Annotation of embedaddon/axTLS/samples/java/axssl.java, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (c) 2007, Cameron Rich
! 3: *
! 4: * All rights reserved.
! 5: *
! 6: * Redistribution and use in source and binary forms, with or without
! 7: * modification, are permitted provided that the following conditions are met:
! 8: *
! 9: * * Redistributions of source code must retain the above copyright notice,
! 10: * this list of conditions and the following disclaimer.
! 11: * * Redistributions in binary form must reproduce the above copyright notice,
! 12: * this list of conditions and the following disclaimer in the documentation
! 13: * and/or other materials provided with the distribution.
! 14: * * Neither the name of the axTLS project nor the names of its contributors
! 15: * may be used to endorse or promote products derived from this software
! 16: * without specific prior written permission.
! 17: *
! 18: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
! 19: * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
! 20: * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
! 21: * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
! 22: * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
! 23: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
! 24: * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
! 25: * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
! 26: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
! 27: * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
! 28: * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
! 29: */
! 30:
! 31: /*
! 32: * Demonstrate the use of the axTLS library in Java with a set of
! 33: * command-line parameters similar to openssl. In fact, openssl clients
! 34: * should be able to communicate with axTLS servers and visa-versa. *
! 35: * This code has various bits enabled depending on the configuration. To enable
! 36: * the most interesting version, compile with the 'full mode' enabled.
! 37: *
! 38: * To see what options you have, run the following:
! 39: * > java -jar axtls.jar s_server -?
! 40: * > java -jar axtls.jar s_client -?
! 41: *
! 42: * The axtls/axtlsj shared libraries must be in the same directory or be found
! 43: * by the OS.
! 44: */
! 45:
! 46: import java.io.*;
! 47: import java.util.*;
! 48: import java.net.*;
! 49: import axTLSj.*;
! 50:
! 51: public class axssl
! 52: {
! 53: /*
! 54: * Main()
! 55: */
! 56: public static void main(String[] args)
! 57: {
! 58: if (args.length == 1 && args[0].equals("version"))
! 59: {
! 60: System.out.println("axtls.jar " + SSLUtil.version());
! 61: System.exit(0);
! 62: }
! 63:
! 64: axssl runner = new axssl();
! 65:
! 66: try
! 67: {
! 68: if (args.length < 1 ||
! 69: (!args[0].equals("s_server") &&
! 70: !args[0].equals("s_client")))
! 71: {
! 72: runner.print_options(args.length > 0 ? args[0] : "");
! 73: }
! 74:
! 75: int build_mode = SSLUtil.buildMode();
! 76:
! 77: if (args[0].equals("s_server"))
! 78: runner.do_server(build_mode, args);
! 79: else
! 80: runner.do_client(build_mode, args);
! 81: }
! 82: catch (Exception e)
! 83: {
! 84: System.out.println(e);
! 85: }
! 86: }
! 87:
