org.apache.tomcat.jni

Class SSL

public final class SSL extends Object

SSL

Version: $Revision: 637867 $, $Date: 2008-03-17 13:49:46 +0100 (Mon, 17 Mar 2008) $

Author: Mladen Turk

Field Summary
static intSSL_AIDX_DSA
static intSSL_AIDX_MAX
static intSSL_AIDX_RSA
static intSSL_ALGO_ALL
static intSSL_ALGO_DSA
static intSSL_ALGO_RSA
static intSSL_ALGO_UNKNOWN
static intSSL_CRT_FORMAT_ASN1
static intSSL_CRT_FORMAT_ENGINE
static intSSL_CRT_FORMAT_NETSCAPE
static intSSL_CRT_FORMAT_PEM
static intSSL_CRT_FORMAT_PKCS12
static intSSL_CRT_FORMAT_SMIME
static intSSL_CRT_FORMAT_TEXT
static intSSL_CRT_FORMAT_UNDEF
static intSSL_CVERIFY_NONE
static intSSL_CVERIFY_OPTIONAL
static intSSL_CVERIFY_OPTIONAL_NO_CA
static intSSL_CVERIFY_REQUIRE
static intSSL_CVERIFY_UNSET
static intSSL_INFO_CIPHER
static intSSL_INFO_CIPHER_ALGKEYSIZE
static intSSL_INFO_CIPHER_DESCRIPTION
static intSSL_INFO_CIPHER_USEKEYSIZE
static intSSL_INFO_CIPHER_VERSION
static intSSL_INFO_CLIENT_A_KEY
static intSSL_INFO_CLIENT_A_SIG
static intSSL_INFO_CLIENT_CERT
static intSSL_INFO_CLIENT_CERT_CHAIN
static intSSL_INFO_CLIENT_I_DN
static intSSL_INFO_CLIENT_M_SERIAL
static intSSL_INFO_CLIENT_M_VERSION
static intSSL_INFO_CLIENT_S_DN
static intSSL_INFO_CLIENT_V_END
static intSSL_INFO_CLIENT_V_REMAIN
static intSSL_INFO_CLIENT_V_START
static intSSL_INFO_DN_COMMONNAME
static intSSL_INFO_DN_COUNTRYNAME
static intSSL_INFO_DN_DESCRIPTION
static intSSL_INFO_DN_EMAILADDRESS
static intSSL_INFO_DN_GIVENNAME
static intSSL_INFO_DN_INITIALS
static intSSL_INFO_DN_LOCALITYNAME
static intSSL_INFO_DN_ORGANIZATIONALUNITNAME
static intSSL_INFO_DN_ORGANIZATIONNAME
static intSSL_INFO_DN_STATEORPROVINCENAME
static intSSL_INFO_DN_SURNAME
static intSSL_INFO_DN_TITLE
static intSSL_INFO_DN_UNIQUEIDENTIFIER
static intSSL_INFO_PROTOCOL
static intSSL_INFO_SERVER_A_KEY
static intSSL_INFO_SERVER_A_SIG
static intSSL_INFO_SERVER_CERT
static intSSL_INFO_SERVER_I_DN
static intSSL_INFO_SERVER_M_SERIAL
static intSSL_INFO_SERVER_M_VERSION
static intSSL_INFO_SERVER_S_DN
static intSSL_INFO_SERVER_V_END
static intSSL_INFO_SERVER_V_START
static intSSL_INFO_SESSION_ID
static intSSL_MODE_CLIENT
static intSSL_MODE_COMBINED
static intSSL_MODE_SERVER
static intSSL_OPT_ALL
static intSSL_OPT_EXPORTCERTDATA
static intSSL_OPT_FAKEBASICAUTH
