Package org.conscrypt

Class NativeCrypto


  • @Internal
    public final class NativeCrypto
    extends java.lang.Object
    Provides the Java side of our JNI glue for OpenSSL.

    Note: Many methods in this class take a reference to a Java object that holds a native pointer in the form of a long in addition to the long itself and don't use the Java object in the native implementation. This is to prevent the Java object from becoming eligible for GC while the native method is executing. See this for more details.

    • Field Detail

      • loadError

        private static final java.lang.UnsatisfiedLinkError loadError
      • GN_STACK_SUBJECT_ALT_NAME

        static final int GN_STACK_SUBJECT_ALT_NAME
        Used to request get_X509_GENERAL_NAME_stack get the "altname" field.
        See Also:
        Constant Field Values
      • GN_STACK_ISSUER_ALT_NAME

        static final int GN_STACK_ISSUER_ALT_NAME
        Used to request get_X509_GENERAL_NAME_stack get the issuerAlternativeName extension.
        See Also:
        Constant Field Values
      • EXTENSION_TYPE_NON_CRITICAL

        static final int EXTENSION_TYPE_NON_CRITICAL
        Used to request only non-critical types in get_X509*_ext_oids.
        See Also:
        Constant Field Values
      • EXTENSION_TYPE_CRITICAL

        static final int EXTENSION_TYPE_CRITICAL
        Used to request only critical types in get_X509*_ext_oids.
        See Also:
        Constant Field Values
      • PKCS7_CERTS

        static final int PKCS7_CERTS
        Used as the "which" field in d2i_PKCS7_bio and PEM_read_bio_PKCS7.
        See Also:
        Constant Field Values
      • PKCS7_CRLS

        static final int PKCS7_CRLS
        Used as the "which" field in d2i_PKCS7_bio and PEM_read_bio_PKCS7.
        See Also:
        Constant Field Values
      • OBSOLETE_PROTOCOL_SSLV3

        static final java.lang.String OBSOLETE_PROTOCOL_SSLV3
        See Also:
        Constant Field Values
      • SUPPORTED_PROTOCOL_TLSV1

        private static final java.lang.String SUPPORTED_PROTOCOL_TLSV1
        See Also:
        Constant Field Values
      • SUPPORTED_PROTOCOL_TLSV1_1

        private static final java.lang.String SUPPORTED_PROTOCOL_TLSV1_1
        See Also:
        Constant Field Values
      • SUPPORTED_PROTOCOL_TLSV1_2

        private static final java.lang.String SUPPORTED_PROTOCOL_TLSV1_2
        See Also:
        Constant Field Values
      • SUPPORTED_PROTOCOL_TLSV1_3

        static final java.lang.String SUPPORTED_PROTOCOL_TLSV1_3
        See Also:
        Constant Field Values
      • SUPPORTED_TLS_1_3_CIPHER_SUITES

        static final java.lang.String[] SUPPORTED_TLS_1_3_CIPHER_SUITES
      • SUPPORTED_TLS_1_2_CIPHER_SUITES_SET

        static final java.util.Set<java.lang.String> SUPPORTED_TLS_1_2_CIPHER_SUITES_SET
      • SUPPORTED_LEGACY_CIPHER_SUITES_SET

        private static final java.util.Set<java.lang.String> SUPPORTED_LEGACY_CIPHER_SUITES_SET
      • SUPPORTED_TLS_1_3_CIPHER_SUITES_SET

        static final java.util.Set<java.lang.String> SUPPORTED_TLS_1_3_CIPHER_SUITES_SET
      • TLS_EMPTY_RENEGOTIATION_INFO_SCSV

        static final java.lang.String TLS_EMPTY_RENEGOTIATION_INFO_SCSV
        TLS_EMPTY_RENEGOTIATION_INFO_SCSV is RFC 5746's renegotiation indication signaling cipher suite value. It is not a real cipher suite. It is just an indication in the default and supported cipher suite lists indicates that the implementation supports secure renegotiation.

        In the RI, its presence means that the SCSV is sent in the cipher suite list to indicate secure renegotiation support and its absense means to send an empty TLS renegotiation info extension instead.

        However, OpenSSL doesn't provide an API to give this level of control, instead always sending the SCSV and always including the empty renegotiation info if TLS is used (as opposed to SSL). So we simply allow TLS_EMPTY_RENEGOTIATION_INFO_SCSV to be passed for compatibility as to provide the hint that we support secure renegotiation.

        See Also:
        Constant Field Values
      • TLS_FALLBACK_SCSV

        private static final java.lang.String TLS_FALLBACK_SCSV
        TLS_FALLBACK_SCSV is from https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 to indicate to the server that this is a fallback protocol request.
        See Also:
        Constant Field Values
      • HAS_AES_HARDWARE

        private static final boolean HAS_AES_HARDWARE
      • SUPPORTED_TLS_1_2_CIPHER_SUITES

        private static final java.lang.String[] SUPPORTED_TLS_1_2_CIPHER_SUITES
      • DEFAULT_X509_CIPHER_SUITES

        static final java.lang.String[] DEFAULT_X509_CIPHER_SUITES
        X.509 based cipher suites enabled by default (if requested), in preference order.
      • DEFAULT_PSK_CIPHER_SUITES

        static final java.lang.String[] DEFAULT_PSK_CIPHER_SUITES
        TLS-PSK cipher suites enabled by default (if requested), in preference order.
      • TLSV13_PROTOCOLS

        static final java.lang.String[] TLSV13_PROTOCOLS
        Protocols to enable by default when "TLSv1.3" is requested.
      • TLSV12_PROTOCOLS

        static final java.lang.String[] TLSV12_PROTOCOLS
        Protocols to enable by default when "TLSv1.2" is requested.
      • TLSV11_PROTOCOLS

        static final java.lang.String[] TLSV11_PROTOCOLS
        Protocols to enable by default when "TLSv1.1" is requested.
      • TLSV1_PROTOCOLS

        static final java.lang.String[] TLSV1_PROTOCOLS
        Protocols to enable by default when "TLSv1" is requested.
      • DEFAULT_PROTOCOLS

        static final java.lang.String[] DEFAULT_PROTOCOLS
      • SUPPORTED_PROTOCOLS

        private static final java.lang.String[] SUPPORTED_PROTOCOLS
    • Constructor Detail

      • NativeCrypto

        public NativeCrypto()
    • Method Detail

      • clinit

        private static void clinit()
      • checkAvailability

        static void checkAvailability()
        Checks to see whether or not the native library was successfully loaded. If not, throws the UnsatisfiedLinkError that was encountered while attempting to load the library.
      • EVP_PKEY_new_RSA

        static long EVP_PKEY_new_RSA​(byte[] n,
                                     byte[] e,
                                     byte[] d,
                                     byte[] p,
                                     byte[] q,
                                     byte[] dmp1,
                                     byte[] dmq1,
                                     byte[] iqmp)
      • EVP_PKEY_print_public

        static java.lang.String EVP_PKEY_print_public​(NativeRef.EVP_PKEY pkeyRef)
      • EVP_PKEY_print_params

        static java.lang.String EVP_PKEY_print_params​(NativeRef.EVP_PKEY pkeyRef)
      • EVP_PKEY_free

        static void EVP_PKEY_free​(long pkey)
      • EVP_marshal_private_key

        static byte[] EVP_marshal_private_key​(NativeRef.EVP_PKEY pkey)
      • EVP_marshal_public_key

        static byte[] EVP_marshal_public_key​(NativeRef.EVP_PKEY pkey)
      • PEM_read_bio_PUBKEY

        static long PEM_read_bio_PUBKEY​(long bioCtx)
      • PEM_read_bio_PrivateKey

        static long PEM_read_bio_PrivateKey​(long bioCtx)
      • getRSAPrivateKeyWrapper

        static long getRSAPrivateKeyWrapper​(java.security.PrivateKey key,
                                            byte[] modulus)
      • getECPrivateKeyWrapper

        static long getECPrivateKeyWrapper​(java.security.PrivateKey key,
                                           NativeRef.EC_GROUP ecGroupRef)
      • RSA_generate_key_ex

        static long RSA_generate_key_ex​(int modulusBits,
                                        byte[] publicExponent)
      • RSA_private_encrypt

        static int RSA_private_encrypt​(int flen,
                                       byte[] from,
                                       byte[] to,
                                       NativeRef.EVP_PKEY pkey,
                                       int padding)
      • RSA_public_decrypt

        static int RSA_public_decrypt​(int flen,
                                      byte[] from,
                                      byte[] to,
                                      NativeRef.EVP_PKEY pkey,
                                      int padding)
                               throws javax.crypto.BadPaddingException,
                                      java.security.SignatureException
        Throws:
        javax.crypto.BadPaddingException
        java.security.SignatureException
      • RSA_public_encrypt

        static int RSA_public_encrypt​(int flen,
                                      byte[] from,
                                      byte[] to,
                                      NativeRef.EVP_PKEY pkey,
                                      int padding)
      • RSA_private_decrypt

        static int RSA_private_decrypt​(int flen,
                                       byte[] from,
                                       byte[] to,
                                       NativeRef.EVP_PKEY pkey,
                                       int padding)
                                throws javax.crypto.BadPaddingException,
                                       java.security.SignatureException
        Throws:
        javax.crypto.BadPaddingException
        java.security.SignatureException
      • get_RSA_public_params

        static byte[][] get_RSA_public_params​(NativeRef.EVP_PKEY rsa)
        Returns:
        array of {n, e}
      • get_RSA_private_params

        static byte[][] get_RSA_private_params​(NativeRef.EVP_PKEY rsa)
        Returns:
        array of {n, e, d, p, q, dmp1, dmq1, iqmp}
      • chacha20_encrypt_decrypt

        static void chacha20_encrypt_decrypt​(byte[] in,
                                             int inOffset,
                                             byte[] out,
                                             int outOffset,
                                             int length,
                                             byte[] key,
                                             byte[] nonce,
                                             int blockCounter)
        Returns the encrypted or decrypted version of the data.
      • EC_GROUP_new_by_curve_name

        static long EC_GROUP_new_by_curve_name​(java.lang.String curveName)
      • EC_GROUP_new_arbitrary

        static long EC_GROUP_new_arbitrary​(byte[] p,
                                           byte[] a,
                                           byte[] b,
                                           byte[] x,
                                           byte[] y,
                                           byte[] order,
                                           int cofactor)
      • EC_GROUP_get_curve_name

        static java.lang.String EC_GROUP_get_curve_name​(NativeRef.EC_GROUP groupRef)
      • EC_GROUP_get_curve

        static byte[][] EC_GROUP_get_curve​(NativeRef.EC_GROUP groupRef)
      • EC_GROUP_clear_free

        static void EC_GROUP_clear_free​(long groupRef)
      • EC_GROUP_get_generator

        static long EC_GROUP_get_generator​(NativeRef.EC_GROUP groupRef)
      • EC_GROUP_get_cofactor

        static byte[] EC_GROUP_get_cofactor​(NativeRef.EC_GROUP groupRef)
      • EC_POINT_clear_free

        static void EC_POINT_clear_free​(long pointRef)
      • EC_KEY_get_private_key

        static byte[] EC_KEY_get_private_key​(NativeRef.EVP_PKEY keyRef)
      • EC_KEY_get_public_key

        static long EC_KEY_get_public_key​(NativeRef.EVP_PKEY keyRef)
      • EC_KEY_marshal_curve_name

        static byte[] EC_KEY_marshal_curve_name​(NativeRef.EC_GROUP groupRef)
                                         throws java.io.IOException
        Throws:
        java.io.IOException
      • EC_KEY_parse_curve_name

        static long EC_KEY_parse_curve_name​(byte[] encoded)
                                     throws java.io.IOException
        Throws:
        java.io.IOException
      • ECDH_compute_key

        static int ECDH_compute_key​(byte[] out,
                                    int outOffset,
                                    NativeRef.EVP_PKEY publicKeyRef,
                                    NativeRef.EVP_PKEY privateKeyRef)
                             throws java.security.InvalidKeyException,
                                    java.lang.IndexOutOfBoundsException
        Throws:
        java.security.InvalidKeyException
        java.lang.IndexOutOfBoundsException
      • ECDSA_sign

        static int ECDSA_sign​(byte[] data,
                              byte[] sig,
                              NativeRef.EVP_PKEY pkey)
      • ECDSA_verify

        static int ECDSA_verify​(byte[] data,
                                byte[] sig,
                                NativeRef.EVP_PKEY pkey)
      • EVP_get_digestbyname

        static long EVP_get_digestbyname​(java.lang.String name)
      • EVP_MD_size

        static int EVP_MD_size​(long evp_md_const)
      • EVP_MD_CTX_create

        static long EVP_MD_CTX_create()
      • EVP_MD_CTX_destroy

        static void EVP_MD_CTX_destroy​(long ctx)
      • EVP_DigestUpdate

        static void EVP_DigestUpdate​(NativeRef.EVP_MD_CTX ctx,
                                     byte[] buffer,
                                     int offset,
                                     int length)
      • EVP_DigestUpdateDirect

        static void EVP_DigestUpdateDirect​(NativeRef.EVP_MD_CTX ctx,
                                           long ptr,
                                           int length)
      • EVP_DigestFinal_ex

        static int EVP_DigestFinal_ex​(NativeRef.EVP_MD_CTX ctx,
                                      byte[] hash,
                                      int offset)
      • EVP_DigestSignUpdate

        static void EVP_DigestSignUpdate​(NativeRef.EVP_MD_CTX ctx,
                                         byte[] buffer,
                                         int offset,
                                         int length)
      • EVP_DigestSignUpdateDirect

        static void EVP_DigestSignUpdateDirect​(NativeRef.EVP_MD_CTX ctx,
                                               long ptr,
                                               int length)
      • EVP_DigestVerifyUpdate

        static void EVP_DigestVerifyUpdate​(NativeRef.EVP_MD_CTX ctx,
                                           byte[] buffer,
                                           int offset,
                                           int length)
      • EVP_DigestVerifyUpdateDirect

        static void EVP_DigestVerifyUpdateDirect​(NativeRef.EVP_MD_CTX ctx,
                                                 long ptr,
                                                 int length)
      • EVP_DigestVerifyFinal

        static boolean EVP_DigestVerifyFinal​(NativeRef.EVP_MD_CTX ctx,
                                             byte[] signature,
                                             int offset,
                                             int length)
                                      throws java.lang.IndexOutOfBoundsException
        Throws:
        java.lang.IndexOutOfBoundsException
      • EVP_PKEY_encrypt_init

        static long EVP_PKEY_encrypt_init​(NativeRef.EVP_PKEY pkey)
                                   throws java.security.InvalidKeyException
        Throws:
        java.security.InvalidKeyException
      • EVP_PKEY_encrypt

        static int EVP_PKEY_encrypt​(NativeRef.EVP_PKEY_CTX ctx,
                                    byte[] out,
                                    int outOffset,
                                    byte[] input,
                                    int inOffset,
                                    int inLength)
                             throws java.lang.IndexOutOfBoundsException,
                                    javax.crypto.BadPaddingException
        Throws:
        java.lang.IndexOutOfBoundsException
        javax.crypto.BadPaddingException
      • EVP_PKEY_decrypt_init

        static long EVP_PKEY_decrypt_init​(NativeRef.EVP_PKEY pkey)
                                   throws java.security.InvalidKeyException
        Throws:
        java.security.InvalidKeyException
      • EVP_PKEY_decrypt

        static int EVP_PKEY_decrypt​(NativeRef.EVP_PKEY_CTX ctx,
                                    byte[] out,
                                    int outOffset,
                                    byte[] input,
                                    int inOffset,
                                    int inLength)
                             throws java.lang.IndexOutOfBoundsException,
                                    javax.crypto.BadPaddingException
        Throws:
        java.lang.IndexOutOfBoundsException
        javax.crypto.BadPaddingException
      • EVP_PKEY_CTX_free

        static void EVP_PKEY_CTX_free​(long pkeyCtx)
      • EVP_PKEY_CTX_set_rsa_padding

        static void EVP_PKEY_CTX_set_rsa_padding​(long ctx,
                                                 int pad)
                                          throws java.security.InvalidAlgorithmParameterException
        Throws:
        java.security.InvalidAlgorithmParameterException
      • EVP_PKEY_CTX_set_rsa_pss_saltlen

        static void EVP_PKEY_CTX_set_rsa_pss_saltlen​(long ctx,
                                                     int len)
                                              throws java.security.InvalidAlgorithmParameterException
        Throws:
        java.security.InvalidAlgorithmParameterException
      • EVP_PKEY_CTX_set_rsa_mgf1_md

        static void EVP_PKEY_CTX_set_rsa_mgf1_md​(long ctx,
                                                 long evpMdRef)
                                          throws java.security.InvalidAlgorithmParameterException
        Throws:
        java.security.InvalidAlgorithmParameterException
      • EVP_PKEY_CTX_set_rsa_oaep_md

        static void EVP_PKEY_CTX_set_rsa_oaep_md​(long ctx,
                                                 long evpMdRef)
                                          throws java.security.InvalidAlgorithmParameterException
        Throws:
        java.security.InvalidAlgorithmParameterException
      • EVP_PKEY_CTX_set_rsa_oaep_label

        static void EVP_PKEY_CTX_set_rsa_oaep_label​(long ctx,
                                                    byte[] label)
                                             throws java.security.InvalidAlgorithmParameterException
        Throws:
        java.security.InvalidAlgorithmParameterException
      • EVP_get_cipherbyname

        static long EVP_get_cipherbyname​(java.lang.String string)
      • EVP_CipherInit_ex

        static void EVP_CipherInit_ex​(NativeRef.EVP_CIPHER_CTX ctx,
                                      long evpCipher,
                                      byte[] key,
                                      byte[] iv,
                                      boolean encrypting)
      • EVP_CipherUpdate

        static int EVP_CipherUpdate​(NativeRef.EVP_CIPHER_CTX ctx,
                                    byte[] out,
                                    int outOffset,
                                    byte[] in,
                                    int inOffset,
                                    int inLength)
                             throws java.lang.IndexOutOfBoundsException
        Throws:
        java.lang.IndexOutOfBoundsException
      • EVP_CipherFinal_ex

        static int EVP_CipherFinal_ex​(NativeRef.EVP_CIPHER_CTX ctx,
                                      byte[] out,
                                      int outOffset)
                               throws javax.crypto.BadPaddingException,
                                      javax.crypto.IllegalBlockSizeException
        Throws:
        javax.crypto.BadPaddingException
        javax.crypto.IllegalBlockSizeException
      • EVP_CIPHER_iv_length

        static int EVP_CIPHER_iv_length​(long evpCipher)
      • EVP_CIPHER_CTX_new

        static long EVP_CIPHER_CTX_new()
      • EVP_CIPHER_CTX_set_padding

        static void EVP_CIPHER_CTX_set_padding​(NativeRef.EVP_CIPHER_CTX ctx,
                                               boolean enablePadding)
      • EVP_CIPHER_CTX_set_key_length

        static void EVP_CIPHER_CTX_set_key_length​(NativeRef.EVP_CIPHER_CTX ctx,
                                                  int keyBitSize)
      • EVP_CIPHER_CTX_free

        static void EVP_CIPHER_CTX_free​(long ctx)
      • EVP_aead_aes_128_gcm

        static long EVP_aead_aes_128_gcm()
      • EVP_aead_aes_256_gcm

        static long EVP_aead_aes_256_gcm()
      • EVP_aead_chacha20_poly1305

        static long EVP_aead_chacha20_poly1305()
      • EVP_aead_aes_128_gcm_siv

        static long EVP_aead_aes_128_gcm_siv()
      • EVP_aead_aes_256_gcm_siv

        static long EVP_aead_aes_256_gcm_siv()
      • EVP_AEAD_max_overhead

        static int EVP_AEAD_max_overhead​(long evpAead)
      • EVP_AEAD_nonce_length

        static int EVP_AEAD_nonce_length​(long evpAead)
      • EVP_AEAD_CTX_seal

        static int EVP_AEAD_CTX_seal​(long evpAead,
                                     byte[] key,
                                     int tagLengthInBytes,
                                     byte[] out,
                                     int outOffset,
                                     byte[] nonce,
                                     byte[] in,
                                     int inOffset,
                                     int inLength,
                                     byte[] ad)
                              throws javax.crypto.ShortBufferException,
                                     javax.crypto.BadPaddingException
        Throws:
        javax.crypto.ShortBufferException
        javax.crypto.BadPaddingException
      • EVP_AEAD_CTX_seal_buf

        static int EVP_AEAD_CTX_seal_buf​(long evpAead,
                                         byte[] key,
                                         int tagLengthInBytes,
                                         java.nio.ByteBuffer out,
                                         byte[] nonce,
                                         java.nio.ByteBuffer input,
                                         byte[] ad)
                                  throws javax.crypto.ShortBufferException,
                                         javax.crypto.BadPaddingException
        Throws:
        javax.crypto.ShortBufferException
        javax.crypto.BadPaddingException
      • EVP_AEAD_CTX_open

        static int EVP_AEAD_CTX_open​(long evpAead,
                                     byte[] key,
                                     int tagLengthInBytes,
                                     byte[] out,
                                     int outOffset,
                                     byte[] nonce,
                                     byte[] in,
                                     int inOffset,
                                     int inLength,
                                     byte[] ad)
                              throws javax.crypto.ShortBufferException,
                                     javax.crypto.BadPaddingException
        Throws:
        javax.crypto.ShortBufferException
        javax.crypto.BadPaddingException
      • EVP_AEAD_CTX_open_buf

        static int EVP_AEAD_CTX_open_buf​(long evpAead,
                                         byte[] key,
                                         int tagLengthInBytes,
                                         java.nio.ByteBuffer out,
                                         byte[] nonce,
                                         java.nio.ByteBuffer input,
                                         byte[] ad)
                                  throws javax.crypto.ShortBufferException,
                                         javax.crypto.BadPaddingException
        Throws:
        javax.crypto.ShortBufferException
        javax.crypto.BadPaddingException
      • HMAC_CTX_new

        static long HMAC_CTX_new()
      • HMAC_CTX_free

        static void HMAC_CTX_free​(long ctx)
      • HMAC_Init_ex

        static void HMAC_Init_ex​(NativeRef.HMAC_CTX ctx,
                                 byte[] key,
                                 long evp_md)
      • HMAC_Update

        static void HMAC_Update​(NativeRef.HMAC_CTX ctx,
                                byte[] in,
                                int inOffset,
                                int inLength)
      • HMAC_UpdateDirect

        static void HMAC_UpdateDirect​(NativeRef.HMAC_CTX ctx,
                                      long inPtr,
                                      int inLength)
      • RAND_bytes

        static void RAND_bytes​(byte[] output)
      • X509_NAME_hash

        static int X509_NAME_hash​(javax.security.auth.x500.X500Principal principal)
      • X509_NAME_hash_old

        public static int X509_NAME_hash_old​(javax.security.auth.x500.X500Principal principal)
      • X509_NAME_hash

        private static int X509_NAME_hash​(javax.security.auth.x500.X500Principal principal,
                                          java.lang.String algorithm)
      • d2i_X509_bio

        static long d2i_X509_bio​(long bioCtx)
      • PEM_read_bio_X509

        static long PEM_read_bio_X509​(long bioCtx)
      • i2d_X509_PUBKEY

        static byte[] i2d_X509_PUBKEY​(long x509ctx,
                                      OpenSSLX509Certificate holder)
        Takes an X509 context not an X509_PUBKEY context.
      • ASN1_seq_pack_X509

        static byte[] ASN1_seq_pack_X509​(long[] x509CertRefs)
      • X509_print_ex

        static void X509_print_ex​(long bioCtx,
                                  long x509ctx,
                                  OpenSSLX509Certificate holder,
                                  long nmflag,
                                  long certflag)
      • X509_get_subject_name

        static byte[] X509_get_subject_name​(long x509ctx,
                                            OpenSSLX509Certificate holder)
      • get_X509_sig_alg_oid

        static java.lang.String get_X509_sig_alg_oid​(long x509ctx,
                                                     OpenSSLX509Certificate holder)
      • get_X509_sig_alg_parameter

        static byte[] get_X509_sig_alg_parameter​(long x509ctx,
                                                 OpenSSLX509Certificate holder)
      • get_X509_subjectUID

        static boolean[] get_X509_subjectUID​(long x509ctx,
                                             OpenSSLX509Certificate holder)
      • X509_get_pubkey

        static long X509_get_pubkey​(long x509ctx,
                                    OpenSSLX509Certificate holder)
                             throws java.security.NoSuchAlgorithmException,
                                    java.security.InvalidKeyException
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
      • get_X509_pubkey_oid

        static java.lang.String get_X509_pubkey_oid​(long x509ctx,
                                                    OpenSSLX509Certificate holder)
      • X509_get_ext_oid

        static byte[] X509_get_ext_oid​(long x509ctx,
                                       OpenSSLX509Certificate holder,
                                       java.lang.String oid)
      • get_X509_ext_oids

        static java.lang.String[] get_X509_ext_oids​(long x509ctx,
                                                    OpenSSLX509Certificate holder,
                                                    int critical)
      • get_X509_GENERAL_NAME_stack

        static java.lang.Object[][] get_X509_GENERAL_NAME_stack​(long x509ctx,
                                                                OpenSSLX509Certificate holder,
                                                                int type)
                                                         throws java.security.cert.CertificateParsingException
        Throws:
        java.security.cert.CertificateParsingException
      • get_X509_ex_xkusage

        static java.lang.String[] get_X509_ex_xkusage​(long x509ctx,
                                                      OpenSSLX509Certificate holder)
      • X509_get_serialNumber

        static byte[] X509_get_serialNumber​(long x509ctx,
                                            OpenSSLX509Certificate holder)
      • get_X509_cert_info_enc

        static byte[] get_X509_cert_info_enc​(long x509ctx,
                                             OpenSSLX509Certificate holder)
      • i2d_PKCS7

        static byte[] i2d_PKCS7​(long[] certs)
        Returns an array of X509 or X509_CRL pointers.
      • PEM_read_bio_PKCS7

        static long[] PEM_read_bio_PKCS7​(long bioCtx,
                                         int which)
        Returns an array of X509 or X509_CRL pointers.
      • d2i_X509_CRL_bio

        static long d2i_X509_CRL_bio​(long bioCtx)
      • PEM_read_bio_X509_CRL

        static long PEM_read_bio_X509_CRL​(long bioCtx)
      • i2d_X509_CRL

        static byte[] i2d_X509_CRL​(long x509CrlCtx,
                                   OpenSSLX509CRL holder)
      • X509_CRL_free

        static void X509_CRL_free​(long x509CrlCtx,
                                  OpenSSLX509CRL holder)
      • X509_CRL_print

        static void X509_CRL_print​(long bioCtx,
                                   long x509CrlCtx,
                                   OpenSSLX509CRL holder)
      • get_X509_CRL_sig_alg_oid

        static java.lang.String get_X509_CRL_sig_alg_oid​(long x509CrlCtx,
                                                         OpenSSLX509CRL holder)
      • get_X509_CRL_sig_alg_parameter

        static byte[] get_X509_CRL_sig_alg_parameter​(long x509CrlCtx,
                                                     OpenSSLX509CRL holder)
      • X509_CRL_get_issuer_name

        static byte[] X509_CRL_get_issuer_name​(long x509CrlCtx,
                                               OpenSSLX509CRL holder)
      • X509_CRL_get0_by_cert

