Package org.apache.tomcat.jni
Class SSL
- java.lang.Object
-
- org.apache.tomcat.jni.SSL
-
public final class SSL extends java.lang.Object
SSL
-
-
Field Summary
-
Constructor Summary
Constructors Constructor Description SSL()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static int
closeBIO(long bio)
Close BIO and dereference callback objectstatic int
doHandshake(long ssl)
SSL_do_handshakestatic int
fipsModeSet(int mode)
Enable/Disable FIPS Mode.static void
flushBIO(long bio)
BIO_flushstatic void
freeBIO(long bio)
BIO_freestatic void
freeSSL(long ssl)
SSL_freestatic boolean
generateRSATempKey(int idx)
Generate temporary RSA key.static java.lang.String
getCipherForSSL(long ssl)
SSL_get_cipherstatic int
getError(long ssl, int ret)
SSL_get_errorstatic java.lang.String
getLastError()
Return last SSL error stringstatic int
getLastErrorNumber()
Get the error number representing the last error OpenSSL encountered on this thread.static java.lang.String
getNextProtoNegotiated(long ssl)
SSL_get0_next_proto_negotiatedstatic int
getShutdown(long ssl)
SSL_get_shutdownstatic boolean
hasOp(int op)
Return true if all the requested SSL_OP_* are supported by OpenSSL.static int
initialize(java.lang.String engine)
Initialize OpenSSL support.static int
isInInit(long SSL)
SSL_in_initstatic boolean
loadDSATempKey(int idx, java.lang.String file)
Load temporary DSA key from file
Index can be one of:static long
makeNetworkBIO(long ssl)
Wire up internal and network BIOs for the given SSL instance.static long
newBIO(long pool, BIOCallback callback)
Initialize new BIOstatic long
newSSL(long ctx, boolean server)
SSL_newstatic int
pendingReadableBytesInSSL(long ssl)
SSL_pendingstatic int
pendingWrittenBytesInBIO(long bio)
BIO_ctrl_pendingstatic boolean
randLoad(java.lang.String filename)
Add content of the file to the PRNGstatic boolean
randMake(java.lang.String filename, int len, boolean base64)
Creates random data to filenamestatic boolean
randSave(java.lang.String filename)
Writes a number of random bytes (currently 1024) to filefilename
which can be used to initialize the PRNG by calling randLoad in a later session.static void
randSet(java.lang.String filename)
Sets global random filename.static int
readFromBIO(long bio, long rbuf, int rlen)
BIO_readstatic int
readFromSSL(long ssl, long rbuf, int rlen)
SSL_readstatic void
setBIO(long ssl, long rbio, long wbio)
SSL_set_biostatic void
setPassword(java.lang.String password)
Set global Password for decrypting certificates and keys.static void
setPasswordCallback(PasswordCallback callback)
Set global Password callback for obtaining passwords.static void
setShutdown(long ssl, int mode)
SSL_set_shutdownstatic int
shutdownSSL(long ssl)
SSL_shutdownstatic int
version()
static java.lang.String
versionString()
static int
writeToBIO(long bio, long wbuf, int wlen)
BIO_writestatic int
writeToSSL(long ssl, long wbuf, int wlen)
SSL_write
-
-
-
Field Detail
-
UNSET
public static final int UNSET
- See Also:
- Constant Field Values
-
SSL_ALGO_UNKNOWN
public static final int SSL_ALGO_UNKNOWN
- See Also:
- Constant Field Values
-
SSL_ALGO_RSA
public static final int SSL_ALGO_RSA
- See Also:
- Constant Field Values
-
SSL_ALGO_DSA
public static final int SSL_ALGO_DSA
- See Also:
- Constant Field Values
-
SSL_ALGO_ALL
public static final int SSL_ALGO_ALL
- See Also:
- Constant Field Values
-
SSL_AIDX_RSA
public static final int SSL_AIDX_RSA
- See Also:
- Constant Field Values
-
