harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From odea...@apache.org
Subject svn commit: r989596 - in /harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main: java/org/apache/harmony/xnet/provider/jsse/ native/jsse/shared/ native/jsse/unix/ native/jsse/windows/
Date Thu, 26 Aug 2010 10:38:47 GMT
Author: odeakin
Date: Thu Aug 26 10:38:46 2010
New Revision: 989596

URL: http://svn.apache.org/viewvc?rev=989596&view=rev
Log:
Start implementation of SSLSessionImpl in terms of OpenSSL. Also add a temporary RSA key callback
function to enable some more cipher suites (e.g. TLS_RSA_EXPORT_WITH_RC4_40_MD5) that fail
without this.

Added:
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.c
  (with props)
Modified:
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.h
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/unix/makefile
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/windows/makefile

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java?rev=989596&r1=989595&r2=989596&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
Thu Aug 26 10:38:46 2010
@@ -163,9 +163,16 @@ public class SSLSessionImpl implements S
     final boolean isServer;
 
     // OpenSSL SSL_SESSION pointer
-    private final long SSL_SESSION;
+    private long SSL_SESSION;
 
-    private final SSLParameters sslParameters;
+    // The associated OpenSSL SSL pointer
+    private long SSL;
+
+    private static final SecureRandom rng = new SecureRandom();
+
+    private SSLParameters sslParameters;
+
+    private String cipherName;
 
     /**
      * Creates SSLSession implementation
@@ -191,10 +198,6 @@ public class SSLSessionImpl implements S
             id[31] = (byte) ((time & 0x000000FF));
             isServer = true;
         }
-
-        // Add to satisfy compiler
-        SSL_SESSION = 0;
-        sslParameters = null;
     }
 
     /**
@@ -207,11 +210,35 @@ public class SSLSessionImpl implements S
     }
 
     private native long initialiseSession(long SSL);
+
+    private native String getCipherNameImpl(long SSL);
+    private native long getCreationTimeImpl(long SSL_SESSION);
     
     public SSLSessionImpl(SSLParameters parms, long SSL) {
         sslParameters = parms;
-        SSL_SESSION = initialiseSession(SSL);
+        this.SSL = SSL;
+
         this.isServer = !sslParameters.getUseClientMode();
+
+        if (SSL == 0) {
+            creationTime = System.currentTimeMillis();
+            cipherName = "SSL_NULL_WITH_NULL_NULL";
+            id = new byte[0];
+        } else {
+            SSL_SESSION = initialiseSession(SSL);
+            cipherName = getCipherNameImpl(SSL);
+            creationTime = getCreationTimeImpl(SSL_SESSION);
+
+            id = new byte[32];
+            rng.nextBytes(id);
+            long time = creationTime / 1000;
+            id[28] = (byte) ((time & 0xFF000000) >>> 24);
+            id[29] = (byte) ((time & 0x00FF0000) >>> 16);
+            id[30] = (byte) ((time & 0x0000FF00) >>> 8);
+            id[31] = (byte) ((time & 0x000000FF));
+        }
+
+        lastAccessedTime = creationTime;
     }
 
     public int getApplicationBufferSize() {
@@ -219,7 +246,7 @@ public class SSLSessionImpl implements S
     }
 
     public String getCipherSuite() {
-        return cipherSuite.getName();
+        return cipherName;
     }
 
     public long getCreationTime() {

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java?rev=989596&r1=989595&r2=989596&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
Thu Aug 26 10:38:46 2010
@@ -17,9 +17,6 @@
 
 package org.apache.harmony.xnet.provider.jsse;
 
-import org.apache.harmony.xnet.provider.jsse.SSLSocketOutputStream;
-import org.apache.harmony.xnet.provider.jsse.SSLSessionImpl;
-
 import java.io.FileDescriptor;
 import java.io.IOException;
 import java.io.InputStream;