        static long X509_CRL_get0_by_cert​(long x509CrlCtx,
                                          OpenSSLX509CRL holder,
                                          long x509Ctx,
                                          OpenSSLX509Certificate holder2)
        Returns X509_REVOKED reference that is not duplicated!
      • X509_CRL_get0_by_serial

        static long X509_CRL_get0_by_serial​(long x509CrlCtx,
                                            OpenSSLX509CRL holder,
                                            byte[] serial)
        Returns X509_REVOKED reference that is not duplicated!
      • X509_CRL_get_REVOKED

        static long[] X509_CRL_get_REVOKED​(long x509CrlCtx,
                                           OpenSSLX509CRL holder)
        Returns an array of X509_REVOKED that are owned by the caller.
      • get_X509_CRL_ext_oids

        static java.lang.String[] get_X509_CRL_ext_oids​(long x509Crlctx,
                                                        OpenSSLX509CRL holder,
                                                        int critical)
      • X509_CRL_get_ext_oid

        static byte[] X509_CRL_get_ext_oid​(long x509CrlCtx,
                                           OpenSSLX509CRL holder,
                                           java.lang.String oid)
      • X509_delete_ext

        static void X509_delete_ext​(long x509,
                                    OpenSSLX509Certificate holder,
                                    java.lang.String oid)
      • X509_CRL_get_version

        static long X509_CRL_get_version​(long x509CrlCtx,
                                         OpenSSLX509CRL holder)
      • X509_CRL_get_ext

        static long X509_CRL_get_ext​(long x509CrlCtx,
                                     OpenSSLX509CRL holder,
                                     java.lang.String oid)
      • get_X509_CRL_signature

        static byte[] get_X509_CRL_signature​(long x509ctx,
                                             OpenSSLX509CRL holder)
      • X509_CRL_verify

        static void X509_CRL_verify​(long x509CrlCtx,
                                    OpenSSLX509CRL holder,
                                    NativeRef.EVP_PKEY pkeyCtx)
                             throws javax.crypto.BadPaddingException,
                                    java.security.SignatureException,
                                    java.security.NoSuchAlgorithmException,
                                    java.security.InvalidKeyException,
                                    javax.crypto.IllegalBlockSizeException
        Throws:
        javax.crypto.BadPaddingException
        java.security.SignatureException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
        javax.crypto.IllegalBlockSizeException
      • get_X509_CRL_crl_enc

        static byte[] get_X509_CRL_crl_enc​(long x509CrlCtx,
                                           OpenSSLX509CRL holder)
      • X509_CRL_get_lastUpdate

        static long X509_CRL_get_lastUpdate​(long x509CrlCtx,
                                            OpenSSLX509CRL holder)
      • X509_CRL_get_nextUpdate

        static long X509_CRL_get_nextUpdate​(long x509CrlCtx,
                                            OpenSSLX509CRL holder)
      • X509_REVOKED_dup

        static long X509_REVOKED_dup​(long x509RevokedCtx)
      • i2d_X509_REVOKED

        static byte[] i2d_X509_REVOKED​(long x509RevokedCtx)
      • get_X509_REVOKED_ext_oids

        static java.lang.String[] get_X509_REVOKED_ext_oids​(long x509ctx,
                                                            int critical)
      • X509_REVOKED_get_ext_oid

        static byte[] X509_REVOKED_get_ext_oid​(long x509RevokedCtx,
                                               java.lang.String oid)
      • X509_REVOKED_get_serialNumber

        static byte[] X509_REVOKED_get_serialNumber​(long x509RevokedCtx)
      • X509_REVOKED_get_ext

        static long X509_REVOKED_get_ext​(long x509RevokedCtx,
                                         java.lang.String oid)
      • get_X509_REVOKED_revocationDate

        static long get_X509_REVOKED_revocationDate​(long x509RevokedCtx)
        Returns ASN1_TIME reference.
      • X509_REVOKED_print

        static void X509_REVOKED_print​(long bioRef,
                                       long x509RevokedCtx)
      • X509_supported_extension

        static int X509_supported_extension​(long x509ExtensionRef)
      • asn1_read_init

        static long asn1_read_init​(byte[] val)
                            throws java.io.IOException
        Allocates and returns an opaque reference to an object that can be used with other asn1_read_* functions to read the ASN.1-encoded data in val. The returned object must be freed after use by calling asn1_read_free.
        Throws:
        java.io.IOException
      • asn1_read_sequence

        static long asn1_read_sequence​(long cbsRef)
                                throws java.io.IOException
        Allocates and returns an opaque reference to an object that can be used with other asn1_read_* functions to read the ASN.1 sequence pointed to by cbsRef. The returned object must be freed after use by calling asn1_read_free.
        Throws:
        java.io.IOException
      • asn1_read_next_tag_is

        static boolean asn1_read_next_tag_is​(long cbsRef,
                                             int tag)
                                      throws java.io.IOException
        Returns whether the next object in the given reference is explicitly tagged with the given tag number.
        Throws:
        java.io.IOException
      • asn1_read_tagged

        static long asn1_read_tagged​(long cbsRef)
                              throws java.io.IOException
        Allocates and returns an opaque reference to an object that can be used with other asn1_read_* functions to read the ASN.1 data pointed to by cbsRef. The returned object must be freed after use by calling asn1_read_free.
        Throws:
        java.io.IOException
      • asn1_read_octetstring

        static byte[] asn1_read_octetstring​(long cbsRef)
                                     throws java.io.IOException
        Returns the contents of an ASN.1 octet string from the given reference.
        Throws:
        java.io.IOException
      • asn1_read_uint64

        static long asn1_read_uint64​(long cbsRef)
                              throws java.io.IOException
        Returns an ASN.1 integer from the given reference. If the integer doesn't fit in a uint64, this method will throw an IOException.
        Throws:
        java.io.IOException
      • asn1_read_null

        static void asn1_read_null​(long cbsRef)
                            throws java.io.IOException
        Consumes an ASN.1 NULL from the given reference.
        Throws:
        java.io.IOException
      • asn1_read_oid

        static java.lang.String asn1_read_oid​(long cbsRef)
                                       throws java.io.IOException
        Returns an ASN.1 OID in dotted-decimal notation (eg, "1.3.14.3.2.26" for SHA-1) from the given reference.
        Throws:
        java.io.IOException
      • asn1_read_is_empty

        static boolean asn1_read_is_empty​(long cbsRef)
        Returns whether or not the given reference has been read completely.
      • asn1_read_free

        static void asn1_read_free​(long cbsRef)
        Frees any resources associated with the given reference. After calling, the reference must not be used again. This may be called with a zero reference, in which case nothing will be done.
      • asn1_write_init

        static long asn1_write_init()
                             throws java.io.IOException
        Allocates and returns an opaque reference to an object that can be used with other asn1_write_* functions to write ASN.1-encoded data. The returned object must be finalized after use by calling either asn1_write_finish or asn1_write_cleanup, and its resources must be freed by calling asn1_write_free.
        Throws:
        java.io.IOException
      • asn1_write_sequence

