Package org.conscrypt

Class NativeSslSession

java.lang.Object
org.conscrypt.NativeSslSession
Direct Known Subclasses:
NativeSslSession.Impl

abstract class NativeSslSession extends Object
A utility wrapper that abstracts operations on the underlying native SSL_SESSION instance. This is abstract only to support mocking for tests.
  • Field Details

    • logger

      private static final Logger logger
  • Constructor Details

    • NativeSslSession

      NativeSslSession()
  • Method Details

    • newInstance

      Creates a new instance. Since BoringSSL does not provide an API to get access to all session information via the SSL_SESSION, we get some values (e.g. peer certs) from the ConscryptSession instead (i.e. the SSL object).
      Throws:
      SSLPeerUnverifiedException
    • getOcspResponse

      private static byte[] getOcspResponse(ConscryptSession session)
    • newInstance

      static NativeSslSession newInstance(AbstractSessionContext context, byte[] data, String host, int port)
      Creates a new NativeSslSession instance from the provided serialized bytes, which were generated by toBytes().
      Returns:
      The new instance if successful. If unable to parse the bytes for any reason, returns null.
    • getId

      abstract byte[] getId()
    • isValid

      abstract boolean isValid()
    • isSingleUse

      abstract boolean isSingleUse()
      Returns whether this session should only ever be used for resumption once.
    • offerToResume

      abstract void offerToResume(NativeSsl ssl) throws SSLException
      Throws:
      SSLException
    • getCipherSuite

      abstract String getCipherSuite()
    • getProtocol

      abstract String getProtocol()
    • getPeerHost

      abstract String getPeerHost()
    • getPeerPort

      abstract int getPeerPort()
    • getPeerOcspStapledResponse

      abstract byte[] getPeerOcspStapledResponse()
      Returns the OCSP stapled response. The returned array is not copied; the caller must either not modify the returned array or make a copy.
      See Also:
    • getPeerSignedCertificateTimestamp

      abstract byte[] getPeerSignedCertificateTimestamp()
      Returns the signed certificate timestamp (SCT) received from the peer. The returned array is not copied; the caller must either not modify the returned array or make a copy.
      See Also:
    • toBytes

      abstract byte[] toBytes()
      Converts the given session to bytes.
      Returns:
      session data as bytes or null if the session can't be converted
    • toSSLSession

      abstract SSLSession toSSLSession()
      Converts this object to a SSLSession. The returned session will support only a subset of the SSLSession API.
    • log

      private static void log(Throwable t)
    • checkRemaining

      private static void checkRemaining(ByteBuffer buf, int length) throws IOException
      Throws:
      IOException