! 88: /*
! 89: * do_server()
! 90: */
! 91: private void do_server(int build_mode, String[] args)
! 92: throws Exception
! 93: {
! 94: int i = 1;
! 95: int port = 4433;
! 96: int options = axtlsj.SSL_DISPLAY_CERTS;
! 97: boolean quiet = false;
! 98: String password = null;
! 99: String private_key_file = null;
! 100:
! 101: /* organise the cert/ca_cert lists */
! 102: int cert_size = SSLUtil.maxCerts();
! 103: int ca_cert_size = SSLUtil.maxCACerts();
! 104: String[] cert = new String[cert_size];
! 105: String[] ca_cert = new String[ca_cert_size];
! 106: int cert_index = 0;
! 107: int ca_cert_index = 0;
! 108:
! 109: while (i < args.length)
! 110: {
! 111: if (args[i].equals("-accept"))
! 112: {
! 113: if (i >= args.length-1)
! 114: {
! 115: print_server_options(build_mode, args[i]);
! 116: }
! 117:
! 118: port = Integer.parseInt(args[++i]);
! 119: }
! 120: else if (args[i].equals("-quiet"))
! 121: {
! 122: quiet = true;
! 123: options &= ~(int)axtlsj.SSL_DISPLAY_CERTS;
! 124: }
! 125: else if (build_mode >= axtlsj.SSL_BUILD_SERVER_ONLY)
! 126: {
! 127: if (args[i].equals("-cert"))
! 128: {
! 129: if (i >= args.length-1 || cert_index >= cert_size)
! 130: {
! 131: print_server_options(build_mode, args[i]);
! 132: }
! 133:
! 134: cert[cert_index++] = args[++i];
! 135: }
! 136: else if (args[i].equals("-key"))
! 137: {
! 138: if (i >= args.length-1)
! 139: {
! 140: print_server_options(build_mode, args[i]);
! 141: }
! 142:
! 143: private_key_file = args[++i];
! 144: options |= axtlsj.SSL_NO_DEFAULT_KEY;
! 145: }
! 146: else if (args[i].equals("-pass"))
! 147: {
! 148: if (i >= args.length-1)
! 149: {
! 150: print_server_options(build_mode, args[i]);
! 151: }
! 152:
! 153: password = args[++i];
! 154: }
! 155: else if (build_mode >= axtlsj.SSL_BUILD_ENABLE_VERIFICATION)
! 156: {
! 157: if (args[i].equals("-verify"))
! 158: {
! 159: options |= axtlsj.SSL_CLIENT_AUTHENTICATION;
! 160: }
! 161: else if (args[i].equals("-CAfile"))
! 162: {
! 163: if (i >= args.length-1 || ca_cert_index >= ca_cert_size)
! 164: {
! 165: print_server_options(build_mode, args[i]);
! 166: }
! 167:
! 168: ca_cert[ca_cert_index++] = args[++i];
! 169: }
! 170: else if (build_mode == axtlsj.SSL_BUILD_FULL_MODE)
! 171: {
! 172: if (args[i].equals("-debug"))
! 173: {
! 174: options |= axtlsj.SSL_DISPLAY_BYTES;
! 175: }
! 176: else if (args[i].equals("-state"))
! 177: {
! 178: options |= axtlsj.SSL_DISPLAY_STATES;
! 179: }
! 180: else if (args[i].equals("-show-rsa"))
! 181: {
! 182: options |= axtlsj.SSL_DISPLAY_RSA;
! 183: }
! 184: else
! 185: print_server_options(build_mode, args[i]);
! 186: }
! 187: else
! 188: print_server_options(build_mode, args[i]);
! 189: }
! 190: else
! 191: print_server_options(build_mode, args[i]);
! 192: }
! 193: else
! 194: print_server_options(build_mode, args[i]);
! 195:
! 196: i++;
! 197: }
! 198:
! 199: /* Create socket for incoming connections */
! 200: ServerSocket server_sock = new ServerSocket(port);
! 201:
! 202: /**********************************************************************
! 203: * This is where the interesting stuff happens. Up until now we've
! 204: * just been setting up sockets etc. Now we do the SSL handshake.
