You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@harmony.apache.org by od...@apache.org on 2010/09/03 16:23:46 UTC
svn commit: r992308 - in
/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main:
java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
native/jsse/shared/sslSession.c native/jsse/shared/sslSession.h
native/jsse/unix/exports.txt
Author: odeakin
Date: Fri Sep 3 14:23:45 2010
New Revision: 992308
URL: http://svn.apache.org/viewvc?rev=992308&view=rev
Log:
Implement SSLSession methods relating to peer certificates.
Modified:
harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c
harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h
harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/unix/exports.txt
Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java?rev=992308&r1=992307&r2=992308&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java (original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java Fri Sep 3 14:23:45 2010
@@ -17,11 +17,14 @@
package org.apache.harmony.xnet.provider.jsse;
+import java.io.ByteArrayInputStream;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.Principal;
import java.security.SecureRandom;
import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
@@ -198,6 +201,7 @@ public class SSLSessionImpl implements S
private String cipherName;
+ // TODO: remove this constructor
/**
* Creates SSLSession implementation
*
@@ -237,6 +241,7 @@ public class SSLSessionImpl implements S
private native String getCipherNameImpl(long SSL);
private native long getCreationTimeImpl(long SSL_SESSION);
+ private native Object[] getPeerCertificatesImpl(long SSL);
// Used just for clone()
private SSLSessionImpl() {
@@ -274,6 +279,26 @@ public class SSLSessionImpl implements S
lastAccessedTime = creationTime;
localCertificates = parms.getCertificateChain();
+
+ // Get the list of DER encoded peer certificates from OpenSSL
+ Object[] DERCerts = getPeerCertificatesImpl(SSL);
+ if (DERCerts != null) {
+ // If we have got an array of DER certificates, generate X509Certificates from them
+ CertificateFactory cf;
+ try {
+ cf = CertificateFactory.getInstance("X.509");
+ } catch (CertificateException e) {
+ throw new Error(e);
+ }
+ peerCertificates = new X509Certificate[DERCerts.length];
+ for (int i=0; i<peerCertificates.length; i++) {
+ try {
+ peerCertificates[i] = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream((byte[])DERCerts[i]));
+ } catch (CertificateException e) {
+ // Do nothing
+ }
+ }
+ }
}
public int getApplicationBufferSize() {
@@ -311,7 +336,6 @@ public class SSLSessionImpl implements S
return MAX_SSL_PACKET_SIZE;
}
- // TODO: implement
public javax.security.cert.X509Certificate[] getPeerCertificateChain()
throws SSLPeerUnverifiedException {
if (peerCertificates == null) {
@@ -329,7 +353,6 @@ public class SSLSessionImpl implements S
return certs;
}
- // TODO: implement
public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException {
if (peerCertificates == null) {
throw new SSLPeerUnverifiedException("No peer certificate");
@@ -347,7 +370,6 @@ public class SSLSessionImpl implements S
return peerPort;
}
- // TODO: implement
public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
if (peerCertificates == null) {
throw new SSLPeerUnverifiedException("No peer certificate");
Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c?rev=992308&r1=992307&r2=992308&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c (original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c Fri Sep 3 14:23:45 2010
@@ -83,4 +83,42 @@ JNIEXPORT jlong JNICALL Java_org_apache_
return (jlong)SSL_SESSION_get_time(session)*1000;
}
+JNIEXPORT jobjectArray JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_getPeerCertificatesImpl
+ (JNIEnv *env, jobject object, jlong jssl) {
+ SSL *ssl = jlong2addr(SSL, jssl);
+ STACK_OF(X509) *certs;
+ int certCount, i;
+ jobjectArray jcerts;
+ jclass byteArrayClass;
+ // Get the chain of peer certificates from OpenSSL
+ certs = SSL_get_peer_cert_chain(ssl);
+ if (!certs) {
+ return NULL;
+ }
+
+ // Get the number of certificates in the chain
+ certCount = sk_num(&certs->stack);
+ if (!certCount) {
+ return NULL;
+ }
+
+ // Allocate an array of jbyte arrays to contain the peer certs
+ byteArrayClass = (*env)->FindClass(env, "[B");
+ jcerts = (*env)->NewObjectArray(env, certCount, byteArrayClass, NULL);
+
+ for (i=0; i<certCount; i++) {
+ unsigned char *certBuffer = NULL;
+ jbyteArray jcertBuffer;
+
+ // OpenSSL will automatically allocate the buffer for us because certBuffer is NULL
+ int len = i2d_X509(sk_value(&certs->stack, i), &certBuffer);
+
+ // Allocate a jbyte array for the certificate data and copy it over
+ jcertBuffer = (*env)->NewByteArray(env, len);
+ (*env)->SetByteArrayRegion(env, jcertBuffer, 0, len, (jbyte*)certBuffer);
+ (*env)->SetObjectArrayElement(env, jcerts, i, jcertBuffer);
+ }
+
+ return jcerts;
+}
Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h?rev=992308&r1=992307&r2=992308&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h (original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h Fri Sep 3 14:23:45 2010
@@ -30,6 +30,8 @@ JNIEXPORT jstring JNICALL Java_org_apach
(JNIEnv *, jobject, jlong);
JNIEXPORT jlong JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_getCreationTimeImpl
(JNIEnv *, jobject, jlong);
+JNIEXPORT jobjectArray JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_getPeerCertificatesImpl
+ (JNIEnv *, jobject, jlong);
#ifdef __cplusplus
}
Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/unix/exports.txt
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/unix/exports.txt?rev=992308&r1=992307&r2=992308&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/unix/exports.txt (original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/unix/exports.txt Fri Sep 3 14:23:45 2010
@@ -6,6 +6,7 @@ Java_org_apache_harmony_xnet_provider_js
Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_initialiseSession
Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_getCipherNameImpl
Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_getCreationTimeImpl
+Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_getPeerCertificatesImpl
Java_org_apache_harmony_xnet_provider_jsse_SSLSocketImpl_initImpl
Java_org_apache_harmony_xnet_provider_jsse_SSLSocketImpl_sslAcceptImpl
Java_org_apache_harmony_xnet_provider_jsse_SSLSocketImpl_sslConnectImpl