Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1346)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: java/io/netty/internal/tcnative/CertificateVerifier.java

Issue 2842333002: Updated netty-tcnative to version 2.0.0.Final (Closed)
Patch Set: Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « java/io/netty/internal/tcnative/CertificateRequestedCallback.java ('k') | java/io/netty/internal/tcnative/Library.java » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /*
2 * Copyright 2014 The Netty Project
3 *
4 * The Netty Project licenses this file to you under the Apache License,
5 * version 2.0 (the "License"); you may not use this file except in compliance
6 * with the License. You may obtain a copy of the License at:
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 * License for the specific language governing permissions and limitations
14 * under the License.
15 */
16 package io.netty.internal.tcnative;
17
18 import static io.netty.internal.tcnative.NativeStaticallyReferencedJniMethods.*;
19
20 /**
21 * Is called during handshake and hooked into openssl via {@code SSL_CTX_set_cer t_verify_callback}.
22 *
23 * IMPORTANT: Implementations of this interface should be static as it is stored as a global reference via JNI. This
24 * means if you use an inner / anonymous class to implement this and also depend on the finalizer of the
25 * class to free up the SSLContext the finalizer will never run as th e object is never GC, due the hard
26 * reference to the enclosing class. This will most likely result in a memory leak.
27 */
28 public interface CertificateVerifier {
29 int X509_V_OK = x509vOK();
30 int X509_V_ERR_UNSPECIFIED = x509vErrUnspecified();
31 int X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = x509vErrUnableToGetIssuerCert();
32 int X509_V_ERR_UNABLE_TO_GET_CRL = x509vErrUnableToGetCrl();
33 int X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE = x509vErrUnableToDecryptCer tSignature();
34 int X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE = x509vErrUnableToDecryptCrlS ignature();
35 int X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY = x509vErrUnableToDecodeIs suerPublicKey();
36 int X509_V_ERR_CERT_SIGNATURE_FAILURE = x509vErrCertSignatureFailure();
37 int X509_V_ERR_CRL_SIGNATURE_FAILURE = x509vErrCrlSignatureFailure();
38 int X509_V_ERR_CERT_NOT_YET_VALID = x509vErrCertNotYetValid();
39 int X509_V_ERR_CERT_HAS_EXPIRED = x509vErrCertHasExpired();
40 int X509_V_ERR_CRL_NOT_YET_VALID = x509vErrCrlNotYetValid();
41 int X509_V_ERR_CRL_HAS_EXPIRED = x509vErrCrlHasExpired();
42 int X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = x509vErrErrorInCertNotBefore Field();
43 int X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = x509vErrErrorInCertNotAfterFi eld();
44 int X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD = x509vErrErrorInCrlLastUpdate Field();
45 int X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = x509vErrErrorInCrlNextUpdate Field();
46 int X509_V_ERR_OUT_OF_MEM = x509vErrOutOfMem();
47 int X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT = x509vErrDepthZeroSelfSignedCert ();
48 int X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN = x509vErrSelfSignedCertInChain();
49 int X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = x509vErrUnableToGetIssuer CertLocally();
50 int X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = x509vErrUnableToVerifyLeaf Signature();
51 int X509_V_ERR_CERT_CHAIN_TOO_LONG = x509vErrCertChainTooLong();
52 int X509_V_ERR_CERT_REVOKED = x509vErrCertRevoked();
53 int X509_V_ERR_INVALID_CA = x509vErrInvalidCa();
54 int X509_V_ERR_PATH_LENGTH_EXCEEDED = x509vErrPathLengthExceeded();
55 int X509_V_ERR_INVALID_PURPOSE = x509vErrInvalidPurpose();
