Class NativeCrypto

java.lang.Object
org.conscrypt.NativeCrypto
@Internal public final class NativeCrypto extends Object
Provides the Java side of our JNI glue for OpenSSL.

Note: Many methods in this class take a reference to a Java object that holds a native pointer in the form of a long in addition to the long itself and don't use the Java object in the native implementation. This is to prevent the Java object from becoming eligible for GC while the native method is executing. See this for more details.

  • Field Details

    • loadError

      private static final UnsatisfiedLinkError loadError

    • GN_STACK_SUBJECT_ALT_NAME

      static final int GN_STACK_SUBJECT_ALT_NAME
      Used to request get_X509_GENERAL_NAME_stack get the "altname" field.
      See Also:

    • GN_STACK_ISSUER_ALT_NAME

      static final int GN_STACK_ISSUER_ALT_NAME
      Used to request get_X509_GENERAL_NAME_stack get the issuerAlternativeName extension.
      See Also:

    • EXTENSION_TYPE_NON_CRITICAL

      static final int EXTENSION_TYPE_NON_CRITICAL
      Used to request only non-critical types in get_X509*_ext_oids.
      See Also:

    • EXTENSION_TYPE_CRITICAL

      static final int EXTENSION_TYPE_CRITICAL
      Used to request only critical types in get_X509*_ext_oids.
      See Also:

    • PKCS7_CERTS

      static final int PKCS7_CERTS
      Used as the "which" field in d2i_PKCS7_bio and PEM_read_bio_PKCS7.
      See Also:

    • PKCS7_CRLS

      static final int PKCS7_CRLS
      Used as the "which" field in d2i_PKCS7_bio and PEM_read_bio_PKCS7.
      See Also:

    • OBSOLETE_PROTOCOL_SSLV3

      static final String OBSOLETE_PROTOCOL_SSLV3
      See Also:

    • SUPPORTED_PROTOCOL_TLSV1

      private static final String SUPPORTED_PROTOCOL_TLSV1
      See Also:

    • SUPPORTED_PROTOCOL_TLSV1_1

      private static final String SUPPORTED_PROTOCOL_TLSV1_1
      See Also:

    • SUPPORTED_PROTOCOL_TLSV1_2

      private static final String SUPPORTED_PROTOCOL_TLSV1_2
      See Also:

    • SUPPORTED_PROTOCOL_TLSV1_3

      static final String SUPPORTED_PROTOCOL_TLSV1_3
      See Also:

    • SUPPORTED_TLS_1_3_CIPHER_SUITES

      static final String[] SUPPORTED_TLS_1_3_CIPHER_SUITES

    • SUPPORTED_TLS_1_2_CIPHER_SUITES_SET

      static final Set<String> SUPPORTED_TLS_1_2_CIPHER_SUITES_SET

    • SUPPORTED_LEGACY_CIPHER_SUITES_SET

      private static final Set<String> SUPPORTED_LEGACY_CIPHER_SUITES_SET

    • SUPPORTED_TLS_1_3_CIPHER_SUITES_SET

      static final Set<String> SUPPORTED_TLS_1_3_CIPHER_SUITES_SET

    • TLS_EMPTY_RENEGOTIATION_INFO_SCSV

      static final String TLS_EMPTY_RENEGOTIATION_INFO_SCSV
      TLS_EMPTY_RENEGOTIATION_INFO_SCSV is RFC 5746's renegotiation indication signaling cipher suite value. It is not a real cipher suite. It is just an indication in the default and supported cipher suite lists indicates that the implementation supports secure renegotiation.

      In the RI, its presence means that the SCSV is sent in the cipher suite list to indicate secure renegotiation support and its absense means to send an empty TLS renegotiation info extension instead.

      However, OpenSSL doesn't provide an API to give this level of control, instead always sending the SCSV and always including the empty renegotiation info if TLS is used (as opposed to SSL). So we simply allow TLS_EMPTY_RENEGOTIATION_INFO_SCSV to be passed for compatibility as to provide the hint that we support secure renegotiation.

      See Also:

    • TLS_FALLBACK_SCSV

      private static final String TLS_FALLBACK_SCSV
      TLS_FALLBACK_SCSV is from https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 to indicate to the server that this is a fallback protocol request.
      See Also:

    • HAS_AES_HARDWARE

      private static final boolean HAS_AES_HARDWARE

    • SUPPORTED_TLS_1_2_CIPHER_SUITES

      private static final String[] SUPPORTED_TLS_1_2_CIPHER_SUITES

    • DEFAULT_X509_CIPHER_SUITES

      static final String[] DEFAULT_X509_CIPHER_SUITES
      X.509 based cipher suites enabled by default (if requested), in preference order.

    • DEFAULT_PSK_CIPHER_SUITES

      static final String[] DEFAULT_PSK_CIPHER_SUITES
      TLS-PSK cipher suites enabled by default (if requested), in preference order.

    • TLSV13_PROTOCOLS

      static final String[] TLSV13_PROTOCOLS
      Protocols to enable by default when "TLSv1.3" is requested.

    • TLSV12_PROTOCOLS

      static final String[] TLSV12_PROTOCOLS
      Protocols to enable by default when "TLSv1.2" is requested.

    • TLSV11_PROTOCOLS

      static final String[] TLSV11_PROTOCOLS
      Protocols to enable by default when "TLSv1.1" is requested.

    • TLSV1_PROTOCOLS

      static final String[] TLSV1_PROTOCOLS
      Protocols to enable by default when "TLSv1" is requested.

    • DEFAULT_PROTOCOLS

      static final String[] DEFAULT_PROTOCOLS

    • SUPPORTED_PROTOCOLS

      private static final String[] SUPPORTED_PROTOCOLS

  • Constructor Details

    • NativeCrypto

      public NativeCrypto()

  • Method Details

    • clinit

      private static void clinit()

    • checkAvailability

      static void checkAvailability()
      Checks to see whether or not the native library was successfully loaded. If not, throws the UnsatisfiedLinkError that was encountered while attempting to load the library.

    • EVP_PKEY_new_RSA

      static long EVP_PKEY_new_RSA(byte[] n, byte[] e, byte[] d, byte[] p, byte[] q, byte[] dmp1, byte[] dmq1, byte[] iqmp)

    • EVP_PKEY_type

      static int EVP_PKEY_type(NativeRef.EVP_PKEY pkey)

    • EVP_PKEY_print_public

      static String EVP_PKEY_print_public(NativeRef.EVP_PKEY pkeyRef)

    • EVP_PKEY_print_params

      static String EVP_PKEY_print_params(NativeRef.EVP_PKEY pkeyRef)

    • EVP_PKEY_free

      static void EVP_PKEY_free(long pkey)

    • EVP_PKEY_cmp

      static int EVP_PKEY_cmp(NativeRef.EVP_PKEY pkey1, NativeRef.EVP_PKEY pkey2)

    • EVP_marshal_private_key

      static byte[] EVP_marshal_private_key(NativeRef.EVP_PKEY pkey)

    • EVP_parse_private_key

      static long EVP_parse_private_key(byte[] data) throws OpenSSLX509CertificateFactory.ParsingException
      Throws:
      OpenSSLX509CertificateFactory.ParsingException

    • EVP_marshal_public_key

      static byte[] EVP_marshal_public_key(NativeRef.EVP_PKEY pkey)

