Package org.conscrypt
Class Platform
java.lang.Object
org.conscrypt.Platform
Platform-specific methods for OpenJDK.
Uses reflection to implement Java 8 SSL features for backwards compatibility.
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescription(package private) static void
(package private) static boolean
canExecuteExecutable
(File file) (package private) static void
checkClientTrusted
(X509TrustManager tm, X509Certificate[] chain, String authType, AbstractConscryptSocket socket) (package private) static void
checkClientTrusted
(X509TrustManager tm, X509Certificate[] chain, String authType, ConscryptEngine engine) (package private) static void
checkServerTrusted
(X509TrustManager tm, X509Certificate[] chain, String authType, AbstractConscryptSocket socket) (package private) static void
checkServerTrusted
(X509TrustManager tm, X509Certificate[] chain, String authType, ConscryptEngine engine) (package private) static void
closeGuardClose
(Object guardObj) (package private) static Object
(package private) static void
closeGuardOpen
(Object guardObj, String message) (package private) static void
closeGuardWarnIfOpen
(Object guardObj) (package private) static ConscryptEngineSocket
createEngineSocket
(String hostname, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) (package private) static ConscryptEngineSocket
createEngineSocket
(String hostname, int port, SSLParametersImpl sslParameters) (package private) static ConscryptEngineSocket
createEngineSocket
(InetAddress address, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) (package private) static ConscryptEngineSocket
createEngineSocket
(InetAddress address, int port, SSLParametersImpl sslParameters) (package private) static ConscryptEngineSocket
createEngineSocket
(Socket socket, String hostname, int port, boolean autoClose, SSLParametersImpl sslParameters) (package private) static ConscryptEngineSocket
createEngineSocket
(SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocket
createFileDescriptorSocket
(String hostname, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocket
createFileDescriptorSocket
(String hostname, int port, SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocket
createFileDescriptorSocket
(InetAddress address, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocket
createFileDescriptorSocket
(InetAddress address, int port, SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocket
createFileDescriptorSocket
(Socket socket, String hostname, int port, boolean autoClose, SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocket
createFileDescriptorSocket
(SSLParametersImpl sslParameters) (package private) static File
createTempFile
(String prefix, String suffix, File directory) Approximates the behavior of File.createTempFile without depending on SecureRandom.(package private) static AlgorithmParameterSpec
fromGCMParameters
(AlgorithmParameters params) Convert from an opaque AlgorithmParameters to the platform's GCMParameterSpec.(package private) static GCMParameters
Convert from platform's GCMParameterSpec to our internal version.(package private) static String
getCurveName
(ECParameterSpec spec) (package private) static KeyStore
static ConscryptHostnameVerifier
(package private) static String
Default name used in theJCE system
byOpenSSLProvider
if the default constructor is used.(package private) static String
(package private) static FileDescriptor
(package private) static FileDescriptor
(package private) static String
static String
(package private) static void
getSSLParameters
(SSLParameters params, SSLParametersImpl impl, AbstractConscryptSocket socket) (package private) static void
getSSLParameters
(SSLParameters params, SSLParametersImpl impl, ConscryptEngine engine) private static ClassLoader
private static boolean
(package private) static boolean
isCTVerificationRequired
(String hostname) Check if SCT verification is required for a given hostname.(package private) static boolean
For unbundled versions, SNI is always enabled by default.(package private) static int
private static int
(package private) static void
Logs to the system EventLog system.private static int
majorVersion
(String javaSpecVersion) private static int
(package private) static CertBlocklist
(package private) static ConscryptCertStore
(package private) static CTLogStore
(package private) static CTPolicy
newDefaultPolicy
(CTLogStore logStore) (package private) static String
oidToAlgorithmName
(String oid) OID to Algorithm Name mapping.(package private) static boolean
(package private) static boolean
serverNamePermitted
(SSLParametersImpl parameters, String serverName) (package private) static void
setCurveName
(ECParameterSpec spec, String curveName) (package private) static void
setEndpointIdentificationAlgorithm
(SSLParameters params, String endpointIdentificationAlgorithm) (package private) static void
setSocketWriteTimeout
(Socket s, long timeoutMillis) (package private) static void
setSSLParameters
(SSLParameters params, SSLParametersImpl impl, AbstractConscryptSocket socket) (package private) static void
setSSLParameters
(SSLParameters params, SSLParametersImpl impl, ConscryptEngine engine) (package private) static void
setup()
(package private) static boolean
(package private) static boolean
(package private) static AlgorithmParameterSpec
toGCMParameterSpec
(int tagLenInBits, byte[] iv) Creates a platform version ofGCMParameterSpec
.(package private) static SSLEngine