Added: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.c
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.c?rev=989596&view=auto
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.c
(added)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.c
Thu Aug 26 10:38:46 2010
@@ -0,0 +1,82 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+#include "cipherList.h"
+
+char *SSLv2_SpecNames[SSLv2_CIPHER_COUNT] = { "SSL_CK_RC4_128_WITH_MD5", "SSL_CK_RC4_128_EXPORT40_WITH_MD5",
"SSL_CK_RC2_128_CBC_WITH_MD5", 
+    "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", "SSL_CK_IDEA_128_CBC_WITH_MD5", "SSL_CK_DES_64_CBC_WITH_MD5",
"SSL_CK_DES_192_EDE3_CBC_WITH_MD5" };
+
+char *SSLv2_openSSLNames[SSLv2_CIPHER_COUNT] = { "RC4-MD5", "EXP-RC4-MD5", "RC2-MD5", "EXP-RC2-MD5",
"IDEA-CBC-MD5", "DES-CBC-MD5", "DES-CBC3-MD5" };
+
+char *SSLv3_SpecNames[SSLv3_CIPHER_COUNT] = { "SSL_RSA_WITH_NULL_MD5", "SSL_RSA_WITH_NULL_SHA",
"SSL_RSA_EXPORT_WITH_RC4_40_MD5", 
+    "SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
"SSL_RSA_WITH_IDEA_CBC_SHA", 
+    "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 
+    "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_RSA_WITH_DES_CBC_SHA", 
+    "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "SSL_DH_anon_WITH_RC4_128_MD5",
"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 
+    "SSL_DH_anon_WITH_DES_CBC_SHA", "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA" };
+
+char *SSLv3_openSSLNames[SSLv3_CIPHER_COUNT] = { "NULL-MD5", "NULL-SHA", "EXP-RC4-MD5", "RC4-MD5",
"RC4-SHA", "EXP-RC2-CBC-MD5", "IDEA-CBC-SHA", 
+    "EXP-DES-CBC-SHA", "DES-CBC-SHA", "DES-CBC3-SHA", "EXP-EDH-DSS-DES-CBC-SHA", "EDH-DSS-CBC-SHA",
"EDH-DSS-DES-CBC3-SHA", "EXP-EDH-RSA-DES-CBC-SHA", 
+    "EDH-RSA-DES-CBC-SHA", "EDH-RSA-DES-CBC3-SHA", "EXP-ADH-RC4-MD5", "ADH-RC4-MD5", "EXP-ADH-DES-CBC-SHA",
"ADH-DES-CBC-SHA", "ADH-DES-CBC3-SHA" };
+
+char *TLSv1_SpecNames[TLSv1_CIPHER_COUNT] = { "TLS_RSA_WITH_NULL_MD5", "TLS_RSA_WITH_NULL_SHA",
"TLS_RSA_EXPORT_WITH_RC4_40_MD5", 
+    "TLS_RSA_WITH_RC4_128_MD5", "TLS_RSA_WITH_RC4_128_SHA", "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
"TLS_RSA_WITH_IDEA_CBC_SHA", 
+    "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", "TLS_RSA_WITH_DES_CBC_SHA", "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 
+    "TLS_DHE_DSS_WITH_DES_CBC_SHA", "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"TLS_DHE_RSA_WITH_DES_CBC_SHA", 
+    "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", "TLS_DH_anon_WITH_RC4_128_MD5",
"TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 
+    "TLS_DH_anon_WITH_DES_CBC_SHA", "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA", 
+    "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA", 
+    "TLS_DH_anon_WITH_AES_128_CBC_SHA", "TLS_DH_anon_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA",
"TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", 
+    "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA",

+    "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA",

+    "TLS_RSA_WITH_SEED_CBC_SHA", "TLS_DHE_DSS_WITH_SEED_CBC_SHA", "TLS_DHE_RSA_WITH_SEED_CBC_SHA",
"TLS_DH_anon_WITH_SEED_CBC_SHA", 
+    "TLS_GOSTR341094_WITH_28147_CNT_IMIT", "TLS_GOSTR341001_WITH_28147_CNT_IMIT", "TLS_GOSTR341094_WITH_NULL_GOSTR3411",