SSL_AIDX_DSA
public static final int SSL_AIDX_DSA
- See Also:
- Constant Field Values
-
SSL_AIDX_MAX
public static final int SSL_AIDX_MAX
- See Also:
- Constant Field Values
-
SSL_TMP_KEY_RSA_512
public static final int SSL_TMP_KEY_RSA_512
- See Also:
- Constant Field Values
-
SSL_TMP_KEY_RSA_1024
public static final int SSL_TMP_KEY_RSA_1024
- See Also:
- Constant Field Values
-
SSL_TMP_KEY_RSA_2048
public static final int SSL_TMP_KEY_RSA_2048
- See Also:
- Constant Field Values
-
SSL_TMP_KEY_RSA_4096
public static final int SSL_TMP_KEY_RSA_4096
- See Also:
- Constant Field Values
-
SSL_TMP_KEY_DH_512
public static final int SSL_TMP_KEY_DH_512
- See Also:
- Constant Field Values
-
SSL_TMP_KEY_DH_1024
public static final int SSL_TMP_KEY_DH_1024
- See Also:
- Constant Field Values
-
SSL_TMP_KEY_DH_2048
public static final int SSL_TMP_KEY_DH_2048
- See Also:
- Constant Field Values
-
SSL_TMP_KEY_DH_4096
public static final int SSL_TMP_KEY_DH_4096
- See Also:
- Constant Field Values
-
SSL_TMP_KEY_MAX
public static final int SSL_TMP_KEY_MAX
- See Also:
- Constant Field Values
-
SSL_OPT_NONE
public static final int SSL_OPT_NONE
- See Also:
- Constant Field Values
-
SSL_OPT_RELSET
public static final int SSL_OPT_RELSET
- See Also:
- Constant Field Values
-
SSL_OPT_STDENVVARS
public static final int SSL_OPT_STDENVVARS
- See Also:
- Constant Field Values
-
SSL_OPT_EXPORTCERTDATA
public static final int SSL_OPT_EXPORTCERTDATA
- See Also:
- Constant Field Values
-
SSL_OPT_FAKEBASICAUTH
public static final int SSL_OPT_FAKEBASICAUTH
- See Also:
- Constant Field Values
-
SSL_OPT_STRICTREQUIRE
public static final int SSL_OPT_STRICTREQUIRE
- See Also:
- Constant Field Values
-
SSL_OPT_OPTRENEGOTIATE
public static final int SSL_OPT_OPTRENEGOTIATE
- See Also:
- Constant Field Values
-
SSL_OPT_ALL
public static final int SSL_OPT_ALL
- See Also:
- Constant Field Values
-
SSL_PROTOCOL_NONE
public static final int SSL_PROTOCOL_NONE
- See Also:
- Constant Field Values
-
SSL_PROTOCOL_SSLV2
public static final int SSL_PROTOCOL_SSLV2
- See Also:
- Constant Field Values
-
SSL_PROTOCOL_SSLV3
public static final int SSL_PROTOCOL_SSLV3
- See Also:
- Constant Field Values
-
SSL_PROTOCOL_TLSV1
public static final int SSL_PROTOCOL_TLSV1
- See Also:
- Constant Field Values
-
SSL_PROTOCOL_ALL
public static final int SSL_PROTOCOL_ALL
- See Also:
- Constant Field Values
-
SSL_CVERIFY_UNSET
public static final int SSL_CVERIFY_UNSET
- See Also:
- Constant Field Values
-
SSL_CVERIFY_NONE
public static final int SSL_CVERIFY_NONE
- See Also:
- Constant Field Values
-
SSL_CVERIFY_OPTIONAL
public static final int SSL_CVERIFY_OPTIONAL
- See Also:
- Constant Field Values
-
SSL_CVERIFY_REQUIRE
public static final int SSL_CVERIFY_REQUIRE
- See Also:
- Constant Field Values
-
SSL_CVERIFY_OPTIONAL_NO_CA
public static final int SSL_CVERIFY_OPTIONAL_NO_CA
- See Also:
- Constant Field Values
-
SSL_VERIFY_NONE
public static final int SSL_VERIFY_NONE
- See Also:
- Constant Field Values
-
SSL_VERIFY_PEER
public static final int SSL_VERIFY_PEER
- See Also:
- Constant Field Values
-
SSL_VERIFY_FAIL_IF_NO_PEER_CERT
public static final int SSL_VERIFY_FAIL_IF_NO_PEER_CERT
- See Also:
- Constant Field Values
-
SSL_VERIFY_CLIENT_ONCE
public static final int SSL_VERIFY_CLIENT_ONCE
- See Also:
- Constant Field Values
-
SSL_VERIFY_PEER_STRICT
public static final int SSL_VERIFY_PEER_STRICT
- See Also:
- Constant Field Values
-
SSL_OP_MICROSOFT_SESS_ID_BUG
