1 /* 2 * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.ssl; 27 28 import java.io.*; 29 import java.net.Socket; 30 import java.security.*; 31 import java.security.cert.*; 32 import java.util.*; 33 import javax.net.ssl.*; 34 import sun.security.action.GetPropertyAction; 35 import sun.security.provider.certpath.AlgorithmChecker; 36 import sun.security.validator.Validator; 37 38 /** 39 * Implementation of an SSLContext. 40 * 41 * Implementation note: Instances of this class and the child classes are 42 * immutable, except that the context initialization (SSLContext.init()) may 43 * reset the key, trust managers and source of secure random. 44 */ 45 46 public abstract class SSLContextImpl extends SSLContextSpi { 47 48 private final EphemeralKeyManager ephemeralKeyManager; 49 private final SSLSessionContextImpl clientCache; 50 private final SSLSessionContextImpl serverCache; 51 52 private boolean isInitialized; 53 54 private X509ExtendedKeyManager keyManager; 55 private X509TrustManager trustManager; 56 private SecureRandom secureRandom; 57 58 // DTLS cookie exchange manager 59 private volatile HelloCookieManager.Builder helloCookieManagerBuilder; 60 61 private final boolean clientEnableStapling = Utilities.getBooleanProperty( 62 "jdk.tls.client.enableStatusRequestExtension", true); 63 private final boolean serverEnableStapling = Utilities.getBooleanProperty( 64 "jdk.tls.server.enableStatusRequestExtension", false); 65 private static final Collection<CipherSuite> clientCustomizedCipherSuites = 66 getCustomizedCipherSuites("jdk.tls.client.cipherSuites"); 67 private static final Collection<CipherSuite> serverCustomizedCipherSuites = 68 getCustomizedCipherSuites("jdk.tls.server.cipherSuites"); 69 70 private volatile StatusResponseManager statusResponseManager; 71 72 SSLContextImpl() { 73 ephemeralKeyManager = new EphemeralKeyManager(); 74 clientCache = new SSLSessionContextImpl(); 75 serverCache = new SSLSessionContextImpl(); 76 } 77 78 @Override 79 protected void engineInit(KeyManager[] km, TrustManager[] tm, 80 SecureRandom sr) throws KeyManagementException { 81 isInitialized = false; 82 keyManager = chooseKeyManager(km); 83 84 if (tm == null) { 85 try { 86 TrustManagerFactory tmf = TrustManagerFactory.getInstance( 87 TrustManagerFactory.getDefaultAlgorithm()); 88 tmf.init((KeyStore)null); 89 tm = tmf.getTrustManagers(); 90 } catch (Exception e) { 91 // eat 92 } 93 } 94 trustManager = chooseTrustManager(tm); 95 96 if (sr == null) { 97 secureRandom = JsseJce.getSecureRandom(); 98 } else { 99 if (SunJSSE.isFIPS() && 100 (sr.getProvider() != SunJSSE.cryptoProvider)) { 101 throw new KeyManagementException 102 ("FIPS mode: SecureRandom must be from provider " 103 + SunJSSE.cryptoProvider.getName()); 104 } 105 secureRandom = sr; 106 } 107 108 /* 109 * The initial delay of seeding the random number generator 110 * could be long enough to cause the initial handshake on our 111 * first connection to timeout and fail. Make sure it is 112 * primed and ready by getting some initial output from it. 113 */ 114 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) { 115 SSLLogger.finest("trigger seeding of SecureRandom"); 116 } 117 secureRandom.nextInt(); 118 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) { 119 SSLLogger.finest("done seeding of SecureRandom"); 120 } 121 122 isInitialized = true; 123 } 124 125 private X509TrustManager chooseTrustManager(TrustManager[] tm) 126 throws KeyManagementException { 127 // We only use the first instance of X509TrustManager passed to us. 128 for (int i = 0; tm != null && i < tm.length; i++) { 129 if (tm[i] instanceof X509TrustManager) { 130 if (SunJSSE.isFIPS() && 131 !(tm[i] instanceof X509TrustManagerImpl)) { 132 throw new KeyManagementException 133 ("FIPS mode: only SunJSSE TrustManagers may be used"); 134 } 135 136 if (tm[i] instanceof X509ExtendedTrustManager) { 137 return (X509TrustManager)tm[i]; 138 } else { 139 return new AbstractTrustManagerWrapper( 140 (X509TrustManager)tm[i]); 141 } 142 } 143 } 144 145 // nothing found, return a dummy X509TrustManager. 146 return DummyX509TrustManager.INSTANCE; 147 } 148 149 private X509ExtendedKeyManager chooseKeyManager(KeyManager[] kms) 150 throws KeyManagementException { 151 for (int i = 0; kms != null && i < kms.length; i++) { 152 KeyManager km = kms[i]; 153 if (!(km instanceof X509KeyManager)) { 154 continue; 155 } 156 if (SunJSSE.isFIPS()) { 157 // In FIPS mode, require that one of SunJSSE's own keymanagers 158 // is used. Otherwise, we cannot be sure that only keys from 159 // the FIPS token are used. 160 if ((km instanceof X509KeyManagerImpl) 161 || (km instanceof SunX509KeyManagerImpl)) { 162 return (X509ExtendedKeyManager)km; 163 } else { 164 // throw exception, we don't want to silently use the 165 // dummy keymanager without telling the user. 166 throw new KeyManagementException 167 ("FIPS mode: only SunJSSE KeyManagers may be used"); 168 } 169 } 170 if (km instanceof X509ExtendedKeyManager) { 171 return (X509ExtendedKeyManager)km; 172 } 173 174 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) { 175 SSLLogger.warning( 176 "X509KeyManager passed to SSLContext.init(): need an " + 177 "X509ExtendedKeyManager for SSLEngine use"); 178 } 179 return new AbstractKeyManagerWrapper((X509KeyManager)km); 180 } 181 182 // nothing found, return a dummy X509ExtendedKeyManager 183 return DummyX509KeyManager.INSTANCE; 184 } 185 186 abstract SSLEngine createSSLEngineImpl(); 187 abstract SSLEngine createSSLEngineImpl(String host, int port); 188 189 @Override 190 protected SSLEngine engineCreateSSLEngine() { 191 if (!isInitialized) { 192 throw new IllegalStateException("SSLContext is not initialized"); 193 } 194 return createSSLEngineImpl(); 195 } 196 197 @Override 198 protected SSLEngine engineCreateSSLEngine(String host, int port) { 199 if (!isInitialized) { 200 throw new IllegalStateException("SSLContext is not initialized"); 201 } 202 return createSSLEngineImpl(host, port); 203 } 204 205 @Override 206 protected SSLSocketFactory engineGetSocketFactory() { 207 if (!isInitialized) { 208 throw new IllegalStateException("SSLContext is not initialized"); 209 } 210 return new SSLSocketFactoryImpl(this); 211 } 212 213 @Override 214 protected SSLServerSocketFactory engineGetServerSocketFactory() { 215 if (!isInitialized) { 216 throw new IllegalStateException("SSLContext is not initialized"); 217 } 218 return new SSLServerSocketFactoryImpl(this); 219 } 220 221 @Override 222 protected SSLSessionContext engineGetClientSessionContext() { 223 return clientCache; 224 } 225 226 @Override 227 protected SSLSessionContext engineGetServerSessionContext() { 228 return serverCache; 229 } 230 231 SecureRandom getSecureRandom() { 232 return secureRandom; 233 } 234 235 X509ExtendedKeyManager getX509KeyManager() { 236 return keyManager; 237 } 238 239 X509TrustManager getX509TrustManager() { 240 return trustManager; 241 } 242 243 EphemeralKeyManager getEphemeralKeyManager() { 244 return ephemeralKeyManager; 245 } 246 247 // Used for DTLS in server mode only. 248 HelloCookieManager getHelloCookieManager(ProtocolVersion protocolVersion) { 249 if (helloCookieManagerBuilder == null) { 250 synchronized (this) { 251 if (helloCookieManagerBuilder == null) { 252 helloCookieManagerBuilder = 253 new HelloCookieManager.Builder(secureRandom); 254 } 255 } 256 } 257 258 return helloCookieManagerBuilder.valueOf(protocolVersion); 259 } 260 261 StatusResponseManager getStatusResponseManager() { 262 if (serverEnableStapling && statusResponseManager == null) { 263 synchronized (this) { 264 if (statusResponseManager == null) { 265 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) { 266 SSLLogger.finest( 267 "Initializing StatusResponseManager"); 268 } 269 statusResponseManager = new StatusResponseManager(); 270 } 271 } 272 } 273 274 return statusResponseManager; 275 } 276 277 // Get supported protocols. 278 abstract List<ProtocolVersion> getSupportedProtocolVersions(); 279 280 // Get default protocols for server mode. 281 abstract List<ProtocolVersion> getServerDefaultProtocolVersions(); 282 283 // Get default protocols for client mode. 284 abstract List<ProtocolVersion> getClientDefaultProtocolVersions(); 285 286 // Get supported CipherSuite list. 287 abstract List<CipherSuite> getSupportedCipherSuites(); 288 289 // Get default CipherSuite list for server mode. 290 abstract List<CipherSuite> getServerDefaultCipherSuites(); 291 292 // Get default CipherSuite list for client mode. 293 abstract List<CipherSuite> getClientDefaultCipherSuites(); 294 295 // Is the context for DTLS protocols? 296 abstract boolean isDTLS(); 297 298 // Get default protocols. 299 List<ProtocolVersion> getDefaultProtocolVersions(boolean roleIsServer) { 300 return roleIsServer ? getServerDefaultProtocolVersions() 301 : getClientDefaultProtocolVersions(); 302 } 303 304 // Get default CipherSuite list. 305 List<CipherSuite> getDefaultCipherSuites(boolean roleIsServer) { 306 return roleIsServer ? getServerDefaultCipherSuites() 307 : getClientDefaultCipherSuites(); 308 } 309 310 /** 311 * Return whether a protocol list is the original default enabled 312 * protocols. See: SSLSocket/SSLEngine.setEnabledProtocols() 313 */ 314 boolean isDefaultProtocolVesions(List<ProtocolVersion> protocols) { 315 return (protocols == getServerDefaultProtocolVersions()) || 316 (protocols == getClientDefaultProtocolVersions()); 317 } 318 319 /** 320 * Return whether a protocol list is the original default enabled 321 * protocols. See: SSLSocket/SSLEngine.setEnabledProtocols() 322 */ 323 boolean isDefaultCipherSuiteList(List<CipherSuite> cipherSuites) { 324 return (cipherSuites == getServerDefaultCipherSuites()) || 325 (cipherSuites == getClientDefaultCipherSuites()); 326 } 327 328 /** 329 * Return whether client or server side stapling has been enabled 330 * for this SSLContextImpl 331 * @param isClient true if the caller is operating in a client side role, 332 * false if acting as a server. 333 * @return true if stapling has been enabled for the specified role, false 334 * otherwise. 335 */ 336 boolean isStaplingEnabled(boolean isClient) { 337 return isClient ? clientEnableStapling : serverEnableStapling; 338 } 339 340 /* 341 * Return the list of all available CipherSuites that are supported 342 * using currently installed providers. 343 */ 344 private static List<CipherSuite> getApplicableSupportedCipherSuites( 345 List<ProtocolVersion> protocols) { 346 347 return getApplicableCipherSuites( 348 CipherSuite.allowedCipherSuites(), protocols); 349 } 350 351 /* 352 * Return the list of all available CipherSuites that are default enabled 353 * in client or server side. 354 */ 355 private static List<CipherSuite> getApplicableEnabledCipherSuites( 356 List<ProtocolVersion> protocols, boolean isClient) { 357 358 if (isClient) { 359 if (!clientCustomizedCipherSuites.isEmpty()) { 360 return getApplicableCipherSuites( 361 clientCustomizedCipherSuites, protocols); 362 } 363 } else { 364 if (!serverCustomizedCipherSuites.isEmpty()) { 365 return getApplicableCipherSuites( 366 serverCustomizedCipherSuites, protocols); 367 } 368 } 369 370 return getApplicableCipherSuites( 371 CipherSuite.defaultCipherSuites(), protocols); 372 } 373 374 /* 375 * Return the list of available CipherSuites which are applicable to 376 * the specified protocols. 377 */ 378 private static List<CipherSuite> getApplicableCipherSuites( 379 Collection<CipherSuite> allowedCipherSuites, 380 List<ProtocolVersion> protocols) { 381 TreeSet<CipherSuite> suites = new TreeSet<>(); 382 if (protocols != null && (!protocols.isEmpty())) { 383 for (CipherSuite suite : allowedCipherSuites) { 384 if (!suite.isAvailable()) { 385 continue; 386 } 387 388 boolean isSupported = false; 389 for (ProtocolVersion protocol : protocols) { 390 if (!suite.supports(protocol)) { 391 continue; 392 } 393 394 if (SSLAlgorithmConstraints.DEFAULT.permits( 395 EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), 396 suite.name, null)) { 397 suites.add(suite); 398 isSupported = true; 399 } else if (SSLLogger.isOn && 400 SSLLogger.isOn("ssl,sslctx,verbose")) { 401 SSLLogger.fine( 402 "Ignore disabled cipher suite: " + suite.name); 403 } 404 405 break; 406 } 407 408 if (!isSupported && SSLLogger.isOn && 409 SSLLogger.isOn("ssl,sslctx,verbose")) { 410 SSLLogger.finest( 411 "Ignore unsupported cipher suite: " + suite); 412 } 413 } 414 } 415 416 return new ArrayList<>(suites); 417 } 418 419 /* 420 * Get the customized cipher suites specified by the given system property. 421 */ 422 private static Collection<CipherSuite> getCustomizedCipherSuites( 423 String propertyName) { 424 425 String property = GetPropertyAction.privilegedGetProperty(propertyName); 426 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) { 427 SSLLogger.fine( 428 "System property " + propertyName + " is set to '" + 429 property + "'"); 430 } 431 if (property != null && property.length() != 0) { 432 // remove double quote marks from beginning/end of the property 433 if (property.length() > 1 && property.charAt(0) == '"' && 434 property.charAt(property.length() - 1) == '"') { 435 property = property.substring(1, property.length() - 1); 436 } 437 } 438 439 if (property != null && property.length() != 0) { 440 String[] cipherSuiteNames = property.split(","); 441 Collection<CipherSuite> cipherSuites = 442 new ArrayList<>(cipherSuiteNames.length); 443 for (int i = 0; i < cipherSuiteNames.length; i++) { 444 cipherSuiteNames[i] = cipherSuiteNames[i].trim(); 445 if (cipherSuiteNames[i].isEmpty()) { 446 continue; 447 } 448 449 CipherSuite suite; 450 try { 451 suite = CipherSuite.nameOf(cipherSuiteNames[i]); 452 } catch (IllegalArgumentException iae) { 453 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) { 454 SSLLogger.fine( 455 "Unknown or unsupported cipher suite name: " + 456 cipherSuiteNames[i]); 457 } 458 459 continue; 460 } 461 462 if (suite != null && suite.isAvailable()) { 463 cipherSuites.add(suite); 464 } else { 465 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) { 466 SSLLogger.fine( 467 "The current installed providers do not " + 468 "support cipher suite: " + cipherSuiteNames[i]); 469 } 470 } 471 } 472 473 return cipherSuites; 474 } 475 476 return Collections.emptyList(); 477 } 478 479 480 private static List<ProtocolVersion> getAvailableProtocols( 481 ProtocolVersion[] protocolCandidates) { 482 483 List<ProtocolVersion> availableProtocols = 484 Collections.