56 int X509_V_ERR_CERT_UNTRUSTED = x509vErrCertUntrusted();
57 int X509_V_ERR_CERT_REJECTED = x509vErrCertRejected();
58 int X509_V_ERR_SUBJECT_ISSUER_MISMATCH = x509vErrSubjectIssuerMismatch();
59 int X509_V_ERR_AKID_SKID_MISMATCH = x509vErrAkidSkidMismatch();
60 int X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH = x509vErrAkidIssuerSerialMismatc h();
61 int X509_V_ERR_KEYUSAGE_NO_CERTSIGN = x509vErrKeyUsageNoCertSign();
62 int X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER = x509vErrUnableToGetCrlIssuer();
63 int X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION = x509vErrUnhandledCriticalExten sion();
64 int X509_V_ERR_KEYUSAGE_NO_CRL_SIGN = x509vErrKeyUsageNoCrlSign();
65 int X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION = x509vErrUnhandledCriticalC rlExtension();
66 int X509_V_ERR_INVALID_NON_CA = x509vErrInvalidNonCa();
67 int X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED = x509vErrProxyPathLengthExceeded( );
68 int X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE = x509vErrKeyUsageNoDigitalSign ature();
69 int X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED = x509vErrProxyCertificatesNot Allowed();
70 int X509_V_ERR_INVALID_EXTENSION = x509vErrInvalidExtension();
71 int X509_V_ERR_INVALID_POLICY_EXTENSION = x509vErrInvalidPolicyExtension();
72 int X509_V_ERR_NO_EXPLICIT_POLICY = x509vErrNoExplicitPolicy();
73 int X509_V_ERR_DIFFERENT_CRL_SCOPE = x509vErrDifferntCrlScope();
74 int X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE = x509vErrUnsupportedExtensionF eature();
75 int X509_V_ERR_UNNESTED_RESOURCE = x509vErrUnnestedResource();
76 int X509_V_ERR_PERMITTED_VIOLATION = x509vErrPermittedViolation();
77 int X509_V_ERR_EXCLUDED_VIOLATION = x509vErrExcludedViolation();
78 int X509_V_ERR_SUBTREE_MINMAX = x509vErrSubtreeMinMax();
79 int X509_V_ERR_APPLICATION_VERIFICATION = x509vErrApplicationVerification();
80 int X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE = x509vErrUnsupportedConstraintTy pe();
81 int X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX = x509vErrUnsupportedConstraint Syntax();
82 int X509_V_ERR_UNSUPPORTED_NAME_SYNTAX = x509vErrUnsupportedNameSyntax();
83 int X509_V_ERR_CRL_PATH_VALIDATION_ERROR = x509vErrCrlPathValidationError();
84 int X509_V_ERR_PATH_LOOP = x509vErrPathLoop();
85 int X509_V_ERR_SUITE_B_INVALID_VERSION = x509vErrSuiteBInvalidVersion();
86 int X509_V_ERR_SUITE_B_INVALID_ALGORITHM = x509vErrSuiteBInvalidAlgorithm();
87 int X509_V_ERR_SUITE_B_INVALID_CURVE = x509vErrSuiteBInvalidCurve();
88 int X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM = x509vErrSuiteBInvalidSi gnatureAlgorithm();
89 int X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED = x509vErrSuiteBLosNotAllowed();
90 int X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = x509vErrSuiteBCannotSi gnP384WithP256();
91 int X509_V_ERR_HOSTNAME_MISMATCH = x509vErrHostnameMismatch();
92 int X509_V_ERR_EMAIL_MISMATCH = x509vErrEmailMismatch();
93 int X509_V_ERR_IP_ADDRESS_MISMATCH = x509vErrIpAddressMismatch();
94 int X509_V_ERR_DANE_NO_MATCH = x509vErrDaneNoMatch();
95
96 /**
97 * Returns {@code true} if the passed in certificate chain could be verified and so the handshake
98 * should be successful, {@code false} otherwise.
99 *
100 * @param ssl the SSL instance
101 * @param x509 the {@code X509} certificate chain
102 * @param authAlgorithm the auth algorithm
103 * @return verified {@code true} if verified successful, {@code fals e} otherwise
104 */
105 int verify(long ssl, byte[][] x509, String authAlgorithm);
106 }
OLDNEW
« no previous file with comments | « java/io/netty/internal/tcnative/CertificateRequestedCallback.java ('k') | java/io/netty/internal/tcnative/Library.java » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698