Package org.conscrypt

Class NativeCrypto

  • public final class NativeCrypto
extends Object
    Provides the Java side of our JNI glue for OpenSSL.

    • Field Detail

      • isBoringSSL

        public static final boolean isBoringSSL

      • EC_CURVE_GFP

        public static final int EC_CURVE_GFP
        Used to request EC_GROUP_new_curve_GFp to EC_GROUP_new_curve
        See Also:
        Constant Field Values

      • EC_CURVE_GF2M

        public static final int EC_CURVE_GF2M
        Used to request EC_GROUP_new_curve_GF2m to EC_GROUP_new_curve
        See Also:
        Constant Field Values

      • RAND_SEED_LENGTH_IN_BYTES

        public static final int RAND_SEED_LENGTH_IN_BYTES
        See Also:
        Constant Field Values

      • GN_STACK_SUBJECT_ALT_NAME

        public static final int GN_STACK_SUBJECT_ALT_NAME
        Used to request get_X509_GENERAL_NAME_stack get the "altname" field.
        See Also:
        Constant Field Values

      • GN_STACK_ISSUER_ALT_NAME

        public static final int GN_STACK_ISSUER_ALT_NAME
        Used to request get_X509_GENERAL_NAME_stack get the issuerAlternativeName extension.
        See Also:
        Constant Field Values

      • EXTENSION_TYPE_NON_CRITICAL

        public static final int EXTENSION_TYPE_NON_CRITICAL
        Used to request only non-critical types in get_X509*_ext_oids.
        See Also:
        Constant Field Values

      • EXTENSION_TYPE_CRITICAL

        public static final int EXTENSION_TYPE_CRITICAL
        Used to request only critical types in get_X509*_ext_oids.
        See Also:
        Constant Field Values

      • PKCS7_CERTS

        public static final int PKCS7_CERTS
        Used as the "which" field in d2i_PKCS7_bio and PEM_read_bio_PKCS7.
        See Also:
        Constant Field Values

      • PKCS7_CRLS

        public static final int PKCS7_CRLS
        Used as the "which" field in d2i_PKCS7_bio and PEM_read_bio_PKCS7.
        See Also:
        Constant Field Values

      • OPENSSL_TO_STANDARD_CIPHER_SUITES

        public static final Map<String,​String> OPENSSL_TO_STANDARD_CIPHER_SUITES

      • STANDARD_TO_OPENSSL_CIPHER_SUITES

        public static final Map<String,​String> STANDARD_TO_OPENSSL_CIPHER_SUITES

      • SUPPORTED_CIPHER_SUITES_SET

        public static final Set<String> SUPPORTED_CIPHER_SUITES_SET

      • TLS_EMPTY_RENEGOTIATION_INFO_SCSV

        public static final String TLS_EMPTY_RENEGOTIATION_INFO_SCSV
        TLS_EMPTY_RENEGOTIATION_INFO_SCSV is RFC 5746's renegotiation indication signaling cipher suite value. It is not a real cipher suite. It is just an indication in the default and supported cipher suite lists indicates that the implementation supports secure renegotiation.

        In the RI, its presence means that the SCSV is sent in the cipher suite list to indicate secure renegotiation support and its absense means to send an empty TLS renegotiation info extension instead.

        However, OpenSSL doesn't provide an API to give this level of control, instead always sending the SCSV and always including the empty renegotiation info if TLS is used (as opposed to SSL). So we simply allow TLS_EMPTY_RENEGOTIATION_INFO_SCSV to be passed for compatibility as to provide the hint that we support secure renegotiation.

        See Also:
        Constant Field Values

      • TLS_FALLBACK_SCSV

        public static final String TLS_FALLBACK_SCSV
        TLS_FALLBACK_SCSV is from https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 to indicate to the server that this is a fallback protocol request.
        See Also:
        Constant Field Values

      • TLSV12_PROTOCOLS

        public static final String[] TLSV12_PROTOCOLS
        Protocols to enable by default when "TLSv1.2" is requested.

      • TLSV11_PROTOCOLS

        public static final String[] TLSV11_PROTOCOLS
        Protocols to enable by default when "TLSv1.1" is requested.

      • TLSV1_PROTOCOLS

        public static final String[] TLSV1_PROTOCOLS
        Protocols to enable by default when "TLSv1" is requested.