<ProtocolVersion>emptyList(); 485 if (protocolCandidates != null && protocolCandidates.length != 0) { 486 availableProtocols = new ArrayList<>(protocolCandidates.length); 487 for (ProtocolVersion p : protocolCandidates) { 488 if (p.isAvailable) { 489 availableProtocols.add(p); 490 } 491 } 492 } 493 494 return availableProtocols; 495 } 496 497 /* 498 * The SSLContext implementation for SSL/(D)TLS algorithm 499 * 500 * SSL/TLS protocols specify the forward compatibility and version 501 * roll-back attack protections, however, a number of SSL/TLS server 502 * vendors did not implement these aspects properly, and some current 503 * SSL/TLS servers may refuse to talk to a TLS 1.1 or later client. 504 * 505 * Considering above interoperability issues, SunJSSE will not set 506 * TLS 1.1 and TLS 1.2 as the enabled protocols for client by default. 507 * 508 * For SSL/TLS servers, there is no such interoperability issues as 509 * SSL/TLS clients. In SunJSSE, TLS 1.1 or later version will be the 510 * enabled protocols for server by default. 511 * 512 * We may change the behavior when popular TLS/SSL vendors support TLS 513 * forward compatibility properly. 514 * 515 * SSLv2Hello is no longer necessary. This interoperability option was 516 * put in place in the late 90's when SSLv3/TLS1.0 were relatively new 517 * and there were a fair number of SSLv2-only servers deployed. Because 518 * of the security issues in SSLv2, it is rarely (if ever) used, as 519 * deployments should now be using SSLv3 and TLSv1. 520 * 521 * Considering the issues of SSLv2Hello, we should not enable SSLv2Hello 522 * by default. Applications still can use it by enabling SSLv2Hello with 523 * the series of setEnabledProtocols APIs. 524 */ 525 526 /* 527 * The base abstract SSLContext implementation for the Transport Layer 528 * Security (TLS) protocols. 529 * 530 * This abstract class encapsulates supported and the default server 531 * SSL/TLS parameters. 532 * 533 * @see SSLContext 534 */ 535 private abstract static class AbstractTLSContext extends SSLContextImpl { 536 private static final List<ProtocolVersion> supportedProtocols; 537 private static final List<ProtocolVersion> serverDefaultProtocols; 538 539 private static final List<CipherSuite> supportedCipherSuites; 540 private static final List<CipherSuite> serverDefaultCipherSuites; 541 542 static { 543 if (SunJSSE.isFIPS()) { 544 supportedProtocols = Arrays.asList( 545 ProtocolVersion.TLS13, 546 ProtocolVersion.TLS12, 547 ProtocolVersion.TLS11, 548 ProtocolVersion.TLS10 549 ); 550 551 serverDefaultProtocols = getAvailableProtocols( 552 new ProtocolVersion[] { 553 ProtocolVersion.TLS13, 554 ProtocolVersion.TLS12, 555 ProtocolVersion.TLS11, 556 ProtocolVersion.TLS10 557 }); 558 } else { 559 supportedProtocols = Arrays.asList( 560 ProtocolVersion.TLS13, 561 ProtocolVersion.TLS12, 562 ProtocolVersion.TLS11, 563 ProtocolVersion.TLS10, 564 ProtocolVersion.SSL30, 565 ProtocolVersion.SSL20Hello 566 ); 567 568 serverDefaultProtocols = getAvailableProtocols( 569 new ProtocolVersion[] { 570 ProtocolVersion.TLS13, 571 ProtocolVersion.TLS12, 572 ProtocolVersion.TLS11, 573 ProtocolVersion.TLS10, 574 ProtocolVersion.SSL30, 575 ProtocolVersion.SSL20Hello 576 }); 577 } 578 579 supportedCipherSuites = getApplicableSupportedCipherSuites( 580 supportedProtocols); 581 serverDefaultCipherSuites = getApplicableEnabledCipherSuites( 582 serverDefaultProtocols, false); 583 } 584 585 @Override 586 List<ProtocolVersion> getSupportedProtocolVersions() { 587 return supportedProtocols; 588 } 589 590 @Override 591 List<CipherSuite> getSupportedCipherSuites() { 592 return supportedCipherSuites; 593 } 594 595 @Override 596 List<ProtocolVersion> getServerDefaultProtocolVersions() { 597 return serverDefaultProtocols; 598 } 599 600 @Override 601 List<CipherSuite> getServerDefaultCipherSuites() { 602 return serverDefaultCipherSuites; 603 } 604 605 @Override 606 SSLEngine createSSLEngineImpl() { 607 return new SSLEngineImpl(this); 608 } 609 610 @Override 611 SSLEngine createSSLEngineImpl(String host, int port) { 612 return new SSLEngineImpl(this, host, port); 613 } 614 615 @Override 616 boolean isDTLS() { 617 return false; 618 } 619 620 static ProtocolVersion[] getSupportedProtocols() { 621 if (SunJSSE.isFIPS()) { 622 return new ProtocolVersion[] { 623 ProtocolVersion.TLS13, 624 ProtocolVersion.TLS12, 625 ProtocolVersion.TLS11, 626 ProtocolVersion.TLS10 627 }; 628 } else { 629 return new ProtocolVersion[]{ 630 ProtocolVersion.TLS13, 631 ProtocolVersion.TLS12, 632 ProtocolVersion.TLS11, 633 ProtocolVersion.TLS10, 634 ProtocolVersion.SSL30, 635 ProtocolVersion.SSL20Hello 636 }; 637 } 638 } 639 } 640 641 /* 642 * The SSLContext implementation for SSLv3 and TLS10 algorithm 643 * 644 * @see SSLContext 645 */ 646 public static final class TLS10Context extends AbstractTLSContext { 647 private static final List<ProtocolVersion> clientDefaultProtocols; 648 private static final List<CipherSuite> clientDefaultCipherSuites; 649 650 static { 651 if (SunJSSE.isFIPS()) { 652 clientDefaultProtocols = getAvailableProtocols( 653 new ProtocolVersion[] { 654 ProtocolVersion.TLS10 655 }); 656 } else { 657 clientDefaultProtocols = getAvailableProtocols( 658 new ProtocolVersion[] { 659 ProtocolVersion.TLS10, 660 ProtocolVersion.SSL30 661 }); 662 } 663 664 clientDefaultCipherSuites = getApplicableEnabledCipherSuites( 665 clientDefaultProtocols, true); 666 } 667 668 @Override 669 List<ProtocolVersion> getClientDefaultProtocolVersions() { 670 return clientDefaultProtocols; 671 } 672 673 @Override 674 List<CipherSuite> getClientDefaultCipherSuites() { 675 return clientDefaultCipherSuites; 676 } 677 } 678 679 /* 680 * The SSLContext implementation for TLS11 algorithm 681 * 682 * @see SSLContext 683 */ 684 public static final class TLS11Context extends AbstractTLSContext { 685 private static final List<ProtocolVersion> clientDefaultProtocols; 686 private static final List<CipherSuite> clientDefaultCipherSuites; 687 688 static { 689 if (SunJSSE.isFIPS()) { 690 clientDefaultProtocols = getAvailableProtocols( 691 new ProtocolVersion[] { 692 ProtocolVersion.TLS11, 693 ProtocolVersion.TLS10 694 }); 695 } else { 696 clientDefaultProtocols = getAvailableProtocols( 697 new ProtocolVersion[] { 698 ProtocolVersion.TLS11, 699 ProtocolVersion.TLS10, 700 ProtocolVersion.SSL30 701 }); 702 } 703 704 clientDefaultCipherSuites = getApplicableEnabledCipherSuites( 705 clientDefaultProtocols, true); 706 707 } 708 709 @Override 710 List<ProtocolVersion> getClientDefaultProtocolVersions() { 711 return clientDefaultProtocols; 712 } 713 714 @Override 715 List<CipherSuite> getClientDefaultCipherSuites() { 716 return clientDefaultCipherSuites; 717 } 718 } 719 720 /* 721 * The SSLContext implementation for TLS12 algorithm 722 * 723 * @see SSLContext 724 */ 725 public