< prev index next >

src/java.base/share/classes/javax/net/ssl/SSLContext.java

Print this page


   1 /*
   2  * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package javax.net.ssl;
  27 
  28 import java.security.*;
  29 import java.lang.invoke.MethodHandles;
  30 import java.lang.invoke.VarHandle;
  31 import java.util.Objects;

  32 import sun.security.jca.GetInstance;
  33 
  34 /**
  35  * Instances of this class represent a secure socket protocol
  36  * implementation which acts as a factory for secure socket
  37  * factories or {@code SSLEngine}s. This class is initialized
  38  * with an optional set of key and trust managers and source of
  39  * secure random bytes.
  40  *
  41  * <p> Every implementation of the Java platform is required to support the
  42  * following standard {@code SSLContext} protocol:
  43  * <ul>
  44  * <li>{@code TLSv1.2}</li>
  45  * </ul>
  46  * This protocol is described in the <a href=
  47  * "{@docRoot}/../specs/security/standard-names.html#sslcontext-algorithms">
  48  * SSLContext section</a> of the
  49  * Java Security Standard Algorithm Names Specification.
  50  * Consult the release documentation for your implementation to see if any
  51  * other protocols are supported.
  52  *
  53  * @since 1.4
  54  */
  55 public class SSLContext {
  56     private final Provider provider;
  57 
  58     private final SSLContextSpi contextSpi;
  59 
  60     private final String protocol;
  61 
  62     private static volatile SSLContext defaultContext;
  63 
  64     private static final VarHandle VH_DEFAULT_CONTEXT;
  65 
  66     static {
  67         try {
  68             VH_DEFAULT_CONTEXT = MethodHandles.lookup()
  69                 .findStaticVarHandle(
  70                     SSLContext.class, "defaultContext", SSLContext.class);
  71         } catch (Exception e) {
  72             throw new ExceptionInInitializerError(e);
  73         }
  74     }
  75 
  76     /**
  77      * Creates an SSLContext object.
  78      *
  79      * @param contextSpi the delegate
  80      * @param provider the provider
  81      * @param protocol the protocol
  82      */
  83     protected SSLContext(SSLContextSpi contextSpi, Provider provider,
  84             String protocol) {
  85         this.contextSpi = contextSpi;
  86         this.provider = provider;
  87         this.protocol = protocol;
  88     }
  89 


  90     /**
  91      * Returns the default SSL context.
  92      *
  93      * <p>If a default context was set using the {@link #setDefault
  94      * SSLContext.setDefault()} method, it is returned. Otherwise, the first
  95      * call of this method triggers the call
  96      * {@code SSLContext.getInstance("Default")}.
  97      * If successful, that object is made the default SSL context and returned.
  98      *
  99      * <p>The default context is immediately
 100      * usable and does not require {@linkplain #init initialization}.
 101      *
 102      * @return the default SSL context
 103      * @throws NoSuchAlgorithmException if the
 104      *   {@link SSLContext#getInstance SSLContext.getInstance()} call fails
 105      * @since 1.6
 106      */
 107     public static SSLContext getDefault() throws NoSuchAlgorithmException {
 108         SSLContext temporaryContext = defaultContext;
 109         if (temporaryContext == null) {
 110             temporaryContext = SSLContext.getInstance("Default");
 111             if (!VH_DEFAULT_CONTEXT.compareAndSet(null, temporaryContext)) {
 112                 temporaryContext = defaultContext;
 113             }
 114         }
 115 
 116         return temporaryContext;
 117     }
 118 
 119     /**
 120      * Sets the default SSL context. It will be returned by subsequent calls
 121      * to {@link #getDefault}. The default context must be immediately usable
 122      * and not require {@linkplain #init initialization}.
 123      *
 124      * @param context the SSLContext
 125      * @throws  NullPointerException if context is null
 126      * @throws  SecurityException if a security manager exists and its
 127      *          {@code checkPermission} method does not allow
 128      *          {@code SSLPermission("setDefaultSSLContext")}
 129      * @since 1.6
 130      */
 131     public static void setDefault(SSLContext context) {
 132         if (context == null) {
 133             throw new NullPointerException();
 134         }
 135         SecurityManager sm = System.getSecurityManager();
 136         if (sm != null) {
 137             sm.checkPermission(new SSLPermission("setDefaultSSLContext"));
 138         }
 139 
 140         defaultContext = context;
 141     }
 142 
 143     /**
 144      * Returns a {@code SSLContext} object that implements the
 145      * specified secure socket protocol.
 146      *
 147      * <p> This method traverses the list of registered security Providers,
 148      * starting with the most preferred Provider.
 149      * A new SSLContext object encapsulating the
 150      * SSLContextSpi implementation from the first
 151      * Provider that supports the specified protocol is returned.
 152      *
 153      * <p> Note that the list of registered providers may be retrieved via
 154      * the {@link Security#getProviders() Security.getProviders()} method.
 155      *
 156      * @implNote
 157      * The JDK Reference Implementation additionally uses the
 158      * {@code jdk.security.provider.preferred}
 159      * {@link Security#getProperty(String) Security} property to determine


