All Downloads are FREE. Search and download functionalities are using the official Maven repository.

javax.net.ssl.SSLContext Maven / Gradle / Ivy

Go to download

A library jar that provides APIs for Applications written for the Google Android Platform.

There is a newer version: 14-robolectric-10818077
Show newest version
/*
 *  Licensed to the Apache Software Foundation (ASF) under one or more
 *  contributor license agreements.  See the NOTICE file distributed with
 *  this work for additional information regarding copyright ownership.
 *  The ASF licenses this file to You under the Apache License, Version 2.0
 *  (the "License"); you may not use this file except in compliance with
 *  the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */

package javax.net.ssl;

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import org.apache.harmony.security.fortress.Engine;


/**
 * The public API for secure socket protocol implementations. It acts as factory
 * for {@code SSLSocketFactory}'s and {@code SSLEngine}s.
 */
public class SSLContext {
    // StoreSSLContext service name
    private static final String SERVICE = "SSLContext";

    // Used to access common engine functionality
    private static final Engine ENGINE = new Engine(SERVICE);

    /**
     * Default SSLContext that can be replaced with SSLContext.setDefault()
     */
    private static SSLContext DEFAULT;

    /**
     * Returns the default SSLContext.
     *
     * The default SSL context can be set with {@link #setDefault}. If
     * not, one will be created with {@code
     * SSLContext.getInstance("Default")}, which will already be
     * initialized.
     *
     * @throws NoSuchAlgorithmException if there is a problem creating
     * the default instance.
     * @since 1.6
     */
    public static SSLContext getDefault() throws NoSuchAlgorithmException {
        synchronized (ENGINE) {
            if (DEFAULT == null) {
                DEFAULT = SSLContext.getInstance("Default");
            }
            return DEFAULT;
        }
    }

    /**
     * Sets the default SSLContext instance as returned by {@link
     * #getDefault()} to a non-null initialized value.
     *
     * @throws NullPointerException on a null argument
     * @since 1.6
     */
    public static void setDefault(SSLContext sslContext) {
        if (sslContext == null) {
            throw new NullPointerException("sslContext == null");
        }
        synchronized (ENGINE) {
            DEFAULT = sslContext;
        }
    }

    /**
     * Creates a new {@code SSLContext} instance for the specified protocol.
     *
     * 

The following protocols are supported: *

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
ProtocolAPI Levels
Default9+
SSL9+
SSLv39+
TLS1+
TLSv11+
TLSv1.116+
TLSv1.216+
* * @param protocol * the requested protocol to create a context for. * @return the created {@code SSLContext} instance. * @throws NoSuchAlgorithmException * if no installed provider can provide the requested protocol * @throws NullPointerException * if {@code protocol} is {@code null} (instead of * NoSuchAlgorithmException as in 1.4 release) */ public static SSLContext getInstance(String protocol) throws NoSuchAlgorithmException { if (protocol == null) { throw new NullPointerException("protocol == null"); } Engine.SpiAndProvider sap = ENGINE.getInstance(protocol, null); return new SSLContext((SSLContextSpi) sap.spi, sap.provider, protocol); } /** * Creates a new {@code SSLContext} instance for the specified protocol from * the specified provider. * *

The following combinations are supported: *

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
ProtocolProviderAPI Levels
DefaultAndroidOpenSSL9+
SSLAndroidOpenSSL9+
SSLHarmonyJSSE9-19
SSLv3AndroidOpenSSL9+
SSLv3HarmonyJSSE9-19
TLSAndroidOpenSSL9+
TLSHarmonyJSSE1-19
TLSv1AndroidOpenSSL9+
TLSv1HarmonyJSSE1-19
TLSv1.1AndroidOpenSSL16+
TLSv1.2AndroidOpenSSL16+
* *

NOTE: The best practice is to rely on platform * defaults rather than explicitly specify a provider. * {@link #getDefault()} and {@link #getInstance(String)} are normally * preferred over this method. * * @param protocol * the requested protocol to create a context for. * @param provider * the name of the provider that provides the requested protocol. * @return an {@code SSLContext} for the requested protocol. * @throws NoSuchAlgorithmException * if the specified provider cannot provider the requested * protocol. * @throws NoSuchProviderException * if the specified provider does not exits. * @throws NullPointerException * if {@code protocol} is {@code null} (instead of * NoSuchAlgorithmException as in 1.4 release) */ public static SSLContext getInstance(String protocol, String provider) throws NoSuchAlgorithmException, NoSuchProviderException { if (provider == null) { throw new IllegalArgumentException("Provider is null"); } if (provider.length() == 0) { throw new IllegalArgumentException("Provider is empty"); } Provider impProvider = Security.getProvider(provider); if (impProvider == null) { throw new NoSuchProviderException(provider); } return getInstance(protocol, impProvider); } /** * Creates a new {@code SSLContext} instance for the specified protocol from * the specified provider. * * @param protocol * the requested protocol to create a context for * @param provider * the provider that provides the requested protocol. * @return an {@code SSLContext} for the requested protocol. * @throws NoSuchAlgorithmException * if the specified provider cannot provide the requested * protocol. * @throws NullPointerException * if {@code protocol} is {@code null} (instead of * NoSuchAlgorithmException as in 1.4 release) */ public static SSLContext getInstance(String protocol, Provider provider) throws NoSuchAlgorithmException { if (provider == null) { throw new IllegalArgumentException("provider is null"); } if (protocol == null) { throw new NullPointerException("protocol == null"); } Object spi = ENGINE.getInstance(protocol, provider, null); return new SSLContext((SSLContextSpi) spi, provider, protocol); } private final Provider provider; private final SSLContextSpi spiImpl; private final String protocol; /** * Creates a new {@code SSLContext}. * * @param contextSpi * the implementation delegate. * @param provider * the provider. * @param protocol * the protocol name. */ protected SSLContext(SSLContextSpi contextSpi, Provider provider, String protocol) { this.provider = provider; this.protocol = protocol; this.spiImpl = contextSpi; } /** * Returns the name of the secure socket protocol of this instance. * * @return the name of the secure socket protocol of this instance. */ public final String getProtocol() { return protocol; } /** * Returns the provider of this {@code SSLContext} instance. * * @return the provider of this {@code SSLContext} instance. */ public final Provider getProvider() { return provider; } /** * Initializes this {@code SSLContext} instance. Three aspects of the context can be configured * during initialization: *

    *
  • Providers of key material for key exchange and peer authentication * ({@link KeyManager} instances),
  • *
  • Providers of trust decisions about peers ({@link TrustManager} instances), *
  • *
  • Provider of randomness ({@link SecureRandom} instance).
  • *
* *

For each type of {@code KeyManager} or {@code TrustManager} used by this context, only the * first matching instance from {@code km} or {@code tm} will be used. For example, only the * first instance of {@link X509TrustManager} from {@code tm} will be used. * *

For any parameter set to {@code null} defaults will be used. In that case, the installed * security providers will be searched for the highest priority implementation of the required * primitives. For {@code km} and {@code tm}, the highest priority implementation * of {@link KeyManagerFactory} and {@link TrustManagerFactory} will be used to obtain the * required types of {@code KeyManager} and {@code TrustManager}. For {@code sr}, the default * {@code SecureRandom} implementation will be used. * * @param km * the key sources or {@code null} for default. * @param tm * the trust decision sources or {@code null} for default. * @param sr * the randomness source or {@code null} for default. * @throws KeyManagementException * if initializing this instance fails. */ public final void init(KeyManager[] km, TrustManager[] tm, SecureRandom sr) throws KeyManagementException { spiImpl.engineInit(km, tm, sr); } /** * Returns a socket factory for this instance. * * @return a socket factory for this instance. */ public final SSLSocketFactory getSocketFactory() { return spiImpl.engineGetSocketFactory(); } /** * Returns a server socket factory for this instance. * * @return a server socket factory for this instance. */ public final SSLServerSocketFactory getServerSocketFactory() { return spiImpl.engineGetServerSocketFactory(); } /** * Creates an {@code SSLEngine} instance from this context. * * @return an {@code SSLEngine} instance from this context. * @throws UnsupportedOperationException * if the provider does not support the operation. */ public final SSLEngine createSSLEngine() { return spiImpl.engineCreateSSLEngine(); } /** * Creates an {@code SSLEngine} instance from this context with the * specified hostname and port. * * @param peerHost * the name of the host * @param peerPort * the port * @return an {@code SSLEngine} instance from this context. * @throws UnsupportedOperationException * if the provider does not support the operation. */ public final SSLEngine createSSLEngine(String peerHost, int peerPort) { return spiImpl.engineCreateSSLEngine(peerHost, peerPort); } /** * Returns the SSL session context that encapsulates the set of SSL sessions * that can be used for handshake of server-side SSL sockets. * * @return the SSL server session context for this context or {@code null} * if the underlying provider does not provide an implementation of * the {@code SSLSessionContext} interface. */ public final SSLSessionContext getServerSessionContext() { return spiImpl.engineGetServerSessionContext(); } /** * Returns the SSL session context that encapsulates the set of SSL sessions * that can be used for handshake of client-side SSL sockets. * * @return the SSL client session context for this context or {@code null} * if the underlying provider does not provide an implementation of * the {@code SSLSessionContext} interface. */ public final SSLSessionContext getClientSessionContext() { return spiImpl.engineGetClientSessionContext(); } /** * Returns the default SSL handshake parameters for SSLSockets * created by this SSLContext. * * @throws UnsupportedOperationException * @since 1.6 */ public final SSLParameters getDefaultSSLParameters() { return spiImpl.engineGetDefaultSSLParameters(); } /** * Returns SSL handshake parameters for SSLSockets that includes * all supported cipher suites and protocols. * * @throws UnsupportedOperationException * @since 1.6 */ public final SSLParameters getSupportedSSLParameters() { return spiImpl.engineGetSupportedSSLParameters(); } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy