Package org.conscrypt
Class Platform
java.lang.Object
org.conscrypt.Platform
Platform-specific methods for OpenJDK.
Uses reflection to implement Java 8 SSL features for backwards compatibility.
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescription(package private) static void(package private) static booleancanExecuteExecutable(File file) (package private) static voidcheckClientTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, AbstractConscryptSocket socket) (package private) static voidcheckClientTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, ConscryptEngine engine) (package private) static voidcheckServerTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, AbstractConscryptSocket socket) (package private) static voidcheckServerTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, ConscryptEngine engine) (package private) static voidcloseGuardClose(Object guardObj) (package private) static Object(package private) static voidcloseGuardOpen(Object guardObj, String message) (package private) static voidcloseGuardWarnIfOpen(Object guardObj) (package private) static ConscryptEngineSocketcreateEngineSocket(String hostname, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) (package private) static ConscryptEngineSocketcreateEngineSocket(String hostname, int port, SSLParametersImpl sslParameters) (package private) static ConscryptEngineSocketcreateEngineSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) (package private) static ConscryptEngineSocketcreateEngineSocket(InetAddress address, int port, SSLParametersImpl sslParameters) (package private) static ConscryptEngineSocketcreateEngineSocket(Socket socket, String hostname, int port, boolean autoClose, SSLParametersImpl sslParameters) (package private) static ConscryptEngineSocketcreateEngineSocket(SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocketcreateFileDescriptorSocket(String hostname, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocketcreateFileDescriptorSocket(String hostname, int port, SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocketcreateFileDescriptorSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocketcreateFileDescriptorSocket(InetAddress address, int port, SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocketcreateFileDescriptorSocket(Socket socket, String hostname, int port, boolean autoClose, SSLParametersImpl sslParameters) (package private) static ConscryptFileDescriptorSocketcreateFileDescriptorSocket(SSLParametersImpl sslParameters) (package private) static FilecreateTempFile(String prefix, String suffix, File directory) Approximates the behavior of File.createTempFile without depending on SecureRandom.(package private) static AlgorithmParameterSpecfromGCMParameters(AlgorithmParameters params) Convert from an opaque AlgorithmParameters to the platform's GCMParameterSpec.(package private) static GCMParametersConvert from platform's GCMParameterSpec to our internal version.(package private) static StringgetCurveName(ECParameterSpec spec) (package private) static KeyStorestatic ConscryptHostnameVerifier(package private) static StringDefault name used in theJCE systembyOpenSSLProviderif the default constructor is used.(package private) static String(package private) static FileDescriptor(package private) static FileDescriptor(package private) static Stringstatic String(package private) static voidgetSSLParameters(SSLParameters params, SSLParametersImpl impl, AbstractConscryptSocket socket) (package private) static voidgetSSLParameters(SSLParameters params, SSLParametersImpl impl, ConscryptEngine engine) private static ClassLoaderprivate static boolean(package private) static booleanisCTVerificationRequired(String hostname) Check if SCT verification is required for a given hostname.(package private) static booleanFor unbundled versions, SNI is always enabled by default.(package private) static intprivate static int(package private) static voidLogs to the system EventLog system.private static intmajorVersion(String javaSpecVersion) private static int(package private) static CertBlocklist(package private) static ConscryptCertStore(package private) static CTLogStore(package private) static CTPolicynewDefaultPolicy(CTLogStore logStore) (package private) static StringoidToAlgorithmName(String oid) OID to Algorithm Name mapping.(package private) static boolean(package private) static booleanserverNamePermitted(SSLParametersImpl parameters, String serverName) (package private) static voidsetCurveName(ECParameterSpec spec, String curveName) (package private) static voidsetEndpointIdentificationAlgorithm(SSLParameters params, String endpointIdentificationAlgorithm) (package private) static voidsetSocketWriteTimeout(Socket s, long timeoutMillis) (package private) static voidsetSSLParameters(SSLParameters params, SSLParametersImpl impl, AbstractConscryptSocket socket) (package private) static voidsetSSLParameters(SSLParameters params, SSLParametersImpl impl, ConscryptEngine engine) (package private) static voidsetup()(package private) static boolean(package private) static boolean(package private) static AlgorithmParameterSpectoGCMParameterSpec(int tagLenInBits, byte[] iv) Creates a platform version ofGCMParameterSpec.(package private) static SSLEngineunwrapEngine(SSLEngine engine) (package private) static SSLEnginewrapEngine(ConscryptEngine engine) (package private) static OpenSSLKeywrapRsaKey(PrivateKey javaKey) Wraps an old AndroidOpenSSL key instance.(package private) static SSLSocketFactoryCurrently we don't wrap anything from the RI.(package private) static SSLSessionwrapSSLSession(ExternalSession sslSession)
