Provide a way to access the SSLSession of a websocket instance (#893)

 Provide a way to access the SSLSession of a websocket instance

Author: marci4

src/main/java/org/java_websocket/SSLSocketChannel.java

@@ -25,6 +25,7 @@
 
 package org.java_websocket;
 
+import org.java_websocket.interfaces.ISSLChannel;
 import org.java_websocket.util.ByteBufferUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -62,7 +63,7 @@
  *         <p>
  *         Permission for usage recieved at May 25, 2017 by Alex Karnezis
  */
-public class SSLSocketChannel implements WrappedByteChannel, ByteChannel {
+public class SSLSocketChannel implements WrappedByteChannel, ByteChannel, ISSLChannel {
 
 	/**
 	 * Logger instance
@@ -512,4 +513,9 @@ public boolean isOpen() {
 	public void close() throws IOException {
 		closeConnection();
 	}
+
+	@Override
+	public SSLEngine getSSLEngine() {
+		return engine;
+	}
 }

src/main/java/org/java_websocket/SSLSocketChannel2.java

@@ -24,6 +24,7 @@
  */
 package org.java_websocket;
 
+import org.java_websocket.interfaces.ISSLChannel;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -52,7 +53,7 @@
 /**
  * Implements the relevant portions of the SocketChannel interface with the SSLEngine wrapper.
  */
-public class SSLSocketChannel2 implements ByteChannel, WrappedByteChannel {
+public class SSLSocketChannel2 implements ByteChannel, WrappedByteChannel, ISSLChannel {
 
     /**
      * Logger instance
@@ -425,4 +426,8 @@ public boolean isBlocking() {
         return socketChannel.isBlocking();
     }
 
+    @Override
+    public SSLEngine getSSLEngine() {
+        return sslEngine;
+    }
 }

src/main/java/org/java_websocket/WebSocket.java

@@ -35,6 +35,8 @@
 import org.java_websocket.exceptions.WebsocketNotConnectedException;
 import org.java_websocket.framing.Framedata;
 
+import javax.net.ssl.SSLSession;
+
 public interface WebSocket {
 
 	/**
@@ -207,4 +209,19 @@ public interface WebSocket {
 	 * @since 1.3.7
 	 **/
 	<T> T getAttachment();
+
+	/**
+	 * Does this websocket use an encrypted (wss/ssl) or unencrypted (ws) connection
+	 * @return true, if the websocket does use wss and therefore has a SSLSession
+	 * @since 1.4.1
+	 */
+	boolean hasSSLSupport();
+
+	/**
+	 * Returns the ssl session of websocket, if ssl/wss is used for this instance.
+	 * @return the ssl session of this websocket instance
+	 * @throws IllegalArgumentException the underlying channel does not use ssl (use hasSSLSupport() to check)
+	 * @since 1.4.1
+	 */
+	SSLSession getSSLSession() throws IllegalArgumentException;
 }

src/main/java/org/java_websocket/WebSocketImpl.java

@@ -25,6 +25,7 @@
 
 package org.java_websocket;
 
+import org.java_websocket.interfaces.ISSLChannel;
 import org.java_websocket.drafts.Draft;
 import org.java_websocket.drafts.Draft_6455;
 import org.java_websocket.enums.*;
@@ -51,6 +52,8 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.net.ssl.SSLSession;
+
 /**
  * Represents one end (client or server) of a single WebSocketImpl connection.
  * Takes care of the "handshake" phase, then allows for easy sending of
@@ -820,6 +823,19 @@ public <T> T getAttachment() {
 		return (T) attachment;
 	}
 
+	@Override
+	public boolean hasSSLSupport() {
+		return channel instanceof ISSLChannel;
+	}
+
+	@Override
+	public SSLSession getSSLSession() {
+		if (!hasSSLSupport()) {
+			throw new IllegalArgumentException("This websocket uses ws instead of wss. No SSLSession available.");
+		}
+		return ((ISSLChannel) channel).getSSLEngine().getSession();
+	}
+
 	@Override
 	public <T> void setAttachment(T attachment) {
 		this.attachment = attachment;

src/main/java/org/java_websocket/client/WebSocketClient.java

@@ -44,9 +44,7 @@
 import java.util.concurrent.TimeUnit;
 
 import javax.net.SocketFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLException;
-import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.*;
 
 import org.java_websocket.AbstractWebSocket;
 import org.java_websocket.WebSocket;
@@ -888,6 +886,15 @@ public String getResourceDescriptor() {
 		return uri.getPath();
 	}
 
