• Home
  • History
  • Annotate
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2008 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package org.conscrypt;
18 
19 import java.io.FileDescriptor;
20 import java.io.IOException;
21 import java.io.OutputStream;
22 import java.net.SocketTimeoutException;
23 import java.nio.Buffer;
24 import java.security.InvalidAlgorithmParameterException;
25 import java.security.InvalidKeyException;
26 import java.security.MessageDigest;
27 import java.security.NoSuchAlgorithmException;
28 import java.security.PrivateKey;
29 import java.security.SignatureException;
30 import java.security.cert.CertificateEncodingException;
31 import java.security.cert.CertificateException;
32 import java.security.cert.CertificateParsingException;
33 import java.util.ArrayList;
34 import java.util.Calendar;
35 import java.util.HashMap;
36 import java.util.HashSet;
37 import java.util.LinkedHashMap;
38 import java.util.List;
39 import java.util.Map;
40 import java.util.Set;
41 import javax.crypto.BadPaddingException;
42 import javax.crypto.IllegalBlockSizeException;
43 import javax.net.ssl.SSLException;
44 import javax.security.auth.x500.X500Principal;
45 import org.conscrypt.OpenSSLX509CertificateFactory.ParsingException;
46 
47 /**
48  * Provides the Java side of our JNI glue for OpenSSL.
49  *
50  * @hide
51  */
52 @Internal
53 public final class NativeCrypto {
54 
55     // --- OpenSSL library initialization --------------------------------------
56     static {
NativeCryptoJni.init()57         NativeCryptoJni.init();
clinit()58         clinit();
59     }
60 
clinit()61     private native static void clinit();
62 
63     // --- DSA/RSA public/private key handling functions -----------------------
64 
EVP_PKEY_new_RSA(byte[] n, byte[] e, byte[] d, byte[] p, byte[] q, byte[] dmp1, byte[] dmq1, byte[] iqmp)65     public static native long EVP_PKEY_new_RSA(byte[] n, byte[] e, byte[] d, byte[] p, byte[] q,
66             byte[] dmp1, byte[] dmq1, byte[] iqmp);
67 
EVP_PKEY_size(NativeRef.EVP_PKEY pkey)68     public static native int EVP_PKEY_size(NativeRef.EVP_PKEY pkey);
69 
EVP_PKEY_type(NativeRef.EVP_PKEY pkey)70     public static native int EVP_PKEY_type(NativeRef.EVP_PKEY pkey);
71 
EVP_PKEY_print_public(NativeRef.EVP_PKEY pkeyRef)72     public static native String EVP_PKEY_print_public(NativeRef.EVP_PKEY pkeyRef);
73 
EVP_PKEY_print_params(NativeRef.EVP_PKEY pkeyRef)74     public static native String EVP_PKEY_print_params(NativeRef.EVP_PKEY pkeyRef);
75 
EVP_PKEY_free(long pkey)76     public static native void EVP_PKEY_free(long pkey);
77 
EVP_PKEY_cmp(NativeRef.EVP_PKEY pkey1, NativeRef.EVP_PKEY pkey2)78     public static native int EVP_PKEY_cmp(NativeRef.EVP_PKEY pkey1, NativeRef.EVP_PKEY pkey2);
79 
i2d_PKCS8_PRIV_KEY_INFO(NativeRef.EVP_PKEY pkey)80     public static native byte[] i2d_PKCS8_PRIV_KEY_INFO(NativeRef.EVP_PKEY pkey);
81 
d2i_PKCS8_PRIV_KEY_INFO(byte[] data)82     public static native long d2i_PKCS8_PRIV_KEY_INFO(byte[] data);
83 
i2d_PUBKEY(NativeRef.EVP_PKEY pkey)84     public static native byte[] i2d_PUBKEY(NativeRef.EVP_PKEY pkey);
85 
d2i_PUBKEY(byte[] data)86     public static native long d2i_PUBKEY(byte[] data);
87 
PEM_read_bio_PUBKEY(long bioCtx)88     public static native long PEM_read_bio_PUBKEY(long bioCtx);
89 
PEM_read_bio_PrivateKey(long bioCtx)90     public static native long PEM_read_bio_PrivateKey(long bioCtx);
91 
getRSAPrivateKeyWrapper(PrivateKey key, byte[] modulus)92     public static native long getRSAPrivateKeyWrapper(PrivateKey key, byte[] modulus);
93 
getECPrivateKeyWrapper(PrivateKey key, NativeRef.EC_GROUP ecGroupRef)94     public static native long getECPrivateKeyWrapper(PrivateKey key,
95             NativeRef.EC_GROUP ecGroupRef);
96 
RSA_generate_key_ex(int modulusBits, byte[] publicExponent)97     public static native long RSA_generate_key_ex(int modulusBits, byte[] publicExponent);
98 
RSA_size(NativeRef.EVP_PKEY pkey)99     public static native int RSA_size(NativeRef.EVP_PKEY pkey);
100 
RSA_private_encrypt(int flen, byte[] from, byte[] to, NativeRef.EVP_PKEY pkey, int padding)101     public static native int RSA_private_encrypt(int flen, byte[] from, byte[] to,
102             NativeRef.EVP_PKEY pkey, int padding);
103 
RSA_public_decrypt(int flen, byte[] from, byte[] to, NativeRef.EVP_PKEY pkey, int padding)104     public static native int RSA_public_decrypt(int flen, byte[] from, byte[] to,
105             NativeRef.EVP_PKEY pkey, int padding) throws BadPaddingException, SignatureException;
106 
RSA_public_encrypt(int flen, byte[] from, byte[] to, NativeRef.EVP_PKEY pkey, int padding)107     public static native int RSA_public_encrypt(int flen, byte[] from, byte[] to,
108             NativeRef.EVP_PKEY pkey, int padding);
109 
RSA_private_decrypt(int flen, byte[] from, byte[] to, NativeRef.EVP_PKEY pkey, int padding)110     public static native int RSA_private_decrypt(int flen, byte[] from, byte[] to,
111             NativeRef.EVP_PKEY pkey, int padding) throws BadPaddingException, SignatureException;
112 
113     /**
114      * @return array of {n, e}
115      */
get_RSA_public_params(NativeRef.EVP_PKEY rsa)116     public static native byte[][] get_RSA_public_params(NativeRef.EVP_PKEY rsa);
117 
118     /**
119      * @return array of {n, e, d, p, q, dmp1, dmq1, iqmp}
120      */
get_RSA_private_params(NativeRef.EVP_PKEY rsa)121     public static native byte[][] get_RSA_private_params(NativeRef.EVP_PKEY rsa);
122 
i2d_RSAPublicKey(NativeRef.EVP_PKEY rsa)123     public static native byte[] i2d_RSAPublicKey(NativeRef.EVP_PKEY rsa);
124 
i2d_RSAPrivateKey(NativeRef.EVP_PKEY rsa)125     public static native byte[] i2d_RSAPrivateKey(NativeRef.EVP_PKEY rsa);
126 
127     // --- EC functions --------------------------
128 
EVP_PKEY_new_EC_KEY(NativeRef.EC_GROUP groupRef, NativeRef.EC_POINT pubkeyRef, byte[] privkey)129     public static native long EVP_PKEY_new_EC_KEY(NativeRef.EC_GROUP groupRef,
130             NativeRef.EC_POINT pubkeyRef, byte[] privkey);
131 
EC_GROUP_new_by_curve_name(String curveName)132     public static native long EC_GROUP_new_by_curve_name(String curveName);
133 
EC_GROUP_new_arbitrary(byte[] p, byte[] a, byte[] b, byte[] x, byte[] y, byte[] order, int cofactor)134     public static native long EC_GROUP_new_arbitrary(byte[] p, byte[] a, byte[] b, byte[] x,
135                                                      byte[] y, byte[] order, int cofactor);
136 
EC_GROUP_get_curve_name(NativeRef.EC_GROUP groupRef)137     public static native String EC_GROUP_get_curve_name(NativeRef.EC_GROUP groupRef);
138 
EC_GROUP_get_curve(NativeRef.EC_GROUP groupRef)139     public static native byte[][] EC_GROUP_get_curve(NativeRef.EC_GROUP groupRef);
140 
EC_GROUP_clear_free(long groupRef)141     public static native void EC_GROUP_clear_free(long groupRef);
142 
EC_GROUP_get_generator(NativeRef.EC_GROUP groupRef)143     public static native long EC_GROUP_get_generator(NativeRef.EC_GROUP groupRef);
144 
EC_GROUP_get_order(NativeRef.EC_GROUP groupRef)145     public static native byte[] EC_GROUP_get_order(NativeRef.EC_GROUP groupRef);
146 
EC_GROUP_get_degree(NativeRef.EC_GROUP groupRef)147     public static native int EC_GROUP_get_degree(NativeRef.EC_GROUP groupRef);
148 
EC_GROUP_get_cofactor(NativeRef.EC_GROUP groupRef)149     public static native byte[] EC_GROUP_get_cofactor(NativeRef.EC_GROUP groupRef);
150 
EC_POINT_new(NativeRef.EC_GROUP groupRef)151     public static native long EC_POINT_new(NativeRef.EC_GROUP groupRef);
152 
EC_POINT_clear_free(long pointRef)153     public static native void EC_POINT_clear_free(long pointRef);
154 
EC_POINT_get_affine_coordinates(NativeRef.EC_GROUP groupRef, NativeRef.EC_POINT pointRef)155     public static native byte[][] EC_POINT_get_affine_coordinates(NativeRef.EC_GROUP groupRef,
156             NativeRef.EC_POINT pointRef);
157 
EC_POINT_set_affine_coordinates(NativeRef.EC_GROUP groupRef, NativeRef.EC_POINT pointRef, byte[] x, byte[] y)158     public static native void EC_POINT_set_affine_coordinates(NativeRef.EC_GROUP groupRef,
159             NativeRef.EC_POINT pointRef, byte[] x, byte[] y);
160 
EC_KEY_generate_key(NativeRef.EC_GROUP groupRef)161     public static native long EC_KEY_generate_key(NativeRef.EC_GROUP groupRef);
162 
EC_KEY_get1_group(NativeRef.EVP_PKEY pkeyRef)163     public static native long EC_KEY_get1_group(NativeRef.EVP_PKEY pkeyRef);
164 
EC_KEY_get_private_key(NativeRef.EVP_PKEY keyRef)165     public static native byte[] EC_KEY_get_private_key(NativeRef.EVP_PKEY keyRef);
166 
EC_KEY_get_public_key(NativeRef.EVP_PKEY keyRef)167     public static native long EC_KEY_get_public_key(NativeRef.EVP_PKEY keyRef);
168 
ECDH_compute_key(byte[] out, int outOffset, NativeRef.EVP_PKEY publicKeyRef, NativeRef.EVP_PKEY privateKeyRef)169     public static native int ECDH_compute_key(byte[] out, int outOffset,
170             NativeRef.EVP_PKEY publicKeyRef, NativeRef.EVP_PKEY privateKeyRef) throws
171             InvalidKeyException;
172 
173     // --- Message digest functions --------------
174 
175     // These return const references
EVP_get_digestbyname(String name)176     public static native long EVP_get_digestbyname(String name);
177 
EVP_MD_size(long evp_md_const)178     public static native int EVP_MD_size(long evp_md_const);
179 
EVP_MD_block_size(long evp_md_const)180     public static native int EVP_MD_block_size(long evp_md_const);
181 
182     // --- Message digest context functions --------------
183 
EVP_MD_CTX_create()184     public static native long EVP_MD_CTX_create();
185 
EVP_MD_CTX_cleanup(NativeRef.EVP_MD_CTX ctx)186     public static native void EVP_MD_CTX_cleanup(NativeRef.EVP_MD_CTX ctx);
187 
EVP_MD_CTX_destroy(long ctx)188     public static native void EVP_MD_CTX_destroy(long ctx);
189 
EVP_MD_CTX_copy_ex(NativeRef.EVP_MD_CTX dst_ctx, NativeRef.EVP_MD_CTX src_ctx)190     public static native int EVP_MD_CTX_copy_ex(NativeRef.EVP_MD_CTX dst_ctx,
191             NativeRef.EVP_MD_CTX src_ctx);
192 
193     // --- Digest handling functions -------------------------------------------
194 
EVP_DigestInit_ex(NativeRef.EVP_MD_CTX ctx, long evp_md)195     public static native int EVP_DigestInit_ex(NativeRef.EVP_MD_CTX ctx, long evp_md);
196 
EVP_DigestUpdate(NativeRef.EVP_MD_CTX ctx, byte[] buffer, int offset, int length)197     public static native void EVP_DigestUpdate(NativeRef.EVP_MD_CTX ctx,
198             byte[] buffer, int offset, int length);
199 
EVP_DigestUpdateDirect(NativeRef.EVP_MD_CTX ctx, long ptr, int length)200     public static native void EVP_DigestUpdateDirect(NativeRef.EVP_MD_CTX ctx,
201             long ptr, int length);
202 
EVP_DigestFinal_ex(NativeRef.EVP_MD_CTX ctx, byte[] hash, int offset)203     public static native int EVP_DigestFinal_ex(NativeRef.EVP_MD_CTX ctx, byte[] hash,
204             int offset);
205 
206     // --- Signature handling functions ----------------------------------------
207 
EVP_DigestSignInit(NativeRef.EVP_MD_CTX ctx, long evpMdRef, NativeRef.EVP_PKEY key)208     public static native long EVP_DigestSignInit(NativeRef.EVP_MD_CTX ctx,
209             long evpMdRef, NativeRef.EVP_PKEY key);
210 
EVP_DigestVerifyInit(NativeRef.EVP_MD_CTX ctx, long evpMdRef, NativeRef.EVP_PKEY key)211     public static native long EVP_DigestVerifyInit(NativeRef.EVP_MD_CTX ctx,
212             long evpMdRef, NativeRef.EVP_PKEY key);
213 
EVP_DigestSignUpdate(NativeRef.EVP_MD_CTX ctx, byte[] buffer, int offset, int length)214     public static native void EVP_DigestSignUpdate(NativeRef.EVP_MD_CTX ctx,
215             byte[] buffer, int offset, int length);
216 
EVP_DigestSignUpdateDirect(NativeRef.EVP_MD_CTX ctx, long ptr, int length)217     public static native void EVP_DigestSignUpdateDirect(NativeRef.EVP_MD_CTX ctx,
218             long ptr, int length);
219 
EVP_DigestVerifyUpdate(NativeRef.EVP_MD_CTX ctx, byte[] buffer, int offset, int length)220     public static native void EVP_DigestVerifyUpdate(NativeRef.EVP_MD_CTX ctx,
221             byte[] buffer, int offset, int length);
222 
EVP_DigestVerifyUpdateDirect(NativeRef.EVP_MD_CTX ctx, long ptr, int length)223     public static native void EVP_DigestVerifyUpdateDirect(NativeRef.EVP_MD_CTX ctx,
224             long ptr, int length);
225 
EVP_DigestSignFinal(NativeRef.EVP_MD_CTX ctx)226     public static native byte[] EVP_DigestSignFinal(NativeRef.EVP_MD_CTX ctx);
227 
EVP_DigestVerifyFinal(NativeRef.EVP_MD_CTX ctx, byte[] signature, int offset, int length)228     public static native boolean EVP_DigestVerifyFinal(NativeRef.EVP_MD_CTX ctx,
229             byte[] signature, int offset, int length);
230 
EVP_PKEY_encrypt_init(NativeRef.EVP_PKEY pkey)231     public static native long EVP_PKEY_encrypt_init(NativeRef.EVP_PKEY pkey);
232 
EVP_PKEY_encrypt(NativeRef.EVP_PKEY_CTX ctx, byte[] out, int outOffset, byte[] input, int inOffset, int inLength)233     public static native int EVP_PKEY_encrypt(NativeRef.EVP_PKEY_CTX ctx, byte[] out, int outOffset,
234             byte[] input, int inOffset, int inLength);
235 
EVP_PKEY_decrypt_init(NativeRef.EVP_PKEY pkey)236     public static native long EVP_PKEY_decrypt_init(NativeRef.EVP_PKEY pkey);
237 
EVP_PKEY_decrypt(NativeRef.EVP_PKEY_CTX ctx, byte[] out, int outOffset, byte[] input, int inOffset, int inLength)238     public static native int EVP_PKEY_decrypt(NativeRef.EVP_PKEY_CTX ctx, byte[] out, int outOffset,
239             byte[] input, int inOffset, int inLength);
240 
EVP_PKEY_CTX_free(long pkeyCtx)241     public static native void EVP_PKEY_CTX_free(long pkeyCtx);
242 
EVP_PKEY_CTX_set_rsa_padding(long ctx, int pad)243     public static native void EVP_PKEY_CTX_set_rsa_padding(long ctx, int pad)
244             throws InvalidAlgorithmParameterException;
245 
EVP_PKEY_CTX_set_rsa_pss_saltlen(long ctx, int len)246     public static native void EVP_PKEY_CTX_set_rsa_pss_saltlen(long ctx, int len)
247             throws InvalidAlgorithmParameterException;
248 
EVP_PKEY_CTX_set_rsa_mgf1_md(long ctx, long evpMdRef)249     public static native void EVP_PKEY_CTX_set_rsa_mgf1_md(long ctx, long evpMdRef)
250             throws InvalidAlgorithmParameterException;
251 
EVP_PKEY_CTX_set_rsa_oaep_md(long ctx, long evpMdRef)252     public static native void EVP_PKEY_CTX_set_rsa_oaep_md(long ctx, long evpMdRef)
253             throws InvalidAlgorithmParameterException;
254 
EVP_PKEY_CTX_set_rsa_oaep_label(long ctx, byte[] label)255     public static native void EVP_PKEY_CTX_set_rsa_oaep_label(long ctx, byte[] label)
256             throws InvalidAlgorithmParameterException;
257 
258     // --- Block ciphers -------------------------------------------------------
259 
260     // These return const references
EVP_get_cipherbyname(String string)261     public static native long EVP_get_cipherbyname(String string);
262 
EVP_CipherInit_ex(NativeRef.EVP_CIPHER_CTX ctx, long evpCipher, byte[] key, byte[] iv, boolean encrypting)263     public static native void EVP_CipherInit_ex(NativeRef.EVP_CIPHER_CTX ctx, long evpCipher,
264             byte[] key, byte[] iv, boolean encrypting);
265 
EVP_CipherUpdate(NativeRef.EVP_CIPHER_CTX ctx, byte[] out, int outOffset, byte[] in, int inOffset, int inLength)266     public static native int EVP_CipherUpdate(NativeRef.EVP_CIPHER_CTX ctx, byte[] out,
267             int outOffset, byte[] in, int inOffset, int inLength);
268 
EVP_CipherFinal_ex(NativeRef.EVP_CIPHER_CTX ctx, byte[] out, int outOffset)269     public static native int EVP_CipherFinal_ex(NativeRef.EVP_CIPHER_CTX ctx, byte[] out,
270             int outOffset) throws BadPaddingException, IllegalBlockSizeException;
271 
EVP_CIPHER_iv_length(long evpCipher)272     public static native int EVP_CIPHER_iv_length(long evpCipher);
273 
EVP_CIPHER_CTX_new()274     public static native long EVP_CIPHER_CTX_new();
275 
EVP_CIPHER_CTX_block_size(NativeRef.EVP_CIPHER_CTX ctx)276     public static native int EVP_CIPHER_CTX_block_size(NativeRef.EVP_CIPHER_CTX ctx);
277 
get_EVP_CIPHER_CTX_buf_len(NativeRef.EVP_CIPHER_CTX ctx)278     public static native int get_EVP_CIPHER_CTX_buf_len(NativeRef.EVP_CIPHER_CTX ctx);
279 
get_EVP_CIPHER_CTX_final_used(NativeRef.EVP_CIPHER_CTX ctx)280     public static native boolean get_EVP_CIPHER_CTX_final_used(NativeRef.EVP_CIPHER_CTX ctx);
281 
EVP_CIPHER_CTX_set_padding(NativeRef.EVP_CIPHER_CTX ctx, boolean enablePadding)282     public static native void EVP_CIPHER_CTX_set_padding(NativeRef.EVP_CIPHER_CTX ctx,
283             boolean enablePadding);
284 
EVP_CIPHER_CTX_set_key_length(NativeRef.EVP_CIPHER_CTX ctx, int keyBitSize)285     public static native void EVP_CIPHER_CTX_set_key_length(NativeRef.EVP_CIPHER_CTX ctx,
286             int keyBitSize);
287 
EVP_CIPHER_CTX_free(long ctx)288     public static native void EVP_CIPHER_CTX_free(long ctx);
289 
290     // --- AEAD ----------------------------------------------------------------
EVP_aead_aes_128_gcm()291     public static native long EVP_aead_aes_128_gcm();