    • EVP_parse_public_key

      static long EVP_parse_public_key(byte[] data) throws OpenSSLX509CertificateFactory.ParsingException
      Throws:
      OpenSSLX509CertificateFactory.ParsingException

    • PEM_read_bio_PUBKEY

      static long PEM_read_bio_PUBKEY(long bioCtx)

    • PEM_read_bio_PrivateKey

      static long PEM_read_bio_PrivateKey(long bioCtx)

    • getRSAPrivateKeyWrapper

      static long getRSAPrivateKeyWrapper(PrivateKey key, byte[] modulus)

    • getECPrivateKeyWrapper

      static long getECPrivateKeyWrapper(PrivateKey key, NativeRef.EC_GROUP ecGroupRef)

    • RSA_generate_key_ex

      static long RSA_generate_key_ex(int modulusBits, byte[] publicExponent)

    • RSA_size

      static int RSA_size(NativeRef.EVP_PKEY pkey)

    • RSA_private_encrypt

      static int RSA_private_encrypt(int flen, byte[] from, byte[] to, NativeRef.EVP_PKEY pkey, int padding)

    • RSA_public_decrypt

      static int RSA_public_decrypt(int flen, byte[] from, byte[] to, NativeRef.EVP_PKEY pkey, int padding) throws BadPaddingException, SignatureException
      Throws:
      BadPaddingException
      SignatureException

    • RSA_public_encrypt

      static int RSA_public_encrypt(int flen, byte[] from, byte[] to, NativeRef.EVP_PKEY pkey, int padding)

    • RSA_private_decrypt

      static int RSA_private_decrypt(int flen, byte[] from, byte[] to, NativeRef.EVP_PKEY pkey, int padding) throws BadPaddingException, SignatureException
      Throws:
      BadPaddingException
      SignatureException

    • get_RSA_public_params

      static byte[][] get_RSA_public_params(NativeRef.EVP_PKEY rsa)
      Returns:
      array of {n, e}

    • get_RSA_private_params

      static byte[][] get_RSA_private_params(NativeRef.EVP_PKEY rsa)
      Returns:
      array of {n, e, d, p, q, dmp1, dmq1, iqmp}

    • chacha20_encrypt_decrypt

      static void chacha20_encrypt_decrypt(byte[] in, int inOffset, byte[] out, int outOffset, int length, byte[] key, byte[] nonce, int blockCounter)
      Returns the encrypted or decrypted version of the data.

    • EVP_PKEY_new_EC_KEY

      static long EVP_PKEY_new_EC_KEY(NativeRef.EC_GROUP groupRef, NativeRef.EC_POINT pubkeyRef, byte[] privkey)

    • EC_GROUP_new_by_curve_name

      static long EC_GROUP_new_by_curve_name(String curveName)

    • EC_GROUP_new_arbitrary

      static long EC_GROUP_new_arbitrary(byte[] p, byte[] a, byte[] b, byte[] x, byte[] y, byte[] order, int cofactor)

    • EC_GROUP_get_curve_name

      static String EC_GROUP_get_curve_name(NativeRef.EC_GROUP groupRef)

    • EC_GROUP_get_curve

      static byte[][] EC_GROUP_get_curve(NativeRef.EC_GROUP groupRef)

    • EC_GROUP_clear_free

      static void EC_GROUP_clear_free(long groupRef)

    • EC_GROUP_get_generator

      static long EC_GROUP_get_generator(NativeRef.EC_GROUP groupRef)

    • EC_GROUP_get_order

      static byte[] EC_GROUP_get_order(NativeRef.EC_GROUP groupRef)

    • EC_GROUP_get_degree

      static int EC_GROUP_get_degree(NativeRef.EC_GROUP groupRef)

    • EC_GROUP_get_cofactor

      static byte[] EC_GROUP_get_cofactor(NativeRef.EC_GROUP groupRef)

    • EC_POINT_new

      static long EC_POINT_new(NativeRef.EC_GROUP groupRef)

    • EC_POINT_clear_free

      static void EC_POINT_clear_free(long pointRef)

    • EC_POINT_get_affine_coordinates

      static byte[][] EC_POINT_get_affine_coordinates(NativeRef.EC_GROUP groupRef, NativeRef.EC_POINT pointRef)

    • EC_POINT_set_affine_coordinates

      static void EC_POINT_set_affine_coordinates(NativeRef.EC_GROUP groupRef, NativeRef.EC_POINT pointRef, byte[] x, byte[] y)

    • EC_KEY_generate_key

      static long EC_KEY_generate_key(NativeRef.EC_GROUP groupRef)

    • EC_KEY_get1_group

      static long EC_KEY_get1_group(NativeRef.EVP_PKEY pkeyRef)

    • EC_KEY_get_private_key

      static byte[] EC_KEY_get_private_key(NativeRef.EVP_PKEY keyRef)

    • EC_KEY_get_public_key

      static long EC_KEY_get_public_key(NativeRef.EVP_PKEY keyRef)

    • EC_KEY_marshal_curve_name

      static byte[] EC_KEY_marshal_curve_name(NativeRef.EC_GROUP groupRef) throws IOException
      Throws:
      IOException

    • EC_KEY_parse_curve_name

      static long EC_KEY_parse_curve_name(byte[] encoded) throws IOException
      Throws:
      IOException

    • ECDH_compute_key

      static int ECDH_compute_key(byte[] out, int outOffset, NativeRef.EVP_PKEY publicKeyRef, NativeRef.EVP_PKEY privateKeyRef) throws InvalidKeyException, IndexOutOfBoundsException
      Throws:
      InvalidKeyException
      IndexOutOfBoundsException

    • ECDSA_size

      static int ECDSA_size(NativeRef.EVP_PKEY pkey)

    • ECDSA_sign

      static int ECDSA_sign(byte[] data, byte[] sig, NativeRef.EVP_PKEY pkey)

    • ECDSA_verify

      static int ECDSA_verify(byte[] data, byte[] sig, NativeRef.EVP_PKEY pkey)

    • EVP_get_digestbyname

      static long EVP_get_digestbyname(String name)

    • EVP_MD_size

      static int EVP_MD_size(long evp_md_const)

    • EVP_MD_CTX_create

      static long EVP_MD_CTX_create()

    • EVP_MD_CTX_cleanup

      static void EVP_MD_CTX_cleanup(NativeRef.EVP_MD_CTX ctx)

    • EVP_MD_CTX_destroy

      static void EVP_MD_CTX_destroy(long ctx)

    • EVP_MD_CTX_copy_ex

      static int EVP_MD_CTX_copy_ex(NativeRef.EVP_MD_CTX dst_ctx, NativeRef.EVP_MD_CTX src_ctx)

    • EVP_DigestInit_ex

      static int EVP_DigestInit_ex(NativeRef.EVP_MD_CTX ctx, long evp_md)

    • EVP_DigestUpdate

      static void EVP_DigestUpdate(NativeRef.EVP_MD_CTX ctx, byte[] buffer, int offset, int length)

    • EVP_DigestUpdateDirect

      static void EVP_DigestUpdateDirect(NativeRef.EVP_MD_CTX ctx, long ptr, int length)

    • EVP_DigestFinal_ex

      static int EVP_DigestFinal_ex(NativeRef.EVP_MD_CTX ctx, byte[] hash, int offset)

