1 /* 2 * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 27 package sun.security.ssl; 28 29 import java.security.SecureRandom; 30 import javax.net.ssl.SSLProtocolException; 31 32 /** 33 * Encapsulates an SSL session ID. SSL Session IDs are not reused by 34 * servers during the lifetime of any sessions it created. Sessions may 35 * be used by many connections, either concurrently (for example, two 36 * connections to a web server at the same time) or sequentially (over as 37 * long a time period as is allowed by a given server). 38 * 39 * @author Satish Dharmaraj 40 * @author David Brownell 41 */ 42 final 43 class SessionId 44 { 45 static int MAX_LENGTH = 32; 46 private byte[] sessionId; // max 32 bytes 47 48 /** Constructs a new session ID ... perhaps for a rejoinable session */ 49 SessionId (boolean isRejoinable, SecureRandom generator) 50 { 51 if (isRejoinable) 52 // this will be unique, it's a timestamp plus much randomness 53 sessionId = new RandomCookie (generator).random_bytes; 54 else 55 sessionId = new byte [0]; 56 } 57 58 /** Constructs a session ID from a byte array (max size 32 bytes) */ 59 SessionId (byte[] sessionId) 60 { this.sessionId = sessionId; } 61 62 /** Returns the length of the ID, in bytes */ 63 int length () 64 { return sessionId.length; } 65 66 /** Returns the bytes in the ID. May be an empty array. */ 67 byte[] getId () 68 { 69 return sessionId.clone (); 70 } 71 72 /** Returns the ID as a string */ 73 @Override 74 public String toString () 75 { 76 int len = sessionId.length; 77 StringBuilder sb = new StringBuilder (10 + 2 * len); 78 79 sb.append("{"); 80 for (int i = 0; i < len; i++) { 81 sb.append(0x0ff & sessionId[i]); 82 if (i != (len - 1)) 83 sb.append (", "); 84 } 85 sb.append("}"); 86 return sb.toString (); 87 } 88 89 90 /** Returns a value which is the same for session IDs which are equal */ 91 @Override 92 public int hashCode () 93 { 94 int retval = 0; 95 96 for (int i = 0; i < sessionId.length; i++) 97 retval += sessionId [i]; 98 return retval; 99 } 100 101 /** Returns true if the parameter is the same session ID */ 102 @Override 103 public boolean equals (Object obj) 104 { 105 if (!(obj instanceof SessionId)) 106 return false; 107 108 SessionId s = (SessionId) obj; 109 byte[] b = s.getId (); 110 111 if (b.length != sessionId.length) 112 return false; 113 for (int i = 0; i < sessionId.length; i++) { 114 if (b [i] != sessionId [i]) 115 return false; 116 } 117 return true; 118 } 119 120 /** 121 * Checks the length of the session ID to make sure it sits within 122 * the range called out in the specification 123 */ 124 void checkLength(ProtocolVersion pv) throws SSLProtocolException { 125 // As of today all versions of TLS have a 32-byte maximum length. 126 // In the future we can do more here to support protocol versions 127 // that may have longer max lengths. 128 if (sessionId.length > MAX_LENGTH) { 129 throw new SSLProtocolException("Invalid session ID length (" + 130 sessionId.length + " bytes)"); 131 } 132 } 133 134 }