static intSSL_OPT_NONE
static intSSL_OPT_OPTRENEGOTIATE
static intSSL_OPT_RELSET
static intSSL_OPT_STDENVVARS
static intSSL_OPT_STRICTREQUIRE
static intSSL_OP_ALL
static intSSL_OP_CIPHER_SERVER_PREFERENCE
static intSSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
static intSSL_OP_EPHEMERAL_RSA
static intSSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
static intSSL_OP_MICROSOFT_SESS_ID_BUG
static intSSL_OP_MSIE_SSLV2_RSA_PADDING
static intSSL_OP_NETSCAPE_CA_DN_BUG
static intSSL_OP_NETSCAPE_CHALLENGE_BUG
static intSSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
static intSSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
static intSSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
static intSSL_OP_NO_SSLv2
static intSSL_OP_NO_SSLv3
static intSSL_OP_NO_TLSv1
static intSSL_OP_PKCS1_CHECK_1
static intSSL_OP_PKCS1_CHECK_2
static intSSL_OP_SINGLE_DH_USE
static intSSL_OP_SSLEAY_080_CLIENT_DH_BUG
static intSSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
static intSSL_OP_TLS_BLOCK_PADDING_BUG
static intSSL_OP_TLS_D5_BUG
static intSSL_OP_TLS_ROLLBACK_BUG
static intSSL_PROTOCOL_ALL
static intSSL_PROTOCOL_NONE
static intSSL_PROTOCOL_SSLV2
static intSSL_PROTOCOL_SSLV3
static intSSL_PROTOCOL_TLSV1
static intSSL_SHUTDOWN_TYPE_ACCURATE
static intSSL_SHUTDOWN_TYPE_STANDARD
static intSSL_SHUTDOWN_TYPE_UNCLEAN
static intSSL_SHUTDOWN_TYPE_UNSET
static intSSL_TMP_KEY_DH_1024
static intSSL_TMP_KEY_DH_2048
static intSSL_TMP_KEY_DH_4096
static intSSL_TMP_KEY_DH_512
static intSSL_TMP_KEY_MAX
static intSSL_TMP_KEY_RSA_1024
static intSSL_TMP_KEY_RSA_2048
static intSSL_TMP_KEY_RSA_4096
static intSSL_TMP_KEY_RSA_512
static intSSL_VERIFY_CLIENT_ONCE
static intSSL_VERIFY_FAIL_IF_NO_PEER_CERT
static intSSL_VERIFY_NONE
static intSSL_VERIFY_PEER
static intSSL_VERIFY_PEER_STRICT
static intUNSET
Method Summary
static intcloseBIO(long bio)
Close BIO and derefrence callback object
static booleangenerateRSATempKey(int idx)
Generate temporary RSA key.
static StringgetLastError()
Return last SSL error string
static intinitialize(String engine)
Initialize OpenSSL support.
static booleanloadDSATempKey(int idx, String file)
Load temporary DSA key from file
Index can be one of:
 SSL_TMP_KEY_DH_512
 SSL_TMP_KEY_DH_1024
 SSL_TMP_KEY_DH_2048
 SSL_TMP_KEY_DH_4096
 
