1587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root/* 2587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * Copyright 2014 The Android Open Source Project 3587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * 4587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * Licensed under the Apache License, Version 2.0 (the "License"); 5587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * you may not use this file except in compliance with the License. 6587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * You may obtain a copy of the License at 7587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * 8587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * http://www.apache.org/licenses/LICENSE-2.0 9587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * 10587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * Unless required by applicable law or agreed to in writing, software 11587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * distributed under the License is distributed on an "AS IS" BASIS, 12587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * See the License for the specific language governing permissions and 14587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * limitations under the License. 15587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 16587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 17587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootpackage org.conscrypt; 18587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 19587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.io.FileDescriptor; 20587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.lang.reflect.Field; 21587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.lang.reflect.Method; 22587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.net.InetAddress; 2399bb3908434214ff7fb41e053158df69ad3bb963Kenny Rootimport java.net.InetSocketAddress; 24587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.net.Socket; 25587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.net.SocketException; 26587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.security.InvalidKeyException; 27d31ede7ba14b019d6a017f3585866a65891d1710Kenny Rootimport java.security.NoSuchAlgorithmException; 28587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.security.PrivateKey; 29587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.security.cert.CertificateException; 30587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.security.cert.X509Certificate; 31587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.security.spec.AlgorithmParameterSpec; 32587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport java.security.spec.ECParameterSpec; 335012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Rootimport java.util.Collections; 345012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Rootimport java.util.List; 35587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport javax.crypto.spec.GCMParameterSpec; 365012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Rootimport javax.net.ssl.SNIHostName; 375012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Rootimport javax.net.ssl.SNIServerName; 38587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport javax.net.ssl.SSLEngine; 39587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport javax.net.ssl.SSLParameters; 40ce18fe693803e95ab627929b8e69d3362340dd06Kenny Rootimport javax.net.ssl.SSLSession; 41587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport javax.net.ssl.SSLSocketFactory; 425012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Rootimport javax.net.ssl.StandardConstants; 4350dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Rootimport javax.net.ssl.X509ExtendedTrustManager; 44587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootimport javax.net.ssl.X509TrustManager; 45d31ede7ba14b019d6a017f3585866a65891d1710Kenny Rootimport sun.security.x509.AlgorithmId; 46587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 47587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root/** 48587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * 49587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 50587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Rootpublic class Platform { 51587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root private static final String TAG = "Conscrypt"; 52587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 53587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root private static Method m_getCurveName; 54587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root static { 55587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root try { 56587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root m_getCurveName = ECParameterSpec.class.getDeclaredMethod("getCurveName"); 57587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root m_getCurveName.setAccessible(true); 58587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } catch (Exception ignored) { 59587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 60587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 61587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 62587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static void setup() { 63587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 64587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 65587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static FileDescriptor getFileDescriptor(Socket s) { 66587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root try { 67587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root Field f_impl = Socket.class.getDeclaredField("impl"); 68587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root f_impl.setAccessible(true); 69587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root Object socketImpl = f_impl.get(s); 70587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root Class<?> c_socketImpl = Class.forName("java.net.SocketImpl"); 71587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root Field f_fd = c_socketImpl.getDeclaredField("fd"); 72587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root f_fd.setAccessible(true); 73587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return (FileDescriptor) f_fd.get(socketImpl); 74587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } catch (Exception e) { 75587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root throw new RuntimeException("Can't get FileDescriptor from socket", e); 76587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 77587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 78587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 79587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static FileDescriptor getFileDescriptorFromSSLSocket(OpenSSLSocketImpl openSSLSocketImpl) { 80587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return getFileDescriptor(openSSLSocketImpl); 81587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 82587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 83587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static String getCurveName(ECParameterSpec spec) { 84587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root if (m_getCurveName == null) { 85587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return null; 86587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 87587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root try { 88587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return (String) m_getCurveName.invoke(spec); 89587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } catch (Exception e) { 90587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return null; 91587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 92587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 93587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 94587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static void setCurveName(ECParameterSpec spec, String curveName) { 95587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root // This doesn't appear to be needed. 96587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 97587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 98587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root /* 99587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * Call Os.setsockoptTimeval via reflection. 