      • SSLV3_PROTOCOLS

        public static final String[] SSLV3_PROTOCOLS
        Protocols to enable by default when "SSLv3" is requested.

      • DEFAULT_PROTOCOLS

        public static final String[] DEFAULT_PROTOCOLS

      • SSL_VERIFY_FAIL_IF_NO_PEER_CERT

        public static final int SSL_VERIFY_FAIL_IF_NO_PEER_CERT
        See Also:
        Constant Field Values

    • Constructor Detail

      • NativeCrypto

        public NativeCrypto()

    • Method Detail

      • ENGINE_load_dynamic

        public static void ENGINE_load_dynamic()

      • ENGINE_by_id

        public static long ENGINE_by_id​(String id)

      • ENGINE_add

        public static int ENGINE_add​(long e)

      • ENGINE_init

        public static int ENGINE_init​(long e)

      • ENGINE_finish

        public static int ENGINE_finish​(long e)

      • ENGINE_free

        public static int ENGINE_free​(long e)

      • ENGINE_get_id

        public static String ENGINE_get_id​(long engineRef)

      • ENGINE_ctrl_cmd_string

        public static int ENGINE_ctrl_cmd_string​(long engineRef,
                                         String cmd,
                                         String arg,
                                         int cmd_optional)

      • EVP_PKEY_new_DSA

        public static long EVP_PKEY_new_DSA​(byte[] p,
                                    byte[] q,
                                    byte[] g,
                                    byte[] pub_key,
                                    byte[] priv_key)

      • EVP_PKEY_new_RSA

        public static long EVP_PKEY_new_RSA​(byte[] n,
                                    byte[] e,
                                    byte[] d,
                                    byte[] p,
                                    byte[] q,
                                    byte[] dmp1,
                                    byte[] dmq1,
                                    byte[] iqmp)

      • EVP_PKEY_free

        public static void EVP_PKEY_free​(long pkey)

      • i2d_PKCS8_PRIV_KEY_INFO

        public static byte[] i2d_PKCS8_PRIV_KEY_INFO​(NativeRef.EVP_PKEY pkey)

      • d2i_PKCS8_PRIV_KEY_INFO

        public static long d2i_PKCS8_PRIV_KEY_INFO​(byte[] data)

      • d2i_PUBKEY

        public static long d2i_PUBKEY​(byte[] data)

      • PEM_read_bio_PUBKEY

        public static long PEM_read_bio_PUBKEY​(long bioCtx)

      • PEM_read_bio_PrivateKey

        public static long PEM_read_bio_PrivateKey​(long bioCtx)

      • getRSAPrivateKeyWrapper

        public static long getRSAPrivateKeyWrapper​(PrivateKey key,
                                           byte[] modulus)

      • RSA_generate_key_ex

        public static long RSA_generate_key_ex​(int modulusBits,
                                       byte[] publicExponent)

      • RSA_private_encrypt

        public static int RSA_private_encrypt​(int flen,
                                      byte[] from,
                                      byte[] to,
                                      NativeRef.EVP_PKEY pkey,
                                      int padding)

      • RSA_public_encrypt

        public static int RSA_public_encrypt​(int flen,
                                     byte[] from,
                                     byte[] to,
                                     NativeRef.EVP_PKEY pkey,
                                     int padding)

      • get_RSA_public_params

        public static byte[][] get_RSA_public_params​(NativeRef.EVP_PKEY rsa)
        Returns:
        array of {n, e}

      • get_RSA_private_params

        public static byte[][] get_RSA_private_params​(NativeRef.EVP_PKEY rsa)
        Returns:
        array of {n, e, d, p, q, dmp1, dmq1, iqmp}

      • EVP_PKEY_new_DH

        public static long EVP_PKEY_new_DH​(byte[] p,
                                   byte[] g,
                                   byte[] pub_key,
                                   byte[] priv_key)

      • DH_generate_parameters_ex

        public static long DH_generate_parameters_ex​(int primeBits,
                                             long generator)

      • get_DH_params

        public static byte[][] get_DH_params​(NativeRef.EVP_PKEY dh)
        Returns:
        array of {p, g, y(pub), x(priv)}

      • EC_GROUP_new_by_curve_name

        public static long EC_GROUP_new_by_curve_name​(String curveName)