    • EVP_DigestSignInit

      static long EVP_DigestSignInit(NativeRef.EVP_MD_CTX ctx, long evpMdRef, NativeRef.EVP_PKEY key)

    • EVP_DigestVerifyInit

      static long EVP_DigestVerifyInit(NativeRef.EVP_MD_CTX ctx, long evpMdRef, NativeRef.EVP_PKEY key)

    • EVP_DigestSignUpdate

      static void EVP_DigestSignUpdate(NativeRef.EVP_MD_CTX ctx, byte[] buffer, int offset, int length)

    • EVP_DigestSignUpdateDirect

      static void EVP_DigestSignUpdateDirect(NativeRef.EVP_MD_CTX ctx, long ptr, int length)

    • EVP_DigestVerifyUpdate

      static void EVP_DigestVerifyUpdate(NativeRef.EVP_MD_CTX ctx, byte[] buffer, int offset, int length)

    • EVP_DigestVerifyUpdateDirect

      static void EVP_DigestVerifyUpdateDirect(NativeRef.EVP_MD_CTX ctx, long ptr, int length)

    • EVP_DigestSignFinal

      static byte[] EVP_DigestSignFinal(NativeRef.EVP_MD_CTX ctx)

    • EVP_DigestVerifyFinal

      static boolean EVP_DigestVerifyFinal(NativeRef.EVP_MD_CTX ctx, byte[] signature, int offset, int length) throws IndexOutOfBoundsException
      Throws:
      IndexOutOfBoundsException

    • EVP_PKEY_encrypt_init

      static long EVP_PKEY_encrypt_init(NativeRef.EVP_PKEY pkey) throws InvalidKeyException
      Throws:
      InvalidKeyException

    • EVP_PKEY_encrypt

      static int EVP_PKEY_encrypt(NativeRef.EVP_PKEY_CTX ctx, byte[] out, int outOffset, byte[] input, int inOffset, int inLength) throws IndexOutOfBoundsException, BadPaddingException
      Throws:
      IndexOutOfBoundsException
      BadPaddingException

    • EVP_PKEY_decrypt_init

      static long EVP_PKEY_decrypt_init(NativeRef.EVP_PKEY pkey) throws InvalidKeyException
      Throws:
      InvalidKeyException

    • EVP_PKEY_decrypt

      static int EVP_PKEY_decrypt(NativeRef.EVP_PKEY_CTX ctx, byte[] out, int outOffset, byte[] input, int inOffset, int inLength) throws IndexOutOfBoundsException, BadPaddingException
      Throws:
      IndexOutOfBoundsException
      BadPaddingException

    • EVP_PKEY_CTX_free

      static void EVP_PKEY_CTX_free(long pkeyCtx)

    • EVP_PKEY_CTX_set_rsa_padding

      static void EVP_PKEY_CTX_set_rsa_padding(long ctx, int pad) throws InvalidAlgorithmParameterException
      Throws:
      InvalidAlgorithmParameterException

    • EVP_PKEY_CTX_set_rsa_pss_saltlen

      static void EVP_PKEY_CTX_set_rsa_pss_saltlen(long ctx, int len) throws InvalidAlgorithmParameterException
      Throws:
      InvalidAlgorithmParameterException

    • EVP_PKEY_CTX_set_rsa_mgf1_md

      static void EVP_PKEY_CTX_set_rsa_mgf1_md(long ctx, long evpMdRef) throws InvalidAlgorithmParameterException
      Throws:
      InvalidAlgorithmParameterException

    • EVP_PKEY_CTX_set_rsa_oaep_md

      static void EVP_PKEY_CTX_set_rsa_oaep_md(long ctx, long evpMdRef) throws InvalidAlgorithmParameterException
      Throws:
      InvalidAlgorithmParameterException

    • EVP_PKEY_CTX_set_rsa_oaep_label

      static void EVP_PKEY_CTX_set_rsa_oaep_label(long ctx, byte[] label) throws InvalidAlgorithmParameterException
      Throws:
      InvalidAlgorithmParameterException

    • EVP_get_cipherbyname

      static long EVP_get_cipherbyname(String string)

    • EVP_CipherInit_ex

      static void EVP_CipherInit_ex(NativeRef.EVP_CIPHER_CTX ctx, long evpCipher, byte[] key, byte[] iv, boolean encrypting)

    • EVP_CipherUpdate

      static int EVP_CipherUpdate(NativeRef.EVP_CIPHER_CTX ctx, byte[] out, int outOffset, byte[] in, int inOffset, int inLength) throws IndexOutOfBoundsException
      Throws:
      IndexOutOfBoundsException

    • EVP_CipherFinal_ex

      static int EVP_CipherFinal_ex(NativeRef.EVP_CIPHER_CTX ctx, byte[] out, int outOffset) throws BadPaddingException, IllegalBlockSizeException
      Throws:
      BadPaddingException
      IllegalBlockSizeException

    • EVP_CIPHER_iv_length

      static int EVP_CIPHER_iv_length(long evpCipher)

    • EVP_CIPHER_CTX_new

      static long EVP_CIPHER_CTX_new()

    • EVP_CIPHER_CTX_block_size

      static int EVP_CIPHER_CTX_block_size(NativeRef.EVP_CIPHER_CTX ctx)

    • get_EVP_CIPHER_CTX_buf_len

      static int get_EVP_CIPHER_CTX_buf_len(NativeRef.EVP_CIPHER_CTX ctx)

    • get_EVP_CIPHER_CTX_final_used

      static boolean get_EVP_CIPHER_CTX_final_used(NativeRef.EVP_CIPHER_CTX ctx)

    • EVP_CIPHER_CTX_set_padding

      static void EVP_CIPHER_CTX_set_padding(NativeRef.EVP_CIPHER_CTX ctx, boolean enablePadding)

    • EVP_CIPHER_CTX_set_key_length

      static void EVP_CIPHER_CTX_set_key_length(NativeRef.EVP_CIPHER_CTX ctx, int keyBitSize)

    • EVP_CIPHER_CTX_free

      static void EVP_CIPHER_CTX_free(long ctx)

    • EVP_aead_aes_128_gcm

      static long EVP_aead_aes_128_gcm()

    • EVP_aead_aes_256_gcm

      static long EVP_aead_aes_256_gcm()

    • EVP_aead_chacha20_poly1305

      static long EVP_aead_chacha20_poly1305()

    • EVP_aead_aes_128_gcm_siv

      static long EVP_aead_aes_128_gcm_siv()

    • EVP_aead_aes_256_gcm_siv

      static long EVP_aead_aes_256_gcm_siv()

    • EVP_AEAD_max_overhead

      static int EVP_AEAD_max_overhead(long evpAead)

    • EVP_AEAD_nonce_length

      static int EVP_AEAD_nonce_length(long evpAead)

    • EVP_AEAD_CTX_seal

      static int EVP_AEAD_CTX_seal(long evpAead, byte[] key, int tagLengthInBytes, byte[] out, int outOffset, byte[] nonce, byte[] in, int inOffset, int inLength, byte[] ad) throws ShortBufferException, BadPaddingException
      Throws:
      ShortBufferException
      BadPaddingException

