NativeCrypto.java revision 3e6dd45baa0d7f9b4fa06f4ade76e088b59cc7bf
1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package org.apache.harmony.xnet.provider.jsse; 18 19import java.io.FileDescriptor; 20import java.io.IOException; 21import java.net.SocketTimeoutException; 22import java.nio.ByteOrder; 23import java.security.MessageDigest; 24import java.security.NoSuchAlgorithmException; 25import java.security.cert.Certificate; 26import java.security.cert.CertificateEncodingException; 27import java.security.cert.CertificateException; 28import java.security.cert.X509Certificate; 29import java.security.interfaces.RSAPublicKey; 30import java.util.ArrayList; 31import java.util.HashMap; 32import java.util.LinkedHashMap; 33import java.util.List; 34import java.util.Map; 35import javax.net.ssl.SSLException; 36import javax.security.auth.x500.X500Principal; 37import libcore.io.Memory; 38 39/** 40 * Provides the Java side of our JNI glue for OpenSSL. 41 */ 42public final class NativeCrypto { 43 44 // --- OpenSSL library initialization -------------------------------------- 45 static { 46 clinit(); 47 } 48 49 private native static void clinit(); 50 51 // --- ENGINE functions ---------------------------------------------------- 52 public static native void ENGINE_load_dynamic(); 53 54 public static native int ENGINE_by_id(String id); 55 56 public static native int ENGINE_init(int e); 57 58 public static native int ENGINE_finish(int e); 59 60 public static native int ENGINE_free(int e); 61 62 public static native int ENGINE_load_private_key(int e, String key_id); 63 64 // --- DSA/RSA public/private key handling functions ----------------------- 65 66 public static native int EVP_PKEY_new_DSA(byte[] p, byte[] q, byte[] g, 67 byte[] pub_key, byte[] priv_key); 68 69 public static native int EVP_PKEY_new_RSA(byte[] n, byte[] e, byte[] d, byte[] p, byte[] q, 70 byte[] dmp1, byte[] dmq1, byte[] iqmp); 71 72 public static native int EVP_PKEY_size(int pkey); 73 74 public static native int EVP_PKEY_type(int pkey); 75 76 public static native void EVP_PKEY_free(int pkey); 77 78 public static native byte[] i2d_PKCS8_PRIV_KEY_INFO(int pkey); 79 80 public static native int d2i_PKCS8_PRIV_KEY_INFO(byte[] data); 81 82 public static native byte[] i2d_PUBKEY(int pkey); 83 84 public static native int d2i_PUBKEY(byte[] data); 85 86 public static native int RSA_generate_key_ex(int modulusBits, byte[] publicExponent); 87 88 /** 89 * @return array of {n, e} 90 */ 91 public static native byte[][] get_RSA_public_params(int rsa); 92 93 /** 94 * @return array of {n, e, d, p, q, dmp1, dmq1, iqmp} 95 */ 96 public static native byte[][] get_RSA_private_params(int rsa); 97 98 public static native int DSA_generate_key(int primeBits, byte[] seed, byte[] g, byte[] p, 99 byte[] q); 100 101 /** 102 * @return array of {g, p, q, y(pub), x(priv)} 103 */ 104 public static native byte[][] get_DSA_params(int dsa); 105 106 public static native byte[] i2d_RSAPublicKey(int rsa); 107 108 public static native byte[] i2d_RSAPrivateKey(int rsa); 109 110 public static native byte[] i2d_DSAPublicKey(int dsa); 111 112 public static native byte[] i2d_DSAPrivateKey(int dsa); 113 114 // --- Message digest functions -------------- 115 116 public static native int EVP_get_digestbyname(String name); 117 118 public static native int EVP_MD_size(int evp_md); 119 120 public static native int EVP_MD_block_size(int evp_md); 121 122 // --- Message digest context functions -------------- 123 124 public static native void EVP_MD_CTX_destroy(int ctx); 125 126 public static native int EVP_MD_CTX_copy(int ctx); 127 128 // --- Digest handling functions ------------------------------------------- 129 130 public static native int EVP_DigestInit(int evp_md); 131 132 public static native void EVP_DigestUpdate(int ctx, byte[] buffer, int offset, int length); 133 134 public static native int EVP_DigestFinal(int ctx, byte[] hash, int offset); 135 136 // --- Signature handling functions ---------------------------------------- 137 138 public static native int EVP_SignInit(String algorithm); 139 140 public static native void EVP_SignUpdate(int ctx, byte[] buffer, 141 int offset, int length); 142 143 public static native int EVP_SignFinal(int ctx, byte[] signature, int offset, int key); 144 145 public static native int EVP_VerifyInit(String algorithm); 146 147 public static native void EVP_VerifyUpdate(int ctx, byte[] buffer, 148 int offset, int length); 149 150 public static native int EVP_VerifyFinal(int ctx, byte[] signature, 151 int offset, int length, int key); 152 153 154 // --- Block ciphers ------------------------------------------------------- 155 156 public static native int EVP_get_cipherbyname(String string); 157 158 public static native int EVP_CipherInit_ex(int cipherNid, byte[] key, byte[] iv, 159 boolean encrypting); 160 161 public static native int EVP_CipherUpdate(int ctx, byte[] out, int outOffset, byte[] in, 162 int inOffset); 163 164 public static native int EVP_CipherFinal_ex(int ctx, byte[] out, int outOffset); 165 166 public static native void EVP_CIPHER_CTX_cleanup(int ctx); 167 168 // --- RAND seeding -------------------------------------------------------- 169 170 public static final int RAND_SEED_LENGTH_IN_BYTES = 1024; 171 172 public static native void RAND_seed(byte[] seed); 173 174 public static native int RAND_load_file(String filename, long max_bytes); 175 176 // --- X509_NAME ----------------------------------------------------------- 177 178 public static int X509_NAME_hash(X500Principal principal) { 179 return X509_NAME_hash(principal, "SHA1"); 180 } 181 public static int X509_NAME_hash_old(X500Principal principal) { 182 return X509_NAME_hash(principal, "MD5"); 183 } 184 private static int X509_NAME_hash(X500Principal principal, String algorithm) { 185 try { 186 byte[] digest = MessageDigest.getInstance(algorithm).digest(principal.getEncoded()); 187 return Memory.peekInt(digest, 0, ByteOrder.LITTLE_ENDIAN); 188 } catch (NoSuchAlgorithmException e) { 189 throw new AssertionError(e); 190 } 191 } 192 193 // --- SSL handling -------------------------------------------------------- 194 195 private static final String SUPPORTED_PROTOCOL_SSLV3 = "SSLv3"; 196 private static final String SUPPORTED_PROTOCOL_TLSV1 = "TLSv1"; 197 private static final String SUPPORTED_PROTOCOL_TLSV1_1 = "TLSv1.1"; 198 private static final String SUPPORTED_PROTOCOL_TLSV1_2 = "TLSv1.2"; 199 200 public static final Map<String, String> OPENSSL_TO_STANDARD_CIPHER_SUITES 201 = new HashMap<String, String>(); 202 public static final Map<String, String> STANDARD_TO_OPENSSL_CIPHER_SUITES 203 = new LinkedHashMap<String, String>(); 204 205 private static void add(String standard, String openssl) { 206 OPENSSL_TO_STANDARD_CIPHER_SUITES.put(openssl, standard); 207 STANDARD_TO_OPENSSL_CIPHER_SUITES.put(standard, openssl); 208 } 209 210 /** 211 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is RFC 5746's renegotiation 212 * indication signaling cipher suite value. It is not a real 213 * cipher suite. It is just an indication in the default and 214 * supported cipher suite lists indicates that the implementation 215 * supports secure renegotiation. 216 * 217 * In the RI, its presence means that the SCSV is sent in the 218 * cipher suite list to indicate secure renegotiation support and 219 * its absense means to send an empty TLS renegotiation info 220 * extension instead. 