108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project/* 208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * Copyright (C) 2007 The Android Open Source Project 308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * 408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * Licensed under the Apache License, Version 2.0 (the "License"); 508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * you may not use this file except in compliance with the License. 608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * You may obtain a copy of the License at 708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * 808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * 1008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * Unless required by applicable law or agreed to in writing, software 1108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 1208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * See the License for the specific language governing permissions and 1408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * limitations under the License. 1508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project */ 1608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 17860d2707ce126ef8f66e3eac7ceeab6d24218cd8Kenny Rootpackage org.conscrypt; 1808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 1908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Projectimport java.io.IOException; 2008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Projectimport java.net.InetAddress; 2108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Projectimport java.net.Socket; 2208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 2308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project/** 2408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * OpenSSL-based implementation of server sockets. 25f0c622f8ceb1fa261b67e3b8654f58254a12729cBrian Carlstrom */ 2608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Projectpublic class OpenSSLServerSocketImpl extends javax.net.ssl.SSLServerSocket { 27cbbd49c29da3e87cb7775ba789a0211cba0b909fBrian Carlstrom private final SSLParametersImpl sslParameters; 28577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin private boolean channelIdEnabled; 2908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 30f2fa9706e3ef888af9c22c4894e0c05648a86362Elliott Hughes protected OpenSSLServerSocketImpl(SSLParametersImpl sslParameters) throws IOException { 3108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project this.sslParameters = sslParameters; 3208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 3308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 34cbbd49c29da3e87cb7775ba789a0211cba0b909fBrian Carlstrom protected OpenSSLServerSocketImpl(int port, SSLParametersImpl sslParameters) 3508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project throws IOException { 3608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project super(port); 3708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project this.sslParameters = sslParameters; 3808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 3908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 40cbbd49c29da3e87cb7775ba789a0211cba0b909fBrian Carlstrom protected OpenSSLServerSocketImpl(int port, int backlog, SSLParametersImpl sslParameters) 4108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project throws IOException { 4208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project super(port, backlog); 4308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project this.sslParameters = sslParameters; 4408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 4508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 4631e4294cb041d6f3914e5d1d8800e92aeb7ed523Brian Carlstrom protected OpenSSLServerSocketImpl(int port, 4731e4294cb041d6f3914e5d1d8800e92aeb7ed523Brian Carlstrom int backlog, 4831e4294cb041d6f3914e5d1d8800e92aeb7ed523Brian Carlstrom InetAddress iAddress, 49cbbd49c29da3e87cb7775ba789a0211cba0b909fBrian Carlstrom SSLParametersImpl sslParameters) 5008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project throws IOException { 5108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project super(port, backlog, iAddress); 5208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project this.sslParameters = sslParameters; 5308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 5408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 5508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 5608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public boolean getEnableSessionCreation() { 5708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project return sslParameters.getEnableSessionCreation(); 5808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 5908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 6008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 6108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public void setEnableSessionCreation(boolean flag) { 6208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project sslParameters.setEnableSessionCreation(flag); 6308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 6408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 6508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project /** 6608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * The names of the protocols' versions that may be used on this SSL 6708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * connection. 6808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * @return an array of protocols names 6908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project */ 7008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 7108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public String[] getSupportedProtocols() { 72f0c622f8ceb1fa261b67e3b8654f58254a12729cBrian Carlstrom return NativeCrypto.getSupportedProtocols(); 7308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 7408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 7508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project /** 7608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * The names of the protocols' versions that in use on this SSL connection. 77f0c622f8ceb1fa261b67e3b8654f58254a12729cBrian Carlstrom * 7808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * @return an array of protocols names 7908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project */ 8008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 8108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public String[] getEnabledProtocols() { 82ae2ecac00779167b0381c48da7c612567d1c646fAlex Klyubin return sslParameters.getEnabledProtocols(); 8308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 8408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 8508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project /** 8608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * This method enables the protocols' versions listed by 8708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * getSupportedProtocols(). 88f0c622f8ceb1fa261b67e3b8654f58254a12729cBrian Carlstrom * 8908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * @param protocols names of all the protocols to enable. 90f0c622f8ceb1fa261b67e3b8654f58254a12729cBrian Carlstrom * 9108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * @throws IllegalArgumentException when one or more of the names in the 9208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * array are not supported, or when the array is null. 9308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project */ 9408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 9508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public void setEnabledProtocols(String[] protocols) { 96ae2ecac00779167b0381c48da7c612567d1c646fAlex Klyubin sslParameters.setEnabledProtocols(protocols); 9708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 9808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 9908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 10008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public String[] getSupportedCipherSuites() { 101f0c622f8ceb1fa261b67e3b8654f58254a12729cBrian Carlstrom return NativeCrypto.getSupportedCipherSuites(); 10208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 10308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 10408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 10508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public String[] getEnabledCipherSuites() { 106ae2ecac00779167b0381c48da7c612567d1c646fAlex Klyubin return sslParameters.getEnabledCipherSuites(); 10708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 10808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 10908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project /** 110577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin * Enables/disables the TLS Channel ID extension for this server socket. 111577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin */ 112577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin public void setChannelIdEnabled(boolean enabled) { 113577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin channelIdEnabled = enabled; 114577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin } 115577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin 116577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin /** 117577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin * Checks whether the TLS Channel ID extension is enabled for this server socket. 118577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin */ 119577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin public boolean isChannelIdEnabled() { 120577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin return channelIdEnabled; 121577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin } 122577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin 123577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin /** 12408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * This method enables the cipher suites listed by 12508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * getSupportedCipherSuites(). 12608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * 12708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * @param suites the names of all the cipher suites to enable 12808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * @throws IllegalArgumentException when one or more of the ciphers in array 12908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project * suites are not supported, or when the array is null. 13008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project */ 13108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 13208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public void setEnabledCipherSuites(String[] suites) { 133ae2ecac00779167b0381c48da7c612567d1c646fAlex Klyubin sslParameters.setEnabledCipherSuites(suites); 13408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 13508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 13608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 13708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public boolean getWantClientAuth() { 13808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project return sslParameters.getWantClientAuth(); 13908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 14008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 14108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 14208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public void setWantClientAuth(boolean want) { 14308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project sslParameters.setWantClientAuth(want); 14408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 14508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 14608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 14708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public boolean getNeedClientAuth() { 14808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project return sslParameters.getNeedClientAuth(); 14908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 15008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 15108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 15208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public void setNeedClientAuth(boolean need) { 15308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project sslParameters.setNeedClientAuth(need); 15408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 15508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 15608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 15708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public void setUseClientMode(boolean mode) { 15808ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project sslParameters.setUseClientMode(mode); 15908ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 16008ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 16108ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 16208ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public boolean getUseClientMode() { 16308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project return sslParameters.getUseClientMode(); 16408ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project } 16508ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project 16608ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project @Override 16708ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project public Socket accept() throws IOException { 168ae2ecac00779167b0381c48da7c612567d1c646fAlex Klyubin OpenSSLSocketImpl socket = new OpenSSLSocketImpl(sslParameters); 169577e146ed2c9c9d166c4d30a495d95d4b171a7e8Alex Klyubin socket.setChannelIdEnabled(channelIdEnabled); 1709ad6792f005170fcc79ddc23b87f9d9a6e27046eBrian Carlstrom implAccept(socket); 1719ad6792f005170fcc79ddc23b87f9d9a6e27046eBrian Carlstrom return socket; 1729ad6792f005170fcc79ddc23b87f9d9a6e27046eBrian Carlstrom } 17308ecc8c0f00f1a7f2258c569187e36606ed73045The Android Open Source Project} 174