public static final int SSL_OP_MICROSOFT_SESS_ID_BUG
- See Also:
- Constant Field Values
-
SSL_OP_NETSCAPE_CHALLENGE_BUG
public static final int SSL_OP_NETSCAPE_CHALLENGE_BUG
- See Also:
- Constant Field Values
-
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
public static final int SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
- See Also:
- Constant Field Values
-
SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
public static final int SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
- See Also:
- Constant Field Values
-
SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
public static final int SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
- See Also:
- Constant Field Values
-
SSL_OP_MSIE_SSLV2_RSA_PADDING
public static final int SSL_OP_MSIE_SSLV2_RSA_PADDING
- See Also:
- Constant Field Values
-
SSL_OP_SSLEAY_080_CLIENT_DH_BUG
public static final int SSL_OP_SSLEAY_080_CLIENT_DH_BUG
- See Also:
- Constant Field Values
-
SSL_OP_TLS_D5_BUG
public static final int SSL_OP_TLS_D5_BUG
- See Also:
- Constant Field Values
-
SSL_OP_TLS_BLOCK_PADDING_BUG
public static final int SSL_OP_TLS_BLOCK_PADDING_BUG
- See Also:
- Constant Field Values
-
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
public static final int SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
- See Also:
- Constant Field Values
-
SSL_OP_ALL
public static final int SSL_OP_ALL
- See Also:
- Constant Field Values
-
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
public static final int SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
- See Also:
- Constant Field Values
-
SSL_OP_NO_COMPRESSION
public static final int SSL_OP_NO_COMPRESSION
- See Also:
- Constant Field Values
-
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
public static final int SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
- See Also:
- Constant Field Values
-
SSL_OP_SINGLE_ECDH_USE
public static final int SSL_OP_SINGLE_ECDH_USE
- See Also:
- Constant Field Values
-
SSL_OP_SINGLE_DH_USE
public static final int SSL_OP_SINGLE_DH_USE
- See Also:
- Constant Field Values
-
SSL_OP_EPHEMERAL_RSA
public static final int SSL_OP_EPHEMERAL_RSA
- See Also:
- Constant Field Values
-
SSL_OP_CIPHER_SERVER_PREFERENCE
public static final int SSL_OP_CIPHER_SERVER_PREFERENCE
- See Also:
- Constant Field Values
-
SSL_OP_TLS_ROLLBACK_BUG
public static final int SSL_OP_TLS_ROLLBACK_BUG
- See Also:
- Constant Field Values
-
SSL_OP_NO_SSLv2
public static final int SSL_OP_NO_SSLv2
- See Also:
- Constant Field Values
-
SSL_OP_NO_SSLv3
public static final int SSL_OP_NO_SSLv3
- See Also:
- Constant Field Values
-
SSL_OP_NO_TLSv1
public static final int SSL_OP_NO_TLSv1
- See Also:
- Constant Field Values
-
SSL_OP_NO_TLSv1_1
public static final int SSL_OP_NO_TLSv1_1
- See Also:
- Constant Field Values
-
SSL_OP_NO_TLSv1_2
public static final int SSL_OP_NO_TLSv1_2
- See Also:
- Constant Field Values
-
SSL_OP_NO_TICKET
public static final int SSL_OP_NO_TICKET
- See Also:
- Constant Field Values
-
SSL_OP_PKCS1_CHECK_1
public static final int SSL_OP_PKCS1_CHECK_1
- See Also:
- Constant Field Values
-
SSL_OP_PKCS1_CHECK_2
public static final int SSL_OP_PKCS1_CHECK_2
- See Also:
- Constant Field Values
-
SSL_OP_NETSCAPE_CA_DN_BUG
public static final int SSL_OP_NETSCAPE_CA_DN_BUG
- See Also:
- Constant Field Values
-
SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
