SSLSocketFactoryImpl.java revision 12745:f068a4ffddd2 
1/*
2 * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.  Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26package sun.security.ssl;
27
28import java.io.*;
29import java.net.*;
30import javax.net.ssl.SSLSocketFactory;
31
32
33/**
34 * Implementation of an SSL socket factory.  This provides the public
35 * hooks to create SSL sockets, using a "high level" programming
36 * interface which encapsulates system security policy defaults rather than
37 * offering application flexibility.  In particular, it uses a configurable
38 * authentication context (and the keys held there) rather than offering
39 * any flexibility about which keys to use; that context defaults to the
40 * process-default context, but may be explicitly specified.
41 *
42 * @author David Brownell
43 */
44public final class SSLSocketFactoryImpl extends SSLSocketFactory {
45
46    private SSLContextImpl context;
47
48    /**
49     * Constructor used to instantiate the default factory. This method is
50     * only called if the old "ssl.SocketFactory.provider" property in the
51     * java.security file is set.
52     */
53    public SSLSocketFactoryImpl() throws Exception {
54        this.context = SSLContextImpl.DefaultSSLContext.getDefaultImpl();
55    }
56
57    /**
58     * Constructs an SSL socket factory.
59     */
60    SSLSocketFactoryImpl(SSLContextImpl context) {
61        this.context = context;
62    }
63
64    /**
65     * Creates an unconnected socket.
66     *
67     * @return the unconnected socket
68     * @see java.net.Socket#connect(java.net.SocketAddress, int)
69     */
70    @Override
71    public Socket createSocket() {
72        return new SSLSocketImpl(context);
73    }
74
75    /**
76     * Constructs an SSL connection to a named host at a specified port.
77     * This acts as the SSL client, and may authenticate itself or rejoin
78     * existing SSL sessions allowed by the authentication context which
79     * has been configured.
80     *
81     * @param host name of the host with which to connect
82     * @param port number of the server's port
83     */
84    @Override
85    public Socket createSocket(String host, int port)
86    throws IOException, UnknownHostException
87    {
88        return new SSLSocketImpl(context, host, port);
89    }
90
91    /**
92     * Returns a socket layered over an existing socket to a
93     * ServerSocket on the named host, at the given port.  This
94     * constructor can be used when tunneling SSL through a proxy. The
95     * host and port refer to the logical destination server.  This
96     * socket is configured using the socket options established for
97     * this factory.
98     *
99     * @param s the existing socket
100     * @param host the server host
101     * @param port the server port
102     * @param autoClose close the underlying socket when this socket is closed
103     *
104     * @exception IOException if the connection can't be established
105     * @exception UnknownHostException if the host is not known
106     */
107    @Override
108    public Socket createSocket(Socket s, String host, int port,
109            boolean autoClose) throws IOException {
110        return new SSLSocketImpl(context, s, host, port, autoClose);
111    }
112
113    @Override
114    public Socket createSocket(Socket s, InputStream consumed,
115            boolean autoClose) throws IOException {
116        if (s == null) {
117            throw new NullPointerException(
118                    "the existing socket cannot be null");
119        }
120
121        return new SSLSocketImpl(context, s, consumed, autoClose);
122    }
123
124    /**
125     * Constructs an SSL connection to a server at a specified address
126     * and TCP port.  This acts as the SSL client, and may authenticate
127     * itself or rejoin existing SSL sessions allowed by the authentication
128     * context which has been configured.
129     *
130     * @param address the server's host
131     * @param port its port
132     */
133    @Override
134    public Socket createSocket(InetAddress address, int port)
135    throws IOException
136    {
137        return new SSLSocketImpl(context, address, port);
138    }
139
140
141    /**
142     * Constructs an SSL connection to a named host at a specified port.
143     * This acts as the SSL client, and may authenticate itself or rejoin
144     * existing SSL sessions allowed by the authentication context which
145     * has been configured. The socket will also bind() to the local
146     * address and port supplied.
147     */
148    @Override
149    public Socket createSocket(String host, int port,
150        InetAddress clientAddress, int clientPort)
151    throws IOException
152    {
153        return new SSLSocketImpl(context, host, port,
154                clientAddress, clientPort);
155    }
156
157    /**
158     * Constructs an SSL connection to a server at a specified address
159     * and TCP port.  This acts as the SSL client, and may authenticate
160     * itself or rejoin existing SSL sessions allowed by the authentication
161     * context which has been configured. The socket will also bind() to
162     * the local address and port supplied.
163     */
164    @Override
165    public Socket createSocket(InetAddress address, int port,
166        InetAddress clientAddress, int clientPort)
167    throws IOException
168    {
169        return new SSLSocketImpl(context, address, port,
170                clientAddress, clientPort);
171    }
172
173
174    /**
175     * Returns the subset of the supported cipher suites which are
176     * enabled by default.  These cipher suites all provide a minimum
177     * quality of service whereby the server authenticates itself
178     * (preventing person-in-the-middle attacks) and where traffic
179     * is encrypted to provide confidentiality.
180     */
181    @Override
182    public String[] getDefaultCipherSuites() {
183        return context.getDefaultCipherSuiteList(false).toStringArray();
184    }
185
186    /**
187     * Returns the names of the cipher suites which could be enabled for use
188     * on an SSL connection.  Normally, only a subset of these will actually
189     * be enabled by default, since this list may include cipher suites which
190     * do not support the mutual authentication of servers and clients, or
191     * which do not protect data confidentiality.  Servers may also need
192     * certain kinds of certificates to use certain cipher suites.
193     */
194    @Override
195    public String[] getSupportedCipherSuites() {
196        return context.getSupportedCipherSuiteList().toStringArray();
197    }
198}
199