/*
 * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package javax.net.ssl;

import java.util.EventObject;
import java.security.cert.Certificate;
import java.security.Principal;
import java.security.cert.X509Certificate;

This event indicates that an SSL handshake completed on a given SSL connection. All of the core information about that handshake's result is captured through an "SSLSession" object. As a convenience, this event class provides direct access to some important session attributes.

The source of this event is the SSLSocket on which handshaking just completed.

Author:David Brownell
See Also:
Since:1.4
/** * This event indicates that an SSL handshake completed on a given * SSL connection. All of the core information about that handshake's * result is captured through an "SSLSession" object. As a convenience, * this event class provides direct access to some important session * attributes. * * <P> The source of this event is the SSLSocket on which handshaking * just completed. * * @see SSLSocket * @see HandshakeCompletedListener * @see SSLSession * * @since 1.4 * @author David Brownell */
public class HandshakeCompletedEvent extends EventObject { private static final long serialVersionUID = 7914963744257769778L; private transient SSLSession session;
Constructs a new HandshakeCompletedEvent.
Params:
  • sock – the SSLSocket acting as the source of the event
  • s – the SSLSession this event is associated with
/** * Constructs a new HandshakeCompletedEvent. * * @param sock the SSLSocket acting as the source of the event * @param s the SSLSession this event is associated with */
public HandshakeCompletedEvent(SSLSocket sock, SSLSession s) { super(sock); session = s; }
Returns the session that triggered this event.
Returns:the SSLSession for this handshake
/** * Returns the session that triggered this event. * * @return the <code>SSLSession</code> for this handshake */
public SSLSession getSession() { return session; }
Returns the cipher suite in use by the session which was produced by the handshake. (This is a convenience method for getting the ciphersuite from the SSLsession.)
Returns:the name of the cipher suite negotiated during this session.
/** * Returns the cipher suite in use by the session which was produced * by the handshake. (This is a convenience method for * getting the ciphersuite from the SSLsession.) * * @return the name of the cipher suite negotiated during this session. */
public String getCipherSuite() { return session.getCipherSuite(); }
Returns the certificate(s) that were sent to the peer during handshaking. Note: This method is useful only when using certificate-based cipher suites. When multiple certificates are available for use in a handshake, the implementation chooses what it considers the "best" certificate chain available, and transmits that to the other side. This method allows the caller to know which certificate chain was actually used.
See Also:
Returns:an ordered array of certificates, with the local certificate first followed by any certificate authorities. If no certificates were sent, then null is returned.
/** * Returns the certificate(s) that were sent to the peer during * handshaking. * Note: This method is useful only when using certificate-based * cipher suites. * * When multiple certificates are available for use in a * handshake, the implementation chooses what it considers the * "best" certificate chain available, and transmits that to * the other side. This method allows the caller to know * which certificate chain was actually used. * * @return an ordered array of certificates, with the local * certificate first followed by any * certificate authorities. If no certificates were sent, * then null is returned. * @see #getLocalPrincipal() */
public java.security.cert.Certificate [] getLocalCertificates() { return session.getLocalCertificates(); }
Returns the identity of the peer which was established as part of defining the session. Note: This method can be used only when using certificate-based cipher suites; using it with non-certificate-based cipher suites, such as Kerberos, will throw an SSLPeerUnverifiedException.

Note: The returned value may not be a valid certificate chain and should not be relied on for trust decisions.

Throws:
See Also:
Returns:an ordered array of the peer certificates, with the peer's own certificate first followed by any certificate authorities.
/** * Returns the identity of the peer which was established as part * of defining the session. * Note: This method can be used only when using certificate-based * cipher suites; using it with non-certificate-based cipher suites, * such as Kerberos, will throw an SSLPeerUnverifiedException. * <P> * Note: The returned value may not be a valid certificate chain * and should not be relied on for trust decisions. * * @return an ordered array of the peer certificates, * with the peer's own certificate first followed by * any certificate authorities. * @exception SSLPeerUnverifiedException if the peer is not verified. * @see #getPeerPrincipal() */
public java.security.cert.Certificate [] getPeerCertificates() throws SSLPeerUnverifiedException { return session.getPeerCertificates(); }
Returns the identity of the peer which was identified as part of defining the session. Note: This method can be used only when using certificate-based cipher suites; using it with non-certificate-based cipher suites, such as Kerberos, will throw an SSLPeerUnverifiedException.

