Source for gnu.javax.net.ssl.provider.Context

   1: /* Context.java -- SSLContext implementation.
   2:    Copyright (C) 2006  Free Software Foundation, Inc.
   3: 
   4: This file is a part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2 of the License, or (at
   9: your option) any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; if not, write to the Free Software
  18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
  19: USA
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version.  */
  37: 
  38: 
  39: package gnu.javax.net.ssl.provider;
  40: 
  41: import java.io.File;
  42: import java.io.InputStream;
  43: 
  44: import java.security.InvalidAlgorithmParameterException;
  45: import java.security.KeyStoreException;
  46: import java.security.KeyManagementException;
  47: import java.security.NoSuchAlgorithmException;
  48: import java.security.NoSuchProviderException;
  49: import java.security.SecureRandom;
  50: import java.security.Security;
  51: import java.security.UnrecoverableKeyException;
  52: import java.sql.SQLException;
  53: 
  54: import javax.net.ssl.KeyManager;
  55: import javax.net.ssl.KeyManagerFactory;
  56: import javax.net.ssl.SSLContextSpi;
  57: import javax.net.ssl.SSLSessionContext;
  58: import javax.net.ssl.TrustManager;
  59: import javax.net.ssl.TrustManagerFactory;
  60: import javax.net.ssl.X509KeyManager;
  61: import javax.net.ssl.X509TrustManager;
  62: 
  63: import gnu.javax.net.ssl.NullManagerParameters;
  64: import gnu.javax.net.ssl.SRPTrustManager;
  65: import gnu.javax.net.ssl.StaticTrustAnchors;
  66: 
  67: /**
  68:  * This is Jessie's implementation of a {@link javax.net.ssl.SSLContext}
  69:  * engine, and is available under the algorithm names ``SSLv3'', ``SSL'',
  70:  * ``TLSv1'', and ``TLS''.
  71:  */
  72: public final class Context extends SSLContextSpi
  73: {
  74: 
  75:   // Fields.
  76:   // -------------------------------------------------------------------------
  77: 
  78:   private SessionContext clientSessions;
  79:   private SessionContext serverSessions;
  80:   private X509KeyManager keyManager;
  81:   private X509TrustManager trustManager;
  82:   private SRPTrustManager srpTrustManager;
  83:   private SecureRandom random;
  84: 
  85:   // Constructor.
  86:   // -------------------------------------------------------------------------
  87: 
  88:   public Context()
  89:   {
  90:     String codec = Util.getSecurityProperty("jessie.clientSessionContext.codec");
  91:     String codecClass = null;
  92:     if (codec == null)
  93:       {
  94:         codec = "null";
  95:       }
  96:     if (codec.equalsIgnoreCase("xml"))
  97:       {
  98:         codecClass = "gnu.javax.net.ssl.provider.XMLSessionContext";
  99:       }
 100:     else if (codec.equalsIgnoreCase("jdbc"))
 101:       {
 102:         codecClass = "gnu.javax.net.ssl.provider.JDBCSessionContext";
 103:       }
 104:     else if (codec.equalsIgnoreCase("null"))
 105:       {
 106:         codecClass = "gnu.javax.net.ssl.provider.SessionContext";
 107:       }
 108:     else
 109:       {
 110:         throw new IllegalArgumentException("no such codec: " + codec);
 111:       }
 112:     try
 113:       {
 114:         ClassLoader cl = Context.class.getClassLoader();
 115:         if (cl == null)
 116:           {
 117:             cl = ClassLoader.getSystemClassLoader();
 118:           }
 119:         clientSessions = (SessionContext) cl.loadClass(codecClass).newInstance();
 120:       }
 121:     catch (Exception ex)
 122:       {
 123:         ex.printStackTrace();
 124:         throw new IllegalArgumentException(ex.toString());
 125:       }
 126: 
 127:     codec = Util.getSecurityProperty("jessie.serverSessionContext.codec");
 128:     if (codec == null)
 129:       {
 130:         codec = "null";
 131:       }
 132:     if (codec.equalsIgnoreCase("xml"))
 133:       {
 134:         codecClass = "gnu.javax.net.ssl.provider.XMLSessionContext";
 135:       }
 136:     else if (codec.equalsIgnoreCase("jdbc"))
 137:       {
 138:         codecClass = "gnu.javax.net.ssl.provider.JDBCSessionContext";
 139:       }
 140:     else if (codec.equalsIgnoreCase("null"))
 141:       {
 142:         codecClass = "gnu.javax.net.ssl.provider.SessionContext";
 143:       }
 144:     else
 145:       {
 146:         throw new IllegalArgumentException("no such codec: " + codec);
 147:       }
 148:     try
 149:       {
 150:         ClassLoader cl = Context.class.getClassLoader();
 151:         if (cl == null)
 152:           {
 153:             cl = ClassLoader.getSystemClassLoader();
 154:           }
 155:         serverSessions = (SessionContext) cl.loadClass(codecClass).newInstance();
 156:       }
 157:     catch (Exception ex)
 158:       {
 159:         ex.printStackTrace();
 160:         throw new IllegalArgumentException(ex.toString());
 161:       }
 162:   }
 163: 
 164:   // Engine methods.
