1 /*
2 * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.ssl;
27
28 import java.io.*;
29 import java.net.Socket;
30 import java.security.*;
31 import java.security.cert.*;
32 import java.util.*;
33 import javax.net.ssl.*;
34 import sun.security.action.GetPropertyAction;
35 import sun.security.provider.certpath.AlgorithmChecker;
36 import sun.security.validator.Validator;
37
38 /**
39 * Implementation of an SSLContext.
40 *
41 * Implementation note: Instances of this class and the child classes are
42 * immutable, except that the context initialization (SSLContext.init()) may
43 * reset the key, trust managers and source of secure random.
44 */
45
46 public abstract class SSLContextImpl extends SSLContextSpi {
47
48 private final EphemeralKeyManager ephemeralKeyManager;
49 private final SSLSessionContextImpl clientCache;
50 private final SSLSessionContextImpl serverCache;
51
52 private boolean isInitialized;
53
54 private X509ExtendedKeyManager keyManager;
55 private X509TrustManager trustManager;
56 private SecureRandom secureRandom;
57
58 // DTLS cookie exchange manager
59 private volatile HelloCookieManager.Builder helloCookieManagerBuilder;
60
61 private final boolean clientEnableStapling = Utilities.getBooleanProperty(
62 "jdk.tls.client.enableStatusRequestExtension", true);
63 private final boolean serverEnableStapling = Utilities.getBooleanProperty(
64 "jdk.tls.server.enableStatusRequestExtension", false);
65 private static final Collection<CipherSuite> clientCustomizedCipherSuites =
66 getCustomizedCipherSuites("jdk.tls.client.cipherSuites");
67 private static final Collection<CipherSuite> serverCustomizedCipherSuites =
68 getCustomizedCipherSuites("jdk.tls.server.cipherSuites");
69
70 private volatile StatusResponseManager statusResponseManager;
71
72 SSLContextImpl() {
73 ephemeralKeyManager = new EphemeralKeyManager();
74 clientCache = new SSLSessionContextImpl();
75 serverCache = new SSLSessionContextImpl();
76 }
77
78 @Override
79 protected void engineInit(KeyManager[] km, TrustManager[] tm,
80 SecureRandom sr) throws KeyManagementException {
81 isInitialized = false;
82 keyManager = chooseKeyManager(km);
83
84 if (tm == null) {
85 try {
86 TrustManagerFactory tmf = TrustManagerFactory.getInstance(
87 TrustManagerFactory.getDefaultAlgorithm());
88 tmf.init((KeyStore)null);
89 tm = tmf.getTrustManagers();
90 } catch (Exception e) {
91 // eat
92 }
93 }
94 trustManager = chooseTrustManager(tm);
95
96 if (sr == null) {
97 secureRandom = JsseJce.getSecureRandom();
98 } else {
99 if (SunJSSE.isFIPS() &&
100 (sr.getProvider() != SunJSSE.cryptoProvider)) {
101 throw new KeyManagementException
102 ("FIPS mode: SecureRandom must be from provider "
103 + SunJSSE.cryptoProvider.getName());
104 }
105 secureRandom = sr;
106 }
107
108 /*
109 * The initial delay of seeding the random number generator
110 * could be long enough to cause the initial handshake on our
111 * first connection to timeout and fail. Make sure it is
112 * primed and ready by getting some initial output from it.
113 */
114 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {
115 SSLLogger.finest("trigger seeding of SecureRandom");
116 }
117 secureRandom.nextInt();
118 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {
119 SSLLogger.finest("done seeding of SecureRandom");
120 }
121
122 isInitialized = true;
123 }
124
125 private X509TrustManager chooseTrustManager(TrustManager[] tm)
126 throws KeyManagementException {
127 // We only use the first instance of X509TrustManager passed to us.
128 for (int i = 0; tm != null && i < tm.length; i++) {
129 if (tm[i] instanceof X509TrustManager) {
130 if (SunJSSE.isFIPS() &&
131 !(tm[i] instanceof X509TrustManagerImpl)) {
132 throw new KeyManagementException
133 ("FIPS mode: only SunJSSE TrustManagers may be used");
134 }
135
136 if (tm[i] instanceof X509ExtendedTrustManager) {
137 return (X509TrustManager)tm[i];
138 } else {
139 return new AbstractTrustManagerWrapper(
140 (X509TrustManager)tm[i]);
141 }
142 }
143 }
144
145 // nothing found, return a dummy X509TrustManager.
146 return DummyX509TrustManager.INSTANCE;
147 }
148
149 private X509ExtendedKeyManager chooseKeyManager(KeyManager[] kms)
150 throws KeyManagementException {
151 for (int i = 0; kms != null && i < kms.length; i++) {
152 KeyManager km = kms[i];
153 if (!(km instanceof X509KeyManager)) {
154 continue;
155 }
156 if (SunJSSE.isFIPS()) {
157 // In FIPS mode, require that one of SunJSSE's own keymanagers
158 // is used. Otherwise, we cannot be sure that only keys from
159 // the FIPS token are used.
160 if ((km instanceof X509KeyManagerImpl)
161 || (km instanceof SunX509KeyManagerImpl)) {
162 return (X509ExtendedKeyManager)km;
163 } else {
164 // throw exception, we don't want to silently use the
165 // dummy keymanager without telling the user.
166 throw new KeyManagementException
167 ("FIPS mode: only SunJSSE KeyManagers may be used");
168 }
169 }
170 if (km instanceof X509ExtendedKeyManager) {
171 return (X509ExtendedKeyManager)km;
172 }
173
174 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {
175 SSLLogger.warning(
176 "X509KeyManager passed to SSLContext.init(): need an " +
177 "X509ExtendedKeyManager for SSLEngine use");
178 }
179 return new AbstractKeyManagerWrapper((X509KeyManager)km);
180 }
181
182 // nothing found, return a dummy X509ExtendedKeyManager
183 return DummyX509KeyManager.INSTANCE;
184 }
185
186 abstract SSLEngine createSSLEngineImpl();
187 abstract SSLEngine createSSLEngineImpl(String host, int port);
188
189 @Override
190 protected SSLEngine engineCreateSSLEngine() {
191 if (!isInitialized) {
192 throw new IllegalStateException("SSLContext is not initialized");
193 }
194 return createSSLEngineImpl();
195 }
196
197 @Override
198 protected SSLEngine engineCreateSSLEngine(String host, int port) {
199 if (!isInitialized) {
200 throw new IllegalStateException("SSLContext is not initialized");
201 }
202 return createSSLEngineImpl(host, port);
203 }
204
205 @Override
206 protected SSLSocketFactory engineGetSocketFactory() {
207 if (!isInitialized) {
208 throw new IllegalStateException("SSLContext is not initialized");
209 }
210 if (isDTLS()) {
211 throw new UnsupportedOperationException(
212 "DTLS not supported with SSLSocket");
213 }
214 return new SSLSocketFactoryImpl(this);
215 }
216
217 @Override
218 protected SSLServerSocketFactory engineGetServerSocketFactory() {
219 if (!isInitialized) {
220 throw new IllegalStateException("SSLContext is not initialized");
221 }
222 if (isDTLS()) {
223 throw new UnsupportedOperationException(
224 "DTLS not supported with SSLServerSocket");
225 }
226 return new SSLServerSocketFactoryImpl(this);
227 }
228
229 @Override
230 protected SSLSessionContext engineGetClientSessionContext() {
231 return clientCache;
232 }
233
234 @Override
235 protected SSLSessionContext engineGetServerSessionContext() {
236 return serverCache;
237 }
238
239 SecureRandom getSecureRandom() {
240 return secureRandom;
241 }
242
243 X509ExtendedKeyManager getX509KeyManager() {
244 return keyManager;
245 }
246
247 X509TrustManager getX509TrustManager() {
248 return trustManager;
249 }
250
251 EphemeralKeyManager getEphemeralKeyManager() {
252 return ephemeralKeyManager;
253 }
254
255 // Used for DTLS in server mode only.