! 205: **********************************************************************/
! 206: SSLServer ssl_ctx = new SSLServer(options,
! 207: axtlsj.SSL_DEFAULT_SVR_SESS);
! 208:
! 209: if (ssl_ctx == null)
! 210: throw new Exception("Error: Server context is invalid");
! 211:
! 212: if (private_key_file != null)
! 213: {
! 214: int obj_type = axtlsj.SSL_OBJ_RSA_KEY;
! 215:
! 216: if (private_key_file.endsWith(".p8"))
! 217: obj_type = axtlsj.SSL_OBJ_PKCS8;
! 218: else if (private_key_file.endsWith(".p12"))
! 219: obj_type = axtlsj.SSL_OBJ_PKCS12;
! 220:
! 221: if (ssl_ctx.objLoad(obj_type,
! 222: private_key_file, password) != axtlsj.SSL_OK)
! 223: {
! 224: throw new Exception("Error: Private key '" + private_key_file +
! 225: "' is undefined.");
! 226: }
! 227: }
! 228:
! 229: for (i = 0; i < cert_index; i++)
! 230: {
! 231: if (ssl_ctx.objLoad(axtlsj.SSL_OBJ_X509_CERT,
! 232: cert[i], null) != axtlsj.SSL_OK)
! 233: {
! 234: throw new Exception("Certificate '" + cert[i] +
! 235: "' is undefined.");
! 236: }
! 237: }
! 238:
! 239: for (i = 0; i < ca_cert_index; i++)
! 240: {
! 241: if (ssl_ctx.objLoad(axtlsj.SSL_OBJ_X509_CACERT,
! 242: ca_cert[i], null) != axtlsj.SSL_OK)
! 243: {
! 244: throw new Exception("Certificate '" + ca_cert[i] +
! 245: "' is undefined.");
! 246: }
! 247: }
! 248:
! 249: int res;
! 250: SSLReadHolder rh = new SSLReadHolder();
! 251:
! 252: for (;;)
! 253: {
! 254: if (!quiet)
! 255: {
! 256: System.out.println("ACCEPT");
! 257: }
! 258:
! 259: Socket client_sock = server_sock.accept();
! 260:
! 261: SSL ssl = ssl_ctx.connect(client_sock);
! 262:
! 263: while ((res = ssl_ctx.read(ssl, rh)) == axtlsj.SSL_OK)
! 264: {
! 265: /* check when the connection has been established */
! 266: if (ssl.handshakeStatus() == axtlsj.SSL_OK)
! 267: break;
! 268:
! 269: /* could do something else here */
! 270: }
! 271:
! 272: if (res == axtlsj.SSL_OK) /* connection established and ok */
! 273: {
! 274: if (!quiet)
! 275: {
! 276: display_session_id(ssl);
! 277: display_cipher(ssl);
! 278: }
! 279:
! 280: /* now read (and display) whatever the client sends us */
! 281: for (;;)
! 282: {
! 283: /* keep reading until we get something interesting */
! 284: while ((res = ssl_ctx.read(ssl, rh)) == axtlsj.SSL_OK)
! 285: {
! 286: /* could do something else here */
! 287: }
! 288:
! 289: if (res < axtlsj.SSL_OK)
! 290: {
! 291: if (!quiet)
! 292: {
! 293: System.out.println("CONNECTION CLOSED");
! 294: }
! 295:
! 296: break;
! 297: }
! 298:
! 299: /* convert to String */
! 300: byte[] buf = rh.getData();
! 301: char[] str = new char[res];
! 302:
! 303: for (i = 0; i < res; i++)
! 304: {
! 305: str[i] = (char)buf[i];
! 306: }
! 307:
! 308: System.out.print(str);
! 309: }
! 310: }
! 311: else if (!quiet)
! 312: {
! 313: SSLUtil.displayError(res);
! 314: }
! 315:
! 316: /* client was disconnected or the handshake failed. */
! 317: ssl.dispose();
! 318: client_sock.close();
! 319: }
! 320:
! 321: /* ssl_ctx.dispose(); */
! 322: }
! 323:
! 324: /*
! 325: * do_client()
! 326: */
! 327: private void do_client(int build_mode, String[] args)
! 328: throws Exception
! 329: {
! 330: if (build_mode < axtlsj.SSL_BUILD_ENABLE_CLIENT)
! 331: print_client_options(build_mode, args[1]);
! 332:
! 333: int i = 1, res;
! 334: int port = 4433;
! 335: boolean quiet = false;
! 336: String password = null;
! 337: int reconnect = 0;
! 338: String private_key_file = null;