    • EVP_AEAD_CTX_seal_buf

      static int EVP_AEAD_CTX_seal_buf(long evpAead, byte[] key, int tagLengthInBytes, ByteBuffer out, byte[] nonce, ByteBuffer input, byte[] ad) throws ShortBufferException, BadPaddingException
      Throws:
      ShortBufferException
      BadPaddingException

    • EVP_AEAD_CTX_open

      static int EVP_AEAD_CTX_open(long evpAead, byte[] key, int tagLengthInBytes, byte[] out, int outOffset, byte[] nonce, byte[] in, int inOffset, int inLength, byte[] ad) throws ShortBufferException, BadPaddingException
      Throws:
      ShortBufferException
      BadPaddingException

    • EVP_AEAD_CTX_open_buf

      static int EVP_AEAD_CTX_open_buf(long evpAead, byte[] key, int tagLengthInBytes, ByteBuffer out, byte[] nonce, ByteBuffer input, byte[] ad) throws ShortBufferException, BadPaddingException
      Throws:
      ShortBufferException
      BadPaddingException

    • HMAC_CTX_new

      static long HMAC_CTX_new()

    • HMAC_CTX_free

      static void HMAC_CTX_free(long ctx)

    • HMAC_Init_ex

      static void HMAC_Init_ex(NativeRef.HMAC_CTX ctx, byte[] key, long evp_md)

    • HMAC_Update

      static void HMAC_Update(NativeRef.HMAC_CTX ctx, byte[] in, int inOffset, int inLength)

    • HMAC_UpdateDirect

      static void HMAC_UpdateDirect(NativeRef.HMAC_CTX ctx, long inPtr, int inLength)

    • HMAC_Final

      static byte[] HMAC_Final(NativeRef.HMAC_CTX ctx)

    • RAND_bytes

      static void RAND_bytes(byte[] output)

    • X509_NAME_hash

      static int X509_NAME_hash(X500Principal principal)

    • X509_NAME_hash_old

      public static int X509_NAME_hash_old(X500Principal principal)

    • X509_NAME_hash

      private static int X509_NAME_hash(X500Principal principal, String algorithm)

    • d2i_X509_bio

      static long d2i_X509_bio(long bioCtx)

    • d2i_X509

      static long d2i_X509(byte[] encoded) throws OpenSSLX509CertificateFactory.ParsingException
      Throws:
      OpenSSLX509CertificateFactory.ParsingException

    • PEM_read_bio_X509

      static long PEM_read_bio_X509(long bioCtx)

    • i2d_X509

      static byte[] i2d_X509(long x509ctx, OpenSSLX509Certificate holder)

    • i2d_X509_PUBKEY

      static byte[] i2d_X509_PUBKEY(long x509ctx, OpenSSLX509Certificate holder)
      Takes an X509 context not an X509_PUBKEY context.

    • ASN1_seq_pack_X509

      static byte[] ASN1_seq_pack_X509(long[] x509CertRefs)

    • ASN1_seq_unpack_X509_bio

      static long[] ASN1_seq_unpack_X509_bio(long bioRef) throws OpenSSLX509CertificateFactory.ParsingException
      Throws:
      OpenSSLX509CertificateFactory.ParsingException

    • X509_free

      static void X509_free(long x509ctx, OpenSSLX509Certificate holder)

    • X509_dup

      static long X509_dup(long x509ctx, OpenSSLX509Certificate holder)

    • X509_cmp

      static int X509_cmp(long x509ctx1, OpenSSLX509Certificate holder, long x509ctx2, OpenSSLX509Certificate holder2)

    • X509_print_ex

      static void X509_print_ex(long bioCtx, long x509ctx, OpenSSLX509Certificate holder, long nmflag, long certflag)

    • X509_get_issuer_name

      static byte[] X509_get_issuer_name(long x509ctx, OpenSSLX509Certificate holder)

    • X509_get_subject_name

      static byte[] X509_get_subject_name(long x509ctx, OpenSSLX509Certificate holder)

    • get_X509_sig_alg_oid

      static String get_X509_sig_alg_oid(long x509ctx, OpenSSLX509Certificate holder)

    • get_X509_sig_alg_parameter

      static byte[] get_X509_sig_alg_parameter(long x509ctx, OpenSSLX509Certificate holder)

    • get_X509_issuerUID

      static boolean[] get_X509_issuerUID(long x509ctx, OpenSSLX509Certificate holder)

    • get_X509_subjectUID

      static boolean[] get_X509_subjectUID(long x509ctx, OpenSSLX509Certificate holder)

    • X509_get_pubkey

      static long X509_get_pubkey(long x509ctx, OpenSSLX509Certificate holder) throws NoSuchAlgorithmException, InvalidKeyException
      Throws:
      NoSuchAlgorithmException
      InvalidKeyException

    • get_X509_pubkey_oid

      static String get_X509_pubkey_oid(long x509ctx, OpenSSLX509Certificate holder)

    • X509_get_ext_oid

      static byte[] X509_get_ext_oid(long x509ctx, OpenSSLX509Certificate holder, String oid)

    • get_X509_ext_oids

      static String[] get_X509_ext_oids(long x509ctx, OpenSSLX509Certificate holder, int critical)

    • get_X509_GENERAL_NAME_stack

      static Object[][] get_X509_GENERAL_NAME_stack(long x509ctx, OpenSSLX509Certificate holder, int type) throws CertificateParsingException
      Throws:
      CertificateParsingException

    • get_X509_ex_kusage

      static boolean[] get_X509_ex_kusage(long x509ctx, OpenSSLX509Certificate holder)

    • get_X509_ex_xkusage

      static String[] get_X509_ex_xkusage(long x509ctx, OpenSSLX509Certificate holder)

    • get_X509_ex_pathlen

      static int get_X509_ex_pathlen(long x509ctx, OpenSSLX509Certificate holder)

    • X509_get_notBefore

      static long X509_get_notBefore(long x509ctx, OpenSSLX509Certificate holder)

    • X509_get_notAfter

      static long X509_get_notAfter(long x509ctx, OpenSSLX509Certificate holder)

    • X509_get_version

      static long X509_get_version(long x509ctx, OpenSSLX509Certificate holder)

    • X509_get_serialNumber

      static byte[] X509_get_serialNumber(long x509ctx, OpenSSLX509Certificate holder)

    • X509_verify

      static void X509_verify(long x509ctx, OpenSSLX509Certificate holder, NativeRef.EVP_PKEY pkeyCtx) throws BadPaddingException
      Throws:
      BadPaddingException

    • get_X509_cert_info_enc

      static byte[] get_X509_cert_info_enc(long x509ctx, OpenSSLX509Certificate holder)

    • get_X509_signature

      static byte[] get_X509_signature(long x509ctx, OpenSSLX509Certificate holder)

    • get_X509_ex_flags

      static int get_X509_ex_flags(long x509ctx, OpenSSLX509Certificate holder)

    • X509_check_issued

      static int X509_check_issued(long ctx, OpenSSLX509Certificate holder, long ctx2, OpenSSLX509Certificate holder2)

    • d2i_PKCS7_bio

      static long[] d2i_PKCS7_bio(long bioCtx, int which) throws OpenSSLX509CertificateFactory.ParsingException
      Returns an array of X509 or X509_CRL pointers.
      Throws:
      OpenSSLX509CertificateFactory.ParsingException

    • i2d_PKCS7

      static byte[] i2d_PKCS7(long[] certs)
      Returns an array of X509 or X509_CRL pointers.

