src/java.base/share/classes/sun/security/ssl/X509KeyManagerImpl.java

Print this page 







 173     @Override
 174     public String[] getServerAliases(String keyType, Principal[] issuers) {
 175         return getAliases(keyType, issuers, CheckType.SERVER, null);
 176     }
 177 
 178     //
 179     // implementation private methods
 180     //
 181 
 182     // Gets algorithm constraints of the socket.
 183     private AlgorithmConstraints getAlgorithmConstraints(Socket socket) {
 184         if (socket != null && socket.isConnected() &&
 185                                         socket instanceof SSLSocket) {
 186 
 187             SSLSocket sslSocket = (SSLSocket)socket;
 188             SSLSession session = sslSocket.getHandshakeSession();
 189 
 190             if (session != null) {
 191                 ProtocolVersion protocolVersion =
 192                     ProtocolVersion.valueOf(session.getProtocol());
 193                 if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
 194                     String[] peerSupportedSignAlgs = null;
 195 
 196                     if (session instanceof ExtendedSSLSession) {
 197                         ExtendedSSLSession extSession =
 198                             (ExtendedSSLSession)session;
 199                         peerSupportedSignAlgs =
 200                             extSession.getPeerSupportedSignatureAlgorithms();
 201                     }
 202 
 203                     return new SSLAlgorithmConstraints(
 204                         sslSocket, peerSupportedSignAlgs, true);
 205                 }
 206             }
 207 
 208             return new SSLAlgorithmConstraints(sslSocket, true);
 209         }
 210 
 211         return new SSLAlgorithmConstraints((SSLSocket)null, true);
 212     }
 213 
 214     // Gets algorithm constraints of the engine.
 215     private AlgorithmConstraints getAlgorithmConstraints(SSLEngine engine) {
 216         if (engine != null) {
 217             SSLSession session = engine.getHandshakeSession();
 218             if (session != null) {
 219                 ProtocolVersion protocolVersion =
 220                     ProtocolVersion.valueOf(session.getProtocol());
 221                 if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
 222                     String[] peerSupportedSignAlgs = null;
 223 
 224                     if (session instanceof ExtendedSSLSession) {
 225                         ExtendedSSLSession extSession =
 226                             (ExtendedSSLSession)session;
 227                         peerSupportedSignAlgs =
 228                             extSession.getPeerSupportedSignatureAlgorithms();
 229                     }
 230 
 231                     return new SSLAlgorithmConstraints(
 232                         engine, peerSupportedSignAlgs, true);
 233                 }
 234             }
 235         }
 236 
 237         return new SSLAlgorithmConstraints(engine, true);
 238     }
 239 
 240     // we construct the alias we return to JSSE as seen in the code below
 241     // a unique id is included to allow us to reliably cache entries






 173     @Override
 174     public String[] getServerAliases(String keyType, Principal[] issuers) {
 175         return getAliases(keyType, issuers, CheckType.SERVER, null);
 176     }
 177 
 178     //
 179     // implementation private methods
 180     //
 181 
 182     // Gets algorithm constraints of the socket.
 183     private AlgorithmConstraints getAlgorithmConstraints(Socket socket) {
 184         if (socket != null && socket.isConnected() &&
 185                                         socket instanceof SSLSocket) {
 186 
 187             SSLSocket sslSocket = (SSLSocket)socket;
 188             SSLSession session = sslSocket.getHandshakeSession();
 189 
 190             if (session != null) {
 191                 ProtocolVersion protocolVersion =
 192                     ProtocolVersion.valueOf(session.getProtocol());
 193                 if (protocolVersion.useTLS12PlusSpec()) {
 194                     String[] peerSupportedSignAlgs = null;
 195 
 196                     if (session instanceof ExtendedSSLSession) {
 197                         ExtendedSSLSession extSession =
 198                             (ExtendedSSLSession)session;
 199                         peerSupportedSignAlgs =
 200                             extSession.getPeerSupportedSignatureAlgorithms();
 201                     }
 202 
 203                     return new SSLAlgorithmConstraints(
 204                         sslSocket, peerSupportedSignAlgs, true);
 205                 }
 206             }
 207 
 208             return new SSLAlgorithmConstraints(sslSocket, true);
 209         }
 210 
 211         return new SSLAlgorithmConstraints((SSLSocket)null, true);
 212     }
 213 
 214     // Gets algorithm constraints of the engine.
 215     private AlgorithmConstraints getAlgorithmConstraints(SSLEngine engine) {
 216         if (engine != null) {
 217             SSLSession session = engine.getHandshakeSession();
 218             if (session != null) {
 219                 ProtocolVersion protocolVersion =
 220                     ProtocolVersion.valueOf(session.getProtocol());
 221                 if (protocolVersion.useTLS12PlusSpec()) {
 222                     String[] peerSupportedSignAlgs = null;
 223 
 224                     if (session instanceof ExtendedSSLSession) {
 225                         ExtendedSSLSession extSession =
 226                             (ExtendedSSLSession)session;
 227                         peerSupportedSignAlgs =
 228                             extSession.getPeerSupportedSignatureAlgorithms();
 229                     }
 230 
 231                     return new SSLAlgorithmConstraints(
 232                         engine, peerSupportedSignAlgs, true);
 233                 }
 234             }
 235         }
 236 
 237         return new SSLAlgorithmConstraints(engine, true);
 238     }
 239 
 240     // we construct the alias we return to JSSE as seen in the code below
 241     // a unique id is included to allow us to reliably cache entries