Note: The returned value may not be a valid certificate chain and should not be relied on for trust decisions.

Note: this method exists for compatibility with previous releases. New applications should use getPeerCertificates instead.

Throws:
See Also:
Returns:an ordered array of peer X.509 certificates, with the peer's own certificate first followed by any certificate authorities. (The certificates are in the original JSSE X509Certificate format).
Deprecated:The getPeerCertificates() method that returns an array of java.security.cert.Certificate should be used instead.
/** * Returns the identity of the peer which was identified as part * of defining the session. * Note: This method can be used only when using certificate-based * cipher suites; using it with non-certificate-based cipher suites, * such as Kerberos, will throw an SSLPeerUnverifiedException. * <P> * Note: The returned value may not be a valid certificate chain * and should not be relied on for trust decisions. * * <p><em>Note: this method exists for compatibility with previous * releases. New applications should use * {@link #getPeerCertificates} instead.</em></p> * * @return an ordered array of peer X.509 certificates, * with the peer's own certificate first followed by any * certificate authorities. (The certificates are in * the original JSSE * {@link javax.security.cert.X509Certificate} format). * @exception SSLPeerUnverifiedException if the peer is not verified. * @see #getPeerPrincipal() * @deprecated The {@link #getPeerCertificates()} method that returns an * array of {@code java.security.cert.Certificate} should * be used instead. */
@Deprecated(since="9") public javax.security.cert.X509Certificate [] getPeerCertificateChain() throws SSLPeerUnverifiedException { return session.getPeerCertificateChain(); }
Returns the identity of the peer which was established as part of defining the session.
Throws:
See Also:
Returns:the peer's principal. Returns an X500Principal of the end-entity certiticate for X509-based cipher suites, and KerberosPrincipal for Kerberos cipher suites.
Since:1.5
/** * Returns the identity of the peer which was established as part of * defining the session. * * @return the peer's principal. Returns an X500Principal of the * end-entity certiticate for X509-based cipher suites, and * KerberosPrincipal for Kerberos cipher suites. * * @throws SSLPeerUnverifiedException if the peer's identity has not * been verified * * @see #getPeerCertificates() * @see #getLocalPrincipal() * * @since 1.5 */
public Principal getPeerPrincipal() throws SSLPeerUnverifiedException { Principal principal; try { principal = session.getPeerPrincipal(); } catch (AbstractMethodError e) { // if the provider does not support it, fallback to peer certs. // return the X500Principal of the end-entity cert. Certificate[] certs = getPeerCertificates(); principal = ((X509Certificate)certs[0]).getSubjectX500Principal(); } return principal; }
Returns the principal that was sent to the peer during handshaking.
See Also:
Returns:the principal sent to the peer. Returns an X500Principal of the end-entity certificate for X509-based cipher suites, and KerberosPrincipal for Kerberos cipher suites. If no principal was sent, then null is returned.
Since:1.5
/** * Returns the principal that was sent to the peer during handshaking. * * @return the principal sent to the peer. Returns an X500Principal * of the end-entity certificate for X509-based cipher suites, and * KerberosPrincipal for Kerberos cipher suites. If no principal was * sent, then null is returned. * * @see #getLocalCertificates() * @see #getPeerPrincipal() * * @since 1.5 */
public Principal getLocalPrincipal() { Principal principal; try { principal = session.getLocalPrincipal(); } catch (AbstractMethodError e) { principal = null; // if the provider does not support it, fallback to local certs. // return the X500Principal of the end-entity cert. Certificate[] certs = getLocalCertificates(); if (certs != null) { principal = ((X509Certificate)certs[0]).getSubjectX500Principal(); } } return principal; }
Returns the socket which is the source of this event. (This is a convenience function, to let applications write code without type casts.)
Returns:the socket on which the connection was made.
/** * Returns the socket which is the source of this event. * (This is a convenience function, to let applications * write code without type casts.) * * @return the socket on which the connection was made. */
public SSLSocket getSocket() { return (SSLSocket) getSource(); } }