1 /* Session.java -- SSL and TLS session data.
2 Copyright (C) 2006 Free Software Foundation, Inc.
4 This file is a part of GNU Classpath.
6 GNU Classpath is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or (at
9 your option) any later version.
11 GNU Classpath is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GNU Classpath; if not, write to the Free Software
18 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
21 Linking this library statically or dynamically with other modules is
22 making a combined work based on this library. Thus, the terms and
23 conditions of the GNU General Public License cover the whole
26 As a special exception, the copyright holders of this library give you
27 permission to link this library with independent modules to produce an
28 executable, regardless of the license terms of these independent
29 modules, and to copy and distribute the resulting executable under
30 terms of your choice, provided that you also meet, for each linked
31 independent module, the terms and conditions of the license of that
32 module. An independent module is a module which is not derived from
33 or based on this library. If you modify this library, you may extend
34 this exception to your version of the library, but you are not
35 obligated to do so. If you do not wish to do so, delete this
36 exception statement from your version. */
39 package gnu.javax.net.ssl.provider;
41 import java.security.SecureRandom;
42 import java.security.cert.Certificate;
43 import java.security.cert.CertificateException;
45 import java.util.Arrays;
46 import java.util.ArrayList;
47 import java.util.Date;
48 import java.util.HashMap;
49 import java.util.List;
51 import java.util.SortedSet;
52 import java.util.TreeSet;
54 import javax.net.ssl.SSLPeerUnverifiedException;
55 import javax.net.ssl.SSLPermission;
56 import javax.net.ssl.SSLSession;
57 import javax.net.ssl.SSLSessionBindingEvent;
58 import javax.net.ssl.SSLSessionBindingListener;
59 import javax.net.ssl.SSLSessionContext;
60 import javax.net.ssl.X509KeyManager;
61 import javax.net.ssl.X509TrustManager;
62 import javax.security.cert.X509Certificate;
64 import gnu.javax.net.ssl.SRPTrustManager;
67 * A generic SSL session implementation for SSL and TLS.
69 final class Session implements SSLSession
72 // Constants and fields.
73 // -------------------------------------------------------------------------
75 private static final SSLPermission GET_SESSION_CONTEXT_PERMISSION =
76 new SSLPermission("getSSLSessionContext");
78 private final long creationTime;
79 private Date lastAccessedTime;
81 Certificate[] localCerts;
82 Certificate[] peerCerts;
83 X509Certificate[] peerCertChain;
86 SessionContext context;
90 CipherSuite cipherSuite;
91 SortedSet enabledProtocols;
92 ProtocolVersion protocol;
94 SRPTrustManager srpTrustManager;
95 X509TrustManager trustManager;
96 X509KeyManager keyManager;
98 SecurityParameters params;
102 // -------------------------------------------------------------------------
106 this(System.currentTimeMillis());
109 Session(long creationTime)
111 peerVerified = false;
113 this.creationTime = creationTime;
114 lastAccessedTime = new Date(0L);
115 values = new HashMap();
116 if (("true").equalsIgnoreCase (Util.getSecurityProperty ("jessie.with.jce")))
117 params = new JCESecurityParameters();
119 params = new GNUSecurityParameters (this);
122 // Public instance methods.