292 
EVP_aead_aes_256_gcm()293     public static native long EVP_aead_aes_256_gcm();
294 
EVP_AEAD_max_overhead(long evpAead)295     public static native int EVP_AEAD_max_overhead(long evpAead);
296 
EVP_AEAD_nonce_length(long evpAead)297     public static native int EVP_AEAD_nonce_length(long evpAead);
298 
EVP_AEAD_max_tag_len(long evpAead)299     public static native int EVP_AEAD_max_tag_len(long evpAead);
300 
EVP_AEAD_CTX_seal(long evpAead, byte[] key, int tagLengthInBytes, byte[] out, int outOffset, byte[] nonce, byte[] in, int inOffset, int inLength, byte[] ad)301     public static native int EVP_AEAD_CTX_seal(long evpAead, byte[] key, int tagLengthInBytes,
302             byte[] out, int outOffset, byte[] nonce, byte[] in, int inOffset, int inLength,
303             byte[] ad) throws BadPaddingException;
304 
EVP_AEAD_CTX_open(long evpAead, byte[] key, int tagLengthInBytes, byte[] out, int outOffset, byte[] nonce, byte[] in, int inOffset, int inLength, byte[] ad)305     public static native int EVP_AEAD_CTX_open(long evpAead, byte[] key, int tagLengthInBytes,
306             byte[] out, int outOffset, byte[] nonce, byte[] in, int inOffset, int inLength,
307             byte[] ad) throws BadPaddingException;
308 
309     // --- HMAC functions ------------------------------------------------------
310 
HMAC_CTX_new()311     public static native long HMAC_CTX_new();
312 
HMAC_CTX_free(long ctx)313     public static native void HMAC_CTX_free(long ctx);
314 
HMAC_Init_ex(NativeRef.HMAC_CTX ctx, byte[] key, long evp_md)315     public static native void HMAC_Init_ex(NativeRef.HMAC_CTX ctx, byte[] key, long evp_md);
316 
HMAC_Update(NativeRef.HMAC_CTX ctx, byte[] in, int inOffset, int inLength)317     public static native void HMAC_Update(NativeRef.HMAC_CTX ctx, byte[] in, int inOffset, int inLength);
318 
HMAC_UpdateDirect(NativeRef.HMAC_CTX ctx, long inPtr, int inLength)319     public static native void HMAC_UpdateDirect(NativeRef.HMAC_CTX ctx, long inPtr, int inLength);
320 
HMAC_Final(NativeRef.HMAC_CTX ctx)321     public static native byte[] HMAC_Final(NativeRef.HMAC_CTX ctx);
322 
323     // --- RAND ----------------------------------------------------------------
324 
RAND_bytes(byte[] output)325     public static native void RAND_bytes(byte[] output);
326 
327     // --- ASN.1 objects -------------------------------------------------------
328 
OBJ_txt2nid(String oid)329     public static native int OBJ_txt2nid(String oid);
330 
OBJ_txt2nid_longName(String oid)331     public static native String OBJ_txt2nid_longName(String oid);
332 
OBJ_txt2nid_oid(String oid)333     public static native String OBJ_txt2nid_oid(String oid);
334 
335     // --- X509_NAME -----------------------------------------------------------
336 
X509_NAME_hash(X500Principal principal)337     public static int X509_NAME_hash(X500Principal principal) {
338         return X509_NAME_hash(principal, "SHA1");
339     }
X509_NAME_hash_old(X500Principal principal)340     public static int X509_NAME_hash_old(X500Principal principal) {
341         return X509_NAME_hash(principal, "MD5");
342     }
X509_NAME_hash(X500Principal principal, String algorithm)343     private static int X509_NAME_hash(X500Principal principal, String algorithm) {
344         try {
345             byte[] digest = MessageDigest.getInstance(algorithm).digest(principal.getEncoded());
346             int offset = 0;
347             return (((digest[offset++] & 0xff) <<  0) |
348                     ((digest[offset++] & 0xff) <<  8) |
349                     ((digest[offset++] & 0xff) << 16) |
350                     ((digest[offset  ] & 0xff) << 24));
351         } catch (NoSuchAlgorithmException e) {
352             throw new AssertionError(e);
353         }
354     }
355 
X509_NAME_print_ex(long x509nameCtx, long flags)356     public static native String X509_NAME_print_ex(long x509nameCtx, long flags);
357 
358     // --- X509 ----------------------------------------------------------------
359 
360     /** Used to request get_X509_GENERAL_NAME_stack get the "altname" field. */
361     public static final int GN_STACK_SUBJECT_ALT_NAME = 1;
362 
363     /**
364      * Used to request get_X509_GENERAL_NAME_stack get the issuerAlternativeName
365      * extension.
366      */
367     public static final int GN_STACK_ISSUER_ALT_NAME = 2;
368 
369     /**
370      * Used to request only non-critical types in get_X509*_ext_oids.
371      */
372     public static final int EXTENSION_TYPE_NON_CRITICAL = 0;
373 
374     /**
375      * Used to request only critical types in get_X509*_ext_oids.
376      */
377     public static final int EXTENSION_TYPE_CRITICAL = 1;
378 
d2i_X509_bio(long bioCtx)379     public static native long d2i_X509_bio(long bioCtx);
380 
d2i_X509(byte[] encoded)381     public static native long d2i_X509(byte[] encoded) throws ParsingException;
382 
PEM_read_bio_X509(long bioCtx)383     public static native long PEM_read_bio_X509(long bioCtx);
384 
i2d_X509(long x509ctx)385     public static native byte[] i2d_X509(long x509ctx);
386 
387     /** Takes an X509 context not an X509_PUBKEY context. */
i2d_X509_PUBKEY(long x509ctx)388     public static native byte[] i2d_X509_PUBKEY(long x509ctx);
389 
ASN1_seq_pack_X509(long[] x509CertRefs)390     public static native byte[] ASN1_seq_pack_X509(long[] x509CertRefs);
391 
ASN1_seq_unpack_X509_bio(long bioRef)392     public static native long[] ASN1_seq_unpack_X509_bio(long bioRef);
393 
X509_free(long x509ctx)394     public static native void X509_free(long x509ctx);
395 
X509_dup(long x509ctx)396     public static native long X509_dup(long x509ctx);
397 
X509_cmp(long x509ctx1, long x509ctx2)398     public static native int X509_cmp(long x509ctx1, long x509ctx2);
399 
X509_print_ex(long bioCtx, long x509ctx, long nmflag, long certflag)400     public static native void X509_print_ex(long bioCtx, long x509ctx, long nmflag, long certflag);
401 
X509_get_issuer_name(long x509ctx)402     public static native byte[] X509_get_issuer_name(long x509ctx);
403 
X509_get_subject_name(long x509ctx)404     public static native byte[] X509_get_subject_name(long x509ctx);
405 
get_X509_sig_alg_oid(long x509ctx)406     public static native String get_X509_sig_alg_oid(long x509ctx);
407 
get_X509_sig_alg_parameter(long x509ctx)408     public static native byte[] get_X509_sig_alg_parameter(long x509ctx);
409 
get_X509_issuerUID(long x509ctx)410     public static native boolean[] get_X509_issuerUID(long x509ctx);
411 
get_X509_subjectUID(long x509ctx)412     public static native boolean[] get_X509_subjectUID(long x509ctx);
413 
X509_get_pubkey(long x509ctx)414     public static native long X509_get_pubkey(long x509ctx) throws NoSuchAlgorithmException,
415            InvalidKeyException;
416 
get_X509_pubkey_oid(long x509ctx)417     public static native String get_X509_pubkey_oid(long x509ctx);
418 
X509_get_ext_oid(long x509ctx, String oid)419     public static native byte[] X509_get_ext_oid(long x509ctx, String oid);
420 
get_X509_ext_oids(long x509ctx, int critical)421     public static native String[] get_X509_ext_oids(long x509ctx, int critical);
422 
get_X509_GENERAL_NAME_stack(long x509ctx, int type)423     public static native Object[][] get_X509_GENERAL_NAME_stack(long x509ctx, int type)
424             throws CertificateParsingException;
425 
get_X509_ex_kusage(long x509ctx)426     public static native boolean[] get_X509_ex_kusage(long x509ctx);
427 
get_X509_ex_xkusage(long x509ctx)428     public static native String[] get_X509_ex_xkusage(long x509ctx);
429 
get_X509_ex_pathlen(long x509ctx)430     public static native int get_X509_ex_pathlen(long x509ctx);
431 
X509_get_notBefore(long x509ctx)432     public static native long X509_get_notBefore(long x509ctx);
433 
X509_get_notAfter(long x509ctx)434     public static native long X509_get_notAfter(long x509ctx);
435 
X509_get_version(long x509ctx)436     public static native long X509_get_version(long x509ctx);
437 
X509_get_serialNumber(long x509ctx)438     public static native byte[] X509_get_serialNumber(long x509ctx);
439 
X509_verify(long x509ctx, NativeRef.EVP_PKEY pkeyCtx)440     public static native void X509_verify(long x509ctx, NativeRef.EVP_PKEY pkeyCtx)
441             throws BadPaddingException;
442 
get_X509_cert_info_enc(long x509ctx)443     public static native byte[] get_X509_cert_info_enc(long x509ctx);
444 
get_X509_signature(long x509ctx)445     public static native byte[] get_X509_signature(long x509ctx);