! 339: String hostname = "127.0.0.1";
! 340:
! 341: /* organise the cert/ca_cert lists */
! 342: int cert_index = 0;
! 343: int ca_cert_index = 0;
! 344: int cert_size = SSLUtil.maxCerts();
! 345: int ca_cert_size = SSLUtil.maxCACerts();
! 346: String[] cert = new String[cert_size];
! 347: String[] ca_cert = new String[ca_cert_size];
! 348:
! 349: int options = axtlsj.SSL_SERVER_VERIFY_LATER|axtlsj.SSL_DISPLAY_CERTS;
! 350: byte[] session_id = null;
! 351:
! 352: while (i < args.length)
! 353: {
! 354: if (args[i].equals("-connect"))
! 355: {
! 356: String host_port;
! 357:
! 358: if (i >= args.length-1)
! 359: {
! 360: print_client_options(build_mode, args[i]);
! 361: }
! 362:
! 363: host_port = args[++i];
! 364: int index_colon;
! 365:
! 366: if ((index_colon = host_port.indexOf(':')) < 0)
! 367: print_client_options(build_mode, args[i]);
! 368:
! 369: hostname = new String(host_port.toCharArray(),
! 370: 0, index_colon);
! 371: port = Integer.parseInt(new String(host_port.toCharArray(),
! 372: index_colon+1, host_port.length()-index_colon-1));
! 373: }
! 374: else if (args[i].equals("-cert"))
! 375: {
! 376: if (i >= args.length-1 || cert_index >= cert_size)
! 377: {
! 378: print_client_options(build_mode, args[i]);
! 379: }
! 380:
! 381: cert[cert_index++] = args[++i];
! 382: }
! 383: else if (args[i].equals("-CAfile"))
! 384: {
! 385: if (i >= args.length-1 || ca_cert_index >= ca_cert_size)
! 386: {
! 387: print_client_options(build_mode, args[i]);
! 388: }
! 389:
! 390: ca_cert[ca_cert_index++] = args[++i];
! 391: }
! 392: else if (args[i].equals("-key"))
! 393: {
! 394: if (i >= args.length-1)
! 395: {
! 396: print_client_options(build_mode, args[i]);
! 397: }
! 398:
! 399: private_key_file = args[++i];
! 400: options |= axtlsj.SSL_NO_DEFAULT_KEY;
! 401: }
! 402: else if (args[i].equals("-verify"))
! 403: {
! 404: options &= ~(int)axtlsj.SSL_SERVER_VERIFY_LATER;
! 405: }
! 406: else if (args[i].equals("-reconnect"))
! 407: {
! 408: reconnect = 4;
! 409: }
! 410: else if (args[i].equals("-quiet"))
! 411: {
! 412: quiet = true;
! 413: options &= ~(int)axtlsj.SSL_DISPLAY_CERTS;
! 414: }
! 415: else if (args[i].equals("-pass"))
! 416: {
! 417: if (i >= args.length-1)
! 418: {
! 419: print_server_options(build_mode, args[i]);
! 420: }
! 421:
! 422: password = args[++i];
! 423: }
! 424: else if (build_mode == axtlsj.SSL_BUILD_FULL_MODE)
! 425: {
! 426: if (args[i].equals("-debug"))
! 427: {
! 428: options |= axtlsj.SSL_DISPLAY_BYTES;
! 429: }
! 430: else if (args[i].equals("-state"))
! 431: {
! 432: options |= axtlsj.SSL_DISPLAY_STATES;
! 433: }
! 434: else if (args[i].equals("-show-rsa"))
! 435: {
! 436: options |= axtlsj.SSL_DISPLAY_RSA;
! 437: }
! 438: else
! 439: print_client_options(build_mode, args[i]);
! 440: }
! 441: else /* don't know what this is */
! 442: print_client_options(build_mode, args[i]);
! 443:
! 444: i++;
! 445: }
! 446:
! 447: Socket client_sock = new Socket(hostname, port);
! 448:
! 449: if (!client_sock.isConnected())
! 450: {
! 451: System.out.println("could not connect");
! 452: throw new Exception();
! 453: }
! 454:
! 455: if (!quiet)
! 456: {
! 457: System.out.println("CONNECTED");
! 458: }
! 459:
! 460: /**********************************************************************
! 461: * This is where the interesting stuff happens. Up until now we've
! 462: * just been setting up sockets etc. Now we do the SSL handshake.