static final class TLS12Context extends AbstractTLSContext { 726 private static final List<ProtocolVersion> clientDefaultProtocols; 727 private static final List<CipherSuite> clientDefaultCipherSuites; 728 729 static { 730 if (SunJSSE.isFIPS()) { 731 clientDefaultProtocols = getAvailableProtocols( 732 new ProtocolVersion[] { 733 ProtocolVersion.TLS12, 734 ProtocolVersion.TLS11, 735 ProtocolVersion.TLS10 736 }); 737 } else { 738 clientDefaultProtocols = getAvailableProtocols( 739 new ProtocolVersion[] { 740 ProtocolVersion.TLS12, 741 ProtocolVersion.TLS11, 742 ProtocolVersion.TLS10, 743 ProtocolVersion.SSL30 744 }); 745 } 746 747 clientDefaultCipherSuites = getApplicableEnabledCipherSuites( 748 clientDefaultProtocols, true); 749 } 750 751 @Override 752 List<ProtocolVersion> getClientDefaultProtocolVersions() { 753 return clientDefaultProtocols; 754 } 755 756 @Override 757 List<CipherSuite> getClientDefaultCipherSuites() { 758 return clientDefaultCipherSuites; 759 } 760 } 761 762 /* 763 * The SSLContext implementation for TLS1.3 algorithm 764 * 765 * @see SSLContext 766 */ 767 public static final class TLS13Context extends AbstractTLSContext { 768 private static final List<ProtocolVersion> clientDefaultProtocols; 769 private static final List<CipherSuite> clientDefaultCipherSuites; 770 771 static { 772 if (SunJSSE.isFIPS()) { 773 clientDefaultProtocols = getAvailableProtocols( 774 new ProtocolVersion[] { 775 ProtocolVersion.TLS13, 776 ProtocolVersion.TLS12, 777 ProtocolVersion.TLS11, 778 ProtocolVersion.TLS10 779 }); 780 } else { 781 clientDefaultProtocols = getAvailableProtocols( 782 new ProtocolVersion[] { 783 ProtocolVersion.TLS13, 784 ProtocolVersion.TLS12, 785 ProtocolVersion.TLS11, 786 ProtocolVersion.TLS10, 787 ProtocolVersion.SSL30 788 }); 789 } 790 791 clientDefaultCipherSuites = getApplicableEnabledCipherSuites( 792 clientDefaultProtocols, true); 793 } 794 795 @Override 796 List<ProtocolVersion> getClientDefaultProtocolVersions() { 797 return clientDefaultProtocols; 798 } 799 800 @Override 801 List<CipherSuite> getClientDefaultCipherSuites() { 802 return clientDefaultCipherSuites; 803 } 804 } 805 806 /* 807 * The interface for the customized SSL/(D)TLS SSLContext. 808 * 809 * @see SSLContext 810 */ 811 private static class CustomizedSSLProtocols { 812 private static final String JDK_TLS_CLIENT_PROTOCOLS = 813 "jdk.tls.client.protocols"; 814 private static final String JDK_TLS_SERVER_PROTOCOLS = 815 "jdk.tls.server.protocols"; 816 static IllegalArgumentException reservedException = null; 817 static final ArrayList<ProtocolVersion> customizedClientProtocols = 818 new ArrayList<>(); 819 static final ArrayList<ProtocolVersion> customizedServerProtocols = 820 new ArrayList<>(); 821 822 // Don't want a java.lang.LinkageError for illegal system property. 823 // 824 // Please don't throw exception in this static block. Otherwise, 825 // java.lang.LinkageError may be thrown during the instantiation of 826 // the provider service. Instead, please handle the initialization 827 // exception in the caller's constructor. 828 static { 829 populate(JDK_TLS_CLIENT_PROTOCOLS, customizedClientProtocols); 830 populate(JDK_TLS_SERVER_PROTOCOLS, customizedServerProtocols); 831 } 832 833 private static void populate(String propname, 834 ArrayList<ProtocolVersion> arrayList) { 835 String property = GetPropertyAction.privilegedGetProperty(propname); 836 if (property == null) { 837 return; 838 } 839 840 if (property.length() != 0) { 841 // remove double quote marks from beginning/end of the property 842 if (property.length() > 1 && property.charAt(0) == '"' && 843 property.charAt(property.length() - 1) == '"') { 844 property = property.substring(1, property.length() - 1); 845 } 846 } 847 848 if (property.length() != 0) { 849 String[] protocols = property.split(","); 850 for (int i = 0; i < protocols.length; i++) { 851 protocols[i] = protocols[i].trim(); 852 // Is it a supported protocol name? 853 ProtocolVersion pv = 854 ProtocolVersion.nameOf(protocols[i]); 855 if (pv == null) { 856 reservedException = new IllegalArgumentException( 857 propname + ": " + protocols[i] + 858 " is not a supported SSL protocol name"); 859 } 860 861 if (SunJSSE.isFIPS() && 862 ((pv == ProtocolVersion.SSL30) || 863 (pv == ProtocolVersion.SSL20Hello))) { 864 reservedException = new IllegalArgumentException( 865 propname + ": " + pv + 866 " is not FIPS compliant"); 867 868 break; 869 } 870 871 // ignore duplicated protocols 872 if (!arrayList.contains(pv)) { 873 arrayList.add(pv); 874 } 875 } 876 } 877 } 878 } 879 880 /* 881 * The SSLContext implementation for customized TLS protocols 882 * 883 * @see SSLContext 884 */ 885 private static class CustomizedTLSContext extends AbstractTLSContext { 886 887 private static final List<ProtocolVersion> clientDefaultProtocols; 888 private static final List<ProtocolVersion> serverDefaultProtocols; 889 private static final List<CipherSuite> clientDefaultCipherSuites; 890 private static final List<CipherSuite> serverDefaultCipherSuites; 891 private static final IllegalArgumentException reservedException; 892 893 // Don't want a java.lang.LinkageError for illegal system property. 894 // 895 // Please don't throw exception in this static block. Otherwise, 896 // java.lang.LinkageError may be thrown during the instantiation of 897 // the provider service. Instead, let's handle the initialization 898 // exception in constructor. 899 static { 900 reservedException = CustomizedSSLProtocols.reservedException; 901 if (reservedException == null) { 902 clientDefaultProtocols = customizedProtocols(true, 903 CustomizedSSLProtocols.customizedClientProtocols); 904 serverDefaultProtocols = customizedProtocols(false, 905 CustomizedSSLProtocols.customizedServerProtocols); 906 907 clientDefaultCipherSuites = 908 getApplicableEnabledCipherSuites( 909 clientDefaultProtocols, true); 910 serverDefaultCipherSuites = 911 getApplicableEnabledCipherSuites( 912 serverDefaultProtocols, false); 913 914 } else { 915 // unlikely to be used 916 clientDefaultProtocols = null; 917 serverDefaultProtocols = null; 918 clientDefaultCipherSuites = null; 919 serverDefaultCipherSuites = null; 920 } 921 } 922 923 private static List<ProtocolVersion> customizedProtocols( 924 boolean client, List<ProtocolVersion> customized) { 925 List<ProtocolVersion> refactored = new ArrayList<>(); 926 for (ProtocolVersion pv : customized) { 927 if (!pv.isDTLS) { 928 refactored.add(pv); 929 } 930 } 931 932 // Use the default enabled protocols if no customization 933 ProtocolVersion[] candidates; 934 if (refactored.isEmpty()) { 935 if (client) { 936 candidates = getProtocols(); 937 } else { 938 candidates = getSupportedProtocols(); 939 } 940 } else { 941 // Use the customized TLS protocols. 