static longnewBIO(long pool, BIOCallback callback)
Initialize new BIO
static booleanrandLoad(String filename)
Add content of the file to the PRNG
static booleanrandMake(String filename, int len, boolean base64)
Creates random data to filename
static booleanrandSave(String filename)
Writes a number of random bytes (currently 1024) to file filename which can be used to initialize the PRNG by calling randLoad in a later session.
static booleanrandSet(String filename)
Set source of entropy to use in SSL
static voidsetPassword(String password)
Set global Password for decrypting certificates and keys.
static voidsetPasswordCallback(PasswordCallback callback)
Set global Password callback for obtaining passwords.
static intversion()
static StringversionString()

Field Detail

SSL_AIDX_DSA

public static final int SSL_AIDX_DSA

SSL_AIDX_MAX

public static final int SSL_AIDX_MAX

SSL_AIDX_RSA

public static final int SSL_AIDX_RSA

SSL_ALGO_ALL

public static final int SSL_ALGO_ALL

SSL_ALGO_DSA

public static final int SSL_ALGO_DSA

SSL_ALGO_RSA

public static final int SSL_ALGO_RSA

SSL_ALGO_UNKNOWN

public static final int SSL_ALGO_UNKNOWN

SSL_CRT_FORMAT_ASN1

public static final int SSL_CRT_FORMAT_ASN1

SSL_CRT_FORMAT_ENGINE

public static final int SSL_CRT_FORMAT_ENGINE

SSL_CRT_FORMAT_NETSCAPE

public static final int SSL_CRT_FORMAT_NETSCAPE

SSL_CRT_FORMAT_PEM

public static final int SSL_CRT_FORMAT_PEM

SSL_CRT_FORMAT_PKCS12

public static final int SSL_CRT_FORMAT_PKCS12

SSL_CRT_FORMAT_SMIME

public static final int SSL_CRT_FORMAT_SMIME

SSL_CRT_FORMAT_TEXT

public static final int SSL_CRT_FORMAT_TEXT

SSL_CRT_FORMAT_UNDEF

public static final int SSL_CRT_FORMAT_UNDEF

SSL_CVERIFY_NONE

public static final int SSL_CVERIFY_NONE

SSL_CVERIFY_OPTIONAL

public static final int SSL_CVERIFY_OPTIONAL

SSL_CVERIFY_OPTIONAL_NO_CA

public static final int SSL_CVERIFY_OPTIONAL_NO_CA

SSL_CVERIFY_REQUIRE

public static final int SSL_CVERIFY_REQUIRE

SSL_CVERIFY_UNSET

public static final int SSL_CVERIFY_UNSET

SSL_INFO_CIPHER

public static final int SSL_INFO_CIPHER

SSL_INFO_CIPHER_ALGKEYSIZE

public static final int SSL_INFO_CIPHER_ALGKEYSIZE

SSL_INFO_CIPHER_DESCRIPTION

public static final int SSL_INFO_CIPHER_DESCRIPTION

SSL_INFO_CIPHER_USEKEYSIZE

public static final int SSL_INFO_CIPHER_USEKEYSIZE

SSL_INFO_CIPHER_VERSION

public static final int SSL_INFO_CIPHER_VERSION

SSL_INFO_CLIENT_A_KEY

public static final int SSL_INFO_CLIENT_A_KEY

SSL_INFO_CLIENT_A_SIG

public static final int SSL_INFO_CLIENT_A_SIG

SSL_INFO_CLIENT_CERT

public static final int SSL_INFO_CLIENT_CERT

SSL_INFO_CLIENT_CERT_CHAIN

public static final int SSL_INFO_CLIENT_CERT_CHAIN

SSL_INFO_CLIENT_I_DN

public static final int SSL_INFO_CLIENT_I_DN

SSL_INFO_CLIENT_M_SERIAL

public static final int SSL_INFO_CLIENT_M_SERIAL

SSL_INFO_CLIENT_M_VERSION

public static final int SSL_INFO_CLIENT_M_VERSION

SSL_INFO_CLIENT_S_DN

public static final int SSL_INFO_CLIENT_S_DN

SSL_INFO_CLIENT_V_END

public static final int SSL_INFO_CLIENT_V_END

SSL_INFO_CLIENT_V_REMAIN

public static final int SSL_INFO_CLIENT_V_REMAIN

SSL_INFO_CLIENT_V_START

public static final int SSL_INFO_CLIENT_V_START

SSL_INFO_DN_COMMONNAME

public static final int SSL_INFO_DN_COMMONNAME

SSL_INFO_DN_COUNTRYNAME

public static final int SSL_INFO_DN_COUNTRYNAME

SSL_INFO_DN_DESCRIPTION

public static final int SSL_INFO_DN_DESCRIPTION

SSL_INFO_DN_EMAILADDRESS