256 HelloCookieManager getHelloCookieManager(ProtocolVersion protocolVersion) {
257 if (helloCookieManagerBuilder == null) {
258 synchronized (this) {
259 if (helloCookieManagerBuilder == null) {
260 helloCookieManagerBuilder =
261 new HelloCookieManager.Builder(secureRandom);
262 }
263 }
264 }
265
266 return helloCookieManagerBuilder.valueOf(protocolVersion);
267 }
268
269 StatusResponseManager getStatusResponseManager() {
270 if (serverEnableStapling && statusResponseManager == null) {
271 synchronized (this) {
272 if (statusResponseManager == null) {
273 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {
274 SSLLogger.finest(
275 "Initializing StatusResponseManager");
276 }
277 statusResponseManager = new StatusResponseManager();
278 }
279 }
280 }
281
282 return statusResponseManager;
283 }
284
285 // Get supported protocols.
286 abstract List<ProtocolVersion> getSupportedProtocolVersions();
287
288 // Get default protocols for server mode.
289 abstract List<ProtocolVersion> getServerDefaultProtocolVersions();
290
291 // Get default protocols for client mode.
292 abstract List<ProtocolVersion> getClientDefaultProtocolVersions();
293
294 // Get supported CipherSuite list.
295 abstract List<CipherSuite> getSupportedCipherSuites();
296
297 // Get default CipherSuite list for server mode.
298 abstract List<CipherSuite> getServerDefaultCipherSuites();
299
300 // Get default CipherSuite list for client mode.
301 abstract List<CipherSuite> getClientDefaultCipherSuites();
302
303 // Is the context for DTLS protocols?
304 abstract boolean isDTLS();
305
306 // Get default protocols.
307 List<ProtocolVersion> getDefaultProtocolVersions(boolean roleIsServer) {
308 return roleIsServer ? getServerDefaultProtocolVersions()
309 : getClientDefaultProtocolVersions();
310 }
311
312 // Get default CipherSuite list.
313 List<CipherSuite> getDefaultCipherSuites(boolean roleIsServer) {
314 return roleIsServer ? getServerDefaultCipherSuites()
315 : getClientDefaultCipherSuites();
316 }
317
318 /**
319 * Return whether a protocol list is the original default enabled
320 * protocols. See: SSLSocket/SSLEngine.setEnabledProtocols()
321 */
322 boolean isDefaultProtocolVesions(List<ProtocolVersion> protocols) {
323 return (protocols == getServerDefaultProtocolVersions()) ||
324 (protocols == getClientDefaultProtocolVersions());
325 }
326
327 /**
328 * Return whether a protocol list is the original default enabled
329 * protocols. See: SSLSocket/SSLEngine.setEnabledProtocols()
330 */
331 boolean isDefaultCipherSuiteList(List<CipherSuite> cipherSuites) {
332 return (cipherSuites == getServerDefaultCipherSuites()) ||
333 (cipherSuites == getClientDefaultCipherSuites());
334 }
335
336 /**
337 * Return whether client or server side stapling has been enabled
338 * for this SSLContextImpl
339 * @param isClient true if the caller is operating in a client side role,
340 * false if acting as a server.
341 * @return true if stapling has been enabled for the specified role, false
342 * otherwise.
343 */
344 boolean isStaplingEnabled(boolean isClient) {
345 return isClient ? clientEnableStapling : serverEnableStapling;
346 }
347
348 /*
349 * Return the list of all available CipherSuites that are supported
350 * using currently installed providers.
351 */
352 private static List<CipherSuite> getApplicableSupportedCipherSuites(
353 List<ProtocolVersion> protocols) {
354
355 return getApplicableCipherSuites(
356 CipherSuite.allowedCipherSuites(), protocols);
357 }
358
359 /*
360 * Return the list of all available CipherSuites that are default enabled
361 * in client or server side.
362 */
363 private static List<CipherSuite> getApplicableEnabledCipherSuites(
364 List<ProtocolVersion> protocols, boolean isClient) {
365
366 if (isClient) {
367 if (!clientCustomizedCipherSuites.isEmpty()) {
368 return getApplicableCipherSuites(
369 clientCustomizedCipherSuites, protocols);
370 }
371 } else {
372 if (!serverCustomizedCipherSuites.isEmpty()) {
373 return getApplicableCipherSuites(
374 serverCustomizedCipherSuites, protocols);
375 }
376 }
377
378 return getApplicableCipherSuites(
379 CipherSuite.defaultCipherSuites(), protocols);
380 }
381
382 /*
383 * Return the list of available CipherSuites which are applicable to
384 * the specified protocols.
385 */
386 private static List<CipherSuite> getApplicableCipherSuites(
387 Collection<CipherSuite> allowedCipherSuites,
388 List<ProtocolVersion> protocols) {
389 TreeSet<CipherSuite> suites = new TreeSet<>();
390 if (protocols != null && (!protocols.isEmpty())) {
391 for (CipherSuite suite : allowedCipherSuites) {
392 if (!suite.isAvailable()) {
393 continue;
394 }
395
396 boolean isSupported = false;
397 for (ProtocolVersion protocol : protocols) {
398 if (!suite.supports(protocol)) {
399 continue;
400 }
401
402 if (SSLAlgorithmConstraints.DEFAULT.permits(
403 EnumSet.of(CryptoPrimitive.KEY_AGREEMENT),
404 suite.name, null)) {
405 suites.add(suite);
406 isSupported = true;
407 } else if (SSLLogger.isOn &&
408 SSLLogger.isOn("ssl,sslctx,verbose")) {
409 SSLLogger.fine(
410 "Ignore disabled cipher suite: " + suite.name);
411 }
412
413 break;
414 }
415
416 if (!isSupported && SSLLogger.isOn &&
417 SSLLogger.isOn("ssl,sslctx,verbose")) {
418 SSLLogger.finest(
419 "Ignore unsupported cipher suite: " + suite);
420 }
421 }
422 }
423
424 return new ArrayList<>(suites);
425 }
426
427 /*
428 * Get the customized cipher suites specified by the given system property.
429 */
430 private static Collection<CipherSuite> getCustomizedCipherSuites(
431 String propertyName) {
432
433 String property = GetPropertyAction.privilegedGetProperty(propertyName);
434 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {
435 SSLLogger.fine(
436 "System property " + propertyName + " is set to '" +
437 property + "'");
438 }
439 if (property != null && property.length() != 0) {
440 // remove double quote marks from beginning/end of the property
441 if (property.length() > 1 && property.charAt(0) == '"' &&
442 property.charAt(property.length() - 1) == '"') {
443 property = property.substring(1, property.length() - 1);
444 }
445 }
446
447 if (property != null && property.length() != 0) {
448 String[] cipherSuiteNames = property.split(",");
449 Collection<CipherSuite> cipherSuites =
450 new ArrayList<>(cipherSuiteNames.length);
451 for (int i = 0; i < cipherSuiteNames.length; i++) {
452 cipherSuiteNames[i] = cipherSuiteNames[i].trim();
453 if (cipherSuiteNames[i].isEmpty()) {
454 continue;
455 }
456
457 CipherSuite suite;
458 try {
459 suite = CipherSuite.nameOf(cipherSuiteNames[i]);
460 } catch (IllegalArgumentException iae) {
461 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {
462 SSLLogger.fine(
463 "Unknown or unsupported cipher suite name: " +
464 cipherSuiteNames[i]);
465 }
466
467 continue;
468 }
469
470 if (suite != null && suite.isAvailable()) {
471 cipherSuites.add(suite);
472 } else {
473 if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {
474 SSLLogger.fine(
475 "The current installed providers do not " +
476 "support cipher suite: " + cipherSuiteNames[i]);
477 }
478 }
479 }
480
481 return cipherSuites;
482 }
483
484 return Collections.emptyList();
485 }
486
487
488 private static List<ProtocolVersion> getAvailableProtocols(
489 ProtocolVersion[] protocolCandidates) {
490
491 List<ProtocolVersion> availableProtocols =
492 Collections.<ProtocolVersion>emptyList();
493 if (protocolCandidates != null && protocolCandidates.length != 0) {
494 availableProtocols = new ArrayList<>(protocolCandidates.length);
495 for (ProtocolVersion p : protocolCandidates) {
496 if (p.isAvailable) {
497 availableProtocols.add(p);
498 }
499 }
500 }
501
502 return availableProtocols;
503 }
504
505 /*
506 * The SSLContext implementation for SSL/(D)TLS algorithm
507 *
508 * SSL/TLS protocols specify the forward compatibility and version
509 * roll-back attack protections, however, a number of SSL/TLS server
510 * vendors did not implement these aspects properly, and some current
511 * SSL/TLS servers may refuse to talk to a TLS 1.1 or later client.