942 candidates = 943 refactored.toArray(new ProtocolVersion[refactored.size()]); 944 } 945 946 return getAvailableProtocols(candidates); 947 } 948 949 static ProtocolVersion[] getProtocols() { 950 if (SunJSSE.isFIPS()) { 951 return new ProtocolVersion[]{ 952 ProtocolVersion.TLS13, 953 ProtocolVersion.TLS12, 954 ProtocolVersion.TLS11, 955 ProtocolVersion.TLS10 956 }; 957 } else { 958 return new ProtocolVersion[]{ 959 ProtocolVersion.TLS13, 960 ProtocolVersion.TLS12, 961 ProtocolVersion.TLS11, 962 ProtocolVersion.TLS10, 963 ProtocolVersion.SSL30 964 }; 965 } 966 } 967 968 protected CustomizedTLSContext() { 969 if (reservedException != null) { 970 throw reservedException; 971 } 972 } 973 974 @Override 975 List<ProtocolVersion> getClientDefaultProtocolVersions() { 976 return clientDefaultProtocols; 977 } 978 979 @Override 980 List<ProtocolVersion> getServerDefaultProtocolVersions() { 981 return serverDefaultProtocols; 982 } 983 984 @Override 985 List<CipherSuite> getClientDefaultCipherSuites() { 986 return clientDefaultCipherSuites; 987 } 988 989 @Override 990 List<CipherSuite> getServerDefaultCipherSuites() { 991 return serverDefaultCipherSuites; 992 } 993 994 995 } 996 997 /* 998 * The SSLContext implementation for default "TLS" algorithm 999 * 1000 * @see SSLContext 1001 */ 1002 public static final class TLSContext extends CustomizedTLSContext { 1003 // use the default constructor and methods 1004 } 1005 1006 // lazy initialization holder class idiom for static default parameters 1007 // 1008 // See Effective Java Second Edition: Item 71. 1009 private static final class DefaultManagersHolder { 1010 private static final String NONE = "NONE"; 1011 private static final String P11KEYSTORE = "PKCS11"; 1012 1013 private static final TrustManager[] trustManagers; 1014 private static final KeyManager[] keyManagers; 1015 1016 private static final Exception reservedException; 1017 1018 static { 1019 Exception reserved = null; 1020 TrustManager[] tmMediator; 1021 try { 1022 tmMediator = getTrustManagers(); 1023 } catch (Exception e) { 1024 reserved = e; 1025 tmMediator = new TrustManager[0]; 1026 } 1027 trustManagers = tmMediator; 1028 1029 if (reserved == null) { 1030 KeyManager[] kmMediator; 1031 try { 1032 kmMediator = getKeyManagers(); 1033 } catch (Exception e) { 1034 reserved = e; 1035 kmMediator = new KeyManager[0]; 1036 } 1037 keyManagers = kmMediator; 1038 } else { 1039 keyManagers = new KeyManager[0]; 1040 } 1041 1042 reservedException = reserved; 1043 } 1044 1045 private static TrustManager[] getTrustManagers() throws Exception { 1046 TrustManagerFactory tmf = TrustManagerFactory.getInstance( 1047 TrustManagerFactory.getDefaultAlgorithm()); 1048 if ("SunJSSE".equals(tmf.getProvider().getName())) { 1049 // The implementation will load the default KeyStore 1050 // automatically. Cached trust materials may be used 1051 // for performance improvement. 1052 tmf.init((KeyStore)null); 1053 } else { 1054 // Use the explicitly specified KeyStore for third party's 1055 // TrustManagerFactory implementation. 1056 KeyStore ks = TrustStoreManager.getTrustedKeyStore(); 1057 tmf.init(ks); 1058 } 1059 1060 return tmf.getTrustManagers(); 1061 } 1062 1063 private static KeyManager[] getKeyManagers() throws Exception { 1064 1065 final Map<String,String> props = new HashMap<>(); 1066 AccessController.doPrivileged( 1067 new PrivilegedExceptionAction<Object>() { 1068 @Override 1069 public Object run() throws Exception { 1070 props.put("keyStore", System.getProperty( 1071 "javax.net.ssl.keyStore", "")); 1072 props.put("keyStoreType", System.getProperty( 1073 "javax.net.ssl.keyStoreType", 1074 KeyStore.getDefaultType())); 1075 props.put("keyStoreProvider", System.getProperty( 1076 "javax.net.ssl.keyStoreProvider", "")); 1077 props.put("keyStorePasswd", System.getProperty( 1078 "javax.net.ssl.keyStorePassword", "")); 1079 return null; 1080 } 1081 }); 1082 1083 final String defaultKeyStore = props.get("keyStore"); 1084 String defaultKeyStoreType = props.get("keyStoreType"); 1085 String defaultKeyStoreProvider = props.get("keyStoreProvider"); 1086 if (SSLLogger.isOn && SSLLogger.isOn("ssl,defaultctx")) { 1087 SSLLogger.fine("keyStore is : " + defaultKeyStore); 1088 SSLLogger.fine("keyStore type is : " + 1089 defaultKeyStoreType); 1090 SSLLogger.fine("keyStore provider is : " + 1091 defaultKeyStoreProvider); 1092 } 1093 1094 if (P11KEYSTORE.equals(defaultKeyStoreType) && 1095 !NONE.equals(defaultKeyStore)) { 1096 throw new IllegalArgumentException("if keyStoreType is " 1097 + P11KEYSTORE + ", then keyStore must be " + NONE); 1098 } 1099 1100 FileInputStream fs = null; 1101 KeyStore ks = null; 1102 char[] passwd = null; 1103 try { 1104 if (defaultKeyStore.length() != 0 && 1105 !NONE.equals(defaultKeyStore)) { 1106 fs = AccessController.doPrivileged( 1107 new PrivilegedExceptionAction<FileInputStream>() { 1108 @Override 1109 public FileInputStream run() throws Exception { 1110 return new FileInputStream(defaultKeyStore); 1111 } 1112 }); 1113 } 1114 1115 String defaultKeyStorePassword = props.get("keyStorePasswd"); 1116 if (defaultKeyStorePassword.length() != 0) { 1117 passwd = defaultKeyStorePassword.toCharArray(); 1118 } 1119 1120 /** 1121 * Try to initialize key store. 1122 */ 1123 if ((defaultKeyStoreType.length()) != 0) { 1124 if (SSLLogger.isOn && SSLLogger.isOn("ssl,defaultctx")) { 1125 SSLLogger.finest("init keystore"); 1126 } 1127 if (defaultKeyStoreProvider.length() == 0) { 1128 ks = KeyStore.getInstance(defaultKeyStoreType); 1129 } else { 1130 ks = KeyStore.getInstance(defaultKeyStoreType, 1131 defaultKeyStoreProvider); 1132 } 1133 1134 // if defaultKeyStore is NONE, fs will be null 1135 ks.load(fs, passwd); 1136 } 1137 } finally { 1138 if (fs != null) { 1139 fs.close(); 1140 fs = null; 1141 } 1142 } 1143 1144 /* 1145 * Try to initialize key manager. 1146 */ 1147 if (SSLLogger.isOn && SSLLogger.isOn("ssl,defaultctx")) { 1148 SSLLogger.fine("init keymanager of type " + 1149 KeyManagerFactory.getDefaultAlgorithm()); 1150 } 1151 KeyManagerFactory kmf = KeyManagerFactory.getInstance( 1152 KeyManagerFactory.getDefaultAlgorithm()); 1153 1154 if (P11KEYSTORE.equals(defaultKeyStoreType)) { 1155 kmf.init(ks, null); // do not pass key passwd if using token 1156 } else { 1157 kmf.init(ks, passwd); 1158 } 1159 1160 return kmf.getKeyManagers(); 1161 } 1162 } 1163 1164 // lazy initialization holder class idiom for static default parameters 1165 // 1166 // See Effective Java Second Edition: Item 71. 