221 * 222 * However, OpenSSL doesn't provide an API to give this level of 223 * control, instead always sending the SCSV and always including 224 * the empty renegotiation info if TLS is used (as opposed to 225 * SSL). So we simply allow TLS_EMPTY_RENEGOTIATION_INFO_SCSV to 226 * be passed for compatibility as to provide the hint that we 227 * support secure renegotiation. 228 */ 229 public static final String TLS_EMPTY_RENEGOTIATION_INFO_SCSV 230 = "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"; 231 232 static { 233 // Note these are added in priority order 234 add("SSL_RSA_WITH_RC4_128_MD5", "RC4-MD5"); 235 add("SSL_RSA_WITH_RC4_128_SHA", "RC4-SHA"); 236 add("TLS_RSA_WITH_AES_128_CBC_SHA", "AES128-SHA"); 237 add("TLS_RSA_WITH_AES_256_CBC_SHA", "AES256-SHA"); 238 add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA", "ECDH-ECDSA-RC4-SHA"); 239 add("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "ECDH-ECDSA-AES128-SHA"); 240 add("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "ECDH-ECDSA-AES256-SHA"); 241 add("TLS_ECDH_RSA_WITH_RC4_128_SHA", "ECDH-RSA-RC4-SHA"); 242 add("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "ECDH-RSA-AES128-SHA"); 243 add("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "ECDH-RSA-AES256-SHA"); 244 add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "ECDHE-ECDSA-RC4-SHA"); 245 add("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "ECDHE-ECDSA-AES128-SHA"); 246 add("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "ECDHE-ECDSA-AES256-SHA"); 247 add("TLS_ECDHE_RSA_WITH_RC4_128_SHA", "ECDHE-RSA-RC4-SHA"); 248 add("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "ECDHE-RSA-AES128-SHA"); 249 add("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "ECDHE-RSA-AES256-SHA"); 250 add("TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "DHE-RSA-AES128-SHA"); 251 add("TLS_DHE_RSA_WITH_AES_256_CBC_SHA", "DHE-RSA-AES256-SHA"); 252 add("TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "DHE-DSS-AES128-SHA"); 253 add("TLS_DHE_DSS_WITH_AES_256_CBC_SHA", "DHE-DSS-AES256-SHA"); 254 add("SSL_RSA_WITH_3DES_EDE_CBC_SHA", "DES-CBC3-SHA"); 255 add("TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "ECDH-ECDSA-DES-CBC3-SHA"); 256 add("TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "ECDH-RSA-DES-CBC3-SHA"); 257 add("TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "ECDHE-ECDSA-DES-CBC3-SHA"); 258 add("TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "ECDHE-RSA-DES-CBC3-SHA"); 259 add("SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "EDH-RSA-DES-CBC3-SHA"); 260 add("SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "EDH-DSS-DES-CBC3-SHA"); 261 add("SSL_RSA_WITH_DES_CBC_SHA", "DES-CBC-SHA"); 262 add("SSL_DHE_RSA_WITH_DES_CBC_SHA", "EDH-RSA-DES-CBC-SHA"); 263 add("SSL_DHE_DSS_WITH_DES_CBC_SHA", "EDH-DSS-DES-CBC-SHA"); 264 add("SSL_RSA_EXPORT_WITH_RC4_40_MD5", "EXP-RC4-MD5"); 265 add("SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "EXP-DES-CBC-SHA"); 266 add("SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "EXP-EDH-RSA-DES-CBC-SHA"); 267 add("SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "EXP-EDH-DSS-DES-CBC-SHA"); 268 add("SSL_RSA_WITH_NULL_MD5", "NULL-MD5"); 269 add("SSL_RSA_WITH_NULL_SHA", "NULL-SHA"); 270 add("TLS_ECDH_ECDSA_WITH_NULL_SHA", "ECDH-ECDSA-NULL-SHA"); 271 add("TLS_ECDH_RSA_WITH_NULL_SHA", "ECDH-RSA-NULL-SHA"); 272 add("TLS_ECDHE_ECDSA_WITH_NULL_SHA", "ECDHE-ECDSA-NULL-SHA"); 273 add("TLS_ECDHE_RSA_WITH_NULL_SHA", "ECDHE-RSA-NULL-SHA"); 274 add("SSL_DH_anon_WITH_RC4_128_MD5", "ADH-RC4-MD5"); 275 add("TLS_DH_anon_WITH_AES_128_CBC_SHA", "ADH-AES128-SHA"); 276 add("TLS_DH_anon_WITH_AES_256_CBC_SHA", "ADH-AES256-SHA"); 