1
2
3 /*
4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
5 *
6 * Copyright 1997-2007 Sun Microsystems, Inc. All rights reserved.
7 *
8 * Portions Copyright Apache Software Foundation.
9 *
10 * The contents of this file are subject to the terms of either the GNU
11 * General Public License Version 2 only ("GPL") or the Common Development
12 * and Distribution License("CDDL") (collectively, the "License"). You
13 * may not use this file except in compliance with the License. You can obtain
14 * a copy of the License at https://glassfish.dev.java.net/public/CDDL+GPL.html
15 * or glassfish/bootstrap/legal/LICENSE.txt. See the License for the specific
16 * language governing permissions and limitations under the License.
17 *
18 * When distributing the software, include this License Header Notice in each
19 * file and include the License file at glassfish/bootstrap/legal/LICENSE.txt.
20 * Sun designates this particular file as subject to the "Classpath" exception
21 * as provided by Sun in the GPL Version 2 section of the License file that
22 * accompanied this code. If applicable, add the following below the License
23 * Header, with the fields enclosed by brackets [] replaced by your own
24 * identifying information: "Portions Copyrighted [year]
25 * [name of copyright owner]"
26 *
27 * Contributor(s):
28 *
29 * If you wish your version of this file to be governed by only the CDDL or
30 * only the GPL Version 2, indicate your decision by adding "[Contributor]
31 * elects to include this software in this distribution under the [CDDL or GPL
32 * Version 2] license." If you don't indicate a single choice of license, a
33 * recipient has the option to distribute your version of this file under
34 * either the CDDL, the GPL Version 2 or to extend the choice of license to
35 * its licensees as provided above. However, if you add GPL Version 2 code
36 * and therefore, elected the GPL Version 2 license, then the option applies
37 * only if the new code is made subject to such option by the copyright
38 * holder.
39 */
40
41 package org.apache.tomcat.util.net;
42
43 import java.io;
44 import java.net;
45
46 /* SSLSupport
47
48 Interface for SSL-specific functions
49
50 @author EKR
51 */
52
53 public interface SSLSupport {
54 /**
55 * The Request attribute key for the cipher suite.
56 */
57 public static final String CIPHER_SUITE_KEY = "javax.servlet.request.cipher_suite";
58
59 /**
60 * The Request attribute key for the key size.
61 */
62 public static final String KEY_SIZE_KEY = "javax.servlet.request.key_size";
63
64 /**
65 * The Request attribute key for the client certificate chain.
66 */
67 public static final String CERTIFICATE_KEY = "javax.servlet.request.X509Certificate";
68
69 /**
70 * The Request attribute key for the session id.
71 * This one is a Tomcat extension to the Servlet spec.
72 */
73 public static final String SESSION_ID_KEY = "javax.servlet.request.ssl_session";
74
75 /**
76 * A mapping table to determine the number of effective bits in the key
77 * when using a cipher suite containing the specified cipher name. The
78 * underlying data came from the TLS Specification (RFC 2246), Appendix C.
79 */
80 static final CipherData ciphers[] = {
81 new CipherData("_WITH_NULL_", 0),
82 new CipherData("_WITH_IDEA_CBC_", 128),
83 new CipherData("_WITH_RC2_CBC_40_", 40),
84 new CipherData("_WITH_RC4_40_", 40),
85 new CipherData("_WITH_RC4_128_", 128),
86 new CipherData("_WITH_DES40_CBC_", 40),
87 new CipherData("_WITH_DES_CBC_", 56),
88 new CipherData("_WITH_3DES_EDE_CBC_", 168)
89 };
90
91 /**
92 * The cipher suite being used on this connection.
93 */
94 public String getCipherSuite() throws IOException;
95
96 /**
97 * The client certificate chain (if any).
98 */
99 public Object[] getPeerCertificateChain()
100 throws IOException;
101
102 /**
103 * The client certificate chain (if any).
104 * @param force If <code>true</code>, then re-negotiate the
105 * connection if necessary.
106 */
107 public Object[] getPeerCertificateChain(boolean force)
108 throws IOException;
109
110 /**
111 * Get the keysize.
112 *
113 * What we're supposed to put here is ill-defined by the
114 * Servlet spec (S 4.7 again). There are at least 4 potential
115 * values that might go here:
116 *
117 * (a) The size of the encryption key
118 * (b) The size of the MAC key
119 * (c) The size of the key-exchange key
120 * (d) The size of the signature key used by the server
121 *
122 * Unfortunately, all of these values are nonsensical.
123 **/
124 public Integer getKeySize()
125 throws IOException;
126
127 /**
128 * The current session Id.
129 */
130 public String getSessionId()
131 throws IOException;
132 /**
133 * Simple data class that represents the cipher being used, along with the
134 * corresponding effective key size. The specified phrase must appear in the
135 * name of the cipher suite to be recognized.
136 */
137
138 final class CipherData {
139
140 public String phrase = null;
141
142 public int keySize = 0;
143
144 public CipherData(String phrase, int keySize) {
145 this.phrase = phrase;
146 this.keySize = keySize;
147 }
148
149 }
150
151 }
152
Save This Page