1167 private static final class DefaultSSLContextHolder { 1168 1169 private static final SSLContextImpl sslContext; 1170 static Exception reservedException = null; 1171 1172 static { 1173 SSLContextImpl mediator = null; 1174 if (DefaultManagersHolder.reservedException != null) { 1175 reservedException = DefaultManagersHolder.reservedException; 1176 } else { 1177 try { 1178 mediator = new DefaultSSLContext(); 1179 } catch (Exception e) { 1180 reservedException = e; 1181 } 1182 } 1183 1184 sslContext = mediator; 1185 } 1186 } 1187 1188 /* 1189 * The SSLContext implementation for default "Default" algorithm 1190 * 1191 * @see SSLContext 1192 */ 1193 public static final class DefaultSSLContext extends CustomizedTLSContext { 1194 1195 // public constructor for SSLContext.getInstance("Default") 1196 public DefaultSSLContext() throws Exception { 1197 if (DefaultManagersHolder.reservedException != null) { 1198 throw DefaultManagersHolder.reservedException; 1199 } 1200 1201 try { 1202 super.engineInit(DefaultManagersHolder.keyManagers, 1203 DefaultManagersHolder.trustManagers, null); 1204 } catch (Exception e) { 1205 if (SSLLogger.isOn && SSLLogger.isOn("ssl,defaultctx")) { 1206 SSLLogger.fine("default context init failed: ", e); 1207 } 1208 throw e; 1209 } 1210 } 1211 1212 @Override 1213 protected void engineInit(KeyManager[] km, TrustManager[] tm, 1214 SecureRandom sr) throws KeyManagementException { 1215 throw new KeyManagementException 1216 ("Default SSLContext is initialized automatically"); 1217 } 1218 1219 static SSLContextImpl getDefaultImpl() throws Exception { 1220 if (DefaultSSLContextHolder.reservedException != null) { 1221 throw DefaultSSLContextHolder.reservedException; 1222 } 1223 1224 return DefaultSSLContextHolder.sslContext; 1225 } 1226 } 1227 1228 /* 1229 * The base abstract SSLContext implementation for the Datagram Transport 1230 * Layer Security (DTLS) protocols. 1231 * 1232 * This abstract class encapsulates supported and the default server DTLS 1233 * parameters. 1234 * 1235 * @see SSLContext 1236 */ 1237 private abstract static class AbstractDTLSContext extends SSLContextImpl { 1238 private static final List<ProtocolVersion> supportedProtocols; 1239 private static final List<ProtocolVersion> serverDefaultProtocols; 1240 1241 private static final List<CipherSuite> supportedCipherSuites; 1242 private static final List<CipherSuite> serverDefaultCipherSuites; 1243 1244 static { 1245 // Both DTLSv1.0 and DTLSv1.2 can be used in FIPS mode. 1246 supportedProtocols = Arrays.asList( 1247 ProtocolVersion.DTLS12, 1248 ProtocolVersion.DTLS10 1249 ); 1250 1251 // available protocols for server mode 1252 serverDefaultProtocols = getAvailableProtocols( 1253 new ProtocolVersion[] { 1254 ProtocolVersion.DTLS12, 1255 ProtocolVersion.DTLS10 1256 }); 1257 1258 supportedCipherSuites = getApplicableSupportedCipherSuites( 1259 supportedProtocols); 1260 serverDefaultCipherSuites = getApplicableEnabledCipherSuites( 1261 serverDefaultProtocols, false); 1262 } 1263 1264 @Override 1265 List<ProtocolVersion> getSupportedProtocolVersions() { 1266 return supportedProtocols; 1267 } 1268 1269 @Override 1270 List<CipherSuite> getSupportedCipherSuites() { 1271 return supportedCipherSuites; 1272 } 1273 1274 @Override 1275 List<ProtocolVersion> getServerDefaultProtocolVersions() { 1276 return serverDefaultProtocols; 1277 } 1278 1279 @Override 1280 List<CipherSuite> getServerDefaultCipherSuites() { 1281 return serverDefaultCipherSuites; 1282 } 1283 1284 @Override 1285 SSLEngine createSSLEngineImpl() { 1286 return new SSLEngineImpl(this); 1287 } 1288 1289 @Override 1290 SSLEngine createSSLEngineImpl(String host, int port) { 1291 return new SSLEngineImpl(this, host, port); 1292 } 1293 1294 @Override 1295 boolean isDTLS() { 1296 return true; 1297 } 1298 } 1299 1300 /* 1301 * The SSLContext implementation for DTLSv1.0 algorithm. 1302 * 1303 * @see SSLContext 1304 */ 1305 public static final class DTLS10Context extends AbstractDTLSContext { 1306 private static final List<ProtocolVersion> clientDefaultProtocols; 1307 private static final List<CipherSuite> clientDefaultCipherSuites; 1308 1309 static { 1310 // available protocols for client mode 1311 clientDefaultProtocols = getAvailableProtocols( 1312 new ProtocolVersion[] { 1313 ProtocolVersion.DTLS10 1314 }); 1315 1316 clientDefaultCipherSuites = getApplicableEnabledCipherSuites( 1317 clientDefaultProtocols, true); 1318 } 1319 1320 @Override 1321 List<ProtocolVersion> getClientDefaultProtocolVersions() { 1322 return clientDefaultProtocols; 1323 } 1324 1325 @Override 1326 List<CipherSuite> getClientDefaultCipherSuites() { 1327 return clientDefaultCipherSuites; 1328 } 1329 } 1330 1331 /* 1332 * The SSLContext implementation for DTLSv1.2 algorithm. 1333 * 1334 * @see SSLContext 1335 */ 1336 public static final class DTLS12Context extends AbstractDTLSContext { 1337 private static final List<ProtocolVersion> clientDefaultProtocols; 1338 private static final List<CipherSuite> clientDefaultCipherSuites; 1339 1340 static { 1341 // available protocols for client mode 1342 clientDefaultProtocols = getAvailableProtocols( 1343 new ProtocolVersion[] { 1344 ProtocolVersion.DTLS12, 1345 ProtocolVersion.DTLS10 1346 }); 1347 1348 clientDefaultCipherSuites = getApplicableEnabledCipherSuites( 1349 clientDefaultProtocols, true); 1350 } 1351 1352 @Override 1353 List<ProtocolVersion> getClientDefaultProtocolVersions() { 1354 return clientDefaultProtocols; 1355 } 1356 1357 @Override 1358 List<CipherSuite> getClientDefaultCipherSuites() { 1359 return clientDefaultCipherSuites; 1360 } 1361 } 1362 1363 /* 1364 * The SSLContext implementation for customized TLS protocols 1365 * 1366 * @see SSLContext 1367 */ 1368 private static class CustomizedDTLSContext extends AbstractDTLSContext { 1369 private static final List<ProtocolVersion> clientDefaultProtocols; 1370 private static final List<ProtocolVersion> serverDefaultProtocols; 1371 private static final List<CipherSuite> clientDefaultCipherSuites; 1372 private static final List<CipherSuite> serverDefaultCipherSuites; 1373 1374 private static IllegalArgumentException reservedException = null; 1375 1376 // Don't want a java.lang.LinkageError for illegal system property. 1377 // 1378 // Please don't throw exception in this static block. Otherwise, 1379 // java.lang.LinkageError may be thrown during the instantiation of 1380 // the provider service. Instead, let's handle the initialization 1381 // exception in constructor. 1382 static { 1383 reservedException = CustomizedSSLProtocols.reservedException; 1384 if (reservedException == null) { 1385 clientDefaultProtocols = customizedProtocols(true, 1386 CustomizedSSLProtocols.customizedClientProtocols); 1387 serverDefaultProtocols = customizedProtocols(false, 1388 CustomizedSSLProtocols.customizedServerProtocols); 1389 1390 clientDefaultCipherSuites = 1391 getApplicableEnabledCipherSuites( 1392 clientDefaultProtocols, true); 1393 serverDefaultCipherSuites = 1394 getApplicableEnabledCipherSuites( 1395 serverDefaultProtocols, false); 1396 1397 } else { 1398 // unlikely to be used 1399 clientDefaultProtocols = null; 1400 serverDefaultProtocols = null; 1401 clientDefaultCipherSuites = null; 1402 serverDefaultCipherSuites = null; 1403 } 1404 } 1405 1406 private static List<ProtocolVersion> customizedProtocols(boolean client, 1407 List<ProtocolVersion> customized) { 1408 List<ProtocolVersion> refactored = new ArrayList<>(); 1409 for (ProtocolVersion pv : customized) { 1410 if (pv.isDTLS) { 1411 refactored.add(pv); 1412 } 1413 } 1414 1415 ProtocolVersion[] candidates; 1416 // Use the default enabled protocols if no customization 1417 if (refactored.isEmpty()) { 1418 candidates = new ProtocolVersion[]{ 1419 ProtocolVersion.DTLS12, 1420 ProtocolVersion.DTLS10 1421 }; 1422 if (!client) 1423 return Arrays.asList(candidates); 1424 } else { 1425 // Use the customized TLS protocols. 