Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/classes/javax/net/ssl/HandshakeCompletedEvent.java
38918 views
/*1* Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package javax.net.ssl;2627import java.util.EventObject;28import java.security.cert.Certificate;29import java.security.Principal;30import java.security.cert.X509Certificate;3132/**33* This event indicates that an SSL handshake completed on a given34* SSL connection. All of the core information about that handshake's35* result is captured through an "SSLSession" object. As a convenience,36* this event class provides direct access to some important session37* attributes.38*39* <P> The source of this event is the SSLSocket on which handshaking40* just completed.41*42* @see SSLSocket43* @see HandshakeCompletedListener44* @see SSLSession45*46* @since 1.447* @author David Brownell48*/49public class HandshakeCompletedEvent extends EventObject50{51private static final long serialVersionUID = 7914963744257769778L;5253private transient SSLSession session;5455/**56* Constructs a new HandshakeCompletedEvent.57*58* @param sock the SSLSocket acting as the source of the event59* @param s the SSLSession this event is associated with60*/61public HandshakeCompletedEvent(SSLSocket sock, SSLSession s)62{63super(sock);64session = s;65}666768/**69* Returns the session that triggered this event.70*71* @return the <code>SSLSession</code> for this handshake72*/73public SSLSession getSession()74{75return session;76}777879/**80* Returns the cipher suite in use by the session which was produced81* by the handshake. (This is a convenience method for82* getting the ciphersuite from the SSLsession.)83*84* @return the name of the cipher suite negotiated during this session.85*/86public String getCipherSuite()87{88return session.getCipherSuite();89}909192/**93* Returns the certificate(s) that were sent to the peer during94* handshaking.95* Note: This method is useful only when using certificate-based96* cipher suites.97*98* When multiple certificates are available for use in a99* handshake, the implementation chooses what it considers the100* "best" certificate chain available, and transmits that to101* the other side. This method allows the caller to know102* which certificate chain was actually used.103*104* @return an ordered array of certificates, with the local105* certificate first followed by any106* certificate authorities. If no certificates were sent,107* then null is returned.108* @see #getLocalPrincipal()109*/110public java.security.cert.Certificate [] getLocalCertificates()111{112return session.getLocalCertificates();113}114115116/**117* Returns the identity of the peer which was established as part118* of defining the session.119* Note: This method can be used only when using certificate-based120* cipher suites; using it with non-certificate-based cipher suites,121* such as Kerberos, will throw an SSLPeerUnverifiedException.122*123* @return an ordered array of the peer certificates,124* with the peer's own certificate first followed by125* any certificate authorities.126* @exception SSLPeerUnverifiedException if the peer is not verified.127* @see #getPeerPrincipal()128*/129public java.security.cert.Certificate [] getPeerCertificates()130throws SSLPeerUnverifiedException131{132return session.getPeerCertificates();133}134135136/**137* Returns the identity of the peer which was identified as part138* of defining the session.139* Note: This method can be used only when using certificate-based140* cipher suites; using it with non-certificate-based cipher suites,141* such as Kerberos, will throw an SSLPeerUnverifiedException.142*143* <p><em>Note: this method exists for compatibility with previous144* releases. New applications should use145* {@link #getPeerCertificates} instead.</em></p>146*147* @return an ordered array of peer X.509 certificates,148* with the peer's own certificate first followed by any149* certificate authorities. (The certificates are in150* the original JSSE151* {@link javax.security.cert.X509Certificate} format).152* @exception SSLPeerUnverifiedException if the peer is not verified.153* @see #getPeerPrincipal()154*/155public javax.security.cert.X509Certificate [] getPeerCertificateChain()156throws SSLPeerUnverifiedException157{158return session.getPeerCertificateChain();159}160161/**162* Returns the identity of the peer which was established as part of163* defining the session.164*165* @return the peer's principal. Returns an X500Principal of the166* end-entity certiticate for X509-based cipher suites, and167* KerberosPrincipal for Kerberos cipher suites.168*169* @throws SSLPeerUnverifiedException if the peer's identity has not170* been verified171*172* @see #getPeerCertificates()173* @see #getLocalPrincipal()174*175* @since 1.5176*/177public Principal getPeerPrincipal()178throws SSLPeerUnverifiedException179{180Principal principal;181try {182principal = session.getPeerPrincipal();183} catch (AbstractMethodError e) {184// if the provider does not support it, fallback to peer certs.185// return the X500Principal of the end-entity cert.186Certificate[] certs = getPeerCertificates();187principal = ((X509Certificate)certs[0]).getSubjectX500Principal();188}189return principal;190}191192/**193* Returns the principal that was sent to the peer during handshaking.194*195* @return the principal sent to the peer. Returns an X500Principal196* of the end-entity certificate for X509-based cipher suites, and197* KerberosPrincipal for Kerberos cipher suites. If no principal was198* sent, then null is returned.199*200* @see #getLocalCertificates()201* @see #getPeerPrincipal()202*203* @since 1.5204*/205public Principal getLocalPrincipal()206{207Principal principal;208try {209principal = session.getLocalPrincipal();210} catch (AbstractMethodError e) {211principal = null;212// if the provider does not support it, fallback to local certs.213// return the X500Principal of the end-entity cert.214Certificate[] certs = getLocalCertificates();215if (certs != null) {216principal =217((X509Certificate)certs[0]).getSubjectX500Principal();218}219}220return principal;221}222223/**224* Returns the socket which is the source of this event.225* (This is a convenience function, to let applications226* write code without type casts.)227*228* @return the socket on which the connection was made.229*/230public SSLSocket getSocket()231{232return (SSLSocket) getSource();233}234}235236237