        static long asn1_write_sequence​(long cbbRef)
                                 throws java.io.IOException
        Allocates and returns an opaque reference to an object that can be used with other asn1_write_* functions to write an ASN.1 sequence into the given reference. The returned reference may only be used until the next call on the parent reference. The returned object must be freed after use by calling asn1_write_free.
        Throws:
        java.io.IOException
      • asn1_write_tag

        static long asn1_write_tag​(long cbbRef,
                                   int tag)
                            throws java.io.IOException
        Allocates and returns an opaque reference to an object that can be used with other asn1_write_* functions to write a explicitly-tagged ASN.1 object with the given tag into the given reference. The returned reference may only be used until the next call on the parent reference. The returned object must be freed after use by calling asn1_write_free.
        Throws:
        java.io.IOException
      • asn1_write_octetstring

        static void asn1_write_octetstring​(long cbbRef,
                                           byte[] data)
                                    throws java.io.IOException
        Writes the given data into the given reference as an ASN.1-encoded octet string.
        Throws:
        java.io.IOException
      • asn1_write_uint64

        static void asn1_write_uint64​(long cbbRef,
                                      long value)
                               throws java.io.IOException
        Writes the given value into the given reference as an ASN.1-encoded integer.
        Throws:
        java.io.IOException
      • asn1_write_null

        static void asn1_write_null​(long cbbRef)
                             throws java.io.IOException
        Writes a NULL value into the given reference.
        Throws:
        java.io.IOException
      • asn1_write_oid

        static void asn1_write_oid​(long cbbRef,
                                   java.lang.String oid)
                            throws java.io.IOException
        Writes the given OID (which must be in dotted-decimal notation) into the given reference.
        Throws:
        java.io.IOException
      • asn1_write_flush

        static void asn1_write_flush​(long cbbRef)
                              throws java.io.IOException
        Flushes the given reference, invalidating any child references and completing their operations. This must be called if the child references are to be freed before asn1_write_finish is called on the ultimate parent. The child references must still be freed.
        Throws:
        java.io.IOException
      • asn1_write_finish

        static byte[] asn1_write_finish​(long cbbRef)
                                 throws java.io.IOException
        Completes any in-progress operations and returns the ASN.1-encoded data. Either this or asn1_write_cleanup must be called on any reference returned from asn1_write_init before it is freed.
        Throws:
        java.io.IOException
      • asn1_write_cleanup

        static void asn1_write_cleanup​(long cbbRef)
        Cleans up intermediate state in the given reference. Either this or asn1_write_finish must be called on any reference returned from asn1_write_init before it is freed.
      • asn1_write_free

        static void asn1_write_free​(long cbbRef)
        Frees resources associated with the given reference. After calling, the reference must not be used again. This may be called with a zero reference, in which case nothing will be done.
      • create_BIO_InputStream

        static long create_BIO_InputStream​(OpenSSLBIOInputStream is,
                                           boolean isFinite)
      • create_BIO_OutputStream

        static long create_BIO_OutputStream​(java.io.OutputStream os)
      • BIO_free_all

        static void BIO_free_all​(long bioRef)
      • cipherSuiteToJava

        static java.lang.String cipherSuiteToJava​(java.lang.String cipherSuite)
      • cipherSuiteFromJava

        static java.lang.String cipherSuiteFromJava​(java.lang.String javaCipherSuite)
      • EVP_has_aes_hardware

        static int EVP_has_aes_hardware()
        Returns 1 if the BoringSSL believes the CPU has AES accelerated hardware instructions. Used to determine cipher suite ordering.
      • SSL_CTX_new

        static long SSL_CTX_new()
      • getSupportedCipherSuites

        static java.lang.String[] getSupportedCipherSuites()
      • SSL_CTX_set_session_id_context

        static void SSL_CTX_set_session_id_context​(long ssl_ctx,
                                                   AbstractSessionContext holder,
                                                   byte[] sid_ctx)
      • SSL_CTX_set_timeout

        static long SSL_CTX_set_timeout​(long ssl_ctx,
                                        AbstractSessionContext holder,
                                        long seconds)
      • SSL_new

        static long SSL_new​(long ssl_ctx,
                            AbstractSessionContext holder)
                     throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • SSL_enable_tls_channel_id

        static void SSL_enable_tls_channel_id​(long ssl,
                                              NativeSsl ssl_holder)
                                       throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • SSL_get_tls_channel_id

        static byte[] SSL_get_tls_channel_id​(long ssl,
                                             NativeSsl ssl_holder)
                                      throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • setLocalCertsAndPrivateKey

        static void setLocalCertsAndPrivateKey​(long ssl,
                                               NativeSsl ssl_holder,
                                               byte[][] encodedCertificates,
                                               NativeRef.EVP_PKEY pkey)
                                        throws javax.net.ssl.SSLException
        Sets the local certificates and private key.
        Parameters:
        ssl - the SSL reference.
        encodedCertificates - the encoded form of the local certificate chain.
        pkey - a reference to the private key.
        Throws:
        javax.net.ssl.SSLException - if a problem occurs setting the cert/key.
      • SSL_set_client_CA_list

        static void SSL_set_client_CA_list​(long ssl,
                                           NativeSsl ssl_holder,
                                           byte[][] asn1DerEncodedX500Principals)
                                    throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • SSL_set_mode

        static long SSL_set_mode​(long ssl,
                                 NativeSsl ssl_holder,
                                 long mode)
      • SSL_set_options

        static long SSL_set_options​(long ssl,
                                    NativeSsl ssl_holder,
                                    long options)
      • SSL_clear_options

        static long SSL_clear_options​(long ssl,
                                      NativeSsl ssl_holder,
                                      long options)
      • SSL_set_protocol_versions

        static int SSL_set_protocol_versions​(long ssl,
                                             NativeSsl ssl_holder,
                                             int min_version,
                                             int max_version)
      • SSL_enable_signed_cert_timestamps

        static void SSL_enable_signed_cert_timestamps​(long ssl,
                                                      NativeSsl ssl_holder)
      • SSL_get_signed_cert_timestamp_list

        static byte[] SSL_get_signed_cert_timestamp_list​(long ssl,
                                                         NativeSsl ssl_holder)
      • SSL_set_signed_cert_timestamp_list

        static void SSL_set_signed_cert_timestamp_list​(long ssl,
                                                       NativeSsl ssl_holder,
                                                       byte[] list)
      • SSL_enable_ocsp_stapling

        static void SSL_enable_ocsp_stapling​(long ssl,
                                             NativeSsl ssl_holder)
      • SSL_get_ocsp_response

        static byte[] SSL_get_ocsp_response​(long ssl,
                                            NativeSsl ssl_holder)
      • SSL_set_ocsp_response

        static void SSL_set_ocsp_response​(long ssl,
                                          NativeSsl ssl_holder,
                                          byte[] response)
      • SSL_get_tls_unique

        static byte[] SSL_get_tls_unique​(long ssl,
                                         NativeSsl ssl_holder)
      • SSL_export_keying_material

