summaryrefslogtreecommitdiffhomepage
path: root/libs/luci-lib-nixio/axTLS/bindings/java/SSL.java
blob: b53a6da0673b964c5c5607cb704a248e283d879f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
/*
 * Copyright (c) 2007, Cameron Rich
 * 
 * All rights reserved.
 * 
 * Redistribution and use in source and binary forms, with or without 
 * modification, are permitted provided that the following conditions are met:
 *
 * * Redistributions of source code must retain the above copyright notice, 
 *   this list of conditions and the following disclaimer.
 * * Redistributions in binary form must reproduce the above copyright notice, 
 *   this list of conditions and the following disclaimer in the documentation 
 *   and/or other materials provided with the distribution.
 * * Neither the name of the axTLS project nor the names of its contributors 
 *   may be used to endorse or promote products derived from this software 
 *   without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

/*
 * A wrapper around the unmanaged interface to give a semi-decent Java API
 */

package axTLSj;

import java.io.*;
import java.util.*;

/**
 * @defgroup java_api Java API.
 *
 * Ensure that the appropriate dispose() methods are called when finished with
 * various objects - otherwise memory leaks will result.
 */

/**
 * @class SSL
 * @ingroup java_api 
 * @brief A representation of an SSL connection.
 *
 */
public class SSL
{
    public int m_ssl;    /**< A pointer to the real SSL type */

    /**
     * @brief Store the reference to an SSL context.
     * @param ip [in] A reference to an SSL object.
     */
    public SSL(int ip)
    {
        m_ssl = ip;
    }

    /**
     * @brief Free any used resources on this connection. 
     * 
     * A "Close Notify" message is sent on this connection (if possible). It 
     * is up to the application to close the socket.
     */
    public void dispose()
    {
        axtlsj.ssl_free(m_ssl);
    }

    /**
     * @brief Return the result of a handshake.
     * @return SSL_OK if the handshake is complete and ok.
     * @see ssl.h for the error code list.
     */
    public int handshakeStatus()
    {
        return axtlsj.ssl_handshake_status(m_ssl);
    }

    /**
     * @brief Return the SSL cipher id.
     * @return The cipher id which is one of:
     * - SSL_AES128_SHA (0x2f)
     * - SSL_AES256_SHA (0x35)
     * - SSL_RC4_128_SHA (0x05)
     * - SSL_RC4_128_MD5 (0x04)
     */
    public byte getCipherId()
    {
        return axtlsj.ssl_get_cipher_id(m_ssl);
    }

    /**
     * @brief Get the session id for a handshake. 
     * 
     * This will be a 32 byte sequence and is available after the first
     * handshaking messages are sent.
     * @return The session id as a 32 byte sequence.
     * @note A SSLv23 handshake may have only 16 valid bytes.
     */
    public byte[] getSessionId()
    {
        return axtlsj.ssl_get_session_id(m_ssl);
    }

    /**
     * @brief Retrieve an X.509 distinguished name component.
     * 
     * When a handshake is complete and a certificate has been exchanged, 
     * then the details of the remote certificate can be retrieved.
     *
     * This will usually be used by a client to check that the server's common 
     * name matches the URL.
     *
     * A full handshake needs to occur for this call to work.
     *
     * @param component [in] one of:
     * - SSL_X509_CERT_COMMON_NAME
     * - SSL_X509_CERT_ORGANIZATION
     * - SSL_X509_CERT_ORGANIZATIONAL_NAME
     * - SSL_X509_CA_CERT_COMMON_NAME
     * - SSL_X509_CA_CERT_ORGANIZATION
     * - SSL_X509_CA_CERT_ORGANIZATIONAL_NAME
     * @return The appropriate string (or null if not defined)
     */
    public String getCertificateDN(int component)
    {
        return axtlsj.ssl_get_cert_dn(m_ssl, component);
    }
}