1426 candidates = 1427 new ProtocolVersion[customized.size()]; 1428 candidates = customized.toArray(candidates); 1429 } 1430 1431 return getAvailableProtocols(candidates); 1432 } 1433 1434 protected CustomizedDTLSContext() { 1435 if (reservedException != null) { 1436 throw reservedException; 1437 } 1438 } 1439 1440 @Override 1441 List<ProtocolVersion> getClientDefaultProtocolVersions() { 1442 return clientDefaultProtocols; 1443 } 1444 1445 @Override 1446 List<ProtocolVersion> getServerDefaultProtocolVersions() { 1447 return serverDefaultProtocols; 1448 } 1449 1450 @Override 1451 List<CipherSuite> getClientDefaultCipherSuites() { 1452 return clientDefaultCipherSuites; 1453 } 1454 1455 @Override 1456 List<CipherSuite> getServerDefaultCipherSuites() { 1457 return serverDefaultCipherSuites; 1458 } 1459 } 1460 1461 /* 1462 * The SSLContext implementation for default "DTLS" algorithm 1463 * 1464 * @see SSLContext 1465 */ 1466 public static final class DTLSContext extends CustomizedDTLSContext { 1467 // use the default constructor and methods 1468 } 1469 1470 } 1471 1472 final class AbstractTrustManagerWrapper extends X509ExtendedTrustManager 1473 implements X509TrustManager { 1474 1475 // the delegated trust manager 1476 private final X509TrustManager tm; 1477 1478 AbstractTrustManagerWrapper(X509TrustManager tm) { 1479 this.tm = tm; 1480 } 1481 1482 @Override 1483 public void checkClientTrusted(X509Certificate[] chain, String authType) 1484 throws CertificateException { 1485 tm.checkClientTrusted(chain, authType); 1486 } 1487 1488 @Override 1489 public void checkServerTrusted(X509Certificate[] chain, String authType) 1490 throws CertificateException { 1491 tm.checkServerTrusted(chain, authType); 1492 } 1493 1494 @Override 1495 public X509Certificate[] getAcceptedIssuers() { 1496 return tm.getAcceptedIssuers(); 1497 } 1498 1499 @Override 1500 public void checkClientTrusted(X509Certificate[] chain, String authType, 1501 Socket socket) throws CertificateException { 1502 tm.checkClientTrusted(chain, authType); 1503 checkAdditionalTrust(chain, authType, socket, true); 1504 } 1505 1506 @Override 1507 public void checkServerTrusted(X509Certificate[] chain, String authType, 1508 Socket socket) throws CertificateException { 1509 tm.checkServerTrusted(chain, authType); 1510 checkAdditionalTrust(chain, authType, socket, false); 1511 } 1512 1513 @Override 1514 public void checkClientTrusted(X509Certificate[] chain, String authType, 1515 SSLEngine engine) throws CertificateException { 1516 tm.checkClientTrusted(chain, authType); 1517 checkAdditionalTrust(chain, authType, engine, true); 1518 } 1519 1520 @Override 1521 public void checkServerTrusted(X509Certificate[] chain, String authType, 1522 SSLEngine engine) throws CertificateException { 1523 tm.checkServerTrusted(chain, authType); 1524 checkAdditionalTrust(chain, authType, engine, false); 1525 } 1526 1527 private void checkAdditionalTrust(X509Certificate[] chain, String authType, 1528 Socket socket, boolean isClient) throws CertificateException { 1529 if (socket != null && socket.isConnected() && 1530 socket instanceof SSLSocket) { 1531 1532 SSLSocket sslSocket = (SSLSocket)socket; 1533 SSLSession session = sslSocket.getHandshakeSession(); 1534 if (session == null) { 1535 throw new CertificateException("No handshake session"); 1536 } 1537 1538 // check endpoint identity 1539 String identityAlg = sslSocket.getSSLParameters(). 1540 getEndpointIdentificationAlgorithm(); 1541 if (identityAlg != null && identityAlg.length() != 0) { 1542 String hostname = session.getPeerHost(); 1543 X509TrustManagerImpl.checkIdentity( 1544 hostname, chain[0], identityAlg); 1545 } 1546 1547 // try the best to check the algorithm constraints 1548 AlgorithmConstraints constraints; 1549 if (ProtocolVersion.useTLS12PlusSpec(session.getProtocol())) { 1550 if (session instanceof ExtendedSSLSession) { 1551 ExtendedSSLSession extSession = 1552 (ExtendedSSLSession)session; 1553 String[] peerSupportedSignAlgs = 1554 extSession.getLocalSupportedSignatureAlgorithms(); 1555 1556 constraints = new SSLAlgorithmConstraints( 1557 sslSocket, peerSupportedSignAlgs, true); 1558 } else { 1559 constraints = 1560 new SSLAlgorithmConstraints(sslSocket, true); 1561 } 1562 } else { 1563 constraints = new SSLAlgorithmConstraints(sslSocket, true); 1564 } 1565 1566 checkAlgorithmConstraints(chain, constraints, isClient); 1567 } 1568 } 1569 1570 private void checkAdditionalTrust(X509Certificate[] chain, String authType, 1571 SSLEngine engine, boolean isClient) throws CertificateException { 1572 if (engine != null) { 1573 SSLSession session = engine.getHandshakeSession(); 1574 if (session == null) { 1575 throw new CertificateException("No handshake session"); 1576 } 1577 1578 // check endpoint identity 1579 String identityAlg = engine.getSSLParameters(). 1580 getEndpointIdentificationAlgorithm(); 1581 if (identityAlg != null && identityAlg.length() != 0) { 1582 String hostname = session.getPeerHost(); 1583 X509TrustManagerImpl.checkIdentity( 1584 hostname, chain[0], identityAlg); 1585 } 1586 1587 // try the best to check the algorithm constraints 1588 AlgorithmConstraints constraints; 1589 if (ProtocolVersion.useTLS12PlusSpec(session.getProtocol())) { 1590 if (session instanceof ExtendedSSLSession) { 1591 ExtendedSSLSession extSession = 1592 (ExtendedSSLSession)session; 1593 String[] peerSupportedSignAlgs = 1594 extSession.getLocalSupportedSignatureAlgorithms(); 1595 1596 constraints = new SSLAlgorithmConstraints( 1597 engine, peerSupportedSignAlgs, true); 1598 } else { 1599 constraints = 1600 new SSLAlgorithmConstraints(engine, true); 1601 } 1602 } else { 1603 constraints = new SSLAlgorithmConstraints(engine, true); 1604 } 1605 1606 checkAlgorithmConstraints(chain, constraints, isClient); 1607 } 1608 } 1609 1610 private void checkAlgorithmConstraints(X509Certificate[] chain, 1611 AlgorithmConstraints constraints, 1612 boolean isClient) throws CertificateException { 1613 try { 1614 // Does the certificate chain end with a trusted certificate? 1615 int checkedLength = chain.length - 1; 1616 1617 Collection<X509Certificate> trustedCerts = new HashSet<>(); 1618 X509Certificate[] certs = tm.getAcceptedIssuers(); 1619 if ((certs != null) && (certs.length > 0)){ 1620 Collections.addAll(trustedCerts, certs); 1621 } 1622 1623 if (trustedCerts.contains(chain[checkedLength])) { 1624 checkedLength--; 1625 } 1626 1627 // A forward checker, need to check from trust to target 1628 if (checkedLength >= 0) { 1629 AlgorithmChecker checker = 1630 new AlgorithmChecker(constraints, null, 1631 (isClient ? Validator.VAR_TLS_CLIENT : 1632 Validator.VAR_TLS_SERVER)); 1633 checker.init(false); 1634 for (int i = checkedLength; i >= 0; i--) { 1635 X509Certificate cert = chain[i]; 1636 // We don't care about the unresolved critical extensions. 1637 checker.check(cert, Collections.<String>emptySet()); 1638 } 1639 } 1640 } catch (CertPathValidatorException cpve) { 1641 throw new CertificateException( 1642 "Certificates do not conform to algorithm constraints", cpve); 1643 } 1644 } 1645 } 1646 1647 // Dummy X509TrustManager implementation, rejects all peer certificates. 