File	Doc	Category	Size	Date	Package
PureTLSSupport.java	API Doc	Apache Tomcat 6.0.14	4540	Fri Jul 20 04:20:30 BST 2007	org.apache.tomcat.util.net.puretls

PureTLSSupport

• java.lang.Object

Fields Summary
static Log	logger
private COM.claymoresystems.ptls.SSLSocket	ssl

Constructors Summary
PureTLSSupport(COM.claymoresystems.ptls.SSLSocket sock) ssl=sock;

Methods Summary
public java.lang.String	getCipherSuite() int cs=ssl.getCipherSuite(); return SSLPolicyInt.getCipherSuiteName(cs);
public java.lang.Integer	getKeySize() Lookup the symmetric key size. int cs=ssl.getCipherSuite(); String cipherSuite = SSLPolicyInt.getCipherSuiteName(cs); int size = 0; for (int i = 0; i < ciphers.length; i++) { if (cipherSuite.indexOf(ciphers[i].phrase) >= 0) { size = ciphers[i].keySize; break; } } Integer keySize = new Integer(size); return keySize;
public java.lang.Object[]	getPeerCertificateChain() return getPeerCertificateChain(false);
public java.lang.Object[]	getPeerCertificateChain(boolean force) Vector v=ssl.getCertificateChain(); if(v == null && force) { SSLPolicyInt policy=new SSLPolicyInt(); policy.requireClientAuth(true); policy.handshakeOnConnect(false); policy.waitOnClose(false); ssl.renegotiate(policy); v = ssl.getCertificateChain(); } if(v==null) return null; java.security.cert.X509Certificate[] chain= new java.security.cert.X509Certificate[v.size()]; try { for(int i=1;i<=v.size();i++){ // PureTLS provides cert chains with the peer // cert last but the Servlet 2.3 spec (S 4.7) requires // the opposite order so we reverse the chain as we go byte buffer[]=((X509Cert)v.elementAt( v.size()-i)).getDER(); CertificateFactory cf = CertificateFactory.getInstance("X.509"); ByteArrayInputStream stream = new ByteArrayInputStream(buffer); X509Certificate xCert = (X509Certificate)cf.generateCertificate(stream); chain[i-1]= xCert; if(logger.isTraceEnabled()) { logger.trace("Cert # " + i + " = " + xCert); } } } catch (java.security.cert.CertificateException e) { logger.info("JDK's broken cert handling can't parse this certificate (which PureTLS likes)",e); throw new IOException("JDK's broken cert handling can't parse this certificate (which PureTLS likes)"); } return chain;
public java.lang.String	getSessionId() byte [] ssl_session = ssl.getSessionID(); if(ssl_session == null) return null; return HexUtils.convert(ssl_session);