1/* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18package javax.net.ssl; 19 20import java.io.IOException; 21import java.security.KeyManagementException; 22import java.security.SecureRandom; 23 24/** 25 * The <i>Service Provider Interface</i> (SPI) for the {@code SSLContext} class. 26 */ 27public abstract class SSLContextSpi { 28 29 /** 30 * Creates a new {@code SSLContextSpi} instance. 31 */ 32 public SSLContextSpi() { 33 } 34 35 /** 36 * Initializes this {@code SSLContext} instance. All of the arguments are 37 * optional, and the security providers will be searched for the required 38 * implementations of the needed algorithms. 39 * 40 * @param km 41 * the key sources or {@code null}. 42 * @param tm 43 * the trust decision sources or {@code null}. 44 * @param sr 45 * the randomness source or {@code null.} 46 * @throws KeyManagementException 47 * if initializing this instance fails. 48 */ 49 protected abstract void engineInit(KeyManager[] km, TrustManager[] tm, SecureRandom sr) 50 throws KeyManagementException; 51 52 /** 53 * Returns a socket factory for this instance. 54 * 55 * @return a socket factory for this instance. 56 */ 57 protected abstract SSLSocketFactory engineGetSocketFactory(); 58 59 /** 60 * Returns a server socket factory for this instance. 61 * 62 * @return a server socket factory for this instance. 63 */ 64 protected abstract SSLServerSocketFactory engineGetServerSocketFactory(); 65 66 /** 67 * Creates an {@code SSLEngine} instance from this context with the 68 * specified hostname and port. 69 * 70 * @param host 71 * the name of the host 72 * @param port 73 * the port 74 * @return an {@code SSLEngine} instance from this context. 75 * @throws UnsupportedOperationException 76 * if the provider does not support the operation. 77 */ 78 protected abstract SSLEngine engineCreateSSLEngine(String host, int port); 79 80 /** 81 * Creates an {@code SSLEngine} instance from this context. 82 * 83 * @return an {@code SSLEngine} instance from this context. 84 * @throws UnsupportedOperationException 85 * if the provider does not support the operation. 86 */ 87 protected abstract SSLEngine engineCreateSSLEngine(); 88 89 /** 90 * Returns the SSL session context that encapsulates the set of SSL sessions 91 * that can be used for the server side of the SSL handshake. 92 * 93 * @return the SSL server session context for this context or {@code null} 94 * if the underlying provider does not provide an implementation of 95 * the {@code SSLSessionContext} interface. 96 */ 97 protected abstract SSLSessionContext engineGetServerSessionContext(); 98 99 /** 100 * Returns the SSL session context that encapsulates the set of SSL sessions 101 * that can be used for the client side of the SSL handshake. 102 * 103 * @return the SSL client session context for this context or {@code null} 104 * if the underlying provider does not provide an implementation of 105 * the {@code SSLSessionContext} interface. 106 */ 107 protected abstract SSLSessionContext engineGetClientSessionContext(); 108 109 110 /** 111 * Returns a new SSLParameters instance that includes the default 112 * SSL handshake parameters values including cipher suites, 113 * protocols, and client authentication. 114 * 115 * <p>The default implementation returns an SSLParameters with values 116 * based an SSLSocket created from this instances SocketFactory. 117 * 118 * @since 1.6 119 */ 120 protected javax.net.ssl.SSLParameters engineGetDefaultSSLParameters() { 121 return createSSLParameters(false); 122 } 123 124 /** 125 * Returns a new SSLParameters instance that includes all 126 * supported cipher suites and protocols. 127 * 128 * <p>The default implementation returns an SSLParameters with values 129 * based an SSLSocket created from this instances SocketFactory. 130 * 131 * @since 1.6 132 */ 133 protected javax.net.ssl.SSLParameters engineGetSupportedSSLParameters() { 134 return createSSLParameters(true); 135 } 136 137 private javax.net.ssl.SSLParameters createSSLParameters(boolean supported) { 138 try { 139 SSLSocket s = (SSLSocket) engineGetSocketFactory().createSocket(); 140 javax.net.ssl.SSLParameters p = new javax.net.ssl.SSLParameters(); 141 String[] cipherSuites; 142 String[] protocols; 143 if (supported) { 144 cipherSuites = s.getSupportedCipherSuites(); 145 protocols = s.getSupportedProtocols(); 146 } else { 147 cipherSuites = s.getEnabledCipherSuites(); 148 protocols = s.getEnabledProtocols(); 149 } 150 p.setCipherSuites(cipherSuites); 151 p.setProtocols(protocols); 152 p.setNeedClientAuth(s.getNeedClientAuth()); 153 p.setWantClientAuth(s.getWantClientAuth()); 154 return p; 155 } catch (IOException e) { 156 /* 157 * SSLContext.getDefaultSSLParameters specifies to throw 158 * UnsupportedOperationException if there is a problem getting the 159 * parameters 160 */ 161 throw new UnsupportedOperationException("Could not access supported SSL parameters"); 162 } 163 } 164} 165