public static final int SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
- See Also:
- Constant Field Values
-
SSL_CRT_FORMAT_UNDEF
public static final int SSL_CRT_FORMAT_UNDEF
- See Also:
- Constant Field Values
-
SSL_CRT_FORMAT_ASN1
public static final int SSL_CRT_FORMAT_ASN1
- See Also:
- Constant Field Values
-
SSL_CRT_FORMAT_TEXT
public static final int SSL_CRT_FORMAT_TEXT
- See Also:
- Constant Field Values
-
SSL_CRT_FORMAT_PEM
public static final int SSL_CRT_FORMAT_PEM
- See Also:
- Constant Field Values
-
SSL_CRT_FORMAT_NETSCAPE
public static final int SSL_CRT_FORMAT_NETSCAPE
- See Also:
- Constant Field Values
-
SSL_CRT_FORMAT_PKCS12
public static final int SSL_CRT_FORMAT_PKCS12
- See Also:
- Constant Field Values
-
SSL_CRT_FORMAT_SMIME
public static final int SSL_CRT_FORMAT_SMIME
- See Also:
- Constant Field Values
-
SSL_CRT_FORMAT_ENGINE
public static final int SSL_CRT_FORMAT_ENGINE
- See Also:
- Constant Field Values
-
SSL_MODE_CLIENT
public static final int SSL_MODE_CLIENT
- See Also:
- Constant Field Values
-
SSL_MODE_SERVER
public static final int SSL_MODE_SERVER
- See Also:
- Constant Field Values
-
SSL_MODE_COMBINED
public static final int SSL_MODE_COMBINED
- See Also:
- Constant Field Values
-
SSL_SHUTDOWN_TYPE_UNSET
public static final int SSL_SHUTDOWN_TYPE_UNSET
- See Also:
- Constant Field Values
-
SSL_SHUTDOWN_TYPE_STANDARD
public static final int SSL_SHUTDOWN_TYPE_STANDARD
- See Also:
- Constant Field Values
-
SSL_SHUTDOWN_TYPE_UNCLEAN
public static final int SSL_SHUTDOWN_TYPE_UNCLEAN
- See Also:
- Constant Field Values
-
SSL_SHUTDOWN_TYPE_ACCURATE
public static final int SSL_SHUTDOWN_TYPE_ACCURATE
- See Also:
- Constant Field Values
-
SSL_INFO_SESSION_ID
public static final int SSL_INFO_SESSION_ID
- See Also:
- Constant Field Values
-
SSL_INFO_CIPHER
public static final int SSL_INFO_CIPHER
- See Also:
- Constant Field Values
-
SSL_INFO_CIPHER_USEKEYSIZE
public static final int SSL_INFO_CIPHER_USEKEYSIZE
- See Also:
- Constant Field Values
-
SSL_INFO_CIPHER_ALGKEYSIZE
public static final int SSL_INFO_CIPHER_ALGKEYSIZE
- See Also:
- Constant Field Values
-
SSL_INFO_CIPHER_VERSION
public static final int SSL_INFO_CIPHER_VERSION
- See Also:
- Constant Field Values
-
SSL_INFO_CIPHER_DESCRIPTION
public static final int SSL_INFO_CIPHER_DESCRIPTION
- See Also:
- Constant Field Values
-
SSL_INFO_PROTOCOL
public static final int SSL_INFO_PROTOCOL
- See Also:
- Constant Field Values
-
SSL_INFO_CLIENT_S_DN
public static final int SSL_INFO_CLIENT_S_DN
- See Also:
- Constant Field Values
-
SSL_INFO_CLIENT_I_DN
public static final int SSL_INFO_CLIENT_I_DN
- See Also:
- Constant Field Values
-
SSL_INFO_SERVER_S_DN
public static final int SSL_INFO_SERVER_S_DN
- See Also:
- Constant Field Values
-
SSL_INFO_SERVER_I_DN
public static final int SSL_INFO_SERVER_I_DN
- See Also:
- Constant Field Values
-
SSL_INFO_DN_COUNTRYNAME
public static final int SSL_INFO_DN_COUNTRYNAME
- See Also:
- Constant Field Values
-
SSL_INFO_DN_STATEORPROVINCENAME
public static final int SSL_INFO_DN_STATEORPROVINCENAME
- See Also:
- Constant Field Values
-
SSL_INFO_DN_LOCALITYNAME
public static final int SSL_INFO_DN_LOCALITYNAME
- See Also:
- Constant Field Values
-
SSL_INFO_DN_ORGANIZATIONNAME
public static final int SSL_INFO_DN_ORGANIZATIONNAME
- See Also:
- Constant Field Values
-
SSL_INFO_DN_ORGANIZATIONALUNITNAME
public static final int SSL_INFO_DN_ORGANIZATIONALUNITNAME
- See Also:
- Constant Field Values
-
SSL_INFO_DN_COMMONNAME