        static byte[] SSL_export_keying_material​(long ssl,
                                                 NativeSsl ssl_holder,
                                                 byte[] label,
                                                 byte[] context,
                                                 int num_bytes)
                                          throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • SSL_use_psk_identity_hint

        static void SSL_use_psk_identity_hint​(long ssl,
                                              NativeSsl ssl_holder,
                                              java.lang.String identityHint)
                                       throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • set_SSL_psk_client_callback_enabled

        static void set_SSL_psk_client_callback_enabled​(long ssl,
                                                        NativeSsl ssl_holder,
                                                        boolean enabled)
      • set_SSL_psk_server_callback_enabled

        static void set_SSL_psk_server_callback_enabled​(long ssl,
                                                        NativeSsl ssl_holder,
                                                        boolean enabled)
      • getSupportedProtocols

        static java.lang.String[] getSupportedProtocols()
      • getProtocolRange

        private static NativeCrypto.Range getProtocolRange​(java.lang.String[] protocols)
      • setEnabledProtocols

        static void setEnabledProtocols​(long ssl,
                                        NativeSsl ssl_holder,
                                        java.lang.String[] protocols)
      • getProtocolConstant

        private static int getProtocolConstant​(java.lang.String protocol)
      • checkEnabledProtocols

        static java.lang.String[] checkEnabledProtocols​(java.lang.String[] protocols)
      • SSL_set_cipher_lists

        static void SSL_set_cipher_lists​(long ssl,
                                         NativeSsl ssl_holder,
                                         java.lang.String[] ciphers)
      • SSL_get_ciphers

        static long[] SSL_get_ciphers​(long ssl,
                                      NativeSsl ssl_holder)
        Gets the list of cipher suites enabled for the provided SSL instance.
        Returns:
        array of SSL_CIPHER references.
      • setEnabledCipherSuites

        static void setEnabledCipherSuites​(long ssl,
                                           NativeSsl ssl_holder,
                                           java.lang.String[] cipherSuites,
                                           java.lang.String[] protocols)
      • checkEnabledCipherSuites

        static java.lang.String[] checkEnabledCipherSuites​(java.lang.String[] cipherSuites)
      • SSL_set_accept_state

        static void SSL_set_accept_state​(long ssl,
                                         NativeSsl ssl_holder)
      • SSL_set_connect_state

        static void SSL_set_connect_state​(long ssl,
                                          NativeSsl ssl_holder)
      • SSL_set_verify

        static void SSL_set_verify​(long ssl,
                                   NativeSsl ssl_holder,
                                   int mode)
      • SSL_set_session

        static void SSL_set_session​(long ssl,
                                    NativeSsl ssl_holder,
                                    long sslSessionNativePointer)
                             throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • SSL_set_session_creation_enabled

        static void SSL_set_session_creation_enabled​(long ssl,
                                                     NativeSsl ssl_holder,
                                                     boolean creationEnabled)
                                              throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • SSL_session_reused

        static boolean SSL_session_reused​(long ssl,
                                          NativeSsl ssl_holder)
      • SSL_accept_renegotiations

        static void SSL_accept_renegotiations​(long ssl,
                                              NativeSsl ssl_holder)
                                       throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • SSL_set_tlsext_host_name

        static void SSL_set_tlsext_host_name​(long ssl,
                                             NativeSsl ssl_holder,
                                             java.lang.String hostname)
                                      throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • SSL_get_servername

        static java.lang.String SSL_get_servername​(long ssl,
                                                   NativeSsl ssl_holder)
      • SSL_do_handshake

        static void SSL_do_handshake​(long ssl,
                                     NativeSsl ssl_holder,
                                     java.io.FileDescriptor fd,
                                     NativeCrypto.SSLHandshakeCallbacks shc,
                                     int timeoutMillis)
                              throws javax.net.ssl.SSLException,
                                     java.net.SocketTimeoutException,
                                     java.security.cert.CertificateException
        Throws:
        javax.net.ssl.SSLException
        java.net.SocketTimeoutException
        java.security.cert.CertificateException
      • SSL_get_current_cipher

        public static java.lang.String SSL_get_current_cipher​(long ssl,
                                                              NativeSsl ssl_holder)
      • SSL_get_version

        public static java.lang.String SSL_get_version​(long ssl,
                                                       NativeSsl ssl_holder)
      • SSL_get0_peer_certificates

        static byte[][] SSL_get0_peer_certificates​(long ssl,
                                                   NativeSsl ssl_holder)
        Returns the peer certificate chain.
      • SSL_read

        static int SSL_read​(long ssl,
                            NativeSsl ssl_holder,
                            java.io.FileDescriptor fd,
                            NativeCrypto.SSLHandshakeCallbacks shc,
                            byte[] b,
                            int off,
                            int len,
                            int readTimeoutMillis)
                     throws java.io.IOException
        Reads with the native SSL_read function from the encrypted data stream
        Returns:
        -1 if error or the end of the stream is reached.
        Throws:
        java.io.IOException
      • SSL_write

        static void SSL_write​(long ssl,
                              NativeSsl ssl_holder,
                              java.io.FileDescriptor fd,
                              NativeCrypto.SSLHandshakeCallbacks shc,
                              byte[] b,
                              int off,
                              int len,
                              int writeTimeoutMillis)
                       throws java.io.IOException
        Writes with the native SSL_write function to the encrypted data stream.
        Throws:
        java.io.IOException
      • SSL_interrupt

        static void SSL_interrupt​(long ssl,
                                  NativeSsl ssl_holder)
      • SSL_get_shutdown

        static int SSL_get_shutdown​(long ssl,
                                    NativeSsl ssl_holder)
      • SSL_free

        static void SSL_free​(long ssl,
                             NativeSsl ssl_holder)
      • SSL_get_time

        static long SSL_get_time​(long ssl,
                                 NativeSsl ssl_holder)
      • SSL_set_timeout

        static long SSL_set_timeout​(long ssl,
                                    NativeSsl ssl_holder,
                                    long millis)
      • SSL_get_timeout

        static long SSL_get_timeout​(long ssl,
                                    NativeSsl ssl_holder)
      • SSL_get_signature_algorithm_key_type

        static int SSL_get_signature_algorithm_key_type​(int signatureAlg)
      • SSL_session_id

        static byte[] SSL_session_id​(long ssl,
                                     NativeSsl ssl_holder)
      • SSL_SESSION_session_id

        static byte[] SSL_SESSION_session_id​(long sslSessionNativePointer)
      • SSL_SESSION_get_time

        static long SSL_SESSION_get_time​(long sslSessionNativePointer)
      • SSL_SESSION_get_timeout

        static long SSL_SESSION_get_timeout​(long sslSessionNativePointer)
      • SSL_SESSION_get_version

        static java.lang.String SSL_SESSION_get_version​(long sslSessionNativePointer)
      • SSL_SESSION_cipher

        static java.lang.String SSL_SESSION_cipher​(long sslSessionNativePointer)
      • SSL_SESSION_should_be_single_use