+    "TLS_GOSTR341001_WITH_NULL_GOSTR3411", "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA", "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA",

+    "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA",
"TLS_DHE_DSS_WITH_RC4_128_SHA" };
+
+char *TLSv1_openSSLNames[TLSv1_CIPHER_COUNT] = { "NULL-MD5", "NULL-SHA", "EXP-RC4-MD5", "RC4-MD5",
"RC4-SHA", "EXP-RC2-CBC-MD5", "IDEA-CBC-SHA", 
+    "EXP-DES-CBC-SHA", "DES-CBC-SHA", "DES-CBC3-SHA", "EXP-EDH-DSS-DES-CBC-SHA", "EDH-DSS-CBC-SHA",
"EDH-DSS-DES-CBC3-SHA", "EXP-EDH-RSA-DES-CBC-SHA", 
+    "EDH-RSA-DES-CBC-SHA", "EDH-RSA-DES-CBC3-SHA", "EXP-ADH-RC4-MD5", "ADH-RC4-MD5", "EXP-ADH-DES-CBC-SHA",
"ADH-DES-CBC-SHA", "ADH-DES-CBC3-SHA", 
+    "AES128-SHA", "AES256-SHA", "DHE-DSS-AES128-SHA", "DHE-DSS-AES256-SHA", "DHE-RSA-AES128-SHA",
"DHE-RSA-AES256-SHA", "ADH-AES128-SHA", 
+    "ADH-AES256-SHA", "CAMELLIA128-SHA", "CAMELLIA256-SHA", "DHE-DSS-CAMELLIA128-SHA", "DHE-DSS-CAMELLIA256-SHA",
"DHE-RSA-CAMELLIA128-SHA", 
+    "DHE-RSA-CAMELLIA256-SHA", "ADH-CAMELLIA128-SHA", "ADH-CAMELLIA256-SHA", "SEED-SHA",
"DHE-DSS-SEED-SHA", "DHE-RSA-SEED-SHA", "ADH-SEED-SHA", 
+    "GOST94-GOST89-GOST89", "GOST2001-GOST89-GOST89", "GOST94-NULL-GOST94", "GOST2001-NULL-GOST94",
"EXP1024-DES-CBC-SHA", "EXP1024-RC4-SHA", 
+    "EXP1024-DHE-DSS-DES-CBC-SHA", "EXP1024-DHE-DSS-RC4-SHA", "DHE-DSS-RC4-SHA" };
+
+char** getTLSv1SpecNames() {
+    return TLSv1_SpecNames;
+}
+
+char** getTLSv1OpenSSLNames() {
+    return TLSv1_openSSLNames;
+}
+
+char** getSSLv3SpecNames() {
+    return SSLv3_SpecNames;
+}
+
+char** getSSLv3OpenSSLNames() {
+    return SSLv3_openSSLNames;
+}
+
+char** getSSLv2SpecNames() {
+    return SSLv2_SpecNames;
+}
+
+char** getSSLv2OpenSSLNames() {
+    return SSLv2_openSSLNames;
+}

Propchange: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.c
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.h
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.h?rev=989596&r1=989595&r2=989596&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.h
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.h
Thu Aug 26 10:38:46 2010
@@ -19,46 +19,14 @@
 #define _CIPHERLIST_H
 
