NativeCrypto.java revision 746a236e2be5dee62c482e27f4c682496d071d8b
1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package org.apache.harmony.xnet.provider.jsse; 18 19import java.io.FileDescriptor; 20import java.io.IOException; 21import java.net.SocketTimeoutException; 22import java.nio.ByteOrder; 23import java.security.MessageDigest; 24import java.security.NoSuchAlgorithmException; 25import java.security.cert.Certificate; 26import java.security.cert.CertificateEncodingException; 27import java.security.cert.CertificateException; 28import java.security.cert.X509Certificate; 29import java.security.interfaces.RSAPublicKey; 30import java.util.ArrayList; 31import java.util.HashMap; 32import java.util.LinkedHashMap; 33import java.util.List; 34import java.util.Map; 35import javax.net.ssl.SSLException; 36import javax.security.auth.x500.X500Principal; 37import libcore.io.Memory; 38 39/** 40 * Provides the Java side of our JNI glue for OpenSSL. 41 */ 42public final class NativeCrypto { 43 44 // --- OpenSSL library initialization -------------------------------------- 45 static { 46 clinit(); 47 } 48 49 private native static void clinit(); 50 51 // --- DSA/RSA public/private key handling functions ----------------------- 52 53 public static native int EVP_PKEY_new_DSA(byte[] p, byte[] q, byte[] g, 54 byte[] pub_key, byte[] priv_key); 55 56 public static native int EVP_PKEY_new_RSA(byte[] n, byte[] e, byte[] d, byte[] p, byte[] q, 57 byte[] dmp1, byte[] dmq1, byte[] iqmp); 58 59 public static native int EVP_PKEY_size(int pkey); 60 61 public static native void EVP_PKEY_free(int pkey); 62 63 public static native byte[] i2d_PKCS8_PRIV_KEY_INFO(int pkey); 64 65 public static native int d2i_PKCS8_PRIV_KEY_INFO(byte[] data); 66 67 public static native byte[] i2d_PUBKEY(int pkey); 68 69 public static native int d2i_PUBKEY(byte[] data); 70 71 public static native int RSA_generate_key_ex(int modulusBits, byte[] publicExponent); 72 73 /** 74 * @return array of {n, e} 75 */ 76 public static native byte[][] get_RSA_public_params(int rsa); 77 78 /** 79 * @return array of {n, e, d, p, q, dmp1, dmq1, iqmp} 80 */ 81 public static native byte[][] get_RSA_private_params(int rsa); 82 83 public static native int DSA_generate_key(int primeBits, byte[] seed, byte[] g, byte[] p, 84 byte[] q); 85 86 /** 87 * @return array of {g, p, q, y(pub), x(priv)} 88 */ 89 public static native byte[][] get_DSA_params(int dsa); 90 91 public static native byte[] i2d_RSAPublicKey(int rsa); 92 93 public static native byte[] i2d_RSAPrivateKey(int rsa); 94 95 public static native byte[] i2d_DSAPublicKey(int dsa); 96 97 public static native byte[] i2d_DSAPrivateKey(int dsa); 98 99 // --- Message digest functions -------------- 100 101 public static native int EVP_get_digestbyname(String name); 102 103 public static native int EVP_MD_size(int evp_md); 104 105 public static native int EVP_MD_block_size(int evp_md); 106 107 // --- Message digest context functions -------------- 108 109 public static native void EVP_MD_CTX_destroy(int ctx); 110 111 public static native int EVP_MD_CTX_copy(int ctx); 112 113 // --- Digest handling functions ------------------------------------------- 114 115 public static native int EVP_DigestInit(int evp_md); 116 117 public static native void EVP_DigestUpdate(int ctx, byte[] buffer, int offset, int length); 118 119 public static native int EVP_DigestFinal(int ctx, byte[] hash, int offset); 120 121 // --- Signature handling functions ---------------------------------------- 122 123 public static native int EVP_SignInit(String algorithm); 124 125 public static native void EVP_SignUpdate(int ctx, byte[] buffer, 126 int offset, int length); 127 128 public static native int EVP_SignFinal(int ctx, byte[] signature, int offset, int key); 129 130 public static native int EVP_VerifyInit(String algorithm); 131 132 public static native void EVP_VerifyUpdate(int ctx, byte[] buffer, 133 int offset, int length); 134 135 public static native int EVP_VerifyFinal(int ctx, byte[] signature, 136 int offset, int length, int key); 137 138 // --- RAND seeding -------------------------------------------------------- 139 140 public static final int RAND_SEED_LENGTH_IN_BYTES = 1024; 141 142 public static native void RAND_seed(byte[] seed); 143 144 public static native int RAND_load_file(String filename, long max_bytes); 145 146 // --- X509_NAME ----------------------------------------------------------- 147 148 public static int X509_NAME_hash(X500Principal principal) { 149 return X509_NAME_hash(principal, "SHA1"); 150 } 151 public static int X509_NAME_hash_old(X500Principal principal) { 152 return X509_NAME_hash(principal, "MD5"); 153 } 154 private static int X509_NAME_hash(X500Principal principal, String algorithm) { 155 try { 156 byte[] digest = MessageDigest.getInstance(algorithm).digest(principal.getEncoded()); 157 return Memory.peekInt(digest, 0, ByteOrder.LITTLE_ENDIAN); 158 } catch (NoSuchAlgorithmException e) { 159 throw new AssertionError(e); 160 } 161 } 162 163 // --- SSL handling -------------------------------------------------------- 164 165 private static final String SUPPORTED_PROTOCOL_SSLV3 = "SSLv3"; 166 private static final String SUPPORTED_PROTOCOL_TLSV1 = "TLSv1"; 167 168 public static final Map<String, String> OPENSSL_TO_STANDARD_CIPHER_SUITES 169 = new HashMap<String, String>(); 170 public static final Map<String, String> STANDARD_TO_OPENSSL_CIPHER_SUITES 171 = new LinkedHashMap<String, String>(); 172 173 private static void add(String standard, String openssl) { 174 OPENSSL_TO_STANDARD_CIPHER_SUITES.put(openssl, standard); 175 STANDARD_TO_OPENSSL_CIPHER_SUITES.put(standard, openssl); 176 } 177 178 /** 179 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is RFC 5746's renegotiation 180 * indication signaling cipher suite value. It is not a real 181 * cipher suite. It is just an indication in the default and 182 * supported cipher suite lists indicates that the implementation 183 * supports secure renegotiation. 184 * 185 * In the RI, its presence means that the SCSV is sent in the 186 * cipher suite list to indicate secure renegotiation support and 187 * its absense means to send an empty TLS renegotiation info 188 * extension instead. 189 * 190 * However, OpenSSL doesn't provide an API to give this level of 191 * control, instead always sending the SCSV and always including 192 * the empty renegotiation info if TLS is used (as opposed to 193 * SSL). So we simply allow TLS_EMPTY_RENEGOTIATION_INFO_SCSV to 194 * be passed for compatibility as to provide the hint that we 195 * support secure renegotiation. 196 */ 197 public static final String TLS_EMPTY_RENEGOTIATION_INFO_SCSV 198 = "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"; 199 200 static { 201 // Note these are added in priority order 202 add("SSL_RSA_WITH_RC4_128_MD5", "RC4-MD5"); 203 add("SSL_RSA_WITH_RC4_128_SHA", "RC4-SHA"); 204 add("TLS_RSA_WITH_AES_128_CBC_SHA", "AES128-SHA"); 205 add("TLS_RSA_WITH_AES_256_CBC_SHA", "AES256-SHA"); 206 add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA", "ECDH-ECDSA-RC4-SHA"); 207 add("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "ECDH-ECDSA-AES128-SHA"); 208 add("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "ECDH-ECDSA-AES256-SHA"); 209 add("TLS_ECDH_RSA_WITH_RC4_128_SHA", "ECDH-RSA-RC4-SHA"); 210 add("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "ECDH-RSA-AES128-SHA"); 211 add("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "ECDH-RSA-AES256-SHA"); 212 add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "ECDHE-ECDSA-RC4-SHA"); 213 add("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "ECDHE-ECDSA-AES128-SHA"); 214 add("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "ECDHE-ECDSA-AES256-SHA"); 215 add("TLS_ECDHE_RSA_WITH_RC4_128_SHA", "ECDHE-RSA-RC4-SHA"); 