123 // -------------------------------------------------------------------------
125 protected Object clone()
127 Session result = new Session(creationTime);
128 result.lastAccessedTime = lastAccessedTime;
129 result.sessionId = sessionId;
130 result.localCerts = (localCerts != null ? (Certificate[]) localCerts.clone() : null);
131 result.peerCerts = (peerCerts != null ? (Certificate[]) peerCerts.clone() : null);
132 result.peerHost = peerHost;
133 result.peerVerified = peerVerified;
134 result.context = context;
135 result.values = values;
136 result.enabledSuites = new ArrayList(enabledSuites);
137 result.cipherSuite = cipherSuite;
138 result.enabledProtocols = new TreeSet(enabledProtocols);
139 result.protocol = protocol;
140 result.masterSecret = masterSecret;
141 result.keyManager = keyManager;
142 result.srpTrustManager = srpTrustManager;
143 result.trustManager = trustManager;
144 result.random = random;
148 public String getCipherSuite()
150 return cipherSuite.toString();
153 public long getCreationTime()
158 public byte[] getId()
160 return (sessionId != null ? sessionId.getId() : null);
163 public long getLastAccessedTime()
165 return lastAccessedTime.getTime();
168 public Certificate[] getLocalCertificates()
170 return (Certificate[]) (localCerts != null ? localCerts.clone() : null);
173 public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException
177 throw new SSLPeerUnverifiedException("peer not verified");
179 return (Certificate[]) (peerCerts != null ? peerCerts.clone() : null);
182 public X509Certificate[] getPeerCertificateChain()
183 throws SSLPeerUnverifiedException
187 throw new SSLPeerUnverifiedException("peer not verified");
189 if (peerCerts == null)
193 if (peerCertChain != null)
195 return (X509Certificate[]) peerCertChain.clone();
199 peerCertChain = new X509Certificate[peerCerts.length];
200 for (int i = 0; i < peerCerts.length; i++)
202 peerCertChain[i] = X509Certificate.getInstance(peerCerts[i].getEncoded());
204 return (X509Certificate[]) peerCertChain.clone();
206 catch (javax.security.cert.CertificateException ce)
210 catch (CertificateException ce2)
216 public String getPeerHost()
221 public String getProtocol()
223 return protocol.toString();
226 public SSLSessionContext getSessionContext()
228 SecurityManager sm = System.getSecurityManager();
231 sm.checkPermission(GET_SESSION_CONTEXT_PERMISSION);
236 public String[] getValueNames()
238 Set names = values.keySet();
239 return (String[]) names.toArray(new String[names.size()]);
242 public Object getValue(String name)
244 return values.get(name);
247 public void putValue(String name, Object value)
249 values.put(name, value);
250 if (value instanceof SSLSessionBindingListener)
252 ((SSLSessionBindingListener) value).valueBound(
253 new SSLSessionBindingEvent(this, name));
257 public void removeValue(String name)
259 Object value = values.remove(name);
260 if (value != null && (value instanceof SSLSessionBindingListener))
262 ((SSLSessionBindingListener) value).valueUnbound(
263 new SSLSessionBindingEvent(this, name));
267 public void invalidate()
269 if (masterSecret != null)
271 for (int i = 0; i < masterSecret.length; i++)
280 synchronized void access()
282 lastAccessedTime.setTime(System.currentTimeMillis());
283 context.notifyAccess(this);
286 void setLastAccessedTime(long lastAccessedTime)
288 this.lastAccessedTime.setTime(lastAccessedTime);
292 // -------------------------------------------------------------------------
295 * A byte array with appropriate <code>equals()</code>,
296 * <code>hashCode()</code>, and <code>compareTo()</code> semantics.
298 static final class ID implements Comparable
302 // -----------------------------------------------------------------------
304 /** The ID itself. */
305 private final byte[] id;
308 // -----------------------------------------------------------------------
313 * @param id The ID. The array is not cloned.
319 throw new IllegalArgumentException();
325 // -----------------------------------------------------------------------
327 public byte[] getId()
329 return (byte[]) id.clone();
332 public boolean equals(Object other)
334 if (other == null || !(other instanceof ID))
338 return Arrays.equals(id, ((ID) other).id);
341 public int hashCode()
344 for (int i = 0; i < id.length; i++)
346 code |= (id[i] & 0xFF) << ((i & 3) << 3);
351 public int compareTo(Object other)
353 if (other == null || !(other instanceof ID))
357 byte[] id2 = ((ID) other).id;
358 if (id.length != id2.length)
360 return (id.length < id2.length) ? -1 : 1;
362 for (int i = 0; i < id.length; i++)
368 else if (id[i] > id2[i])
376 public String toString()
378 return Util.toHexString(id, ':');