Package io.undertow.server

Interface SSLSessionInfo

    • Method Detail

      • calculateKeySize

        static int calculateKeySize​(java.lang.String cipherSuite)
        Given the name of a TLS/SSL cipher suite, return an int representing it effective stream cipher key strength. i.e. How much entropy material is in the key material being fed into the encryption routines.

        TLS 1.3 https://wiki.openssl.org/index.php/TLS1.3

        https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4

        Parameters:
        cipherSuite - String name of the TLS cipher suite.
        Returns:
        int indicating the effective key entropy bit-length.

      • getSessionId

        byte[] getSessionId()
        Returns:
        The SSL session ID, or null if this could not be determined.

      • getCipherSuite

        java.lang.String getCipherSuite()

      • getKeySize

        default int getKeySize()

      • getPeerCertificates

        java.security.cert.Certificate[] getPeerCertificates()
                                              throws javax.net.ssl.SSLPeerUnverifiedException,
                                                     RenegotiationRequiredException
        Gets the peer certificates. This may force SSL renegotiation.
        Returns:
        The peer certificates
        Throws:
        javax.net.ssl.SSLPeerUnverifiedException
        RenegotiationRequiredException - If the session

      • getPeerCertificateChain

        @Deprecated(since="2.2.3",
            forRemoval=false)
javax.security.cert.X509Certificate[] getPeerCertificateChain()
                                                       throws javax.net.ssl.SSLPeerUnverifiedException,
                                                              RenegotiationRequiredException
        Deprecated.
        in favor of getPeerCertificates() because SSLSession.getPeerCertificateChain() throws java 15.
        This method is no longer supported on java 15 and should be avoided.
        Throws:
        javax.net.ssl.SSLPeerUnverifiedException
        RenegotiationRequiredException
        See Also:
        SSLSession.getPeerCertificateChain()

      • renegotiate

        void renegotiate​(HttpServerExchange exchange,
                 org.xnio.SslClientAuthMode sslClientAuthMode)
          throws java.io.IOException
        Renegotiate in a blocking manner. This will set the client aut TODO: we also need a non-blocking version
        Parameters:
        exchange - The exchange
        sslClientAuthMode - The client cert mode to use when renegotiating
        Throws:
        java.io.IOException

      • getSSLSession

        javax.net.ssl.SSLSession getSSLSession()
        Returns:
        The SSL session, or null if it is not applicable