public static final int SSL_INFO_DN_COMMONNAME
- See Also:
- Constant Field Values
-
SSL_INFO_DN_TITLE
public static final int SSL_INFO_DN_TITLE
- See Also:
- Constant Field Values
-
SSL_INFO_DN_INITIALS
public static final int SSL_INFO_DN_INITIALS
- See Also:
- Constant Field Values
-
SSL_INFO_DN_GIVENNAME
public static final int SSL_INFO_DN_GIVENNAME
- See Also:
- Constant Field Values
-
SSL_INFO_DN_SURNAME
public static final int SSL_INFO_DN_SURNAME
- See Also:
- Constant Field Values
-
SSL_INFO_DN_DESCRIPTION
public static final int SSL_INFO_DN_DESCRIPTION
- See Also:
- Constant Field Values
-
SSL_INFO_DN_UNIQUEIDENTIFIER
public static final int SSL_INFO_DN_UNIQUEIDENTIFIER
- See Also:
- Constant Field Values
-
SSL_INFO_DN_EMAILADDRESS
public static final int SSL_INFO_DN_EMAILADDRESS
- See Also:
- Constant Field Values
-
SSL_INFO_CLIENT_M_VERSION
public static final int SSL_INFO_CLIENT_M_VERSION
- See Also:
- Constant Field Values
-
SSL_INFO_CLIENT_M_SERIAL
public static final int SSL_INFO_CLIENT_M_SERIAL
- See Also:
- Constant Field Values
-
SSL_INFO_CLIENT_V_START
public static final int SSL_INFO_CLIENT_V_START
- See Also:
- Constant Field Values
-
SSL_INFO_CLIENT_V_END
public static final int SSL_INFO_CLIENT_V_END
- See Also:
- Constant Field Values
-
SSL_INFO_CLIENT_A_SIG
public static final int SSL_INFO_CLIENT_A_SIG
- See Also:
- Constant Field Values
-
SSL_INFO_CLIENT_A_KEY
public static final int SSL_INFO_CLIENT_A_KEY
- See Also:
- Constant Field Values
-
SSL_INFO_CLIENT_CERT
public static final int SSL_INFO_CLIENT_CERT
- See Also:
- Constant Field Values
-
SSL_INFO_CLIENT_V_REMAIN
public static final int SSL_INFO_CLIENT_V_REMAIN
- See Also:
- Constant Field Values
-
SSL_INFO_SERVER_M_VERSION
public static final int SSL_INFO_SERVER_M_VERSION
- See Also:
- Constant Field Values
-
SSL_INFO_SERVER_M_SERIAL
public static final int SSL_INFO_SERVER_M_SERIAL
- See Also:
- Constant Field Values
-
SSL_INFO_SERVER_V_START
public static final int SSL_INFO_SERVER_V_START
- See Also:
- Constant Field Values
-
SSL_INFO_SERVER_V_END
public static final int SSL_INFO_SERVER_V_END
- See Also:
- Constant Field Values
-
SSL_INFO_SERVER_A_SIG
public static final int SSL_INFO_SERVER_A_SIG
- See Also:
- Constant Field Values
-
SSL_INFO_SERVER_A_KEY
public static final int SSL_INFO_SERVER_A_KEY
- See Also:
- Constant Field Values
-
SSL_INFO_SERVER_CERT
public static final int SSL_INFO_SERVER_CERT
- See Also:
- Constant Field Values
-
SSL_INFO_CLIENT_CERT_CHAIN
public static final int SSL_INFO_CLIENT_CERT_CHAIN
- See Also:
- Constant Field Values
-
SSL_SENT_SHUTDOWN
public static final int SSL_SENT_SHUTDOWN
- See Also:
- Constant Field Values
-
SSL_RECEIVED_SHUTDOWN
public static final int SSL_RECEIVED_SHUTDOWN
- See Also:
- Constant Field Values
-
SSL_ERROR_NONE
public static final int SSL_ERROR_NONE
- See Also:
- Constant Field Values
-
SSL_ERROR_SSL
public static final int SSL_ERROR_SSL
- See Also:
- Constant Field Values
-
SSL_ERROR_WANT_READ
public static final int SSL_ERROR_WANT_READ
- See Also:
- Constant Field Values
-
SSL_ERROR_WANT_WRITE
public static final int SSL_ERROR_WANT_WRITE
- See Also:
- Constant Field Values
-
SSL_ERROR_WANT_X509_LOOKUP
public static final int SSL_ERROR_WANT_X509_LOOKUP
- See Also:
- Constant Field Values
-
SSL_ERROR_SYSCALL
public static final int SSL_ERROR_SYSCALL
- See Also:
- Constant Field Values
-
SSL_ERROR_ZERO_RETURN
public static final int SSL_ERROR_ZERO_RETURN