unwrapEngine
(SSLEngine engine) (package private) static SSLEngine
wrapEngine
(ConscryptEngine engine) (package private) static OpenSSLKey
wrapRsaKey
(PrivateKey javaKey) Wraps an old AndroidOpenSSL key instance.(package private) static SSLSocketFactory
Currently we don't wrap anything from the RI.(package private) static SSLSession
wrapSSLSession
(ExternalSession sslSession)
-
Field Details
-
JAVA_VERSION
private static final int JAVA_VERSION -
GET_CURVE_NAME_METHOD
-
-
Constructor Details
-
Platform
private Platform()
-
-
Method Details
-
setup
static void setup() -
createTempFile
Approximates the behavior of File.createTempFile without depending on SecureRandom.- Throws:
IOException
-
getDefaultProviderName
Default name used in theJCE system
byOpenSSLProvider
if the default constructor is used. -
provideTrustManagerByDefault
static boolean provideTrustManagerByDefault() -
canExecuteExecutable
- Throws:
IOException
-
getFileDescriptor
-
getFileDescriptorFromSSLSocket
-
getCurveName
-
setCurveName
-
setSocketWriteTimeout
- Throws:
SocketException
-
setSSLParameters
static void setSSLParameters(SSLParameters params, SSLParametersImpl impl, AbstractConscryptSocket socket) -
getSSLParameters
static void getSSLParameters(SSLParameters params, SSLParametersImpl impl, AbstractConscryptSocket socket) -
setSSLParameters
-
getSSLParameters
-
setEndpointIdentificationAlgorithm
static void setEndpointIdentificationAlgorithm(SSLParameters params, String endpointIdentificationAlgorithm) -
getEndpointIdentificationAlgorithm
-
checkClientTrusted
static void checkClientTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, AbstractConscryptSocket socket) throws CertificateException - Throws:
CertificateException
-
checkServerTrusted
static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, AbstractConscryptSocket socket) throws CertificateException - Throws:
CertificateException
-
checkClientTrusted
static void checkClientTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, ConscryptEngine engine) throws CertificateException - Throws:
CertificateException
-
checkServerTrusted
static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, ConscryptEngine engine) throws CertificateException - Throws:
CertificateException
-
wrapRsaKey
Wraps an old AndroidOpenSSL key instance. This is not needed on RI. -
logEvent
Logs to the system EventLog system. -
isSniEnabledByDefault
static boolean isSniEnabledByDefault()For unbundled versions, SNI is always enabled by default. -
wrapEngine
-
unwrapEngine
-
createEngineSocket
- Throws:
IOException
-
createEngineSocket
static ConscryptEngineSocket createEngineSocket(String hostname, int port, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createEngineSocket
static ConscryptEngineSocket createEngineSocket(InetAddress address, int port, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createEngineSocket
static ConscryptEngineSocket createEngineSocket(String hostname, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createEngineSocket
static ConscryptEngineSocket createEngineSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createEngineSocket
static ConscryptEngineSocket createEngineSocket(Socket socket, String hostname, int port, boolean autoClose, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(String hostname, int port, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(InetAddress address, int port, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(String hostname, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(Socket socket, String hostname, int port, boolean autoClose, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
wrapSocketFactoryIfNeeded
Currently we don't wrap anything from the RI. -
fromGCMParameterSpec
Convert from platform's GCMParameterSpec to our internal version. -
fromGCMParameters
Convert from an opaque AlgorithmParameters to the platform's GCMParameterSpec. -
toGCMParameterSpec
Creates a platform version ofGCMParameterSpec
. -
closeGuardGet
-
closeGuardOpen
-
closeGuardClose
-
closeGuardWarnIfOpen
-
blockGuardOnNetwork
static void blockGuardOnNetwork() -
oidToAlgorithmName
OID to Algorithm Name mapping. -
wrapSSLSession
-
getOriginalHostNameFromInetAddress
-
getHostStringFromInetSocketAddress
-
supportsX509ExtendedTrustManager
static boolean supportsX509ExtendedTrustManager() -
isCTVerificationRequired
Check if SCT verification is required for a given hostname. SCT Verification is enabled usingSecurity
properties. The "conscrypt.ct.enable" property must be true, as well as a per domain property. The reverse notation of the domain name, prefixed with "conscrypt.ct.enforce." is used as the property name. Basic globbing is also supported. For example, for the domain foo.bar.com, the following properties will be looked up, in order of precedence. - conscrypt.ct.enforce.com.bar.foo - conscrypt.ct.enforce.com.bar.* - conscrypt.ct.enforce.com.* - conscrypt.ct.enforce.* -
supportsConscryptCertStore
static boolean supportsConscryptCertStore() -
getDefaultCertKeyStore
- Throws:
KeyStoreException
-
newDefaultCertStore
-
newDefaultBlocklist
-
newDefaultLogStore
-
newDefaultPolicy
-
serverNamePermitted
-
isAndroid
private static boolean isAndroid() -
javaVersion
static int javaVersion() -
javaVersion0
private static int javaVersion0() -
majorVersionFromJavaSpecificationVersion
private static int majorVersionFromJavaSpecificationVersion() -
majorVersion
-
getSystemClassLoader
-
getDefaultHostnameVerifier
-