-
Handshake
-
tlsVersion: TlsVersion
-
cipherSuite: CipherSuite
-
peerCertificates: List<Certificate>
-
localCertificates: List<Certificate>
-
Handshake(TlsVersion, CipherSuite, List<Certificate>, List<Certificate>): void
-
get(SSLSession): Handshake
-
get(TlsVersion, CipherSuite, List<Certificate>, List<Certificate>): Handshake
-
tlsVersion(): TlsVersion
-
cipherSuite(): CipherSuite
-
peerCertificates(): List<Certificate>
-
peerPrincipal(): Principal
-
localCertificates(): List<Certificate>
-
localPrincipal(): Principal
-
equals(Object): boolean
-
hashCode(): int
-
/*
* Copyright (C) 2013 Square, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package okhttp3;
import java.io.IOException;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.List;
import javax.annotation.Nullable;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import okhttp3.internal.Util;
A record of a TLS handshake. For HTTPS clients, the client is local and the remote server
is its peer.
This value object describes a completed handshake. Use ConnectionSpec to set policy for new handshakes.
/**
* A record of a TLS handshake. For HTTPS clients, the client is <i>local</i> and the remote server
* is its <i>peer</i>.
*
* <p>This value object describes a completed handshake. Use {@link ConnectionSpec} to set policy
* for new handshakes.
*/
public final class Handshake {
private final TlsVersion tlsVersion;
private final CipherSuite cipherSuite;
private final List<Certificate> peerCertificates;
private final List<Certificate> localCertificates;
private Handshake(TlsVersion tlsVersion, CipherSuite cipherSuite,
List<Certificate> peerCertificates, List<Certificate> localCertificates) {
this.tlsVersion = tlsVersion;
this.cipherSuite = cipherSuite;
this.peerCertificates = peerCertificates;
this.localCertificates = localCertificates;
}
public static Handshake get(SSLSession session) throws IOException {
String cipherSuiteString = session.getCipherSuite();
if (cipherSuiteString == null) throw new IllegalStateException("cipherSuite == null");
if ("SSL_NULL_WITH_NULL_NULL".equals(cipherSuiteString)) {
throw new IOException("cipherSuite == SSL_NULL_WITH_NULL_NULL");
}
CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString);
String tlsVersionString = session.getProtocol();
if (tlsVersionString == null) throw new IllegalStateException("tlsVersion == null");
if ("NONE".equals(tlsVersionString)) throw new IOException("tlsVersion == NONE");
TlsVersion tlsVersion = TlsVersion.forJavaName(tlsVersionString);
Certificate[] peerCertificates;
try {
peerCertificates = session.getPeerCertificates();
} catch (SSLPeerUnverifiedException ignored) {
peerCertificates = null;
}
List<Certificate> peerCertificatesList = peerCertificates != null
? Util.immutableList(peerCertificates)
: Collections.<Certificate>emptyList();
Certificate[] localCertificates = session.getLocalCertificates();
List<Certificate> localCertificatesList = localCertificates != null
? Util.immutableList(localCertificates)
: Collections.<Certificate>emptyList();
return new Handshake(tlsVersion, cipherSuite, peerCertificatesList, localCertificatesList);
}
public static Handshake get(TlsVersion tlsVersion, CipherSuite cipherSuite,
List<Certificate> peerCertificates, List<Certificate> localCertificates) {
if (tlsVersion == null) throw new NullPointerException("tlsVersion == null");
if (cipherSuite == null) throw new NullPointerException("cipherSuite == null");
return new Handshake(tlsVersion, cipherSuite, Util.immutableList(peerCertificates),
Util.immutableList(localCertificates));
}
Returns the TLS version used for this connection. This value wasn't tracked prior to OkHttp 3.0. For responses cached by preceding versions this returns TlsVersion.SSL_3_0. /**
* Returns the TLS version used for this connection. This value wasn't tracked prior to OkHttp
* 3.0. For responses cached by preceding versions this returns {@link TlsVersion#SSL_3_0}.
*/
public TlsVersion tlsVersion() {
return tlsVersion;
}
Returns the cipher suite used for the connection. /** Returns the cipher suite used for the connection. */
public CipherSuite cipherSuite() {
return cipherSuite;
}
Returns a possibly-empty list of certificates that identify the remote peer. /** Returns a possibly-empty list of certificates that identify the remote peer. */
public List<Certificate> peerCertificates() {
return peerCertificates;
}
Returns the remote peer's principle, or null if that peer is anonymous. /** Returns the remote peer's principle, or null if that peer is anonymous. */
public @Nullable Principal peerPrincipal() {
return !peerCertificates.isEmpty()
? ((X509Certificate) peerCertificates.get(0)).getSubjectX500Principal()
: null;
}
Returns a possibly-empty list of certificates that identify this peer. /** Returns a possibly-empty list of certificates that identify this peer. */
public List<Certificate> localCertificates() {
return localCertificates;
}
Returns the local principle, or null if this peer is anonymous. /** Returns the local principle, or null if this peer is anonymous. */
public @Nullable Principal localPrincipal() {
return !localCertificates.isEmpty()
? ((X509Certificate) localCertificates.get(0)).getSubjectX500Principal()
: null;
}
@Override public boolean equals(@Nullable Object other) {
if (!(other instanceof Handshake)) return false;
Handshake that = (Handshake) other;
return tlsVersion.equals(that.tlsVersion)
&& cipherSuite.equals(that.cipherSuite)
&& peerCertificates.equals(that.peerCertificates)
&& localCertificates.equals(that.localCertificates);
}
@Override public int hashCode() {
int result = 17;
result = 31 * result + tlsVersion.hashCode();
result = 31 * result + cipherSuite.hashCode();
result = 31 * result + peerCertificates.hashCode();
result = 31 * result + localCertificates.hashCode();
return result;
}
}