512 *
513 * Considering above interoperability issues, SunJSSE will not set
514 * TLS 1.1 and TLS 1.2 as the enabled protocols for client by default.
515 *
516 * For SSL/TLS servers, there is no such interoperability issues as
517 * SSL/TLS clients. In SunJSSE, TLS 1.1 or later version will be the
518 * enabled protocols for server by default.
519 *
520 * We may change the behavior when popular TLS/SSL vendors support TLS
521 * forward compatibility properly.
522 *
523 * SSLv2Hello is no longer necessary. This interoperability option was
524 * put in place in the late 90's when SSLv3/TLS1.0 were relatively new
525 * and there were a fair number of SSLv2-only servers deployed. Because
526 * of the security issues in SSLv2, it is rarely (if ever) used, as
527 * deployments should now be using SSLv3 and TLSv1.
528 *
529 * Considering the issues of SSLv2Hello, we should not enable SSLv2Hello
530 * by default. Applications still can use it by enabling SSLv2Hello with
531 * the series of setEnabledProtocols APIs.
532 */
533
534 /*
535 * The base abstract SSLContext implementation for the Transport Layer
536 * Security (TLS) protocols.
537 *
538 * This abstract class encapsulates supported and the default server
539 * SSL/TLS parameters.
540 *
541 * @see SSLContext
542 */
543 private abstract static class AbstractTLSContext extends SSLContextImpl {
544 private static final List<ProtocolVersion> supportedProtocols;
545 private static final List<ProtocolVersion> serverDefaultProtocols;
546
547 private static final List<CipherSuite> supportedCipherSuites;
548 private static final List<CipherSuite> serverDefaultCipherSuites;
549
550 static {
551 if (SunJSSE.isFIPS()) {
552 supportedProtocols = Arrays.asList(
553 ProtocolVersion.TLS13,
554 ProtocolVersion.TLS12,
555 ProtocolVersion.TLS11,
556 ProtocolVersion.TLS10
557 );
558
559 serverDefaultProtocols = getAvailableProtocols(
560 new ProtocolVersion[] {
561 ProtocolVersion.TLS13,
562 ProtocolVersion.TLS12,
563 ProtocolVersion.TLS11,
564 ProtocolVersion.TLS10
565 });
566 } else {
567 supportedProtocols = Arrays.asList(
568 ProtocolVersion.TLS13,
569 ProtocolVersion.TLS12,
570 ProtocolVersion.TLS11,
571 ProtocolVersion.TLS10,
572 ProtocolVersion.SSL30,
573 ProtocolVersion.SSL20Hello
574 );
575
576 serverDefaultProtocols = getAvailableProtocols(
577 new ProtocolVersion[] {
578 ProtocolVersion.TLS13,
579 ProtocolVersion.TLS12,
580 ProtocolVersion.TLS11,
581 ProtocolVersion.TLS10,
582 ProtocolVersion.SSL30,
583 ProtocolVersion.SSL20Hello
584 });
585 }
586
587 supportedCipherSuites = getApplicableSupportedCipherSuites(
588 supportedProtocols);
589 serverDefaultCipherSuites = getApplicableEnabledCipherSuites(
590 serverDefaultProtocols, false);
591 }
592
593 @Override
594 List<ProtocolVersion> getSupportedProtocolVersions() {
595 return supportedProtocols;
596 }
597
598 @Override
599 List<CipherSuite> getSupportedCipherSuites() {
600 return supportedCipherSuites;
601 }
602
603 @Override
604 List<ProtocolVersion> getServerDefaultProtocolVersions() {
605 return serverDefaultProtocols;
606 }
607
608 @Override
609 List<CipherSuite> getServerDefaultCipherSuites() {
610 return serverDefaultCipherSuites;
611 }
612
613 @Override
614 SSLEngine createSSLEngineImpl() {
615 return new SSLEngineImpl(this);
616 }
617
618 @Override
619 SSLEngine createSSLEngineImpl(String host, int port) {
620 return new SSLEngineImpl(this, host, port);
621 }
622
623 @Override
624 boolean isDTLS() {
625 return false;
626 }
627
628 static ProtocolVersion[] getSupportedProtocols() {
629 if (SunJSSE.isFIPS()) {
630 return new ProtocolVersion[] {
631 ProtocolVersion.TLS13,
632 ProtocolVersion.TLS12,
633 ProtocolVersion.TLS11,
634 ProtocolVersion.TLS10
635 };
636 } else {
637 return new ProtocolVersion[]{
638 ProtocolVersion.TLS13,
639 ProtocolVersion.TLS12,
640 ProtocolVersion.TLS11,
641 ProtocolVersion.TLS10,
642 ProtocolVersion.SSL30,
643 ProtocolVersion.SSL20Hello
644 };
645 }
646 }
647 }
648
649 /*
650 * The SSLContext implementation for SSLv3 and TLS10 algorithm
651 *
652 * @see SSLContext
653 */
654 public static final class TLS10Context extends AbstractTLSContext {
655 private static final List<ProtocolVersion> clientDefaultProtocols;
656 private static final List<CipherSuite> clientDefaultCipherSuites;
657
658 static {
659 if (SunJSSE.isFIPS()) {
660 clientDefaultProtocols = getAvailableProtocols(
661 new ProtocolVersion[] {
662 ProtocolVersion.TLS10
663 });
664 } else {
665 clientDefaultProtocols = getAvailableProtocols(
666 new ProtocolVersion[] {
667 ProtocolVersion.TLS10,
668 ProtocolVersion.SSL30
669 });
670 }
671
672 clientDefaultCipherSuites = getApplicableEnabledCipherSuites(
673 clientDefaultProtocols, true);
674 }
675
676 @Override
677 List<ProtocolVersion> getClientDefaultProtocolVersions() {
678 return clientDefaultProtocols;
679 }
680
681 @Override
682 List<CipherSuite> getClientDefaultCipherSuites() {
683 return clientDefaultCipherSuites;
684 }
685 }
686
687 /*
688 * The SSLContext implementation for TLS11 algorithm
689 *
690 * @see SSLContext
691 */
692 public static final class TLS11Context extends AbstractTLSContext {
693 private static final List<ProtocolVersion> clientDefaultProtocols;
694 private static final List<CipherSuite> clientDefaultCipherSuites;
695
696 static {
697 if (SunJSSE.isFIPS()) {
698 clientDefaultProtocols = getAvailableProtocols(
699 new ProtocolVersion[] {
700 ProtocolVersion.TLS11,
701 ProtocolVersion.TLS10
702 });
703 } else {
704 clientDefaultProtocols = getAvailableProtocols(
705 new ProtocolVersion[] {
706 ProtocolVersion.TLS11,
707 ProtocolVersion.TLS10,
708 ProtocolVersion.SSL30
709 });
710 }
711
712 clientDefaultCipherSuites = getApplicableEnabledCipherSuites(
713 clientDefaultProtocols, true);
714
715 }
716
717 @Override
718 List<ProtocolVersion> getClientDefaultProtocolVersions() {
719 return clientDefaultProtocols;
720 }
721
722 @Override
723 List<CipherSuite> getClientDefaultCipherSuites() {
724 return clientDefaultCipherSuites;
725 }
726 }
727
728 /*
729 * The SSLContext implementation for TLS12 algorithm
730 *
731 * @see SSLContext
732 */
733 public static final class TLS12Context extends AbstractTLSContext {
734 private static final List<ProtocolVersion> clientDefaultProtocols;
735 private static final List<CipherSuite> clientDefaultCipherSuites;
736
737 static {
738 if (SunJSSE.isFIPS()) {
739 clientDefaultProtocols = getAvailableProtocols(
740 new ProtocolVersion[] {
