+/*
+ * Copyright (c) 2007, Cameron Rich
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the axTLS project nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * A wrapper around the unmanaged interface to give a semi-decent Java API
+ */
+
+package axTLSj;
+
+import java.io.*;
+import java.util.*;
+
+/**
+ * @defgroup java_api Java API.
+ *
+ * Ensure that the appropriate dispose() methods are called when finished with
+ * various objects - otherwise memory leaks will result.
+ */
+
+/**
+ * @class SSL
+ * @ingroup java_api
+ * @brief A representation of an SSL connection.
+ *
+ */
+public class SSL
+{
+ public int m_ssl; /**< A pointer to the real SSL type */
+
+ /**
+ * @brief Store the reference to an SSL context.
+ * @param ip [in] A reference to an SSL object.
+ */
+ public SSL(int ip)
+ {
+ m_ssl = ip;
+ }
+
+ /**
+ * @brief Free any used resources on this connection.
+ *
+ * A "Close Notify" message is sent on this connection (if possible). It
+ * is up to the application to close the socket.
+ */
+ public void dispose()
+ {
+ axtlsj.ssl_free(m_ssl);
+ }
+
+ /**
+ * @brief Return the result of a handshake.
+ * @return SSL_OK if the handshake is complete and ok.
+ * @see ssl.h for the error code list.
+ */
+ public int handshakeStatus()
+ {
+ return axtlsj.ssl_handshake_status(m_ssl);
+ }
+
+ /**
+ * @brief Return the SSL cipher id.
+ * @return The cipher id which is one of:
+ * - SSL_AES128_SHA (0x2f)
+ * - SSL_AES256_SHA (0x35)
+ * - SSL_RC4_128_SHA (0x05)
+ * - SSL_RC4_128_MD5 (0x04)
+ */
+ public byte getCipherId()
+ {
+ return axtlsj.ssl_get_cipher_id(m_ssl);
+ }
+
+ /**
+ * @brief Get the session id for a handshake.
+ *
+ * This will be a 32 byte sequence and is available after the first
+ * handshaking messages are sent.
+ * @return The session id as a 32 byte sequence.
+ * @note A SSLv23 handshake may have only 16 valid bytes.
+ */
+ public byte[] getSessionId()
+ {
+ return axtlsj.ssl_get_session_id(m_ssl);
+ }
+
+ /**
+ * @brief Retrieve an X.509 distinguished name component.
+ *
+ * When a handshake is complete and a certificate has been exchanged,
+ * then the details of the remote certificate can be retrieved.
+ *
+ * This will usually be used by a client to check that the server's common
+ * name matches the URL.
+ *
+ * A full handshake needs to occur for this call to work.
+ *
+ * @param component [in] one of:
+ * - SSL_X509_CERT_COMMON_NAME
+ * - SSL_X509_CERT_ORGANIZATION
+ * - SSL_X509_CERT_ORGANIZATIONAL_NAME
+ * - SSL_X509_CA_CERT_COMMON_NAME
+ * - SSL_X509_CA_CERT_ORGANIZATION
+ * - SSL_X509_CA_CERT_ORGANIZATIONAL_NAME
+ * @return The appropriate string (or null if not defined)
+ */
+ public String getCertificateDN(int component)
+ {
+ return axtlsj.ssl_get_cert_dn(m_ssl, component);
+ }
+}
projects / project / luci.git / blobdiff