-
Field Details
-
JAVA_VERSION
private static final int JAVA_VERSION -
GET_CURVE_NAME_METHOD
-
-
Constructor Details
-
Platform
private Platform()
-
-
Method Details
-
setup
static void setup() -
createTempFile
Approximates the behavior of File.createTempFile without depending on SecureRandom.- Throws:
IOException
-
getDefaultProviderName
Default name used in theJCE systembyOpenSSLProviderif the default constructor is used. -
provideTrustManagerByDefault
static boolean provideTrustManagerByDefault() -
canExecuteExecutable
- Throws:
IOException
-
getFileDescriptor
-
getFileDescriptorFromSSLSocket
-
getCurveName
-
setCurveName
-
setSocketWriteTimeout
- Throws:
SocketException
-
setSSLParameters
static void setSSLParameters(SSLParameters params, SSLParametersImpl impl, AbstractConscryptSocket socket) -
getSSLParameters
static void getSSLParameters(SSLParameters params, SSLParametersImpl impl, AbstractConscryptSocket socket) -
setSSLParameters
-
getSSLParameters
-
setEndpointIdentificationAlgorithm
static void setEndpointIdentificationAlgorithm(SSLParameters params, String endpointIdentificationAlgorithm) -
getEndpointIdentificationAlgorithm
-
checkClientTrusted
static void checkClientTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, AbstractConscryptSocket socket) throws CertificateException - Throws:
CertificateException
-
checkServerTrusted
static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, AbstractConscryptSocket socket) throws CertificateException - Throws:
CertificateException
-
checkClientTrusted
static void checkClientTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, ConscryptEngine engine) throws CertificateException - Throws:
CertificateException
-
checkServerTrusted
static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, String authType, ConscryptEngine engine) throws CertificateException - Throws:
CertificateException
-
wrapRsaKey
Wraps an old AndroidOpenSSL key instance. This is not needed on RI. -
logEvent
Logs to the system EventLog system. -
isSniEnabledByDefault
static boolean isSniEnabledByDefault()For unbundled versions, SNI is always enabled by default. -
wrapEngine
-
unwrapEngine
-
createEngineSocket
- Throws:
IOException
-
createEngineSocket
static ConscryptEngineSocket createEngineSocket(String hostname, int port, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createEngineSocket
static ConscryptEngineSocket createEngineSocket(InetAddress address, int port, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createEngineSocket
static ConscryptEngineSocket createEngineSocket(String hostname, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createEngineSocket
static ConscryptEngineSocket createEngineSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createEngineSocket
static ConscryptEngineSocket createEngineSocket(Socket socket, String hostname, int port, boolean autoClose, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(String hostname, int port, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(InetAddress address, int port, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(String hostname, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
createFileDescriptorSocket
static ConscryptFileDescriptorSocket createFileDescriptorSocket(Socket socket, String hostname, int port, boolean autoClose, SSLParametersImpl sslParameters) throws IOException - Throws:
IOException
-
wrapSocketFactoryIfNeeded
Currently we don't wrap anything from the RI. -
fromGCMParameterSpec
Convert from platform's GCMParameterSpec to our internal version. -
fromGCMParameters
Convert from an opaque AlgorithmParameters to the platform's GCMParameterSpec. -
toGCMParameterSpec
Creates a platform version ofGCMParameterSpec. -
closeGuardGet
-
closeGuardOpen
-
closeGuardClose
-
closeGuardWarnIfOpen
-
blockGuardOnNetwork
static void blockGuardOnNetwork() -
oidToAlgorithmName
OID to Algorithm Name mapping. -
wrapSSLSession
-
getOriginalHostNameFromInetAddress
-
getHostStringFromInetSocketAddress
-
supportsX509ExtendedTrustManager
static boolean supportsX509ExtendedTrustManager() -
isCTVerificationRequired
Check if SCT verification is required for a given hostname. SCT Verification is enabled usingSecurityproperties. The "conscrypt.ct.enable" property must be true, as well as a per domain property. The reverse notation of the domain name, prefixed with "conscrypt.ct.enforce." is used as the property name. Basic globbing is also supported. For example, for the domain foo.bar.com, the following properties will be looked up, in order of precedence. - conscrypt.ct.enforce.com.bar.foo - conscrypt.ct.enforce.com.bar.* - conscrypt.ct.enforce.com.* - conscrypt.ct.enforce.* -
supportsConscryptCertStore
static boolean supportsConscryptCertStore() -
getDefaultCertKeyStore
- Throws:
KeyStoreException
-
newDefaultCertStore
-
newDefaultBlocklist
-
newDefaultLogStore
-
newDefaultPolicy
-
serverNamePermitted
-
isAndroid
private static boolean isAndroid() -
javaVersion
static int javaVersion() -
javaVersion0
private static int javaVersion0() -
majorVersionFromJavaSpecificationVersion
private static int majorVersionFromJavaSpecificationVersion() -
majorVersion
-
getSystemClassLoader
-
getDefaultHostnameVerifier
-