Home » openjdk-7 » javax » net » ssl » [javadoc | source]

    1   /*
    2    * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
    3    * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
    4    *
    5    * This code is free software; you can redistribute it and/or modify it
    6    * under the terms of the GNU General Public License version 2 only, as
    7    * published by the Free Software Foundation.  Oracle designates this
    8    * particular file as subject to the "Classpath" exception as provided
    9    * by Oracle in the LICENSE file that accompanied this code.
   10    *
   11    * This code is distributed in the hope that it will be useful, but WITHOUT
   12    * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
   13    * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
   14    * version 2 for more details (a copy is included in the LICENSE file that
   15    * accompanied this code).
   16    *
   17    * You should have received a copy of the GNU General Public License version
   18    * 2 along with this work; if not, write to the Free Software Foundation,
   19    * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
   20    *
   21    * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
   22    * or visit www.oracle.com if you need additional information or have any
   23    * questions.
   24    */
   25   
   26   package javax.net.ssl;
   27   
   28   import java.net.Socket;
   29   import javax.net.ssl.X509TrustManager;
   30   
   31   import java.security.cert.X509Certificate;
   32   import java.security.cert.CertificateException;
   33   
   34   /**
   35    * Extensions to the <code>X509TrustManager</code> interface to support
   36    * SSL/TLS connection sensitive trust management.
   37    * <p>
   38    * To prevent man-in-the-middle attacks, hostname checks can be done
   39    * to verify that the hostname in an end-entity certificate matches the
   40    * targeted hostname.  TLS does not require such checks, but some protocols
   41    * over TLS (such as HTTPS) do.  In earlier versions of the JDK, the
   42    * certificate chain checks were done at the SSL/TLS layer, and the hostname
   43    * verification checks were done at the layer over TLS.  This class allows
   44    * for the checking to be done during a single call to this class.
   45    * <p>
   46    * RFC 2830 defines the server identification specification for the "LDAPS"
   47    * algorithm. RFC 2818 defines both the server identification and the
   48    * client identification specification for the "HTTPS" algorithm.
   49    *
   50    * @see X509TrustManager
   51    * @see HostnameVerifier
   52    *
   53    * @since 1.7
   54    */
   55   public abstract class X509ExtendedTrustManager implements X509TrustManager {
   56       /**
   57        * Given the partial or complete certificate chain provided by the
   58        * peer, build and validate the certificate path based on the
   59        * authentication type and ssl parameters.
   60        * <p>
   61        * The authentication type is determined by the actual certificate
   62        * used. For instance, if RSAPublicKey is used, the authType
   63        * should be "RSA". Checking is case-sensitive.
   64        * <p>
   65        * If the <code>socket</code> parameter is an instance of
   66        * {@link javax.net.ssl.SSLSocket}, and the endpoint identification
   67        * algorithm of the <code>SSLParameters</code> is non-empty, to prevent
   68        * man-in-the-middle attacks, the address that the <code>socket</code>
   69        * connected to should be checked against the peer's identity presented
   70        * in the end-entity X509 certificate, as specified in the endpoint
   71        * identification algorithm.
   72        * <p>
   73        * If the <code>socket</code> parameter is an instance of
   74        * {@link javax.net.ssl.SSLSocket}, and the algorithm constraints of the
   75        * <code>SSLParameters</code> is non-null, for every certificate in the
   76        * certification path, fields such as subject public key, the signature
   77        * algorithm, key usage, extended key usage, etc. need to conform to the
   78        * algorithm constraints in place on this socket.
