common/src/main/java/org/conscrypt/AbstractConscryptEngine.java - platform/external/conscrypt - Git at Google

 /*
  * Copyright (C) 2017 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package org.conscrypt;

 import java.nio.ByteBuffer;
 import java.security.PrivateKey;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLEngineResult;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLSession;

 /**
  * Abstract base class for all Conscrypt {@link SSLEngine} classes.
  */
 abstract class AbstractConscryptEngine extends SSLEngine {
     abstract void setBufferAllocator(BufferAllocator bufferAllocator);

     /**
      * Returns the maximum overhead, in bytes, of sealing a record with SSL.
      */
     abstract int maxSealOverhead();

     /**
      * Enables/disables TLS Channel ID for this server engine.
      *
      * <p>This method needs to be invoked before the handshake starts.
      *
      * @throws IllegalStateException if this is a client engine or if the handshake has already
      *         started.
      */
     abstract void setChannelIdEnabled(boolean enabled);

     /**
      * Gets the TLS Channel ID for this server engine. Channel ID is only available once the
      * handshake completes.
      *
      * @return channel ID or {@code null} if not available.
      *
      * @throws IllegalStateException if this is a client engine or if the handshake has not yet
      * completed.
      * @throws SSLException if channel ID is available but could not be obtained.
      */
     abstract byte[] getChannelId() throws SSLException;

     /**
      * Sets the {@link PrivateKey} to be used for TLS Channel ID by this client engine.
      *
      * <p>This method needs to be invoked before the handshake starts.
      *
      * @param privateKey private key (enables TLS Channel ID) or {@code null} for no key (disables
      *        TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST
      *        P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).
      *
      * @throws IllegalStateException if this is a server engine or if the handshake has already
      *         started.
      */
     abstract void setChannelIdPrivateKey(PrivateKey privateKey);

     /**
      * Sets the listener for the completion of the TLS handshake.
      */
     abstract void setHandshakeListener(HandshakeListener handshakeListener);

     /**
      * This method enables Server Name Indication (SNI) and overrides the {@link PeerInfoProvider}
      * supplied during engine creation.
      */
     abstract void setHostname(String hostname);

     /**
      * Returns the hostname from {@link #setHostname(String)} or supplied by the
      * {@link PeerInfoProvider} upon creation. No DNS resolution is attempted before
      * returning the hostname.
      */
     abstract String getHostname();

     @Override public abstract String getPeerHost();

     @Override public abstract int getPeerPort();

     /* @Override */
     @SuppressWarnings("MissingOverride") // For compilation with Java 6.
     public final SSLSession getHandshakeSession() {
         return handshakeSession();
     }

     /**
      * Work-around to allow this method to be called on older versions of Android.
      */
     abstract SSLSession handshakeSession();

     @Override
     public abstract SSLEngineResult unwrap(ByteBuffer src, ByteBuffer dst) throws SSLException;

     @Override
     public abstract SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts) throws SSLException;

     @Override
     public abstract SSLEngineResult unwrap(final ByteBuffer src, final ByteBuffer[] dsts,
             final int offset, final int length) throws SSLException;

     abstract SSLEngineResult unwrap(final ByteBuffer[] srcs, final ByteBuffer[] dsts)
             throws SSLException;

     abstract SSLEngineResult unwrap(final ByteBuffer[] srcs, int srcsOffset, final int srcsLength,
             final ByteBuffer[] dsts, final int dstsOffset, final int dstsLength)
             throws SSLException;

     @Override
     public abstract SSLEngineResult wrap(ByteBuffer src, ByteBuffer dst) throws SSLException;

     @Override
     public abstract SSLEngineResult wrap(
             ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer dst) throws SSLException;

     /**
      * This method enables session ticket support.
      *
      * @param useSessionTickets True to enable session tickets
      */
     abstract void setUseSessionTickets(boolean useSessionTickets);

     /**
      * Sets the list of ALPN protocols.
      *
      * @param protocols the list of ALPN protocols
      */
     abstract void setApplicationProtocols(String[] protocols);

     /**
      * Returns the list of supported ALPN protocols.
      */
     abstract String[] getApplicationProtocols();

     @SuppressWarnings("MissingOverride") // For compiling pre Java 9.
     public abstract String getApplicationProtocol();

     @SuppressWarnings("MissingOverride") // For compiling pre Java 9.
     public abstract String getHandshakeApplicationProtocol();

     /**
      * Sets an application-provided ALPN protocol selector. If provided, this will override
      * the list of protocols set by {@link #setApplicationProtocols(String[])}.
      */
     abstract void setApplicationProtocolSelector(ApplicationProtocolSelector selector);

     /**
      * Returns the tls-unique channel binding value for this connection, per RFC 5929.  This
      * will return {@code null} if there is no such value available, such as if the handshake
      * has not yet completed or this connection is closed.
      */
     abstract byte[] getTlsUnique();

     /**
      * Exports a value derived from the TLS master secret as described in RFC 5705.
      *
      * @param label the label to use in calculating the exported value.  This must be
      * an ASCII-only string.
      * @param context the application-specific context value to use in calculating the
      * exported value.  This may be {@code null} to use no application context, which is
      * treated differently than an empty byte array.
      * @param length the number of bytes of keying material to return.
      * @return a value of the specified length, or {@code null} if the handshake has not yet
      * completed or the connection has been closed.
      * @throws SSLException if the value could not be exported.
      */
     abstract byte[] exportKeyingMaterial(String label, byte[] context, int length)
             throws SSLException;
 }
	/*
	* Copyright (C) 2017 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package org.conscrypt;

	import java.nio.ByteBuffer;
	import java.security.PrivateKey;
	import javax.net.ssl.SSLEngine;
	import javax.net.ssl.SSLEngineResult;
	import javax.net.ssl.SSLException;
	import javax.net.ssl.SSLSession;

