1 /* 2 * Copyright (C) 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.conscrypt; 18 19 import java.io.FileDescriptor; 20 import java.io.IOException; 21 import java.net.InetAddress; 22 import java.net.SocketException; 23 import java.security.PrivateKey; 24 import javax.net.ssl.SSLException; 25 import javax.net.ssl.SSLSession; 26 import javax.net.ssl.SSLSocket; 27 28 /** 29 * Abstract base class for all Conscrypt sockets that extends the basic {@link SSLSocket} API. 30 */ 31 abstract class AbstractConscryptSocket extends SSLSocket { 32 33 AbstractConscryptSocket() { 34 } 35 36 AbstractConscryptSocket(String hostname, int port) throws IOException { 37 super(hostname, port); 38 } 39 40 AbstractConscryptSocket(InetAddress address, int port) throws IOException { 41 super(address, port); 42 } 43 44 AbstractConscryptSocket(String hostname, int port, InetAddress clientAddress, int clientPort) 45 throws IOException { 46 super(hostname, port, clientAddress, clientPort); 47 } 48 49 AbstractConscryptSocket(InetAddress address, int port, InetAddress clientAddress, 50 int clientPort) throws IOException { 51 super(address, port, clientAddress, clientPort); 52 } 53 54 /* @Override */ 55 @SuppressWarnings("MissingOverride") // For compilation with Java 6. 56 public abstract SSLSession getHandshakeSession(); 57 58 /* @Override */ 59 public abstract FileDescriptor getFileDescriptor$(); 60 61 /** 62 * Returns the hostname that was supplied during socket creation. No DNS resolution is 63 * attempted before returning the hostname. 64 */ 65 abstract String getHostname(); 66 67 /** 68 * This method enables Server Name Indication 69 * 70 * @param hostname the desired SNI hostname, or null to disable 71 */ 72 abstract void setHostname(String hostname); 73 74 /** 75 * For the purposes of an SSLSession, we want a way to represent the supplied hostname 76 * or the IP address in a textual representation. We do not want to perform reverse DNS 77 * lookups on this address. 78 */ 79 abstract String getHostnameOrIP(); 80 81 /** 82 * Note write timeouts are not part of the javax.net.ssl.SSLSocket API 83 */ 84 abstract void setSoWriteTimeout(int writeTimeoutMilliseconds) throws SocketException; 85 86 /** 87 * Note write timeouts are not part of the javax.net.ssl.SSLSocket API 88 */ 89 abstract int getSoWriteTimeout() throws SocketException; 90 91 /** 92 * Set the handshake timeout on this socket. This timeout is specified in 93 * milliseconds and will be used only during the handshake process. 94 */ 95 abstract void setHandshakeTimeout(int handshakeTimeoutMilliseconds) throws SocketException; 96 97 /** 98 * This method enables session ticket support. 99 * 100 * @param useSessionTickets True to enable session tickets 101 */ 102 abstract void setUseSessionTickets(boolean useSessionTickets); 103 104 /** 105 * Enables/disables TLS Channel ID for this server socket. 106 * 107 * <p>This method needs to be invoked before the handshake starts. 108 * 109 * @throws IllegalStateException if this is a client socket or if the handshake has already 110 * started. 111 */ 112 abstract void setChannelIdEnabled(boolean enabled); 113 114 /** 115 * Gets the TLS Channel ID for this server socket. Channel ID is only available once the 116 * handshake completes. 117 * 118 * @return channel ID or {@code null} if not available. 119 * 120 * @throws IllegalStateException if this is a client socket or if the handshake has not yet 121 * completed. 122 * @throws SSLException if channel ID is available but could not be obtained. 123 */ 124 abstract byte[] getChannelId() throws SSLException; 125 126 /** 127 * Sets the {@link PrivateKey} to be used for TLS Channel ID by this client socket. 128 * 129 * <p>This method needs to be invoked before the handshake starts. 130 * 131 * @param privateKey private key (enables TLS Channel ID) or {@code null} for no key (disables 132 * TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST 133 * P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1). 134 * 135 * @throws IllegalStateException if this is a server socket or if the handshake has already 136 * started. 137 */ 138 abstract void setChannelIdPrivateKey(PrivateKey privateKey); 139 140 /** 141 * Returns null always for backward compatibility. 142 * @deprecated NPN is not supported 143 */ 144 @Deprecated 145 byte[] getNpnSelectedProtocol() { 146 return null; 147 } 148 149 /** 150 * This method does nothing and is kept for backward compatibility. 151 * @deprecated NPN is not supported 152 */ 153 @Deprecated 154 void setNpnProtocols(byte[] npnProtocols) {} 155 156 /** 157 * Returns the protocol agreed upon by client and server, or {@code null} if 158 * no protocol was agreed upon. 159 * 160 * @deprecated use {@link #getApplicationProtocol()} instead. 161 */ 162 @Deprecated 163 abstract byte[] getAlpnSelectedProtocol(); 164 165 /** 166 * Sets the list of ALPN protocols. This method internally converts the protocols to their 167 * wire-format form. 168 * 169 * @param alpnProtocols the list of ALPN protocols 170 * @deprecated use {@link #setApplicationProtocols(String[])} instead. 171 */ 172 @Deprecated 173 abstract void setAlpnProtocols(String[] alpnProtocols); 174 175 /** 176 * Alternate version of {@link #setAlpnProtocols(String[])} that directly sets the list of 177 * ALPN in the wire-format form used by BoringSSL (length-prefixed 8-bit strings). 178 * Requires that all strings be encoded with US-ASCII. 179 * 180 * @param alpnProtocols the encoded form of the ALPN protocol list 181 * @deprecated Use {@link #setApplicationProtocols(String[])} instead. 182 */ 183 @Deprecated 184 abstract void setAlpnProtocols(byte[] alpnProtocols); 185 186 /** 187 * Sets the list of ALPN protocols. 188 * 189 * @param protocols the list of ALPN protocols 190 */ 191 @SuppressWarnings("MissingOverride") // For compiling pre Java 9. 192 abstract void setApplicationProtocols(String[] protocols); 193 194 /** 195 * Returns the list of supported ALPN protocols. 196 */ 197 @SuppressWarnings("MissingOverride") // For compiling pre Java 9. 198 abstract String[] getApplicationProtocols(); 199 200 @SuppressWarnings("MissingOverride") // For compiling pre Java 9. 201 public abstract String getApplicationProtocol(); 202 203 @SuppressWarnings("MissingOverride") // For compiling pre Java 9. 204 public abstract String getHandshakeApplicationProtocol(); 205 206 /** 207 * Sets an application-provided ALPN protocol selector. If provided, this will override 208 * the list of protocols set by {@link #setApplicationProtocols(String[])}. 209 */ 210 abstract void setApplicationProtocolSelector(ApplicationProtocolSelector selector); 211 212 abstract PeerInfoProvider peerInfoProvider(); 213 214 /** 215 * Returns the tls-unique channel binding value for this connection, per RFC 5929. This 216 * will return {@code null} if there is no such value available, such as if the handshake 217 * has not yet completed or this connection is closed. 218 */ 219 abstract byte[] getTlsUnique(); 220 } 221