1 /* 2 * Copyright 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.org.conscrypt; 18 19 import java.security.cert.CertificateEncodingException; 20 import java.security.cert.CertificateException; 21 import javax.net.ssl.SSLException; 22 23 @SuppressWarnings("unused") 24 final class NativeCrypto { 25 public interface SSLHandshakeCallbacks { 26 /** 27 * Verify that we trust the certificate chain is trusted. 28 * 29 * @param asn1DerEncodedCertificateChain A chain of ASN.1 DER encoded certificates 30 * @param authMethod auth algorithm name 31 * 32 * @throws CertificateException if the certificate is untrusted 33 */ 34 void verifyCertificateChain(byte[][] asn1DerEncodedCertificateChain, 35 String authMethod) throws CertificateException; 36 /** 37 * Called on an SSL client when the server requests (or 38 * requires a certificate). The client can respond by using 39 * SSL_use_certificate and SSL_use_PrivateKey to set a 40 * certificate if has an appropriate one available, similar to 41 * how the server provides its certificate. 42 * 43 * @param keyTypes key types supported by the server, 44 * convertible to strings with #keyType 45 * @param asn1DerEncodedX500Principals CAs known to the server 46 */ 47 void clientCertificateRequested( 48 byte[] keyTypes, byte[][] asn1DerEncodedX500Principals) 49 throws CertificateEncodingException, SSLException; 50 /** 51 * Called when SSL handshake is completed. Note that this can 52 * be after SSL_do_handshake returns when handshake cutthrough 53 * is enabled. 54 */ 55 void handshakeCompleted(); 56 } 57 } 58