   79        *
   80        * @param chain the peer certificate chain
   81        * @param authType the key exchange algorithm used
   82        * @param socket the socket used for this connection. This parameter
   83        *        can be null, which indicates that implementations need not check
   84        *        the ssl parameters
   85        * @throws IllegalArgumentException if null or zero-length array is passed
   86        *        in for the <code>chain</code> parameter or if null or zero-length
   87        *        string is passed in for the <code>authType</code> parameter
   88        * @throws CertificateException if the certificate chain is not trusted
   89        *        by this TrustManager
   90        *
   91        * @see SSLParameters#getEndpointIdentificationAlgorithm
   92        * @see SSLParameters#setEndpointIdentificationAlgorithm(String)
   93        * @see SSLParameters#getAlgorithmConstraints
   94        * @see SSLParameters#setAlgorithmConstraints(AlgorithmConstraints)
   95        */
   96       public abstract void checkClientTrusted(X509Certificate[] chain,
   97               String authType, Socket socket) throws CertificateException;
   98   
   99       /**
  100        * Given the partial or complete certificate chain provided by the
  101        * peer, build and validate the certificate path based on the
  102        * authentication type and ssl parameters.
  103        * <p>
  104        * The authentication type is the key exchange algorithm portion
  105        * of the cipher suites represented as a String, such as "RSA",
  106        * "DHE_DSS". Note: for some exportable cipher suites, the key
  107        * exchange algorithm is determined at run time during the
  108        * handshake. For instance, for TLS_RSA_EXPORT_WITH_RC4_40_MD5,
  109        * the authType should be RSA_EXPORT when an ephemeral RSA key is
  110        * used for the key exchange, and RSA when the key from the server
  111        * certificate is used. Checking is case-sensitive.
  112        * <p>
  113        * If the <code>socket</code> parameter is an instance of
  114        * {@link javax.net.ssl.SSLSocket}, and the endpoint identification
  115        * algorithm of the <code>SSLParameters</code> is non-empty, to prevent
  116        * man-in-the-middle attacks, the address that the <code>socket</code>
  117        * connected to should be checked against the peer's identity presented
  118        * in the end-entity X509 certificate, as specified in the endpoint
  119        * identification algorithm.
  120        * <p>
  121        * If the <code>socket</code> parameter is an instance of
  122        * {@link javax.net.ssl.SSLSocket}, and the algorithm constraints of the
  123        *  <code>SSLParameters</code> is non-null, for every certificate in the
  124        * certification path, fields such as subject public key, the signature
  125        * algorithm, key usage, extended key usage, etc. need to conform to the
  126        * algorithm constraints in place on this socket.
  127        *
  128        * @param chain the peer certificate chain
  129        * @param authType the key exchange algorithm used
  130        * @param socket the socket used for this connection. This parameter
  131        *        can be null, which indicates that implementations need not check
  132        *        the ssl parameters
  133        * @throws IllegalArgumentException if null or zero-length array is passed
  134        *        in for the <code>chain</code> parameter or if null or zero-length
  135        *        string is passed in for the <code>authType</code> parameter
  136        * @throws CertificateException if the certificate chain is not trusted
  137        *        by this TrustManager
  138        *
  139        * @see SSLParameters#getEndpointIdentificationAlgorithm
  140        * @see SSLParameters#setEndpointIdentificationAlgorithm(String)
  141        * @see SSLParameters#getAlgorithmConstraints
  142        * @see SSLParameters#setAlgorithmConstraints(AlgorithmConstraints)
  143        */
  144       public abstract void checkServerTrusted(X509Certificate[] chain,
  145           String authType, Socket socket) throws CertificateException;
  146   
  147       /**
  148        * Given the partial or complete certificate chain provided by the
  149        * peer, build and validate the certificate path based on the
  150        * authentication type and ssl parameters.
  151        * <p>
  152        * The authentication type is determined by the actual certificate
  153        * used. For instance, if RSAPublicKey is used, the authType
  154        * should be "RSA". Checking is case-sensitive.
  155        * <p>
  156        * If the <code>engine</code> parameter is available, and the endpoint
  157        * identification algorithm of the <code>SSLParameters</code> is
  158        * non-empty, to prevent man-in-the-middle attacks, the address that
  159        * the <code>engine</code> connected to should be checked against
  160        * the peer's identity presented in the end-entity X509 certificate,
  161        * as specified in the endpoint identification algorithm.