- See Also:
- Constant Field Values
-
SSL_ERROR_WANT_CONNECT
public static final int SSL_ERROR_WANT_CONNECT
- See Also:
- Constant Field Values
-
SSL_ERROR_WANT_ACCEPT
public static final int SSL_ERROR_WANT_ACCEPT
- See Also:
- Constant Field Values
-
-
Method Detail
-
version
public static int version()
-
versionString
public static java.lang.String versionString()
-
initialize
public static int initialize(java.lang.String engine)
Initialize OpenSSL support. This function needs to be called once for the lifetime of JVM. Library.init() has to be called before.- Parameters:
engine
- Support for external a Crypto Device ("engine"), usually a hardware accelerator card for crypto operations.- Returns:
- APR status code
-
fipsModeSet
public static int fipsModeSet(int mode)
Enable/Disable FIPS Mode.- Parameters:
mode
- 1 - enable, 0 - disable- Returns:
- FIPS_mode_set return code
-
randLoad
public static boolean randLoad(java.lang.String filename)
Add content of the file to the PRNG- Parameters:
filename
- Filename containing random data. If null the default file will be tested. The seed file is $RANDFILE if that environment variable is set, $HOME/.rnd otherwise. In case both files are unavailable builtin random seed generator is used.
-
randSave
public static boolean randSave(java.lang.String filename)
Writes a number of random bytes (currently 1024) to filefilename
which can be used to initialize the PRNG by calling randLoad in a later session.- Parameters:
filename
- Filename to save the data
-
randMake
public static boolean randMake(java.lang.String filename, int len, boolean base64)
Creates random data to filename- Parameters:
filename
- Filename to save the datalen
- The length of random sequence in bytesbase64
- Output the data in Base64 encoded format
-
randSet
public static void randSet(java.lang.String filename)
Sets global random filename.- Parameters:
filename
- Filename to use. If set it will be used for SSL initialization and all contexts where explicitly not set.
-
newBIO
public static long newBIO(long pool, BIOCallback callback) throws java.lang.Exception
Initialize new BIO- Parameters:
pool
- The pool to use.callback
- BIOCallback to use- Returns:
- New BIO handle
- Throws:
java.lang.Exception
-
closeBIO
public static int closeBIO(long bio)
Close BIO and dereference callback object- Parameters:
bio
- BIO to close and destroy.- Returns:
- APR Status code
-
setPasswordCallback
public static void setPasswordCallback(PasswordCallback callback)
Set global Password callback for obtaining passwords.- Parameters:
callback
- PasswordCallback implementation to use.
-
setPassword
public static void setPassword(java.lang.String password)
Set global Password for decrypting certificates and keys.- Parameters:
password
- Password to use.
-
generateRSATempKey
public static boolean generateRSATempKey(int idx)
Generate temporary RSA key.
Index can be one of:SSL_TMP_KEY_RSA_512 SSL_TMP_KEY_RSA_1024 SSL_TMP_KEY_RSA_2048 SSL_TMP_KEY_RSA_4096
By default 512 and 1024 keys are generated on startup. You can use a low priority thread to generate them on the fly.- Parameters:
idx
- temporary key index.
-
loadDSATempKey
public static boolean loadDSATempKey(int idx, java.lang.String file)
Load temporary DSA key from file
Index can be one of:SSL_TMP_KEY_DH_512 SSL_TMP_KEY_DH_1024 SSL_TMP_KEY_DH_2048 SSL_TMP_KEY_DH_4096
- Parameters:
idx
- temporary key index.file
- File containing DH params.
