ExtendedSSLSession (Java SE 9 & JDK 9 ) (original) (raw)

• java.lang.Object

• • javax.net.ssl.ExtendedSSLSession

• All Implemented Interfaces:
  [SSLSession](../../../javax/net/ssl/SSLSession.html "interface in javax.net.ssl")

public abstract class ExtendedSSLSession
extends Object
implements SSLSession
Extends the SSLSession interface to support additional session attributes.
Since:
1.7

• • Constructor Summary

  Constructors

  Constructor	Description
  ExtendedSSLSession​()

  • Method Summary

  All Methods Instance Methods Abstract Methods Concrete Methods

  Modifier and Type	Method	Description
  abstract String[]	getLocalSupportedSignatureAlgorithms​()	Obtains an array of supported signature algorithms that the local side is willing to use.
  abstract String[]	getPeerSupportedSignatureAlgorithms​()	Obtains an array of supported signature algorithms that the peer is able to use.
  List<SNIServerName>	getRequestedServerNames​()	Obtains a List containing all SNIServerNames of the requested Server Name Indication (SNI) extension.
  List<byte[]>	getStatusResponses​()	Returns a List containing DER-encoded OCSP responses (using the ASN.1 type OCSPResponse defined in RFC 6960) for the client to verify status of the server's certificate during handshaking.

     * ### Methods inherited from class java.lang.[Object](../../../java/lang/Object.html "class in java.lang")  
     `[clone](../../../java/lang/Object.html#clone--), [equals](../../../java/lang/Object.html#equals-java.lang.Object-), [finalize](../../../java/lang/Object.html#finalize--), [getClass](../../../java/lang/Object.html#getClass--), [hashCode](../../../java/lang/Object.html#hashCode--), [notify](../../../java/lang/Object.html#notify--), [notifyAll](../../../java/lang/Object.html#notifyAll--), [toString](../../../java/lang/Object.html#toString--), [wait](../../../java/lang/Object.html#wait--), [wait](../../../java/lang/Object.html#wait-long-), [wait](../../../java/lang/Object.html#wait-long-int-)`  
     * ### Methods inherited from interface javax.net.ssl.[SSLSession](../../../javax/net/ssl/SSLSession.html "interface in javax.net.ssl")  
     `[getApplicationBufferSize](../../../javax/net/ssl/SSLSession.html#getApplicationBufferSize--), [getCipherSuite](../../../javax/net/ssl/SSLSession.html#getCipherSuite--), [getCreationTime](../../../javax/net/ssl/SSLSession.html#getCreationTime--), [getId](../../../javax/net/ssl/SSLSession.html#getId--), [getLastAccessedTime](../../../javax/net/ssl/SSLSession.html#getLastAccessedTime--), [getLocalCertificates](../../../javax/net/ssl/SSLSession.html#getLocalCertificates--), [getLocalPrincipal](../../../javax/net/ssl/SSLSession.html#getLocalPrincipal--), [getPacketBufferSize](../../../javax/net/ssl/SSLSession.html#getPacketBufferSize--), [getPeerCertificateChain](../../../javax/net/ssl/SSLSession.html#getPeerCertificateChain--), [getPeerCertificates](../../../javax/net/ssl/SSLSession.html#getPeerCertificates--), [getPeerHost](../../../javax/net/ssl/SSLSession.html#getPeerHost--), [getPeerPort](../../../javax/net/ssl/SSLSession.html#getPeerPort--), [getPeerPrincipal](../../../javax/net/ssl/SSLSession.html#getPeerPrincipal--), [getProtocol](../../../javax/net/ssl/SSLSession.html#getProtocol--), [getSessionContext](../../../javax/net/ssl/SSLSession.html#getSessionContext--), [getValue](../../../javax/net/ssl/SSLSession.html#getValue-java.lang.String-), [getValueNames](../../../javax/net/ssl/SSLSession.html#getValueNames--), [invalidate](../../../javax/net/ssl/SSLSession.html#invalidate--), [isValid](../../../javax/net/ssl/SSLSession.html#isValid--), [putValue](../../../javax/net/ssl/SSLSession.html#putValue-java.lang.String-java.lang.Object-), [removeValue](../../../javax/net/ssl/SSLSession.html#removeValue-java.lang.String-)`

• • Constructor Detail

     * #### ExtendedSSLSession  
     public ExtendedSSLSession​()  

