object
-
- org.conscrypt.ActiveSession
-
- All Implemented Interfaces:
javax.net.ssl.SSLSession
,ConscryptSession
final class ActiveSession extends java.lang.Object implements ConscryptSession
A session that is dedicated a single connection and operates directly on the underlyingSSL
.
-
-
Field Summary
Fields Modifier and Type Field Description private java.lang.String
applicationProtocol
private long
creationTime
private byte[]
id
private long
lastAccessedTime
private java.security.cert.X509Certificate[]
localCertificates
private javax.security.cert.X509Certificate[]
peerCertificateChain
private byte[]
peerCertificateOcspData
private java.security.cert.X509Certificate[]
peerCertificates
private java.lang.String
peerHost
private int
peerPort
private byte[]
peerTlsSctData
private java.lang.String
protocol
private AbstractSessionContext
sessionContext
private NativeSsl
ssl
-
Constructor Summary
Constructors Constructor Description ActiveSession(NativeSsl ssl, AbstractSessionContext sessionContext)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description private void
checkPeerCertificatesPresent()
Throw SSLPeerUnverifiedException on null or empty peerCertificates arrayprivate void
configurePeer(java.lang.String peerHost, int peerPort, java.security.cert.X509Certificate[] peerCertificates)
int
getApplicationBufferSize()
java.lang.String
getApplicationProtocol()
java.lang.String
getCipherSuite()
long
getCreationTime()
byte[]
getId()
long
getLastAccessedTime()
Returns the last time this SSL session was accessed.java.security.cert.Certificate[]
getLocalCertificates()
java.security.Principal
getLocalPrincipal()
int
getPacketBufferSize()
javax.security.cert.X509Certificate[]
getPeerCertificateChain()
Returns the certificate(s) of the peer in this SSL session used in the handshaking phase of the connection.java.security.cert.X509Certificate[]
getPeerCertificates()
java.lang.String
getPeerHost()
int
getPeerPort()
java.security.Principal
getPeerPrincipal()
byte[]
getPeerSignedCertificateTimestamp()
Returns the signed certificate timestamp (SCT) received from the peer.java.lang.String
getProtocol()
java.lang.String
getRequestedServerName()
javax.net.ssl.SSLSessionContext
getSessionContext()
java.util.List<byte[]>
getStatusResponses()
Returns the OCSP stapled response.java.lang.Object
getValue(java.lang.String name)
java.lang.String[]
getValueNames()
void
invalidate()
boolean
isValid()
(package private) void
onPeerCertificateAvailable(java.lang.String peerHost, int peerPort)
Updates the cached peer certificate after the handshake has completed (or entered False Start).(package private) void
onPeerCertificatesReceived(java.lang.String peerHost, int peerPort, java.security.cert.X509Certificate[] peerCertificates)
Configures the peer information once it has been received by the handshake.void
putValue(java.lang.String name, java.lang.Object value)
void
removeValue(java.lang.String name)
(package private) void
setLastAccessedTime(long accessTimeMillis)
-
-
-
Field Detail
-
ssl
private final NativeSsl ssl
-
sessionContext
private AbstractSessionContext sessionContext
-
id
private byte[] id
-
creationTime
private long creationTime
-
protocol
private java.lang.String protocol
-
applicationProtocol
private java.lang.String applicationProtocol
-
peerHost
private java.lang.String peerHost
-
peerPort
private int peerPort
-
lastAccessedTime
private long lastAccessedTime
-
peerCertificateChain
private volatile javax.security.cert.X509Certificate[] peerCertificateChain
-
localCertificates
private java.security.cert.X509Certificate[] localCertificates
-
peerCertificates
private java.security.cert.X509Certificate[] peerCertificates
-
peerCertificateOcspData
private byte[] peerCertificateOcspData
-
peerTlsSctData
private byte[] peerTlsSctData
-
-
Constructor Detail
-
ActiveSession
ActiveSession(NativeSsl ssl, AbstractSessionContext sessionContext)
-
-
Method Detail
-
getId
public byte[] getId()
- Specified by:
getId
in interfacejavax.net.ssl.SSLSession
-
getSessionContext
public javax.net.ssl.SSLSessionContext getSessionContext()
- Specified by:
getSessionContext
in interfacejavax.net.ssl.SSLSession
-
getCreationTime
public long getCreationTime()
- Specified by:
getCreationTime
in interfacejavax.net.ssl.SSLSession
-
getLastAccessedTime
public long getLastAccessedTime()
Returns the last time this SSL session was accessed. Accessing here is to mean that a new connection with the same SSL context data was established.- Specified by:
getLastAccessedTime
in interfacejavax.net.ssl.SSLSession
- Returns:
- the session's last access time in milliseconds since the epoch
-
setLastAccessedTime
void setLastAccessedTime(long accessTimeMillis)
-
getStatusResponses
public java.util.List<byte[]> getStatusResponses()