446 
get_X509_ex_flags(long x509ctx)447     public static native int get_X509_ex_flags(long x509ctx);
448 
X509_check_issued(long ctx, long ctx2)449     public static native int X509_check_issued(long ctx, long ctx2);
450 
451     // --- PKCS7 ---------------------------------------------------------------
452 
453     /** Used as the "which" field in d2i_PKCS7_bio and PEM_read_bio_PKCS7. */
454     public static final int PKCS7_CERTS = 1;
455 
456     /** Used as the "which" field in d2i_PKCS7_bio and PEM_read_bio_PKCS7. */
457     public static final int PKCS7_CRLS = 2;
458 
459     /** Returns an array of X509 or X509_CRL pointers. */
d2i_PKCS7_bio(long bioCtx, int which)460     public static native long[] d2i_PKCS7_bio(long bioCtx, int which);
461 
462     /** Returns an array of X509 or X509_CRL pointers. */
i2d_PKCS7(long[] certs)463     public static native byte[] i2d_PKCS7(long[] certs);
464 
465     /** Returns an array of X509 or X509_CRL pointers. */
PEM_read_bio_PKCS7(long bioCtx, int which)466     public static native long[] PEM_read_bio_PKCS7(long bioCtx, int which);
467 
468     // --- X509_CRL ------------------------------------------------------------
469 
d2i_X509_CRL_bio(long bioCtx)470     public static native long d2i_X509_CRL_bio(long bioCtx);
471 
PEM_read_bio_X509_CRL(long bioCtx)472     public static native long PEM_read_bio_X509_CRL(long bioCtx);
473 
i2d_X509_CRL(long x509CrlCtx)474     public static native byte[] i2d_X509_CRL(long x509CrlCtx);
475 
X509_CRL_free(long x509CrlCtx)476     public static native void X509_CRL_free(long x509CrlCtx);
477 
X509_CRL_print(long bioCtx, long x509CrlCtx)478     public static native void X509_CRL_print(long bioCtx, long x509CrlCtx);
479 
get_X509_CRL_sig_alg_oid(long x509CrlCtx)480     public static native String get_X509_CRL_sig_alg_oid(long x509CrlCtx);
481 
get_X509_CRL_sig_alg_parameter(long x509CrlCtx)482     public static native byte[] get_X509_CRL_sig_alg_parameter(long x509CrlCtx);
483 
X509_CRL_get_issuer_name(long x509CrlCtx)484     public static native byte[] X509_CRL_get_issuer_name(long x509CrlCtx);
485 
486     /** Returns X509_REVOKED reference that is not duplicated! */
X509_CRL_get0_by_cert(long x509CrlCtx, long x509Ctx)487     public static native long X509_CRL_get0_by_cert(long x509CrlCtx, long x509Ctx);
488 
489     /** Returns X509_REVOKED reference that is not duplicated! */
X509_CRL_get0_by_serial(long x509CrlCtx, byte[] serial)490     public static native long X509_CRL_get0_by_serial(long x509CrlCtx, byte[] serial);
491 
492     /** Returns an array of X509_REVOKED that are owned by the caller. */
X509_CRL_get_REVOKED(long x509CrlCtx)493     public static native long[] X509_CRL_get_REVOKED(long x509CrlCtx);
494 
get_X509_CRL_ext_oids(long x509ctx, int critical)495     public static native String[] get_X509_CRL_ext_oids(long x509ctx, int critical);
496 
X509_CRL_get_ext_oid(long x509CrlCtx, String oid)497     public static native byte[] X509_CRL_get_ext_oid(long x509CrlCtx, String oid);
498 
X509_delete_ext(long x509, String oid)499     public static native void X509_delete_ext(long x509, String oid);
500 
X509_CRL_get_version(long x509CrlCtx)501     public static native long X509_CRL_get_version(long x509CrlCtx);
502 
X509_CRL_get_ext(long x509CrlCtx, String oid)503     public static native long X509_CRL_get_ext(long x509CrlCtx, String oid);
504 
get_X509_CRL_signature(long x509ctx)505     public static native byte[] get_X509_CRL_signature(long x509ctx);
506 
X509_CRL_verify(long x509CrlCtx, NativeRef.EVP_PKEY pkeyCtx)507     public static native void X509_CRL_verify(long x509CrlCtx, NativeRef.EVP_PKEY pkeyCtx);
508 
get_X509_CRL_crl_enc(long x509CrlCtx)509     public static native byte[] get_X509_CRL_crl_enc(long x509CrlCtx);
510 
X509_CRL_get_lastUpdate(long x509CrlCtx)511     public static native long X509_CRL_get_lastUpdate(long x509CrlCtx);
512 
X509_CRL_get_nextUpdate(long x509CrlCtx)513     public static native long X509_CRL_get_nextUpdate(long x509CrlCtx);
514 
515     // --- X509_REVOKED --------------------------------------------------------
516 
X509_REVOKED_dup(long x509RevokedCtx)517     public static native long X509_REVOKED_dup(long x509RevokedCtx);
518 
i2d_X509_REVOKED(long x509RevokedCtx)519     public static native byte[] i2d_X509_REVOKED(long x509RevokedCtx);
520 
get_X509_REVOKED_ext_oids(long x509ctx, int critical)521     public static native String[] get_X509_REVOKED_ext_oids(long x509ctx, int critical);
522 
X509_REVOKED_get_ext_oid(long x509RevokedCtx, String oid)523     public static native byte[] X509_REVOKED_get_ext_oid(long x509RevokedCtx, String oid);
524 
X509_REVOKED_get_serialNumber(long x509RevokedCtx)525     public static native byte[] X509_REVOKED_get_serialNumber(long x509RevokedCtx);
526 
X509_REVOKED_get_ext(long x509RevokedCtx, String oid)527     public static native long X509_REVOKED_get_ext(long x509RevokedCtx, String oid);
528 
529     /** Returns ASN1_TIME reference. */
get_X509_REVOKED_revocationDate(long x509RevokedCtx)530     public static native long get_X509_REVOKED_revocationDate(long x509RevokedCtx);
531 
X509_REVOKED_print(long bioRef, long x509RevokedCtx)532     public static native void X509_REVOKED_print(long bioRef, long x509RevokedCtx);
533 
534     // --- X509_EXTENSION ------------------------------------------------------
535 
X509_supported_extension(long x509ExtensionRef)536     public static native int X509_supported_extension(long x509ExtensionRef);
537 
538     // --- ASN1_TIME -----------------------------------------------------------
539 
ASN1_TIME_to_Calendar(long asn1TimeCtx, Calendar cal)540     public static native void ASN1_TIME_to_Calendar(long asn1TimeCtx, Calendar cal);
541 
542     // --- BIO stream creation -------------------------------------------------
543 
create_BIO_InputStream(OpenSSLBIOInputStream is, boolean isFinite)544     public static native long create_BIO_InputStream(OpenSSLBIOInputStream is, boolean isFinite);
545 
create_BIO_OutputStream(OutputStream os)546     public static native long create_BIO_OutputStream(OutputStream os);
547 
BIO_read(long bioRef, byte[] buffer)548     public static native int BIO_read(long bioRef, byte[] buffer);
549 
BIO_write(long bioRef, byte[] buffer, int offset, int length)550     public static native void BIO_write(long bioRef, byte[] buffer, int offset, int length)
551             throws IOException;
552 
BIO_free_all(long bioRef)553     public static native void BIO_free_all(long bioRef);
554 
555     // --- SSL handling --------------------------------------------------------
556 
557     static final String OBSOLETE_PROTOCOL_SSLV3 = "SSLv3";
558     private static final String SUPPORTED_PROTOCOL_TLSV1 = "TLSv1";
559     private static final String SUPPORTED_PROTOCOL_TLSV1_1 = "TLSv1.1";
560     private static final String SUPPORTED_PROTOCOL_TLSV1_2 = "TLSv1.2";
561 
562     // STANDARD_TO_OPENSSL_CIPHER_SUITES is a map from OpenSSL-style
563     // cipher-suite names to the standard name for the same (i.e. the name that
564     // is registered with IANA).
565     public static final Map<String, String> OPENSSL_TO_STANDARD_CIPHER_SUITES
566             = new HashMap<String, String>();
567 
568     // STANDARD_TO_OPENSSL_CIPHER_SUITES is a map from "standard" cipher suite
569     // names (i.e. the names that are registered with IANA) to the
570     // OpenSSL-style name for the same.
571     public static final Map<String, String> STANDARD_TO_OPENSSL_CIPHER_SUITES
572             = new LinkedHashMap<String, String>();
573 
574     // SUPPORTED_CIPHER_SUITES_SET contains all the cipher suites supported by
575     // OpenSSL, named using "standard" (as opposed to OpenSSL-style) names.
576     public static final Set<String> SUPPORTED_CIPHER_SUITES_SET = new HashSet<String>();
577 
add(String openssl, String standard)578     private static void add(String openssl, String standard) {
579         OPENSSL_TO_STANDARD_CIPHER_SUITES.put(openssl, standard);
580         STANDARD_TO_OPENSSL_CIPHER_SUITES.put(standard, openssl);
581     }
582 
583     /**
584      * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is RFC 5746's renegotiation
585      * indication signaling cipher suite value. It is not a real
586      * cipher suite. It is just an indication in the default and
587      * supported cipher suite lists indicates that the implementation
588      * supports secure renegotiation.
