Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/src/java.base/share/classes/javax/net/ssl/ExtendedSSLSession.java
41159 views
1
/*

2
 * Copyright (c) 2010, 2020, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.  Oracle designates this

8
 * particular file as subject to the "Classpath" exception as provided

9
 * by Oracle in the LICENSE file that accompanied this code.

10
 *

11
 * This code is distributed in the hope that it will be useful, but WITHOUT

12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

14
 * version 2 for more details (a copy is included in the LICENSE file that

15
 * accompanied this code).

16
 *

17
 * You should have received a copy of the GNU General Public License version

18
 * 2 along with this work; if not, write to the Free Software Foundation,

19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

20
 *

21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

22
 * or visit www.oracle.com if you need additional information or have any

23
 * questions.

24
 */

25


26
package javax.net.ssl;

27


28
import java.util.List;

29


30
/**

31
 * Extends the {@code SSLSession} interface to support additional

32
 * session attributes.

33
 *

34
 * @since 1.7

35
 */

36
public abstract class ExtendedSSLSession implements SSLSession {

37
    /**

38
     * Constructor for subclasses to call.

39
     */

40
    public ExtendedSSLSession() {}

41


42
    /**

43
     * Obtains an array of supported signature algorithms that the local side

44
     * is willing to use.

45
     * <p>

46
     * Note: this method is used to indicate to the peer which signature

47
     * algorithms may be used for digital signatures in TLS/DTLS 1.2. It is

48
     * not meaningful for TLS/DTLS versions prior to 1.2.

49
     * <p>

50
     * The signature algorithm name must be a standard Java Security

51
     * name (such as "SHA1withRSA", "SHA256withECDSA", and so on).

52
     * See the <a href=

53
     * "{@docRoot}/../specs/security/standard-names.html">

54
     * Java Security Standard Algorithm Names</a> document

55
     * for information about standard algorithm names.

56
     * <p>

57
     * Note: the local supported signature algorithms should conform to

58
     * the algorithm constraints specified by

59
     * {@link SSLParameters#getAlgorithmConstraints getAlgorithmConstraints()}

60
     * method in {@code SSLParameters}.

61
     *

62
     * @return An array of supported signature algorithms, in descending

63
     *     order of preference.  The return value is an empty array if

64
     *     no signature algorithm is supported.

65
     *

66
     * @see SSLParameters#getAlgorithmConstraints

67
     */

68
    public abstract String[] getLocalSupportedSignatureAlgorithms();

69


70
    /**

71
     * Obtains an array of supported signature algorithms that the peer is

72
     * able to use.

73
     * <p>

74
     * Note: this method is used to indicate to the local side which signature

75
     * algorithms may be used for digital signatures in TLS/DTLS 1.2. It is

76
     * not meaningful for TLS/DTLS versions prior to 1.2.

77
     * <p>

78
     * The signature algorithm name must be a standard Java Security

79
     * name (such as "SHA1withRSA", "SHA256withECDSA", and so on).

80
     * See the <a href=

81
     * "{@docRoot}/../specs/security/standard-names.html">

82
     * Java Security Standard Algorithm Names</a> document

83
     * for information about standard algorithm names.

84
     *

85
     * @return An array of supported signature algorithms, in descending

86
     *     order of preference.  The return value is an empty array if

87
     *     the peer has not sent the supported signature algorithms.

88
     *

89
     * @see X509KeyManager

90
     * @see X509ExtendedKeyManager

91
     */

92
    public abstract String[] getPeerSupportedSignatureAlgorithms();

93


94
    /**

95
     * Obtains a {@link List} containing all {@link SNIServerName}s

96
     * of the requested Server Name Indication (SNI) extension.

97
     * <P>

98
     * In server mode, unless the return {@link List} is empty,

99
     * the server should use the requested server names to guide its

100
     * selection of an appropriate authentication certificate, and/or

101
     * other aspects of security policy.

102
     * <P>

103
     * In client mode, unless the return {@link List} is empty,

104
     * the client should use the requested server names to guide its

105
     * endpoint identification of the peer's identity, and/or

106
     * other aspects of security policy.

107
     *

108
     * @return a non-null immutable list of {@link SNIServerName}s of the

109
     *         requested server name indications. The returned list may be

110
     *         empty if no server name indications were requested.

111
     * @throws UnsupportedOperationException if the underlying provider

112
     *         does not implement the operation

113
     *

114
     * @see SNIServerName

115
     * @see X509ExtendedTrustManager

116
     * @see X509ExtendedKeyManager

117
     *

118
     * @since 1.8

119
     */

120
    public List<SNIServerName> getRequestedServerNames() {

121
        throw new UnsupportedOperationException();

122
    }

123


124
    /**

125
     * Returns a {@link List} containing DER-encoded OCSP responses

126
     * (using the ASN.1 type OCSPResponse defined in RFC 6960) for

127
     * the client to verify status of the server's certificate during

128
     * handshaking.

129
     *

130
     * <P>

131
     * This method only applies to certificate-based server

132
     * authentication.  An {@link X509ExtendedTrustManager} will use the

133
     * returned value for server certificate validation.

134
     *

135
     * @implSpec This method throws UnsupportedOperationException by default.

136
     *         Classes derived from ExtendedSSLSession must implement

137
     *         this method.

138
     *

139
     * @return a non-null unmodifiable list of byte arrays, each entry

140
     *         containing a DER-encoded OCSP response (using the

141
     *         ASN.1 type OCSPResponse defined in RFC 6960).  The order

142
     *         of the responses must match the order of the certificates

143
     *         presented by the server in its Certificate message (See

144
     *         {@link SSLSession#getLocalCertificates()} for server mode,

145
     *         and {@link SSLSession#getPeerCertificates()} for client mode).

146
     *         It is possible that fewer response entries may be returned than

147
     *         the number of presented certificates.  If an entry in the list

148
     *         is a zero-length byte array, it should be treated by the

149
     *         caller as if the OCSP entry for the corresponding certificate

150
     *         is missing.  The returned list may be empty if no OCSP responses

151
     *         were presented during handshaking or if OCSP stapling is not

152
     *         supported by either endpoint for this handshake.

153
     *

154
     * @throws UnsupportedOperationException if the underlying provider

155
     *         does not implement the operation

156
     *

157
     * @see X509ExtendedTrustManager

158
     *

159
     * @since 9

160
     */

161
    public List<byte[]> getStatusResponses() {

162
        throw new UnsupportedOperationException();

163
    }

164
}

165


166