100587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 101587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static void setSocketWriteTimeout(Socket s, long timeoutMillis) throws SocketException { 102587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root // TODO: figure this out on the RI 103587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 104587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 1055012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root public static void setSSLParameters(SSLParameters params, SSLParametersImpl impl, 1065012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root OpenSSLSocketImpl socket) { 1075012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root impl.setEndpointIdentificationAlgorithm(params.getEndpointIdentificationAlgorithm()); 108254bb0f165dc3efd9bf103ddb3e85d083c86a154Kenny Root impl.setUseCipherSuitesOrder(params.getUseCipherSuitesOrder()); 1095012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root List<SNIServerName> serverNames = params.getServerNames(); 1105012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root if (serverNames != null) { 1115012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root for (SNIServerName serverName : serverNames) { 1125012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root if (serverName.getType() == StandardConstants.SNI_HOST_NAME) { 1135012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root socket.setHostname(((SNIHostName) serverName).getAsciiName()); 1145012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root break; 1155012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root } 1165012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root } 1175012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root } 1185012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root } 1195012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root 1205012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root public static void getSSLParameters(SSLParameters params, SSLParametersImpl impl, 1215012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root OpenSSLSocketImpl socket) { 1225012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root params.setEndpointIdentificationAlgorithm(impl.getEndpointIdentificationAlgorithm()); 123254bb0f165dc3efd9bf103ddb3e85d083c86a154Kenny Root params.setUseCipherSuitesOrder(impl.getUseCipherSuitesOrder()); 1245012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root if (impl.getUseSni() && AddressUtils.isValidSniHostname(socket.getHostname())) { 1255012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root params.setServerNames(Collections.<SNIServerName> singletonList( 1265012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root new SNIHostName(socket.getHostname()))); 1275012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root } 1285012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root } 1295012f2dc5bf0a28a47cf9b01bd1a63c1ebdc232fKenny Root 130587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root /** 131587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * Tries to return a Class reference of one of the supplied class names. 132587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 133587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root private static Class<?> getClass(String... klasses) { 134587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root for (String klass : klasses) { 135587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root try { 136587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return Class.forName(klass); 137587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } catch (Exception ignored) { 138587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 139587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 140587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return null; 141587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 142587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 143587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static void setEndpointIdentificationAlgorithm(SSLParameters params, 144587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root String endpointIdentificationAlgorithm) { 14550dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root params.setEndpointIdentificationAlgorithm(endpointIdentificationAlgorithm); 146587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 147587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 148587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static String getEndpointIdentificationAlgorithm(SSLParameters params) { 14950dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root return params.getEndpointIdentificationAlgorithm(); 15050dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root } 15150dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root 15250dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root public static void checkClientTrusted(X509TrustManager tm, X509Certificate[] chain, 15350dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root String authType, OpenSSLSocketImpl socket) throws CertificateException { 15450dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root if (tm instanceof X509ExtendedTrustManager) { 15550dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root X509ExtendedTrustManager x509etm = (X509ExtendedTrustManager) tm; 15650dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root x509etm.checkClientTrusted(chain, authType, socket); 15750dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root } else { 15850dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root tm.checkClientTrusted(chain, authType); 15950dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root } 160587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 161587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 16250dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root public static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, 16350dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root String authType, OpenSSLSocketImpl socket) throws CertificateException { 16450dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root if (tm instanceof X509ExtendedTrustManager) { 16550dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root X509ExtendedTrustManager x509etm = (X509ExtendedTrustManager) tm; 16650dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root x509etm.checkServerTrusted(chain, authType, socket); 16750dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root } else { 16850dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root tm.checkServerTrusted(chain, authType); 16950dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root } 17050dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root } 17150dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root 17250dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root public static void checkClientTrusted(X509TrustManager tm, X509Certificate[] chain, 17350dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root String authType, OpenSSLEngineImpl engine) throws CertificateException { 17450dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root if (tm instanceof X509ExtendedTrustManager) { 17550dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root X509ExtendedTrustManager x509etm = (X509ExtendedTrustManager) tm; 17650dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root x509etm.checkClientTrusted(chain, authType, engine); 17750dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root } else { 17850dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root tm.checkClientTrusted(chain, authType); 17950dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root } 18050dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root } 18150dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root 18250dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root public static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, 18350dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root String authType, OpenSSLEngineImpl engine) throws CertificateException { 18450dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root if (tm instanceof X509ExtendedTrustManager) { 18550dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root X509ExtendedTrustManager x509etm = (X509ExtendedTrustManager) tm; 18650dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root x509etm.checkServerTrusted(chain, authType, engine); 18750dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root } else { 18850dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root tm.checkServerTrusted(chain, authType); 18950dcd032dd00774cd5ab5a64a6e173b361d95024Kenny Root } 190587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 191587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 192587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root /** 193587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * Wraps an old AndroidOpenSSL key instance. This is not needed on RI. 194587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 195587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static OpenSSLKey wrapRsaKey(PrivateKey javaKey) { 196587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return null; 197587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 198587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 199587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root /** 200587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * Logs to the system EventLog system. 