Class TLSClientHelloExtractor

java.lang.Object

org.apache.tomcat.util.net.TLSClientHelloExtractor

public class TLSClientHelloExtractor
extends Object

This class extracts the SNI host name and ALPN protocols from a TLS client-hello message.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static enum	TLSClientHelloExtractor.ExtractorResult	Possible results of TLS ClientHello extraction.

Field Summary

Fields

Modifier and Type	Field	Description
static byte[]	USE_TLS_RESPONSE	HTTP response sent to clients that connect without TLS when TLS is required.

Constructor Summary

Constructors

Constructor	Description
TLSClientHelloExtractor(ByteBuffer netInBuffer)	Creates the instance of the parser and processes the provided buffer.

Method Summary

Modifier and Type	Method	Description
List<String>	getClientRequestedApplicationProtocols()	Returns the application-level protocols requested by the client.
List<String>	getClientRequestedCipherNames()	Returns the names of cipher suites requested by the client.
List<Cipher>	getClientRequestedCiphers()	Returns the list of cipher suites requested by the client.
List<String>	getClientRequestedProtocols()	Returns the transport protocols requested by the client.
List<SignatureScheme>	getClientSignatureSchemes()	Returns the signature schemes requested by the client.
List<Group>	getClientSupportedGroups()	Returns the key exchange groups supported by the client.
TLSClientHelloExtractor.ExtractorResult	getResult()	Returns the result of the TLS ClientHello extraction.
String	getSNIValue()	Returns the SNI value provided by the client.

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

USE_TLS_RESPONSE

public static byte[] USE_TLS_RESPONSE

HTTP response sent to clients that connect without TLS when TLS is required.

Constructor Details

TLSClientHelloExtractor

public TLSClientHelloExtractor(ByteBuffer netInBuffer)
                        throws IOException

Creates the instance of the parser and processes the provided buffer. The buffer position and limit will be modified during the execution of this method, but they will be returned to the original values before the method exits.

Parameters:

netInBuffer - The buffer containing the TLS data to process

Throws:

IOException - If the client hello message is malformed

Method Details

getResult

public TLSClientHelloExtractor.ExtractorResult getResult()

Returns the result of the TLS ClientHello extraction.

Returns:

the extraction result

getSNIValue

public String getSNIValue()

Returns the SNI value provided by the client.

Returns:

The SNI value provided by the client converted to lower case if not already lower case

getClientRequestedCiphers

public List<Cipher> getClientRequestedCiphers()

Returns the list of cipher suites requested by the client.

Returns:

the list of requested cipher suites

getClientRequestedCipherNames

public List<String> getClientRequestedCipherNames()

Returns the names of cipher suites requested by the client.

Returns:

the list of cipher suite names

getClientRequestedApplicationProtocols

public List<String> getClientRequestedApplicationProtocols()

Returns the application-level protocols requested by the client.

Returns:

the list of requested application protocols

getClientRequestedProtocols

public List<String> getClientRequestedProtocols()

Returns the transport protocols requested by the client.

Returns:

the list of requested protocols

getClientSupportedGroups

public List<Group> getClientSupportedGroups()

Returns the key exchange groups supported by the client.

Returns:

the list of supported groups

getClientSignatureSchemes

public List<SignatureScheme> getClientSignatureSchemes()

Returns the signature schemes requested by the client.

Returns:

the list of signature schemes