173 @Override 174 public String[] getServerAliases(String keyType, Principal[] issuers) { 175 return getAliases(keyType, issuers, CheckType.SERVER, null); 176 } 177 178 // 179 // implementation private methods 180 // 181 182 // Gets algorithm constraints of the socket. 183 private AlgorithmConstraints getAlgorithmConstraints(Socket socket) { 184 if (socket != null && socket.isConnected() && 185 socket instanceof SSLSocket) { 186 187 SSLSocket sslSocket = (SSLSocket)socket; 188 SSLSession session = sslSocket.getHandshakeSession(); 189 190 if (session != null) { 191 ProtocolVersion protocolVersion = 192 ProtocolVersion.valueOf(session.getProtocol()); 193 if (protocolVersion.v >= ProtocolVersion.TLS12.v) { 194 String[] peerSupportedSignAlgs = null; 195 196 if (session instanceof ExtendedSSLSession) { 197 ExtendedSSLSession extSession = 198 (ExtendedSSLSession)session; 199 peerSupportedSignAlgs = 200 extSession.getPeerSupportedSignatureAlgorithms(); 201 } 202 203 return new SSLAlgorithmConstraints( 204 sslSocket, peerSupportedSignAlgs, true); 205 } 206 } 207 208 return new SSLAlgorithmConstraints(sslSocket, true); 209 } 210 211 return new SSLAlgorithmConstraints((SSLSocket)null, true); 212 } 213 214 // Gets algorithm constraints of the engine. 215 private AlgorithmConstraints getAlgorithmConstraints(SSLEngine engine) { 216 if (engine != null) { 217 SSLSession session = engine.getHandshakeSession(); 218 if (session != null) { 219 ProtocolVersion protocolVersion = 220 ProtocolVersion.valueOf(session.getProtocol()); 221 if (protocolVersion.v >= ProtocolVersion.TLS12.v) { 222 String[] peerSupportedSignAlgs = null; 223 224 if (session instanceof ExtendedSSLSession) { 225 ExtendedSSLSession extSession = 226 (ExtendedSSLSession)session; 227 peerSupportedSignAlgs = 228 extSession.getPeerSupportedSignatureAlgorithms(); 229 } 230 231 return new SSLAlgorithmConstraints( 232 engine, peerSupportedSignAlgs, true); 233 } 234 } 235 } 236 237 return new SSLAlgorithmConstraints(engine, true); 238 } 239 240 // we construct the alias we return to JSSE as seen in the code below 241 // a unique id is included to allow us to reliably cache entries | 173 @Override 174 public String[] getServerAliases(String keyType, Principal[] issuers) { 175 return getAliases(keyType, issuers, CheckType.SERVER, null); 176 } 177 178 // 179 // implementation private methods 180 // 181 182 // Gets algorithm constraints of the socket. 183 private AlgorithmConstraints getAlgorithmConstraints(Socket socket) { 184 if (socket != null && socket.isConnected() && 185 socket instanceof SSLSocket) { 186 187 SSLSocket sslSocket = (SSLSocket)socket; 188 SSLSession session = sslSocket.getHandshakeSession(); 189 190 if (session != null) { 191 ProtocolVersion protocolVersion = 192 ProtocolVersion.valueOf(session.getProtocol()); 193 if (protocolVersion.useTLS12PlusSpec()) { 194 String[] peerSupportedSignAlgs = null; 195 196 if (session instanceof ExtendedSSLSession) { 197 ExtendedSSLSession extSession = 198 (ExtendedSSLSession)session; 199 peerSupportedSignAlgs = 200 extSession.getPeerSupportedSignatureAlgorithms(); 201 } 202 203 return new SSLAlgorithmConstraints( 204 sslSocket, peerSupportedSignAlgs, true); 205 } 206 } 207 208 return new SSLAlgorithmConstraints(sslSocket, true); 209 } 210 211 return new SSLAlgorithmConstraints((SSLSocket)null, true); 212 } 213 214 // Gets algorithm constraints of the engine. 215 private AlgorithmConstraints getAlgorithmConstraints(SSLEngine engine) { 216 if (engine != null) { 217 SSLSession session = engine.getHandshakeSession(); 218 if (session != null) { 219 ProtocolVersion protocolVersion = 220 ProtocolVersion.valueOf(session.getProtocol()); 221 if (protocolVersion.useTLS12PlusSpec()) { 222 String[] peerSupportedSignAlgs = null; 223 224 if (session instanceof ExtendedSSLSession) { 225 ExtendedSSLSession extSession = 226 (ExtendedSSLSession)session; 227 peerSupportedSignAlgs = 228 extSession.getPeerSupportedSignatureAlgorithms(); 229 } 230 231 return new SSLAlgorithmConstraints( 232 engine, peerSupportedSignAlgs, true); 233 } 234 } 235 } 236 237 return new SSLAlgorithmConstraints(engine, true); 238 } 239 240 // we construct the alias we return to JSSE as seen in the code below 241 // a unique id is included to allow us to reliably cache entries |