	/**
	* Abstract base class for all Conscrypt {@link SSLEngine} classes.
	*/
	abstract class AbstractConscryptEngine extends SSLEngine {
	abstract void setBufferAllocator(BufferAllocator bufferAllocator);

	/**
	* Returns the maximum overhead, in bytes, of sealing a record with SSL.
	*/
	abstract int maxSealOverhead();

	/**
	* Enables/disables TLS Channel ID for this server engine.
	*
	* <p>This method needs to be invoked before the handshake starts.
	*
	* @throws IllegalStateException if this is a client engine or if the handshake has already
	* started.
	*/
	abstract void setChannelIdEnabled(boolean enabled);

	/**
	* Gets the TLS Channel ID for this server engine. Channel ID is only available once the
	* handshake completes.
	*
	* @return channel ID or {@code null} if not available.
	*
	* @throws IllegalStateException if this is a client engine or if the handshake has not yet
	* completed.
	* @throws SSLException if channel ID is available but could not be obtained.
	*/
	abstract byte[] getChannelId() throws SSLException;

	/**
	* Sets the {@link PrivateKey} to be used for TLS Channel ID by this client engine.
	*
	* <p>This method needs to be invoked before the handshake starts.
	*
	* @param privateKey private key (enables TLS Channel ID) or {@code null} for no key (disables
	* TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST
	* P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).
	*
	* @throws IllegalStateException if this is a server engine or if the handshake has already
	* started.
	*/
	abstract void setChannelIdPrivateKey(PrivateKey privateKey);

	/**
	* Sets the listener for the completion of the TLS handshake.
	*/
	abstract void setHandshakeListener(HandshakeListener handshakeListener);

	/**
	* This method enables Server Name Indication (SNI) and overrides the {@link PeerInfoProvider}
	* supplied during engine creation.
	*/
	abstract void setHostname(String hostname);

	/**
	* Returns the hostname from {@link #setHostname(String)} or supplied by the
	* {@link PeerInfoProvider} upon creation. No DNS resolution is attempted before
	* returning the hostname.
	*/
	abstract String getHostname();

	@Override public abstract String getPeerHost();

	@Override public abstract int getPeerPort();

	/* @Override */
	@SuppressWarnings("MissingOverride") // For compilation with Java 6.
	public final SSLSession getHandshakeSession() {
	return handshakeSession();
	}

	/**
	* Work-around to allow this method to be called on older versions of Android.
	*/
	abstract SSLSession handshakeSession();

	@Override
	public abstract SSLEngineResult unwrap(ByteBuffer src, ByteBuffer dst) throws SSLException;

	@Override
	public abstract SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts) throws SSLException;

	@Override
	public abstract SSLEngineResult unwrap(final ByteBuffer src, final ByteBuffer[] dsts,
	final int offset, final int length) throws SSLException;

	abstract SSLEngineResult unwrap(final ByteBuffer[] srcs, final ByteBuffer[] dsts)
	throws SSLException;

	abstract SSLEngineResult unwrap(final ByteBuffer[] srcs, int srcsOffset, final int srcsLength,
	final ByteBuffer[] dsts, final int dstsOffset, final int dstsLength)
	throws SSLException;

	@Override
	public abstract SSLEngineResult wrap(ByteBuffer src, ByteBuffer dst) throws SSLException;

	@Override
	public abstract SSLEngineResult wrap(
	ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer dst) throws SSLException;

	/**
	* This method enables session ticket support.
	*
	* @param useSessionTickets True to enable session tickets
	*/
	abstract void setUseSessionTickets(boolean useSessionTickets);

	/**
	* Sets the list of ALPN protocols.
	*
	* @param protocols the list of ALPN protocols
	*/
	abstract void setApplicationProtocols(String[] protocols);

	/**
	* Returns the list of supported ALPN protocols.
	*/
	abstract String[] getApplicationProtocols();

	@SuppressWarnings("MissingOverride") // For compiling pre Java 9.
	public abstract String getApplicationProtocol();

	@SuppressWarnings("MissingOverride") // For compiling pre Java 9.
	public abstract String getHandshakeApplicationProtocol();

	/**
	* Sets an application-provided ALPN protocol selector. If provided, this will override
	* the list of protocols set by {@link #setApplicationProtocols(String[])}.
	*/
	abstract void setApplicationProtocolSelector(ApplicationProtocolSelector selector);

	/**
	* Returns the tls-unique channel binding value for this connection, per RFC 5929. This
	* will return {@code null} if there is no such value available, such as if the handshake
	* has not yet completed or this connection is closed.
	*/
	abstract byte[] getTlsUnique();

	/**
	* Exports a value derived from the TLS master secret as described in RFC 5705.
	*
	* @param label the label to use in calculating the exported value. This must be
	* an ASCII-only string.
	* @param context the application-specific context value to use in calculating the
	* exported value. This may be {@code null} to use no application context, which is
	* treated differently than an empty byte array.
	* @param length the number of bytes of keying material to return.
	* @return a value of the specified length, or {@code null} if the handshake has not yet
	* completed or the connection has been closed.
	* @throws SSLException if the value could not be exported.
	*/
	abstract byte[] exportKeyingMaterial(String label, byte[] context, int length)
	throws SSLException;
	}