      • EC_GROUP_new_arbitrary

        public static long EC_GROUP_new_arbitrary​(byte[] p,
                                          byte[] a,
                                          byte[] b,
                                          byte[] x,
                                          byte[] y,
                                          byte[] order,
                                          int cofactor)

      • EC_GROUP_set_asn1_flag

        public static void EC_GROUP_set_asn1_flag​(NativeRef.EC_GROUP groupRef,
                                          int flag)

      • EC_GROUP_set_point_conversion_form

        public static void EC_GROUP_set_point_conversion_form​(NativeRef.EC_GROUP groupRef,
                                                      int form)

      • EC_GROUP_get_curve

        public static byte[][] EC_GROUP_get_curve​(NativeRef.EC_GROUP groupRef)

      • EC_GROUP_clear_free

        public static void EC_GROUP_clear_free​(long groupRef)

      • EC_GROUP_get_generator

        public static long EC_GROUP_get_generator​(NativeRef.EC_GROUP groupRef)

      • get_EC_GROUP_type

        public static int get_EC_GROUP_type​(NativeRef.EC_GROUP groupRef)

      • EC_GROUP_get_order

        public static byte[] EC_GROUP_get_order​(NativeRef.EC_GROUP groupRef)

      • EC_GROUP_get_degree

        public static int EC_GROUP_get_degree​(NativeRef.EC_GROUP groupRef)

      • EC_GROUP_get_cofactor

        public static byte[] EC_GROUP_get_cofactor​(NativeRef.EC_GROUP groupRef)

      • EC_POINT_clear_free

        public static void EC_POINT_clear_free​(long pointRef)

      • EC_KEY_generate_key

        public static long EC_KEY_generate_key​(NativeRef.EC_GROUP groupRef)

      • EC_KEY_get1_group

        public static long EC_KEY_get1_group​(NativeRef.EVP_PKEY pkeyRef)

      • EC_KEY_get_private_key

        public static byte[] EC_KEY_get_private_key​(NativeRef.EVP_PKEY keyRef)

      • EC_KEY_get_public_key

        public static long EC_KEY_get_public_key​(NativeRef.EVP_PKEY keyRef)

      • EC_KEY_set_nonce_from_hash

        public static void EC_KEY_set_nonce_from_hash​(NativeRef.EVP_PKEY keyRef,
                                              boolean enabled)

      • EVP_get_digestbyname

        public static long EVP_get_digestbyname​(String name)

      • EVP_MD_size

        public static int EVP_MD_size​(long evp_md_const)

      • EVP_MD_block_size

        public static int EVP_MD_block_size​(long evp_md_const)

      • EVP_MD_CTX_create

        public static long EVP_MD_CTX_create()

      • EVP_MD_CTX_destroy

        public static void EVP_MD_CTX_destroy​(long ctx)

      • EVP_DigestUpdate

        public static void EVP_DigestUpdate​(NativeRef.EVP_MD_CTX ctx,
                                    byte[] buffer,
                                    int offset,
                                    int length)

      • EVP_DigestUpdateDirect

        public static void EVP_DigestUpdateDirect​(NativeRef.EVP_MD_CTX ctx,
                                          long ptr,
                                          int length)

      • EVP_DigestFinal

        public static int EVP_DigestFinal​(NativeRef.EVP_MD_CTX ctx,
                                  byte[] hash,
                                  int offset)

      • EVP_DigestSignUpdate

        public static void EVP_DigestSignUpdate​(NativeRef.EVP_MD_CTX evp_md_ctx,
                                        byte[] in)

      • EVP_DigestSignFinal

        public static byte[] EVP_DigestSignFinal​(NativeRef.EVP_MD_CTX evp_md_ctx)

      • EVP_SignUpdate

        public static void EVP_SignUpdate​(NativeRef.EVP_MD_CTX ctx,
                                  byte[] buffer,
                                  int offset,
                                  int length)

      • EVP_VerifyUpdate

        public static void EVP_VerifyUpdate​(NativeRef.EVP_MD_CTX ctx,
                                    byte[] buffer,
                                    int offset,
                                    int length)

      • EVP_get_cipherbyname

        public static long EVP_get_cipherbyname​(String string)

      • EVP_CipherInit_ex

        public static void EVP_CipherInit_ex​(NativeRef.EVP_CIPHER_CTX ctx,
                                     long evpCipher,
                                     byte[] key,
                                     byte[] iv,
                                     boolean encrypting)

