1 /* 2 * ==================================================================== 3 * Licensed to the Apache Software Foundation (ASF) under one 4 * or more contributor license agreements. See the NOTICE file 5 * distributed with this work for additional information 6 * regarding copyright ownership. The ASF licenses this file 7 * to you under the Apache License, Version 2.0 (the 8 * "License"); you may not use this file except in compliance 9 * with the License. You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, 14 * software distributed under the License is distributed on an 15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 * KIND, either express or implied. See the License for the 17 * specific language governing permissions and limitations 18 * under the License. 19 * ==================================================================== 20 * 21 * This software consists of voluntary contributions made by many 22 * individuals on behalf of the Apache Software Foundation. For more 23 * information on the Apache Software Foundation, please see 24 * <http://www.apache.org/>. 25 * 26 */ 27 28 package org.apache.hc.core5.ssl; 29 30 import java.security.KeyManagementException; 31 import java.security.NoSuchAlgorithmException; 32 33 import javax.net.ssl.SSLContext; 34 35 /** 36 * {@link javax.net.ssl.SSLContext} factory methods. 37 * 38 * <p> 39 * Please note: the default Oracle JSSE implementation of 40 * {@link SSLContext#init(javax.net.ssl.KeyManager[], javax.net.ssl.TrustManager[], java.security.SecureRandom) 41 * SSLContext#init(KeyManager[], TrustManager[], SecureRandom)} 42 * accepts multiple key and trust managers, however only only first matching type is ever used. 43 * See for example: 44 * <a href="http://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLContext.html#init%28javax.net.ssl.KeyManager[],%20javax.net.ssl.TrustManager[],%20java.security.SecureRandom%29"> 45 * SSLContext.html#init 46 * </a> 47 * @since 4.4 48 */ 49 public final class SSLContexts { 50 51 private SSLContexts() { 52 // Do not allow utility class to be instantiated. 53 } 54 55 /** 56 * Creates default factory based on the standard JSSE trust material 57 * ({@code cacerts} file in the security properties directory). System properties 58 * are not taken into consideration. 59 * 60 * @return the default SSL socket factory 61 * @throws SSLInitializationException if NoSuchAlgorithmException or KeyManagementException 62 * are thrown when invoking {@link SSLContext#getInstance(String)} 63 */ 64 public static SSLContext createDefault() throws SSLInitializationException { 65 try { 66 final SSLContext sslContext = SSLContext.getInstance(SSLContextBuilder.TLS); 67 sslContext.init(null, null, null); 68 return sslContext; 69 } catch (final NoSuchAlgorithmException | KeyManagementException ex) { 70 throw new SSLInitializationException(ex.getMessage(), ex); 71 } 72 } 73 74 /** 75 * Creates default SSL context based on system properties. This method obtains 76 * default SSL context by calling {@code SSLContext.getInstance("Default")}. 77 * Please note that {@code Default} algorithm is supported as of Java 6. 78 * This method will fall back onto {@link #createDefault()} when 79 * {@code Default} algorithm is not available. 80 * 81 * @return default system SSL context 82 * @throws SSLInitializationException if {@link #createDefault()} throws it 83 */ 84 public static SSLContext createSystemDefault() throws SSLInitializationException { 85 try { 86 return SSLContext.getDefault(); 87 } catch (final NoSuchAlgorithmException ex) { 88 return createDefault(); 89 } 90 } 91 92 /** 93 * Creates custom SSL context. 94 * 95 * @return default system SSL context 96 */ 97 public static SSLContextBuilder custom() { 98 return SSLContextBuilder.create(); 99 } 100 101 }