Package org.conscrypt
Class NativeSsl
- java.lang.Object
-
- org.conscrypt.NativeSsl
-
final class NativeSsl extends java.lang.Object
A utility wrapper that abstracts operations on the underlying native SSL instance.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description (package private) class
NativeSsl.BioWrapper
A utility wrapper that abstracts operations on the underlying native BIO instance.
-
Field Summary
Fields Modifier and Type Field Description private SSLParametersImpl.AliasChooser
aliasChooser
private NativeCrypto.SSLHandshakeCallbacks
handshakeCallbacks
private java.security.cert.X509Certificate[]
localCertificates
private java.util.concurrent.locks.ReadWriteLock
lock
private SSLParametersImpl
parameters
private SSLParametersImpl.PSKCallbacks
pskCallbacks
private long
ssl
-
Constructor Summary
Constructors Modifier Constructor Description private
NativeSsl(long ssl, SSLParametersImpl parameters, NativeCrypto.SSLHandshakeCallbacks handshakeCallbacks, SSLParametersImpl.AliasChooser aliasChooser, SSLParametersImpl.PSKCallbacks pskCallbacks)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description (package private) void
chooseClientCertificate(byte[] keyTypeBytes, int[] signatureAlgs, byte[][] asn1DerEncodedPrincipals)
(package private) int
clientPSKKeyRequested(java.lang.String identityHint, byte[] identityBytesOut, byte[] key)
(package private) void
close()
(package private) void
configureServerCertificate()
(package private) int
doHandshake()
(package private) void
doHandshake(java.io.FileDescriptor fd, int timeoutMillis)
private void
enablePSKKeyManagerIfRequested()
(package private) byte[]
exportKeyingMaterial(java.lang.String label, byte[] context, int length)
protected void
finalize()
(package private) void
forceRead()
(package private) byte[]
getApplicationProtocol()
private java.util.Set<java.lang.String>
getCipherKeyTypes()
(package private) java.lang.String
getCipherSuite()
(package private) int
getError(int result)
(package private) java.security.cert.X509Certificate[]
getLocalCertificates()
(package private) int
getMaxSealOverhead()
(package private) byte[]
getPeerCertificateOcspData()
(package private) java.security.cert.X509Certificate[]
getPeerCertificates()
(package private) byte[]
getPeerTlsSctData()
(package private) int
getPendingReadableBytes()
(package private) java.lang.String
getRequestedServerName()
(package private) byte[]
getSessionId()
(package private) long
getTime()
(package private) long
getTimeout()
(package private) byte[]
getTlsChannelId()
(package private) byte[]
getTlsUnique()
(package private) java.lang.String
getVersion()
(package private) void
initialize(java.lang.String hostname, OpenSSLKey channelIdPrivateKey)
(package private) void
interrupt()
private boolean
isClient()
(package private) boolean
isClosed()
(package private) NativeSsl.BioWrapper
newBio()
(package private) static NativeSsl
newInstance(SSLParametersImpl parameters, NativeCrypto.SSLHandshakeCallbacks handshakeCallbacks, SSLParametersImpl.AliasChooser chooser, SSLParametersImpl.PSKCallbacks pskCallbacks)
(package private) void
offerToResumeSession(long sslSessionNativePointer)
(package private) int
read(java.io.FileDescriptor fd, byte[] buf, int offset, int len, int timeoutMillis)
(package private) int
readDirectByteBuffer(long destAddress, int destLength)
(package private) int
serverPSKKeyRequested(java.lang.String identityHint, java.lang.String identity, byte[] key)
private void
setCertificate(java.lang.String alias)
private void
setCertificateValidation()
(package private) void
setTimeout(long millis)
private void
setTlsChannelId(OpenSSLKey channelIdPrivateKey)
(package private) void
shutdown()
(package private) void
shutdown(java.io.FileDescriptor fd)
private void
verifyWithSniMatchers(java.lang.String serverName)
(package private) boolean
wasShutdownReceived()
(package private) boolean
wasShutdownSent()
(package private) void
write(java.io.FileDescriptor fd, byte[] buf, int offset, int len, int timeoutMillis)
(package private) int
writeDirectByteBuffer(long sourceAddress, int sourceLength)
-
-
-
Field Detail
-
parameters
private final SSLParametersImpl parameters
-
handshakeCallbacks
private final NativeCrypto.SSLHandshakeCallbacks handshakeCallbacks
-
aliasChooser
private final SSLParametersImpl.AliasChooser aliasChooser
-
pskCallbacks
private final SSLParametersImpl.PSKCallbacks pskCallbacks
-
localCertificates
private java.security.cert.X509Certificate[] localCertificates
-
lock
private final java.util.concurrent.locks.ReadWriteLock lock
-
ssl
private volatile long ssl
-
-
Constructor Detail
-
NativeSsl
private NativeSsl(long ssl, SSLParametersImpl parameters, NativeCrypto.SSLHandshakeCallbacks handshakeCallbacks, SSLParametersImpl.AliasChooser aliasChooser, SSLParametersImpl.PSKCallbacks pskCallbacks)
-
-
Method Detail
-
newInstance