      • EVP_CipherUpdate

        public static int EVP_CipherUpdate​(NativeRef.EVP_CIPHER_CTX ctx,
                                   byte[] out,
                                   int outOffset,
                                   byte[] in,
                                   int inOffset,
                                   int inLength)

      • EVP_CIPHER_iv_length

        public static int EVP_CIPHER_iv_length​(long evpCipher)

      • EVP_CIPHER_CTX_new

        public static long EVP_CIPHER_CTX_new()

      • EVP_CIPHER_CTX_set_padding

        public static void EVP_CIPHER_CTX_set_padding​(NativeRef.EVP_CIPHER_CTX ctx,
                                              boolean enablePadding)

      • EVP_CIPHER_CTX_set_key_length

        public static void EVP_CIPHER_CTX_set_key_length​(NativeRef.EVP_CIPHER_CTX ctx,
                                                 int keyBitSize)

      • EVP_CIPHER_CTX_free

        public static void EVP_CIPHER_CTX_free​(long ctx)

      • EVP_aead_aes_128_gcm

        public static long EVP_aead_aes_128_gcm()

      • EVP_aead_aes_256_gcm

        public static long EVP_aead_aes_256_gcm()

      • EVP_AEAD_CTX_init

        public static long EVP_AEAD_CTX_init​(long evpAead,
                                     byte[] key,
                                     int tagLen)

      • EVP_AEAD_CTX_cleanup

        public static void EVP_AEAD_CTX_cleanup​(long ctx)

      • EVP_AEAD_max_overhead

        public static int EVP_AEAD_max_overhead​(long evpAead)

      • EVP_AEAD_nonce_length

        public static int EVP_AEAD_nonce_length​(long evpAead)

      • EVP_AEAD_max_tag_len

        public static int EVP_AEAD_max_tag_len​(long evpAead)

      • HMAC_CTX_new

        public static long HMAC_CTX_new()

      • HMAC_CTX_free

        public static void HMAC_CTX_free​(long ctx)

      • HMAC_Init_ex

        public static void HMAC_Init_ex​(NativeRef.HMAC_CTX ctx,
                                byte[] key,
                                long evp_md)

      • HMAC_Update

        public static void HMAC_Update​(NativeRef.HMAC_CTX ctx,
                               byte[] in,
                               int inOffset,
                               int inLength)

      • RAND_seed

        public static void RAND_seed​(byte[] seed)

      • RAND_load_file

        public static int RAND_load_file​(String filename,
                                 long max_bytes)

      • RAND_bytes

        public static void RAND_bytes​(byte[] output)

      • OBJ_txt2nid

        public static int OBJ_txt2nid​(String oid)

      • OBJ_txt2nid_longName

        public static String OBJ_txt2nid_longName​(String oid)

      • OBJ_txt2nid_oid

        public static String OBJ_txt2nid_oid​(String oid)

      • X509_NAME_hash

        public static int X509_NAME_hash​(X500Principal principal)

      • X509_NAME_hash_old

        public static int X509_NAME_hash_old​(X500Principal principal)

      • X509_NAME_print_ex

        public static String X509_NAME_print_ex​(long x509nameCtx,
                                        long flags)

      • d2i_X509_bio

        public static long d2i_X509_bio​(long bioCtx)

      • d2i_X509

        public static long d2i_X509​(byte[] encoded)

      • PEM_read_bio_X509

        public static long PEM_read_bio_X509​(long bioCtx)

      • i2d_X509

        public static byte[] i2d_X509​(long x509ctx)

      • i2d_X509_PUBKEY

        public static byte[] i2d_X509_PUBKEY​(long x509ctx)
        Takes an X509 context not an X509_PUBKEY context.

