Class SSLExt


  • public final class SSLExt
    extends java.lang.Object
    Support TLS extensions and extra methods. The methods are separated to make it easier for java code to support existing native library - it can check if this class can be loaded in order to use the exensions.
    • Constructor Summary

      Constructors 
      Constructor Description
      SSLExt()  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static boolean checkNPN​(long tcsocket, byte[] expected)
      Higher level method, checking if the specified protocol has been negotiated.
      static int debug​(long tcsock)
      Enabling dump/debugging on the socket.
      static int getNPN​(long tcsock, byte[] proto)
      Get other side's advertised protocols.
      static byte[] getSessionData​(long tcsock)
      Server: Extract the session data associated with the socket.
      static int getTicket​(long tcsock, byte[] resBuf)
      Client: get the ticket received from server, if tickets are supported.
      static int setNPN​(long sslContext, byte[] spdyNPN)  
      static int setNPN​(long tcctx, byte[] proto, int len)
      Set advertised NPN protocol.
      static int setSessionData​(long tcsock, byte[] data, int len)
      Server: Set the session data for a socket.
      static int setSNI​(long tcsock, byte[] data, int len)
      For client side calls.
      static int setTicket​(long tcsock, byte[] data, int len)
      Client: set the previously received ticket.
      static int setTicketKeys​(long ctx, byte[] data, int len)
      Set the key used by server to generate tickets.
      static long sslCtxSetMode​(long ctx, long mode)  
      static java.lang.String sslErrReasonErrorString()
      Return the last openssl error
      static long sslSetMode​(long tcsock, long mode)
      SSL_set_mode
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • SSL_MODE_ENABLE_PARTIAL_WRITE

        public static final int SSL_MODE_ENABLE_PARTIAL_WRITE
        See Also:
        Constant Field Values
      • SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER

        public static final int SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
        See Also:
        Constant Field Values
      • SSL_MODE_RELEASE_BUFFERS

        public static final int SSL_MODE_RELEASE_BUFFERS
        See Also:
        Constant Field Values
    • Constructor Detail

      • SSLExt

        public SSLExt()
    • Method Detail

      • setNPN

        public static int setNPN​(long tcctx,
                                 byte[] proto,
                                 int len)
        Set advertised NPN protocol. This is only available for recent or patched openssl. Example: "\x06spdy/2" Works with TLS1, doesn't with SSL2/SSL3 Servers sends list in ServerHelo, client selects it and sends it back after ChangeChipher Not supported in 1.0.0, seems to be in 1.0.1 and after
      • getNPN

        public static int getNPN​(long tcsock,
                                 byte[] proto)
        Get other side's advertised protocols. Only works after handshake.
      • debug

        public static int debug​(long tcsock)
        Enabling dump/debugging on the socket. Both raw and decrypted packets will be logged.
      • getSessionData

        public static byte[] getSessionData​(long tcsock)
        Server: Extract the session data associated with the socket. Must be saved, keyed by session ID.
      • setSessionData

        public static int setSessionData​(long tcsock,
                                         byte[] data,
                                         int len)
        Server: Set the session data for a socket.
      • getTicket

        public static int getTicket​(long tcsock,
                                    byte[] resBuf)
        Client: get the ticket received from server, if tickets are supported.
      • setTicket

        public static int setTicket​(long tcsock,
                                    byte[] data,
                                    int len)
        Client: set the previously received ticket.
      • setTicketKeys

        public static int setTicketKeys​(long ctx,
                                        byte[] data,
                                        int len)
        Set the key used by server to generate tickets. Key must be 48 bytes.
      • setSNI

        public static int setSNI​(long tcsock,
                                 byte[] data,
                                 int len)
        For client side calls. Data should be a \0 terminated string
      • sslErrReasonErrorString

        public static java.lang.String sslErrReasonErrorString()
        Return the last openssl error
      • sslCtxSetMode

        public static long sslCtxSetMode​(long ctx,
                                         long mode)
      • sslSetMode

        public static long sslSetMode​(long tcsock,
                                      long mode)
        SSL_set_mode
      • setNPN

        public static int setNPN​(long sslContext,
                                 byte[] spdyNPN)
      • checkNPN

        public static boolean checkNPN​(long tcsocket,
                                       byte[] expected)
        Higher level method, checking if the specified protocol has been negotiated.