741 ProtocolVersion.TLS12,
742 ProtocolVersion.TLS11,
743 ProtocolVersion.TLS10
744 });
745 } else {
746 clientDefaultProtocols = getAvailableProtocols(
747 new ProtocolVersion[] {
748 ProtocolVersion.TLS12,
749 ProtocolVersion.TLS11,
750 ProtocolVersion.TLS10,
751 ProtocolVersion.SSL30
752 });
753 }
754
755 clientDefaultCipherSuites = getApplicableEnabledCipherSuites(
756 clientDefaultProtocols, true);
757 }
758
759 @Override
760 List<ProtocolVersion> getClientDefaultProtocolVersions() {
761 return clientDefaultProtocols;
762 }
763
764 @Override
765 List<CipherSuite> getClientDefaultCipherSuites() {
766 return clientDefaultCipherSuites;
767 }
768 }
769
770 /*
771 * The SSLContext implementation for TLS1.3 algorithm
772 *
773 * @see SSLContext
774 */
775 public static final class TLS13Context extends AbstractTLSContext {
776 private static final List<ProtocolVersion> clientDefaultProtocols;
777 private static final List<CipherSuite> clientDefaultCipherSuites;
778
779 static {
780 if (SunJSSE.isFIPS()) {
781 clientDefaultProtocols = getAvailableProtocols(
782 new ProtocolVersion[] {
783 ProtocolVersion.TLS13,
784 ProtocolVersion.TLS12,
785 ProtocolVersion.TLS11,
786 ProtocolVersion.TLS10
787 });
788 } else {
789 clientDefaultProtocols = getAvailableProtocols(
790 new ProtocolVersion[] {
791 ProtocolVersion.TLS13,
792 ProtocolVersion.TLS12,
793 ProtocolVersion.TLS11,
794 ProtocolVersion.TLS10,
795 ProtocolVersion.SSL30
796 });
797 }
798
799 clientDefaultCipherSuites = getApplicableEnabledCipherSuites(
800 clientDefaultProtocols, true);
801 }
802
803 @Override
804 List<ProtocolVersion> getClientDefaultProtocolVersions() {
805 return clientDefaultProtocols;
806 }
807
808 @Override
809 List<CipherSuite> getClientDefaultCipherSuites() {
810 return clientDefaultCipherSuites;
811 }
812 }
813
814 /*
815 * The interface for the customized SSL/(D)TLS SSLContext.
816 *
817 * @see SSLContext
818 */
819 private static class CustomizedSSLProtocols {
820 private static final String JDK_TLS_CLIENT_PROTOCOLS =
821 "jdk.tls.client.protocols";
822 private static final String JDK_TLS_SERVER_PROTOCOLS =
823 "jdk.tls.server.protocols";
824 static IllegalArgumentException reservedException = null;
825 static final ArrayList<ProtocolVersion> customizedClientProtocols =
826 new ArrayList<>();
827 static final ArrayList<ProtocolVersion> customizedServerProtocols =
828 new ArrayList<>();
829
830 // Don't want a java.lang.LinkageError for illegal system property.
831 //
832 // Please don't throw exception in this static block. Otherwise,
833 // java.lang.LinkageError may be thrown during the instantiation of
834 // the provider service. Instead, please handle the initialization
835 // exception in the caller's constructor.
836 static {
837 populate(JDK_TLS_CLIENT_PROTOCOLS, customizedClientProtocols);
838 populate(JDK_TLS_SERVER_PROTOCOLS, customizedServerProtocols);
839 }
840
841 private static void populate(String propname,
842 ArrayList<ProtocolVersion> arrayList) {
843 String property = GetPropertyAction.privilegedGetProperty(propname);
844 if (property == null) {
845 return;
846 }
847
848 if (property.length() != 0) {
849 // remove double quote marks from beginning/end of the property
850 if (property.length() > 1 && property.charAt(0) == '"' &&
851 property.charAt(property.length() - 1) == '"') {
852 property = property.substring(1, property.length() - 1);
853 }
854 }
855
856 if (property.length() != 0) {
857 String[] protocols = property.split(",");
858 for (int i = 0; i < protocols.length; i++) {
859 protocols[i] = protocols[i].trim();
860 // Is it a supported protocol name?
861 ProtocolVersion pv =
862 ProtocolVersion.nameOf(protocols[i]);
863 if (pv == null) {
864 reservedException = new IllegalArgumentException(
865 propname + ": " + protocols[i] +
866 " is not a supported SSL protocol name");
867 }
868
869 if (SunJSSE.isFIPS() &&
870 ((pv == ProtocolVersion.SSL30) ||
871 (pv == ProtocolVersion.SSL20Hello))) {
872 reservedException = new IllegalArgumentException(
873 propname + ": " + pv +
874 " is not FIPS compliant");
875
876 break;
877 }
878
879 // ignore duplicated protocols
880 if (!arrayList.contains(pv)) {
881 arrayList.add(pv);
882 }
883 }
884 }
885 }
886 }
887
888 /*
889 * The SSLContext implementation for customized TLS protocols
890 *
891 * @see SSLContext
892 */
893 private static class CustomizedTLSContext extends AbstractTLSContext {
894
895 private static final List<ProtocolVersion> clientDefaultProtocols;
896 private static final List<ProtocolVersion> serverDefaultProtocols;
897 private static final List<CipherSuite> clientDefaultCipherSuites;
898 private static final List<CipherSuite> serverDefaultCipherSuites;
899 private static final IllegalArgumentException reservedException;
900
901 // Don't want a java.lang.LinkageError for illegal system property.
902 //
903 // Please don't throw exception in this static block. Otherwise,
904 // java.lang.LinkageError may be thrown during the instantiation of
905 // the provider service. Instead, let's handle the initialization
906 // exception in constructor.
907 static {
908 reservedException = CustomizedSSLProtocols.reservedException;
909 if (reservedException == null) {
910 clientDefaultProtocols = customizedProtocols(true,
911 CustomizedSSLProtocols.customizedClientProtocols);
912 serverDefaultProtocols = customizedProtocols(false,
913 CustomizedSSLProtocols.customizedServerProtocols);
914
915 clientDefaultCipherSuites =
916 getApplicableEnabledCipherSuites(
917 clientDefaultProtocols, true);
918 serverDefaultCipherSuites =
919 getApplicableEnabledCipherSuites(
920 serverDefaultProtocols, false);
921
922 } else {
923 // unlikely to be used
924 clientDefaultProtocols = null;
925 serverDefaultProtocols = null;
926 clientDefaultCipherSuites = null;
927 serverDefaultCipherSuites = null;
928 }
929 }
930
931 private static List<ProtocolVersion> customizedProtocols(
932 boolean client, List<ProtocolVersion> customized) {
933 List<ProtocolVersion> refactored = new ArrayList<>();
934 for (ProtocolVersion pv : customized) {
935 if (!pv.isDTLS) {
936 refactored.add(pv);
937 }
938 }
939
940 // Use the default enabled protocols if no customization
941 ProtocolVersion[] candidates;
942 if (refactored.isEmpty()) {
943 if (client) {
944 candidates = getProtocols();
945 } else {
946 candidates = getSupportedProtocols();
947 }
948 } else {
949 // Use the customized TLS protocols.
