/*

 * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.

 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

 *

 * This code is free software; you can redistribute it and/or modify it

 * under the terms of the GNU General Public License version 2 only, as

 * published by the Free Software Foundation.  Oracle designates this

 * particular file as subject to the "Classpath" exception as provided

 * by Oracle in the LICENSE file that accompanied this code.

 *

 * This code is distributed in the hope that it will be useful, but WITHOUT

 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

 * version 2 for more details (a copy is included in the LICENSE file that

 * accompanied this code).

 *

 * You should have received a copy of the GNU General Public License version

 * 2 along with this work; if not, write to the Free Software Foundation,

 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

 *

 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

 * or visit www.oracle.com if you need additional information or have any

 * questions.

 */

package sun.security.ssl;

import java.io.*;

import java.net.Socket;

import java.security.*;

import java.security.cert.*;

import java.util.*;

import javax.net.ssl.*;

import sun.security.action.GetPropertyAction;

import sun.security.provider.certpath.AlgorithmChecker;

import sun.security.validator.Validator;

/**

 * Implementation of an SSLContext.

 *

 * Implementation note: Instances of this class and the child classes are

 * immutable, except that the context initialization (SSLContext.init()) may

 * reset the key, trust managers and source of secure random.

 */

public abstract class SSLContextImpl extends SSLContextSpi {

    private final EphemeralKeyManager ephemeralKeyManager;

    private final SSLSessionContextImpl clientCache;

    private final SSLSessionContextImpl serverCache;

    private boolean isInitialized;

    private X509ExtendedKeyManager keyManager;

    private X509TrustManager trustManager;

    private SecureRandom secureRandom;

    // DTLS cookie exchange manager

    private volatile HelloCookieManager.Builder helloCookieManagerBuilder;

    private final boolean clientEnableStapling = Utilities.getBooleanProperty(

            "jdk.tls.client.enableStatusRequestExtension", true);

    private final boolean serverEnableStapling = Utilities.getBooleanProperty(

            "jdk.tls.server.enableStatusRequestExtension", false);

    private static final Collection<CipherSuite> clientCustomizedCipherSuites =

            getCustomizedCipherSuites("jdk.tls.client.cipherSuites");

    private static final Collection<CipherSuite> serverCustomizedCipherSuites =

            getCustomizedCipherSuites("jdk.tls.server.cipherSuites");

    private volatile StatusResponseManager statusResponseManager;

    SSLContextImpl() {

        ephemeralKeyManager = new EphemeralKeyManager();

        clientCache = new SSLSessionContextImpl();

        serverCache = new SSLSessionContextImpl();

    }

    @Override

    protected void engineInit(KeyManager[] km, TrustManager[] tm,

                                SecureRandom sr) throws KeyManagementException {

        isInitialized = false;

        keyManager = chooseKeyManager(km);

        if (tm == null) {

            try {

                TrustManagerFactory tmf = TrustManagerFactory.getInstance(

                        TrustManagerFactory.getDefaultAlgorithm());

                tmf.init((KeyStore)null);

                tm = tmf.getTrustManagers();

            } catch (Exception e) {

                // eat

            }

        }

        trustManager = chooseTrustManager(tm);

        if (sr == null) {

            secureRandom = new SecureRandom();

        } else {

            secureRandom = sr;

        }

        /*

         * The initial delay of seeding the random number generator

         * could be long enough to cause the initial handshake on our

         * first connection to timeout and fail. Make sure it is

         * primed and ready by getting some initial output from it.