277 add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "ADH-DES-CBC3-SHA"); 278 add("SSL_DH_anon_WITH_DES_CBC_SHA", "ADH-DES-CBC-SHA"); 279 add("TLS_ECDH_anon_WITH_RC4_128_SHA", "AECDH-RC4-SHA"); 280 add("TLS_ECDH_anon_WITH_AES_128_CBC_SHA", "AECDH-AES128-SHA"); 281 add("TLS_ECDH_anon_WITH_AES_256_CBC_SHA", "AECDH-AES256-SHA"); 282 add("TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", "AECDH-DES-CBC3-SHA"); 283 add("SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "EXP-ADH-RC4-MD5"); 284 add("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", "EXP-ADH-DES-CBC-SHA"); 285 add("TLS_ECDH_anon_WITH_NULL_SHA", "AECDH-NULL-SHA"); 286 287 // No Kerberos in Android 288 // add("TLS_KRB5_WITH_RC4_128_SHA", "KRB5-RC4-SHA"); 289 // add("TLS_KRB5_WITH_RC4_128_MD5", "KRB5-RC4-MD5"); 290 // add("TLS_KRB5_WITH_3DES_EDE_CBC_SHA", "KRB5-DES-CBC3-SHA"); 291 // add("TLS_KRB5_WITH_3DES_EDE_CBC_MD5", "KRB5-DES-CBC3-MD5"); 292 // add("TLS_KRB5_WITH_DES_CBC_SHA", "KRB5-DES-CBC-SHA"); 293 // add("TLS_KRB5_WITH_DES_CBC_MD5", "KRB5-DES-CBC-MD5"); 294 // add("TLS_KRB5_EXPORT_WITH_RC4_40_SHA", "EXP-KRB5-RC4-SHA"); 295 // add("TLS_KRB5_EXPORT_WITH_RC4_40_MD5", "EXP-KRB5-RC4-MD5"); 296 // add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", "EXP-KRB5-DES-CBC-SHA"); 297 // add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", "EXP-KRB5-DES-CBC-MD5"); 298 299 // not implemented by either RI or OpenSSL 300 // add("SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", null); 301 // add("SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", null); 302 303 // EXPORT1024 suites were never standardized but were widely implemented. 304 // OpenSSL 0.9.8c and later have disabled TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 305 // add("SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA", "EXP1024-DES-CBC-SHA"); 306 // add("SSL_RSA_EXPORT1024_WITH_RC4_56_SHA", "EXP1024-RC4-SHA"); 307 308 // No RC2 309 // add("SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", "EXP-RC2-CBC-MD5"); 310 // add("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA", "EXP-KRB5-RC2-CBC-SHA"); 311 // add("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5", "EXP-KRB5-RC2-CBC-MD5"); 312 313 // PSK is Private Shared Key - didn't exist in Froyo's openssl - no JSSE equivalent 314 // add(null, "PSK-3DES-EDE-CBC-SHA"); 315 // add(null, "PSK-AES128-CBC-SHA"); 316 // add(null, "PSK-AES256-CBC-SHA"); 317 // add(null, "PSK-RC4-SHA"); 318 319 // Signaling Cipher Suite Value for secure renegotiation handled as special case. 320 // add("TLS_EMPTY_RENEGOTIATION_INFO_SCSV", null); 321 } 322 323 private static final String[] SUPPORTED_CIPHER_SUITES; 324 static { 325 int size = STANDARD_TO_OPENSSL_CIPHER_SUITES.size(); 326 SUPPORTED_CIPHER_SUITES = new String[size + 1]; 327 STANDARD_TO_OPENSSL_CIPHER_SUITES.keySet().toArray(SUPPORTED_CIPHER_SUITES); 328 SUPPORTED_CIPHER_SUITES[size] = TLS_EMPTY_RENEGOTIATION_INFO_SCSV; 329 } 330 331 // EVP_PKEY types from evp.h and objects.h 332 public static final int EVP_PKEY_RSA = 6; // NID_rsaEcnryption 333 public static final int EVP_PKEY_DSA = 116; // NID_dsa 334 public static final int EVP_PKEY_DH = 28; // NID_dhKeyAgreement 335 public static final int EVP_PKEY_EC = 408; // NID_X9_62_id_ecPublicKey 336 337 // SSL mode from ssl.h 338 public static final long SSL_MODE_HANDSHAKE_CUTTHROUGH = 0x00000040L; 339 340 // SSL options from ssl.h 341 public static final long SSL_OP_NO_TICKET = 0x00004000L; 342 public static final long SSL_OP_NO_COMPRESSION = 0x00020000L; 343 public static final long SSL_OP_NO_SSLv3 = 0x02000000L; 344 public static final long SSL_OP_NO_TLSv1 = 0x04000000L; 345 public