! 463: **********************************************************************/
! 464: SSLClient ssl_ctx = new SSLClient(options,
! 465: axtlsj.SSL_DEFAULT_CLNT_SESS);
! 466:
! 467: if (ssl_ctx == null)
! 468: {
! 469: throw new Exception("Error: Client context is invalid");
! 470: }
! 471:
! 472: if (private_key_file != null)
! 473: {
! 474: int obj_type = axtlsj.SSL_OBJ_RSA_KEY;
! 475:
! 476: if (private_key_file.endsWith(".p8"))
! 477: obj_type = axtlsj.SSL_OBJ_PKCS8;
! 478: else if (private_key_file.endsWith(".p12"))
! 479: obj_type = axtlsj.SSL_OBJ_PKCS12;
! 480:
! 481: if (ssl_ctx.objLoad(obj_type,
! 482: private_key_file, password) != axtlsj.SSL_OK)
! 483: {
! 484: throw new Exception("Error: Private key '" + private_key_file +
! 485: "' is undefined.");
! 486: }
! 487: }
! 488:
! 489: for (i = 0; i < cert_index; i++)
! 490: {
! 491: if (ssl_ctx.objLoad(axtlsj.SSL_OBJ_X509_CERT,
! 492: cert[i], null) != axtlsj.SSL_OK)
! 493: {
! 494: throw new Exception("Certificate '" + cert[i] +
! 495: "' is undefined.");
! 496: }
! 497: }
! 498:
! 499: for (i = 0; i < ca_cert_index; i++)
! 500: {
! 501: if (ssl_ctx.objLoad(axtlsj.SSL_OBJ_X509_CACERT,
! 502: ca_cert[i], null) != axtlsj.SSL_OK)
! 503: {
! 504: throw new Exception("Certificate '" + ca_cert[i] +
! 505: "' is undefined.");
! 506: }
! 507: }
! 508:
! 509: SSL ssl = null;
! 510:
! 511: /* Try session resumption? */
! 512: if (reconnect > 0)
! 513: {
! 514: while (reconnect-- > 0)
! 515: {
! 516: ssl = ssl_ctx.connect(client_sock, session_id);
! 517:
! 518: if ((res = ssl.handshakeStatus()) != axtlsj.SSL_OK)
! 519: {
! 520: if (!quiet)
! 521: {
! 522: SSLUtil.displayError(res);
! 523: }
! 524:
! 525: ssl.dispose();
! 526: throw new Exception();
! 527: }
! 528:
! 529: display_session_id(ssl);
! 530: session_id = ssl.getSessionId();
! 531:
! 532: if (reconnect > 0)
! 533: {
! 534: ssl.dispose();
! 535: client_sock.close();
! 536:
! 537: /* and reconnect */
! 538: client_sock = new Socket(hostname, port);
! 539: }
! 540: }
! 541: }
! 542: else
! 543: {
! 544: ssl = ssl_ctx.connect(client_sock, null);
! 545: }
! 546:
! 547: /* check the return status */
! 548: if ((res = ssl.handshakeStatus()) != axtlsj.SSL_OK)
! 549: {
! 550: if (!quiet)
! 551: {
! 552: SSLUtil.displayError(res);
! 553: }
! 554:
! 555: throw new Exception();
! 556: }
! 557:
! 558: if (!quiet)
! 559: {
! 560: String common_name =
! 561: ssl.getCertificateDN(axtlsj.SSL_X509_CERT_COMMON_NAME);
! 562:
! 563: if (common_name != null)
! 564: {
! 565: System.out.println("Common Name:\t\t\t" + common_name);
! 566: }
! 567:
! 568: display_session_id(ssl);
! 569: display_cipher(ssl);
! 570: }
! 571:
! 572: BufferedReader in = new BufferedReader(
! 573: new InputStreamReader(System.in));