589      * <p>
590      * In the RI, its presence means that the SCSV is sent in the
591      * cipher suite list to indicate secure renegotiation support and
592      * its absense means to send an empty TLS renegotiation info
593      * extension instead.
594      * <p>
595      * However, OpenSSL doesn't provide an API to give this level of
596      * control, instead always sending the SCSV and always including
597      * the empty renegotiation info if TLS is used (as opposed to
598      * SSL). So we simply allow TLS_EMPTY_RENEGOTIATION_INFO_SCSV to
599      * be passed for compatibility as to provide the hint that we
600      * support secure renegotiation.
601      */
602     public static final String TLS_EMPTY_RENEGOTIATION_INFO_SCSV
603             = "TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
604 
605     /**
606      * TLS_FALLBACK_SCSV is from
607      * https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00
608      * to indicate to the server that this is a fallback protocol
609      * request.
610      */
611     public static final String TLS_FALLBACK_SCSV = "TLS_FALLBACK_SCSV";
612 
613     static {
614         add("ADH-AES128-GCM-SHA256",		"TLS_DH_anon_WITH_AES_128_GCM_SHA256");
615         add("ADH-AES128-SHA256",		"TLS_DH_anon_WITH_AES_128_CBC_SHA256");
616         add("ADH-AES128-SHA",			"TLS_DH_anon_WITH_AES_128_CBC_SHA");
617         add("ADH-AES256-GCM-SHA384",		"TLS_DH_anon_WITH_AES_256_GCM_SHA384");
618         add("ADH-AES256-SHA256",		"TLS_DH_anon_WITH_AES_256_CBC_SHA256");
619         add("ADH-AES256-SHA",			"TLS_DH_anon_WITH_AES_256_CBC_SHA");
620         add("ADH-DES-CBC3-SHA",			"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA");
621         add("ADH-DES-CBC-SHA",			"SSL_DH_anon_WITH_DES_CBC_SHA");
622         add("AECDH-AES128-SHA",			"TLS_ECDH_anon_WITH_AES_128_CBC_SHA");
623         add("AECDH-AES256-SHA",			"TLS_ECDH_anon_WITH_AES_256_CBC_SHA");
624         add("AECDH-DES-CBC3-SHA",		"TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA");
625         add("AECDH-NULL-SHA",			"TLS_ECDH_anon_WITH_NULL_SHA");
626         add("AES128-GCM-SHA256",		"TLS_RSA_WITH_AES_128_GCM_SHA256");
627         add("AES128-SHA256",			"TLS_RSA_WITH_AES_128_CBC_SHA256");
628         add("AES128-SHA",			"TLS_RSA_WITH_AES_128_CBC_SHA");
629         add("AES256-GCM-SHA384",		"TLS_RSA_WITH_AES_256_GCM_SHA384");
630         add("AES256-SHA256",			"TLS_RSA_WITH_AES_256_CBC_SHA256");
631         add("AES256-SHA",			"TLS_RSA_WITH_AES_256_CBC_SHA");
632         add("DES-CBC3-SHA",			"SSL_RSA_WITH_3DES_EDE_CBC_SHA");
633         add("DES-CBC-SHA",			"SSL_RSA_WITH_DES_CBC_SHA");
634         add("ECDH-ECDSA-AES128-GCM-SHA256",    	"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256");
635         add("ECDH-ECDSA-AES128-SHA256",		"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256");
636         add("ECDH-ECDSA-AES128-SHA",		"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA");
637         add("ECDH-ECDSA-AES256-GCM-SHA384",    	"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384");
638         add("ECDH-ECDSA-AES256-SHA384",		"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384");
639         add("ECDH-ECDSA-AES256-SHA",		"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA");
640         add("ECDH-ECDSA-DES-CBC3-SHA",		"TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA");
641         add("ECDH-ECDSA-NULL-SHA",		"TLS_ECDH_ECDSA_WITH_NULL_SHA");
642         add("ECDHE-ECDSA-AES128-GCM-SHA256",   	"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256");
643         add("ECDHE-ECDSA-AES128-SHA256",	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256");
644         add("ECDHE-ECDSA-AES128-SHA",		"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA");
645         add("ECDHE-ECDSA-AES256-GCM-SHA384",   	"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384");
646         add("ECDHE-ECDSA-AES256-SHA384",	"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384");
647         add("ECDHE-ECDSA-AES256-SHA",		"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA");
648         add("ECDHE-ECDSA-CHACHA20-POLY1305",   	"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305");
649         add("ECDHE-ECDSA-CHACHA20-POLY1305",	"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256");
650         add("ECDHE-ECDSA-DES-CBC3-SHA",		"TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA");
651         add("ECDHE-ECDSA-NULL-SHA",		"TLS_ECDHE_ECDSA_WITH_NULL_SHA");
652         add("ECDHE-PSK-AES128-CBC-SHA",		"TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA");
653         add("ECDHE-PSK-AES128-GCM-SHA256",     	"TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256");
654         add("ECDHE-PSK-AES256-CBC-SHA",		"TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA");
655         add("ECDHE-PSK-AES256-GCM-SHA384",     	"TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384");
656         add("ECDHE-PSK-CHACHA20-POLY1305",	"TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256");
657         add("ECDHE-RSA-AES128-GCM-SHA256",     	"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
658         add("ECDHE-RSA-AES128-SHA256",		"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256");
659         add("ECDHE-RSA-AES128-SHA",		"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
660         add("ECDHE-RSA-AES256-GCM-SHA384",     	"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384");
661         add("ECDHE-RSA-AES256-SHA384",		"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384");
662         add("ECDHE-RSA-AES256-SHA",		"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
663         add("ECDHE-RSA-CHACHA20-POLY1305",     	"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305");
664         add("ECDHE-RSA-CHACHA20-POLY1305",	"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256");
665         add("ECDHE-RSA-DES-CBC3-SHA",		"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA");
666         add("ECDHE-RSA-NULL-SHA",		"TLS_ECDHE_RSA_WITH_NULL_SHA");
667         add("ECDH-RSA-AES128-GCM-SHA256",      	"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256");
668         add("ECDH-RSA-AES128-SHA256",		"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256");
669         add("ECDH-RSA-AES128-SHA",		"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA");
670         add("ECDH-RSA-AES256-GCM-SHA384",      	"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384");
671         add("ECDH-RSA-AES256-SHA384",		"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384");
672         add("ECDH-RSA-AES256-SHA",		"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA");
673         add("ECDH-RSA-DES-CBC3-SHA",		"TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA");
674         add("ECDH-RSA-NULL-SHA",		"TLS_ECDH_RSA_WITH_NULL_SHA");
675         add("EXP-ADH-DES-CBC-SHA",		"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA");
676         add("EXP-DES-CBC-SHA",			"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA");
677         add("NULL-MD5",				"SSL_RSA_WITH_NULL_MD5");
678         add("NULL-SHA256",			"TLS_RSA_WITH_NULL_SHA256");
679         add("NULL-SHA",				"SSL_RSA_WITH_NULL_SHA");
680         add("PSK-3DES-EDE-CBC-SHA",		"TLS_PSK_WITH_3DES_EDE_CBC_SHA");
681         add("PSK-AES128-CBC-SHA",		"TLS_PSK_WITH_AES_128_CBC_SHA");
682         add("PSK-AES256-CBC-SHA",		"TLS_PSK_WITH_AES_256_CBC_SHA");
683 
684         // Signaling Cipher Suite Value for secure renegotiation handled as special case.
685         // add("TLS_EMPTY_RENEGOTIATION_INFO_SCSV", null);
686 
687         // Similarly, the fallback SCSV is handled as a special case.
688         // add("TLS_FALLBACK_SCSV", null);
689     }
690 
691     private static final String[] SUPPORTED_CIPHER_SUITES;
692     static {
693         String[] allOpenSSLCipherSuites = get_cipher_names("ALL:!DHE");
694 
695         int size = allOpenSSLCipherSuites.length;
696         SUPPORTED_CIPHER_SUITES = new String[size + 2];
697         for (int i = 0; i < size; i++) {
698             String standardName = OPENSSL_TO_STANDARD_CIPHER_SUITES.get(allOpenSSLCipherSuites[i]);
699             if (standardName == null) {
700                 throw new IllegalArgumentException("Unknown cipher suite supported by native code: " +
701                                                    allOpenSSLCipherSuites[i]);
702             }
703             SUPPORTED_CIPHER_SUITES[i] = standardName;
704             SUPPORTED_CIPHER_SUITES_SET.add(standardName);
705         }
706         SUPPORTED_CIPHER_SUITES[size] = TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
707         SUPPORTED_CIPHER_SUITES[size + 1] = TLS_FALLBACK_SCSV;
708     }
709 
710     /**
711      * Returns 1 if the BoringSSL believes the CPU has AES accelerated hardware
712      * instructions. Used to determine cipher suite ordering.
713      */
EVP_has_aes_hardware()714     public static native int EVP_has_aes_hardware();
715 
SSL_CTX_new()716     public static native long SSL_CTX_new();
717 
718     // IMPLEMENTATION NOTE: The default list of cipher suites is a trade-off between what we'd like
719     // to use and what servers currently support. We strive to be secure enough by default. We thus
720     // avoid unacceptably weak suites (e.g., those with bulk cipher secret key shorter than 128
721     // bits), while maintaining the capability to connect to the majority of servers.
722     //
723     // Cipher suites are listed in preference order (favorite choice first) of the client. However,
724     // servers are not required to honor the order. The key rules governing the preference order
725     // are:
726     // * Prefer Forward Secrecy (i.e., cipher suites that use ECDHE and DHE for key agreement).
727     // * Prefer ChaCha20-Poly1305 to AES-GCM unless hardware support for AES is available.
728     // * Prefer AES-GCM to AES-CBC whose MAC-pad-then-encrypt approach leads to weaknesses (e.g.,
729     //   Lucky 13).
730     // * Prefer 128-bit bulk encryption to 256-bit one, because 128-bit is safe enough while
731     //   consuming less CPU/time/energy.