    • PEM_read_bio_PKCS7

      static long[] PEM_read_bio_PKCS7(long bioCtx, int which)
      Returns an array of X509 or X509_CRL pointers.

    • d2i_X509_CRL_bio

      static long d2i_X509_CRL_bio(long bioCtx)

    • PEM_read_bio_X509_CRL

      static long PEM_read_bio_X509_CRL(long bioCtx)

    • i2d_X509_CRL

      static byte[] i2d_X509_CRL(long x509CrlCtx, OpenSSLX509CRL holder)

    • X509_CRL_free

      static void X509_CRL_free(long x509CrlCtx, OpenSSLX509CRL holder)

    • X509_CRL_print

      static void X509_CRL_print(long bioCtx, long x509CrlCtx, OpenSSLX509CRL holder)

    • get_X509_CRL_sig_alg_oid

      static String get_X509_CRL_sig_alg_oid(long x509CrlCtx, OpenSSLX509CRL holder)

    • get_X509_CRL_sig_alg_parameter

      static byte[] get_X509_CRL_sig_alg_parameter(long x509CrlCtx, OpenSSLX509CRL holder)

    • X509_CRL_get_issuer_name

      static byte[] X509_CRL_get_issuer_name(long x509CrlCtx, OpenSSLX509CRL holder)

    • X509_CRL_get0_by_cert

      static long X509_CRL_get0_by_cert(long x509CrlCtx, OpenSSLX509CRL holder, long x509Ctx, OpenSSLX509Certificate holder2)
      Returns X509_REVOKED reference that is not duplicated!

    • X509_CRL_get0_by_serial

      static long X509_CRL_get0_by_serial(long x509CrlCtx, OpenSSLX509CRL holder, byte[] serial)
      Returns X509_REVOKED reference that is not duplicated!

    • X509_CRL_get_REVOKED

      static long[] X509_CRL_get_REVOKED(long x509CrlCtx, OpenSSLX509CRL holder)
      Returns an array of X509_REVOKED that are owned by the caller.

    • get_X509_CRL_ext_oids

      static String[] get_X509_CRL_ext_oids(long x509Crlctx, OpenSSLX509CRL holder, int critical)

    • X509_CRL_get_ext_oid

      static byte[] X509_CRL_get_ext_oid(long x509CrlCtx, OpenSSLX509CRL holder, String oid)

    • X509_delete_ext

      static void X509_delete_ext(long x509, OpenSSLX509Certificate holder, String oid)

    • X509_CRL_get_version

      static long X509_CRL_get_version(long x509CrlCtx, OpenSSLX509CRL holder)

    • X509_CRL_get_ext

      static long X509_CRL_get_ext(long x509CrlCtx, OpenSSLX509CRL holder, String oid)

    • get_X509_CRL_signature

      static byte[] get_X509_CRL_signature(long x509ctx, OpenSSLX509CRL holder)

    • X509_CRL_verify

      static void X509_CRL_verify(long x509CrlCtx, OpenSSLX509CRL holder, NativeRef.EVP_PKEY pkeyCtx) throws BadPaddingException, SignatureException, NoSuchAlgorithmException, InvalidKeyException, IllegalBlockSizeException
      Throws:
      BadPaddingException
      SignatureException
      NoSuchAlgorithmException
      InvalidKeyException
      IllegalBlockSizeException

    • get_X509_CRL_crl_enc

      static byte[] get_X509_CRL_crl_enc(long x509CrlCtx, OpenSSLX509CRL holder)

    • X509_CRL_get_lastUpdate

      static long X509_CRL_get_lastUpdate(long x509CrlCtx, OpenSSLX509CRL holder)

    • X509_CRL_get_nextUpdate

      static long X509_CRL_get_nextUpdate(long x509CrlCtx, OpenSSLX509CRL holder)

    • X509_REVOKED_dup

      static long X509_REVOKED_dup(long x509RevokedCtx)

    • i2d_X509_REVOKED

      static byte[] i2d_X509_REVOKED(long x509RevokedCtx)

    • get_X509_REVOKED_ext_oids

      static String[] get_X509_REVOKED_ext_oids(long x509ctx, int critical)

    • X509_REVOKED_get_ext_oid

      static byte[] X509_REVOKED_get_ext_oid(long x509RevokedCtx, String oid)

    • X509_REVOKED_get_serialNumber

      static byte[] X509_REVOKED_get_serialNumber(long x509RevokedCtx)

    • X509_REVOKED_get_ext

      static long X509_REVOKED_get_ext(long x509RevokedCtx, String oid)

    • get_X509_REVOKED_revocationDate

      static long get_X509_REVOKED_revocationDate(long x509RevokedCtx)
      Returns ASN1_TIME reference.

    • X509_REVOKED_print

      static void X509_REVOKED_print(long bioRef, long x509RevokedCtx)

    • X509_supported_extension

      static int X509_supported_extension(long x509ExtensionRef)

    • ASN1_TIME_to_Calendar

      static void ASN1_TIME_to_Calendar(long asn1TimeCtx, Calendar cal) throws OpenSSLX509CertificateFactory.ParsingException
      Throws:
      OpenSSLX509CertificateFactory.ParsingException

    • asn1_read_init

      static long asn1_read_init(byte[] val) throws IOException
      Allocates and returns an opaque reference to an object that can be used with other asn1_read_* functions to read the ASN.1-encoded data in val. The returned object must be freed after use by calling asn1_read_free.
      Throws:
      IOException

    • asn1_read_sequence

      static long asn1_read_sequence(long cbsRef) throws IOException
      Allocates and returns an opaque reference to an object that can be used with other asn1_read_* functions to read the ASN.1 sequence pointed to by cbsRef. The returned object must be freed after use by calling asn1_read_free.
      Throws:
      IOException

    • asn1_read_next_tag_is

      static boolean asn1_read_next_tag_is(long cbsRef, int tag) throws IOException
      Returns whether the next object in the given reference is explicitly tagged with the given tag number.
      Throws:
      IOException

    • asn1_read_tagged

      static long asn1_read_tagged(long cbsRef) throws IOException
      Allocates and returns an opaque reference to an object that can be used with other asn1_read_* functions to read the ASN.1 data pointed to by cbsRef. The returned object must be freed after use by calling asn1_read_free.
      Throws:
      IOException

    • asn1_read_octetstring

      static byte[] asn1_read_octetstring(long cbsRef) throws IOException
      Returns the contents of an ASN.1 octet string from the given reference.
      Throws:
      IOException

    • asn1_read_uint64

      static long asn1_read_uint64(long cbsRef) throws IOException
      Returns an ASN.1 integer from the given reference. If the integer doesn't fit in a uint64, this method will throw an IOException.
      Throws:
      IOException

    • asn1_read_null

      static void asn1_read_null(long cbsRef) throws IOException
      Consumes an ASN.1 NULL from the given reference.
      Throws:
      IOException

    • asn1_read_oid

      static String asn1_read_oid(long cbsRef) throws IOException
      Returns an ASN.1 OID in dotted-decimal notation (eg, "1.3.14.3.2.26" for SHA-1) from the given reference.
      Throws:
      IOException

    • asn1_read_is_empty

      static boolean asn1_read_is_empty(long cbsRef)
      Returns whether or not the given reference has been read completely.