216 add("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "ECDHE-RSA-AES128-SHA"); 217 add("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "ECDHE-RSA-AES256-SHA"); 218 add("TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "DHE-RSA-AES128-SHA"); 219 add("TLS_DHE_RSA_WITH_AES_256_CBC_SHA", "DHE-RSA-AES256-SHA"); 220 add("TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "DHE-DSS-AES128-SHA"); 221 add("TLS_DHE_DSS_WITH_AES_256_CBC_SHA", "DHE-DSS-AES256-SHA"); 222 add("SSL_RSA_WITH_3DES_EDE_CBC_SHA", "DES-CBC3-SHA"); 223 add("TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "ECDH-ECDSA-DES-CBC3-SHA"); 224 add("TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "ECDH-RSA-DES-CBC3-SHA"); 225 add("TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "ECDHE-ECDSA-DES-CBC3-SHA"); 226 add("TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "ECDHE-RSA-DES-CBC3-SHA"); 227 add("SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "EDH-RSA-DES-CBC3-SHA"); 228 add("SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "EDH-DSS-DES-CBC3-SHA"); 229 add("SSL_RSA_WITH_DES_CBC_SHA", "DES-CBC-SHA"); 230 add("SSL_DHE_RSA_WITH_DES_CBC_SHA", "EDH-RSA-DES-CBC-SHA"); 231 add("SSL_DHE_DSS_WITH_DES_CBC_SHA", "EDH-DSS-DES-CBC-SHA"); 232 add("SSL_RSA_EXPORT_WITH_RC4_40_MD5", "EXP-RC4-MD5"); 233 add("SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "EXP-DES-CBC-SHA"); 234 add("SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "EXP-EDH-RSA-DES-CBC-SHA"); 235 add("SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "EXP-EDH-DSS-DES-CBC-SHA"); 236 add("SSL_RSA_WITH_NULL_MD5", "NULL-MD5"); 237 add("SSL_RSA_WITH_NULL_SHA", "NULL-SHA"); 238 add("TLS_ECDH_ECDSA_WITH_NULL_SHA", "ECDH-ECDSA-NULL-SHA"); 239 add("TLS_ECDH_RSA_WITH_NULL_SHA", "ECDH-RSA-NULL-SHA"); 240 add("TLS_ECDHE_ECDSA_WITH_NULL_SHA", "ECDHE-ECDSA-NULL-SHA"); 241 add("TLS_ECDHE_RSA_WITH_NULL_SHA", "ECDHE-RSA-NULL-SHA"); 242 add("SSL_DH_anon_WITH_RC4_128_MD5", "ADH-RC4-MD5"); 243 add("TLS_DH_anon_WITH_AES_128_CBC_SHA", "ADH-AES128-SHA"); 244 add("TLS_DH_anon_WITH_AES_256_CBC_SHA", "ADH-AES256-SHA"); 245 add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "ADH-DES-CBC3-SHA"); 246 add("SSL_DH_anon_WITH_DES_CBC_SHA", "ADH-DES-CBC-SHA"); 247 add("TLS_ECDH_anon_WITH_RC4_128_SHA", "AECDH-RC4-SHA"); 248 add("TLS_ECDH_anon_WITH_AES_128_CBC_SHA", "AECDH-AES128-SHA"); 249 add("TLS_ECDH_anon_WITH_AES_256_CBC_SHA", "AECDH-AES256-SHA"); 250 add("TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", "AECDH-DES-CBC3-SHA"); 251 add("SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "EXP-ADH-RC4-MD5"); 252 add("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", "EXP-ADH-DES-CBC-SHA"); 253 add("TLS_ECDH_anon_WITH_NULL_SHA", "AECDH-NULL-SHA"); 254 255 // No Kerberos in Android 256 // add("TLS_KRB5_WITH_RC4_128_SHA", "KRB5-RC4-SHA"); 257 // add("TLS_KRB5_WITH_RC4_128_MD5", "KRB5-RC4-MD5"); 258 // add("TLS_KRB5_WITH_3DES_EDE_CBC_SHA", "KRB5-DES-CBC3-SHA"); 259 // add("TLS_KRB5_WITH_3DES_EDE_CBC_MD5", "KRB5-DES-CBC3-MD5"); 260 // add("TLS_KRB5_WITH_DES_CBC_SHA", "KRB5-DES-CBC-SHA"); 261 // add("TLS_KRB5_WITH_DES_CBC_MD5", "KRB5-DES-CBC-MD5"); 262 // add("TLS_KRB5_EXPORT_WITH_RC4_40_SHA", "EXP-KRB5-RC4-SHA"); 263 // add("TLS_KRB5_EXPORT_WITH_RC4_40_MD5", "EXP-KRB5-RC4-MD5"); 264 // add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", "EXP-KRB5-DES-CBC-SHA"); 265 // add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", "EXP-KRB5-DES-CBC-MD5"); 266 267 // not implemented by either RI or OpenSSL 268 // add("SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", null); 269 // add("SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", null); 270 271 // EXPORT1024 suites were never standardized but were widely implemented. 