732     //
733     // NOTE: Removing cipher suites from this list needs to be done with caution, because this may
734     // prevent apps from connecting to servers they were previously able to connect to.
735 
736     /** X.509 based cipher suites enabled by default (if requested), in preference order. */
737     static final String[] DEFAULT_X509_CIPHER_SUITES = EVP_has_aes_hardware() == 1 ?
738             new String[] {
739                     "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
740                     "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
741                     "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
742                     "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
743                     "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
744                     "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
745                     "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
746                     "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
747                     "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
748                     "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
749                     "TLS_RSA_WITH_AES_128_GCM_SHA256",
750                     "TLS_RSA_WITH_AES_256_GCM_SHA384",
751                     "TLS_RSA_WITH_AES_128_CBC_SHA",
752                     "TLS_RSA_WITH_AES_256_CBC_SHA",
753             } :
754             new String[] {
755                     "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
756                     "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
757                     "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
758                     "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
759                     "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
760                     "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
761                     "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
762                     "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
763                     "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
764                     "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
765                     "TLS_RSA_WITH_AES_128_GCM_SHA256",
766                     "TLS_RSA_WITH_AES_256_GCM_SHA384",
767                     "TLS_RSA_WITH_AES_128_CBC_SHA",
768                     "TLS_RSA_WITH_AES_256_CBC_SHA",
769             };
770 
771     /** TLS-PSK cipher suites enabled by default (if requested), in preference order. */
772     static final String[] DEFAULT_PSK_CIPHER_SUITES = new String[] {
773         "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
774         "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA",
775         "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA",
776         "TLS_PSK_WITH_AES_128_CBC_SHA",
777         "TLS_PSK_WITH_AES_256_CBC_SHA",
778     };
779 
getSupportedCipherSuites()780     public static String[] getSupportedCipherSuites() {
781         return SUPPORTED_CIPHER_SUITES.clone();
782     }
783 
SSL_CTX_free(long ssl_ctx)784     public static native void SSL_CTX_free(long ssl_ctx);
785 
SSL_CTX_set_session_id_context(long ssl_ctx, byte[] sid_ctx)786     public static native void SSL_CTX_set_session_id_context(long ssl_ctx, byte[] sid_ctx);
787 
SSL_new(long ssl_ctx)788     public static native long SSL_new(long ssl_ctx) throws SSLException;
789 
SSL_enable_tls_channel_id(long ssl)790     public static native void SSL_enable_tls_channel_id(long ssl) throws SSLException;
791 
SSL_get_tls_channel_id(long ssl)792     public static native byte[] SSL_get_tls_channel_id(long ssl) throws SSLException;
793 
SSL_set1_tls_channel_id(long ssl, NativeRef.EVP_PKEY pkey)794     public static native void SSL_set1_tls_channel_id(long ssl, NativeRef.EVP_PKEY pkey);
795 
SSL_use_certificate(long ssl, long[] x509refs)796     public static native void SSL_use_certificate(long ssl, long[] x509refs);
797 
SSL_use_PrivateKey(long ssl, NativeRef.EVP_PKEY pkey)798     public static native void SSL_use_PrivateKey(long ssl, NativeRef.EVP_PKEY pkey);
799 
SSL_check_private_key(long ssl)800     public static native void SSL_check_private_key(long ssl) throws SSLException;
801 
SSL_set_client_CA_list(long ssl, byte[][] asn1DerEncodedX500Principals)802     public static native void SSL_set_client_CA_list(long ssl, byte[][] asn1DerEncodedX500Principals);
803 
SSL_get_mode(long ssl)804     public static native long SSL_get_mode(long ssl);
805 
SSL_set_mode(long ssl, long mode)806     public static native long SSL_set_mode(long ssl, long mode);
807 
SSL_clear_mode(long ssl, long mode)808     public static native long SSL_clear_mode(long ssl, long mode);
809 
SSL_get_options(long ssl)810     public static native long SSL_get_options(long ssl);
811 
SSL_set_options(long ssl, long options)812     public static native long SSL_set_options(long ssl, long options);
813 
SSL_clear_options(long ssl, long options)814     public static native long SSL_clear_options(long ssl, long options);
815 
SSL_enable_signed_cert_timestamps(long ssl)816     public static native void SSL_enable_signed_cert_timestamps(long ssl);
817 
SSL_get_signed_cert_timestamp_list(long ssl)818     public static native byte[] SSL_get_signed_cert_timestamp_list(long ssl);
819 
SSL_set_signed_cert_timestamp_list(long ssl, byte[] list)820     public static native void SSL_set_signed_cert_timestamp_list(long ssl, byte[] list);
821 
SSL_enable_ocsp_stapling(long ssl)822     public static native void SSL_enable_ocsp_stapling(long ssl);
823 
SSL_get_ocsp_response(long ssl)824     public static native byte[] SSL_get_ocsp_response(long ssl);
825 
SSL_set_ocsp_response(long ssl, byte[] response)826     public static native void SSL_set_ocsp_response(long ssl, byte[] response);
827 
SSL_use_psk_identity_hint(long ssl, String identityHint)828     public static native void SSL_use_psk_identity_hint(long ssl, String identityHint)
829             throws SSLException;
830 
set_SSL_psk_client_callback_enabled(long ssl, boolean enabled)831     public static native void set_SSL_psk_client_callback_enabled(long ssl, boolean enabled);
832 
set_SSL_psk_server_callback_enabled(long ssl, boolean enabled)833     public static native void set_SSL_psk_server_callback_enabled(long ssl, boolean enabled);
834 
835     /** Protocols to enable by default when "TLSv1.2" is requested. */
836     public static final String[] TLSV12_PROTOCOLS = new String[] {
837         SUPPORTED_PROTOCOL_TLSV1,
838         SUPPORTED_PROTOCOL_TLSV1_1,
839         SUPPORTED_PROTOCOL_TLSV1_2,
840     };
841 
842     /** Protocols to enable by default when "TLSv1.1" is requested. */
843     public static final String[] TLSV11_PROTOCOLS = new String[] {
844         SUPPORTED_PROTOCOL_TLSV1,
845         SUPPORTED_PROTOCOL_TLSV1_1,
846         SUPPORTED_PROTOCOL_TLSV1_2,
847     };
848 
849     /** Protocols to enable by default when "TLSv1" is requested. */
850     public static final String[] TLSV1_PROTOCOLS  = new String[] {
851         SUPPORTED_PROTOCOL_TLSV1,
852         SUPPORTED_PROTOCOL_TLSV1_1,
853         SUPPORTED_PROTOCOL_TLSV1_2,
854     };
855 
856     public static final String[] DEFAULT_PROTOCOLS = TLSV12_PROTOCOLS;
857 
getSupportedProtocols()858     public static String[] getSupportedProtocols() {
859         return new String[] { SUPPORTED_PROTOCOL_TLSV1,
860                               SUPPORTED_PROTOCOL_TLSV1_1,
861                               SUPPORTED_PROTOCOL_TLSV1_2,
862         };
863     }
864 
setEnabledProtocols(long ssl, String[] protocols)865     public static void setEnabledProtocols(long ssl, String[] protocols) {
866         checkEnabledProtocols(protocols);
867         // openssl uses negative logic letting you disable protocols.
868         // so first, assume we need to set all (disable all) and clear none (enable none).
869         // in the loop, selectively move bits from set to clear (from disable to enable)
870         long optionsToSet = (NativeConstants.SSL_OP_NO_SSLv3 | NativeConstants.SSL_OP_NO_TLSv1
871                 | NativeConstants.SSL_OP_NO_TLSv1_1 | NativeConstants.SSL_OP_NO_TLSv1_2);
872         long optionsToClear = 0;
873         for (String protocol : protocols) {
874             if (protocol.equals(SUPPORTED_PROTOCOL_TLSV1)) {
875                 optionsToSet &= ~NativeConstants.SSL_OP_NO_TLSv1;
876                 optionsToClear |= NativeConstants.SSL_OP_NO_TLSv1;
877             } else if (protocol.equals(SUPPORTED_PROTOCOL_TLSV1_1)) {
878                 optionsToSet &= ~NativeConstants.SSL_OP_NO_TLSv1_1;
879                 optionsToClear |= NativeConstants.SSL_OP_NO_TLSv1_1;
880             } else if (protocol.equals(SUPPORTED_PROTOCOL_TLSV1_2)) {
881                 optionsToSet &= ~NativeConstants.SSL_OP_NO_TLSv1_2;
882                 optionsToClear |= NativeConstants.SSL_OP_NO_TLSv1_2;
883             } else if (protocol.equals(OBSOLETE_PROTOCOL_SSLV3)) {
884                 // Do nothing since we no longer support this protocol, but
885                 // allow it in the list of protocols so we can give an error
886                 // message about it if the handshake fails.
887             } else {
888                 // error checked by checkEnabledProtocols
889                 throw new IllegalStateException();
890             }
891         }
892 
893         SSL_set_options(ssl, optionsToSet);
894         SSL_clear_options(ssl, optionsToClear);
895     }
896 
checkEnabledProtocols(String[] protocols)897     public static String[] checkEnabledProtocols(String[] protocols) {
898         if (protocols == null) {
899             throw new IllegalArgumentException("protocols == null");
900         }
901         for (String protocol : protocols) {
902             if (protocol == null) {
903                 throw new IllegalArgumentException("protocols contains null");
904             }
905             if (!protocol.equals(SUPPORTED_PROTOCOL_TLSV1)
906                     && !protocol.equals(SUPPORTED_PROTOCOL_TLSV1_1)
907                     && !protocol.equals(SUPPORTED_PROTOCOL_TLSV1_2)
908                     && !protocol.equals(OBSOLETE_PROTOCOL_SSLV3)) {
909                 throw new IllegalArgumentException("protocol " + protocol + " is not supported");
910             }
911         }
912         return protocols;
913     }
914 
SSL_set_cipher_lists(long ssl, String[] ciphers)915     public static native void SSL_set_cipher_lists(long ssl, String[] ciphers);
916 
917     /**
918      * Gets the list of cipher suites enabled for the provided {@code SSL} instance.
