1/*
2 * Copyright (C) 2010 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package org.conscrypt;
18
19import java.io.IOException;
20import java.security.GeneralSecurityException;
21import java.security.KeyManagementException;
22import java.security.SecureRandom;
23import javax.net.ssl.KeyManager;
24import javax.net.ssl.SSLContextSpi;
25import javax.net.ssl.SSLEngine;
26import javax.net.ssl.SSLServerSocketFactory;
27import javax.net.ssl.SSLSocketFactory;
28import javax.net.ssl.TrustManager;
29
30/**
31 * OpenSSL-backed SSLContext service provider interface.
32 */
33public class OpenSSLContextImpl extends SSLContextSpi {
34
35  /**
36   * The default SSLContextImpl for use with SSLContext.getInstance("Default").
37   * Protected by the DefaultSSLContextImpl.class monitor.
38   */
39  private static DefaultSSLContextImpl DEFAULT_SSL_CONTEXT_IMPL;
40
41  /** Client session cache. */
42  private final ClientSessionContext clientSessionContext;
43
44  /** Server session cache. */
45  private final ServerSessionContext serverSessionContext;
46
47  protected SSLParametersImpl sslParameters;
48
49  public OpenSSLContextImpl() {
50      clientSessionContext = new ClientSessionContext();
51      serverSessionContext = new ServerSessionContext();
52  }
53
54  /**
55   * Constuctor for the DefaultSSLContextImpl.
56   * @param dummy is null, used to distinguish this case from the
57   * public OpenSSLContextImpl() constructor.
58   */
59  protected OpenSSLContextImpl(DefaultSSLContextImpl dummy)
60          throws GeneralSecurityException, IOException {
61      synchronized (DefaultSSLContextImpl.class) {
62          if (DEFAULT_SSL_CONTEXT_IMPL == null) {
63              clientSessionContext = new ClientSessionContext();
64              serverSessionContext = new ServerSessionContext();
65              DEFAULT_SSL_CONTEXT_IMPL = (DefaultSSLContextImpl)this;
66          } else {
67              clientSessionContext = DEFAULT_SSL_CONTEXT_IMPL.engineGetClientSessionContext();
68              serverSessionContext = DEFAULT_SSL_CONTEXT_IMPL.engineGetServerSessionContext();
69          }
70          sslParameters = new SSLParametersImpl(DEFAULT_SSL_CONTEXT_IMPL.getKeyManagers(),
71                                                DEFAULT_SSL_CONTEXT_IMPL.getTrustManagers(),
72                                                null,
73                                                clientSessionContext,
74                                                serverSessionContext);
75      }
76  }
77
78  /**
79   * Initializes this {@code SSLContext} instance. All of the arguments are
80   * optional, and the security providers will be searched for the required
81   * implementations of the needed algorithms.
82   *
83   * @param kms the key sources or {@code null}
84   * @param tms the trust decision sources or {@code null}
85   * @param sr the randomness source or {@code null}
86   * @throws KeyManagementException if initializing this instance fails
87   */
88  @Override
89  public void engineInit(KeyManager[] kms, TrustManager[] tms,
90          SecureRandom sr) throws KeyManagementException {
91      sslParameters = new SSLParametersImpl(kms, tms, sr,
92                                            clientSessionContext, serverSessionContext);
93  }
94
95  @Override
96  public SSLSocketFactory engineGetSocketFactory() {
97      if (sslParameters == null) {
98          throw new IllegalStateException("SSLContext is not initialized.");
99      }
100      return new OpenSSLSocketFactoryImpl(sslParameters);
101  }
102
103  @Override
104  public SSLServerSocketFactory engineGetServerSocketFactory() {
105      if (sslParameters == null) {
106          throw new IllegalStateException("SSLContext is not initialized.");
107      }
108      return new OpenSSLServerSocketFactoryImpl(sslParameters);
109  }
110
111  @Override
112  public SSLEngine engineCreateSSLEngine(String host, int port) {
113      if (sslParameters == null) {
114          throw new IllegalStateException("SSLContext is not initialized.");
115      }
116      SSLParametersImpl p = (SSLParametersImpl) sslParameters.clone();
117      p.setUseClientMode(false);
118      return new OpenSSLEngineImpl(host, port, p);
119  }
120
121  @Override
122  public SSLEngine engineCreateSSLEngine() {
123      if (sslParameters == null) {
124          throw new IllegalStateException("SSLContext is not initialized.");
125      }
126      SSLParametersImpl p = (SSLParametersImpl) sslParameters.clone();
127      p.setUseClientMode(false);
128      return new OpenSSLEngineImpl(p);
129  }
130
131  @Override
132  public ServerSessionContext engineGetServerSessionContext() {
133      return serverSessionContext;
134  }
135
136  @Override
137  public ClientSessionContext engineGetClientSessionContext() {
138      return clientSessionContext;
139  }
140}
141