1 /*
2  * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.  Oracle designates this
8  * particular file as subject to the "Classpath" exception as provided
9  * by Oracle in the LICENSE file that accompanied this code.
10  *
11  * This code is distributed in the hope that it will be useful, but WITHOUT
12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14  * version 2 for more details (a copy is included in the LICENSE file that
15  * accompanied this code).
16  *
17  * You should have received a copy of the GNU General Public License version
18  * 2 along with this work; if not, write to the Free Software Foundation,
19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20  *
21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22  * or visit www.oracle.com if you need additional information or have any
23  * questions.
24  */
25 
26 package javax.net.ssl;
27 
28 import java.util.List;
29 
30 /**
31  * Extends the <code>SSLSession</code> interface to support additional
32  * session attributes.
33  *
34  * @since 1.7
35  */
36 public abstract class ExtendedSSLSession implements SSLSession {
37     /**
38      * Obtains an array of supported signature algorithms that the local side
39      * is willing to use.
40      * <p>
41      * Note: this method is used to indicate to the peer which signature
42      * algorithms may be used for digital signatures in TLS 1.2. It is
43      * not meaningful for TLS versions prior to 1.2.
44      * <p>
45      * The signature algorithm name must be a standard Java Security
46      * name (such as "SHA1withRSA", "SHA256withECDSA", and so on).
47      * See Appendix A in the <a href=
48      * "{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#AppA">
49      * Java Cryptography Architecture API Specification &amp; Reference </a>
50      * for information about standard algorithm names.
51      * <p>
52      * Note: the local supported signature algorithms should conform to
53      * the algorithm constraints specified by
54      * {@link SSLParameters#getAlgorithmConstraints getAlgorithmConstraints()}
55      * method in <code>SSLParameters</code>.
56      *
57      * @return An array of supported signature algorithms, in descending
58      *     order of preference.  The return value is an empty array if
59      *     no signature algorithm is supported.
60      *
61      * @see SSLParameters#getAlgorithmConstraints
62      */
getLocalSupportedSignatureAlgorithms()63     public abstract String[] getLocalSupportedSignatureAlgorithms();
64 
65     /**
66      * Obtains an array of supported signature algorithms that the peer is
67      * able to use.
68      * <p>
69      * Note: this method is used to indicate to the local side which signature
70      * algorithms may be used for digital signatures in TLS 1.2. It is
71      * not meaningful for TLS versions prior to 1.2.
72      * <p>
73      * The signature algorithm name must be a standard Java Security
74      * name (such as "SHA1withRSA", "SHA256withECDSA", and so on).
75      * See Appendix A in the <a href=
76      * "{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#AppA">
77      * Java Cryptography Architecture API Specification &amp; Reference </a>
78      * for information about standard algorithm names.
79      *
80      * @return An array of supported signature algorithms, in descending
81      *     order of preference.  The return value is an empty array if
82      *     the peer has not sent the supported signature algorithms.
83      *
84      * @see X509KeyManager
85      * @see X509ExtendedKeyManager
86      */
getPeerSupportedSignatureAlgorithms()87     public abstract String[] getPeerSupportedSignatureAlgorithms();
88 
89     /**
90      * Obtains a {@link List} containing all {@link SNIServerName}s
91      * of the requested Server Name Indication (SNI) extension.
92      * <P>
93      * In server mode, unless the return {@link List} is empty,
94      * the server should use the requested server names to guide its
95      * selection of an appropriate authentication certificate, and/or
96      * other aspects of security policy.
97      * <P>
98      * In client mode, unless the return {@link List} is empty,
99      * the client should use the requested server names to guide its
100      * endpoint identification of the peer's identity, and/or
101      * other aspects of security policy.
102      *
103      * @return a non-null immutable list of {@link SNIServerName}s of the
104      *         requested server name indications. The returned list may be
105      *         empty if no server name indications were requested.
106      * @throws UnsupportedOperationException if the underlying provider
107      *         does not implement the operation
108      *
109      * @see SNIServerName
110      * @see X509ExtendedTrustManager
111      * @see X509ExtendedKeyManager
112      *
113      * @since 1.8
114      */
getRequestedServerNames()115     public List<SNIServerName> getRequestedServerNames() {
116         throw new UnsupportedOperationException();
117     }
118 }
119