JSSEProvider.java revision 6b811c5daec1b28e6f63b57f98a032236f2c3cf7 
1/*
2 *  Licensed to the Apache Software Foundation (ASF) under one or more
3 *  contributor license agreements.  See the NOTICE file distributed with
4 *  this work for additional information regarding copyright ownership.
5 *  The ASF licenses this file to You under the Apache License, Version 2.0
6 *  (the "License"); you may not use this file except in compliance with
7 *  the License.  You may obtain a copy of the License at
8 *
9 *     http://www.apache.org/licenses/LICENSE-2.0
10 *
11 *  Unless required by applicable law or agreed to in writing, software
12 *  distributed under the License is distributed on an "AS IS" BASIS,
13 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 *  See the License for the specific language governing permissions and
15 *  limitations under the License.
16 */
17
18package org.apache.harmony.xnet.provider.jsse;
19
20import java.security.AccessController;
21import java.security.PrivilegedAction;
22import java.security.Provider;
23
24/**
25 * JSSE Provider implementation.
26 *
27 * This implementation is based on TLS v 1.0 and SSL v3 protocol specifications.
28 *
29 * <ul>
30 * <li><a href="http://www.ietf.org/rfc/rfc2246.txt">TLS v 1.0 Protocol
31 * specification</a></li>
32 * <li><a href="http://wp.netscape.com/eng/ssl3">SSL v3 Protocol
33 * specification</a></li>
34 * </ul>
35 *
36 * Provider implementation supports the following  cipher suites:
37 *     TLS_NULL_WITH_NULL_NULL
38 *     TLS_RSA_WITH_NULL_MD5
39 *     TLS_RSA_WITH_NULL_SHA
40 *     TLS_RSA_EXPORT_WITH_RC4_40_MD5
41 *     TLS_RSA_WITH_RC4_128_MD5
42 *     TLS_RSA_WITH_RC4_128_SHA
43 *     TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
44 *     TLS_RSA_WITH_IDEA_CBC_SHA
45 *     TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
46 *     TLS_RSA_WITH_DES_CBC_SHA
47 *     TLS_RSA_WITH_3DES_EDE_CBC_SHA
48 *     TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
49 *     TLS_DH_DSS_WITH_DES_CBC_SHA
50 *     TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA
51 *     TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
52 *     TLS_DH_RSA_WITH_DES_CBC_SHA
53 *     TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
54 *     TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
55 *     TLS_DHE_DSS_WITH_DES_CBC_SHA
56 *     TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
57 *     TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
58 *     TLS_DHE_RSA_WITH_DES_CBC_SHA
59 *     TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
60 *     TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
61 *     TLS_DH_anon_WITH_RC4_128_MD5
62 *     TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
63 *     TLS_DH_anon_WITH_DES_CBC_SHA
64 *     TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
65 *
66 * The real set of available cipher suites depends on set of available
67 * crypto algorithms. These algorithms must be provided by some crypto
68 * provider.
69 *
70 * The following cipher algorithms are used by different cipher suites:
71 *     IDEA/CBC/NoPadding
72 *     RC2/CBC/NoPadding
73 *     RC4
74 *     DES/CBC/NoPadding
75 *     DES/CBC/NoPadding
76 *     DESede/CBC/NoPadding
77 *
78 * Also the current JSSE provider implementation uses the following
79 * crypto algorithms:
80 *
81 * Algorithms that MUST be provided by crypto provider:
82 *     Mac    HmacMD5
83 *     Mac    HmacSHA1
84 *     MessageDigest    MD5
85 *     MessageDigest    SHA-1
86 *     CertificateFactory    X509
87 *
88 * The cipher suites with RSA key exchange may also require:
89 *     Cipher    RSA
90 *     KeyPairGenerator    RSA
91 *     KeyFactory    RSA
92 *
93 * The cipher suites with DH key exchange may also require:
94 *     Signature    NONEwithDSA
95 *     KeyPairGenerator    DiffieHellman or DH
96 *     KeyFactory    DiffieHellman or DH
97 *     KeyAgreement    DiffieHellman or DH
98 *     KeyPairGenerator    DiffieHellman or DH
99 *
100 * Trust manager implementation requires:
101 *     CertPathValidator    PKIX
102 *     CertificateFactory    X509
103 *
104 */
105public final class JSSEProvider extends Provider {
106
107    private static final long serialVersionUID = 3075686092260669675L;
108
109    public JSSEProvider() {
110        super("HarmonyJSSE", 1.0, "Harmony JSSE Provider");
111        AccessController.doPrivileged(new PrivilegedAction<Void>() {
112            public Void run() {
113                put("SSLContext.TLS", SSLContextImpl.class.getName());
114                put("Alg.Alias.SSLContext.TLSv1", "TLS");
115                put("KeyManagerFactory.X509", KeyManagerFactoryImpl.class.getName());
116                put("TrustManagerFactory.X509", TrustManagerFactoryImpl.class.getName());
117                // BEGIN android-added
118                put("SSLContext.SSL", SSLContextImpl.class.getName());
119                put("Alg.Alias.SSLContext.SSLv3", "SSL");
120                put("MessageDigest.SHA-1", "org.apache.harmony.xnet.provider.jsse.OpenSSLMessageDigestJDK$SHA1");
121                put("Alg.Alias.MessageDigest.SHA1", "SHA-1");
122                put("Alg.Alias.MessageDigest.SHA", "SHA-1");
123                put("Alg.Alias.MessageDigest.1.3.14.3.2.26", "SHA-1");
124                put("MessageDigest.SHA-224", "org.apache.harmony.xnet.provider.jsse.OpenSSLMessageDigestJDK$SHA224");
125                put("Alg.Alias.MessageDigest.SHA224", "SHA-224");
126                put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.4", "SHA-224");
127                put("MessageDigest.SHA-256", "org.apache.harmony.xnet.provider.jsse.OpenSSLMessageDigestJDK$SHA256");
128                put("Alg.Alias.MessageDigest.SHA256", "SHA-256");
129                put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.1", "SHA-256");
130                put("MessageDigest.MD5", "org.apache.harmony.xnet.provider.jsse.OpenSSLMessageDigestJDK$MD5");
131                put("Alg.Alias.MessageDigest.1.2.840.113549.2.5", "MD5");
132                // END android-added
133                return null;
134            }
135        });
136    }
137}
138