      • ASN1_seq_pack_X509

        public static byte[] ASN1_seq_pack_X509​(long[] x509CertRefs)

      • ASN1_seq_unpack_X509_bio

        public static long[] ASN1_seq_unpack_X509_bio​(long bioRef)

      • X509_free

        public static void X509_free​(long x509ctx)

      • X509_dup

        public static long X509_dup​(long x509ctx)

      • X509_cmp

        public static int X509_cmp​(long x509ctx1,
                           long x509ctx2)

      • get_X509_hashCode

        public static int get_X509_hashCode​(long x509ctx)

      • X509_print_ex

        public static void X509_print_ex​(long bioCtx,
                                 long x509ctx,
                                 long nmflag,
                                 long certflag)

      • X509_get_issuer_name

        public static byte[] X509_get_issuer_name​(long x509ctx)

      • X509_get_subject_name

        public static byte[] X509_get_subject_name​(long x509ctx)

      • get_X509_sig_alg_oid

        public static String get_X509_sig_alg_oid​(long x509ctx)

      • get_X509_sig_alg_parameter

        public static byte[] get_X509_sig_alg_parameter​(long x509ctx)

      • get_X509_issuerUID

        public static boolean[] get_X509_issuerUID​(long x509ctx)

      • get_X509_subjectUID

        public static boolean[] get_X509_subjectUID​(long x509ctx)

      • get_X509_pubkey_oid

        public static String get_X509_pubkey_oid​(long x509ctx)

      • X509_get_ext_oid

        public static byte[] X509_get_ext_oid​(long x509ctx,
                                      String oid)

      • get_X509_ext_oids

        public static String[] get_X509_ext_oids​(long x509ctx,
                                         int critical)

      • get_X509_ex_kusage

        public static boolean[] get_X509_ex_kusage​(long x509ctx)

      • get_X509_ex_xkusage

        public static String[] get_X509_ex_xkusage​(long x509ctx)

      • get_X509_ex_pathlen

        public static int get_X509_ex_pathlen​(long x509ctx)

      • X509_get_notBefore

        public static long X509_get_notBefore​(long x509ctx)

      • X509_get_notAfter

        public static long X509_get_notAfter​(long x509ctx)

      • X509_get_version

        public static long X509_get_version​(long x509ctx)

      • X509_get_serialNumber

        public static byte[] X509_get_serialNumber​(long x509ctx)

      • get_X509_cert_info_enc

        public static byte[] get_X509_cert_info_enc​(long x509ctx)

      • get_X509_signature

        public static byte[] get_X509_signature​(long x509ctx)

      • get_X509_ex_flags

        public static int get_X509_ex_flags​(long x509ctx)

      • X509_check_issued

        public static int X509_check_issued​(long ctx,
                                    long ctx2)

      • d2i_PKCS7_bio

        public static long[] d2i_PKCS7_bio​(long bioCtx,
                                   int which)
        Returns an array of X509 or X509_CRL pointers.

      • i2d_PKCS7

        public static byte[] i2d_PKCS7​(long[] certs)
        Returns an array of X509 or X509_CRL pointers.

      • PEM_read_bio_PKCS7

        public static long[] PEM_read_bio_PKCS7​(long bioCtx,
                                        int which)
        Returns an array of X509 or X509_CRL pointers.

      • d2i_X509_CRL_bio

        public static long d2i_X509_CRL_bio​(long bioCtx)

      • PEM_read_bio_X509_CRL

        public static long PEM_read_bio_X509_CRL​(long bioCtx)

      • i2d_X509_CRL

        public static byte[] i2d_X509_CRL​(long x509CrlCtx)

      • X509_CRL_free

        public static void X509_CRL_free​(long x509CrlCtx)

      • X509_CRL_print

        public static void X509_CRL_print​(long bioCtx,
                                  long x509CrlCtx)

      • get_X509_CRL_sig_alg_oid

        public static String get_X509_CRL_sig_alg_oid​(long x509CrlCtx)

      • get_X509_CRL_sig_alg_parameter

        public static byte[] get_X509_CRL_sig_alg_parameter​(long x509CrlCtx)

      • X509_CRL_get_issuer_name

        public static byte[] X509_CRL_get_issuer_name​(long x509CrlCtx)

      • X509_CRL_get0_by_cert

        public static long X509_CRL_get0_by_cert​(long x509CrlCtx,
                                         long x509Ctx)
        Returns X509_REVOKED reference that is not duplicated!

      • X509_CRL_get0_by_serial

        public static long X509_CRL_get0_by_serial​(long x509CrlCtx,
                                           byte[] serial)
        Returns X509_REVOKED reference that is not duplicated!

      • X509_CRL_get_REVOKED

        public static long[] X509_CRL_get_REVOKED​(long x509CrlCtx)
        Returns an array of X509_REVOKED that are owned by the caller.

