commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r1171512 - in /commons/sandbox/runtime/trunk/src/main: java/org/apache/commons/runtime/ssl/ native/ native/include/acr/ native/modules/openssl/
Date Fri, 16 Sep 2011 11:31:00 GMT
Author: mturk
Date: Fri Sep 16 11:31:00 2011
New Revision: 1171512

URL: http://svn.apache.org/viewvc?rev=1171512&view=rev
Log:
Add initial SSLCertificate class

Added:
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficate.java
  (with props)
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficateFormat.java
  (with props)
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c   (with props)
Modified:
    commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in
    commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c

Added: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficate.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficate.java?rev=1171512&view=auto
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficate.java
(added)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficate.java
Fri Sep 16 11:31:00 2011
@@ -0,0 +1,73 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.runtime.ssl;
+
+import org.apache.commons.runtime.InvalidArgumentException;
+import org.apache.commons.runtime.OperationNotImplementedException;
+import org.apache.commons.runtime.Status;
+import org.apache.commons.runtime.SystemException;
+
+import java.io.File;
+import java.nio.ByteBuffer;
+
+/**
+ * SSL Certificate.
+ */
+public final class SSLCertifficate extends NativePointer
+{
+
+    // Hide NativePointer
+    private final long          pointer = 0L;
+    private final String        desc;
+    
+    private static native long  load0(String file, String desc, int format, long pcb);
+
+    private SSLCertifficate()
+    {
+        this.desc = null;
+        // No instance
+    }
+
+    /**
+     * Creates a new object instance.
+     */
+    public SSLCertifficate(String desc)
+    {
+        this.desc = desc;
+    }
+
+    public void load(String file, SSLCertifficateFormat format, PasswordCallback cb)
+    {
+        if (super.pointer != 0L) {
+            // Already loaded
+            // TODO: Throw exception
+        }
+        super.pointer = load0(file, desc, format.valueOf(), ((NativePointer)cb).pointer);
+        // TODO: Check for retval
+    }
+
+    public void load(String file, SSLCertifficateFormat format)
+    {
+        if (super.pointer != 0L) {
+            // Already loaded
+            // TODO: Throw exception
+        }
+        super.pointer = load0(file, desc, format.valueOf(), 0L);
+        // TODO: Check for retval
+    }
+
+}

Propchange: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficate.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficateFormat.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficateFormat.java?rev=1171512&view=auto
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficateFormat.java
(added)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficateFormat.java
Fri Sep 16 11:31:00 2011
@@ -0,0 +1,62 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.runtime.ssl;
+
+/**
+ * Represents the SSL certificate format.
+ */
+public enum SSLCertifficateFormat
+{
+
+    /**
+     * Undefined certificate format.
+     */
+    UNDEF(      0),
+    /**
+     * ASN1.
+     */
+    ASN1(       1),
+    /**
+     * PEM.
+     */
+    PEM(        3),
+    /**
+     * PKCS12.
+     */
+    PKCS12(     5);
+
+    private int value;
+    private SSLCertifficateFormat(int v)
+    {
+        value = v;
+    }
+
+    public int valueOf()
+    {
+        return value;
+    }
+
+    public static SSLCertifficateFormat valueOf(int value)
+    {
+        for (SSLCertifficateFormat e : values()) {
+            if (e.value == value)
+                return e;
+        }
+        return UNDEF;
+    }
+
+}

Propchange: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSLCertifficateFormat.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in?rev=1171512&r1=1171511&r2=1171512&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in (original)
+++ commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in Fri Sep 16 11:31:00 2011
@@ -151,6 +151,7 @@ LIBSOURCES=\
 SSLSOURCES=\
 	$(TOPDIR)/modules/openssl/api.c \
 	$(TOPDIR)/modules/openssl/bio.c \
+	$(TOPDIR)/modules/openssl/cert.c \
 	$(TOPDIR)/modules/openssl/ctx.c \
 	$(TOPDIR)/modules/openssl/init.c \
 	$(TOPDIR)/modules/openssl/key.c \

Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h?rev=1171512&r1=1171511&r2=1171512&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h Fri Sep 16 11:31:00 2011
@@ -405,6 +405,7 @@ void        ssl_vhost_algo_id(const unsi
 int         ssl_ctx_use_certificate_chain(SSL_CTX *, const char *, int);
 int         ssl_callback_ssl_verify(int, X509_STORE_CTX *);
 int         ssl_rand_seed(const char *file);
+int         ssl_load_pkcs12(BIO *, ssl_pass_cb_t *, EVP_PKEY **, X509 **, STACK_OF(X509)
**);
 void        ssl_throw_errno(JNI_STDENV, int cls);
 
 #endif

Added: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c?rev=1171512&view=auto
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c (added)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c Fri Sep 16 11:31:00
2011
@@ -0,0 +1,79 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "acr/clazz.h"
+#include "acr/error.h"
+#include "acr/misc.h"
+#include "acr/string.h"
+#include "acr/port.h"
+#include "acr/ssl.h"
+#include "arch_sync.h"
+
+#if !HAVE_OPENSSL
+#error "Cannot compile this file without HAVE_OPENSSL defined"
+#endif
+
+static X509 *load_cert(ssl_pass_cb_t *password_callback, int format,
+                       const char *file, const char *desc)
+{
+    BIO  *bio  = 0;
+    X509 *cert = 0;
+
+    if ((bio = BIO_new(BIO_s_file())) == 0)
+        return 0;
+    if (BIO_read_filename(bio, file) <= 0) {
+        BIO_free(bio);
+        return 0;
+    }
+    if (password_callback != 0) {
+        if (desc != 0)
+            password_callback->desc = desc;
+        else
+            password_callback->desc = file;
+    }
+    if (format == SSL_FORMAT_ASN1) {
+        cert = d2i_X509_bio(bio, 0);
+    }
+    else if (format == SSL_FORMAT_PEM) {
+        cert = PEM_read_bio_X509_AUX(bio, 0,
+                                     ssl_password_callback,
+                                     password_callback);
+    }
+    else if (format == SSL_FORMAT_PKCS12) {
+        if (!ssl_load_pkcs12(bio, 0, 0, &cert, 0))
+            cert = 0;
+    }
+    BIO_free(bio);
+    return cert;
+}
+
+ACR_SSL_EXPORT(jlong, SSLCertificate, load0)(JNI_STDARGS, jstring file,
+                                             jstring desc,
+                                             jint format,
+                                             jlong pcb)
+{
+    ssl_pass_cb_t *cb = J2P(pcb, ssl_pass_cb_t *);
+    X509 *cert = 0;
+
+    WITH_CSTR(file) {
+    WITH_CSTR(desc) {
+        /* Load key */
+        cert = load_cert(cb, format, J2S(file), J2S(desc));
+    } DONE_WITH_STR(desc);
+    } DONE_WITH_STR(file);
+    
+    return P2J(cert);
+}

Propchange: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/cert.c
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c?rev=1171512&r1=1171511&r2=1171512&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c Fri Sep 16 11:31:00
2011
@@ -256,33 +256,3 @@ ACR_SSL_EXPORT(void, SSLContext, setpass
     acr_ssl_ctxt_t *c = J2P(ctx, acr_ssl_ctxt_t *);
     c->password_callback = J2P(cb, ssl_pass_cb_t *);
 }
-
-X509 *load_cert(acr_ssl_ctxt_t *c, int format,
-                const char *file, const char *desc)
-{
-    BIO  *bio  = 0;
-    X509 *cert = 0;
-
-    if ((bio = BIO_new(BIO_s_file())) == 0)
-        return 0;
-    if (BIO_read_filename(bio, file) <= 0) {
-        BIO_free(bio);
-        return 0;
-    }
-    if (c->password_callback != 0) {
-        if (desc != 0)
-            c->password_callback->desc = desc;
-        else
-            c->password_callback->desc = file;
-    }
-    if (format == SSL_FORMAT_ASN1) {
-        cert = d2i_X509_bio(bio, 0);
-    }
-    else if (format == SSL_FORMAT_PEM) {
-        cert = PEM_read_bio_X509_AUX(bio, 0,
-                                     ssl_password_callback,
-                                     c->password_callback);
-    }
-    BIO_free(bio);
-    return cert;
-}

