Package org.conscrypt

Class NativeSslSession

  • Direct Known Subclasses:
    NativeSslSession.Impl
    abstract class NativeSslSession
extends java.lang.Object
    A utility wrapper that abstracts operations on the underlying native SSL_SESSION instance. This is abstract only to support mocking for tests.

    • Field Detail

      • logger

        private static final java.util.logging.Logger logger

    • Constructor Detail

      • NativeSslSession

        NativeSslSession()

    • Method Detail

      • newInstance

        static NativeSslSession newInstance​(NativeRef.SSL_SESSION ref,
                                    ConscryptSession session)
                             throws javax.net.ssl.SSLPeerUnverifiedException
        Creates a new instance. Since BoringSSL does not provide an API to get access to all session information via the SSL_SESSION, we get some values (e.g. peer certs) from the ConscryptSession instead (i.e. the SSL object).
        Throws:
        javax.net.ssl.SSLPeerUnverifiedException

      • getOcspResponse

        private static byte[] getOcspResponse​(ConscryptSession session)

      • newInstance

        static NativeSslSession newInstance​(AbstractSessionContext context,
                                    byte[] data,
                                    java.lang.String host,
                                    int port)
        Creates a new NativeSslSession instance from the provided serialized bytes, which were generated by toBytes().
        Returns:
        The new instance if successful. If unable to parse the bytes for any reason, returns null.

      • getId

        abstract byte[] getId()

      • isValid

        abstract boolean isValid()

      • isSingleUse

        abstract boolean isSingleUse()
        Returns whether this session should only ever be used for resumption once.

      • offerToResume

        abstract void offerToResume​(NativeSsl ssl)
                     throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException

      • getCipherSuite

        abstract java.lang.String getCipherSuite()

      • getProtocol

        abstract java.lang.String getProtocol()

      • getPeerHost

        abstract java.lang.String getPeerHost()

      • getPeerPort

        abstract int getPeerPort()

      • getPeerOcspStapledResponse

        abstract byte[] getPeerOcspStapledResponse()
        Returns the OCSP stapled response. The returned array is not copied; the caller must either not modify the returned array or make a copy.
        See Also:
        RFC 6066, RFC 6961

      • getPeerSignedCertificateTimestamp

        abstract byte[] getPeerSignedCertificateTimestamp()
        Returns the signed certificate timestamp (SCT) received from the peer. The returned array is not copied; the caller must either not modify the returned array or make a copy.
        See Also:
        RFC 6962

      • toBytes

        abstract byte[] toBytes()
        Converts the given session to bytes.
        Returns:
        session data as bytes or null if the session can't be converted

      • toSSLSession

        abstract javax.net.ssl.SSLSession toSSLSession()
        Converts this object to a SSLSession. The returned session will support only a subset of the SSLSession API.

      • log

        private static void log​(java.lang.Throwable t)

      • checkRemaining

        private static void checkRemaining​(java.nio.ByteBuffer buf,
                                   int length)
                            throws java.io.IOException
        Throws:
        java.io.IOException