 #define SSLv2_CIPHER_COUNT 7
-char *SSLv2_SpecNames[SSLv2_CIPHER_COUNT] = { "SSL_CK_RC4_128_WITH_MD5", "SSL_CK_RC4_128_EXPORT40_WITH_MD5",
"SSL_CK_RC2_128_CBC_WITH_MD5", 
-    "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", "SSL_CK_IDEA_128_CBC_WITH_MD5", "SSL_CK_DES_64_CBC_WITH_MD5",
"SSL_CK_DES_192_EDE3_CBC_WITH_MD5" };
-
-char *SSLv2_openSSLNames[SSLv2_CIPHER_COUNT] = { "RC4-MD5", "EXP-RC4-MD5", "RC2-MD5", "EXP-RC2-MD5",
"IDEA-CBC-MD5", "DES-CBC-MD5", "DES-CBC3-MD5" };
-
 #define SSLv3_CIPHER_COUNT 21
-char *SSLv3_SpecNames[SSLv3_CIPHER_COUNT] = { "SSL_RSA_WITH_NULL_MD5", "SSL_RSA_WITH_NULL_SHA",
"SSL_RSA_EXPORT_WITH_RC4_40_MD5", 
-    "SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
"SSL_RSA_WITH_IDEA_CBC_SHA", 
-    "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 
-    "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_RSA_WITH_DES_CBC_SHA", 
-    "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "SSL_DH_anon_WITH_RC4_128_MD5",
"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 
-    "SSL_DH_anon_WITH_DES_CBC_SHA", "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA" };
-
-char *SSLv3_openSSLNames[SSLv3_CIPHER_COUNT] = { "NULL-MD5", "NULL-SHA", "EXP-RC4-MD5", "RC4-MD5",
"RC4-SHA", "EXP-RC2-CBC-MD5", "IDEA-CBC-SHA", 
-    "EXP-DES-CBC-SHA", "DES-CBC-SHA", "DES-CBC3-SHA", "EXP-EDH-DSS-DES-CBC-SHA", "EDH-DSS-CBC-SHA",
"EDH-DSS-DES-CBC3-SHA", "EXP-EDH-RSA-DES-CBC-SHA", 
-    "EDH-RSA-DES-CBC-SHA", "EDH-RSA-DES-CBC3-SHA", "EXP-ADH-RC4-MD5", "ADH-RC4-MD5", "EXP-ADH-DES-CBC-SHA",
"ADH-DES-CBC-SHA", "ADH-DES-CBC3-SHA" };
-
 #define TLSv1_CIPHER_COUNT 50
-char *TLSv1_SpecNames[TLSv1_CIPHER_COUNT] = { "TLS_RSA_WITH_NULL_MD5", "TLS_RSA_WITH_NULL_SHA",
"TLS_RSA_EXPORT_WITH_RC4_40_MD5", 
-    "TLS_RSA_WITH_RC4_128_MD5", "TLS_RSA_WITH_RC4_128_SHA", "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
"TLS_RSA_WITH_IDEA_CBC_SHA", 
-    "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", "TLS_RSA_WITH_DES_CBC_SHA", "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 
-    "TLS_DHE_DSS_WITH_DES_CBC_SHA", "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"TLS_DHE_RSA_WITH_DES_CBC_SHA", 
-    "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", "TLS_DH_anon_WITH_RC4_128_MD5",
"TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 
-    "TLS_DH_anon_WITH_DES_CBC_SHA", "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA", 
-    "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA", 
-    "TLS_DH_anon_WITH_AES_128_CBC_SHA", "TLS_DH_anon_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA",
"TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", 
-    "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA",

-    "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA",

-    "TLS_RSA_WITH_SEED_CBC_SHA", "TLS_DHE_DSS_WITH_SEED_CBC_SHA", "TLS_DHE_RSA_WITH_SEED_CBC_SHA",
"TLS_DH_anon_WITH_SEED_CBC_SHA", 
-    "TLS_GOSTR341094_WITH_28147_CNT_IMIT", "TLS_GOSTR341001_WITH_28147_CNT_IMIT", "TLS_GOSTR341094_WITH_NULL_GOSTR3411",

-    "TLS_GOSTR341001_WITH_NULL_GOSTR3411", "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA", "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA",

-    "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA",
"TLS_DHE_DSS_WITH_RC4_128_SHA" };
 