public static final int SSL_INFO_DN_EMAILADDRESS

SSL_INFO_DN_GIVENNAME

public static final int SSL_INFO_DN_GIVENNAME

SSL_INFO_DN_INITIALS

public static final int SSL_INFO_DN_INITIALS

SSL_INFO_DN_LOCALITYNAME

public static final int SSL_INFO_DN_LOCALITYNAME

SSL_INFO_DN_ORGANIZATIONALUNITNAME

public static final int SSL_INFO_DN_ORGANIZATIONALUNITNAME

SSL_INFO_DN_ORGANIZATIONNAME

public static final int SSL_INFO_DN_ORGANIZATIONNAME

SSL_INFO_DN_STATEORPROVINCENAME

public static final int SSL_INFO_DN_STATEORPROVINCENAME

SSL_INFO_DN_SURNAME

public static final int SSL_INFO_DN_SURNAME

SSL_INFO_DN_TITLE

public static final int SSL_INFO_DN_TITLE

SSL_INFO_DN_UNIQUEIDENTIFIER

public static final int SSL_INFO_DN_UNIQUEIDENTIFIER

SSL_INFO_PROTOCOL

public static final int SSL_INFO_PROTOCOL

SSL_INFO_SERVER_A_KEY

public static final int SSL_INFO_SERVER_A_KEY

SSL_INFO_SERVER_A_SIG

public static final int SSL_INFO_SERVER_A_SIG

SSL_INFO_SERVER_CERT

public static final int SSL_INFO_SERVER_CERT

SSL_INFO_SERVER_I_DN

public static final int SSL_INFO_SERVER_I_DN

SSL_INFO_SERVER_M_SERIAL

public static final int SSL_INFO_SERVER_M_SERIAL

SSL_INFO_SERVER_M_VERSION

public static final int SSL_INFO_SERVER_M_VERSION

SSL_INFO_SERVER_S_DN

public static final int SSL_INFO_SERVER_S_DN

SSL_INFO_SERVER_V_END

public static final int SSL_INFO_SERVER_V_END

SSL_INFO_SERVER_V_START

public static final int SSL_INFO_SERVER_V_START

SSL_INFO_SESSION_ID

public static final int SSL_INFO_SESSION_ID

SSL_MODE_CLIENT

public static final int SSL_MODE_CLIENT

SSL_MODE_COMBINED

public static final int SSL_MODE_COMBINED

SSL_MODE_SERVER

public static final int SSL_MODE_SERVER

SSL_OPT_ALL

public static final int SSL_OPT_ALL

SSL_OPT_EXPORTCERTDATA

public static final int SSL_OPT_EXPORTCERTDATA

SSL_OPT_FAKEBASICAUTH

public static final int SSL_OPT_FAKEBASICAUTH

SSL_OPT_NONE

public static final int SSL_OPT_NONE

SSL_OPT_OPTRENEGOTIATE

public static final int SSL_OPT_OPTRENEGOTIATE

SSL_OPT_RELSET

public static final int SSL_OPT_RELSET

SSL_OPT_STDENVVARS

public static final int SSL_OPT_STDENVVARS

SSL_OPT_STRICTREQUIRE

public static final int SSL_OPT_STRICTREQUIRE

SSL_OP_ALL

public static final int SSL_OP_ALL

SSL_OP_CIPHER_SERVER_PREFERENCE

public static final int SSL_OP_CIPHER_SERVER_PREFERENCE

SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS

public static final int SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS

SSL_OP_EPHEMERAL_RSA

public static final int SSL_OP_EPHEMERAL_RSA

SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER

public static final int SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER

SSL_OP_MICROSOFT_SESS_ID_BUG

public static final int SSL_OP_MICROSOFT_SESS_ID_BUG

SSL_OP_MSIE_SSLV2_RSA_PADDING

public static final int SSL_OP_MSIE_SSLV2_RSA_PADDING

SSL_OP_NETSCAPE_CA_DN_BUG

public static final int SSL_OP_NETSCAPE_CA_DN_BUG

SSL_OP_NETSCAPE_CHALLENGE_BUG

public static final int SSL_OP_NETSCAPE_CHALLENGE_BUG

SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG

public static final int SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG

SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG

public static final int SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG

SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION

public static final int SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION

SSL_OP_NO_SSLv2

public static final int SSL_OP_NO_SSLv2

SSL_OP_NO_SSLv3

public static final int SSL_OP_NO_SSLv3

SSL_OP_NO_TLSv1

public static final int SSL_OP_NO_TLSv1

SSL_OP_PKCS1_CHECK_1

public static final int SSL_OP_PKCS1_CHECK_1

SSL_OP_PKCS1_CHECK_2

public static final int SSL_OP_PKCS1_CHECK_2

SSL_OP_SINGLE_DH_USE

public static final int SSL_OP_SINGLE_DH_USE

SSL_OP_SSLEAY_080_CLIENT_DH_BUG

public static final int SSL_OP_SSLEAY_080_CLIENT_DH_BUG

SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG

public static final int SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG

SSL_OP_TLS_BLOCK_PADDING_BUG

public static final int SSL_OP_TLS_BLOCK_PADDING_BUG

SSL_OP_TLS_D5_BUG

public static final int SSL_OP_TLS_D5_BUG

SSL_OP_TLS_ROLLBACK_BUG

public static final int SSL_OP_TLS_ROLLBACK_BUG

SSL_PROTOCOL_ALL

public static final int SSL_PROTOCOL_ALL

SSL_PROTOCOL_NONE

public static final int SSL_PROTOCOL_NONE

SSL_PROTOCOL_SSLV2

public static final int SSL_PROTOCOL_SSLV2

SSL_PROTOCOL_SSLV3

public static final int SSL_PROTOCOL_SSLV3

SSL_PROTOCOL_TLSV1

public static final int SSL_PROTOCOL_TLSV1

SSL_SHUTDOWN_TYPE_ACCURATE

public static final int SSL_SHUTDOWN_TYPE_ACCURATE

SSL_SHUTDOWN_TYPE_STANDARD

public static final int SSL_SHUTDOWN_TYPE_STANDARD

SSL_SHUTDOWN_TYPE_UNCLEAN

public static final int SSL_SHUTDOWN_TYPE_UNCLEAN

SSL_SHUTDOWN_TYPE_UNSET

public static final int SSL_SHUTDOWN_TYPE_UNSET

SSL_TMP_KEY_DH_1024

public static final int SSL_TMP_KEY_DH_1024

SSL_TMP_KEY_DH_2048

public static final int SSL_TMP_KEY_DH_2048

SSL_TMP_KEY_DH_4096

public static final int SSL_TMP_KEY_DH_4096

SSL_TMP_KEY_DH_512

public static final int SSL_TMP_KEY_DH_512

SSL_TMP_KEY_MAX

public static final int SSL_TMP_KEY_MAX

SSL_TMP_KEY_RSA_1024

public static final int SSL_TMP_KEY_RSA_1024

SSL_TMP_KEY_RSA_2048

public static final int SSL_TMP_KEY_RSA_2048

SSL_TMP_KEY_RSA_4096

public static final int SSL_TMP_KEY_RSA_4096

SSL_TMP_KEY_RSA_512

public static final int SSL_TMP_KEY_RSA_512

SSL_VERIFY_CLIENT_ONCE

public static final int SSL_VERIFY_CLIENT_ONCE

SSL_VERIFY_FAIL_IF_NO_PEER_CERT

public static final int SSL_VERIFY_FAIL_IF_NO_PEER_CERT

SSL_VERIFY_NONE

public static final int SSL_VERIFY_NONE

SSL_VERIFY_PEER

public static final int SSL_VERIFY_PEER

SSL_VERIFY_PEER_STRICT

public static final int SSL_VERIFY_PEER_STRICT

UNSET

public static final int UNSET

Method Detail

closeBIO

public static int closeBIO(long bio)
Close BIO and derefrence callback object

Parameters: bio BIO to close and destroy.

Returns: APR Status code

generateRSATempKey

public static boolean generateRSATempKey(int idx)
Generate temporary RSA key.
Index can be one of:
 SSL_TMP_KEY_RSA_512
 SSL_TMP_KEY_RSA_1024
 SSL_TMP_KEY_RSA_2048
 SSL_TMP_KEY_RSA_4096
 
By default 512 and 1024 keys are generated on startup. You can use a low priority thread to generate them on the fly.

Parameters: idx temporary key index.

getLastError

public static String getLastError()
Return last SSL error string

initialize

public static int initialize(String engine)
Initialize OpenSSL support. This function needs to be called once for the lifetime of JVM. Library.init() has to be called before.

Parameters: engine Support for external a Crypto Device ("engine"), usually a hardware accellerator card for crypto operations.

Returns: APR status code

loadDSATempKey

public static boolean loadDSATempKey(int idx, String file)
Load temporary DSA key from file
Index can be one of:
 SSL_TMP_KEY_DH_512
 SSL_TMP_KEY_DH_1024
 SSL_TMP_KEY_DH_2048
 SSL_TMP_KEY_DH_4096
 

Parameters: idx temporary key index. file File contatining DH params.

newBIO

public static long newBIO(long pool, BIOCallback callback)
Initialize new BIO

Parameters: pool The pool to use. callback BIOCallback to use

Returns: New BIO handle

randLoad

public static boolean randLoad(String filename)
Add content of the file to the PRNG

Parameters: filename Filename containing random data. If null the default file will be tested. The seed file is $RANDFILE if that environment variable is set, $HOME/.rnd otherwise. In case both files are unavailable builtin random seed generator is used.

randMake

public static boolean randMake(String filename, int len, boolean base64)
Creates random data to filename

Parameters: filename Filename to save the data len The length of random sequence in bytes base64 Output the data in Base64 encoded format

randSave

public static boolean randSave(String filename)
Writes a number of random bytes (currently 1024) to file filename which can be used to initialize the PRNG by calling randLoad in a later session.

Parameters: filename Filename to save the data

randSet

public static boolean randSet(String filename)
Set source of entropy to use in SSL

Parameters: filename Filename containing random data

setPassword

public static void setPassword(String password)
Set global Password for decrypting certificates and keys.

Parameters: password Password to use.

setPasswordCallback

public static void setPasswordCallback(PasswordCallback callback)
Set global Password callback for obtaining passwords.

Parameters: callback PasswordCallback implementation to use.

version

public static int version()

versionString

public static String versionString()
Copyright © 2000-2011 Apache Software Foundation. All Rights Reserved.