Interface CertificateCallback
public interface CertificateCallback
Is called during handshake and hooked into openssl via
SSL_CTX_set_cert_cb.
IMPORTANT: Implementations of this interface should be static as it is stored as a global reference via JNI. This
means if you use an inner / anonymous class to implement this and also depend on the finalizer of the
class to free up the SSLContext the finalizer will never run as the object is never GC, due the hard
reference to the enclosing class. This will most likely result in a memory leak.-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final bytestatic final bytestatic final bytestatic final bytestatic final bytestatic final bytestatic final byteThe types contained in thekeyTypeBytesarray. -
Method Summary
Modifier and TypeMethodDescriptionvoidhandle(long ssl, byte[] keyTypeBytes, byte[][] asn1DerEncodedPrincipals) Called during cert selection.
-
Field Details
-
TLS_CT_RSA_SIGN
static final byte TLS_CT_RSA_SIGNThe types contained in thekeyTypeBytesarray.- See Also:
-
TLS_CT_DSS_SIGN
static final byte TLS_CT_DSS_SIGN- See Also:
-
TLS_CT_RSA_FIXED_DH
static final byte TLS_CT_RSA_FIXED_DH- See Also:
-
TLS_CT_DSS_FIXED_DH
static final byte TLS_CT_DSS_FIXED_DH- See Also:
-
TLS_CT_ECDSA_SIGN
static final byte TLS_CT_ECDSA_SIGN- See Also:
-
TLS_CT_RSA_FIXED_ECDH
static final byte TLS_CT_RSA_FIXED_ECDH- See Also:
-
TLS_CT_ECDSA_FIXED_ECDH
static final byte TLS_CT_ECDSA_FIXED_ECDH- See Also:
-
-
Method Details
-
handle
Called during cert selection. If a certificate chain / key should be usedSSL.setKeyMaterial(long, long, long)must be called from this callback after all preparations / validations were completed.- Parameters:
ssl- the SSL instancekeyTypeBytes- an array of the key types on client-mode ornullon server-mode.asn1DerEncodedPrincipals- the principals ornull.- Throws:
Exception
-