-char *TLSv1_openSSLNames[TLSv1_CIPHER_COUNT] = { "NULL-MD5", "NULL-SHA", "EXP-RC4-MD5", "RC4-MD5",
"RC4-SHA", "EXP-RC2-CBC-MD5", "IDEA-CBC-SHA", 
-    "EXP-DES-CBC-SHA", "DES-CBC-SHA", "DES-CBC3-SHA", "EXP-EDH-DSS-DES-CBC-SHA", "EDH-DSS-CBC-SHA",
"EDH-DSS-DES-CBC3-SHA", "EXP-EDH-RSA-DES-CBC-SHA", 
-    "EDH-RSA-DES-CBC-SHA", "EDH-RSA-DES-CBC3-SHA", "EXP-ADH-RC4-MD5", "ADH-RC4-MD5", "EXP-ADH-DES-CBC-SHA",
"ADH-DES-CBC-SHA", "ADH-DES-CBC3-SHA", 
-    "AES128-SHA", "AES256-SHA", "DHE-DSS-AES128-SHA", "DHE-DSS-AES256-SHA", "DHE-RSA-AES128-SHA",
"DHE-RSA-AES256-SHA", "ADH-AES128-SHA", 
-    "ADH-AES256-SHA", "CAMELLIA128-SHA", "CAMELLIA256-SHA", "DHE-DSS-CAMELLIA128-SHA", "DHE-DSS-CAMELLIA256-SHA",
"DHE-RSA-CAMELLIA128-SHA", 
-    "DHE-RSA-CAMELLIA256-SHA", "ADH-CAMELLIA128-SHA", "ADH-CAMELLIA256-SHA", "SEED-SHA",
"DHE-DSS-SEED-SHA", "DHE-RSA-SEED-SHA", "ADH-SEED-SHA", 
-    "GOST94-GOST89-GOST89", "GOST2001-GOST89-GOST89", "GOST94-NULL-GOST94", "GOST2001-NULL-GOST94",
"EXP1024-DES-CBC-SHA", "EXP1024-RC4-SHA", 
-    "EXP1024-DHE-DSS-DES-CBC-SHA", "EXP1024-DHE-DSS-RC4-SHA", "DHE-DSS-RC4-SHA" };
+char** getTLSv1SpecNames();
+char** getTLSv1OpenSSLNames();
+char** getSSLv3SpecNames();
+char** getSSLv3OpenSSLNames();
+char** getSSLv2SpecNames();
+char** getSSLv2OpenSSLNames();
 
 #endif

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c?rev=989596&r1=989595&r2=989596&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
Thu Aug 26 10:38:46 2010
@@ -82,9 +82,9 @@ JNIEXPORT jobjectArray JNICALL Java_org_
     ssl = SSL_new(context);
     
     // TODO: check for exception return
-    ssl2matched = getCipherSpecList(env, ssl, "SSLv2", &ssl2jciphers, SSLv2_openSSLNames,
SSLv2_SpecNames, SSLv2_CIPHER_COUNT);
-    ssl3matched = getCipherSpecList(env, ssl, "SSLv3", &ssl3jciphers, SSLv3_openSSLNames,
SSLv3_SpecNames, SSLv3_CIPHER_COUNT);
-    tlsmatched = getCipherSpecList(env, ssl, "TLSv1", &tlsjciphers, TLSv1_openSSLNames,
TLSv1_SpecNames, TLSv1_CIPHER_COUNT);
+    ssl2matched = getCipherSpecList(env, ssl, "SSLv2:!LOW:@STRENGTH", &ssl2jciphers,
getSSLv2OpenSSLNames(), getSSLv2SpecNames(), SSLv2_CIPHER_COUNT);
+    ssl3matched = getCipherSpecList(env, ssl, "SSLv3:!LOW:@STRENGTH", &ssl3jciphers,
getSSLv3OpenSSLNames(), getSSLv3SpecNames(), SSLv3_CIPHER_COUNT);
+    tlsmatched = getCipherSpecList(env, ssl, "TLSv1:!LOW:@STRENGTH", &tlsjciphers, getTLSv1OpenSSLNames(),
getTLSv1SpecNames(), TLSv1_CIPHER_COUNT);
 
     stringClass = (*env)->FindClass(env, "java/lang/String");
     stringArray = (*env)->NewObjectArray(env, ssl2matched + ssl3matched + tlsmatched,
stringClass, NULL);
@@ -117,6 +117,12 @@ JNIEXPORT jobjectArray JNICALL Java_org_
     return stringArray;
 }
 