950 candidates =
951 refactored.toArray(new ProtocolVersion[refactored.size()]);
952 }
953
954 return getAvailableProtocols(candidates);
955 }
956
957 static ProtocolVersion[] getProtocols() {
958 if (SunJSSE.isFIPS()) {
959 return new ProtocolVersion[]{
960 ProtocolVersion.TLS13,
961 ProtocolVersion.TLS12,
962 ProtocolVersion.TLS11,
963 ProtocolVersion.TLS10
964 };
965 } else {
966 return new ProtocolVersion[]{
967 ProtocolVersion.TLS13,
968 ProtocolVersion.TLS12,
969 ProtocolVersion.TLS11,
970 ProtocolVersion.TLS10,
971 ProtocolVersion.SSL30
972 };
973 }
974 }
975
976 protected CustomizedTLSContext() {
977 if (reservedException != null) {
978 throw reservedException;
979 }
980 }
981
982 @Override
983 List<ProtocolVersion> getClientDefaultProtocolVersions() {
984 return clientDefaultProtocols;
985 }
986
987 @Override
988 List<ProtocolVersion> getServerDefaultProtocolVersions() {
989 return serverDefaultProtocols;
990 }
991
992 @Override
993 List<CipherSuite> getClientDefaultCipherSuites() {
994 return clientDefaultCipherSuites;
995 }
996
997 @Override
998 List<CipherSuite> getServerDefaultCipherSuites() {
999 return serverDefaultCipherSuites;
1000 }
1001
1002
1003 }
1004
1005 /*
1006 * The SSLContext implementation for default "TLS" algorithm
1007 *
1008 * @see SSLContext
1009 */
1010 public static final class TLSContext extends CustomizedTLSContext {
1011 // use the default constructor and methods
1012 }
1013
1014 // lazy initialization holder class idiom for static default parameters
1015 //
1016 // See Effective Java Second Edition: Item 71.
1017 private static final class DefaultManagersHolder {
1018 private static final String NONE = "NONE";
1019 private static final String P11KEYSTORE = "PKCS11";
1020
1021 private static final TrustManager[] trustManagers;
1022 private static final KeyManager[] keyManagers;
1023
1024 private static final Exception reservedException;
1025
1026 static {
1027 Exception reserved = null;
1028 TrustManager[] tmMediator;
1029 try {
1030 tmMediator = getTrustManagers();
1031 } catch (Exception e) {
1032 reserved = e;
1033 tmMediator = new TrustManager[0];
1034 }
1035 trustManagers = tmMediator;
1036
1037 if (reserved == null) {
1038 KeyManager[] kmMediator;
1039 try {
1040 kmMediator = getKeyManagers();
1041 } catch (Exception e) {
1042 reserved = e;
1043 kmMediator = new KeyManager[0];
1044 }
1045 keyManagers = kmMediator;
1046 } else {
1047 keyManagers = new KeyManager[0];
1048 }
1049
1050 reservedException = reserved;
1051 }
1052
1053 private static TrustManager[] getTrustManagers() throws Exception {
1054 TrustManagerFactory tmf = TrustManagerFactory.getInstance(
1055 TrustManagerFactory.getDefaultAlgorithm());
1056 if ("SunJSSE".equals(tmf.getProvider().getName())) {
1057 // The implementation will load the default KeyStore
1058 // automatically. Cached trust materials may be used
1059 // for performance improvement.
1060 tmf.init((KeyStore)null);
1061 } else {
1062 // Use the explicitly specified KeyStore for third party's
1063 // TrustManagerFactory implementation.
1064 KeyStore ks = TrustStoreManager.getTrustedKeyStore();
1065 tmf.init(ks);
1066 }
1067
1068 return tmf.getTrustManagers();
1069 }
1070
1071 private static KeyManager[] getKeyManagers() throws Exception {
1072
1073 final Map<String,String> props = new HashMap<>();
1074 AccessController.doPrivileged(
1075 new PrivilegedExceptionAction<Object>() {
1076 @Override
1077 public Object run() throws Exception {
1078 props.put("keyStore", System.getProperty(
1079 "javax.net.ssl.keyStore", ""));
1080 props.put("keyStoreType", System.getProperty(
1081 "javax.net.ssl.keyStoreType",
1082 KeyStore.getDefaultType()));
1083 props.put("keyStoreProvider", System.getProperty(
1084 "javax.net.ssl.keyStoreProvider", ""));
1085 props.put("keyStorePasswd", System.getProperty(
1086 "javax.net.ssl.keyStorePassword", ""));
1087 return null;
1088 }
1089 });
1090
1091 final String defaultKeyStore = props.get("keyStore");
1092 String defaultKeyStoreType = props.get("keyStoreType");
1093 String defaultKeyStoreProvider = props.get("keyStoreProvider");
1094 if (SSLLogger.isOn && SSLLogger.isOn("ssl,defaultctx")) {
1095 SSLLogger.fine("keyStore is : " + defaultKeyStore);
1096 SSLLogger.fine("keyStore type is : " +
1097 defaultKeyStoreType);
1098 SSLLogger.fine("keyStore provider is : " +
1099 defaultKeyStoreProvider);
1100 }
1101
1102 if (P11KEYSTORE.equals(defaultKeyStoreType) &&
1103 !NONE.equals(defaultKeyStore)) {
1104 throw new IllegalArgumentException("if keyStoreType is "
1105 + P11KEYSTORE + ", then keyStore must be " + NONE);
1106 }
1107
1108 FileInputStream fs = null;
1109 KeyStore ks = null;
1110 char[] passwd = null;
1111 try {
1112 if (defaultKeyStore.length() != 0 &&
1113 !NONE.equals(defaultKeyStore)) {
1114 fs = AccessController.doPrivileged(
1115 new PrivilegedExceptionAction<FileInputStream>() {
1116 @Override
1117 public FileInputStream run() throws Exception {
1118 return new FileInputStream(defaultKeyStore);
1119 }
1120 });
1121 }
1122
1123 String defaultKeyStorePassword = props.get("keyStorePasswd");
1124 if (defaultKeyStorePassword.length() != 0) {
1125 passwd = defaultKeyStorePassword.toCharArray();
1126 }
1127
1128 /**
1129 * Try to initialize key store.
1130 */
1131 if ((defaultKeyStoreType.length()) != 0) {
1132 if (SSLLogger.isOn && SSLLogger.isOn("ssl,defaultctx")) {
1133 SSLLogger.finest("init keystore");
1134 }
1135 if (defaultKeyStoreProvider.length() == 0) {
1136 ks = KeyStore.getInstance(defaultKeyStoreType);
1137 } else {
1138 ks = KeyStore.getInstance(defaultKeyStoreType,
1139 defaultKeyStoreProvider);
1140 }
1141
1142 // if defaultKeyStore is NONE, fs will be null
1143 ks.load(fs, passwd);
1144 }
1145 } finally {
1146 if (fs != null) {
1147 fs.close();
1148 fs = null;
1149 }
1150 }
1151
1152 /*
1153 * Try to initialize key manager.
1154 */
1155 if (SSLLogger.isOn && SSLLogger.isOn("ssl,defaultctx")) {
1156 SSLLogger.fine("init keymanager of type " +
1157 KeyManagerFactory.getDefaultAlgorithm());
1158 }
1159 KeyManagerFactory kmf = KeyManagerFactory.getInstance(
1160 KeyManagerFactory.getDefaultAlgorithm());
1161
1162 if (P11KEYSTORE.equals(defaultKeyStoreType)) {
1163 kmf.init(ks, null); // do not pass key passwd if using token
1164 } else {
1165 kmf.init(ks, passwd);
1166 }
1167
1168 return kmf.getKeyManagers();
1169 }
1170 }
1171
1172 // lazy initialization holder class idiom for static default parameters
1173 //
1174 // See Effective Java Second Edition: Item 71.
