tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From craig...@locus.apache.org
Subject cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves CertificatesValve.java
Date Fri, 13 Oct 2000 20:16:29 GMT
craigmcc    00/10/13 13:16:27

  Modified:    catalina/src/share/org/apache/catalina/valves
                        CertificatesValve.java
  Log:
  Work around the lack of a JSSE call to ask for the key size.
  
  The cipher suite name is examined to detect cases where it contains a cipher
  name for which the key size is known.  If it is known, the corresponding key
  size is published.  Otherwise, a key size of zero is published.
  
  The underlying data for this mapping comes from the TLS Version 1.0
  Specification (RFC 2246), Appendix C.
  
  Revision  Changes    Path
  1.4       +58 -8     jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java
  
  Index: CertificatesValve.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- CertificatesValve.java	2000/10/13 19:27:35	1.3
  +++ CertificatesValve.java	2000/10/13 20:16:25	1.4
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java,v
1.3 2000/10/13 19:27:35 craigmcc Exp $
  - * $Revision: 1.3 $
  - * $Date: 2000/10/13 19:27:35 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java,v
1.4 2000/10/13 20:16:25 craigmcc Exp $
  + * $Revision: 1.4 $
  + * $Date: 2000/10/13 20:16:25 $
    *
    * ====================================================================
    *
  @@ -93,7 +93,7 @@
    * the amount of code that has to check for the existence of JSSE classes.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.3 $ $Date: 2000/10/13 19:27:35 $
  + * @version $Revision: 1.4 $ $Date: 2000/10/13 20:16:25 $
    */
   
   public final class CertificatesValve
  @@ -104,6 +104,23 @@
   
   
       /**
  +     * A mapping table to determine the number of effective bits in the key
  +     * when using a cipher suite containing the specified cipher name.  The
  +     * underlying data came from the TLS Specification (RFC 2246), Appendix C.
  +     */
  +    private static final CipherData ciphers[] = {
  +        new CipherData("_WITH_NULL_", 0),
  +        new CipherData("_WITH_IDEA_CBC_", 128),
  +        new CipherData("_WITH_RC2_CBC_40_", 40),
  +        new CipherData("_WITH_RC4_40_", 40),
  +        new CipherData("_WITH_RC4_128_", 128),
  +        new CipherData("_WITH_DES40_CBC_", 40),
  +        new CipherData("_WITH_DES_CBC_", 56),
  +        new CipherData("_WITH_3DES_EDE_CBC_", 168)
  +    };
  +
  +
  +    /**
        * The descriptive information related to this implementation.
        */
       private static final String info =
  @@ -184,13 +201,23 @@
   
           // Expose the cipher suite and key size
           String cipherSuite = session.getCipherSuite();
  -        int keySize = 0;      // FIXME - no way to look it up?????
  -        if (cipherSuite != null) {
  +        if (cipherSuite != null)
               request.getRequest().setAttribute(Globals.CIPHER_SUITE_ATTR,
                                                 cipherSuite);
  -            request.getRequest().setAttribute(Globals.KEY_SIZE_ATTR,
  -                                              new Integer(keySize));
  +        Integer keySize = (Integer) session.getValue(Globals.KEY_SIZE_ATTR);
  +        if (keySize == null) {
  +            int size = 0;
  +            for (int i = 0; i < ciphers.length; i++) {
  +                if (cipherSuite.indexOf(ciphers[i].phrase) >= 0) {
  +                    size = ciphers[i].keySize;
  +                    break;
  +                }
  +            }
  +            keySize = new Integer(size);
  +            session.putValue(Globals.KEY_SIZE_ATTR, keySize);
           }
  +        request.getRequest().setAttribute(Globals.KEY_SIZE_ATTR,
  +                                          keySize);
   
   	// If we have cached certificates, return them
   	Object cached = session.getValue(Globals.CERTIFICATES_ATTR);
  @@ -231,5 +258,28 @@
   
       }
   
  +
  +}
  +
  +
  +// ------------------------------------------------------------ Private Classes
  +
  +
  +/**
  + * Simple data class that represents the cipher being used, along with the
  + * corresponding effective key size.  The specified phrase must appear in the
  + * name of the cipher suite to be recognized.
  + */
  +
  +final class CipherData {
  +
  +    String phrase = null;
  +
  +    int keySize = 0;
  +
  +    public CipherData(String phrase, int keySize) {
  +        this.phrase = phrase;
  +        this.keySize = keySize;
  +    }
   
   }
  
  
  

Mime
View raw message