1 /* 2 * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package javax.net.ssl; 27 28 import java.util.List; 29 30 /** 31 * Extends the <code>SSLSession</code> interface to support additional 32 * session attributes. 33 * 34 * @since 1.7 35 */ 36 public abstract class ExtendedSSLSession implements SSLSession { 37 /** 38 * Obtains an array of supported signature algorithms that the local side 39 * is willing to use. 40 * <p> 41 * Note: this method is used to indicate to the peer which signature 42 * algorithms may be used for digital signatures in TLS 1.2. It is 43 * not meaningful for TLS versions prior to 1.2. 44 * <p> 45 * The signature algorithm name must be a standard Java Security 46 * name (such as "SHA1withRSA", "SHA256withECDSA", and so on). 47 * See Appendix A in the <a href= 48 * "{@docRoot}openjdk-redirect.html?v=8&path=/technotes/guides/security/crypto/CryptoSpec.html#AppA"> 49 * Java Cryptography Architecture API Specification & Reference </a> 50 * for information about standard algorithm names. 51 * <p> 52 * Note: the local supported signature algorithms should conform to 53 * the algorithm constraints specified by 54 * {@link SSLParameters#getAlgorithmConstraints getAlgorithmConstraints()} 55 * method in <code>SSLParameters</code>. 56 * 57 * @return An array of supported signature algorithms, in descending 58 * order of preference. The return value is an empty array if 59 * no signature algorithm is supported. 60 * 61 * @see SSLParameters#getAlgorithmConstraints 62 */ getLocalSupportedSignatureAlgorithms()63 public abstract String[] getLocalSupportedSignatureAlgorithms(); 64 65 /** 66 * Obtains an array of supported signature algorithms that the peer is 67 * able to use. 68 * <p> 69 * Note: this method is used to indicate to the local side which signature 70 * algorithms may be used for digital signatures in TLS 1.2. It is 71 * not meaningful for TLS versions prior to 1.2. 72 * <p> 73 * The signature algorithm name must be a standard Java Security 74 * name (such as "SHA1withRSA", "SHA256withECDSA", and so on). 75 * See Appendix A in the <a href= 76 * "{@docRoot}openjdk-redirect.html?v=8&path=/technotes/guides/security/crypto/CryptoSpec.html#AppA"> 77 * Java Cryptography Architecture API Specification & Reference </a> 78 * for information about standard algorithm names. 79 * 80 * @return An array of supported signature algorithms, in descending 81 * order of preference. The return value is an empty array if 82 * the peer has not sent the supported signature algorithms. 83 * 84 * @see X509KeyManager 85 * @see X509ExtendedKeyManager 86 */ getPeerSupportedSignatureAlgorithms()87 public abstract String[] getPeerSupportedSignatureAlgorithms(); 88 89 /** 90 * Obtains a {@link List} containing all {@link SNIServerName}s 91 * of the requested Server Name Indication (SNI) extension. 92 * <P> 93 * In server mode, unless the return {@link List} is empty, 94 * the server should use the requested server names to guide its 95 * selection of an appropriate authentication certificate, and/or 96 * other aspects of security policy. 97 * <P> 98 * In client mode, unless the return {@link List} is empty, 99 * the client should use the requested server names to guide its 100 * endpoint identification of the peer's identity, and/or 101 * other aspects of security policy. 102 * 103 * @return a non-null immutable list of {@link SNIServerName}s of the 104 * requested server name indications. The returned list may be 105 * empty if no server name indications were requested. 106 * @throws UnsupportedOperationException if the underlying provider 107 * does not implement the operation 108 * 109 * @see SNIServerName 110 * @see X509ExtendedTrustManager 111 * @see X509ExtendedKeyManager 112 * 113 * @since 1.8 114 */ getRequestedServerNames()115 public List<SNIServerName> getRequestedServerNames() { 116 throw new UnsupportedOperationException(); 117 } 118 } 119