919      *
920      * @return array of {@code SSL_CIPHER} references.
921      */
SSL_get_ciphers(long ssl)922     public static native long[] SSL_get_ciphers(long ssl);
923 
setEnabledCipherSuites(long ssl, String[] cipherSuites)924     public static void setEnabledCipherSuites(long ssl, String[] cipherSuites) {
925         checkEnabledCipherSuites(cipherSuites);
926         List<String> opensslSuites = new ArrayList<String>();
927         for (int i = 0; i < cipherSuites.length; i++) {
928             String cipherSuite = cipherSuites[i];
929             if (cipherSuite.equals(TLS_EMPTY_RENEGOTIATION_INFO_SCSV)) {
930                 continue;
931             }
932             if (cipherSuite.equals(TLS_FALLBACK_SCSV)) {
933                 SSL_set_mode(ssl, NativeConstants.SSL_MODE_SEND_FALLBACK_SCSV);
934                 continue;
935             }
936             String openssl = STANDARD_TO_OPENSSL_CIPHER_SUITES.get(cipherSuite);
937             String cs = (openssl == null) ? cipherSuite : openssl;
938             opensslSuites.add(cs);
939         }
940         SSL_set_cipher_lists(ssl, opensslSuites.toArray(new String[opensslSuites.size()]));
941     }
942 
checkEnabledCipherSuites(String[] cipherSuites)943     public static String[] checkEnabledCipherSuites(String[] cipherSuites) {
944         if (cipherSuites == null) {
945             throw new IllegalArgumentException("cipherSuites == null");
946         }
947         // makes sure all suites are valid, throwing on error
948         for (int i = 0; i < cipherSuites.length; i++) {
949             String cipherSuite = cipherSuites[i];
950             if (cipherSuite == null) {
951                 throw new IllegalArgumentException("cipherSuites[" + i + "] == null");
952             }
953             if (cipherSuite.equals(TLS_EMPTY_RENEGOTIATION_INFO_SCSV) ||
954                     cipherSuite.equals(TLS_FALLBACK_SCSV)) {
955                 continue;
956             }
957             if (SUPPORTED_CIPHER_SUITES_SET.contains(cipherSuite)) {
958                 continue;
959             }
960 
961             // For backwards compatibility, it's allowed for |cipherSuite| to
962             // be an OpenSSL-style cipher-suite name.
963             String standardName = OPENSSL_TO_STANDARD_CIPHER_SUITES.get(cipherSuite);
964             if (standardName != null && SUPPORTED_CIPHER_SUITES_SET.contains(standardName)) {
965                 // TODO log warning about using backward compatability
966                 continue;
967             }
968             throw new IllegalArgumentException("cipherSuite " + cipherSuite + " is not supported.");
969         }
970         return cipherSuites;
971     }
972 
973     /*
974      * See the OpenSSL ssl.h header file for more information.
975      */
976     // TODO(nathanmittler): Should these move to NativeConstants.java?
977     public static final int SSL_VERIFY_NONE =                 0x00;
978     public static final int SSL_VERIFY_PEER =                 0x01;
979     public static final int SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 0x02;
980 
SSL_set_accept_state(long sslNativePointer)981     public static native void SSL_set_accept_state(long sslNativePointer);
982 
SSL_set_connect_state(long sslNativePointer)983     public static native void SSL_set_connect_state(long sslNativePointer);
984 
SSL_set_verify(long sslNativePointer, int mode)985     public static native void SSL_set_verify(long sslNativePointer, int mode);
986 
SSL_set_session(long sslNativePointer, long sslSessionNativePointer)987     public static native void SSL_set_session(long sslNativePointer, long sslSessionNativePointer)
988         throws SSLException;
989 
SSL_set_session_creation_enabled( long sslNativePointer, boolean creationEnabled)990     public static native void SSL_set_session_creation_enabled(
991             long sslNativePointer, boolean creationEnabled) throws SSLException;
992 
SSL_session_reused(long sslNativePointer)993     public static native boolean SSL_session_reused(long sslNativePointer);
994 
SSL_accept_renegotiations(long sslNativePointer)995     public static native void SSL_accept_renegotiations(long sslNativePointer) throws SSLException;
996 
SSL_set_tlsext_host_name(long sslNativePointer, String hostname)997     public static native void SSL_set_tlsext_host_name(long sslNativePointer, String hostname)
998             throws SSLException;
SSL_get_servername(long sslNativePointer)999     public static native String SSL_get_servername(long sslNativePointer);
1000 
1001     /**
1002      * Returns the selected ALPN protocol. If the server did not select a
1003      * protocol, {@code null} will be returned.
1004      */
SSL_get0_alpn_selected(long sslPointer)1005     public static native byte[] SSL_get0_alpn_selected(long sslPointer);
SSL_do_handshake( long sslNativePointer, FileDescriptor fd, SSLHandshakeCallbacks shc, int timeoutMillis)1006     public static native void SSL_do_handshake(
1007             long sslNativePointer, FileDescriptor fd, SSLHandshakeCallbacks shc, int timeoutMillis)
1008             throws SSLException, SocketTimeoutException, CertificateException;
1009 
1010     /**
1011      * Currently only intended for forcing renegotiation for testing.
1012      * Not used within OpenSSLSocketImpl.
1013      */
SSL_renegotiate(long sslNativePointer)1014     public static native void SSL_renegotiate(long sslNativePointer) throws SSLException;
1015 
1016     /**
1017      * Returns the local X509 certificate references. Must X509_free when done.
1018      */
SSL_get_certificate(long sslNativePointer)1019     public static native long[] SSL_get_certificate(long sslNativePointer);
1020 
1021     /**
1022      * Returns the peer X509 certificate references. Must X509_free when done.
1023      */
SSL_get_peer_cert_chain(long sslNativePointer)1024     public static native long[] SSL_get_peer_cert_chain(long sslNativePointer);
1025 
1026     /**
1027      * Reads with the native SSL_read function from the encrypted data stream
1028      * @return -1 if error or the end of the stream is reached.
1029      */
SSL_read(long sslNativePointer, FileDescriptor fd, SSLHandshakeCallbacks shc, byte[] b, int off, int len, int readTimeoutMillis)1030     public static native int SSL_read(long sslNativePointer,
1031                                       FileDescriptor fd,
1032                                       SSLHandshakeCallbacks shc,
1033                                       byte[] b, int off, int len, int readTimeoutMillis)
1034         throws IOException;
1035 
1036     /**
1037      * Writes with the native SSL_write function to the encrypted data stream.
1038      */
SSL_write(long sslNativePointer, FileDescriptor fd, SSLHandshakeCallbacks shc, byte[] b, int off, int len, int writeTimeoutMillis)1039     public static native void SSL_write(long sslNativePointer,
1040                                         FileDescriptor fd,
1041                                         SSLHandshakeCallbacks shc,
1042                                         byte[] b, int off, int len, int writeTimeoutMillis)
1043         throws IOException;
1044 
SSL_interrupt(long sslNativePointer)1045     public static native void SSL_interrupt(long sslNativePointer);
SSL_shutdown(long sslNativePointer, FileDescriptor fd, SSLHandshakeCallbacks shc)1046     public static native void SSL_shutdown(long sslNativePointer,
1047                                            FileDescriptor fd,
1048                                            SSLHandshakeCallbacks shc) throws IOException;
1049 
SSL_shutdown_BIO(long sslNativePointer, long sourceBioRef, long sinkBioRef, SSLHandshakeCallbacks shc)1050     public static native void SSL_shutdown_BIO(long sslNativePointer,
1051                                                long sourceBioRef, long sinkBioRef,
1052                                                SSLHandshakeCallbacks shc) throws IOException;
1053 
SSL_get_shutdown(long sslNativePointer)1054     public static native int SSL_get_shutdown(long sslNativePointer);
1055 
SSL_free(long sslNativePointer)1056     public static native void SSL_free(long sslNativePointer);
1057 
SSL_SESSION_session_id(long sslSessionNativePointer)1058     public static native byte[] SSL_SESSION_session_id(long sslSessionNativePointer);
1059 
SSL_SESSION_get_time(long sslSessionNativePointer)1060     public static native long SSL_SESSION_get_time(long sslSessionNativePointer);
1061 
SSL_SESSION_get_version(long sslSessionNativePointer)1062     public static native String SSL_SESSION_get_version(long sslSessionNativePointer);
1063 
SSL_SESSION_cipher(long sslSessionNativePointer)1064     public static native String SSL_SESSION_cipher(long sslSessionNativePointer);
1065 
get_SSL_SESSION_tlsext_hostname(long sslSessionNativePointer)1066     public static native String get_SSL_SESSION_tlsext_hostname(long sslSessionNativePointer);
1067 
SSL_SESSION_free(long sslSessionNativePointer)1068     public static native void SSL_SESSION_free(long sslSessionNativePointer);
1069 
i2d_SSL_SESSION(long sslSessionNativePointer)1070     public static native byte[] i2d_SSL_SESSION(long sslSessionNativePointer);
1071 
d2i_SSL_SESSION(byte[] data)1072     public static native long d2i_SSL_SESSION(byte[] data) throws IOException;
1073 
1074     /**
1075      * A collection of callbacks from the native OpenSSL code that are
1076      * related to the SSL handshake initiated by SSL_do_handshake.
1077      */
1078     public interface SSLHandshakeCallbacks {
1079         /**
1080          * Verify that we trust the certificate chain is trusted.