272 // OpenSSL 0.9.8c and later have disabled TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 273 // add("SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA", "EXP1024-DES-CBC-SHA"); 274 // add("SSL_RSA_EXPORT1024_WITH_RC4_56_SHA", "EXP1024-RC4-SHA"); 275 276 // No RC2 277 // add("SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", "EXP-RC2-CBC-MD5"); 278 // add("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA", "EXP-KRB5-RC2-CBC-SHA"); 279 // add("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5", "EXP-KRB5-RC2-CBC-MD5"); 280 281 // PSK is Private Shared Key - didn't exist in Froyo's openssl - no JSSE equivalent 282 // add(null, "PSK-3DES-EDE-CBC-SHA"); 283 // add(null, "PSK-AES128-CBC-SHA"); 284 // add(null, "PSK-AES256-CBC-SHA"); 285 // add(null, "PSK-RC4-SHA"); 286 287 // Signaling Cipher Suite Value for secure renegotiation handled as special case. 288 // add("TLS_EMPTY_RENEGOTIATION_INFO_SCSV", null); 289 } 290 291 private static final String[] SUPPORTED_CIPHER_SUITES; 292 static { 293 int size = STANDARD_TO_OPENSSL_CIPHER_SUITES.size(); 294 SUPPORTED_CIPHER_SUITES = new String[size + 1]; 295 STANDARD_TO_OPENSSL_CIPHER_SUITES.keySet().toArray(SUPPORTED_CIPHER_SUITES); 296 SUPPORTED_CIPHER_SUITES[size] = TLS_EMPTY_RENEGOTIATION_INFO_SCSV; 297 } 298 299 // SSL mode from ssl.h 300 public static final long SSL_MODE_HANDSHAKE_CUTTHROUGH = 0x00000040L; 301 302 // SSL options from ssl.h 303 public static final long SSL_OP_NO_TICKET = 0x00004000L; 304 public static final long SSL_OP_NO_COMPRESSION = 0x00020000L; 305 public static final long SSL_OP_NO_SSLv3 = 0x02000000L; 306 public static final long SSL_OP_NO_TLSv1 = 0x04000000L; 307 308 public static native int SSL_CTX_new(); 309 310 public static String[] getDefaultCipherSuites() { 311 return new String[] { 312 "SSL_RSA_WITH_RC4_128_MD5", 313 "SSL_RSA_WITH_RC4_128_SHA", 314 "TLS_RSA_WITH_AES_128_CBC_SHA", 315 "TLS_RSA_WITH_AES_256_CBC_SHA", 316 "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 317 "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", 318 "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", 319 "TLS_ECDH_RSA_WITH_RC4_128_SHA", 320 "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", 321 "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", 322 "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", 323 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 324 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 325 "TLS_ECDHE_RSA_WITH_RC4_128_SHA", 326 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 327 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 328 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", 329 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", 330 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", 331 "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", 332 "SSL_RSA_WITH_3DES_EDE_CBC_SHA", 333 "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", 334 "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", 335 "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", 336 "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", 337 "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 338 "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 339 "SSL_RSA_WITH_DES_CBC_SHA", 340 "SSL_DHE_RSA_WITH_DES_CBC_SHA", 341 "SSL_DHE_DSS_WITH_DES_CBC_SHA", 342 "SSL_RSA_EXPORT_WITH_RC4_40_MD5", 343 "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", 344 "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", 345 "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 346 TLS_EMPTY_RENEGOTIATION_INFO_SCSV 347 }; 348 } 349 350 public static String[] getSupportedCipherSuites() { 351 return SUPPORTED_CIPHER_SUITES.clone(); 352 } 353 354 public static native void SSL_CTX_free(int ssl_ctx); 355 356 public static native int SSL_new(int ssl_ctx) throws SSLException; 357 358 public static byte[][] encodeCertificates(Certificate[] certificates) 359 throws CertificateEncodingException { 360 byte[][] certificateBytes = new byte[certificates.length][]; 