         */

        if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {

            SSLLogger.finest("trigger seeding of SecureRandom");

        }

        secureRandom.nextInt();

        if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {

            SSLLogger.finest("done seeding of SecureRandom");

        }

        isInitialized = true;

    }

    private X509TrustManager chooseTrustManager(TrustManager[] tm)

            throws KeyManagementException {

        // We only use the first instance of X509TrustManager passed to us.

        for (int i = 0; tm != null && i < tm.length; i++) {

            if (tm[i] instanceof X509TrustManager) {

                if (tm[i] instanceof X509ExtendedTrustManager) {

                    return (X509TrustManager)tm[i];

                } else {

                    return new AbstractTrustManagerWrapper(

                                        (X509TrustManager)tm[i]);

                }

            }

        }

        // nothing found, return a dummy X509TrustManager.

        return DummyX509TrustManager.INSTANCE;

    }

    private X509ExtendedKeyManager chooseKeyManager(KeyManager[] kms)

            throws KeyManagementException {

        for (int i = 0; kms != null && i < kms.length; i++) {

            KeyManager km = kms[i];

            if (!(km instanceof X509KeyManager)) {

                continue;

            }

            if (km instanceof X509ExtendedKeyManager) {

                return (X509ExtendedKeyManager)km;

            }

            if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {

                SSLLogger.warning(

                    "X509KeyManager passed to SSLContext.init():  need an " +

                    "X509ExtendedKeyManager for SSLEngine use");

            }

            return new AbstractKeyManagerWrapper((X509KeyManager)km);

        }

        // nothing found, return a dummy X509ExtendedKeyManager

        return DummyX509KeyManager.INSTANCE;

    }

    abstract SSLEngine createSSLEngineImpl();

    abstract SSLEngine createSSLEngineImpl(String host, int port);

    @Override

    protected SSLEngine engineCreateSSLEngine() {

        if (!isInitialized) {

            throw new IllegalStateException("SSLContext is not initialized");

        }

        return createSSLEngineImpl();

    }

    @Override

    protected SSLEngine engineCreateSSLEngine(String host, int port) {

        if (!isInitialized) {

            throw new IllegalStateException("SSLContext is not initialized");

        }

        return createSSLEngineImpl(host, port);

    }

    @Override

    protected SSLSocketFactory engineGetSocketFactory() {

        if (!isInitialized) {

            throw new IllegalStateException("SSLContext is not initialized");

        }

        if (isDTLS()) {

            throw new UnsupportedOperationException(

                    "DTLS not supported with SSLSocket");

        }

       return new SSLSocketFactoryImpl(this);

    }

    @Override

    protected SSLServerSocketFactory engineGetServerSocketFactory() {

        if (!isInitialized) {

            throw new IllegalStateException("SSLContext is not initialized");

        }

        if (isDTLS()) {

            throw new UnsupportedOperationException(

                    "DTLS not supported with SSLServerSocket");

        }

        return new SSLServerSocketFactoryImpl(this);

    }

    @Override

    protected SSLSessionContext engineGetClientSessionContext() {

        return clientCache;

    }

    @Override

    protected SSLSessionContext engineGetServerSessionContext() {

        return serverCache;

    }

    SecureRandom getSecureRandom() {

        return secureRandom;

    }

    X509ExtendedKeyManager getX509KeyManager() {

        return keyManager;

    }

    X509TrustManager getX509TrustManager() {

        return trustManager;

    }

    EphemeralKeyManager getEphemeralKeyManager() {

        return ephemeralKeyManager;

    }

    // Used for DTLS in server mode only.

    HelloCookieManager getHelloCookieManager(ProtocolVersion protocolVersion) {

        if (helloCookieManagerBuilder == null) {

            synchronized (this) {

                if (helloCookieManagerBuilder == null) {

                    helloCookieManagerBuilder =

                            new HelloCookieManager.Builder(secureRandom);

                }

            }

        }

        return helloCookieManagerBuilder.valueOf(protocolVersion);

    }

    StatusResponseManager getStatusResponseManager() {

        if (serverEnableStapling && statusResponseManager == null) {

            synchronized (this) {

                if (statusResponseManager == null) {

                    if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {

                        SSLLogger.finest(

                                "Initializing StatusResponseManager");

                    }

                    statusResponseManager = new StatusResponseManager();

                }

            }

        }

        return statusResponseManager;