static NativeSsl newInstance(SSLParametersImpl parameters, NativeCrypto.SSLHandshakeCallbacks handshakeCallbacks, SSLParametersImpl.AliasChooser chooser, SSLParametersImpl.PSKCallbacks pskCallbacks) throws javax.net.ssl.SSLException
- Throws:
javax.net.ssl.SSLException
-
newBio
NativeSsl.BioWrapper newBio()
-
offerToResumeSession
void offerToResumeSession(long sslSessionNativePointer) throws javax.net.ssl.SSLException
- Throws:
javax.net.ssl.SSLException
-
getSessionId
byte[] getSessionId()
-
getTime
long getTime()
-
getTimeout
long getTimeout()
-
setTimeout
void setTimeout(long millis)
-
getCipherSuite
java.lang.String getCipherSuite()
-
getPeerCertificates
java.security.cert.X509Certificate[] getPeerCertificates() throws java.security.cert.CertificateException
- Throws:
java.security.cert.CertificateException
-
getLocalCertificates
java.security.cert.X509Certificate[] getLocalCertificates()
-
getPeerCertificateOcspData
byte[] getPeerCertificateOcspData()
-
getTlsUnique
byte[] getTlsUnique()
-
exportKeyingMaterial
byte[] exportKeyingMaterial(java.lang.String label, byte[] context, int length) throws javax.net.ssl.SSLException
- Throws:
javax.net.ssl.SSLException
-
getPeerTlsSctData
byte[] getPeerTlsSctData()
-
clientPSKKeyRequested
int clientPSKKeyRequested(java.lang.String identityHint, byte[] identityBytesOut, byte[] key)
-
serverPSKKeyRequested
int serverPSKKeyRequested(java.lang.String identityHint, java.lang.String identity, byte[] key)
-
chooseClientCertificate
void chooseClientCertificate(byte[] keyTypeBytes, int[] signatureAlgs, byte[][] asn1DerEncodedPrincipals) throws javax.net.ssl.SSLException, java.security.cert.CertificateEncodingException
- Throws:
javax.net.ssl.SSLException
java.security.cert.CertificateEncodingException
-
setCertificate
private void setCertificate(java.lang.String alias) throws java.security.cert.CertificateEncodingException, javax.net.ssl.SSLException
- Throws:
java.security.cert.CertificateEncodingException
javax.net.ssl.SSLException
-
getVersion
java.lang.String getVersion()
-
getRequestedServerName
java.lang.String getRequestedServerName()
-
getTlsChannelId
byte[] getTlsChannelId() throws javax.net.ssl.SSLException
- Throws:
javax.net.ssl.SSLException
-
initialize
void initialize(java.lang.String hostname, OpenSSLKey channelIdPrivateKey) throws java.io.IOException
- Throws:
java.io.IOException
-
configureServerCertificate
void configureServerCertificate() throws java.io.IOException
- Throws:
java.io.IOException
-
verifyWithSniMatchers
private void verifyWithSniMatchers(java.lang.String serverName) throws javax.net.ssl.SSLHandshakeException
- Throws:
javax.net.ssl.SSLHandshakeException
-
getCipherKeyTypes
private java.util.Set<java.lang.String> getCipherKeyTypes()
-
doHandshake
void doHandshake(java.io.FileDescriptor fd, int timeoutMillis) throws java.security.cert.CertificateException, java.io.IOException
- Throws:
java.security.cert.CertificateException
java.io.IOException
-
doHandshake
int doHandshake() throws java.io.IOException
- Throws:
java.io.IOException
-
read
int read(java.io.FileDescriptor fd, byte[] buf, int offset, int len, int timeoutMillis) throws java.io.IOException
- Throws:
java.io.IOException
-
write
void write(java.io.FileDescriptor fd, byte[] buf, int offset, int len, int timeoutMillis) throws java.io.IOException
- Throws:
java.io.IOException
-
enablePSKKeyManagerIfRequested
private void enablePSKKeyManagerIfRequested() throws javax.net.ssl.SSLException
- Throws:
javax.net.ssl.SSLException
-
setTlsChannelId
private void setTlsChannelId(OpenSSLKey channelIdPrivateKey) throws javax.net.ssl.SSLException
- Throws:
javax.net.ssl.SSLException
-
setCertificateValidation
private void setCertificateValidation() throws javax.net.ssl.SSLException
- Throws:
javax.net.ssl.SSLException
-
interrupt
void interrupt()
-
shutdown
void shutdown(java.io.FileDescriptor fd) throws java.io.IOException
- Throws:
java.io.IOException
-
shutdown
void shutdown() throws java.io.IOException
- Throws:
java.io.IOException
-
wasShutdownReceived
boolean wasShutdownReceived()
-
wasShutdownSent
boolean wasShutdownSent()
-
readDirectByteBuffer
int readDirectByteBuffer(long destAddress, int destLength) throws java.io.IOException, java.security.cert.CertificateException
- Throws:
java.io.IOException
java.security.cert.CertificateException
-
writeDirectByteBuffer
int writeDirectByteBuffer(long sourceAddress, int sourceLength) throws java.io.IOException
- Throws:
java.io.IOException
-
forceRead
void forceRead() throws java.io.IOException
- Throws:
java.io.IOException
-
getPendingReadableBytes
int getPendingReadableBytes()
-
getMaxSealOverhead
int getMaxSealOverhead()
-
close
void close()
-
isClosed
boolean isClosed()
-
getError
int getError(int result)
-
getApplicationProtocol
byte[] getApplicationProtocol()
-
isClient
private boolean isClient()
-
finalize
protected final void finalize() throws java.lang.Throwable
- Overrides:
finalize
in classjava.lang.Object
- Throws:
java.lang.Throwable
-
-