Package org.conscrypt

Class NativeSslSession

  • Direct Known Subclasses:
    NativeSslSession.Impl

    abstract class NativeSslSession
    extends java.lang.Object
    A utility wrapper that abstracts operations on the underlying native SSL_SESSION instance. This is abstract only to support mocking for tests.
    • Field Detail

      • logger

        private static final java.util.logging.Logger logger
    • Constructor Detail

      • NativeSslSession

        NativeSslSession()
    • Method Detail

      • newInstance

        static NativeSslSession newInstance​(NativeRef.SSL_SESSION ref,
                                            ConscryptSession session)
                                     throws javax.net.ssl.SSLPeerUnverifiedException
        Creates a new instance. Since BoringSSL does not provide an API to get access to all session information via the SSL_SESSION, we get some values (e.g. peer certs) from the ConscryptSession instead (i.e. the SSL object).
        Throws:
        javax.net.ssl.SSLPeerUnverifiedException
      • getOcspResponse

        private static byte[] getOcspResponse​(ConscryptSession session)
      • newInstance

        static NativeSslSession newInstance​(AbstractSessionContext context,
                                            byte[] data,
                                            java.lang.String host,
                                            int port)
        Creates a new NativeSslSession instance from the provided serialized bytes, which were generated by toBytes().
        Returns:
        The new instance if successful. If unable to parse the bytes for any reason, returns null.
      • getId

        abstract byte[] getId()
      • isValid

        abstract boolean isValid()
      • isSingleUse

        abstract boolean isSingleUse()
        Returns whether this session should only ever be used for resumption once.
      • offerToResume

        abstract void offerToResume​(NativeSsl ssl)
                             throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • getCipherSuite

        abstract java.lang.String getCipherSuite()
      • getProtocol

        abstract java.lang.String getProtocol()
      • getPeerHost

        abstract java.lang.String getPeerHost()
      • getPeerPort

        abstract int getPeerPort()
      • getPeerOcspStapledResponse

        abstract byte[] getPeerOcspStapledResponse()
        Returns the OCSP stapled response. The returned array is not copied; the caller must either not modify the returned array or make a copy.
        See Also:
        RFC 6066, RFC 6961
      • getPeerSignedCertificateTimestamp

        abstract byte[] getPeerSignedCertificateTimestamp()
        Returns the signed certificate timestamp (SCT) received from the peer. The returned array is not copied; the caller must either not modify the returned array or make a copy.
        See Also:
        RFC 6962
      • toBytes

        abstract byte[] toBytes()
        Converts the given session to bytes.
        Returns:
        session data as bytes or null if the session can't be converted
      • toSSLSession

        abstract javax.net.ssl.SSLSession toSSLSession()
        Converts this object to a SSLSession. The returned session will support only a subset of the SSLSession API.
      • log

        private static void log​(java.lang.Throwable t)
      • checkRemaining

        private static void checkRemaining​(java.nio.ByteBuffer buf,
                                           int length)
                                    throws java.io.IOException
        Throws:
        java.io.IOException