   1 /*
   2  * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package javax.net.ssl;
  27 
  28 import java.security.*;


  29 import java.util.Objects;
  30 
  31 import sun.security.jca.GetInstance;
  32 
  33 /**
  34  * Instances of this class represent a secure socket protocol
  35  * implementation which acts as a factory for secure socket
  36  * factories or {@code SSLEngine}s. This class is initialized
  37  * with an optional set of key and trust managers and source of
  38  * secure random bytes.
  39  *
  40  * <p> Every implementation of the Java platform is required to support the
  41  * following standard {@code SSLContext} protocol:
  42  * <ul>
  43  * <li>{@code TLSv1.2}</li>
  44  * </ul>
  45  * This protocol is described in the <a href=
  46  * "{@docRoot}/../specs/security/standard-names.html#sslcontext-algorithms">
  47  * SSLContext section</a> of the
  48  * Java Security Standard Algorithm Names Specification.
  49  * Consult the release documentation for your implementation to see if any
  50  * other protocols are supported.
  51  *
  52  * @since 1.4
  53  */
  54 public class SSLContext {
  55     private final Provider provider;
  56 
  57     private final SSLContextSpi contextSpi;
  58 
  59     private final String protocol;
  60 














  61     /**
  62      * Creates an SSLContext object.
  63      *
  64      * @param contextSpi the delegate
  65      * @param provider the provider
  66      * @param protocol the protocol
  67      */
  68     protected SSLContext(SSLContextSpi contextSpi, Provider provider,
  69             String protocol) {
  70         this.contextSpi = contextSpi;
  71         this.provider = provider;
  72         this.protocol = protocol;
  73     }
  74 
  75     private static SSLContext defaultContext;
  76 
  77     /**
  78      * Returns the default SSL context.
  79      *
  80      * <p>If a default context was set using the {@link #setDefault
  81      * SSLContext.setDefault()} method, it is returned. Otherwise, the first
  82      * call of this method triggers the call
  83      * {@code SSLContext.getInstance("Default")}.
  84      * If successful, that object is made the default SSL context and returned.
  85      *
  86      * <p>The default context is immediately
  87      * usable and does not require {@linkplain #init initialization}.
  88      *
  89      * @return the default SSL context
  90      * @throws NoSuchAlgorithmException if the
  91      *   {@link SSLContext#getInstance SSLContext.getInstance()} call fails
  92      * @since 1.6
  93      */
  94     public static synchronized SSLContext getDefault()
  95             throws NoSuchAlgorithmException {
  96         if (defaultContext == null) {
  97             defaultContext = SSLContext.getInstance("Default");



  98         }
  99         return defaultContext;

 100     }
 101 
 102     /**
 103      * Sets the default SSL context. It will be returned by subsequent calls
 104      * to {@link #getDefault}. The default context must be immediately usable
 105      * and not require {@linkplain #init initialization}.
 106      *
 107      * @param context the SSLContext
 108      * @throws  NullPointerException if context is null
 109      * @throws  SecurityException if a security manager exists and its
 110      *          {@code checkPermission} method does not allow
 111      *          {@code SSLPermission("setDefaultSSLContext")}
 112      * @since 1.6
 113      */
 114     public static synchronized void setDefault(SSLContext context) {
 115         if (context == null) {
 116             throw new NullPointerException();
 117         }
 118         SecurityManager sm = System.getSecurityManager();
 119         if (sm != null) {
 120             sm.checkPermission(new SSLPermission("setDefaultSSLContext"));
 121         }

 122         defaultContext = context;
 123     }
 124 
 125     /**
 126      * Returns a {@code SSLContext} object that implements the
 127      * specified secure socket protocol.
 128      *
 129      * <p> This method traverses the list of registered security Providers,
 130      * starting with the most preferred Provider.
 131      * A new SSLContext object encapsulating the
 132      * SSLContextSpi implementation from the first
 133      * Provider that supports the specified protocol is returned.
 134      *
 135      * <p> Note that the list of registered providers may be retrieved via
 136      * the {@link Security#getProviders() Security.getProviders()} method.
 137      *
 138      * @implNote
 139      * The JDK Reference Implementation additionally uses the
 140      * {@code jdk.security.provider.preferred}
 141      * {@link Security#getProperty(String) Security} property to determine


< prev index next >