-
Notifications
You must be signed in to change notification settings - Fork 103
Expand file tree
/
Copy pathSecureCacheResponse.java
More file actions
108 lines (101 loc) · 3.26 KB
/
SecureCacheResponse.java
File metadata and controls
108 lines (101 loc) · 3.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
/*
* Copyright (c) 2003, 2004, Oracle and/or its affiliates. All rights reserved.
* ORACLE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*/
package java.net;
import java.security.cert.Certificate;
import javax.net.ssl.SSLPeerUnverifiedException;
import java.security.Principal;
import java.util.List;
/**
* Represents a cache response originally retrieved through secure
* means, such as TLS.
*
* @since 1.5
*/
public abstract class SecureCacheResponse extends CacheResponse {
/**
* Returns the cipher suite in use on the original connection that
* retrieved the network resource.
*
* @return a string representing the cipher suite
*/
public abstract String getCipherSuite();
/**
* Returns the certificate chain that were sent to the server during
* handshaking of the original connection that retrieved the
* network resource. Note: This method is useful only
* when using certificate-based cipher suites.
*
* @return an immutable List of Certificate representing the
* certificate chain that was sent to the server. If no
* certificate chain was sent, null will be returned.
* @see #getLocalPrincipal()
*/
public abstract List<Certificate> getLocalCertificateChain();
/**
* Returns the server's certificate chain, which was established as
* part of defining the session in the original connection that
* retrieved the network resource, from cache. Note: This method
* can be used only when using certificate-based cipher suites;
* using it with non-certificate-based cipher suites, such as
* Kerberos, will throw an SSLPeerUnverifiedException.
*
* @return an immutable List of Certificate representing the server's
* certificate chain.
* @throws SSLPeerUnverifiedException if the peer is not verified.
* @see #getPeerPrincipal()
*/
public abstract List<Certificate> getServerCertificateChain()
throws SSLPeerUnverifiedException;
/**
* Returns the server's principal which was established as part of
* defining the session during the original connection that
* retrieved the network resource.
*
* @return the server's principal. Returns an X500Principal of the
* end-entity certiticate for X509-based cipher suites, and
* KerberosPrincipal for Kerberos cipher suites.
*
* @throws SSLPeerUnverifiedException if the peer was not verified.
*
* @see #getServerCertificateChain()
* @see #getLocalPrincipal()
*/
public abstract Principal getPeerPrincipal()
throws SSLPeerUnverifiedException;
/**
* Returns the principal that was sent to the server during
* handshaking in the original connection that retrieved the
* network resource.
*
* @return the principal sent to the server. Returns an X500Principal
* of the end-entity certificate for X509-based cipher suites, and
* KerberosPrincipal for Kerberos cipher suites. If no principal was
* sent, then null is returned.
*
* @see #getLocalCertificateChain()
* @see #getPeerPrincipal()
*/
public abstract Principal getLocalPrincipal();
}