wareck
/
luci


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137
							/*
 * Copyright (c) 2007, Cameron Rich
 * 
 * All rights reserved.
 * 
 * Redistribution and use in source and binary forms, with or without 
 * modification, are permitted provided that the following conditions are met:
 *
 * * Redistributions of source code must retain the above copyright notice, 
 *   this list of conditions and the following disclaimer.
 * * Redistributions in binary form must reproduce the above copyright notice, 
 *   this list of conditions and the following disclaimer in the documentation 
 *   and/or other materials provided with the distribution.
 * * Neither the name of the axTLS project nor the names of its contributors 
 *   may be used to endorse or promote products derived from this software 
 *   without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

/*
 * A wrapper around the unmanaged interface to give a semi-decent Java API
 */

package axTLSj;

import java.io.*;
import java.util.*;

/**
 * @defgroup java_api Java API.
 *
 * Ensure that the appropriate dispose() methods are called when finished with
 * various objects - otherwise memory leaks will result.
 */

/**
 * @class SSL
 * @ingroup java_api 
 * @brief A representation of an SSL connection.
 *
 */
public class SSL
{
    public int m_ssl;    /**< A pointer to the real SSL type */

    /**
     * @brief Store the reference to an SSL context.
     * @param ip [in] A reference to an SSL object.
     */
    public SSL(int ip)
    {
        m_ssl = ip;
    }

    /**
     * @brief Free any used resources on this connection. 
     * 
     * A "Close Notify" message is sent on this connection (if possible). It 
     * is up to the application to close the socket.
     */
    public void dispose()
    {
        axtlsj.ssl_free(m_ssl);
    }

    /**
     * @brief Return the result of a handshake.
     * @return SSL_OK if the handshake is complete and ok.
     * @see ssl.h for the error code list.
     */
    public int handshakeStatus()
    {
        return axtlsj.ssl_handshake_status(m_ssl);
    }

    /**
     * @brief Return the SSL cipher id.
     * @return The cipher id which is one of:
     * - SSL_AES128_SHA (0x2f)
     * - SSL_AES256_SHA (0x35)
     * - SSL_RC4_128_SHA (0x05)
     * - SSL_RC4_128_MD5 (0x04)
     */
    public byte getCipherId()
    {
        return axtlsj.ssl_get_cipher_id(m_ssl);
    }

    /**
     * @brief Get the session id for a handshake. 
     * 
     * This will be a 32 byte sequence and is available after the first
     * handshaking messages are sent.
     * @return The session id as a 32 byte sequence.
     * @note A SSLv23 handshake may have only 16 valid bytes.
     */
    public byte[] getSessionId()
    {
        return axtlsj.ssl_get_session_id(m_ssl);
    }

    /**
     * @brief Retrieve an X.509 distinguished name component.
     * 
     * When a handshake is complete and a certificate has been exchanged, 
     * then the details of the remote certificate can be retrieved.
     *
     * This will usually be used by a client to check that the server's common 
     * name matches the URL.
     *
     * A full handshake needs to occur for this call to work.
     *
     * @param component [in] one of:
     * - SSL_X509_CERT_COMMON_NAME
     * - SSL_X509_CERT_ORGANIZATION
     * - SSL_X509_CERT_ORGANIZATIONAL_NAME
     * - SSL_X509_CA_CERT_COMMON_NAME
     * - SSL_X509_CA_CERT_ORGANIZATION
     * - SSL_X509_CA_CERT_ORGANIZATIONAL_NAME
     * @return The appropriate string (or null if not defined)
     */
    public String getCertificateDN(int component)
    {
        return axtlsj.ssl_get_cert_dn(m_ssl, component);
    }
}