| /* |
| * Copyright (c) 1997, 2003, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. Oracle designates this |
| * particular file as subject to the "Classpath" exception as provided |
| * by Oracle in the LICENSE file that accompanied this code. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| package javax.net.ssl; |
| |
| import java.util.EventObject; |
| import java.security.cert.Certificate; |
| import java.security.Principal; |
| import java.security.cert.X509Certificate; |
| import javax.security.auth.x500.X500Principal; |
| |
| /** |
| * This event indicates that an SSL handshake completed on a given |
| * SSL connection. All of the core information about that handshake's |
| * result is captured through an "SSLSession" object. As a convenience, |
| * this event class provides direct access to some important session |
| * attributes. |
| * |
| * <P> The source of this event is the SSLSocket on which handshaking |
| * just completed. |
| * |
| * @see SSLSocket |
| * @see HandshakeCompletedListener |
| * @see SSLSession |
| * |
| * @since 1.4 |
| * @author David Brownell |
| */ |
| public class HandshakeCompletedEvent extends EventObject |
| { |
| private static final long serialVersionUID = 7914963744257769778L; |
| |
| private transient SSLSession session; |
| |
| /** |
| * Constructs a new HandshakeCompletedEvent. |
| * |
| * @param sock the SSLSocket acting as the source of the event |
| * @param s the SSLSession this event is associated with |
| */ |
| public HandshakeCompletedEvent(SSLSocket sock, SSLSession s) |
| { |
| super(sock); |
| session = s; |
| } |
| |
| |
| /** |
| * Returns the session that triggered this event. |
| * |
| * @return the <code>SSLSession</code> for this handshake |
| */ |
| public SSLSession getSession() |
| { |
| return session; |
| } |
| |
| |
| /** |
| * Returns the cipher suite in use by the session which was produced |
| * by the handshake. (This is a convenience method for |
| * getting the ciphersuite from the SSLsession.) |
| * |
| * @return the name of the cipher suite negotiated during this session. |
| */ |
| public String getCipherSuite() |
| { |
| return session.getCipherSuite(); |
| } |
| |
| |
| /** |
| * Returns the certificate(s) that were sent to the peer during |
| * handshaking. |
| * Note: This method is useful only when using certificate-based |
| * cipher suites. |
| * |
| * When multiple certificates are available for use in a |
| * handshake, the implementation chooses what it considers the |
| * "best" certificate chain available, and transmits that to |
| * the other side. This method allows the caller to know |
| * which certificate chain was actually used. |
| * |
| * @return an ordered array of certificates, with the local |
| * certificate first followed by any |
| * certificate authorities. If no certificates were sent, |
| * then null is returned. |
| * @see #getLocalPrincipal() |
| */ |
| public java.security.cert.Certificate [] getLocalCertificates() |
| { |
| return session.getLocalCertificates(); |
| } |
| |
| |
| /** |
| * Returns the identity of the peer which was established as part |
| * of defining the session. |
| * Note: This method can be used only when using certificate-based |
| * cipher suites; using it with non-certificate-based cipher suites, |
| * such as Kerberos, will throw an SSLPeerUnverifiedException. |
| * |
| * @return an ordered array of the peer certificates, |
| * with the peer's own certificate first followed by |
| * any certificate authorities. |
| * @exception SSLPeerUnverifiedException if the peer is not verified. |
| * @see #getPeerPrincipal() |
| */ |
| public java.security.cert.Certificate [] getPeerCertificates() |
| throws SSLPeerUnverifiedException |
| { |
| return session.getPeerCertificates(); |
| } |
| |
| |
| /** |
| * Returns the identity of the peer which was identified as part |
| * of defining the session. |
| * Note: This method can be used only when using certificate-based |
| * cipher suites; using it with non-certificate-based cipher suites, |
| * such as Kerberos, will throw an SSLPeerUnverifiedException. |
| * |
| * <p><em>Note: this method exists for compatibility with previous |
| * releases. New applications should use |
| * {@link #getPeerCertificates} instead.</em></p> |
| * |
| * @return an ordered array of peer X.509 certificates, |
| * with the peer's own certificate first followed by any |
| * certificate authorities. (The certificates are in |
| * the original JSSE |
| * {@link javax.security.cert.X509Certificate} format). |
| * @exception SSLPeerUnverifiedException if the peer is not verified. |
| * @see #getPeerPrincipal() |
| */ |
| public javax.security.cert.X509Certificate [] getPeerCertificateChain() |
| throws SSLPeerUnverifiedException |
| { |
| return session.getPeerCertificateChain(); |
| } |
| |
| /** |
| * Returns the identity of the peer which was established as part of |
| * defining the session. |
| * |
| * @return the peer's principal. Returns an X500Principal of the |
| * end-entity certiticate for X509-based cipher suites, and |
| * KerberosPrincipal for Kerberos cipher suites. |
| * |
| * @throws SSLPeerUnverifiedException if the peer's identity has not |
| * been verified |
| * |
| * @see #getPeerCertificates() |
| * @see #getLocalPrincipal() |
| * |
| * @since 1.5 |
| */ |
| public Principal getPeerPrincipal() |
| throws SSLPeerUnverifiedException |
| { |
| Principal principal; |
| try { |
| principal = session.getPeerPrincipal(); |
| } catch (AbstractMethodError e) { |
| // if the provider does not support it, fallback to peer certs. |
| // return the X500Principal of the end-entity cert. |
| Certificate[] certs = getPeerCertificates(); |
| principal = (X500Principal) |
| ((X509Certificate)certs[0]).getSubjectX500Principal(); |
| } |
| return principal; |
| } |
| |
| /** |
| * Returns the principal that was sent to the peer during handshaking. |
| * |
| * @return the principal sent to the peer. Returns an X500Principal |
| * of the end-entity certificate for X509-based cipher suites, and |
| * KerberosPrincipal for Kerberos cipher suites. If no principal was |
| * sent, then null is returned. |
| * |
| * @see #getLocalCertificates() |
| * @see #getPeerPrincipal() |
| * |
| * @since 1.5 |
| */ |
| public Principal getLocalPrincipal() |
| { |
| Principal principal; |
| try { |
| principal = session.getLocalPrincipal(); |
| } catch (AbstractMethodError e) { |
| principal = null; |
| // if the provider does not support it, fallback to local certs. |
| // return the X500Principal of the end-entity cert. |
| Certificate[] certs = getLocalCertificates(); |
| if (certs != null) { |
| principal = (X500Principal) |
| ((X509Certificate)certs[0]).getSubjectX500Principal(); |
| } |
| } |
| return principal; |
| } |
| |
| /** |
| * Returns the socket which is the source of this event. |
| * (This is a convenience function, to let applications |
| * write code without type casts.) |
| * |
| * @return the socket on which the connection was made. |
| */ |
| public SSLSocket getSocket() |
| { |
| return (SSLSocket) getSource(); |
| } |
| } |