1648 // Used if the application did not specify a proper X509TrustManager. 1649 final class DummyX509TrustManager extends X509ExtendedTrustManager 1650 implements X509TrustManager { 1651 1652 static final X509TrustManager INSTANCE = new DummyX509TrustManager(); 1653 1654 private DummyX509TrustManager() { 1655 // empty 1656 } 1657 1658 /* 1659 * Given the partial or complete certificate chain 1660 * provided by the peer, build a certificate path 1661 * to a trusted root and return if it can be 1662 * validated and is trusted for client SSL authentication. 1663 * If not, it throws an exception. 1664 */ 1665 @Override 1666 public void checkClientTrusted(X509Certificate[] chain, String authType) 1667 throws CertificateException { 1668 throw new CertificateException( 1669 "No X509TrustManager implementation avaiable"); 1670 } 1671 1672 /* 1673 * Given the partial or complete certificate chain 1674 * provided by the peer, build a certificate path 1675 * to a trusted root and return if it can be 1676 * validated and is trusted for server SSL authentication. 1677 * If not, it throws an exception. 1678 */ 1679 @Override 1680 public void checkServerTrusted(X509Certificate[] chain, String authType) 1681 throws CertificateException { 1682 throw new CertificateException( 1683 "No X509TrustManager implementation available"); 1684 } 1685 1686 /* 1687 * Return an array of issuer certificates which are trusted 1688 * for authenticating peers. 1689 */ 1690 @Override 1691 public X509Certificate[] getAcceptedIssuers() { 1692 return new X509Certificate[0]; 1693 } 1694 1695 @Override 1696 public void checkClientTrusted(X509Certificate[] chain, String authType, 1697 Socket socket) throws CertificateException { 1698 throw new CertificateException( 1699 "No X509TrustManager implementation available"); 1700 } 1701 1702 @Override 1703 public void checkServerTrusted(X509Certificate[] chain, String authType, 1704 Socket socket) throws CertificateException { 1705 throw new CertificateException( 1706 "No X509TrustManager implementation available"); 1707 } 1708 1709 @Override 1710 public void checkClientTrusted(X509Certificate[] chain, String authType, 1711 SSLEngine engine) throws CertificateException { 1712 throw new CertificateException( 1713 "No X509TrustManager implementation available"); 1714 } 1715 1716 @Override 1717 public void checkServerTrusted(X509Certificate[] chain, String authType, 1718 SSLEngine engine) throws CertificateException { 1719 throw new CertificateException( 1720 "No X509TrustManager implementation available"); 1721 } 1722 } 1723 1724 /* 1725 * A wrapper class to turn a X509KeyManager into an X509ExtendedKeyManager 1726 */ 1727 final class AbstractKeyManagerWrapper extends X509ExtendedKeyManager { 1728 1729 private final X509KeyManager km; 1730 1731 AbstractKeyManagerWrapper(X509KeyManager km) { 1732 this.km = km; 1733 } 1734 1735 @Override 1736 public String[] getClientAliases(String keyType, Principal[] issuers) { 1737 return km.getClientAliases(keyType, issuers); 1738 } 1739 1740 @Override 1741 public String chooseClientAlias(String[] keyType, Principal[] issuers, 1742 Socket socket) { 1743 return km.chooseClientAlias(keyType, issuers, socket); 1744 } 1745 1746 @Override 1747 public String[] getServerAliases(String keyType, Principal[] issuers) { 1748 return km.getServerAliases(keyType, issuers); 1749 } 1750 1751 @Override 1752 public String chooseServerAlias(String keyType, Principal[] issuers, 1753 Socket socket) { 1754 return km.chooseServerAlias(keyType, issuers, socket); 1755 } 1756 1757 @Override 1758 public X509Certificate[] getCertificateChain(String alias) { 1759 return km.getCertificateChain(alias); 1760 } 1761 1762 @Override 1763 public PrivateKey getPrivateKey(String alias) { 1764 return km.getPrivateKey(alias); 1765 } 1766 1767 // Inherit chooseEngineClientAlias() and chooseEngineServerAlias() from 1768 // X509ExtendedKeymanager. It defines them to return null; 1769 } 1770 1771 1772 // Dummy X509KeyManager implementation, never returns any certificates/keys. 1773 // Used if the application did not specify a proper X509TrustManager. 1774 final class DummyX509KeyManager extends X509ExtendedKeyManager { 1775 1776 static final X509ExtendedKeyManager INSTANCE = new DummyX509KeyManager(); 1777 1778 private DummyX509KeyManager() { 1779 // empty 1780 } 1781 1782 /* 1783 * Get the matching aliases for authenticating the client side of a secure 1784 * socket given the public key type and the list of 1785 * certificate issuer authorities recognized by the peer (if any). 1786 */ 1787 @Override 1788 public String[] getClientAliases(String keyType, Principal[] issuers) { 1789 return null; 1790 } 1791 1792 /* 1793 * Choose an alias to authenticate the client side of a secure 1794 * socket given the public key type and the list of 1795 * certificate issuer authorities recognized by the peer (if any). 1796 */ 1797 @Override 1798 public String chooseClientAlias(String[] keyTypes, Principal[] issuers, 1799 Socket socket) { 1800 return null; 1801 } 1802 1803 /* 1804 * Choose an alias to authenticate the client side of an 1805 * engine given the public key type and the list of 1806 * certificate issuer authorities recognized by the peer (if any). 1807 */ 1808 @Override 1809 public String chooseEngineClientAlias( 1810 String[] keyTypes, Principal[] issuers, SSLEngine engine) { 1811 return null; 1812 } 1813 1814 /* 1815 * Get the matching aliases for authenticating the server side of a secure 1816 * socket given the public key type and the list of 1817 * certificate issuer authorities recognized by the peer (if any). 1818 */ 1819 @Override 1820 public String[] getServerAliases(String keyType, Principal[] issuers) { 1821 return null; 1822 } 1823 1824 /* 1825 * Choose an alias to authenticate the server side of a secure 1826 * socket given the public key type and the list of 1827 * certificate issuer authorities recognized by the peer (if any). 1828 */ 1829 @Override 1830 public String chooseServerAlias(String keyType, Principal[] issuers, 1831 Socket socket) { 1832 return null; 1833 } 1834 1835 /* 1836 * Choose an alias to authenticate the server side of an engine 1837 * given the public key type and the list of 1838 * certificate issuer authorities recognized by the peer (if any). 1839 */ 1840 @Override 1841 public String chooseEngineServerAlias( 1842 String keyType, Principal[] issuers, SSLEngine engine) { 1843 return null; 1844 } 1845 1846 /** 1847 * Returns the certificate chain associated with the given alias. 1848 * 1849 * @param alias the alias name 1850 * 1851 * @return the certificate chain (ordered with the user's certificate first 1852 * and the root certificate authority last) 1853 */ 1854 @Override 1855 public X509Certificate[] getCertificateChain(String alias) { 1856 return null; 1857 } 1858 1859 /* 1860 * Returns the key associated with the given alias, using the given 1861 * password to recover it. 1862 * 1863 * @param alias the alias name 1864 * 1865 * @return the requested key 1866 */ 1867 @Override 1868 public PrivateKey getPrivateKey(String alias) { 1869 return null; 1870 } 1871 }