201587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 202587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static void logEvent(String message) { 203587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 204587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 205587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root /** 206587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * Returns true if the supplied hostname is an literal IP address. 207587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 208587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static boolean isLiteralIpAddress(String hostname) { 209587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root // TODO: any RI API to make this better? 210587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return AddressUtils.isLiteralIpAddress(hostname); 211587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 212587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 213587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root /** 214587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * For unbundled versions, SNI is always enabled by default. 215587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 216587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static boolean isSniEnabledByDefault() { 217587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return true; 218587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 219587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 220587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root /** 221587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * Currently we don't wrap anything from the RI. 222587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 223587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static SSLSocketFactory wrapSocketFactoryIfNeeded(OpenSSLSocketFactoryImpl factory) { 224587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return factory; 225587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 226587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 227587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root /** 228587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * Convert from platform's GCMParameterSpec to our internal version. 229587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 230587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static GCMParameters fromGCMParameterSpec(AlgorithmParameterSpec params) { 231587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root if (params instanceof GCMParameterSpec) { 232587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root GCMParameterSpec gcmParams = (GCMParameterSpec) params; 233587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return new GCMParameters(gcmParams.getTLen(), gcmParams.getIV()); 234587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 235587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return null; 236587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 237587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 238587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root /** 239587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * Creates a platform version of {@code GCMParameterSpec}. 240587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 241587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static AlgorithmParameterSpec toGCMParameterSpec(int tagLenInBits, byte[] iv) { 242587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return new GCMParameterSpec(tagLenInBits, iv); 243587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 244587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 245587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root /* 246587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * CloseGuard functions. 247587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 248587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 249587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static Object closeGuardGet() { 250587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root return null; 251587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 252587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 253587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static void closeGuardOpen(Object guardObj, String message) { 254587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 255587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 256587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static void closeGuardClose(Object guardObj) { 257587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 258587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 259587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static void closeGuardWarnIfOpen(Object guardObj) { 260587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 261587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 262587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root /* 263587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root * BlockGuard functions. 264587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root */ 265587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root 266587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root public static void blockGuardOnNetwork() { 267587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root } 268d31ede7ba14b019d6a017f3585866a65891d1710Kenny Root 269d31ede7ba14b019d6a017f3585866a65891d1710Kenny Root /** 270d31ede7ba14b019d6a017f3585866a65891d1710Kenny Root * OID to Algorithm Name mapping. 271d31ede7ba14b019d6a017f3585866a65891d1710Kenny Root */ 272d31ede7ba14b019d6a017f3585866a65891d1710Kenny Root public static String oidToAlgorithmName(String oid) { 273d31ede7ba14b019d6a017f3585866a65891d1710Kenny Root try { 274d31ede7ba14b019d6a017f3585866a65891d1710Kenny Root return AlgorithmId.get(oid).getName(); 275d31ede7ba14b019d6a017f3585866a65891d1710Kenny Root } catch (NoSuchAlgorithmException e) { 276d31ede7ba14b019d6a017f3585866a65891d1710Kenny Root return oid; 277d31ede7ba14b019d6a017f3585866a65891d1710Kenny Root } 278d31ede7ba14b019d6a017f3585866a65891d1710Kenny Root } 279ce18fe693803e95ab627929b8e69d3362340dd06Kenny Root 280ce18fe693803e95ab627929b8e69d3362340dd06Kenny Root /* 28199bb3908434214ff7fb41e053158df69ad3bb963Kenny Root * Pre-Java-8 backward compatibility. 282ce18fe693803e95ab627929b8e69d3362340dd06Kenny Root */ 283ce18fe693803e95ab627929b8e69d3362340dd06Kenny Root 284ce18fe693803e95ab627929b8e69d3362340dd06Kenny Root public static SSLSession wrapSSLSession(OpenSSLSessionImpl sslSession) { 285ce18fe693803e95ab627929b8e69d3362340dd06Kenny Root return new OpenSSLExtendedSessionImpl(sslSession); 286ce18fe693803e95ab627929b8e69d3362340dd06Kenny Root } 28799bb3908434214ff7fb41e053158df69ad3bb963Kenny Root 28899bb3908434214ff7fb41e053158df69ad3bb963Kenny Root /* 28999bb3908434214ff7fb41e053158df69ad3bb963Kenny Root * Pre-Java-7 backward compatibility. 29099bb3908434214ff7fb41e053158df69ad3bb963Kenny Root */ 29199bb3908434214ff7fb41e053158df69ad3bb963Kenny Root 29299bb3908434214ff7fb41e053158df69ad3bb963Kenny Root public static String getHostStringFromInetSocketAddress(InetSocketAddress addr) { 29399bb3908434214ff7fb41e053158df69ad3bb963Kenny Root return addr.getHostString(); 29499bb3908434214ff7fb41e053158df69ad3bb963Kenny Root } 295587c1456f884c4dd0a7b287d7c193da829d8a296Kenny Root} 296