! 574:
! 575: for (;;)
! 576: {
! 577: String user_input = in.readLine();
! 578:
! 579: if (user_input == null)
! 580: break;
! 581:
! 582: byte[] buf = new byte[user_input.length()+2];
! 583: buf[buf.length-2] = (byte)'\n'; /* add the carriage return */
! 584: buf[buf.length-1] = 0; /* null terminate */
! 585:
! 586: for (i = 0; i < buf.length-2; i++)
! 587: {
! 588: buf[i] = (byte)user_input.charAt(i);
! 589: }
! 590:
! 591: if ((res = ssl_ctx.write(ssl, buf)) < axtlsj.SSL_OK)
! 592: {
! 593: if (!quiet)
! 594: {
! 595: SSLUtil.displayError(res);
! 596: }
! 597:
! 598: break;
! 599: }
! 600: }
! 601:
! 602: ssl_ctx.dispose();
! 603: }
! 604:
! 605: /**
! 606: * We've had some sort of command-line error. Print out the basic options.
! 607: */
! 608: private void print_options(String option)
! 609: {
! 610: System.out.println("axssl: Error: '" + option +
! 611: "' is an invalid command.");
! 612: System.out.println("usage: axtlsj.jar [s_server|s_client|version] " +
! 613: "[args ...]");
! 614: System.exit(1);
! 615: }
! 616:
! 617: /**
! 618: * We've had some sort of command-line error. Print out the server options.
! 619: */
! 620: private void print_server_options(int build_mode, String option)
! 621: {
! 622: int cert_size = SSLUtil.maxCerts();
! 623: int ca_cert_size = SSLUtil.maxCACerts();
! 624:
! 625: System.out.println("unknown option " + option);
! 626: System.out.println("usage: s_server [args ...]");
! 627: System.out.println(" -accept arg\t- port to accept on (default " +
! 628: "is 4433)");
! 629: System.out.println(" -quiet\t\t- No server output");
! 630:
! 631: if (build_mode >= axtlsj.SSL_BUILD_SERVER_ONLY)
! 632: {
! 633: System.out.println(" -cert arg\t- certificate file to add (in " +
! 634: "addition to default) to chain -");
! 635: System.out.println("\t\t Can repeat up to " + cert_size + " times");
! 636: System.out.println(" -key arg\t- Private key file to use");
! 637: System.out.println(" -pass\t\t- private key file pass phrase source");
! 638: }
! 639:
! 640: if (build_mode >= axtlsj.SSL_BUILD_ENABLE_VERIFICATION)
! 641: {
! 642: System.out.println(" -verify\t- turn on peer certificate " +
! 643: "verification");
! 644: System.out.println(" -CAfile arg\t- Certificate authority. ");
! 645: System.out.println("\t\t Can repeat up to " +
! 646: ca_cert_size + " times");
! 647: }
! 648:
! 649: if (build_mode == axtlsj.SSL_BUILD_FULL_MODE)
! 650: {
! 651: System.out.println(" -debug\t\t- Print more output");
! 652: System.out.println(" -state\t\t- Show state messages");
! 653: System.out.println(" -show-rsa\t- Show RSA state");
! 654: }
! 655:
! 656: System.exit(1);
! 657: }
! 658:
! 659: /**
! 660: * We've had some sort of command-line error. Print out the client options.