1175 private static final class DefaultSSLContextHolder {
1176
1177 private static final SSLContextImpl sslContext;
1178 static Exception reservedException = null;
1179
1180 static {
1181 SSLContextImpl mediator = null;
1182 if (DefaultManagersHolder.reservedException != null) {
1183 reservedException = DefaultManagersHolder.reservedException;
1184 } else {
1185 try {
1186 mediator = new DefaultSSLContext();
1187 } catch (Exception e) {
1188 reservedException = e;
1189 }
1190 }
1191
1192 sslContext = mediator;
1193 }
1194 }
1195
1196 /*
1197 * The SSLContext implementation for default "Default" algorithm
1198 *
1199 * @see SSLContext
1200 */
1201 public static final class DefaultSSLContext extends CustomizedTLSContext {
1202
1203 // public constructor for SSLContext.getInstance("Default")
1204 public DefaultSSLContext() throws Exception {
1205 if (DefaultManagersHolder.reservedException != null) {
1206 throw DefaultManagersHolder.reservedException;
1207 }
1208
1209 try {
1210 super.engineInit(DefaultManagersHolder.keyManagers,
1211 DefaultManagersHolder.trustManagers, null);
1212 } catch (Exception e) {
1213 if (SSLLogger.isOn && SSLLogger.isOn("ssl,defaultctx")) {
1214 SSLLogger.fine("default context init failed: ", e);
1215 }
1216 throw e;
1217 }
1218 }
1219
1220 @Override
1221 protected void engineInit(KeyManager[] km, TrustManager[] tm,
1222 SecureRandom sr) throws KeyManagementException {
1223 throw new KeyManagementException
1224 ("Default SSLContext is initialized automatically");
1225 }
1226
1227 static SSLContextImpl getDefaultImpl() throws Exception {
1228 if (DefaultSSLContextHolder.reservedException != null) {
1229 throw DefaultSSLContextHolder.reservedException;
1230 }
1231
1232 return DefaultSSLContextHolder.sslContext;
1233 }
1234 }
1235
1236 /*
1237 * The base abstract SSLContext implementation for the Datagram Transport
1238 * Layer Security (DTLS) protocols.
1239 *
1240 * This abstract class encapsulates supported and the default server DTLS
1241 * parameters.
1242 *
1243 * @see SSLContext
1244 */
1245 private abstract static class AbstractDTLSContext extends SSLContextImpl {
1246 private static final List<ProtocolVersion> supportedProtocols;
1247 private static final List<ProtocolVersion> serverDefaultProtocols;
1248
1249 private static final List<CipherSuite> supportedCipherSuites;
1250 private static final List<CipherSuite> serverDefaultCipherSuites;
1251
1252 static {
1253 // Both DTLSv1.0 and DTLSv1.2 can be used in FIPS mode.
1254 supportedProtocols = Arrays.asList(
1255 ProtocolVersion.DTLS12,
1256 ProtocolVersion.DTLS10
1257 );
1258
1259 // available protocols for server mode
1260 serverDefaultProtocols = getAvailableProtocols(
1261 new ProtocolVersion[] {
1262 ProtocolVersion.DTLS12,
1263 ProtocolVersion.DTLS10
1264 });
1265
1266 supportedCipherSuites = getApplicableSupportedCipherSuites(
1267 supportedProtocols);
1268 serverDefaultCipherSuites = getApplicableEnabledCipherSuites(
1269 serverDefaultProtocols, false);
1270 }
1271
1272 @Override
1273 protected SSLParameters engineGetDefaultSSLParameters() {
1274 SSLEngine engine = createSSLEngineImpl();
1275 return engine.getSSLParameters();
1276 }
1277
1278 @Override
1279 protected SSLParameters engineGetSupportedSSLParameters() {
1280 SSLEngine engine = createSSLEngineImpl();
1281 SSLParameters params = new SSLParameters();
1282 params.setCipherSuites(engine.getSupportedCipherSuites());
1283 params.setProtocols(engine.getSupportedProtocols());
1284 return params;
1285 }
1286
1287 @Override
1288 List<ProtocolVersion> getSupportedProtocolVersions() {
1289 return supportedProtocols;
1290 }
1291
1292 @Override
1293 List<CipherSuite> getSupportedCipherSuites() {
1294 return supportedCipherSuites;
1295 }
1296
1297 @Override
1298 List<ProtocolVersion> getServerDefaultProtocolVersions() {
1299 return serverDefaultProtocols;
1300 }
1301
1302 @Override
1303 List<CipherSuite> getServerDefaultCipherSuites() {
1304 return serverDefaultCipherSuites;
1305 }
1306
1307 @Override
1308 SSLEngine createSSLEngineImpl() {
1309 return new SSLEngineImpl(this);
1310 }
1311
1312 @Override
1313 SSLEngine createSSLEngineImpl(String host, int port) {
1314 return new SSLEngineImpl(this, host, port);
1315 }
1316
1317 @Override
1318 boolean isDTLS() {
1319 return true;
1320 }
1321 }
1322
1323 /*
1324 * The SSLContext implementation for DTLSv1.0 algorithm.
1325 *
1326 * @see SSLContext
1327 */
1328 public static final class DTLS10Context extends AbstractDTLSContext {
1329 private static final List<ProtocolVersion> clientDefaultProtocols;
1330 private static final List<CipherSuite> clientDefaultCipherSuites;
1331
1332 static {
1333 // available protocols for client mode
1334 clientDefaultProtocols = getAvailableProtocols(
1335 new ProtocolVersion[] {
1336 ProtocolVersion.DTLS10
1337 });
1338
1339 clientDefaultCipherSuites = getApplicableEnabledCipherSuites(
1340 clientDefaultProtocols, true);
1341 }
1342
1343 @Override
1344 List<ProtocolVersion> getClientDefaultProtocolVersions() {
1345 return clientDefaultProtocols;
1346 }
1347
1348 @Override
1349 List<CipherSuite> getClientDefaultCipherSuites() {
1350 return clientDefaultCipherSuites;
1351 }
1352 }
1353
1354 /*
1355 * The SSLContext implementation for DTLSv1.2 algorithm.
1356 *
1357 * @see SSLContext
1358 */
1359 public static final class DTLS12Context extends AbstractDTLSContext {
1360 private static final List<ProtocolVersion> clientDefaultProtocols;
1361 private static final List<CipherSuite> clientDefaultCipherSuites;
1362
1363 static {
1364 // available protocols for client mode
1365 clientDefaultProtocols = getAvailableProtocols(
1366 new ProtocolVersion[] {
1367 ProtocolVersion.DTLS12,
1368 ProtocolVersion.DTLS10
1369 });
1370
1371 clientDefaultCipherSuites = getApplicableEnabledCipherSuites(
1372 clientDefaultProtocols, true);
1373 }
1374
1375 @Override
1376 List<ProtocolVersion> getClientDefaultProtocolVersions() {
1377 return clientDefaultProtocols;
1378 }
1379
1380 @Override
1381 List<CipherSuite> getClientDefaultCipherSuites() {
1382 return clientDefaultCipherSuites;
1383 }
1384 }
1385
1386 /*
1387 * The SSLContext implementation for customized TLS protocols
1388 *
1389 * @see SSLContext
1390 */
1391 private static class CustomizedDTLSContext extends AbstractDTLSContext {
1392 private static final List<ProtocolVersion> clientDefaultProtocols;
1393 private static final List<ProtocolVersion> serverDefaultProtocols;
1394 private static final List<CipherSuite> clientDefaultCipherSuites;
1395 private static final List<CipherSuite> serverDefaultCipherSuites;
1396
1397 private static IllegalArgumentException reservedException = null;
1398
1399 // Don't want a java.lang.LinkageError for illegal system property.
1400 //
1401 // Please don't throw exception in this static block. Otherwise,
1402 // java.lang.LinkageError may be thrown during the instantiation of
1403 // the provider service. Instead, let's handle the initialization
1404 // exception in constructor.
1405 static {
1406 reservedException = CustomizedSSLProtocols.reservedException;
1407 if (reservedException == null) {
1408 clientDefaultProtocols = customizedProtocols(true,
1409 CustomizedSSLProtocols.customizedClientProtocols);
1410 serverDefaultProtocols = customizedProtocols(false,
1411 CustomizedSSLProtocols.customizedServerProtocols);
1412
1413 clientDefaultCipherSuites =
1414 getApplicableEnabledCipherSuites(
1415 clientDefaultProtocols, true);
1416 serverDefaultCipherSuites =
1417 getApplicableEnabledCipherSuites(
1418 serverDefaultProtocols, false);
1419
1420 } else {
1421 // unlikely to be used
1422 clientDefaultProtocols = null;
1423 serverDefaultProtocols = null;
1424 clientDefaultCipherSuites = null;
1425 serverDefaultCipherSuites = null;
1426 }
1427 }
1428
1429 private static List<ProtocolVersion> customizedProtocols(boolean client,
1430 List<ProtocolVersion> customized) {
1431 List<ProtocolVersion> refactored = new ArrayList<>();
1432 for (ProtocolVersion pv : customized) {
1433 if (pv.isDTLS) {
1434 refactored.add(pv);
1435 }
1436 }
1437
1438 ProtocolVersion[] candidates;
1439 // Use the default enabled protocols if no customization
1440 if (refactored.isEmpty()) {
1441 candidates = new ProtocolVersion[]{
1442 ProtocolVersion.DTLS12,
1443 ProtocolVersion.DTLS10
1444 };
1445 if (!client)
1446 return Arrays.asList(candidates);
1447 } else {
1448 // Use the customized TLS protocols.