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c?rev=1171512&r1=1171511&r2=1171512&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/key.c Fri Sep 16 11:31:00
2011
@@ -26,43 +26,6 @@
 #error "Cannot compile this file without HAVE_OPENSSL defined"
 #endif
 
-static int load_pkcs12(BIO *in, ssl_pass_cb_t *password_callback,
-                       EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
-{
-    const char *pass;
-    char        buff[PEM_BUFSIZE];
-    int         len, rc = 0;
-    PKCS12     *p12;
-
-    p12 = d2i_PKCS12_bio(in, 0);
-    if (p12 == 0) {
-        /* Error loading PKCS12 file */
-        goto cleanup;
-    }
-    /* See if an empty password will do */
-    if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, 0, 0)) {
-        pass = "";
-    }
-    else {
-        len = ssl_password_callback(buff, PEM_BUFSIZE, 0, password_callback);
-        if (len < 0) {
-            /* Passpharse callback error */
-            goto cleanup;
-        }
-        if (!PKCS12_verify_mac(p12, buff, len)) {
-            /* Mac verify error (wrong password?) in PKCS12 file */
-            goto cleanup;
-        }
-        pass = buff;
-    }
-    rc = PKCS12_parse(p12, pass, pkey, cert, ca);
-cleanup:
-    if (p12 != 0)
-        PKCS12_free(p12);
-    return rc;
-}
-
-
 static EVP_PKEY *load_key(ssl_pass_cb_t *password_callback, int format,
                           const char *file, const char *desc)
 {
@@ -90,8 +53,8 @@ static EVP_PKEY *load_key(ssl_pass_cb_t 
                                       password_callback);
     }
     else if (format == SSL_FORMAT_PKCS12) {
-        if (!load_pkcs12(bio, password_callback,
-                         &key, 0, 0))
+        if (!ssl_load_pkcs12(bio, password_callback,
+                             &key, 0, 0))
             key = 0;
     }
     BIO_free(bio);

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c?rev=1171512&r1=1171511&r2=1171512&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c Fri Sep 16 11:31:00
2011
@@ -392,6 +392,43 @@ int ssl_ctx_use_certificate_chain(SSL_CT
     return n;
 }
 
+int ssl_load_pkcs12(BIO *in, ssl_pass_cb_t *password_callback,
+                    EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
+{
+    const char *pass;
+    char        buff[PEM_BUFSIZE];
+    int         len, rc = 0;
+    PKCS12     *p12;
+
+    p12 = d2i_PKCS12_bio(in, 0);
+    if (p12 == 0) {
+        /* Error loading PKCS12 file */
+        goto cleanup;
+    }
+    /* See if an empty password will do */
+    if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, 0, 0)) {
+        pass = "";
+    }
+    else {
+        len = ssl_password_callback(buff, PEM_BUFSIZE, 0, password_callback);
+        if (len < 0) {
+            /* Passpharse callback error */
+            goto cleanup;
+        }
+        if (!PKCS12_verify_mac(p12, buff, len)) {
+            /* Mac verify error (wrong password?) in PKCS12 file */
+            goto cleanup;
+        }
+        pass = buff;
+    }
+    rc = PKCS12_parse(p12, pass, pkey, cert, ca);
+cleanup:
+    if (p12 != 0)
+        PKCS12_free(p12);
+    return rc;
+}
+
+
 void ssl_throw_errno(JNI_STDENV, int cls)
 {
     char msg[256];



Mime
View raw message