    }

    // Get supported protocols.

    abstract List<ProtocolVersion> getSupportedProtocolVersions();

    // Get default protocols for server mode.

    abstract List<ProtocolVersion> getServerDefaultProtocolVersions();

    // Get default protocols for client mode.

    abstract List<ProtocolVersion> getClientDefaultProtocolVersions();

    // Get supported CipherSuite list.

    abstract List<CipherSuite> getSupportedCipherSuites();

    // Get default CipherSuite list for server mode.

    abstract List<CipherSuite> getServerDefaultCipherSuites();

    // Get default CipherSuite list for client mode.

    abstract List<CipherSuite> getClientDefaultCipherSuites();

    // Is the context for DTLS protocols?

    abstract boolean isDTLS();

    // Get default protocols.

    List<ProtocolVersion> getDefaultProtocolVersions(boolean roleIsServer) {

        return roleIsServer ? getServerDefaultProtocolVersions()

                            : getClientDefaultProtocolVersions();

    }

    // Get default CipherSuite list.

    List<CipherSuite> getDefaultCipherSuites(boolean roleIsServer) {

        return roleIsServer ? getServerDefaultCipherSuites()

                            : getClientDefaultCipherSuites();

    }

    /**

     * Return whether a protocol list is the original default enabled

     * protocols.  See: SSLSocket/SSLEngine.setEnabledProtocols()

     */

    boolean isDefaultProtocolVesions(List<ProtocolVersion> protocols) {

        return (protocols == getServerDefaultProtocolVersions()) ||

               (protocols == getClientDefaultProtocolVersions());

    }

    /**

     * Return whether a protocol list is the original default enabled

     * protocols.  See: SSLSocket/SSLEngine.setEnabledProtocols()

     */

    boolean isDefaultCipherSuiteList(List<CipherSuite> cipherSuites) {

        return (cipherSuites == getServerDefaultCipherSuites()) ||

               (cipherSuites == getClientDefaultCipherSuites());

    }

    /**

     * Return whether client or server side stapling has been enabled

     * for this SSLContextImpl

     * @param isClient true if the caller is operating in a client side role,

     * false if acting as a server.

     * @return true if stapling has been enabled for the specified role, false

     * otherwise.

     */

    boolean isStaplingEnabled(boolean isClient) {

        return isClient ? clientEnableStapling : serverEnableStapling;

    }

    /*

     * Return the list of all available CipherSuites that are supported

     * using currently installed providers.

     */

    private static List<CipherSuite> getApplicableSupportedCipherSuites(

            List<ProtocolVersion> protocols) {

        return getApplicableCipherSuites(

                CipherSuite.allowedCipherSuites(), protocols);

    }

    /*

     * Return the list of all available CipherSuites that are default enabled

     * in client or server side.

     */

    private static List<CipherSuite> getApplicableEnabledCipherSuites(

            List<ProtocolVersion> protocols, boolean isClient) {

        if (isClient) {

            if (!clientCustomizedCipherSuites.isEmpty()) {

                return getApplicableCipherSuites(

                        clientCustomizedCipherSuites, protocols);

            }

        } else {

            if (!serverCustomizedCipherSuites.isEmpty()) {

                return getApplicableCipherSuites(

                        serverCustomizedCipherSuites, protocols);

            }

        }

        return getApplicableCipherSuites(

                CipherSuite.defaultCipherSuites(), protocols);

    }

    /*

     * Return the list of available CipherSuites which are applicable to

     * the specified protocols.

