Package org.conscrypt

Interface NativeCrypto.SSLHandshakeCallbacks

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      void clientCertificateRequested​(byte[] keyTypes, byte[][] asn1DerEncodedX500Principals)
      Called on an SSL client when the server requests (or requires a certificate).
      int clientPSKKeyRequested​(String identityHint, byte[] identity, byte[] key)
      Gets the key to be used in client mode for this connection in Pre-Shared Key (PSK) key exchange.
      void onSSLStateChange​(long sslSessionNativePtr, int type, int val)
      Called when SSL state changes.
      int serverPSKKeyRequested​(String identityHint, String identity, byte[] key)
      Gets the key to be used in server mode for this connection in Pre-Shared Key (PSK) key exchange.
      void verifyCertificateChain​(long sslSessionNativePtr, long[] certificateChainRefs, String authMethod)
      Verify that we trust the certificate chain is trusted.

    • Method Detail

      • verifyCertificateChain

        void verifyCertificateChain​(long sslSessionNativePtr,
                            long[] certificateChainRefs,
                            String authMethod)
                     throws CertificateException
        Verify that we trust the certificate chain is trusted.
        Parameters:
        sslSessionNativePtr - pointer to a reference of the SSL_SESSION
        certificateChainRefs - chain of X.509 certificate references
        authMethod - auth algorithm name
        Throws:
        CertificateException - if the certificate is untrusted

      • clientCertificateRequested

        void clientCertificateRequested​(byte[] keyTypes,
                                byte[][] asn1DerEncodedX500Principals)
                         throws CertificateEncodingException,
                                SSLException
        Called on an SSL client when the server requests (or requires a certificate). The client can respond by using SSL_use_certificate and SSL_use_PrivateKey to set a certificate if has an appropriate one available, similar to how the server provides its certificate.
        Parameters:
        keyTypes - key types supported by the server, convertible to strings with #keyType
        asn1DerEncodedX500Principals - CAs known to the server
        Throws:
        CertificateEncodingException
        SSLException

      • clientPSKKeyRequested

        int clientPSKKeyRequested​(String identityHint,
                          byte[] identity,
                          byte[] key)
        Gets the key to be used in client mode for this connection in Pre-Shared Key (PSK) key exchange.
        Parameters:
        identityHint - PSK identity hint provided by the server or null if no hint provided.
        identity - buffer to be populated with PSK identity (NULL-terminated modified UTF-8) by this method. This identity will be provided to the server.
        key - buffer to be populated with key material by this method.
        Returns:
        number of bytes this method stored in the key buffer or 0 if an error occurred in which case the handshake will be aborted.

      • serverPSKKeyRequested

        int serverPSKKeyRequested​(String identityHint,
                          String identity,
                          byte[] key)
        Gets the key to be used in server mode for this connection in Pre-Shared Key (PSK) key exchange.
        Parameters:
        identityHint - PSK identity hint provided by this server to the client or null if no hint was provided.
        identity - PSK identity provided by the client.
        key - buffer to be populated with key material by this method.
        Returns:
        number of bytes this method stored in the key buffer or 0 if an error occurred in which case the handshake will be aborted.

      • onSSLStateChange

        void onSSLStateChange​(long sslSessionNativePtr,
                      int type,
                      int val)
        Called when SSL state changes. This could be handshake completion.