160586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor/* 260586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * Copyright (C) 2010 The Android Open Source Project 360586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * 460586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * Licensed under the Apache License, Version 2.0 (the "License"); 560586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * you may not use this file except in compliance with the License. 660586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * You may obtain a copy of the License at 760586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * 860586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * http://www.apache.org/licenses/LICENSE-2.0 960586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * 1060586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * Unless required by applicable law or agreed to in writing, software 1160586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * distributed under the License is distributed on an "AS IS" BASIS, 1260586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1360586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * See the License for the specific language governing permissions and 1460586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * limitations under the License. 1560586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor */ 1660586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor 1760586f2ec65d16d185767fce4311d3ed0e9112acDan Egnorpackage android.net; 1860586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor 1960586f2ec65d16d185767fce4311d3ed0e9112acDan Egnorimport android.content.Context; 2060586f2ec65d16d185767fce4311d3ed0e9112acDan Egnorimport android.util.Log; 2160586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor 22d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamathimport com.android.org.conscrypt.ClientSessionContext; 2312e752225aa96888358294be0d725d499a1c9f03Kenny Rootimport com.android.org.conscrypt.FileClientSessionCache; 2412e752225aa96888358294be0d725d499a1c9f03Kenny Rootimport com.android.org.conscrypt.SSLClientSessionCache; 2512e752225aa96888358294be0d725d499a1c9f03Kenny Root 2660586f2ec65d16d185767fce4311d3ed0e9112acDan Egnorimport java.io.File; 2760586f2ec65d16d185767fce4311d3ed0e9112acDan Egnorimport java.io.IOException; 2860586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor 29d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamathimport javax.net.ssl.SSLContext; 30d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamathimport javax.net.ssl.SSLSessionContext; 31d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath 3260586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor/** 3360586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * File-based cache of established SSL sessions. When re-establishing a 3460586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * connection to the same server, using an SSL session cache can save some time, 3560586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * power, and bandwidth by skipping directly to an encrypted stream. 3660586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * This is a persistent cache which can span executions of the application. 3760586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * 3860586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * @see SSLCertificateSocketFactory 3960586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor */ 4060586f2ec65d16d185767fce4311d3ed0e9112acDan Egnorpublic final class SSLSessionCache { 4160586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor private static final String TAG = "SSLSessionCache"; 4260586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor /* package */ final SSLClientSessionCache mSessionCache; 4360586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor 4460586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor /** 45d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * Installs a {@link SSLSessionCache} on a {@link SSLContext}. The cache will 46d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * be used on all socket factories created by this context (including factories 47d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * created before this call). 48d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * 49d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * @param cache the cache instance to install, or {@code null} to uninstall any 50d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * existing cache. 51d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * @param context the context to install it on. 52d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * @throws IllegalArgumentException if the context does not support a session 53d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * cache. 54d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * 55d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * @hide candidate for public API 56d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath */ 57d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath public static void install(SSLSessionCache cache, SSLContext context) { 58d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath SSLSessionContext clientContext = context.getClientSessionContext(); 59d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath if (clientContext instanceof ClientSessionContext) { 60d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath ((ClientSessionContext) clientContext).setPersistentCache( 61d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath cache == null ? null : cache.mSessionCache); 62d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath } else { 63d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath throw new IllegalArgumentException("Incompatible SSLContext: " + context); 64d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath } 65d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath } 66d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath 67d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath /** 68d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * NOTE: This needs to be Object (and not SSLClientSessionCache) because apps 69d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * that build directly against the framework (and not the SDK) might not declare 70d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * a dependency on conscrypt. Javac will then has fail while resolving constructors. 71d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * 72d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath * @hide For unit test use only 73d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath */ 74d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath public SSLSessionCache(Object cache) { 75d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath mSessionCache = (SSLClientSessionCache) cache; 76d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath } 77d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath 78d6b37fdf6c24321a87566ad4053dad5daa3a844aNarayan Kamath /** 7960586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * Create a session cache using the specified directory. 8060586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * Individual session entries will be files within the directory. 8160586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * Multiple instances for the same directory share data internally. 8260586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * 8360586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * @param dir to store session files in (created if necessary) 8460586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * @throws IOException if the cache can't be opened 8560586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor */ 8660586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor public SSLSessionCache(File dir) throws IOException { 87fdf4bbf2d0514f8ad56ebbf06b8ebdeebe1da82bNarayan Kamath mSessionCache = FileClientSessionCache.usingDirectory(dir); 8860586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor } 8960586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor 9060586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor /** 9160586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * Create a session cache at the default location for this app. 9260586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * Multiple instances share data internally. 9360586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * 9460586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor * @param context for the application 9560586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor */ 9660586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor public SSLSessionCache(Context context) { 9760586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor File dir = context.getDir("sslcache", Context.MODE_PRIVATE); 9860586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor SSLClientSessionCache cache = null; 9960586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor try { 10060586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor cache = FileClientSessionCache.usingDirectory(dir); 10160586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor } catch (IOException e) { 10260586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor Log.w(TAG, "Unable to create SSL session cache in " + dir, e); 10360586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor } 10460586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor mSessionCache = cache; 10560586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor } 10660586f2ec65d16d185767fce4311d3ed0e9112acDan Egnor} 107