static final long SSL_OP_NO_TLSv1_1 = 0x00000400L; 346 public static final long SSL_OP_NO_TLSv1_2 = 0x08000000L; 347 348 public static native int SSL_CTX_new(); 349 350 public static String[] getDefaultCipherSuites() { 351 return new String[] { 352 "SSL_RSA_WITH_RC4_128_MD5", 353 "SSL_RSA_WITH_RC4_128_SHA", 354 "TLS_RSA_WITH_AES_128_CBC_SHA", 355 "TLS_RSA_WITH_AES_256_CBC_SHA", 356 "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 357 "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", 358 "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", 359 "TLS_ECDH_RSA_WITH_RC4_128_SHA", 360 "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", 361 "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", 362 "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", 363 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 364 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 365 "TLS_ECDHE_RSA_WITH_RC4_128_SHA", 366 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 367 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 368 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", 369 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", 370 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", 371 "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", 372 "SSL_RSA_WITH_3DES_EDE_CBC_SHA", 373 "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", 374 "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", 375 "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", 376 "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", 377 "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 378 "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 379 "SSL_RSA_WITH_DES_CBC_SHA", 380 "SSL_DHE_RSA_WITH_DES_CBC_SHA", 381 "SSL_DHE_DSS_WITH_DES_CBC_SHA", 382 "SSL_RSA_EXPORT_WITH_RC4_40_MD5", 383 "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", 384 "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", 385 "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 386 TLS_EMPTY_RENEGOTIATION_INFO_SCSV 387 }; 388 } 389 390 public static String[] getSupportedCipherSuites() { 391 return SUPPORTED_CIPHER_SUITES.clone(); 392 } 393 394 public static native void SSL_CTX_free(int ssl_ctx); 395 396 public static native int SSL_new(int ssl_ctx) throws SSLException; 397 398 public static byte[][] encodeCertificates(Certificate[] certificates) 399 throws CertificateEncodingException { 400 byte[][] certificateBytes = new byte[certificates.length][]; 401 for (int i = 0; i < certificates.length; i++) { 402 certificateBytes[i] = certificates[i].getEncoded(); 403 } 404 return certificateBytes; 405 } 406 407 public static native void SSL_use_certificate(int ssl, byte[][] asn1DerEncodedCertificateChain); 408 409 public static native void SSL_use_OpenSSL_PrivateKey(int ssl, int pkey); 410 411 public static native void SSL_use_PrivateKey(int ssl, byte[] pkcs8EncodedPrivateKey); 412 413 public static native void SSL_check_private_key(int ssl) throws SSLException; 414 415 public static byte[][] encodeIssuerX509Principals(X509Certificate[] certificates) 416 throws CertificateEncodingException { 417 byte[][] principalBytes = new byte[certificates.length][]; 418 for (int i = 0; i < certificates.length; i++) { 419 principalBytes[i] = certificates[i].getIssuerX500Principal().getEncoded(); 420 } 421 return principalBytes; 422 } 423 424 public static native void SSL_set_client_CA_list(int ssl, byte[][] asn1DerEncodedX500Principals); 425 426 public static native long SSL_get_mode(int ssl); 427 428 public static native long SSL_set_mode(int ssl, long mode); 429 430 public static native long SSL_clear_mode(int ssl, long mode); 431 432 public static