1081          *
1082          * @param certificateChainRefs chain of X.509 certificate references
1083          * @param authMethod auth algorithm name
1084          *
1085          * @throws CertificateException if the certificate is untrusted
1086          */
verifyCertificateChain(long[] certificateChainRefs, String authMethod)1087         void verifyCertificateChain(long[] certificateChainRefs, String authMethod)
1088                 throws CertificateException;
1089 
1090         /**
1091          * Called on an SSL client when the server requests (or
1092          * requires a certificate). The client can respond by using
1093          * SSL_use_certificate and SSL_use_PrivateKey to set a
1094          * certificate if has an appropriate one available, similar to
1095          * how the server provides its certificate.
1096          *
1097          * @param keyTypes key types supported by the server,
1098          * convertible to strings with #keyType
1099          * @param asn1DerEncodedX500Principals CAs known to the server
1100          */
clientCertificateRequested(byte[] keyTypes, byte[][] asn1DerEncodedX500Principals)1101         void clientCertificateRequested(byte[] keyTypes, byte[][] asn1DerEncodedX500Principals)
1102                 throws CertificateEncodingException, SSLException;
1103 
1104         /**
1105          * Gets the key to be used in client mode for this connection in Pre-Shared Key (PSK) key
1106          * exchange.
1107          *
1108          * @param identityHint PSK identity hint provided by the server or {@code null} if no hint
1109          *        provided.
1110          * @param identity buffer to be populated with PSK identity (NULL-terminated modified UTF-8)
1111          *        by this method. This identity will be provided to the server.
1112          * @param key buffer to be populated with key material by this method.
1113          *
1114          * @return number of bytes this method stored in the {@code key} buffer or {@code 0} if an
1115          *         error occurred in which case the handshake will be aborted.
1116          */
clientPSKKeyRequested(String identityHint, byte[] identity, byte[] key)1117         int clientPSKKeyRequested(String identityHint, byte[] identity, byte[] key);
1118 
1119         /**
1120          * Gets the key to be used in server mode for this connection in Pre-Shared Key (PSK) key
1121          * exchange.
1122          *
1123          * @param identityHint PSK identity hint provided by this server to the client or
1124          *        {@code null} if no hint was provided.
1125          * @param identity PSK identity provided by the client.
1126          * @param key buffer to be populated with key material by this method.
1127          *
1128          * @return number of bytes this method stored in the {@code key} buffer or {@code 0} if an
1129          *         error occurred in which case the handshake will be aborted.
1130          */
serverPSKKeyRequested(String identityHint, String identity, byte[] key)1131         int serverPSKKeyRequested(String identityHint, String identity, byte[] key);
1132 
1133         /**
1134          * Called when SSL state changes. This could be handshake completion.
1135          */
onSSLStateChange(int type, int val)1136         void onSSLStateChange(int type, int val);
1137     }
1138 
ERR_peek_last_error()1139     public static native long ERR_peek_last_error();
1140 
SSL_CIPHER_get_kx_name(long cipherAddress)1141     public static native String SSL_CIPHER_get_kx_name(long cipherAddress);
1142 
get_cipher_names(String selection)1143     public static native String[] get_cipher_names(String selection);
1144 
get_ocsp_single_extension(byte[] ocspResponse, String oid, long x509Ref, long issuerX509Ref)1145     public static native byte[] get_ocsp_single_extension(byte[] ocspResponse, String oid,
1146                                                           long x509Ref, long issuerX509Ref);
1147 
1148     /**
1149      * Returns the starting address of the memory region referenced by the provided direct
1150      * {@link Buffer} or {@code 0} if the provided buffer is not direct or if such access to direct
1151      * buffers is not supported by the platform.
1152      *
1153      * <p>NOTE: This method ignores the buffer's current {@code position}.
1154      */
getDirectBufferAddress(Buffer buf)1155     public static native long getDirectBufferAddress(Buffer buf);
1156 
SSL_BIO_new(long ssl)1157     public static native long SSL_BIO_new(long ssl) throws SSLException;
1158 
SSL_get_last_error_number()1159     public static native int SSL_get_last_error_number();
1160 
SSL_get_error(long ssl, int ret)1161     public static native int SSL_get_error(long ssl, int ret);
1162 
SSL_get_error_string(long errorNumber)1163     public static native String SSL_get_error_string(long errorNumber);
1164 
SSL_clear_error()1165     public static native void SSL_clear_error();
1166 
SSL_pending_readable_bytes(long ssl)1167     public static native int SSL_pending_readable_bytes(long ssl);
1168 
SSL_pending_written_bytes_in_BIO(long bio)1169     public static native int SSL_pending_written_bytes_in_BIO(long bio);
1170 
SSL_get0_session(long ssl)1171     public static native long SSL_get0_session(long ssl);
1172 
SSL_get1_session(long ssl)1173     public static native long SSL_get1_session(long ssl);
1174 
1175     /**
1176      * Returns the maximum overhead, in bytes, of sealing a record with SSL.
1177      */
SSL_max_seal_overhead(long ssl)1178     public static native int SSL_max_seal_overhead(long ssl);
1179 
1180     /**
1181      * Sets the list of supported ALPN protocols in wire-format (length-prefixed 8-bit strings).
1182      */
SSL_configure_alpn( long sslNativePointer, boolean clientMode, byte[] alpnProtocols)1183     public static native void SSL_configure_alpn(
1184             long sslNativePointer, boolean clientMode, byte[] alpnProtocols) throws IOException;
1185 
1186     /**
1187      * Variant of the {@link #SSL_do_handshake} used by {@link OpenSSLEngineImpl}. This version
1188      * does not lock and does no error preprocessing.
1189      */
ENGINE_SSL_do_handshake(long ssl, SSLHandshakeCallbacks shc)1190     public static native int ENGINE_SSL_do_handshake(long ssl, SSLHandshakeCallbacks shc);
1191 
1192     /**
1193      * Variant of the {@link #SSL_read} for a direct {@link java.nio.ByteBuffer} used by {@link
1194      * OpenSSLEngineImpl}. This version does not lock or and does no error pre-processing.
1195      */
ENGINE_SSL_read_direct(long sslNativePointer, long address, int length, SSLHandshakeCallbacks shc)1196     public static native int ENGINE_SSL_read_direct(long sslNativePointer, long address, int length,
1197             SSLHandshakeCallbacks shc) throws IOException;
1198 
1199     /**
1200      * Variant of the {@link #SSL_read} for a heap {@link java.nio.ByteBuffer} used by {@link
1201      * OpenSSLEngineImpl}. This version does not lock or and does no error pre-processing.
1202      */
ENGINE_SSL_read_heap(long sslNativePointer, byte[] destJava, int destOffset, int destLength, SSLHandshakeCallbacks shc)1203     public static native int ENGINE_SSL_read_heap(long sslNativePointer, byte[] destJava,
1204             int destOffset, int destLength, SSLHandshakeCallbacks shc) throws IOException;
1205 
1206     /**
1207      * Variant of the {@link #SSL_write} for a direct {@link java.nio.ByteBuffer} used by {@link
1208      * OpenSSLEngineImpl}. This version does not lock or and does no error pre-processing.
1209      */
ENGINE_SSL_write_direct(long sslNativePointer, long address, int length, SSLHandshakeCallbacks shc)1210     public static native int ENGINE_SSL_write_direct(long sslNativePointer, long address,
1211             int length, SSLHandshakeCallbacks shc) throws IOException;
1212 
1213     /**
1214      * Variant of the {@link #SSL_write} for a heap {@link java.nio.ByteBuffer} used by {@link
1215      * OpenSSLEngineImpl}. This version does not lock or and does no error pre-processing.
1216      */
ENGINE_SSL_write_heap(long sslNativePointer, byte[] sourceJava, int sourceOffset, int sourceLength, SSLHandshakeCallbacks shc)1217     public static native int ENGINE_SSL_write_heap(long sslNativePointer, byte[] sourceJava,
1218             int sourceOffset, int sourceLength, SSLHandshakeCallbacks shc) throws IOException;
1219 
1220     /**
1221      * Writes data from the given direct {@link java.nio.ByteBuffer} to the BIO.
1222      */
ENGINE_SSL_write_BIO_direct(long sslRef, long bioRef, long pos, int length, SSLHandshakeCallbacks shc)1223     public static native int ENGINE_SSL_write_BIO_direct(long sslRef, long bioRef, long pos,
1224             int length, SSLHandshakeCallbacks shc) throws IOException;
1225 
1226     /**
1227      * Writes data from the given array to the BIO.
1228      */
ENGINE_SSL_write_BIO_heap(long sslRef, long bioRef, byte[] sourceJava, int sourceOffset, int sourceLength, SSLHandshakeCallbacks shc)1229     public static native int ENGINE_SSL_write_BIO_heap(long sslRef, long bioRef, byte[] sourceJava,
1230             int sourceOffset, int sourceLength, SSLHandshakeCallbacks shc) throws IOException;
1231 
1232     /**
1233      * Reads data from the given BIO into a direct {@link java.nio.ByteBuffer}.
1234      */
ENGINE_SSL_read_BIO_direct(long sslRef, long bioRef, long address, int len, SSLHandshakeCallbacks shc)1235     public static native int ENGINE_SSL_read_BIO_direct(long sslRef, long bioRef, long address,
1236             int len, SSLHandshakeCallbacks shc) throws IOException;
1237 
1238     /**
1239      * Reads data from the given BIO into an array.
1240      */
ENGINE_SSL_read_BIO_heap(long sslRef, long bioRef, byte[] destJava, int destOffset, int destLength, SSLHandshakeCallbacks shc)1241     public static native int ENGINE_SSL_read_BIO_heap(long sslRef, long bioRef, byte[] destJava,
1242             int destOffset, int destLength, SSLHandshakeCallbacks shc) throws IOException;
1243 
1244     /**
1245      * Variant of the {@link #SSL_shutdown} used by {@link OpenSSLEngineImpl}. This version does not
1246      * lock.
1247      */
ENGINE_SSL_shutdown(long sslNativePointer, SSLHandshakeCallbacks shc)1248     public static native void ENGINE_SSL_shutdown(long sslNativePointer, SSLHandshakeCallbacks shc)
1249             throws IOException;
1250 }
1251