361 for (int i = 0; i < certificates.length; i++) { 362 certificateBytes[i] = certificates[i].getEncoded(); 363 } 364 return certificateBytes; 365 } 366 367 public static native void SSL_use_certificate(int ssl, byte[][] asn1DerEncodedCertificateChain); 368 369 public static native void SSL_use_PrivateKey(int ssl, byte[] pkcs8EncodedPrivateKey); 370 371 public static native void SSL_check_private_key(int ssl) throws SSLException; 372 373 public static byte[][] encodeIssuerX509Principals(X509Certificate[] certificates) 374 throws CertificateEncodingException { 375 byte[][] principalBytes = new byte[certificates.length][]; 376 for (int i = 0; i < certificates.length; i++) { 377 principalBytes[i] = certificates[i].getIssuerX500Principal().getEncoded(); 378 } 379 return principalBytes; 380 } 381 382 public static native void SSL_set_client_CA_list(int ssl, byte[][] asn1DerEncodedX500Principals); 383 384 public static native long SSL_get_mode(int ssl); 385 386 public static native long SSL_set_mode(int ssl, long mode); 387 388 public static native long SSL_clear_mode(int ssl, long mode); 389 390 public static native long SSL_get_options(int ssl); 391 392 public static native long SSL_set_options(int ssl, long options); 393 394 public static native long SSL_clear_options(int ssl, long options); 395 396 public static String[] getSupportedProtocols() { 397 return new String[] { SUPPORTED_PROTOCOL_SSLV3, SUPPORTED_PROTOCOL_TLSV1 }; 398 } 399 400 public static void setEnabledProtocols(int ssl, String[] protocols) { 401 checkEnabledProtocols(protocols); 402 // openssl uses negative logic letting you disable protocols. 403 // so first, assume we need to set all (disable all) and clear none (enable none). 404 // in the loop, selectively move bits from set to clear (from disable to enable) 405 long optionsToSet = (SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1); 406 long optionsToClear = 0; 407 for (int i = 0; i < protocols.length; i++) { 408 String protocol = protocols[i]; 409 if (protocol.equals(SUPPORTED_PROTOCOL_SSLV3)) { 410 optionsToSet &= ~SSL_OP_NO_SSLv3; 411 optionsToClear |= SSL_OP_NO_SSLv3; 412 } else if (protocol.equals(SUPPORTED_PROTOCOL_TLSV1)) { 413 optionsToSet &= ~SSL_OP_NO_TLSv1; 414 optionsToClear |= SSL_OP_NO_TLSv1; 415 } else { 416 // error checked by checkEnabledProtocols 417 throw new IllegalStateException(); 418 } 419 } 420 421 SSL_set_options(ssl, optionsToSet); 422 SSL_clear_options(ssl, optionsToClear); 423 } 424 425 public static String[] checkEnabledProtocols(String[] protocols) { 426 if (protocols == null) { 427 throw new IllegalArgumentException("protocols == null"); 428 } 429 for (int i = 0; i < protocols.length; i++) { 430 String protocol = protocols[i]; 431 if (protocol == null) { 432 throw new IllegalArgumentException("protocols[" + i + "] == null"); 433 } 434 if ((!protocol.equals(SUPPORTED_PROTOCOL_SSLV3)) 435 && (!protocol.equals(SUPPORTED_PROTOCOL_TLSV1))) { 436 throw new IllegalArgumentException("protocol " + protocol 437 + " is not supported"); 438 } 439 } 440 return protocols; 441 } 442 443 public static native void SSL_set_cipher_lists(int ssl, String[] ciphers); 444 445 public static void setEnabledCipherSuites(int ssl, String[] cipherSuites) { 446 checkEnabledCipherSuites(cipherSuites); 447 List<String> opensslSuites = new ArrayList<String>(); 448 for (int i = 0; i < cipherSuites.length; i++) { 449 String cipherSuite = cipherSuites[i]; 450 if (cipherSuite.equals(TLS_EMPTY_RENEGOTIATION_INFO_SCSV)) { 451 continue; 452 } 453 String openssl = STANDARD_TO_OPENSSL_CIPHER_SUITES.get(cipherSuite); 454 String cs = (openssl == null) ? cipherSuite : openssl; 455 opensslSuites.add(cs); 456 } 457 SSL_set_cipher_lists(ssl, opensslSuites.toArray(new String[opensslSuites.size()])); 458 } 459 460 public static String[] checkEnabledCipherSuites(String[] cipherSuites) { 461 if (cipherSuites == null) { 462 throw new