        static boolean SSL_SESSION_should_be_single_use​(long sslSessionNativePointer)
      • SSL_SESSION_up_ref

        static void SSL_SESSION_up_ref​(long sslSessionNativePointer)
      • SSL_SESSION_free

        static void SSL_SESSION_free​(long sslSessionNativePointer)
      • i2d_SSL_SESSION

        static byte[] i2d_SSL_SESSION​(long sslSessionNativePointer)
      • d2i_SSL_SESSION

        static long d2i_SSL_SESSION​(byte[] data)
                             throws java.io.IOException
        Throws:
        java.io.IOException
      • SSL_CIPHER_get_kx_name

        static java.lang.String SSL_CIPHER_get_kx_name​(long cipherAddress)
      • get_cipher_names

        static java.lang.String[] get_cipher_names​(java.lang.String selection)
      • get_ocsp_single_extension

        public static byte[] get_ocsp_single_extension​(byte[] ocspResponse,
                                                       java.lang.String oid,
                                                       long x509Ref,
                                                       OpenSSLX509Certificate holder,
                                                       long issuerX509Ref,
                                                       OpenSSLX509Certificate holder2)
      • getDirectBufferAddress

        static long getDirectBufferAddress​(java.nio.Buffer buf)
        Returns the starting address of the memory region referenced by the provided direct Buffer or 0 if the provided buffer is not direct or if such access to direct buffers is not supported by the platform.

        NOTE: This method ignores the buffer's current position.

      • SSL_BIO_new

        static long SSL_BIO_new​(long ssl,
                                NativeSsl ssl_holder)
                         throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException
      • SSL_get_error

        static int SSL_get_error​(long ssl,
                                 NativeSsl ssl_holder,
                                 int ret)
      • SSL_clear_error

        static void SSL_clear_error()
      • SSL_pending_readable_bytes

        static int SSL_pending_readable_bytes​(long ssl,
                                              NativeSsl ssl_holder)
      • SSL_pending_written_bytes_in_BIO

        static int SSL_pending_written_bytes_in_BIO​(long bio)
      • SSL_max_seal_overhead

        static int SSL_max_seal_overhead​(long ssl,
                                         NativeSsl ssl_holder)
        Returns the maximum overhead, in bytes, of sealing a record with SSL.
      • setApplicationProtocols

        static void setApplicationProtocols​(long ssl,
                                            NativeSsl ssl_holder,
                                            boolean client,
                                            byte[] protocols)
                                     throws java.io.IOException
        Enables ALPN for this TLS endpoint and sets the list of supported ALPN protocols in wire-format (length-prefixed 8-bit strings).
        Throws:
        java.io.IOException
      • getApplicationProtocol

        static byte[] getApplicationProtocol​(long ssl,
                                             NativeSsl ssl_holder)
        Returns the selected ALPN protocol. If the server did not select a protocol, null will be returned.
      • ENGINE_SSL_read_direct

        static int ENGINE_SSL_read_direct​(long ssl,
                                          NativeSsl ssl_holder,
                                          long address,
                                          int length,
                                          NativeCrypto.SSLHandshakeCallbacks shc)
                                   throws java.io.IOException,
                                          java.security.cert.CertificateException
        Returns:
        if positive, represents the number of bytes read into the given buffer. Returns -SSL_ERROR_WANT_READ if more data is needed. Returns -SSL_ERROR_WANT_WRITE if data needs to be written out to flush the BIO.
        Throws:
        java.io.InterruptedIOException - if the read was interrupted.
        java.io.EOFException - if the end of stream has been reached.
        java.security.cert.CertificateException - if the application's certificate verification callback failed. Only occurs during handshake processing.
        javax.net.ssl.SSLException - if any other error occurs.
        java.io.IOException
      • ENGINE_SSL_write_BIO_direct

        static int ENGINE_SSL_write_BIO_direct​(long ssl,
                                               NativeSsl ssl_holder,
                                               long bioRef,
                                               long pos,
                                               int length,
                                               NativeCrypto.SSLHandshakeCallbacks shc)
                                        throws java.io.IOException
        Writes data from the given direct ByteBuffer to the BIO.
        Throws:
        java.io.IOException
      • ENGINE_SSL_write_BIO_heap

        static int ENGINE_SSL_write_BIO_heap​(long ssl,
                                             NativeSsl ssl_holder,
                                             long bioRef,
                                             byte[] sourceJava,
                                             int sourceOffset,
                                             int sourceLength,
                                             NativeCrypto.SSLHandshakeCallbacks shc)
                                      throws java.io.IOException,
                                             java.lang.IndexOutOfBoundsException
        Writes data from the given array to the BIO.
        Throws:
        java.io.IOException
        java.lang.IndexOutOfBoundsException
      • ENGINE_SSL_read_BIO_direct

        static int ENGINE_SSL_read_BIO_direct​(long ssl,
                                              NativeSsl ssl_holder,
                                              long bioRef,
                                              long address,
                                              int len,
                                              NativeCrypto.SSLHandshakeCallbacks shc)
                                       throws java.io.IOException
        Reads data from the given BIO into a direct ByteBuffer.
        Throws:
        java.io.IOException
      • ENGINE_SSL_read_BIO_heap

        static int ENGINE_SSL_read_BIO_heap​(long ssl,
                                            NativeSsl ssl_holder,
                                            long bioRef,
                                            byte[] destJava,
                                            int destOffset,
                                            int destLength,
                                            NativeCrypto.SSLHandshakeCallbacks shc)
                                     throws java.io.IOException,
                                            java.lang.IndexOutOfBoundsException
        Reads data from the given BIO into an array.
        Throws:
        java.io.IOException
        java.lang.IndexOutOfBoundsException
      • ENGINE_SSL_force_read

        static void ENGINE_SSL_force_read​(long ssl,
                                          NativeSsl ssl_holder,
                                          NativeCrypto.SSLHandshakeCallbacks shc)
                                   throws java.io.IOException
        Forces the SSL object to process any data pending in the BIO.
        Throws:
        java.io.IOException
      • BIO_read

        static int BIO_read​(long bioRef,
                            byte[] buffer)
                     throws java.io.IOException
        Used for testing only.
        Throws:
        java.io.IOException
      • BIO_write

        static void BIO_write​(long bioRef,
                              byte[] buffer,
                              int offset,
                              int length)
                       throws java.io.IOException,
                              java.lang.IndexOutOfBoundsException
        Throws:
        java.io.IOException
        java.lang.IndexOutOfBoundsException
      • SSL_clear_mode

        static long SSL_clear_mode​(long ssl,
                                   NativeSsl ssl_holder,
                                   long mode)
      • SSL_get_mode

        static long SSL_get_mode​(long ssl,
                                 NativeSsl ssl_holder)
      • SSL_get_options

        static long SSL_get_options​(long ssl,
                                    NativeSsl ssl_holder)
      • SSL_get1_session

        static long SSL_get1_session​(long ssl,
                                     NativeSsl ssl_holder)