      • get_X509_CRL_ext_oids

        public static String[] get_X509_CRL_ext_oids​(long x509ctx,
                                             int critical)

      • X509_CRL_get_ext_oid

        public static byte[] X509_CRL_get_ext_oid​(long x509CrlCtx,
                                          String oid)

      • X509_delete_ext

        public static void X509_delete_ext​(long x509,
                                   String oid)

      • X509_CRL_get_version

        public static long X509_CRL_get_version​(long x509CrlCtx)

      • X509_CRL_get_ext

        public static long X509_CRL_get_ext​(long x509CrlCtx,
                                    String oid)

      • get_X509_CRL_signature

        public static byte[] get_X509_CRL_signature​(long x509ctx)

      • X509_CRL_verify

        public static void X509_CRL_verify​(long x509CrlCtx,
                                   NativeRef.EVP_PKEY pkeyCtx)

      • get_X509_CRL_crl_enc

        public static byte[] get_X509_CRL_crl_enc​(long x509CrlCtx)

      • X509_CRL_get_lastUpdate

        public static long X509_CRL_get_lastUpdate​(long x509CrlCtx)

      • X509_CRL_get_nextUpdate

        public static long X509_CRL_get_nextUpdate​(long x509CrlCtx)

      • X509_REVOKED_dup

        public static long X509_REVOKED_dup​(long x509RevokedCtx)

      • i2d_X509_REVOKED

        public static byte[] i2d_X509_REVOKED​(long x509RevokedCtx)

      • get_X509_REVOKED_ext_oids

        public static String[] get_X509_REVOKED_ext_oids​(long x509ctx,
                                                 int critical)

      • X509_REVOKED_get_ext_oid

        public static byte[] X509_REVOKED_get_ext_oid​(long x509RevokedCtx,
                                              String oid)

      • X509_REVOKED_get_serialNumber

        public static byte[] X509_REVOKED_get_serialNumber​(long x509RevokedCtx)

      • X509_REVOKED_get_ext

        public static long X509_REVOKED_get_ext​(long x509RevokedCtx,
                                        String oid)

      • get_X509_REVOKED_revocationDate

        public static long get_X509_REVOKED_revocationDate​(long x509RevokedCtx)
        Returns ASN1_TIME reference.

      • X509_REVOKED_print

        public static void X509_REVOKED_print​(long bioRef,
                                      long x509RevokedCtx)

      • X509_supported_extension

        public static int X509_supported_extension​(long x509ExtensionRef)

      • ASN1_TIME_to_Calendar

        public static void ASN1_TIME_to_Calendar​(long asn1TimeCtx,
                                         Calendar cal)

      • create_BIO_InputStream

        public static long create_BIO_InputStream​(OpenSSLBIOInputStream is,
                                          boolean isFinite)

      • create_BIO_OutputStream

        public static long create_BIO_OutputStream​(OutputStream os)

      • BIO_read

        public static int BIO_read​(long bioRef,
                           byte[] buffer)

      • BIO_write

        public static void BIO_write​(long bioRef,
                             byte[] buffer,
                             int offset,
                             int length)
                      throws IOException
        Throws:
        IOException

      • BIO_free_all

        public static void BIO_free_all​(long bioRef)

      • SSL_CTX_new

        public static long SSL_CTX_new()

      • getSupportedCipherSuites

        public static String[] getSupportedCipherSuites()

      • SSL_CTX_free

        public static void SSL_CTX_free​(long ssl_ctx)

      • SSL_CTX_set_session_id_context

        public static void SSL_CTX_set_session_id_context​(long ssl_ctx,
                                                  byte[] sid_ctx)

      • SSL_enable_tls_channel_id

        public static void SSL_enable_tls_channel_id​(long ssl)
                                      throws SSLException
        Throws:
        SSLException

      • SSL_get_tls_channel_id

        public static byte[] SSL_get_tls_channel_id​(long ssl)
                                     throws SSLException
        Throws:
        SSLException

      • SSL_set1_tls_channel_id

        public static void SSL_set1_tls_channel_id​(long ssl,
                                           NativeRef.EVP_PKEY pkey)

      • SSL_use_certificate

        public static void SSL_use_certificate​(long ssl,
                                       long[] x509refs)

      • SSL_use_PrivateKey

        public static void SSL_use_PrivateKey​(long ssl,
                                      NativeRef.EVP_PKEY pkey)

