/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package javax.net.ssl; import java.io.IOException; import java.security.KeyManagementException; import java.security.SecureRandom; /** * The Service Provider Interface (SPI) for the {@code SSLContext} class. */ public abstract class SSLContextSpi { /** * Creates a new {@code SSLContextSpi} instance. */ public SSLContextSpi() { } /** * Initializes this {@code SSLContext} instance. All of the arguments are * optional, and the security providers will be searched for the required * implementations of the needed algorithms. * * @param km * the key sources or {@code null}. * @param tm * the trust decision sources or {@code null}. * @param sr * the randomness source or {@code null.} * @throws KeyManagementException * if initializing this instance fails. */ protected abstract void engineInit(KeyManager[] km, TrustManager[] tm, SecureRandom sr) throws KeyManagementException; /** * Returns a socket factory for this instance. * * @return a socket factory for this instance. */ protected abstract SSLSocketFactory engineGetSocketFactory(); /** * Returns a server socket factory for this instance. * * @return a server socket factory for this instance. */ protected abstract SSLServerSocketFactory engineGetServerSocketFactory(); /** * Creates an {@code SSLEngine} instance from this context with the * specified hostname and port. * * @param host * the name of the host * @param port * the port * @return an {@code SSLEngine} instance from this context. * @throws UnsupportedOperationException * if the provider does not support the operation. */ protected abstract SSLEngine engineCreateSSLEngine(String host, int port); /** * Creates an {@code SSLEngine} instance from this context. * * @return an {@code SSLEngine} instance from this context. * @throws UnsupportedOperationException * if the provider does not support the operation. */ protected abstract SSLEngine engineCreateSSLEngine(); /** * Returns the SSL session context that encapsulates the set of SSL sessions * that can be used for the server side of the SSL handshake. * * @return the SSL server session context for this context or {@code null} * if the underlying provider does not provide an implementation of * the {@code SSLSessionContext} interface. */ protected abstract SSLSessionContext engineGetServerSessionContext(); /** * Returns the SSL session context that encapsulates the set of SSL sessions * that can be used for the client side of the SSL handshake. * * @return the SSL client session context for this context or {@code null} * if the underlying provider does not provide an implementation of * the {@code SSLSessionContext} interface. */ protected abstract SSLSessionContext engineGetClientSessionContext(); /** * Returns a new SSLParameters instance that includes the default * SSL handshake parameters values including cipher suites, * protocols, and client authentication. * *
The default implementation returns an SSLParameters with values * based an SSLSocket created from this instances SocketFactory. * * @since 1.6 */ protected javax.net.ssl.SSLParameters engineGetDefaultSSLParameters() { return createSSLParameters(false); } /** * Returns a new SSLParameters instance that includes all * supported cipher suites and protocols. * *
The default implementation returns an SSLParameters with values * based an SSLSocket created from this instances SocketFactory. * * @since 1.6 */ protected javax.net.ssl.SSLParameters engineGetSupportedSSLParameters() { return createSSLParameters(true); } private javax.net.ssl.SSLParameters createSSLParameters(boolean supported) { try { SSLSocket s = (SSLSocket) engineGetSocketFactory().createSocket(); javax.net.ssl.SSLParameters p = new javax.net.ssl.SSLParameters(); String[] cipherSuites; String[] protocols; if (supported) { cipherSuites = s.getSupportedCipherSuites(); protocols = s.getSupportedProtocols(); } else { cipherSuites = s.getEnabledCipherSuites(); protocols = s.getEnabledProtocols(); } p.setCipherSuites(cipherSuites); p.setProtocols(protocols); p.setNeedClientAuth(s.getNeedClientAuth()); p.setWantClientAuth(s.getWantClientAuth()); return p; } catch (IOException e) { /* * SSLContext.getDefaultSSLParameters specifies to throw * UnsupportedOperationException if there is a problem getting the * parameters */ throw new UnsupportedOperationException("Could not access supported SSL parameters"); } } }