-
getLastError
public static java.lang.String getLastError()
Return last SSL error string
-
hasOp
public static boolean hasOp(int op)
Return true if all the requested SSL_OP_* are supported by OpenSSL. Note that for versions of tcnative < 1.1.25, this method will returntrue
if and only ifop
=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
and tcnative supports that flag.- Parameters:
op
- Bitwise-OR of all SSL_OP_* to test.- Returns:
- true if all SSL_OP_* are supported by OpenSSL library.
-
newSSL
public static long newSSL(long ctx, boolean server)
SSL_new- Parameters:
ctx
- Server or Client context to use.server
- if true configure SSL instance to use accept handshake routines if false configure SSL instance to use connect handshake routines- Returns:
- pointer to SSL instance (SSL *)
-
setBIO
public static void setBIO(long ssl, long rbio, long wbio)
SSL_set_bio- Parameters:
ssl
- SSL pointer (SSL *)rbio
- read BIO pointer (BIO *)wbio
- write BIO pointer (BIO *)
-
getError
public static int getError(long ssl, int ret)
SSL_get_error- Parameters:
ssl
- SSL pointer (SSL *)ret
- TLS/SSL I/O return value
-
pendingWrittenBytesInBIO
public static int pendingWrittenBytesInBIO(long bio)
BIO_ctrl_pending- Parameters:
bio
- BIO pointer (BIO *)- Returns:
-
pendingReadableBytesInSSL
public static int pendingReadableBytesInSSL(long ssl)
SSL_pending- Parameters:
ssl
- SSL pointer (SSL *)- Returns:
-
writeToBIO
public static int writeToBIO(long bio, long wbuf, int wlen)
BIO_write- Parameters:
bio
-wbuf
-wlen
-- Returns:
-
readFromBIO
public static int readFromBIO(long bio, long rbuf, int rlen)
BIO_read- Parameters:
bio
-rbuf
-rlen
-- Returns:
-
writeToSSL
public static int writeToSSL(long ssl, long wbuf, int wlen)
SSL_write- Parameters:
ssl
- the SSL instance (SSL *)wbuf
-wlen
-- Returns:
-
readFromSSL
public static int readFromSSL(long ssl, long rbuf, int rlen)
SSL_read- Parameters:
ssl
- the SSL instance (SSL *)rbuf
-rlen
-- Returns:
-
getShutdown
public static int getShutdown(long ssl)
SSL_get_shutdown- Parameters:
ssl
- the SSL instance (SSL *)- Returns:
-
setShutdown
public static void setShutdown(long ssl, int mode)
SSL_set_shutdown- Parameters:
ssl
- the SSL instance (SSL *)mode
-
-
freeSSL
public static void freeSSL(long ssl)
SSL_free- Parameters:
ssl
- the SSL instance (SSL *)
-
makeNetworkBIO
public static long makeNetworkBIO(long ssl)
Wire up internal and network BIOs for the given SSL instance. Warning: you must explicitly free this resource by calling freeBIO While the SSL's internal/application data BIO will be freed when freeSSL is called on the provided SSL instance, you must call freeBIO on the returned network BIO.- Parameters:
ssl
- the SSL instance (SSL *)- Returns:
- pointer to the Network BIO (BIO *)
-
freeBIO
public static void freeBIO(long bio)
BIO_free- Parameters:
bio
-
-
flushBIO
public static void flushBIO(long bio)
BIO_flush- Parameters:
bio
-
-
shutdownSSL
public static int shutdownSSL(long ssl)
SSL_shutdown- Parameters:
ssl
- the SSL instance (SSL *)- Returns:
-
getLastErrorNumber
public static int getLastErrorNumber()
Get the error number representing the last error OpenSSL encountered on this thread.- Returns:
-
getCipherForSSL
public static java.lang.String getCipherForSSL(long ssl)
SSL_get_cipher- Parameters:
ssl
- the SSL instance (SSL *)- Returns:
-
doHandshake
public static int doHandshake(long ssl)
SSL_do_handshake- Parameters:
ssl
- the SSL instance (SSL *)
-
isInInit
public static int isInInit(long SSL)
SSL_in_init- Parameters:
SSL
-- Returns:
-
getNextProtoNegotiated
public static java.lang.String getNextProtoNegotiated(long ssl)
SSL_get0_next_proto_negotiated- Parameters:
ssl
- the SSL isntance (SSL *)- Returns:
-
-