      • SSL_check_private_key

        public static void SSL_check_private_key​(long ssl)
                                  throws SSLException
        Throws:
        SSLException

      • SSL_set_client_CA_list

        public static void SSL_set_client_CA_list​(long ssl,
                                          byte[][] asn1DerEncodedX500Principals)

      • SSL_get_mode

        public static long SSL_get_mode​(long ssl)

      • SSL_set_mode

        public static long SSL_set_mode​(long ssl,
                                long mode)

      • SSL_clear_mode

        public static long SSL_clear_mode​(long ssl,
                                  long mode)

      • SSL_get_options

        public static long SSL_get_options​(long ssl)

      • SSL_set_options

        public static long SSL_set_options​(long ssl,
                                   long options)

      • SSL_clear_options

        public static long SSL_clear_options​(long ssl,
                                     long options)

      • SSL_enable_signed_cert_timestamps

        public static void SSL_enable_signed_cert_timestamps​(long ssl)

      • SSL_get_signed_cert_timestamp_list

        public static byte[] SSL_get_signed_cert_timestamp_list​(long ssl)

      • SSL_CTX_set_signed_cert_timestamp_list

        public static void SSL_CTX_set_signed_cert_timestamp_list​(long ssl,
                                                          byte[] list)

      • SSL_enable_ocsp_stapling

        public static void SSL_enable_ocsp_stapling​(long ssl)

      • SSL_get_ocsp_response

        public static byte[] SSL_get_ocsp_response​(long ssl)

      • SSL_CTX_set_ocsp_response

        public static void SSL_CTX_set_ocsp_response​(long ssl,
                                             byte[] response)

      • SSL_use_psk_identity_hint

        public static void SSL_use_psk_identity_hint​(long ssl,
                                             String identityHint)
                                      throws SSLException
        Throws:
        SSLException

      • set_SSL_psk_client_callback_enabled

        public static void set_SSL_psk_client_callback_enabled​(long ssl,
                                                       boolean enabled)

      • set_SSL_psk_server_callback_enabled

        public static void set_SSL_psk_server_callback_enabled​(long ssl,
                                                       boolean enabled)

      • getSupportedProtocols

        public static String[] getSupportedProtocols()

      • setEnabledProtocols

        public static void setEnabledProtocols​(long ssl,
                                       String[] protocols)

      • checkEnabledProtocols

        public static String[] checkEnabledProtocols​(String[] protocols)

      • SSL_set_cipher_lists

        public static void SSL_set_cipher_lists​(long ssl,
                                        String[] ciphers)

      • SSL_get_ciphers

        public static long[] SSL_get_ciphers​(long ssl)
        Gets the list of cipher suites enabled for the provided SSL instance.
        Returns:
        array of SSL_CIPHER references.

      • get_SSL_CIPHER_algorithm_mkey

        public static int get_SSL_CIPHER_algorithm_mkey​(long sslCipher)

      • get_SSL_CIPHER_algorithm_auth

        public static int get_SSL_CIPHER_algorithm_auth​(long sslCipher)

      • setEnabledCipherSuites

        public static void setEnabledCipherSuites​(long ssl,
                                          String[] cipherSuites)

      • checkEnabledCipherSuites

        public static String[] checkEnabledCipherSuites​(String[] cipherSuites)

      • SSL_set_accept_state

        public static void SSL_set_accept_state​(long sslNativePointer)

      • SSL_set_connect_state

        public static void SSL_set_connect_state​(long sslNativePointer)

      • SSL_set_verify

        public static void SSL_set_verify​(long sslNativePointer,
                                  int mode)

      • SSL_set_session

        public static void SSL_set_session​(long sslNativePointer,
                                   long sslSessionNativePointer)
                            throws SSLException
        Throws:
        SSLException

      • SSL_set_session_creation_enabled

        public static void SSL_set_session_creation_enabled​(long sslNativePointer,
                                                    boolean creationEnabled)
                                             throws SSLException
        Throws:
        SSLException

      • SSL_set_reject_peer_renegotiations

        public static void SSL_set_reject_peer_renegotiations​(long sslNativePointer,
                                                      boolean renegotiationRejected)
                                               throws SSLException
        Throws:
        SSLException

      • SSL_set_tlsext_host_name

        public static void SSL_set_tlsext_host_name​(long sslNativePointer,
                                            String hostname)
                                     throws SSLException
        Throws:
        SSLException

      • SSL_get_servername

        public static String SSL_get_servername​(long sslNativePointer)

      • SSL_CTX_enable_npn

        public static void SSL_CTX_enable_npn​(long sslCtxNativePointer)
        Enables NPN for all SSL connections in the context.

