1 /*
2 * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26
27 package sun.security.ssl;
28
29 import java.security.SecureRandom;
30 import java.util.Arrays;
31 import javax.net.ssl.SSLProtocolException;
32
33 /**
34 * Encapsulates an SSL session ID. SSL Session IDs are not reused by
35 * servers during the lifetime of any sessions it created. Sessions may
36 * be used by many connections, either concurrently (for example, two
37 * connections to a web server at the same time) or sequentially (over as
38 * long a time period as is allowed by a given server).
39 *
40 * @author Satish Dharmaraj
41 * @author David Brownell
42 */
43 final
44 class SessionId
45 {
46 static int MAX_LENGTH = 32;
47 private byte[] sessionId; // max 32 bytes
48
49 /** Constructs a new session ID ... perhaps for a rejoinable session */
50 SessionId (boolean isRejoinable, SecureRandom generator)
51 {
52 if (isRejoinable)
53 // this will be unique, it's a timestamp plus much randomness
54 sessionId = new RandomCookie (generator).random_bytes;
55 else
56 sessionId = new byte [0];
57 }
58
59 /** Constructs a session ID from a byte array (max size 32 bytes) */
60 SessionId (byte[] sessionId)
61 { this.sessionId = sessionId; }
62
63 /** Returns the length of the ID, in bytes */
64 int length ()
65 { return sessionId.length; }
66
67 /** Returns the bytes in the ID. May be an empty array. */
68 byte[] getId ()
69 {
70 return sessionId.clone ();
71 }
72
73 /** Returns the ID as a string */
74 @Override
75 public String toString ()
76 {
77 int len = sessionId.length;
78 StringBuilder sb = new StringBuilder (10 + 2 * len);
79
80 sb.append("{");
81 for (int i = 0; i < len; i++) {
82 sb.append(0x0ff & sessionId[i]);
83 if (i != (len - 1))
84 sb.append (", ");
85 }
86 sb.append("}");
87 return sb.toString ();
88 }
89
90
91 /** Returns a value which is the same for session IDs which are equal */
92 @Override
93 public int hashCode ()
94 {
95 return Arrays.hashCode(sessionId);
96 }
97
98 /** Returns true if the parameter is the same session ID */
99 @Override
100 public boolean equals (Object obj)
101 {
102 return obj instanceof SessionId &&
103 Arrays.equals(sessionId, ((SessionId)obj).sessionId);
104 }
105
106 /**
107 * Checks the length of the session ID to make sure it sits within
108 * the range called out in the specification
109 */
110 void checkLength(ProtocolVersion pv) throws SSLProtocolException {
111 // As of today all versions of TLS have a 32-byte maximum length.
112 // In the future we can do more here to support protocol versions
113 // that may have longer max lengths.
114 if (sessionId.length > MAX_LENGTH) {
115 throw new SSLProtocolException("Invalid session ID length (" +
116 sessionId.length + " bytes)");
117 }
118 }
119
120 }