+	@Override
+	public boolean hasSSLSupport() {
+		return engine.hasSSLSupport();
+	}
+
+	@Override
+	public SSLSession getSSLSession() {
+		return engine.getSSLSession();
+	}
 
 	/**
 	 * Method to give some additional info for specific IOExceptions

src/main/java/org/java_websocket/interfaces/ISSLChannel.java

@@ -0,0 +1,43 @@
+/*
+ * Copyright (c) 2010-2019 Nathan Rajlich
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use,
+ * copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following
+ * conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ */
+
+package org.java_websocket.interfaces;
+
+import javax.net.ssl.SSLEngine;
+
+/**
+ * Interface which specifies all required methods a SSLSocketChannel has to make public.
+ *
+ * @since 1.4.1
+ */
+public interface ISSLChannel {
+
+    /**
+     * Get the ssl engine used for the de- and encryption of the communication.
+     * @return the ssl engine of this channel
+     */
+    SSLEngine getSSLEngine();
+}

src/main/java/org/java_websocket/interfaces/package-info.java

@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2010-2019 Nathan Rajlich
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use,
+ * copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following
+ * conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ */
+
+/**
+ * This package encapsulates all new interfaces.
+ */
+package org.java_websocket.interfaces;

src/test/java/org/java_websocket/issues/Issue764Test.java

@@ -32,6 +32,7 @@
 import org.java_websocket.handshake.ServerHandshake;
 import org.java_websocket.server.DefaultSSLWebSocketServerFactory;
 import org.java_websocket.server.WebSocketServer;
+import org.java_websocket.util.SSLContextUtil;
 import org.java_websocket.util.SocketUtil;
 import org.junit.Test;
 
@@ -76,24 +77,7 @@ public void onError(Exception ex) {
         };
         WebSocketServer server = new MyWebSocketServer(port, webSocket, countServerDownLatch);
 
-        // load up the key store
-        String STORETYPE = "JKS";
-        String KEYSTORE = String.format("src%1$stest%1$1sjava%1$1sorg%1$1sjava_websocket%1$1skeystore.jks", File.separator);
-        String STOREPASSWORD = "storepassword";
-        String KEYPASSWORD = "keypassword";
-
-        KeyStore ks = KeyStore.getInstance(STORETYPE);
-        File kf = new File(KEYSTORE);
-        ks.load(new FileInputStream(kf), STOREPASSWORD.toCharArray());
-
-        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
-        kmf.init(ks, KEYPASSWORD.toCharArray());
-        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
-        tmf.init(ks);
-
-        SSLContext sslContext = null;
-        sslContext = SSLContext.getInstance("TLS");
-        sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+        SSLContext sslContext = SSLContextUtil.getContext();
 
         server.setWebSocketFactory(new DefaultSSLWebSocketServerFactory(sslContext));
         webSocket.setSocketFactory(sslContext.getSocketFactory());

src/test/java/org/java_websocket/issues/Issue825Test.java

@@ -32,6 +32,7 @@
 import org.java_websocket.handshake.ServerHandshake;
 import org.java_websocket.server.DefaultSSLWebSocketServerFactory;
 import org.java_websocket.server.WebSocketServer;
+import org.java_websocket.util.SSLContextUtil;
 import org.java_websocket.util.SocketUtil;
 import org.junit.Test;
 
@@ -78,23 +79,7 @@ public void onError(Exception ex) {
         WebSocketServer server = new MyWebSocketServer(port, countServerDownLatch, countClientMessageLatch);
 
         // load up the key store
-        String STORETYPE = "JKS";
-        String KEYSTORE = String.format("src%1$stest%1$1sjava%1$1sorg%1$1sjava_websocket%1$1skeystore.jks", File.separator);
-        String STOREPASSWORD = "storepassword";
-        String KEYPASSWORD = "keypassword";
-
-        KeyStore ks = KeyStore.getInstance(STORETYPE);
-        File kf = new File(KEYSTORE);
-        ks.load(new FileInputStream(kf), STOREPASSWORD.toCharArray());
-
-        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
-        kmf.init(ks, KEYPASSWORD.toCharArray());
-        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
-        tmf.init(ks);
-
-        SSLContext sslContext = null;
-        sslContext = SSLContext.getInstance("TLS");
-        sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+        SSLContext sslContext = SSLContextUtil.getContext();
 
         server.setWebSocketFactory(new DefaultSSLWebSocketServerFactory(sslContext));
         webSocket.setSocketFactory(sslContext.getSocketFactory());