    • asn1_read_free

      static void asn1_read_free(long cbsRef)
      Frees any resources associated with the given reference. After calling, the reference must not be used again. This may be called with a zero reference, in which case nothing will be done.

    • asn1_write_init

      static long asn1_write_init() throws IOException
      Allocates and returns an opaque reference to an object that can be used with other asn1_write_* functions to write ASN.1-encoded data. The returned object must be finalized after use by calling either asn1_write_finish or asn1_write_cleanup, and its resources must be freed by calling asn1_write_free.
      Throws:
      IOException

    • asn1_write_sequence

      static long asn1_write_sequence(long cbbRef) throws IOException
      Allocates and returns an opaque reference to an object that can be used with other asn1_write_* functions to write an ASN.1 sequence into the given reference. The returned reference may only be used until the next call on the parent reference. The returned object must be freed after use by calling asn1_write_free.
      Throws:
      IOException

    • asn1_write_tag

      static long asn1_write_tag(long cbbRef, int tag) throws IOException
      Allocates and returns an opaque reference to an object that can be used with other asn1_write_* functions to write a explicitly-tagged ASN.1 object with the given tag into the given reference. The returned reference may only be used until the next call on the parent reference. The returned object must be freed after use by calling asn1_write_free.
      Throws:
      IOException

    • asn1_write_octetstring

      static void asn1_write_octetstring(long cbbRef, byte[] data) throws IOException
      Writes the given data into the given reference as an ASN.1-encoded octet string.
      Throws:
      IOException

    • asn1_write_uint64

      static void asn1_write_uint64(long cbbRef, long value) throws IOException
      Writes the given value into the given reference as an ASN.1-encoded integer.
      Throws:
      IOException

    • asn1_write_null

      static void asn1_write_null(long cbbRef) throws IOException
      Writes a NULL value into the given reference.
      Throws:
      IOException

    • asn1_write_oid

      static void asn1_write_oid(long cbbRef, String oid) throws IOException
      Writes the given OID (which must be in dotted-decimal notation) into the given reference.
      Throws:
      IOException

    • asn1_write_flush

      static void asn1_write_flush(long cbbRef) throws IOException
      Flushes the given reference, invalidating any child references and completing their operations. This must be called if the child references are to be freed before asn1_write_finish is called on the ultimate parent. The child references must still be freed.
      Throws:
      IOException

    • asn1_write_finish

      static byte[] asn1_write_finish(long cbbRef) throws IOException
      Completes any in-progress operations and returns the ASN.1-encoded data. Either this or asn1_write_cleanup must be called on any reference returned from asn1_write_init before it is freed.
      Throws:
      IOException

    • asn1_write_cleanup

      static void asn1_write_cleanup(long cbbRef)
      Cleans up intermediate state in the given reference. Either this or asn1_write_finish must be called on any reference returned from asn1_write_init before it is freed.

    • asn1_write_free

      static void asn1_write_free(long cbbRef)
      Frees resources associated with the given reference. After calling, the reference must not be used again. This may be called with a zero reference, in which case nothing will be done.

    • create_BIO_InputStream

      static long create_BIO_InputStream(OpenSSLBIOInputStream is, boolean isFinite)

    • create_BIO_OutputStream

      static long create_BIO_OutputStream(OutputStream os)

    • BIO_free_all

      static void BIO_free_all(long bioRef)

    • cipherSuiteToJava

      static String cipherSuiteToJava(String cipherSuite)

    • cipherSuiteFromJava

      static String cipherSuiteFromJava(String javaCipherSuite)

    • EVP_has_aes_hardware

      static int EVP_has_aes_hardware()
      Returns 1 if the BoringSSL believes the CPU has AES accelerated hardware instructions. Used to determine cipher suite ordering.

    • SSL_CTX_new

      static long SSL_CTX_new()

    • getSupportedCipherSuites

      static String[] getSupportedCipherSuites()

    • SSL_CTX_free

      static void SSL_CTX_free(long ssl_ctx, AbstractSessionContext holder)

    • SSL_CTX_set_session_id_context

      static void SSL_CTX_set_session_id_context(long ssl_ctx, AbstractSessionContext holder, byte[] sid_ctx)

    • SSL_CTX_set_timeout

      static long SSL_CTX_set_timeout(long ssl_ctx, AbstractSessionContext holder, long seconds)

    • SSL_new

      static long SSL_new(long ssl_ctx, AbstractSessionContext holder) throws SSLException
      Throws:
      SSLException

    • SSL_enable_tls_channel_id

      static void SSL_enable_tls_channel_id(long ssl, NativeSsl ssl_holder) throws SSLException
      Throws:
      SSLException

    • SSL_get_tls_channel_id

      static byte[] SSL_get_tls_channel_id(long ssl, NativeSsl ssl_holder) throws SSLException
      Throws:
      SSLException

    • SSL_set1_tls_channel_id

      static void SSL_set1_tls_channel_id(long ssl, NativeSsl ssl_holder, NativeRef.EVP_PKEY pkey)

    • setLocalCertsAndPrivateKey

      static void setLocalCertsAndPrivateKey(long ssl, NativeSsl ssl_holder, byte[][] encodedCertificates, NativeRef.EVP_PKEY pkey) throws SSLException
      Sets the local certificates and private key.
      Parameters:
      ssl - the SSL reference.
      encodedCertificates - the encoded form of the local certificate chain.
      pkey - a reference to the private key.
      Throws:
      SSLException - if a problem occurs setting the cert/key.

    • SSL_set_client_CA_list

      static void SSL_set_client_CA_list(long ssl, NativeSsl ssl_holder, byte[][] asn1DerEncodedX500Principals) throws SSLException
      Throws:
      SSLException

    • SSL_set_mode

      static long SSL_set_mode(long ssl, NativeSsl ssl_holder, long mode)

    • SSL_set_options

      static long SSL_set_options(long ssl, NativeSsl ssl_holder, long options)

    • SSL_clear_options

      static long SSL_clear_options(long ssl, NativeSsl ssl_holder, long options)

    • SSL_set_protocol_versions

      static int SSL_set_protocol_versions(long ssl, NativeSsl ssl_holder, int min_version, int max_version)

    • SSL_enable_signed_cert_timestamps

      static void SSL_enable_signed_cert_timestamps(long ssl, NativeSsl ssl_holder)

    • SSL_get_signed_cert_timestamp_list

      static byte[] SSL_get_signed_cert_timestamp_list(long ssl, NativeSsl ssl_holder)

    • SSL_set_signed_cert_timestamp_list

      static void SSL_set_signed_cert_timestamp_list(long ssl, NativeSsl ssl_holder, byte[] list)

    • SSL_enable_ocsp_stapling

      static void SSL_enable_ocsp_stapling(long ssl, NativeSsl ssl_holder)

    • SSL_get_ocsp_response

      static byte[] SSL_get_ocsp_response(long ssl, NativeSsl ssl_holder)

    • SSL_set_ocsp_response

      static void SSL_set_ocsp_response(long ssl, NativeSsl ssl_holder, byte[] response)

    • SSL_get_tls_unique

      static byte[] SSL_get_tls_unique(long ssl, NativeSsl ssl_holder)