IllegalArgumentException("cipherSuites == null"); 463 } 464 // makes sure all suites are valid, throwing on error 465 for (int i = 0; i < cipherSuites.length; i++) { 466 String cipherSuite = cipherSuites[i]; 467 if (cipherSuite == null) { 468 throw new IllegalArgumentException("cipherSuites[" + i + "] == null"); 469 } 470 if (cipherSuite.equals(TLS_EMPTY_RENEGOTIATION_INFO_SCSV)) { 471 continue; 472 } 473 if (STANDARD_TO_OPENSSL_CIPHER_SUITES.containsKey(cipherSuite)) { 474 continue; 475 } 476 if (OPENSSL_TO_STANDARD_CIPHER_SUITES.containsKey(cipherSuite)) { 477 // TODO log warning about using backward compatability 478 continue; 479 } 480 throw new IllegalArgumentException("cipherSuite " + cipherSuite + " is not supported."); 481 } 482 return cipherSuites; 483 } 484 485 public static final String SUPPORTED_COMPRESSION_METHOD_ZLIB = "ZLIB"; 486 public static final String SUPPORTED_COMPRESSION_METHOD_NULL = "NULL"; 487 488 private static final String[] SUPPORTED_COMPRESSION_METHODS 489 = { SUPPORTED_COMPRESSION_METHOD_ZLIB, SUPPORTED_COMPRESSION_METHOD_NULL }; 490 491 public static String[] getSupportedCompressionMethods() { 492 return SUPPORTED_COMPRESSION_METHODS.clone(); 493 } 494 495 public static final String[] getDefaultCompressionMethods() { 496 return new String[] { SUPPORTED_COMPRESSION_METHOD_NULL }; 497 } 498 499 public static String[] checkEnabledCompressionMethods(String[] methods) { 500 if (methods == null) { 501 throw new IllegalArgumentException("methods == null"); 502 } 503 if (methods.length < 1 504 && !methods[methods.length-1].equals(SUPPORTED_COMPRESSION_METHOD_NULL)) { 505 throw new IllegalArgumentException("last method must be NULL"); 506 } 507 for (int i = 0; i < methods.length; i++) { 508 String method = methods[i]; 509 if (method == null) { 510 throw new IllegalArgumentException("methods[" + i + "] == null"); 511 } 512 if (!method.equals(SUPPORTED_COMPRESSION_METHOD_ZLIB) 513 && !method.equals(SUPPORTED_COMPRESSION_METHOD_NULL)) { 514 throw new IllegalArgumentException("method " + method 515 + " is not supported"); 516 } 517 } 518 return methods; 519 } 520 521 public static void setEnabledCompressionMethods(int ssl, String[] methods) { 522 checkEnabledCompressionMethods(methods); 523 // openssl uses negative logic letting you disable compression. 524 // so first, assume we need to set all (disable all) and clear none (enable none). 525 // in the loop, selectively move bits from set to clear (from disable to enable) 526 long optionsToSet = (SSL_OP_NO_COMPRESSION); 527 long optionsToClear = 0; 528 for (int i = 0; i < methods.length; i++) { 529 String method = methods[i]; 530 if (method.equals(SUPPORTED_COMPRESSION_METHOD_NULL)) { 531 // nothing to do to support NULL 532 } else if (method.equals(SUPPORTED_COMPRESSION_METHOD_ZLIB)) { 533 optionsToSet &= ~SSL_OP_NO_COMPRESSION; 534 optionsToClear |= SSL_OP_NO_COMPRESSION; 535 } else { 536 // error checked by checkEnabledCompressionMethods 537 throw new IllegalStateException(); 538 } 539 } 540 541 SSL_set_options(ssl, optionsToSet); 542 SSL_clear_options(ssl, optionsToClear); 543 } 544 545 /* 546 * See the OpenSSL ssl.h header file for more information. 547 */ 548 public static final int SSL_VERIFY_NONE = 0x00; 549 public static final int SSL_VERIFY_PEER = 0x01; 550 public static final int SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 0x02; 551 552 public static native void SSL_set_verify(int sslNativePointer, int mode); 553 554 public static native void SSL_set_session(int sslNativePointer, int sslSessionNativePointer) 555 throws SSLException; 556 557 public static native void SSL_set_session_creation_enabled( 558 int sslNativePointer, boolean creationEnabled) throws SSLException; 559 560 public static native void SSL_set_tlsext_host_name(int sslNativePointer, String hostname) 561 throws SSLException; 562 public static native String SSL_get_servername(int sslNativePointer); 563 564 /** 565 * Returns the sslSessionNativePointer of the negotiated session 566 */ 567 public static native int SSL_do_handshake(int sslNativePointer, 568 FileDescriptor fd, 569 SSLHandshakeCallbacks shc, 570 int timeout, 571 boolean client_mode) 572 throws SSLException, SocketTimeoutException, CertificateException; 573 574 /** 575 * Currently only intended for forcing renegotiation for testing. 