SessionId.java revision 12318:bee34b1dcbf1 
1/*
2 * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.  Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26
27package sun.security.ssl;
28
29import java.security.SecureRandom;
30import javax.net.ssl.SSLProtocolException;
31
32/**
33 * Encapsulates an SSL session ID.  SSL Session IDs are not reused by
34 * servers during the lifetime of any sessions it created.  Sessions may
35 * be used by many connections, either concurrently (for example, two
36 * connections to a web server at the same time) or sequentially (over as
37 * long a time period as is allowed by a given server).
38 *
39 * @author Satish Dharmaraj
40 * @author David Brownell
41 */
42final
43class SessionId
44{
45    static int MAX_LENGTH = 32;
46    private byte[] sessionId;          // max 32 bytes
47
48    /** Constructs a new session ID ... perhaps for a rejoinable session */
49    SessionId (boolean isRejoinable, SecureRandom generator)
50    {
51        if (isRejoinable)
52            // this will be unique, it's a timestamp plus much randomness
53            sessionId = new RandomCookie (generator).random_bytes;
54        else
55            sessionId = new byte [0];
56    }
57
58    /** Constructs a session ID from a byte array (max size 32 bytes) */
59    SessionId (byte[] sessionId)
60        { this.sessionId = sessionId; }
61
62    /** Returns the length of the ID, in bytes */
63    int length ()
64        { return sessionId.length; }
65
66    /** Returns the bytes in the ID.  May be an empty array.  */
67    byte[] getId ()
68    {
69        return sessionId.clone ();
70    }
71
72    /** Returns the ID as a string */
73    @Override
74    public String toString ()
75    {
76        int             len = sessionId.length;
77        StringBuilder    sb = new StringBuilder (10 + 2 * len);
78
79        sb.append("{");
80        for (int i = 0; i < len; i++) {
81            sb.append(0x0ff & sessionId[i]);
82            if (i != (len - 1))
83                sb.append (", ");
84        }
85        sb.append("}");
86        return sb.toString ();
87    }
88
89
90    /** Returns a value which is the same for session IDs which are equal */
91    @Override
92    public int hashCode ()
93    {
94        int     retval = 0;
95
96        for (int i = 0; i < sessionId.length; i++)
97            retval += sessionId [i];
98        return retval;
99    }
100
101    /** Returns true if the parameter is the same session ID */
102    @Override
103    public boolean equals (Object obj)
104    {
105        if (!(obj instanceof SessionId))
106            return false;
107
108        SessionId s = (SessionId) obj;
109        byte[] b = s.getId ();
110
111        if (b.length != sessionId.length)
112            return false;
113        for (int i = 0; i < sessionId.length; i++) {
114            if (b [i] != sessionId [i])
115                return false;
116        }
117        return true;
118    }
119
120    /**
121     * Checks the length of the session ID to make sure it sits within
122     * the range called out in the specification
123     */
124    void checkLength(ProtocolVersion pv) throws SSLProtocolException {
125        // As of today all versions of TLS have a 32-byte maximum length.
126        // In the future we can do more here to support protocol versions
127        // that may have longer max lengths.
128        if (sessionId.length > MAX_LENGTH) {
129            throw new SSLProtocolException("Invalid session ID length (" +
130                    sessionId.length + " bytes)");
131        }
132    }
133
134}
135