1449 candidates =
1450 new ProtocolVersion[customized.size()];
1451 candidates = customized.toArray(candidates);
1452 }
1453
1454 return getAvailableProtocols(candidates);
1455 }
1456
1457 protected CustomizedDTLSContext() {
1458 if (reservedException != null) {
1459 throw reservedException;
1460 }
1461 }
1462
1463 @Override
1464 List<ProtocolVersion> getClientDefaultProtocolVersions() {
1465 return clientDefaultProtocols;
1466 }
1467
1468 @Override
1469 List<ProtocolVersion> getServerDefaultProtocolVersions() {
1470 return serverDefaultProtocols;
1471 }
1472
1473 @Override
1474 List<CipherSuite> getClientDefaultCipherSuites() {
1475 return clientDefaultCipherSuites;
1476 }
1477
1478 @Override
1479 List<CipherSuite> getServerDefaultCipherSuites() {
1480 return serverDefaultCipherSuites;
1481 }
1482 }
1483
1484 /*
1485 * The SSLContext implementation for default "DTLS" algorithm
1486 *
1487 * @see SSLContext
1488 */
1489 public static final class DTLSContext extends CustomizedDTLSContext {
1490 // use the default constructor and methods
1491 }
1492
1493 }
1494
1495 final class AbstractTrustManagerWrapper extends X509ExtendedTrustManager
1496 implements X509TrustManager {
1497
1498 // the delegated trust manager
1499 private final X509TrustManager tm;
1500
1501 AbstractTrustManagerWrapper(X509TrustManager tm) {
1502 this.tm = tm;
1503 }
1504
1505 @Override
1506 public void checkClientTrusted(X509Certificate[] chain, String authType)
1507 throws CertificateException {
1508 tm.checkClientTrusted(chain, authType);
1509 }
1510
1511 @Override
1512 public void checkServerTrusted(X509Certificate[] chain, String authType)
1513 throws CertificateException {
1514 tm.checkServerTrusted(chain, authType);
1515 }
1516
1517 @Override
1518 public X509Certificate[] getAcceptedIssuers() {
1519 return tm.getAcceptedIssuers();
1520 }
1521
1522 @Override
1523 public void checkClientTrusted(X509Certificate[] chain, String authType,
1524 Socket socket) throws CertificateException {
1525 tm.checkClientTrusted(chain, authType);
1526 checkAdditionalTrust(chain, authType, socket, true);
1527 }
1528
1529 @Override
1530 public void checkServerTrusted(X509Certificate[] chain, String authType,
1531 Socket socket) throws CertificateException {
1532 tm.checkServerTrusted(chain, authType);
1533 checkAdditionalTrust(chain, authType, socket, false);
1534 }
1535
1536 @Override
1537 public void checkClientTrusted(X509Certificate[] chain, String authType,
1538 SSLEngine engine) throws CertificateException {
1539 tm.checkClientTrusted(chain, authType);
1540 checkAdditionalTrust(chain, authType, engine, true);
1541 }
1542
1543 @Override
1544 public void checkServerTrusted(X509Certificate[] chain, String authType,
1545 SSLEngine engine) throws CertificateException {
1546 tm.checkServerTrusted(chain, authType);
1547 checkAdditionalTrust(chain, authType, engine, false);
1548 }
1549
1550 private void checkAdditionalTrust(X509Certificate[] chain, String authType,
1551 Socket socket, boolean isClient) throws CertificateException {
1552 if (socket != null && socket.isConnected() &&
1553 socket instanceof SSLSocket) {
1554
1555 SSLSocket sslSocket = (SSLSocket)socket;
1556 SSLSession session = sslSocket.getHandshakeSession();
1557 if (session == null) {
1558 throw new CertificateException("No handshake session");
1559 }
1560
1561 // check endpoint identity
1562 String identityAlg = sslSocket.getSSLParameters().
1563 getEndpointIdentificationAlgorithm();
1564 if (identityAlg != null && identityAlg.length() != 0) {
1565 String hostname = session.getPeerHost();
1566 X509TrustManagerImpl.checkIdentity(
1567 hostname, chain[0], identityAlg);
1568 }
1569
1570 // try the best to check the algorithm constraints
1571 AlgorithmConstraints constraints;
1572 if (ProtocolVersion.useTLS12PlusSpec(session.getProtocol())) {
1573 if (session instanceof ExtendedSSLSession) {
1574 ExtendedSSLSession extSession =
1575 (ExtendedSSLSession)session;
1576 String[] peerSupportedSignAlgs =
1577 extSession.getLocalSupportedSignatureAlgorithms();
1578
1579 constraints = new SSLAlgorithmConstraints(
1580 sslSocket, peerSupportedSignAlgs, true);
1581 } else {
1582 constraints =
1583 new SSLAlgorithmConstraints(sslSocket, true);
1584 }
1585 } else {
1586 constraints = new SSLAlgorithmConstraints(sslSocket, true);
1587 }
1588
1589 checkAlgorithmConstraints(chain, constraints, isClient);
1590 }
1591 }
1592
1593 private void checkAdditionalTrust(X509Certificate[] chain, String authType,
1594 SSLEngine engine, boolean isClient) throws CertificateException {
1595 if (engine != null) {
1596 SSLSession session = engine.getHandshakeSession();
1597 if (session == null) {
1598 throw new CertificateException("No handshake session");
1599 }
1600
1601 // check endpoint identity
1602 String identityAlg = engine.getSSLParameters().
1603 getEndpointIdentificationAlgorithm();
1604 if (identityAlg != null && identityAlg.length() != 0) {
1605 String hostname = session.getPeerHost();
1606 X509TrustManagerImpl.checkIdentity(
1607 hostname, chain[0], identityAlg);
1608 }
1609
1610 // try the best to check the algorithm constraints
1611 AlgorithmConstraints constraints;
1612 if (ProtocolVersion.useTLS12PlusSpec(session.getProtocol())) {
1613 if (session instanceof ExtendedSSLSession) {
1614 ExtendedSSLSession extSession =
1615 (ExtendedSSLSession)session;
1616 String[] peerSupportedSignAlgs =
1617 extSession.getLocalSupportedSignatureAlgorithms();
1618
1619 constraints = new SSLAlgorithmConstraints(
1620 engine, peerSupportedSignAlgs, true);
1621 } else {
1622 constraints =
1623 new SSLAlgorithmConstraints(engine, true);
1624 }
1625 } else {
1626 constraints = new SSLAlgorithmConstraints(engine, true);
1627 }
1628
1629 checkAlgorithmConstraints(chain, constraints, isClient);
1630 }
1631 }
1632
1633 private void checkAlgorithmConstraints(X509Certificate[] chain,
1634 AlgorithmConstraints constraints,
1635 boolean isClient) throws CertificateException {
1636 try {
1637 // Does the certificate chain end with a trusted certificate?