 165:   // -------------------------------------------------------------------------
 166: 
 167:   protected SSLSessionContext engineGetClientSessionContext()
 168:   {
 169:     return clientSessions;
 170:   }
 171: 
 172:   protected SSLSessionContext engineGetServerSessionContext()
 173:   {
 174:     return serverSessions;
 175:   }
 176: 
 177:   protected javax.net.ssl.SSLServerSocketFactory engineGetServerSocketFactory()
 178:   {
 179:     if (keyManager == null || (trustManager == null && srpTrustManager == null)
 180:         || random == null)
 181:       {
 182:         throw new IllegalStateException();
 183:       }
 184:     return new SSLServerSocketFactory(trustManager, srpTrustManager, keyManager,
 185:                                       random, serverSessions);
 186:   }
 187: 
 188:   protected javax.net.ssl.SSLSocketFactory engineGetSocketFactory()
 189:   {
 190:     if (keyManager == null || trustManager == null || random == null)
 191:       {
 192:         throw new IllegalStateException();
 193:       }
 194:     return new SSLSocketFactory(trustManager, keyManager, random, clientSessions);
 195:   }
 196: 
 197:   protected void engineInit(KeyManager[] keyManagers,
 198:                             TrustManager[] trustManagers, SecureRandom random)
 199:     throws KeyManagementException
 200:   {
 201:     keyManager = null;
 202:     trustManager = null;
 203:     srpTrustManager = null;
 204:     if (keyManagers != null)
 205:       {
 206:         for (int i = 0; i < keyManagers.length; i++)
 207:           {
 208:             if (keyManagers[i] instanceof X509KeyManager)
 209:               {
 210:                 keyManager = (X509KeyManager) keyManagers[i];
 211:                 break;
 212:               }
 213:           }
 214:       }
 215:     if (keyManager == null)
 216:       {
 217:         keyManager = defaultKeyManager();
 218:       }
 219:     if (trustManagers != null)
 220:       {
 221:         for (int i = 0; i < trustManagers.length; i++)
 222:           {
 223:             if (trustManagers[i] instanceof X509TrustManager)
 224:               {
 225:                 if (trustManager == null)
 226:                   {
 227:                     trustManager = (X509TrustManager) trustManagers[i];
 228:                   }
 229:               }
 230:             else if (trustManagers[i] instanceof SRPTrustManager)
 231:               {
 232:                 if (srpTrustManager == null)
 233:                   {
 234:                     srpTrustManager = (SRPTrustManager) trustManagers[i];
 235:                   }
 236:               }
 237:           }
 238:       }
 239:     if (trustManager == null && srpTrustManager == null)
 240:       {
 241:         trustManager = defaultTrustManager();
 242:       }
 243:     if (random != null)
 244:       {
 245:         this.random = random;
 246:       }
 247:     else
 248:       {
 249:         this.random = defaultRandom();
 250:       }
 251:   }
 252: 
 253:   // Own methods.
 254:   // -------------------------------------------------------------------------
 255: 
 256:   private X509KeyManager defaultKeyManager() throws KeyManagementException
 257:   {
 258:     KeyManagerFactory fact = null;
 259:     try
 260:       {
 261:         fact = KeyManagerFactory.getInstance("JessieX509", "Jessie");
 262:       }
 263:     catch (NoSuchAlgorithmException nsae)
 264:       {
 265:         throw new KeyManagementException();
 266:       }
 267:     catch (NoSuchProviderException nspe)
 268:       {
 269:         throw new KeyManagementException();
 270:       }
 271:     try
 272:       {
 273:         fact.init(null, null);
 274:         return (X509KeyManager) fact.getKeyManagers()[0];
 275:       }
 276:     catch (NoSuchAlgorithmException nsae) { }
 277:     catch (KeyStoreException kse) { }
 278:     catch (UnrecoverableKeyException uke) { }
 279:     catch (IllegalStateException ise) { }
 280: 
 281:     try
 282:       {
 283:         fact.init(new NullManagerParameters());
 284:         return (X509KeyManager) fact.getKeyManagers()[0];
 285:       }
 286:     catch (Exception shouldNotHappen)
 287:       {
 288:         throw new Error(shouldNotHappen.toString());
 289:       }
 290:   }
 291: 
 292:   private X509TrustManager defaultTrustManager() throws KeyManagementException
 293:   {
 294:     try
 295:       {
 296:         TrustManagerFactory fact =
 297:           TrustManagerFactory.getInstance("JessieX509", "Jessie");
 298:         fact.init(StaticTrustAnchors.CA_CERTS);
 299:         return (X509TrustManager) fact.getTrustManagers()[0];
 300:       }
 301:     catch (NoSuchAlgorithmException nsae)
 302:       {
 303:         throw new KeyManagementException(nsae.toString());
 304:       }
 305:     catch (NoSuchProviderException nspe)
 306:       {
 307:         throw new KeyManagementException(nspe.toString());
 308:       }
 309:     catch (InvalidAlgorithmParameterException kse)
 310:       {
 311:         throw new KeyManagementException(kse.toString());
 312:       }
 313:   }
 314: 
 315:   private SecureRandom defaultRandom() throws KeyManagementException
 316:   {
 317:     String alg = Util.getSecurityProperty("jessie.secure.random");
 318:     if (alg == null)
 319:       {
 320:         alg = "Fortuna";
 321:       }
 322:     SecureRandom rand = null;
 323:     try
 324:       {
 325:         rand = SecureRandom.getInstance(alg);
 326:       }
 327:     catch (NoSuchAlgorithmException nsae)
 328:       {
 329:         throw new KeyManagementException(nsae.toString());
 330:       }
 331: 
 332:     return rand;
 333:   }
 334: }