Sort out the provider algorithm names for SSLContext

AaronAlc · Mar 7, 2017 · 9d542ff · 9d542ff
1 parent 2e16d17
commit 9d542ff
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 14 deletions.
diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/BouncyCastleJsseProvider.java b/tls/src/main/java/org/bouncycastle/jsse/provider/BouncyCastleJsseProvider.java
@@ -168,16 +168,23 @@ public Object createInstance(Object constructorParameter)
         addAlias("Alg.Alias.TrustManagerFactory.X.509", "PKIX");
         addAlias("Alg.Alias.TrustManagerFactory.X509", "PKIX");
 
-        if (isInFipsMode == false)
-        {
-            addAlgorithmImplementation("SSLContext.SSL", "org.bouncycastle.jsse.provider.SSLContext.TLS", new EngineCreator()
-            {
-                public Object createInstance(Object constructorParameter)
-                {
-                    return new ProvSSLContextSpi(baseCryptoProvider);
-                }
-            });
-        }
+//        if (isInFipsMode == false)
+//        {
+//            addAlgorithmImplementation("SSLContext.SSL", "org.bouncycastle.jsse.provider.SSLContext.SSL", new EngineCreator()
+//            {
+//                public Object createInstance(Object constructorParameter)
+//                {
+//                    return new ProvSSLContextSpi(baseCryptoProvider, new String[]{ "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2" });
+//                }
+//            });
+//            addAlgorithmImplementation("SSLContext.SSLv3", "org.bouncycastle.jsse.provider.SSLContext.SSLv3", new EngineCreator()
+//            {
+//                public Object createInstance(Object constructorParameter)
+//                {
+//                    return new ProvSSLContextSpi(baseCryptoProvider, new String[]{ "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2" });
+//                }
+//            });
+//        }
 
         addAlgorithmImplementation("SSLContext.TLS", "org.bouncycastle.jsse.provider.SSLContext.TLS", new EngineCreator()
         {
@@ -186,20 +193,44 @@ public Object createInstance(Object constructorParameter)
                 return new ProvSSLContextSpi(baseCryptoProvider);
             }
         });
-        addAlgorithmImplementation("SSLContext.TLSv1", "org.bouncycastle.jsse.provider.SSLContext.TLS.1", new EngineCreator()
+        addAlgorithmImplementation("SSLContext.TLSv1", "org.bouncycastle.jsse.provider.SSLContext.TLSv1", new EngineCreator()
         {
             public Object createInstance(Object constructorParameter)
             {
-                return new ProvSSLContextSpi(baseCryptoProvider);
+                return new ProvSSLContextSpi(baseCryptoProvider, new String[]{ "TLSv1", "TLSv1.1", "TLSv1.2" });
+            }
+        });
+        addAlgorithmImplementation("SSLContext.TLSv1.1", "org.bouncycastle.jsse.provider.SSLContext.TLSv1_1", new EngineCreator()
+        {
+            public Object createInstance(Object constructorParameter)
+            {
+                return new ProvSSLContextSpi(baseCryptoProvider, new String[]{ "TLSv1.1", "TLSv1.2" });
             }
         });
-        addAlgorithmImplementation("SSLContext.Default", "org.bouncycastle.jsse.provider.SSLContext.TLS.Default", new EngineCreator()
+        addAlgorithmImplementation("SSLContext.TLSv1.2", "org.bouncycastle.jsse.provider.SSLContext.TLSv1_2", new EngineCreator()
         {
             public Object createInstance(Object constructorParameter)
             {
                 return new ProvSSLContextSpi(baseCryptoProvider);
             }
         });
+        addAlgorithmImplementation("SSLContext.DEFAULT", "org.bouncycastle.jsse.provider.SSLContext.Default", new EngineCreator()
+        {
+            public Object createInstance(Object constructorParameter)
+            {
+                try
+                {
+                    ProvSSLContextSpi defaultSSLContextSpi = new ProvSSLContextSpi(baseCryptoProvider);
+                    defaultSSLContextSpi.engineInit(null, null, null);
+                    return defaultSSLContextSpi;
+                }
+                catch (GeneralSecurityException e)
+                {
+                    // TODO[jsse] Log this exception
+                    return null;
+                }
+            }
+        });
     }
 
     void addAttribute(String key, String attributeName, String attributeValue)

diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/ProvSSLContextSpi.java b/tls/src/main/java/org/bouncycastle/jsse/provider/ProvSSLContextSpi.java
@@ -119,6 +119,7 @@ private static Map<String, ProtocolVersion> createSupportedProtocols()
     }
 
     protected final TlsCryptoProvider cryptoProvider;
+    protected final String[] defaultProtocols;
 
     protected boolean initialized = false;
 
@@ -129,8 +130,14 @@ private static Map<String, ProtocolVersion> createSupportedProtocols()
     private ProvSSLSessionContext serverSessionContext;
 
     ProvSSLContextSpi(TlsCryptoProvider cryptoProvider)
+    {
+        this(cryptoProvider, new String[]{ "TLSv1.2" });
+    }
+
+    ProvSSLContextSpi(TlsCryptoProvider cryptoProvider, String[] defaultProtocols)
     {
         this.cryptoProvider = cryptoProvider;
+        this.defaultProtocols = defaultProtocols;
     }
 
     int[] convertCipherSuites(String[] suites)
@@ -175,7 +182,7 @@ String[] getDefaultCipherSuites()
 
     String[] getDefaultProtocols()
     {
-        return new String[]{ "TLSv1.2" };
+        return defaultProtocols;
     }
 
     ProtocolVersion getMaximumVersion(String[] protocols)