    • SSL_export_keying_material

      static byte[] SSL_export_keying_material(long ssl, NativeSsl ssl_holder, byte[] label, byte[] context, int num_bytes) throws SSLException
      Throws:
      SSLException

    • SSL_use_psk_identity_hint

      static void SSL_use_psk_identity_hint(long ssl, NativeSsl ssl_holder, String identityHint) throws SSLException
      Throws:
      SSLException

    • set_SSL_psk_client_callback_enabled

      static void set_SSL_psk_client_callback_enabled(long ssl, NativeSsl ssl_holder, boolean enabled)

    • set_SSL_psk_server_callback_enabled

      static void set_SSL_psk_server_callback_enabled(long ssl, NativeSsl ssl_holder, boolean enabled)

    • getSupportedProtocols

      static String[] getSupportedProtocols()

    • getProtocolRange

      private static NativeCrypto.Range getProtocolRange(String[] protocols)

    • setEnabledProtocols

      static void setEnabledProtocols(long ssl, NativeSsl ssl_holder, String[] protocols)

    • getProtocolConstant

      private static int getProtocolConstant(String protocol)

    • checkEnabledProtocols

      static String[] checkEnabledProtocols(String[] protocols)

    • SSL_set_cipher_lists

      static void SSL_set_cipher_lists(long ssl, NativeSsl ssl_holder, String[] ciphers)

    • SSL_get_ciphers

      static long[] SSL_get_ciphers(long ssl, NativeSsl ssl_holder)
      Gets the list of cipher suites enabled for the provided SSL instance.
      Returns:
      array of SSL_CIPHER references.

    • setEnabledCipherSuites

      static void setEnabledCipherSuites(long ssl, NativeSsl ssl_holder, String[] cipherSuites, String[] protocols)

    • checkEnabledCipherSuites

      static String[] checkEnabledCipherSuites(String[] cipherSuites)

    • SSL_set_accept_state

      static void SSL_set_accept_state(long ssl, NativeSsl ssl_holder)

    • SSL_set_connect_state

      static void SSL_set_connect_state(long ssl, NativeSsl ssl_holder)

    • SSL_set_verify

      static void SSL_set_verify(long ssl, NativeSsl ssl_holder, int mode)

    • SSL_set_session

      static void SSL_set_session(long ssl, NativeSsl ssl_holder, long sslSessionNativePointer) throws SSLException
      Throws:
      SSLException

    • SSL_set_session_creation_enabled

      static void SSL_set_session_creation_enabled(long ssl, NativeSsl ssl_holder, boolean creationEnabled) throws SSLException
      Throws:
      SSLException

    • SSL_session_reused

      static boolean SSL_session_reused(long ssl, NativeSsl ssl_holder)

    • SSL_accept_renegotiations

      static void SSL_accept_renegotiations(long ssl, NativeSsl ssl_holder) throws SSLException
      Throws:
      SSLException

    • SSL_set_tlsext_host_name

      static void SSL_set_tlsext_host_name(long ssl, NativeSsl ssl_holder, String hostname) throws SSLException
      Throws:
      SSLException

    • SSL_get_servername

      static String SSL_get_servername(long ssl, NativeSsl ssl_holder)

    • SSL_do_handshake

      static void SSL_do_handshake(long ssl, NativeSsl ssl_holder, FileDescriptor fd, NativeCrypto.SSLHandshakeCallbacks shc, int timeoutMillis) throws SSLException, SocketTimeoutException, CertificateException
      Throws:
      SSLException
      SocketTimeoutException
      CertificateException

    • SSL_get_current_cipher

      public static String SSL_get_current_cipher(long ssl, NativeSsl ssl_holder)

    • SSL_get_version

      public static String SSL_get_version(long ssl, NativeSsl ssl_holder)

    • SSL_get0_peer_certificates

      static byte[][] SSL_get0_peer_certificates(long ssl, NativeSsl ssl_holder)
      Returns the peer certificate chain.

    • SSL_read

      static int SSL_read(long ssl, NativeSsl ssl_holder, FileDescriptor fd, NativeCrypto.SSLHandshakeCallbacks shc, byte[] b, int off, int len, int readTimeoutMillis) throws IOException
      Reads with the native SSL_read function from the encrypted data stream
      Returns:
      -1 if error or the end of the stream is reached.
      Throws:
      IOException

    • SSL_write

      static void SSL_write(long ssl, NativeSsl ssl_holder, FileDescriptor fd, NativeCrypto.SSLHandshakeCallbacks shc, byte[] b, int off, int len, int writeTimeoutMillis) throws IOException
      Writes with the native SSL_write function to the encrypted data stream.
      Throws:
      IOException

    • SSL_interrupt

      static void SSL_interrupt(long ssl, NativeSsl ssl_holder)

    • SSL_shutdown

      static void SSL_shutdown(long ssl, NativeSsl ssl_holder, FileDescriptor fd, NativeCrypto.SSLHandshakeCallbacks shc) throws IOException
      Throws:
      IOException

    • SSL_get_shutdown

      static int SSL_get_shutdown(long ssl, NativeSsl ssl_holder)

    • SSL_free

      static void SSL_free(long ssl, NativeSsl ssl_holder)

    • SSL_get_time

      static long SSL_get_time(long ssl, NativeSsl ssl_holder)

    • SSL_set_timeout

      static long SSL_set_timeout(long ssl, NativeSsl ssl_holder, long millis)

    • SSL_get_timeout

      static long SSL_get_timeout(long ssl, NativeSsl ssl_holder)

    • SSL_get_signature_algorithm_key_type

      static int SSL_get_signature_algorithm_key_type(int signatureAlg)

    • SSL_session_id

      static byte[] SSL_session_id(long ssl, NativeSsl ssl_holder)

    • SSL_SESSION_session_id

      static byte[] SSL_SESSION_session_id(long sslSessionNativePointer)

    • SSL_SESSION_get_time

      static long SSL_SESSION_get_time(long sslSessionNativePointer)

    • SSL_SESSION_get_timeout

      static long SSL_SESSION_get_timeout(long sslSessionNativePointer)

    • SSL_SESSION_get_version

      static String SSL_SESSION_get_version(long sslSessionNativePointer)

    • SSL_SESSION_cipher

      static String SSL_SESSION_cipher(long sslSessionNativePointer)

    • SSL_SESSION_should_be_single_use

      static boolean SSL_SESSION_should_be_single_use(long sslSessionNativePointer)

    • SSL_SESSION_up_ref

      static void SSL_SESSION_up_ref(long sslSessionNativePointer)

    • SSL_SESSION_free

      static void SSL_SESSION_free(long sslSessionNativePointer)

    • i2d_SSL_SESSION

      static byte[] i2d_SSL_SESSION(long sslSessionNativePointer)

    • d2i_SSL_SESSION

      static long d2i_SSL_SESSION(byte[] data) throws IOException
      Throws:
      IOException

    • SSL_CIPHER_get_kx_name

      static String SSL_CIPHER_get_kx_name(long cipherAddress)

    • get_cipher_names

      static String[] get_cipher_names(String selection)

    • get_ocsp_single_extension

      public static byte[] get_ocsp_single_extension(byte[] ocspResponse, String oid, long x509Ref, OpenSSLX509Certificate holder, long issuerX509Ref, OpenSSLX509Certificate holder2)

    • getDirectBufferAddress

      static long getDirectBufferAddress(Buffer buf)
      Returns the starting address of the memory region referenced by the provided direct Buffer or 0 if the provided buffer is not direct or if such access to direct buffers is not supported by the platform.

