Home | History | Annotate | Download | only in ssl 
      1 /*
      2  * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
      3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
      4  *
      5  * This code is free software; you can redistribute it and/or modify it
      6  * under the terms of the GNU General Public License version 2 only, as
      7  * published by the Free Software Foundation.  Oracle designates this
      8  * particular file as subject to the "Classpath" exception as provided
      9  * by Oracle in the LICENSE file that accompanied this code.
     10  *
     11  * This code is distributed in the hope that it will be useful, but WITHOUT
     12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
     13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
     14  * version 2 for more details (a copy is included in the LICENSE file that
     15  * accompanied this code).
     16  *
     17  * You should have received a copy of the GNU General Public License version
     18  * 2 along with this work; if not, write to the Free Software Foundation,
     19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
     20  *
     21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
     22  * or visit www.oracle.com if you need additional information or have any
     23  * questions.
     24  */
     25 
     26 package javax.net.ssl;
     27 
     28 import java.util.List;
     29 
     30 /**
     31  * Extends the <code>SSLSession</code> interface to support additional
     32  * session attributes.
     33  *
     34  * @since 1.7
     35  */
     36 public abstract class ExtendedSSLSession implements SSLSession {
     37     /**
     38      * Obtains an array of supported signature algorithms that the local side
     39      * is willing to use.
     40      * <p>
     41      * Note: this method is used to indicate to the peer which signature
     42      * algorithms may be used for digital signatures in TLS 1.2. It is
     43      * not meaningful for TLS versions prior to 1.2.
     44      * <p>
     45      * The signature algorithm name must be a standard Java Security
     46      * name (such as "SHA1withRSA", "SHA256withECDSA", and so on).
     47      * See Appendix A in the <a href=
     48      * "{@docRoot}openjdk-redirect.html?v=8&path=/technotes/guides/security/crypto/CryptoSpec.html#AppA">
     49      * Java Cryptography Architecture API Specification &amp; Reference </a>
     50      * for information about standard algorithm names.
     51      * <p>
     52      * Note: the local supported signature algorithms should conform to
     53      * the algorithm constraints specified by
     54      * {@link SSLParameters#getAlgorithmConstraints getAlgorithmConstraints()}
     55      * method in <code>SSLParameters</code>.
     56      *
     57      * @return An array of supported signature algorithms, in descending
     58      *     order of preference.  The return value is an empty array if
     59      *     no signature algorithm is supported.
     60      *
     61      * @see SSLParameters#getAlgorithmConstraints
     62      */
     63     public abstract String[] getLocalSupportedSignatureAlgorithms();
     64 
     65     /**
     66      * Obtains an array of supported signature algorithms that the peer is
     67      * able to use.
     68      * <p>
     69      * Note: this method is used to indicate to the local side which signature
     70      * algorithms may be used for digital signatures in TLS 1.2. It is
     71      * not meaningful for TLS versions prior to 1.2.
     72      * <p>
     73      * The signature algorithm name must be a standard Java Security
     74      * name (such as "SHA1withRSA", "SHA256withECDSA", and so on).
     75      * See Appendix A in the <a href=
     76      * "{@docRoot}openjdk-redirect.html?v=8&path=/technotes/guides/security/crypto/CryptoSpec.html#AppA">
     77      * Java Cryptography Architecture API Specification &amp; Reference </a>
     78      * for information about standard algorithm names.
     79      *
     80      * @return An array of supported signature algorithms, in descending
     81      *     order of preference.  The return value is an empty array if
     82      *     the peer has not sent the supported signature algorithms.
     83      *
     84      * @see X509KeyManager
     85      * @see X509ExtendedKeyManager
     86      */
     87     public abstract String[] getPeerSupportedSignatureAlgorithms();
     88 
     89     /**
     90      * Obtains a {@link List} containing all {@link SNIServerName}s
     91      * of the requested Server Name Indication (SNI) extension.
     92      * <P>
     93      * In server mode, unless the return {@link List} is empty,
     94      * the server should use the requested server names to guide its
     95      * selection of an appropriate authentication certificate, and/or
     96      * other aspects of security policy.
     97      * <P>
     98      * In client mode, unless the return {@link List} is empty,
     99      * the client should use the requested server names to guide its
    100      * endpoint identification of the peer's identity, and/or
    101      * other aspects of security policy.
    102      *
    103      * @return a non-null immutable list of {@link SNIServerName}s of the
    104      *         requested server name indications. The returned list may be
    105      *         empty if no server name indications were requested.
    106      * @throws UnsupportedOperationException if the underlying provider
    107      *         does not implement the operation
    108      *
    109      * @see SNIServerName
    110      * @see X509ExtendedTrustManager
    111      * @see X509ExtendedKeyManager
    112      *
    113      * @since 1.8
    114      */
    115     public List<SNIServerName> getRequestedServerNames() {
    116         throw new UnsupportedOperationException();
    117     }
    118 }
    119