1 /* 2 * Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package javax.net.ssl; 27 28 import java.security.*; 29 30 /** 31 * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) 32 * for the <code>SSLContext</code> class. 33 * 34 * <p> All the abstract methods in this class must be implemented by each 35 * cryptographic service provider who wishes to supply the implementation 36 * of a particular SSL context. 37 * 38 * @since 1.4 39 * @see SSLContext 40 */ 41 public abstract class SSLContextSpi { 42 /** 43 * Initializes this context. 44 * 45 * @param km the sources of authentication keys 46 * @param tm the sources of peer authentication trust decisions 47 * @param sr the source of randomness 48 * @throws KeyManagementException if this operation fails 49 * @see SSLContext#init(KeyManager [], TrustManager [], SecureRandom) 50 */ engineInit(KeyManager[] km, TrustManager[] tm, SecureRandom sr)51 protected abstract void engineInit(KeyManager[] km, TrustManager[] tm, 52 SecureRandom sr) throws KeyManagementException; 53 54 /** 55 * Returns a <code>SocketFactory</code> object for this 56 * context. 57 * 58 * @return the <code>SocketFactory</code> object 59 * @throws IllegalStateException if the SSLContextImpl requires 60 * initialization and the <code>engineInit()</code> 61 * has not been called 62 * @see javax.net.ssl.SSLContext#getSocketFactory() 63 */ engineGetSocketFactory()64 protected abstract SSLSocketFactory engineGetSocketFactory(); 65 66 /** 67 * Returns a <code>ServerSocketFactory</code> object for 68 * this context. 69 * 70 * @return the <code>ServerSocketFactory</code> object 71 * @throws IllegalStateException if the SSLContextImpl requires 72 * initialization and the <code>engineInit()</code> 73 * has not been called 74 * @see javax.net.ssl.SSLContext#getServerSocketFactory() 75 */ engineGetServerSocketFactory()76 protected abstract SSLServerSocketFactory engineGetServerSocketFactory(); 77 78 /** 79 * Creates a new <code>SSLEngine</code> using this context. 80 * <P> 81 * Applications using this factory method are providing no hints 82 * for an internal session reuse strategy. If hints are desired, 83 * {@link #engineCreateSSLEngine(String, int)} should be used 84 * instead. 85 * <P> 86 * Some cipher suites (such as Kerberos) require remote hostname 87 * information, in which case this factory method should not be used. 88 * 89 * @return the <code>SSLEngine</code> Object 90 * @throws IllegalStateException if the SSLContextImpl requires 91 * initialization and the <code>engineInit()</code> 92 * has not been called 93 * 94 * @see SSLContext#createSSLEngine() 95 * 96 * @since 1.5 97 */ engineCreateSSLEngine()98 protected abstract SSLEngine engineCreateSSLEngine(); 99 100 /** 101 * Creates a <code>SSLEngine</code> using this context. 102 * <P> 103 * Applications using this factory method are providing hints 104 * for an internal session reuse strategy. 105 * <P> 106 * Some cipher suites (such as Kerberos) require remote hostname 107 * information, in which case peerHost needs to be specified. 108 * 109 * @param host the non-authoritative name of the host 110 * @param port the non-authoritative port 111 * @return the <code>SSLEngine</code> Object 112 * @throws IllegalStateException if the SSLContextImpl requires 113 * initialization and the <code>engineInit()</code> 114 * has not been called 115 * 116 * @see SSLContext#createSSLEngine(String, int) 117 * 118 * @since 1.5 119 */ engineCreateSSLEngine(String host, int port)120 protected abstract SSLEngine engineCreateSSLEngine(String host, int port); 121 122 /** 123 * Returns a server <code>SSLSessionContext</code> object for 124 * this context. 125 * 126 * @return the <code>SSLSessionContext</code> object 127 * @see javax.net.ssl.SSLContext#getServerSessionContext() 128 */ engineGetServerSessionContext()129 protected abstract SSLSessionContext engineGetServerSessionContext(); 130 131 /** 132 * Returns a client <code>SSLSessionContext</code> object for 133 * this context. 134 * 135 * @return the <code>SSLSessionContext</code> object 136 * @see javax.net.ssl.SSLContext#getClientSessionContext() 137 */ engineGetClientSessionContext()138 protected abstract SSLSessionContext engineGetClientSessionContext(); 139 getDefaultSocket()140 private SSLSocket getDefaultSocket() { 141 try { 142 SSLSocketFactory factory = engineGetSocketFactory(); 143 return (SSLSocket)factory.createSocket(); 144 } catch (java.io.IOException e) { 145 throw new UnsupportedOperationException("Could not obtain parameters", e); 146 } 147 } 148 149 /** 150 * Returns a copy of the SSLParameters indicating the default 151 * settings for this SSL context. 152 * 153 * <p>The parameters will always have the ciphersuite and protocols 154 * arrays set to non-null values. 155 * 156 * <p>The default implementation obtains the parameters from an 157 * SSLSocket created by calling the 158 * {@linkplain javax.net.SocketFactory#createSocket 159 * SocketFactory.createSocket()} method of this context's SocketFactory. 160 * 161 * @return a copy of the SSLParameters object with the default settings 162 * @throws UnsupportedOperationException if the default SSL parameters 163 * could not be obtained. 164 * 165 * @since 1.6 166 */ engineGetDefaultSSLParameters()167 protected SSLParameters engineGetDefaultSSLParameters() { 168 SSLSocket socket = getDefaultSocket(); 169 return socket.getSSLParameters(); 170 } 171 172 /** 173 * Returns a copy of the SSLParameters indicating the maximum supported 174 * settings for this SSL context. 175 * 176 * <p>The parameters will always have the ciphersuite and protocols 177 * arrays set to non-null values. 178 * 179 * <p>The default implementation obtains the parameters from an 180 * SSLSocket created by calling the 181 * {@linkplain javax.net.SocketFactory#createSocket 182 * SocketFactory.createSocket()} method of this context's SocketFactory. 183 * 184 * @return a copy of the SSLParameters object with the maximum supported 185 * settings 186 * @throws UnsupportedOperationException if the supported SSL parameters 187 * could not be obtained. 188 * 189 * @since 1.6 190 */ engineGetSupportedSSLParameters()191 protected SSLParameters engineGetSupportedSSLParameters() { 192 SSLSocket socket = getDefaultSocket(); 193 SSLParameters params = new SSLParameters(); 194 params.setCipherSuites(socket.getSupportedCipherSuites()); 195 params.setProtocols(socket.getSupportedProtocols()); 196 return params; 197 } 198 199 } 200