Returns the OCSP stapled response. Returns a copy of the internal arrays. The method signature matches Java 9.- Specified by:
getStatusResponses
in interfaceConscryptSession
- See Also:
- RFC 6066, RFC 6961
-
getPeerSignedCertificateTimestamp
public byte[] getPeerSignedCertificateTimestamp()
Returns the signed certificate timestamp (SCT) received from the peer. Returns a copy of the internal array.- Specified by:
getPeerSignedCertificateTimestamp
in interfaceConscryptSession
- See Also:
- RFC 6962
-
getRequestedServerName
public java.lang.String getRequestedServerName()
- Specified by:
getRequestedServerName
in interfaceConscryptSession
-
invalidate
public void invalidate()
- Specified by:
invalidate
in interfacejavax.net.ssl.SSLSession
-
isValid
public boolean isValid()
- Specified by:
isValid
in interfacejavax.net.ssl.SSLSession
-
putValue
public void putValue(java.lang.String name, java.lang.Object value)
- Specified by:
putValue
in interfacejavax.net.ssl.SSLSession
-
getValue
public java.lang.Object getValue(java.lang.String name)
- Specified by:
getValue
in interfacejavax.net.ssl.SSLSession
-
removeValue
public void removeValue(java.lang.String name)
- Specified by:
removeValue
in interfacejavax.net.ssl.SSLSession
-
getValueNames
public java.lang.String[] getValueNames()
- Specified by:
getValueNames
in interfacejavax.net.ssl.SSLSession
-
getPeerCertificates
public java.security.cert.X509Certificate[] getPeerCertificates() throws javax.net.ssl.SSLPeerUnverifiedException
- Specified by:
getPeerCertificates
in interfaceConscryptSession
- Specified by:
getPeerCertificates
in interfacejavax.net.ssl.SSLSession
- Throws:
javax.net.ssl.SSLPeerUnverifiedException
-
getLocalCertificates
public java.security.cert.Certificate[] getLocalCertificates()
- Specified by:
getLocalCertificates
in interfacejavax.net.ssl.SSLSession
-
getPeerCertificateChain
public javax.security.cert.X509Certificate[] getPeerCertificateChain() throws javax.net.ssl.SSLPeerUnverifiedException
Returns the certificate(s) of the peer in this SSL session used in the handshaking phase of the connection. Please notice hat this method is superseded bygetPeerCertificates()
.- Specified by:
getPeerCertificateChain
in interfacejavax.net.ssl.SSLSession
- Returns:
- an array of X509 certificates (the peer's one first and then eventually that of the certification authority) or null if no certificate were used during the SSL connection.
- Throws:
javax.net.ssl.SSLPeerUnverifiedException
- if either a non-X.509 certificate was used (i.e. Kerberos certificates) or the peer could not be verified.
-
getPeerPrincipal
public java.security.Principal getPeerPrincipal() throws javax.net.ssl.SSLPeerUnverifiedException
- Specified by:
getPeerPrincipal
in interfacejavax.net.ssl.SSLSession
- Throws:
javax.net.ssl.SSLPeerUnverifiedException
-
getLocalPrincipal
public java.security.Principal getLocalPrincipal()
- Specified by:
getLocalPrincipal
in interfacejavax.net.ssl.SSLSession
-
getCipherSuite
public java.lang.String getCipherSuite()
- Specified by:
getCipherSuite
in interfacejavax.net.ssl.SSLSession
-
getProtocol
public java.lang.String getProtocol()
- Specified by:
getProtocol
in interfacejavax.net.ssl.SSLSession
-
getPeerHost
public java.lang.String getPeerHost()
- Specified by:
getPeerHost
in interfacejavax.net.ssl.SSLSession
-
getPeerPort
public int getPeerPort()
- Specified by:
getPeerPort
in interfacejavax.net.ssl.SSLSession
-
getPacketBufferSize
public int getPacketBufferSize()
- Specified by:
getPacketBufferSize
in interfacejavax.net.ssl.SSLSession
-
getApplicationBufferSize
public int getApplicationBufferSize()
- Specified by:
getApplicationBufferSize
in interfacejavax.net.ssl.SSLSession
-
getApplicationProtocol
public java.lang.String getApplicationProtocol()
- Specified by:
getApplicationProtocol
in interfaceConscryptSession
-
onPeerCertificatesReceived
void onPeerCertificatesReceived(java.lang.String peerHost, int peerPort, java.security.cert.X509Certificate[] peerCertificates)
Configures the peer information once it has been received by the handshake.
-
configurePeer
private void configurePeer(java.lang.String peerHost, int peerPort, java.security.cert.X509Certificate[] peerCertificates)
-
onPeerCertificateAvailable
void onPeerCertificateAvailable(java.lang.String peerHost, int peerPort) throws java.security.cert.CertificateException
Updates the cached peer certificate after the handshake has completed (or entered False Start).- Throws:
java.security.cert.CertificateException
-
checkPeerCertificatesPresent
private void checkPeerCertificatesPresent() throws javax.net.ssl.SSLPeerUnverifiedException
Throw SSLPeerUnverifiedException on null or empty peerCertificates array- Throws:
javax.net.ssl.SSLPeerUnverifiedException
-
-