|
1 /* |
|
2 * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. Oracle designates this |
|
8 * particular file as subject to the "Classpath" exception as provided |
|
9 * by Oracle in the LICENSE file that accompanied this code. |
|
10 * |
|
11 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 * version 2 for more details (a copy is included in the LICENSE file that |
|
15 * accompanied this code). |
|
16 * |
|
17 * You should have received a copy of the GNU General Public License version |
|
18 * 2 along with this work; if not, write to the Free Software Foundation, |
|
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 * |
|
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
22 * or visit www.oracle.com if you need additional information or have any |
|
23 * questions. |
|
24 */ |
|
25 |
|
26 |
|
27 package sun.security.ssl; |
|
28 |
|
29 import java.security.SecureRandom; |
|
30 import javax.net.ssl.SSLProtocolException; |
|
31 |
|
32 /** |
|
33 * Encapsulates an SSL session ID. SSL Session IDs are not reused by |
|
34 * servers during the lifetime of any sessions it created. Sessions may |
|
35 * be used by many connections, either concurrently (for example, two |
|
36 * connections to a web server at the same time) or sequentially (over as |
|
37 * long a time period as is allowed by a given server). |
|
38 * |
|
39 * @author Satish Dharmaraj |
|
40 * @author David Brownell |
|
41 */ |
|
42 final |
|
43 class SessionId |
|
44 { |
|
45 static int MAX_LENGTH = 32; |
|
46 private byte[] sessionId; // max 32 bytes |
|
47 |
|
48 /** Constructs a new session ID ... perhaps for a rejoinable session */ |
|
49 SessionId (boolean isRejoinable, SecureRandom generator) |
|
50 { |
|
51 if (isRejoinable) |
|
52 // this will be unique, it's a timestamp plus much randomness |
|
53 sessionId = new RandomCookie (generator).random_bytes; |
|
54 else |
|
55 sessionId = new byte [0]; |
|
56 } |
|
57 |
|
58 /** Constructs a session ID from a byte array (max size 32 bytes) */ |
|
59 SessionId (byte[] sessionId) |
|
60 { this.sessionId = sessionId; } |
|
61 |
|
62 /** Returns the length of the ID, in bytes */ |
|
63 int length () |
|
64 { return sessionId.length; } |
|
65 |
|
66 /** Returns the bytes in the ID. May be an empty array. */ |
|
67 byte[] getId () |
|
68 { |
|
69 return sessionId.clone (); |
|
70 } |
|
71 |
|
72 /** Returns the ID as a string */ |
|
73 @Override |
|
74 public String toString () |
|
75 { |
|
76 int len = sessionId.length; |
|
77 StringBuilder sb = new StringBuilder (10 + 2 * len); |
|
78 |
|
79 sb.append("{"); |
|
80 for (int i = 0; i < len; i++) { |
|
81 sb.append(0x0ff & sessionId[i]); |
|
82 if (i != (len - 1)) |
|
83 sb.append (", "); |
|
84 } |
|
85 sb.append("}"); |
|
86 return sb.toString (); |
|
87 } |
|
88 |
|
89 |
|
90 /** Returns a value which is the same for session IDs which are equal */ |
|
91 @Override |
|
92 public int hashCode () |
|
93 { |
|
94 int retval = 0; |
|
95 |
|
96 for (int i = 0; i < sessionId.length; i++) |
|
97 retval += sessionId [i]; |
|
98 return retval; |
|
99 } |
|
100 |
|
101 /** Returns true if the parameter is the same session ID */ |
|
102 @Override |
|
103 public boolean equals (Object obj) |
|
104 { |
|
105 if (!(obj instanceof SessionId)) |
|
106 return false; |
|
107 |
|
108 SessionId s = (SessionId) obj; |
|
109 byte[] b = s.getId (); |
|
110 |
|
111 if (b.length != sessionId.length) |
|
112 return false; |
|
113 for (int i = 0; i < sessionId.length; i++) { |
|
114 if (b [i] != sessionId [i]) |
|
115 return false; |
|
116 } |
|
117 return true; |
|
118 } |
|
119 |
|
120 /** |
|
121 * Checks the length of the session ID to make sure it sits within |
|
122 * the range called out in the specification |
|
123 */ |
|
124 void checkLength(ProtocolVersion pv) throws SSLProtocolException { |
|
125 // As of today all versions of TLS have a 32-byte maximum length. |
|
126 // In the future we can do more here to support protocol versions |
|
127 // that may have longer max lengths. |
|
128 if (sessionId.length > MAX_LENGTH) { |
|
129 throw new SSLProtocolException("Invalid session ID length (" + |
|
130 sessionId.length + " bytes)"); |
|
131 } |
|
132 } |
|
133 |
|
134 } |