576 * Not used within OpenSSLSocketImpl. 577 */ 578 public static native void SSL_renegotiate(int sslNativePointer) throws SSLException; 579 580 /** 581 * Returns the local ASN.1 DER encoded X509 certificates. 582 */ 583 public static native byte[][] SSL_get_certificate(int sslNativePointer); 584 585 /** 586 * Returns the peer ASN.1 DER encoded X509 certificates. 587 */ 588 public static native byte[][] SSL_get_peer_cert_chain(int sslNativePointer); 589 590 /** 591 * Reads with the native SSL_read function from the encrypted data stream 592 * @return -1 if error or the end of the stream is reached. 593 */ 594 public static native int SSL_read(int sslNativePointer, 595 FileDescriptor fd, 596 SSLHandshakeCallbacks shc, 597 byte[] b, int off, int len, int timeout) 598 throws IOException; 599 600 /** 601 * Writes with the native SSL_write function to the encrypted data stream. 602 */ 603 public static native void SSL_write(int sslNativePointer, 604 FileDescriptor fd, 605 SSLHandshakeCallbacks shc, 606 byte[] b, int off, int len) 607 throws IOException; 608 609 public static native void SSL_interrupt(int sslNativePointer); 610 public static native void SSL_shutdown(int sslNativePointer, 611 FileDescriptor fd, 612 SSLHandshakeCallbacks shc) throws IOException; 613 614 public static native void SSL_free(int sslNativePointer); 615 616 public static native byte[] SSL_SESSION_session_id(int sslSessionNativePointer); 617 618 public static native long SSL_SESSION_get_time(int sslSessionNativePointer); 619 620 public static native String SSL_SESSION_get_version(int sslSessionNativePointer); 621 622 public static native String SSL_SESSION_cipher(int sslSessionNativePointer); 623 624 public static native String SSL_SESSION_compress_meth(int sslCtxNativePointer, 625 int sslSessionNativePointer); 626 627 public static native void SSL_SESSION_free(int sslSessionNativePointer); 628 629 public static native byte[] i2d_SSL_SESSION(int sslSessionNativePointer); 630 631 public static native int d2i_SSL_SESSION(byte[] data); 632 633 /** 634 * A collection of callbacks from the native OpenSSL code that are 635 * related to the SSL handshake initiated by SSL_do_handshake. 636 */ 637 public interface SSLHandshakeCallbacks { 638 /** 639 * Verify that we trust the certificate chain is trusted. 640 * 641 * @param asn1DerEncodedCertificateChain A chain of ASN.1 DER encoded certificates 642 * @param authMethod auth algorithm name 643 * 644 * @throws CertificateException if the certificate is untrusted 645 */ 646 public void verifyCertificateChain(byte[][] asn1DerEncodedCertificateChain, String authMethod) 647 throws CertificateException; 648 649 /** 650 * Called on an SSL client when the server requests (or 651 * requires a certificate). The client can respond by using 652 * SSL_use_certificate and SSL_use_PrivateKey to set a 653 * certificate if has an appropriate one available, similar to 654 * how the server provides its certificate. 655 * 656 * @param keyTypes key types supported by the server, 657 * convertible to strings with #keyType 658 * @param asn1DerEncodedX500Principals CAs known to the server 659 */ 660 public void clientCertificateRequested(byte[] keyTypes, 661 byte[][] asn1DerEncodedX500Principals) 662 throws CertificateEncodingException, SSLException; 663 664 /** 665 * Called when SSL handshake is completed. Note that this can 666 * be after SSL_do_handshake returns when handshake cutthrough 667 * is enabled. 668 */ 669 public void handshakeCompleted(); 670 } 671} 672