native long SSL_get_options(int ssl); 433 434 public static native long SSL_set_options(int ssl, long options); 435 436 public static native long SSL_clear_options(int ssl, long options); 437 438 public static String[] getSupportedProtocols() { 439 return new String[] { SUPPORTED_PROTOCOL_SSLV3, 440 SUPPORTED_PROTOCOL_TLSV1, 441 SUPPORTED_PROTOCOL_TLSV1_1, 442 SUPPORTED_PROTOCOL_TLSV1_2, 443 }; 444 } 445 446 public static void setEnabledProtocols(int ssl, String[] protocols) { 447 checkEnabledProtocols(protocols); 448 // openssl uses negative logic letting you disable protocols. 449 // so first, assume we need to set all (disable all) and clear none (enable none). 450 // in the loop, selectively move bits from set to clear (from disable to enable) 451 long optionsToSet = (SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2); 452 long optionsToClear = 0; 453 for (int i = 0; i < protocols.length; i++) { 454 String protocol = protocols[i]; 455 if (protocol.equals(SUPPORTED_PROTOCOL_SSLV3)) { 456 optionsToSet &= ~SSL_OP_NO_SSLv3; 457 optionsToClear |= SSL_OP_NO_SSLv3; 458 } else if (protocol.equals(SUPPORTED_PROTOCOL_TLSV1)) { 459 optionsToSet &= ~SSL_OP_NO_TLSv1; 460 optionsToClear |= SSL_OP_NO_TLSv1; 461 } else if (protocol.equals(SUPPORTED_PROTOCOL_TLSV1_1)) { 462 optionsToSet &= ~SSL_OP_NO_TLSv1_1; 463 optionsToClear |= SSL_OP_NO_TLSv1_1; 464 } else if (protocol.equals(SUPPORTED_PROTOCOL_TLSV1_2)) { 465 optionsToSet &= ~SSL_OP_NO_TLSv1_2; 466 optionsToClear |= SSL_OP_NO_TLSv1_2; 467 } else { 468 // error checked by checkEnabledProtocols 469 throw new IllegalStateException(); 470 } 471 } 472 473 SSL_set_options(ssl, optionsToSet); 474 SSL_clear_options(ssl, optionsToClear); 475 } 476 477 public static String[] checkEnabledProtocols(String[] protocols) { 478 if (protocols == null) { 479 throw new IllegalArgumentException("protocols == null"); 480 } 481 for (int i = 0; i < protocols.length; i++) { 482 String protocol = protocols[i]; 483 if (protocol == null) { 484 throw new IllegalArgumentException("protocols[" + i + "] == null"); 485 } 486 if ((!protocol.equals(SUPPORTED_PROTOCOL_SSLV3)) 487 && (!protocol.equals(SUPPORTED_PROTOCOL_TLSV1)) 488 && (!protocol.equals(SUPPORTED_PROTOCOL_TLSV1_1)) 489 && (!protocol.equals(SUPPORTED_PROTOCOL_TLSV1_2))) { 490 throw new IllegalArgumentException("protocol " + protocol 491 + " is not supported"); 492 } 493 } 494 return protocols; 495 } 496 497 public static native void SSL_set_cipher_lists(int ssl, String[] ciphers); 498 499 public static void setEnabledCipherSuites(int ssl, String[] cipherSuites) { 500 checkEnabledCipherSuites(cipherSuites); 501 List<String> opensslSuites = new ArrayList<String>(); 502 for (int i = 0; i < cipherSuites.length; i++) { 503 String cipherSuite = cipherSuites[i]; 504 if (cipherSuite.equals(TLS_EMPTY_RENEGOTIATION_INFO_SCSV)) { 505 continue; 506 } 507 String openssl = STANDARD_TO_OPENSSL_CIPHER_SUITES.get(cipherSuite); 508 String cs = (openssl == null) ? cipherSuite : openssl; 509 opensslSuites.add(cs); 510 } 511 SSL_set_cipher_lists(ssl, opensslSuites.toArray(new String[opensslSuites.size()])); 512 } 513 514 public static String[] checkEnabledCipherSuites(String[] cipherSuites) { 515 if (cipherSuites == null) { 516 throw new IllegalArgumentException("cipherSuites == null"); 517 } 518 // makes sure all suites are valid, throwing on error 519 for (int i = 0; i < cipherSuites.length; i++) { 520 String cipherSuite = cipherSuites[i]; 521 if (cipherSuite == null) { 522 throw new IllegalArgumentException("cipherSuites[" + i + "] == null"); 523 } 524 if (cipherSuite.equals(TLS_EMPTY_RENEGOTIATION_INFO_SCSV)) { 525 continue; 526 } 527 if (STANDARD_TO_OPENSSL_CIPHER_SUITES.containsKey(cipherSuite)) { 528 continue; 529 } 530 if (OPENSSL_TO_STANDARD_CIPHER_SUITES.containsKey(cipherSuite)) { 531 // TODO log warning about using backward compatability 532 continue; 533 } 534 throw new IllegalArgumentException("cipherSuite " + cipherSuite + " is not supported."); 535 } 536 return cipherSuites; 537 } 538 539 public static final String SUPPORTED_COMPRESSION_METHOD_ZLIB = "ZLIB"; 540 public static final String SUPPORTED_COMPRESSION_METHOD_NULL = "NULL"; 541 542 private static final String[] SUPPORTED_COMPRESSION_METHODS 543 = { SUPPORTED_COMPRESSION_METHOD_ZLIB, SUPPORTED_COMPRESSION_METHOD_NULL }; 544 545 public static String[] getSupportedCompressionMethods() { 546 return SUPPORTED_COMPRESSION_METHODS.clone(); 547 } 548 549 public static final String[] getDefaultCompressionMethods() { 550 return new String[] { SUPPORTED_COMPRESSION_METHOD_NULL }; 551 } 552 553 public static String[] checkEnabledCompressionMethods(String[] methods) { 554 if (methods == null) { 555 throw new IllegalArgumentException("methods == null"); 556 } 557 if (methods.length < 1 558 && !methods[methods.length-1].equals(SUPPORTED_COMPRESSION_METHOD_NULL)) { 559 throw new IllegalArgumentException("last method must be NULL"); 560 } 561 for (int i = 0; i < methods.length; i++) { 562 String method = methods[i]; 563 if (method == null) { 564 throw new IllegalArgumentException("methods[" + i + "] == null"); 565 } 566 if (!method.equals(SUPPORTED_COMPRESSION_METHOD_ZLIB) 567 && !method.equals(SUPPORTED_COMPRESSION_METHOD_NULL)) { 568 throw new IllegalArgumentException("method " + method 569 + " is not supported"); 570 } 571 } 572 return methods; 573 } 574 575 public static void setEnabledCompressionMethods(int ssl, String[] methods) { 576 checkEnabledCompressionMethods(methods); 577 // openssl uses negative logic letting you disable compression. 578 // so first, assume we need to set all (disable all) and clear none (enable none). 579 // in the loop, selectively move bits from set to clear (from disable to enable) 580 long optionsToSet = (SSL_OP_NO_COMPRESSION); 581 long optionsToClear = 0; 582 for (int i = 0; i < methods.length; i++) { 583 String method = methods[i]; 584 if (method.equals(SUPPORTED_COMPRESSION_METHOD_NULL)) { 585 // nothing to do to support NULL 586 } else if (method.equals(SUPPORTED_COMPRESSION_METHOD_ZLIB)) { 587 optionsToSet &= ~SSL_OP_NO_COMPRESSION; 588 optionsToClear |= SSL_OP_NO_COMPRESSION; 589 } else { 590 // error checked by checkEnabledCompressionMethods 591 throw new IllegalStateException(); 592 } 593 } 594 595 SSL_set_options(ssl, optionsToSet); 596 SSL_clear_options(ssl, optionsToClear); 597 } 598 599 /* 600 * See the OpenSSL ssl.h header file for more information. 601 */ 602 public static final int SSL_VERIFY_NONE = 0x00; 603 public static final int SSL_VERIFY_PEER = 0x01; 604 public static final int SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 0x02; 605 606 public static native void SSL_set_verify(int sslNativePointer, int mode); 607 608 public static native void SSL_set_session(int sslNativePointer, int sslSessionNativePointer) 609 throws SSLException; 610 611 public static native void SSL_set_session_creation_enabled( 612 int sslNativePointer, boolean creationEnabled) throws SSLException; 613 614 public static native void SSL_set_tlsext_host_name(int sslNativePointer, String hostname) 615 throws SSLException; 616 public static native String SSL_get_servername(int sslNativePointer); 617 618 /** 619 * Returns the sslSessionNativePointer of the negotiated session 620 */ 621 public static native int SSL_do_handshake(int sslNativePointer, 622 FileDescriptor fd, 623 SSLHandshakeCallbacks shc, 624 int timeout, 625 boolean client_mode) 626 throws SSLException, SocketTimeoutException, CertificateException; 627 628 /** 629 * Currently only intended for forcing renegotiation for testing. 