     */

    private static List<CipherSuite> getApplicableCipherSuites(

            Collection<CipherSuite> allowedCipherSuites,

            List<ProtocolVersion> protocols) {

        TreeSet<CipherSuite> suites = new TreeSet<>();

        if (protocols != null && (!protocols.isEmpty())) {

            for (CipherSuite suite : allowedCipherSuites) {

                if (!suite.isAvailable()) {

                    continue;

                }

                boolean isSupported = false;

                for (ProtocolVersion protocol : protocols) {

                    if (!suite.supports(protocol)) {

                        continue;

                    }

                    if (SSLAlgorithmConstraints.DEFAULT.permits(

                            EnumSet.of(CryptoPrimitive.KEY_AGREEMENT),

                            suite.name, null)) {

                        suites.add(suite);

                        isSupported = true;

                    } else if (SSLLogger.isOn &&

                            SSLLogger.isOn("ssl,sslctx,verbose")) {

                        SSLLogger.fine(

                                "Ignore disabled cipher suite: " + suite.name);

                    }

                    break;

                }

                if (!isSupported && SSLLogger.isOn &&

                        SSLLogger.isOn("ssl,sslctx,verbose")) {

                    SSLLogger.finest(

                            "Ignore unsupported cipher suite: " + suite);

                }

            }

        }

        return new ArrayList<>(suites);

    }

    /*

     * Get the customized cipher suites specified by the given system property.

     */

    private static Collection<CipherSuite> getCustomizedCipherSuites(

            String propertyName) {

        String property = GetPropertyAction.privilegedGetProperty(propertyName);

        if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {

            SSLLogger.fine(

                    "System property " + propertyName + " is set to '" +

                    property + "'");

        }

        if (property != null && !property.isEmpty()) {

            // remove double quote marks from beginning/end of the property

            if (property.length() > 1 && property.charAt(0) == '"' &&

                    property.charAt(property.length() - 1) == '"') {

                property = property.substring(1, property.length() - 1);

            }

        }

        if (property != null && !property.isEmpty()) {

            String[] cipherSuiteNames = property.split(",");

            Collection<CipherSuite> cipherSuites =

                        new ArrayList<>(cipherSuiteNames.length);

            for (int i = 0; i < cipherSuiteNames.length; i++) {

                cipherSuiteNames[i] = cipherSuiteNames[i].trim();

                if (cipherSuiteNames[i].isEmpty()) {

                    continue;

                }

                CipherSuite suite;

                try {

                    suite = CipherSuite.nameOf(cipherSuiteNames[i]);

                } catch (IllegalArgumentException iae) {

                    if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {

                        SSLLogger.fine(

                                "Unknown or unsupported cipher suite name: " +

                                cipherSuiteNames[i]);

                    }

                    continue;

                }

                if (suite != null && suite.isAvailable()) {

                    cipherSuites.add(suite);

                } else {

                    if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {

                        SSLLogger.fine(

                                "The current installed providers do not " +

                                "support cipher suite: " + cipherSuiteNames[i]);

                    }

                }

            }

            return cipherSuites;

        }

        return Collections.emptyList();

    }

    private static List<ProtocolVersion> getAvailableProtocols(

            ProtocolVersion[] protocolCandidates) {

        List<ProtocolVersion> availableProtocols =

                Collections.<ProtocolVersion>emptyList();

        if (protocolCandidates != null && protocolCandidates.length != 0) {

            availableProtocols = new ArrayList<>(protocolCandidates.length);

            for (ProtocolVersion p : protocolCandidates) {

                if (p.isAvailable) {

                    availableProtocols.add(p);

                }

            }

        }

        return availableProtocols;

    }

    /*

     * The SSLContext implementation for SSL/(D)TLS algorithm

     *

     * SSL/TLS protocols specify the forward compatibility and version

     * roll-back attack protections, however, a number of SSL/TLS server

     * vendors did not implement these aspects properly, and some current

     * SSL/TLS servers may refuse to talk to a TLS 1.1 or later client.

     *

     * Considering above interoperability issues, SunJSSE will not set

     * TLS 1.1 and TLS 1.2 as the enabled protocols for client by default.

     *

     * For SSL/TLS servers, there is no such interoperability issues as

     * SSL/TLS clients. In SunJSSE, TLS 1.1 or later version will be the

     * enabled protocols for server by default.

     *