Package io.undertow.server
Interface SSLSessionInfo
- All Known Implementing Classes:
BasicSSLSessionInfo
,ConnectionSSLSessionInfo
public interface SSLSessionInfo
SSL session information.
- Author:
- Stuart Douglas
-
Method Summary
Modifier and TypeMethodDescriptionstatic int
calculateKeySize
(String cipherSuite) Given the name of a TLS/SSL cipher suite, return an int representing it effective stream cipher key strength.default int
Deprecated.Gets the peer certificates.byte[]
void
renegotiate
(HttpServerExchange exchange, org.xnio.SslClientAuthMode sslClientAuthMode) Renegotiate in a blocking manner.
-
Method Details
-
calculateKeySize
Given the name of a TLS/SSL cipher suite, return an int representing it effective stream cipher key strength. i.e. How much entropy material is in the key material being fed into the encryption routines.TLS 1.3 https://wiki.openssl.org/index.php/TLS1.3
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
- Parameters:
cipherSuite
- String name of the TLS cipher suite.- Returns:
- int indicating the effective key entropy bit-length.
-
getSessionId
byte[] getSessionId()- Returns:
- The SSL session ID, or null if this could not be determined.
-
getCipherSuite
String getCipherSuite() -
getKeySize
default int getKeySize() -
getPeerCertificates
Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException, RenegotiationRequiredExceptionGets the peer certificates. This may force SSL renegotiation.- Returns:
- The peer certificates
- Throws:
SSLPeerUnverifiedException
RenegotiationRequiredException
- If the session
-
getPeerCertificateChain
@Deprecated X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException, RenegotiationRequiredExceptionDeprecated.in favor ofgetPeerCertificates()
becauseSSLSession.getPeerCertificateChain()
throws java 15.This method is no longer supported on java 15 and should be avoided. -
renegotiate
void renegotiate(HttpServerExchange exchange, org.xnio.SslClientAuthMode sslClientAuthMode) throws IOException Renegotiate in a blocking manner. This will set the client aut TODO: we also need a non-blocking version- Parameters:
exchange
- The exchangesslClientAuthMode
- The client cert mode to use when renegotiating- Throws:
IOException
-
getSSLSession
SSLSession getSSLSession()- Returns:
- The SSL session, or null if it is not applicable
-
getPeerCertificates()
becauseSSLSession.getPeerCertificateChain()
throws java 15.