630 * Not used within OpenSSLSocketImpl. 631 */ 632 public static native void SSL_renegotiate(int sslNativePointer) throws SSLException; 633 634 /** 635 * Returns the local ASN.1 DER encoded X509 certificates. 636 */ 637 public static native byte[][] SSL_get_certificate(int sslNativePointer); 638 639 /** 640 * Returns the peer ASN.1 DER encoded X509 certificates. 641 */ 642 public static native byte[][] SSL_get_peer_cert_chain(int sslNativePointer); 643 644 /** 645 * Reads with the native SSL_read function from the encrypted data stream 646 * @return -1 if error or the end of the stream is reached. 647 */ 648 public static native int SSL_read(int sslNativePointer, 649 FileDescriptor fd, 650 SSLHandshakeCallbacks shc, 651 byte[] b, int off, int len, int timeout) 652 throws IOException; 653 654 /** 655 * Writes with the native SSL_write function to the encrypted data stream. 656 */ 657 public static native void SSL_write(int sslNativePointer, 658 FileDescriptor fd, 659 SSLHandshakeCallbacks shc, 660 byte[] b, int off, int len) 661 throws IOException; 662 663 public static native void SSL_interrupt(int sslNativePointer); 664 public static native void SSL_shutdown(int sslNativePointer, 665 FileDescriptor fd, 666 SSLHandshakeCallbacks shc) throws IOException; 667 668 public static native void SSL_free(int sslNativePointer); 669 670 public static native byte[] SSL_SESSION_session_id(int sslSessionNativePointer); 671 672 public static native long SSL_SESSION_get_time(int sslSessionNativePointer); 673 674 public static native String SSL_SESSION_get_version(int sslSessionNativePointer); 675 676 public static native String SSL_SESSION_cipher(int sslSessionNativePointer); 677 678 public static native String SSL_SESSION_compress_meth(int sslCtxNativePointer, 679 int sslSessionNativePointer); 680 681 public static native void SSL_SESSION_free(int sslSessionNativePointer); 682 683 public static native byte[] i2d_SSL_SESSION(int sslSessionNativePointer); 684 685 public static native int d2i_SSL_SESSION(byte[] data); 686 687 /** 688 * A collection of callbacks from the native OpenSSL code that are 689 * related to the SSL handshake initiated by SSL_do_handshake. 690 */ 691 public interface SSLHandshakeCallbacks { 692 /** 693 * Verify that we trust the certificate chain is trusted. 694 * 695 * @param asn1DerEncodedCertificateChain A chain of ASN.1 DER encoded certificates 696 * @param authMethod auth algorithm name 697 * 698 * @throws CertificateException if the certificate is untrusted 699 */ 700 public void verifyCertificateChain(byte[][] asn1DerEncodedCertificateChain, String authMethod) 701 throws CertificateException; 702 703 /** 704 * Called on an SSL client when the server requests (or 705 * requires a certificate). The client can respond by using 706 * SSL_use_certificate and SSL_use_PrivateKey to set a 707 * certificate if has an appropriate one available, similar to 708 * how the server provides its certificate. 709 * 710 * @param keyTypes key types supported by the server, 711 * convertible to strings with #keyType 712 * @param asn1DerEncodedX500Principals CAs known to the server 713 */ 714 public void clientCertificateRequested(byte[] keyTypes, 715 byte[][] asn1DerEncodedX500Principals) 716 throws CertificateEncodingException, SSLException; 717 718 /** 719 * Called when SSL handshake is completed. Note that this can 720 * be after SSL_do_handshake returns when handshake cutthrough 721 * is enabled. 722 */ 723 public void handshakeCompleted(); 724 } 725} 726