        For clients this causes the NPN extension to be included in the ClientHello message.

        For servers this causes the NPN extension to be included in the ServerHello message. The NPN extension will not be included in the ServerHello response if the client didn't include it in the ClientHello request.

        In either case the caller should pass a non-null byte array of NPN protocols to SSL_do_handshake(long, java.io.FileDescriptor, org.conscrypt.NativeCrypto.SSLHandshakeCallbacks, int, boolean, byte[], byte[]).

      • SSL_CTX_disable_npn

        public static void SSL_CTX_disable_npn​(long sslCtxNativePointer)
        Disables NPN for all SSL connections in the context.

      • SSL_set_alpn_protos

        public static int SSL_set_alpn_protos​(long sslPointer,
                                      byte[] protos)
        For clients, sets the list of supported ALPN protocols in wire-format (length-prefixed 8-bit strings).

      • SSL_get0_alpn_selected

        public static byte[] SSL_get0_alpn_selected​(long sslPointer)
        Returns the selected ALPN protocol. If the server did not select a protocol, null will be returned.

      • SSL_get_npn_negotiated_protocol

        public static byte[] SSL_get_npn_negotiated_protocol​(long sslNativePointer)

      • SSL_renegotiate

        public static void SSL_renegotiate​(long sslNativePointer)
                            throws SSLException
        Currently only intended for forcing renegotiation for testing. Not used within OpenSSLSocketImpl.
        Throws:
        SSLException

      • SSL_get_certificate

        public static long[] SSL_get_certificate​(long sslNativePointer)
        Returns the local X509 certificate references. Must X509_free when done.

      • SSL_get_peer_cert_chain

        public static long[] SSL_get_peer_cert_chain​(long sslNativePointer)
        Returns the peer X509 certificate references. Must X509_free when done.

      • SSL_read

        public static int SSL_read​(long sslNativePointer,
                           FileDescriptor fd,
                           NativeCrypto.SSLHandshakeCallbacks shc,
                           byte[] b,
                           int off,
                           int len,
                           int readTimeoutMillis)
                    throws IOException
        Reads with the native SSL_read function from the encrypted data stream
        Returns:
        -1 if error or the end of the stream is reached.
        Throws:
        IOException

      • SSL_interrupt

        public static void SSL_interrupt​(long sslNativePointer)

      • SSL_get_shutdown

        public static int SSL_get_shutdown​(long sslNativePointer)

      • SSL_free

        public static void SSL_free​(long sslNativePointer)

      • SSL_SESSION_session_id

        public static byte[] SSL_SESSION_session_id​(long sslSessionNativePointer)

      • SSL_SESSION_get_time

        public static long SSL_SESSION_get_time​(long sslSessionNativePointer)

      • SSL_SESSION_get_version

        public static String SSL_SESSION_get_version​(long sslSessionNativePointer)

      • SSL_SESSION_cipher

        public static String SSL_SESSION_cipher​(long sslSessionNativePointer)

      • SSL_SESSION_free

        public static void SSL_SESSION_free​(long sslSessionNativePointer)

      • i2d_SSL_SESSION

        public static byte[] i2d_SSL_SESSION​(long sslSessionNativePointer)

      • d2i_SSL_SESSION

        public static long d2i_SSL_SESSION​(byte[] data)

      • ERR_peek_last_error

        public static long ERR_peek_last_error()

      • SSL_CIPHER_get_kx_name

        public static String SSL_CIPHER_get_kx_name​(long cipherAddress)

      • get_cipher_names

        public static String[] get_cipher_names​(String selection)

      • get_ocsp_single_extension

        public static byte[] get_ocsp_single_extension​(byte[] ocspResponse,
                                               String oid,
                                               long x509Ref,
                                               long issuerX509Ref)

      • getDirectBufferAddress

        public static long getDirectBufferAddress​(Buffer buf)
        Returns the starting address of the memory region referenced by the provided direct Buffer or 0 if the provided buffer is not direct or if such access to direct buffers is not supported by the platform.

        NOTE: This method ignores the buffer's current position.