  162        * <p>
  163        * If the <code>engine</code> parameter is available, and the algorithm
  164        * constraints of the <code>SSLParameters</code> is non-null, for every
  165        * certificate in the certification path, fields such as subject public
  166        * key, the signature algorithm, key usage, extended key usage, etc.
  167        * need to conform to the algorithm constraints in place on this engine.
  168        *
  169        * @param chain the peer certificate chain
  170        * @param authType the key exchange algorithm used
  171        * @param engine the engine used for this connection. This parameter
  172        *        can be null, which indicates that implementations need not check
  173        *        the ssl parameters
  174        * @throws IllegalArgumentException if null or zero-length array is passed
  175        *        in for the <code>chain</code> parameter or if null or zero-length
  176        *        string is passed in for the <code>authType</code> parameter
  177        * @throws CertificateException if the certificate chain is not trusted
  178        *        by this TrustManager
  179        *
  180        * @see SSLParameters#getEndpointIdentificationAlgorithm
  181        * @see SSLParameters#setEndpointIdentificationAlgorithm(String)
  182        * @see SSLParameters#getAlgorithmConstraints
  183        * @see SSLParameters#setAlgorithmConstraints(AlgorithmConstraints)
  184        */
  185       public abstract void checkClientTrusted(X509Certificate[] chain,
  186           String authType, SSLEngine engine) throws CertificateException;
  187   
  188       /**
  189        * Given the partial or complete certificate chain provided by the
  190        * peer, build and validate the certificate path based on the
  191        * authentication type and ssl parameters.
  192        * <p>
  193        * The authentication type is the key exchange algorithm portion
  194        * of the cipher suites represented as a String, such as "RSA",
  195        * "DHE_DSS". Note: for some exportable cipher suites, the key
  196        * exchange algorithm is determined at run time during the
  197        * handshake. For instance, for TLS_RSA_EXPORT_WITH_RC4_40_MD5,
  198        * the authType should be RSA_EXPORT when an ephemeral RSA key is
  199        * used for the key exchange, and RSA when the key from the server
  200        * certificate is used. Checking is case-sensitive.
  201        * <p>
  202        * If the <code>engine</code> parameter is available, and the endpoint
  203        * identification algorithm of the <code>SSLParameters</code> is
  204        * non-empty, to prevent man-in-the-middle attacks, the address that
  205        * the <code>engine</code> connected to should be checked against
  206        * the peer's identity presented in the end-entity X509 certificate,
  207        * as specified in the endpoint identification algorithm.
  208        * <p>
  209        * If the <code>engine</code> parameter is available, and the algorithm
  210        * constraints of the <code>SSLParameters</code> is non-null, for every
  211        * certificate in the certification path, fields such as subject public
  212        * key, the signature algorithm, key usage, extended key usage, etc.
  213        * need to conform to the algorithm constraints in place on this engine.
  214        *
  215        * @param chain the peer certificate chain
  216        * @param authType the key exchange algorithm used
  217        * @param engine the engine used for this connection. This parameter
  218        *        can be null, which indicates that implementations need not check
  219        *        the ssl parameters
  220        * @throws IllegalArgumentException if null or zero-length array is passed
  221        *        in for the <code>chain</code> parameter or if null or zero-length
  222        *        string is passed in for the <code>authType</code> parameter
  223        * @throws CertificateException if the certificate chain is not trusted
  224        *        by this TrustManager
  225        *
  226        * @see SSLParameters#getEndpointIdentificationAlgorithm
  227        * @see SSLParameters#setEndpointIdentificationAlgorithm(String)
  228        * @see SSLParameters#getAlgorithmConstraints
  229        * @see SSLParameters#setAlgorithmConstraints(AlgorithmConstraints)
  230        */
  231       public abstract void checkServerTrusted(X509Certificate[] chain,
  232           String authType, SSLEngine engine) throws CertificateException;
  233   
  234   }

Home » openjdk-7 » javax » net » ssl » [javadoc | source]