      NOTE: This method ignores the buffer's current position.

    • SSL_BIO_new

      static long SSL_BIO_new(long ssl, NativeSsl ssl_holder) throws SSLException
      Throws:
      SSLException

    • SSL_get_error

      static int SSL_get_error(long ssl, NativeSsl ssl_holder, int ret)

    • SSL_clear_error

      static void SSL_clear_error()

    • SSL_pending_readable_bytes

      static int SSL_pending_readable_bytes(long ssl, NativeSsl ssl_holder)

    • SSL_pending_written_bytes_in_BIO

      static int SSL_pending_written_bytes_in_BIO(long bio)

    • SSL_max_seal_overhead

      static int SSL_max_seal_overhead(long ssl, NativeSsl ssl_holder)
      Returns the maximum overhead, in bytes, of sealing a record with SSL.

    • setApplicationProtocols

      static void setApplicationProtocols(long ssl, NativeSsl ssl_holder, boolean client, byte[] protocols) throws IOException
      Enables ALPN for this TLS endpoint and sets the list of supported ALPN protocols in wire-format (length-prefixed 8-bit strings).
      Throws:
      IOException

    • setHasApplicationProtocolSelector

      static void setHasApplicationProtocolSelector(long ssl, NativeSsl ssl_holder, boolean hasSelector) throws IOException
      Called for a server endpoint only. Enables ALPN and indicates that the NativeCrypto.SSLHandshakeCallbacks.selectApplicationProtocol(byte[]) will be called to select the correct protocol during a handshake. Calling this method overrides setApplicationProtocols(long, NativeSsl, boolean, byte[]).
      Throws:
      IOException

    • getApplicationProtocol

      static byte[] getApplicationProtocol(long ssl, NativeSsl ssl_holder)
      Returns the selected ALPN protocol. If the server did not select a protocol, null will be returned.

    • ENGINE_SSL_do_handshake

      static int ENGINE_SSL_do_handshake(long ssl, NativeSsl ssl_holder, NativeCrypto.SSLHandshakeCallbacks shc) throws IOException
      Variant of the SSL_do_handshake(long, NativeSsl, FileDescriptor, NativeCrypto.SSLHandshakeCallbacks, int) used by ConscryptEngine. This differs slightly from the raw BoringSSL API in that it returns the SSL error code from the operation, rather than the return value from SSL_do_handshake. This is done in order to allow to properly handle SSL errors and propagate useful exceptions.
      Returns:
      Returns the SSL error code for the operation when the error was SSL_ERROR_NONE, SSL_ERROR_WANT_READ, or SSL_ERROR_WANT_WRITE.
      Throws:
      IOException - when the error code is anything except those returned by this method.

    • ENGINE_SSL_read_direct

      static int ENGINE_SSL_read_direct(long ssl, NativeSsl ssl_holder, long address, int length, NativeCrypto.SSLHandshakeCallbacks shc) throws IOException, CertificateException
      Variant of the SSL_read(long, NativeSsl, FileDescriptor, NativeCrypto.SSLHandshakeCallbacks, byte[], int, int, int) for a direct ByteBuffer used by ConscryptEngine.
      Returns:
      if positive, represents the number of bytes read into the given buffer. Returns -SSL_ERROR_WANT_READ if more data is needed. Returns -SSL_ERROR_WANT_WRITE if data needs to be written out to flush the BIO.
      Throws:
      InterruptedIOException - if the read was interrupted.
      EOFException - if the end of stream has been reached.
      CertificateException - if the application's certificate verification callback failed. Only occurs during handshake processing.
      SSLException - if any other error occurs.
      IOException

    • ENGINE_SSL_write_direct

      static int ENGINE_SSL_write_direct(long ssl, NativeSsl ssl_holder, long address, int length, NativeCrypto.SSLHandshakeCallbacks shc) throws IOException
      Variant of the SSL_write(long, NativeSsl, FileDescriptor, NativeCrypto.SSLHandshakeCallbacks, byte[], int, int, int) for a direct ByteBuffer used by ConscryptEngine. This version does not lock or and does no error pre-processing.
      Throws:
      IOException

    • ENGINE_SSL_write_BIO_direct

      static int ENGINE_SSL_write_BIO_direct(long ssl, NativeSsl ssl_holder, long bioRef, long pos, int length, NativeCrypto.SSLHandshakeCallbacks shc) throws IOException
      Writes data from the given direct ByteBuffer to the BIO.
      Throws:
      IOException

    • ENGINE_SSL_write_BIO_heap

      static int ENGINE_SSL_write_BIO_heap(long ssl, NativeSsl ssl_holder, long bioRef, byte[] sourceJava, int sourceOffset, int sourceLength, NativeCrypto.SSLHandshakeCallbacks shc) throws IOException, IndexOutOfBoundsException
      Writes data from the given array to the BIO.
      Throws:
      IOException
      IndexOutOfBoundsException

    • ENGINE_SSL_read_BIO_direct

      static int ENGINE_SSL_read_BIO_direct(long ssl, NativeSsl ssl_holder, long bioRef, long address, int len, NativeCrypto.SSLHandshakeCallbacks shc) throws IOException
      Reads data from the given BIO into a direct ByteBuffer.
      Throws:
      IOException

    • ENGINE_SSL_read_BIO_heap

      static int ENGINE_SSL_read_BIO_heap(long ssl, NativeSsl ssl_holder, long bioRef, byte[] destJava, int destOffset, int destLength, NativeCrypto.SSLHandshakeCallbacks shc) throws IOException, IndexOutOfBoundsException
      Reads data from the given BIO into an array.
      Throws:
      IOException
      IndexOutOfBoundsException

    • ENGINE_SSL_force_read

      static void ENGINE_SSL_force_read(long ssl, NativeSsl ssl_holder, NativeCrypto.SSLHandshakeCallbacks shc) throws IOException
      Forces the SSL object to process any data pending in the BIO.
      Throws:
      IOException

    • ENGINE_SSL_shutdown

      static void ENGINE_SSL_shutdown(long ssl, NativeSsl ssl_holder, NativeCrypto.SSLHandshakeCallbacks shc) throws IOException
      Variant of the SSL_shutdown(long, NativeSsl, FileDescriptor, NativeCrypto.SSLHandshakeCallbacks) used by ConscryptEngine. This version does not lock.
      Throws:
      IOException

    • BIO_read

      static int BIO_read(long bioRef, byte[] buffer) throws IOException
      Used for testing only.
      Throws:
      IOException

    • BIO_write

      static void BIO_write(long bioRef, byte[] buffer, int offset, int length) throws IOException, IndexOutOfBoundsException
      Throws:
      IOException
      IndexOutOfBoundsException

    • SSL_clear_mode

      static long SSL_clear_mode(long ssl, NativeSsl ssl_holder, long mode)

    • SSL_get_mode

      static long SSL_get_mode(long ssl, NativeSsl ssl_holder)

    • SSL_get_options

      static long SSL_get_options(long ssl, NativeSsl ssl_holder)

    • SSL_get1_session

      static long SSL_get1_session(long ssl, NativeSsl ssl_holder)