+// Callback for temporary RSA key generation
+RSA *tmp_rsa_callback(SSL *s, int is_export, int keylength)
+{
+    return RSA_generate_key(keylength, RSA_F4, NULL, NULL);
+}
+
 // Callback for DH params generation
 // TODO: Would pregenerated params do? e.g. get_rfc2409_prime_768() etc.
 DH *tmp_dh_callback(SSL *s, int is_export, int keylength)
@@ -161,6 +167,7 @@ JNIEXPORT jlong JNICALL Java_org_apache_
     // Set callback for DH key exchange.
     SSL_CTX_set_options(context, SSL_OP_SINGLE_DH_USE);
     SSL_CTX_set_tmp_dh_callback(context, &tmp_dh_callback);
+    SSL_CTX_set_tmp_rsa_callback(context, &tmp_rsa_callback);
 
     // First initilise the trust certificates in our newly created context
     size = (*env)->GetArrayLength(env, jtrustCerts);
@@ -289,29 +296,31 @@ JNIEXPORT void JNICALL Java_org_apache_h
 }
 
 char* findOpenSSLName(const char *cipher) {
-    int i;
+    int i, numNames;
+    char **openSSLNames, **specNames;
     if (strstr(cipher, "TLS_")) {
         // This is a TLS cipher name
-        for (i=0; i<TLSv1_CIPHER_COUNT; i++) {
-            if (!strcmp(cipher, TLSv1_SpecNames[i])) {
-                return TLSv1_openSSLNames[i];
-            }
-        }
+        numNames = TLSv1_CIPHER_COUNT;
+        specNames = getTLSv1SpecNames();
+        openSSLNames = getTLSv1OpenSSLNames();
+        
     } else if (strstr(cipher, "SSL_CK")) {
         // This is an SSLv2 cipher name
-        for (i=0; i<SSLv2_CIPHER_COUNT; i++) {
-            if (!strcmp(cipher, SSLv2_SpecNames[i])) {
-                return SSLv2_openSSLNames[i];
-            }
-        }
+        numNames = SSLv2_CIPHER_COUNT;
+        specNames = getSSLv2SpecNames();
+        openSSLNames = getSSLv2OpenSSLNames();
     } else {
         // This is an SSLv3 cipher name
-        for (i=0; i<SSLv3_CIPHER_COUNT; i++) {
-            if (!strcmp(cipher, SSLv3_SpecNames[i])) {
-                return SSLv3_openSSLNames[i];
-            }
+        numNames = SSLv3_CIPHER_COUNT;
+        specNames = getSSLv3SpecNames();
+        openSSLNames = getSSLv3OpenSSLNames();
+    }
+
+    for (i=0; i<numNames; i++) {
+        if (!strcmp(cipher, specNames[i])) {
+            return openSSLNames[i];
         }
-    }  
+    }
 
     return NULL;  
 }

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c?rev=989596&r1=989595&r2=989596&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c
Thu Aug 26 10:38:46 2010
@@ -23,10 +23,56 @@
 #include "openssl/ssl.h"
 #include "openssl/err.h"
 