1638 int checkedLength = chain.length - 1;
1639
1640 Collection<X509Certificate> trustedCerts = new HashSet<>();
1641 X509Certificate[] certs = tm.getAcceptedIssuers();
1642 if ((certs != null) && (certs.length > 0)){
1643 Collections.addAll(trustedCerts, certs);
1644 }
1645
1646 if (trustedCerts.contains(chain[checkedLength])) {
1647 checkedLength--;
1648 }
1649
1650 // A forward checker, need to check from trust to target
1651 if (checkedLength >= 0) {
1652 AlgorithmChecker checker =
1653 new AlgorithmChecker(constraints, null,
1654 (isClient ? Validator.VAR_TLS_CLIENT :
1655 Validator.VAR_TLS_SERVER));
1656 checker.init(false);
1657 for (int i = checkedLength; i >= 0; i--) {
1658 X509Certificate cert = chain[i];
1659 // We don't care about the unresolved critical extensions.
1660 checker.check(cert, Collections.<String>emptySet());
1661 }
1662 }
1663 } catch (CertPathValidatorException cpve) {
1664 throw new CertificateException(
1665 "Certificates do not conform to algorithm constraints", cpve);
1666 }
1667 }
1668 }
1669
1670 // Dummy X509TrustManager implementation, rejects all peer certificates.
1671 // Used if the application did not specify a proper X509TrustManager.
1672 final class DummyX509TrustManager extends X509ExtendedTrustManager
1673 implements X509TrustManager {
1674
1675 static final X509TrustManager INSTANCE = new DummyX509TrustManager();
1676
1677 private DummyX509TrustManager() {
1678 // empty
1679 }
1680
1681 /*
1682 * Given the partial or complete certificate chain
1683 * provided by the peer, build a certificate path
1684 * to a trusted root and return if it can be
1685 * validated and is trusted for client SSL authentication.
1686 * If not, it throws an exception.
1687 */
1688 @Override
1689 public void checkClientTrusted(X509Certificate[] chain, String authType)
1690 throws CertificateException {
1691 throw new CertificateException(
1692 "No X509TrustManager implementation avaiable");
1693 }
1694
1695 /*
1696 * Given the partial or complete certificate chain
1697 * provided by the peer, build a certificate path
1698 * to a trusted root and return if it can be
1699 * validated and is trusted for server SSL authentication.
1700 * If not, it throws an exception.
1701 */
1702 @Override
1703 public void checkServerTrusted(X509Certificate[] chain, String authType)
1704 throws CertificateException {
1705 throw new CertificateException(
1706 "No X509TrustManager implementation available");
1707 }
1708
1709 /*
1710 * Return an array of issuer certificates which are trusted
1711 * for authenticating peers.
1712 */
1713 @Override
1714 public X509Certificate[] getAcceptedIssuers() {
1715 return new X509Certificate[0];
1716 }
1717
1718 @Override
1719 public void checkClientTrusted(X509Certificate[] chain, String authType,
1720 Socket socket) throws CertificateException {
1721 throw new CertificateException(
1722 "No X509TrustManager implementation available");
1723 }
1724
1725 @Override
1726 public void checkServerTrusted(X509Certificate[] chain, String authType,
1727 Socket socket) throws CertificateException {
1728 throw new CertificateException(
1729 "No X509TrustManager implementation available");
1730 }
1731
1732 @Override
1733 public void checkClientTrusted(X509Certificate[] chain, String authType,
1734 SSLEngine engine) throws CertificateException {
1735 throw new CertificateException(
1736 "No X509TrustManager implementation available");
1737 }
1738
1739 @Override
1740 public void checkServerTrusted(X509Certificate[] chain, String authType,
1741 SSLEngine engine) throws CertificateException {
1742 throw new CertificateException(
1743 "No X509TrustManager implementation available");
1744 }
1745 }
1746
1747 /*
1748 * A wrapper class to turn a X509KeyManager into an X509ExtendedKeyManager
1749 */
1750 final class AbstractKeyManagerWrapper extends X509ExtendedKeyManager {
1751
1752 private final X509KeyManager km;
1753
1754 AbstractKeyManagerWrapper(X509KeyManager km) {
1755 this.km = km;
1756 }
1757
1758 @Override
1759 public String[] getClientAliases(String keyType, Principal[] issuers) {
1760 return km.getClientAliases(keyType, issuers);
1761 }
1762
1763 @Override
1764 public String chooseClientAlias(String[] keyType, Principal[] issuers,
1765 Socket socket) {
1766 return km.chooseClientAlias(keyType, issuers, socket);
1767 }
1768
1769 @Override
1770 public String[] getServerAliases(String keyType, Principal[] issuers) {
1771 return km.getServerAliases(keyType, issuers);
1772 }
1773
1774 @Override
1775 public String chooseServerAlias(String keyType, Principal[] issuers,
1776 Socket socket) {
1777 return km.chooseServerAlias(keyType, issuers, socket);
1778 }
1779
1780 @Override
1781 public X509Certificate[] getCertificateChain(String alias) {
1782 return km.getCertificateChain(alias);
1783 }
1784
1785 @Override
1786 public PrivateKey getPrivateKey(String alias) {
1787 return km.getPrivateKey(alias);
1788 }
1789
1790 // Inherit chooseEngineClientAlias() and chooseEngineServerAlias() from
1791 // X509ExtendedKeymanager. It defines them to return null;
1792 }
1793
1794
1795 // Dummy X509KeyManager implementation, never returns any certificates/keys.
1796 // Used if the application did not specify a proper X509TrustManager.
1797 final class DummyX509KeyManager extends X509ExtendedKeyManager {
1798
1799 static final X509ExtendedKeyManager INSTANCE = new DummyX509KeyManager();
1800
1801 private DummyX509KeyManager() {
1802 // empty
1803 }
1804
1805 /*
1806 * Get the matching aliases for authenticating the client side of a secure
1807 * socket given the public key type and the list of
1808 * certificate issuer authorities recognized by the peer (if any).
1809 */
1810 @Override
1811 public String[] getClientAliases(String keyType, Principal[] issuers) {
1812 return null;
1813 }
1814
1815 /*
1816 * Choose an alias to authenticate the client side of a secure
1817 * socket given the public key type and the list of
1818 * certificate issuer authorities recognized by the peer (if any).
1819 */
1820 @Override
1821 public String chooseClientAlias(String[] keyTypes, Principal[] issuers,
1822 Socket socket) {
1823 return null;
1824 }
1825
1826 /*
1827 * Choose an alias to authenticate the client side of an
1828 * engine given the public key type and the list of
1829 * certificate issuer authorities recognized by the peer (if any).
1830 */
1831 @Override
1832 public String chooseEngineClientAlias(
1833 String[] keyTypes, Principal[] issuers, SSLEngine engine) {
1834 return null;
1835 }
1836
1837 /*
1838 * Get the matching aliases for authenticating the server side of a secure
1839 * socket given the public key type and the list of
1840 * certificate issuer authorities recognized by the peer (if any).
1841 */
1842 @Override
1843 public String[] getServerAliases(String keyType, Principal[] issuers) {
1844 return null;
1845 }
1846
1847 /*
1848 * Choose an alias to authenticate the server side of a secure
1849 * socket given the public key type and the list of
1850 * certificate issuer authorities recognized by the peer (if any).
1851 */
1852 @Override
1853 public String chooseServerAlias(String keyType, Principal[] issuers,
1854 Socket socket) {
1855 return null;
1856 }
1857
1858 /*
1859 * Choose an alias to authenticate the server side of an engine
1860 * given the public key type and the list of
1861 * certificate issuer authorities recognized by the peer (if any).
1862 */
1863 @Override
1864 public String chooseEngineServerAlias(
1865 String keyType, Principal[] issuers, SSLEngine engine) {
1866 return null;
1867 }
1868
1869 /**
1870 * Returns the certificate chain associated with the given alias.
1871 *
1872 * @param alias the alias name
1873 *
1874 * @return the certificate chain (ordered with the user's certificate first
1875 * and the root certificate authority last)
1876 */
1877 @Override
1878 public X509Certificate[] getCertificateChain(String alias) {
1879 return null;
1880 }
1881
1882 /*
1883 * Returns the key associated with the given alias, using the given
1884 * password to recover it.
1885 *
1886 * @param alias the alias name
1887 *
1888 * @return the requested key
1889 */
1890 @Override
1891 public PrivateKey getPrivateKey(String alias) {
1892 return null;
1893 }
1894 }