SSLSupport


1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one or more
3    *  contributor license agreements.  See the NOTICE file distributed with
4    *  this work for additional information regarding copyright ownership.
5    *  The ASF licenses this file to You under the Apache License, Version 2.0
6    *  (the "License"); you may not use this file except in compliance with
7    *  the License.  You may obtain a copy of the License at
8    *
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   *
11   *  Unless required by applicable law or agreed to in writing, software
12   *  distributed under the License is distributed on an "AS IS" BASIS,
13   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   *  See the License for the specific language governing permissions and
15   *  limitations under the License.
16   */
17  
18  package org.apache.tomcat.util.net;
19  
20  import java.io.IOException  ;
21  
22  /* SSLSupport
23  
24     Interface for SSL-specific functions
25  
26     @author EKR
27  */
28  
29  public interface SSLSupport {
30      /**
31       * The Request attribute key for the cipher suite.
32       */
33      public static final String   CIPHER_SUITE_KEY = "javax.servlet.request.cipher_suite";
34  
35      /**
36       * The Request attribute key for the key size.
37       */
38      public static final String   KEY_SIZE_KEY = "javax.servlet.request.key_size";
39  
40      /**
41       * The Request attribute key for the client certificate chain.
42       */
43      public static final String   CERTIFICATE_KEY = "javax.servlet.request.X509Certificate";
44  
45      /**
46       * The Request attribute key for the session id.
47       * This one is a Tomcat extension to the Servlet spec.
48       */
49      public static final String   SESSION_ID_KEY = "javax.servlet.request.ssl_session";
50  
51      /**
52       * A mapping table to determine the number of effective bits in the key
53       * when using a cipher suite containing the specified cipher name.  The
54       * underlying data came from the TLS Specification (RFC 2246), Appendix C.
55       */
56       static final CipherData ciphers[] = {
57          new CipherData("_WITH_NULL_", 0),
58          new CipherData("_WITH_IDEA_CBC_", 128),
59          new CipherData("_WITH_RC2_CBC_40_", 40),
60          new CipherData("_WITH_RC4_40_", 40),
61          new CipherData("_WITH_RC4_128_", 128),
62          new CipherData("_WITH_DES40_CBC_", 40),
63          new CipherData("_WITH_DES_CBC_", 56),
64          new CipherData("_WITH_3DES_EDE_CBC_", 168)
65      };
66  
67      /**
68       * The cipher suite being used on this connection.
69       */
70      public String   getCipherSuite() throws IOException  ;
71  
72      /**
73       * The client certificate chain (if any).
74       */
75      public Object  [] getPeerCertificateChain()
76          throws IOException  ;
77  
78      /**
79       * The client certificate chain (if any).
80       * @param force If <code>true</code>, then re-negotiate the 
81       *              connection if necessary.
82       */
83      public Object  [] getPeerCertificateChain(boolean force)
84          throws IOException  ;
85  
86      /**
87       * Get the keysize.
88       *
89       * What we're supposed to put here is ill-defined by the
90       * Servlet spec (S 4.7 again). There are at least 4 potential
91       * values that might go here:
92       *
93       * (a) The size of the encryption key
94       * (b) The size of the MAC key
95       * (c) The size of the key-exchange key
96       * (d) The size of the signature key used by the server
97       *
98       * Unfortunately, all of these values are nonsensical.
99       **/
100     public Integer   getKeySize()
101         throws IOException  ;
102 
103     /**
104      * The current session Id.
105      */
106     public String   getSessionId()
107         throws IOException  ;
108     /**
109      * Simple data class that represents the cipher being used, along with the
110      * corresponding effective key size.  The specified phrase must appear in the
111      * name of the cipher suite to be recognized.
112      */
113     
114     final class CipherData {
115     
116         public String   phrase = null;
117     
118         public int keySize = 0;
119     
120         public CipherData(String   phrase, int keySize) {
121             this.phrase = phrase;
122             this.keySize = keySize;
123         }
124     
125     }
126     
127 }
128 
129
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags