1 /* Context.java -- SSLContext implementation.
2 Copyright (C) 2006 Free Software Foundation, Inc.
4 This file is a part of GNU Classpath.
6 GNU Classpath is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or (at
9 your option) any later version.
11 GNU Classpath is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GNU Classpath; if not, write to the Free Software
18 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
21 Linking this library statically or dynamically with other modules is
22 making a combined work based on this library. Thus, the terms and
23 conditions of the GNU General Public License cover the whole
26 As a special exception, the copyright holders of this library give you
27 permission to link this library with independent modules to produce an
28 executable, regardless of the license terms of these independent
29 modules, and to copy and distribute the resulting executable under
30 terms of your choice, provided that you also meet, for each linked
31 independent module, the terms and conditions of the license of that
32 module. An independent module is a module which is not derived from
33 or based on this library. If you modify this library, you may extend
34 this exception to your version of the library, but you are not
35 obligated to do so. If you do not wish to do so, delete this
36 exception statement from your version. */
39 package gnu
.javax
.net
.ssl
.provider
;
42 import java
.io
.InputStream
;
44 import java
.security
.InvalidAlgorithmParameterException
;
45 import java
.security
.KeyStoreException
;
46 import java
.security
.KeyManagementException
;
47 import java
.security
.NoSuchAlgorithmException
;
48 import java
.security
.NoSuchProviderException
;
49 import java
.security
.SecureRandom
;
50 import java
.security
.Security
;
51 import java
.security
.UnrecoverableKeyException
;
52 import java
.sql
.SQLException
;
54 import javax
.net
.ssl
.KeyManager
;
55 import javax
.net
.ssl
.KeyManagerFactory
;
56 import javax
.net
.ssl
.SSLContextSpi
;
57 import javax
.net
.ssl
.SSLSessionContext
;
58 import javax
.net
.ssl
.TrustManager
;
59 import javax
.net
.ssl
.TrustManagerFactory
;
60 import javax
.net
.ssl
.X509KeyManager
;
61 import javax
.net
.ssl
.X509TrustManager
;
63 import gnu
.javax
.net
.ssl
.NullManagerParameters
;
64 import gnu
.javax
.net
.ssl
.SRPTrustManager
;
65 import gnu
.javax
.net
.ssl
.StaticTrustAnchors
;
68 * This is Jessie's implementation of a {@link javax.net.ssl.SSLContext}
69 * engine, and is available under the algorithm names ``SSLv3'', ``SSL'',
70 * ``TLSv1'', and ``TLS''.
72 public final class Context
extends SSLContextSpi
76 // -------------------------------------------------------------------------
78 private SessionContext clientSessions
;
79 private SessionContext serverSessions
;
80 private X509KeyManager keyManager
;
81 private X509TrustManager trustManager
;
82 private SRPTrustManager srpTrustManager
;
83 private SecureRandom random
;
86 // -------------------------------------------------------------------------
90 String codec
= Util
.getSecurityProperty("jessie.clientSessionContext.codec");
91 String codecClass
= null;
96 if (codec
.equalsIgnoreCase("xml"))
98 codecClass
= "gnu.javax.net.ssl.provider.XMLSessionContext";
100 else if (codec
.equalsIgnoreCase("jdbc"))
102 codecClass
= "gnu.javax.net.ssl.provider.JDBCSessionContext";
104 else if (codec
.equalsIgnoreCase("null"))
106 codecClass
= "gnu.javax.net.ssl.provider.SessionContext";
110 throw new IllegalArgumentException("no such codec: " + codec
);
114 ClassLoader cl
= Context
.class.getClassLoader();
117 cl
= ClassLoader
.getSystemClassLoader();
119 clientSessions
= (SessionContext
) cl
.loadClass(codecClass
).newInstance();
123 ex
.printStackTrace();
124 throw new IllegalArgumentException(ex
.toString());
127 codec
= Util
.getSecurityProperty("jessie.serverSessionContext.codec");
132 if (codec
.equalsIgnoreCase("xml"))
134 codecClass
= "gnu.javax.net.ssl.provider.XMLSessionContext";
136 else if (codec
.equalsIgnoreCase("jdbc"))
138 codecClass
= "gnu.javax.net.ssl.provider.JDBCSessionContext";
140 else if (codec
.equalsIgnoreCase("null"))
142 codecClass
= "gnu.javax.net.ssl.provider.SessionContext";
146 throw new IllegalArgumentException("no such codec: " + codec
);
150 ClassLoader cl
= Context
.class.getClassLoader();
153 cl
= ClassLoader
.getSystemClassLoader();
155 serverSessions
= (SessionContext
) cl
.loadClass(codecClass
).newInstance();
159 ex
.printStackTrace();
160 throw new IllegalArgumentException(ex
.toString());
165 // -------------------------------------------------------------------------
167 protected SSLSessionContext
engineGetClientSessionContext()
169 return clientSessions
;
172 protected SSLSessionContext
engineGetServerSessionContext()
174 return serverSessions
;
177 protected javax
.net
.ssl
.SSLServerSocketFactory
engineGetServerSocketFactory()
179 if (keyManager
== null || (trustManager
== null && srpTrustManager
== null)
182 throw new IllegalStateException();
184 return new SSLServerSocketFactory(trustManager
, srpTrustManager
, keyManager
,
185 random
, serverSessions
);
188 protected javax
.net
.ssl
.SSLSocketFactory
engineGetSocketFactory()
190 if (keyManager
== null || trustManager
== null || random
== null)
192 throw new IllegalStateException();
194 return new SSLSocketFactory(trustManager
, keyManager
, random
, clientSessions
);
197 protected void engineInit(KeyManager
[] keyManagers
,
198 TrustManager
[] trustManagers
, SecureRandom random
)
199 throws KeyManagementException
203 srpTrustManager
= null;
204 if (keyManagers
!= null)
206 for (int i
= 0; i
< keyManagers
.length
; i
++)
208 if (keyManagers
[i
] instanceof X509KeyManager
)
210 keyManager
= (X509KeyManager
) keyManagers
[i
];
215 if (keyManager
== null)
217 keyManager
= defaultKeyManager();
219 if (trustManagers
!= null)
221 for (int i
= 0; i
< trustManagers
.length
; i
++)
223 if (trustManagers
[i
] instanceof X509TrustManager
)
225 if (trustManager
== null)
227 trustManager
= (X509TrustManager
) trustManagers
[i
];
230 else if (trustManagers
[i
] instanceof SRPTrustManager
)
232 if (srpTrustManager
== null)
234 srpTrustManager
= (SRPTrustManager
) trustManagers
[i
];
239 if (trustManager
== null && srpTrustManager
== null)
241 trustManager
= defaultTrustManager();
245 this.random
= random
;
249 this.random
= defaultRandom();
254 // -------------------------------------------------------------------------
256 private X509KeyManager
defaultKeyManager() throws KeyManagementException
258 KeyManagerFactory fact
= null;
261 fact
= KeyManagerFactory
.getInstance("JessieX509", "Jessie");
263 catch (NoSuchAlgorithmException nsae
)
265 throw new KeyManagementException();
267 catch (NoSuchProviderException nspe
)
269 throw new KeyManagementException();
273 fact
.init(null, null);
274 return (X509KeyManager
) fact
.getKeyManagers()[0];
276 catch (NoSuchAlgorithmException nsae
) { }
277 catch (KeyStoreException kse
) { }
278 catch (UnrecoverableKeyException uke
) { }
279 catch (IllegalStateException ise
) { }
283 fact
.init(new NullManagerParameters());
284 return (X509KeyManager
) fact
.getKeyManagers()[0];
286 catch (Exception shouldNotHappen
)
288 throw new Error(shouldNotHappen
.toString());
292 private X509TrustManager
defaultTrustManager() throws KeyManagementException
296 TrustManagerFactory fact
=
297 TrustManagerFactory
.getInstance("JessieX509", "Jessie");
298 fact
.init(StaticTrustAnchors
.CA_CERTS
);
299 return (X509TrustManager
) fact
.getTrustManagers()[0];
301 catch (NoSuchAlgorithmException nsae
)
303 throw new KeyManagementException(nsae
.toString());
305 catch (NoSuchProviderException nspe
)
307 throw new KeyManagementException(nspe
.toString());
309 catch (InvalidAlgorithmParameterException kse
)
311 throw new KeyManagementException(kse
.toString());
315 private SecureRandom
defaultRandom() throws KeyManagementException
317 String alg
= Util
.getSecurityProperty("jessie.secure.random");
322 SecureRandom rand
= null;
325 rand
= SecureRandom
.getInstance(alg
);
327 catch (NoSuchAlgorithmException nsae
)
329 throw new KeyManagementException(nsae
.toString());