1/* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package org.conscrypt; 18 19import java.io.IOException; 20import java.security.GeneralSecurityException; 21import java.security.KeyManagementException; 22import java.security.SecureRandom; 23import javax.net.ssl.KeyManager; 24import javax.net.ssl.SSLContextSpi; 25import javax.net.ssl.SSLEngine; 26import javax.net.ssl.SSLServerSocketFactory; 27import javax.net.ssl.SSLSocketFactory; 28import javax.net.ssl.TrustManager; 29 30/** 31 * OpenSSL-backed SSLContext service provider interface. 32 */ 33public class OpenSSLContextImpl extends SSLContextSpi { 34 35 /** 36 * The default SSLContextImpl for use with SSLContext.getInstance("Default"). 37 * Protected by the DefaultSSLContextImpl.class monitor. 38 */ 39 private static DefaultSSLContextImpl DEFAULT_SSL_CONTEXT_IMPL; 40 41 /** Client session cache. */ 42 private final ClientSessionContext clientSessionContext; 43 44 /** Server session cache. */ 45 private final ServerSessionContext serverSessionContext; 46 47 protected SSLParametersImpl sslParameters; 48 49 public OpenSSLContextImpl() { 50 clientSessionContext = new ClientSessionContext(); 51 serverSessionContext = new ServerSessionContext(); 52 } 53 54 /** 55 * Constuctor for the DefaultSSLContextImpl. 56 * @param dummy is null, used to distinguish this case from the 57 * public OpenSSLContextImpl() constructor. 58 */ 59 protected OpenSSLContextImpl(DefaultSSLContextImpl dummy) 60 throws GeneralSecurityException, IOException { 61 synchronized (DefaultSSLContextImpl.class) { 62 if (DEFAULT_SSL_CONTEXT_IMPL == null) { 63 clientSessionContext = new ClientSessionContext(); 64 serverSessionContext = new ServerSessionContext(); 65 DEFAULT_SSL_CONTEXT_IMPL = (DefaultSSLContextImpl)this; 66 } else { 67 clientSessionContext = DEFAULT_SSL_CONTEXT_IMPL.engineGetClientSessionContext(); 68 serverSessionContext = DEFAULT_SSL_CONTEXT_IMPL.engineGetServerSessionContext(); 69 } 70 sslParameters = new SSLParametersImpl(DEFAULT_SSL_CONTEXT_IMPL.getKeyManagers(), 71 DEFAULT_SSL_CONTEXT_IMPL.getTrustManagers(), 72 null, 73 clientSessionContext, 74 serverSessionContext); 75 } 76 } 77 78 /** 79 * Initializes this {@code SSLContext} instance. All of the arguments are 80 * optional, and the security providers will be searched for the required 81 * implementations of the needed algorithms. 82 * 83 * @param kms the key sources or {@code null} 84 * @param tms the trust decision sources or {@code null} 85 * @param sr the randomness source or {@code null} 86 * @throws KeyManagementException if initializing this instance fails 87 */ 88 @Override 89 public void engineInit(KeyManager[] kms, TrustManager[] tms, 90 SecureRandom sr) throws KeyManagementException { 91 sslParameters = new SSLParametersImpl(kms, tms, sr, 92 clientSessionContext, serverSessionContext); 93 } 94 95 @Override 96 public SSLSocketFactory engineGetSocketFactory() { 97 if (sslParameters == null) { 98 throw new IllegalStateException("SSLContext is not initialized."); 99 } 100 return new OpenSSLSocketFactoryImpl(sslParameters); 101 } 102 103 @Override 104 public SSLServerSocketFactory engineGetServerSocketFactory() { 105 if (sslParameters == null) { 106 throw new IllegalStateException("SSLContext is not initialized."); 107 } 108 return new OpenSSLServerSocketFactoryImpl(sslParameters); 109 } 110 111 @Override 112 public SSLEngine engineCreateSSLEngine(String host, int port) { 113 if (sslParameters == null) { 114 throw new IllegalStateException("SSLContext is not initialized."); 115 } 116 SSLParametersImpl p = (SSLParametersImpl) sslParameters.clone(); 117 p.setUseClientMode(false); 118 return new OpenSSLEngineImpl(host, port, p); 119 } 120 121 @Override 122 public SSLEngine engineCreateSSLEngine() { 123 if (sslParameters == null) { 124 throw new IllegalStateException("SSLContext is not initialized."); 125 } 126 SSLParametersImpl p = (SSLParametersImpl) sslParameters.clone(); 127 p.setUseClientMode(false); 128 return new OpenSSLEngineImpl(p); 129 } 130 131 @Override 132 public ServerSessionContext engineGetServerSessionContext() { 133 return serverSessionContext; 134 } 135 136 @Override 137 public ClientSessionContext engineGetClientSessionContext() { 138 return clientSessionContext; 139 } 140} 141