  • Method Detail

    * #### getLocalSupportedSignatureAlgorithms  
    public abstract [String](../../../java/lang/String.html "class in java.lang")[] getLocalSupportedSignatureAlgorithms​()  
    Obtains an array of supported signature algorithms that the local side is willing to use.  
     Note: this method is used to indicate to the peer which signature algorithms may be used for digital signatures in TLS/DTLS 1.2\. It is not meaningful for TLS/DTLS versions prior to 1.2.  
     The signature algorithm name must be a standard Java Security name (such as "SHA1withRSA", "SHA256withECDSA", and so on). See the [ Java Security Standard Algorithm Names](../../../../specs/security/standard-names.html) document for information about standard algorithm names.  
     Note: the local supported signature algorithms should conform to the algorithm constraints specified by[getAlgorithmConstraints()](../../../javax/net/ssl/SSLParameters.html#getAlgorithmConstraints--) method in `SSLParameters`.  
    Returns:  
    An array of supported signature algorithms, in descending order of preference. The return value is an empty array if no signature algorithm is supported.  
    See Also:  
    [SSLParameters.getAlgorithmConstraints()](../../../javax/net/ssl/SSLParameters.html#getAlgorithmConstraints--)  
    * #### getPeerSupportedSignatureAlgorithms  
    public abstract [String](../../../java/lang/String.html "class in java.lang")[] getPeerSupportedSignatureAlgorithms​()  
    Obtains an array of supported signature algorithms that the peer is able to use.  
     Note: this method is used to indicate to the local side which signature algorithms may be used for digital signatures in TLS/DTLS 1.2\. It is not meaningful for TLS/DTLS versions prior to 1.2.  
     The signature algorithm name must be a standard Java Security name (such as "SHA1withRSA", "SHA256withECDSA", and so on). See the [ Java Security Standard Algorithm Names](../../../../specs/security/standard-names.html) document for information about standard algorithm names.  
    Returns:  
    An array of supported signature algorithms, in descending order of preference. The return value is an empty array if the peer has not sent the supported signature algorithms.  
    See Also:  
    [X509KeyManager](../../../javax/net/ssl/X509KeyManager.html "interface in javax.net.ssl"), [X509ExtendedKeyManager](../../../javax/net/ssl/X509ExtendedKeyManager.html "class in javax.net.ssl")  
    * #### getRequestedServerNames  
    public [List](../../../java/util/List.html "interface in java.util")<[SNIServerName](../../../javax/net/ssl/SNIServerName.html "class in javax.net.ssl")> getRequestedServerNames​()  
    Obtains a [List](../../../java/util/List.html "interface in java.util") containing all [SNIServerName](../../../javax/net/ssl/SNIServerName.html "class in javax.net.ssl")s of the requested Server Name Indication (SNI) extension.  
     In server mode, unless the return [List](../../../java/util/List.html "interface in java.util") is empty, the server should use the requested server names to guide its selection of an appropriate authentication certificate, and/or other aspects of security policy.  
     In client mode, unless the return [List](../../../java/util/List.html "interface in java.util") is empty, the client should use the requested server names to guide its endpoint identification of the peer's identity, and/or other aspects of security policy.  
    Returns:  
    a non-null immutable list of [SNIServerName](../../../javax/net/ssl/SNIServerName.html "class in javax.net.ssl")s of the requested server name indications. The returned list may be empty if no server name indications were requested.  
    Throws:  
    `[UnsupportedOperationException](../../../java/lang/UnsupportedOperationException.html "class in java.lang")` \- if the underlying provider does not implement the operation  
    Since:  
    1.8  
    See Also:  
    [SNIServerName](../../../javax/net/ssl/SNIServerName.html "class in javax.net.ssl"), [X509ExtendedTrustManager](../../../javax/net/ssl/X509ExtendedTrustManager.html "class in javax.net.ssl"), [X509ExtendedKeyManager](../../../javax/net/ssl/X509ExtendedKeyManager.html "class in javax.net.ssl")  
    * #### getStatusResponses  
    public [List](../../../java/util/List.html "interface in java.util")<byte[]> getStatusResponses​()  
    Returns a [List](../../../java/util/List.html "interface in java.util") containing DER-encoded OCSP responses (using the ASN.1 type OCSPResponse defined in RFC 6960) for the client to verify status of the server's certificate during handshaking.  
     This method only applies to certificate-based server authentication. An [X509ExtendedTrustManager](../../../javax/net/ssl/X509ExtendedTrustManager.html "class in javax.net.ssl") will use the returned value for server certificate validation.  
    Implementation Requirements:  
    This method throws UnsupportedOperationException by default. Classes derived from ExtendedSSLSession must implement this method.  
    Returns:  
    a non-null unmodifiable list of byte arrays, each entry containing a DER-encoded OCSP response (using the ASN.1 type OCSPResponse defined in RFC 6960). The order of the responses must match the order of the certificates presented by the server in its Certificate message (See[SSLSession.getLocalCertificates()](../../../javax/net/ssl/SSLSession.html#getLocalCertificates--) for server mode, and [SSLSession.getPeerCertificates()](../../../javax/net/ssl/SSLSession.html#getPeerCertificates--) for client mode). It is possible that fewer response entries may be returned than the number of presented certificates. If an entry in the list is a zero-length byte array, it should be treated by the caller as if the OCSP entry for the corresponding certificate is missing. The returned list may be empty if no OCSP responses were presented during handshaking or if OCSP stapling is not supported by either endpoint for this handshake.  
    Throws:  
    `[UnsupportedOperationException](../../../java/lang/UnsupportedOperationException.html "class in java.lang")` \- if the underlying provider does not implement the operation  
    Since:  
    9  
    See Also:  
    [X509ExtendedTrustManager](../../../javax/net/ssl/X509ExtendedTrustManager.html "class in javax.net.ssl")

Report a bug or suggest an enhancement
For further API reference and developer documentation see the Java SE Documentation, which contains more detailed, developer-targeted descriptions with conceptual overviews, definitions of terms, workarounds, and working code examples.
Java is a trademark or registered trademark of Oracle and/or its affiliates in the US and other countries.
Copyright © 1993, 2017, Oracle and/or its affiliates, 500 Oracle Parkway, Redwood Shores, CA 94065 USA.
All rights reserved. Use is subject to license terms and the documentation redistribution policy.