+#include "cipherList.h"
+
 JNIEXPORT jlong JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_initialiseSession
   (JNIEnv *env, jobject object, jlong jssl)
 {
     SSL *ssl = jlong2addr(SSL, jssl);
-
     return addr2jlong(SSL_get_session(ssl));
 }
+
+char* getSpecName(const char *cipherName, char *openSSLNames[], char *specNames[], int mappedNamesCount)
{
+    int i;
+    for (i=0; i<mappedNamesCount; i++) {
+        if (!strcmp(cipherName, openSSLNames[i])) {
+            return specNames[i];
+        }
+    }
+    return NULL;
+}
+
+JNIEXPORT jstring JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_getCipherNameImpl
+  (JNIEnv *env, jobject object, jlong jssl) {
+    SSL *ssl = jlong2addr(SSL, jssl);
+    const SSL_CIPHER *cipher;
+    const char *cipherName = SSL_get_cipher(ssl);
+    char *protocol = SSL_get_cipher_version(ssl);
+    char *specName = NULL;
+    char buf[256];
+
+    if (!strcmp(protocol, "TLSv1/SSLv3")) {
+        // We're in either TLS or SSLv3, now find the spec name
+        specName = getSpecName(cipherName, getTLSv1OpenSSLNames(), getTLSv1SpecNames(), TLSv1_CIPHER_COUNT);
+        if (!specName) {
+            // Not in the TLS list, now search the SSL list
+            // TODO: Lists are likely to be the same - can this case ever occur?
+            specName = getSpecName(cipherName, getSSLv3OpenSSLNames(), getSSLv3SpecNames(),
SSLv3_CIPHER_COUNT);
+        }        
+    } else {
+        // SSLv2 case
+        specName = getSpecName(cipherName, getSSLv2OpenSSLNames(), getSSLv2SpecNames(), SSLv2_CIPHER_COUNT);
+    }
+
+    cipher = SSL_get_current_cipher(ssl);
+    return (*env)->NewStringUTF(env, specName);
+}
+
+JNIEXPORT jlong JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_getCreationTimeImpl
+  (JNIEnv *env, jobject object, jlong jsession) {
+    SSL_SESSION *session = jlong2addr(SSL_SESSION, jsession);
+
+    return (jlong)SSL_SESSION_get_time(session)*1000;
+}
+
+

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h?rev=989596&r1=989595&r2=989596&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h
Thu Aug 26 10:38:46 2010
@@ -26,6 +26,10 @@ extern "C" {
 
 JNIEXPORT jlong JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_initialiseSession
   (JNIEnv *, jobject, jlong);
+JNIEXPORT jstring JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_getCipherNameImpl
+  (JNIEnv *, jobject, jlong);
+JNIEXPORT jlong JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_getCreationTimeImpl
+  (JNIEnv *, jobject, jlong);
 
 #ifdef __cplusplus
 }

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/unix/makefile
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/unix/makefile?rev=989596&r1=989595&r2=989596&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/unix/makefile
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/unix/makefile
Thu Aug 26 10:38:46 2010
@@ -31,7 +31,8 @@ endif
 
 BUILDFILES = \
 	$(SHAREDSUB)jsse_copyright.o $(SHAREDSUB)sslParameters.o $(SHAREDSUB)sslSocket.o \
-	$(SHAREDSUB)sslSession.o $(SHAREDSUB)sslEngine.o $(SHAREDSUB)jsse_rand.o
+	$(SHAREDSUB)sslSession.o $(SHAREDSUB)sslEngine.o $(SHAREDSUB)jsse_rand.o \
+	$(SHAREDSUB)cipherList.o
 
 MDLLIBFILES += $(LIBPATH)libvmi$(HY_LINKLIB_SUFFIX) \
 	$(OPENSSL_DIST)libcrypto.a $(OPENSSL_DIST)libssl.a

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/windows/makefile
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/windows/makefile?rev=989596&r1=989595&r2=989596&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/windows/makefile
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/windows/makefile
Thu Aug 26 10:38:46 2010
@@ -29,7 +29,8 @@ HYLDFLAGS = $(HYLDFLAGS) -def:$(LIBBASE)
 
 BUILDFILES = \
   $(SHAREDSUB)jsse_copyright.obj $(SHAREDSUB)sslParameters.obj $(SHAREDSUB)sslSocket.obj
\
-  $(SHAREDSUB)sslSession.obj $(SHAREDSUB)sslEngine.obj $(SHAREDSUB)jsse_rand.obj
+  $(SHAREDSUB)sslSession.obj $(SHAREDSUB)sslEngine.obj $(SHAREDSUB)jsse_rand.obj \
+  $(SHAREDSUB)cipherList.obj
 
 VIRTFILES = hyjsse.res
 



Mime
View raw message