! 661: */
! 662: private void print_client_options(int build_mode, String option)
! 663: {
! 664: int cert_size = SSLUtil.maxCerts();
! 665: int ca_cert_size = SSLUtil.maxCACerts();
! 666:
! 667: System.out.println("unknown option " + option);
! 668:
! 669: if (build_mode >= axtlsj.SSL_BUILD_ENABLE_CLIENT)
! 670: {
! 671: System.out.println("usage: s_client [args ...]");
! 672: System.out.println(" -connect host:port - who to connect to " +
! 673: "(default is localhost:4433)");
! 674: System.out.println(" -verify\t- turn on peer certificate " +
! 675: "verification");
! 676: System.out.println(" -cert arg\t- certificate file to use");
! 677: System.out.println(" -key arg\t- Private key file to use");
! 678: System.out.println("\t\t Can repeat up to " + cert_size +
! 679: " times");
! 680: System.out.println(" -CAfile arg\t- Certificate authority.");
! 681: System.out.println("\t\t Can repeat up to " + ca_cert_size +
! 682: " times");
! 683: System.out.println(" -quiet\t\t- No client output");
! 684: System.out.println(" -pass\t\t- private key file pass " +
! 685: "phrase source");
! 686: System.out.println(" -reconnect\t- Drop and re-make the " +
! 687: "connection with the same Session-ID");
! 688:
! 689: if (build_mode == axtlsj.SSL_BUILD_FULL_MODE)
! 690: {
! 691: System.out.println(" -debug\t\t- Print more output");
! 692: System.out.println(" -state\t\t- Show state messages");
! 693: System.out.println(" -show-rsa\t- Show RSA state");
! 694: }
! 695: }
! 696: else
! 697: {
! 698: System.out.println("Change configuration to allow this feature");
! 699: }
! 700:
! 701: System.exit(1);
! 702: }
! 703:
! 704: /**
! 705: * Display what cipher we are using
! 706: */
! 707: private void display_cipher(SSL ssl)
! 708: {
! 709: System.out.print("CIPHER is ");
! 710:
! 711: byte ciph_id = ssl.getCipherId();
! 712:
! 713: if (ciph_id == axtlsj.SSL_AES128_SHA)
! 714: System.out.println("AES128-SHA");
! 715: else if (ciph_id == axtlsj.SSL_AES256_SHA)
! 716: System.out.println("AES256-SHA");
! 717: else if (ciph_id == axtlsj.SSL_RC4_128_SHA)
! 718: System.out.println("RC4-SHA");
! 719: else if (ciph_id == axtlsj.SSL_RC4_128_MD5)
! 720: System.out.println("RC4-MD5");
! 721: else
! 722: System.out.println("Unknown - " + ssl.getCipherId());
! 723: }
! 724:
! 725: public char toHexChar(int i)
! 726: {
! 727: if ((0 <= i) && (i <= 9 ))
! 728: return (char)('0' + i);
! 729: else
! 730: return (char)('a' + (i-10));
! 731: }
! 732:
! 733: public void bytesToHex(byte[] data)
! 734: {
! 735: StringBuffer buf = new StringBuffer();
! 736: for (int i = 0; i < data.length; i++ )
! 737: {
! 738: buf.append(toHexChar((data[i]>>>4)&0x0F));
! 739: buf.append(toHexChar(data[i]&0x0F));
! 740: }
! 741:
! 742: System.out.println(buf);
! 743: }
! 744:
! 745:
! 746: /**
! 747: * Display what session id we have.
! 748: */
! 749: private void display_session_id(SSL ssl)
! 750: {
! 751: byte[] session_id = ssl.getSessionId();
! 752:
! 753: if (session_id.length > 0)
! 754: {
! 755: System.out.println("-----BEGIN SSL SESSION PARAMETERS-----");
! 756: bytesToHex(session_id);
! 757: System.out.println("-----END SSL SESSION PARAMETERS-----");
! 758: }
! 759: }
! 760: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to axssl.java CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / axTLS / samples / java