open-source/apache-tomcat-8.5.51
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
xieyinlu
2024-11-30 19:03:49 +08:00
commit 1e6763c160
3806 changed files with 737676 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
java/org/apache/tomcat/util/net/openssl/LocalStrings.properties Normal file
View File

@@ -0,0 +1,61 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
engine.ciphersFailure=Failed getting cipher list
engine.emptyCipherSuite=Empty cipher suite
engine.engineClosed=Engine is closed
engine.failedCipherSuite=Failed to enable cipher suite [{0}]
engine.inboundClose=Inbound closed before receiving peer's close_notify
engine.invalidBufferArray=offset: [{0}], length: [{1}] (expected: offset <= offset + length <= srcs.length [{2}])
engine.noSSLContext=No SSL context
engine.noSession=SSL session ID not available
engine.nullBuffer=Null buffer
engine.nullBufferInArray=Null buffer in array
engine.nullCipherSuite=Null cipher suite
engine.nullName=Null value name
engine.nullValue=Null value
engine.openSSLError=OpenSSL error: [{0}] message: [{1}]
engine.oversizedPacket=Encrypted packet is oversized
engine.unsupportedCipher=Unsupported cipher suite: [{0}] [{1}]
engine.unsupportedProtocol=Protocol [{0}] is not supported
engine.unverifiedPeer=Peer unverified
engine.writeToSSLFailed=Failed writing to SSL, returned: [{0}]
openssl.X509FactoryError=Error getting X509 factory instance
openssl.addedClientCaCert=Added client CA cert: [{0}]
openssl.applyConf=Applying OpenSSLConfCmd to SSL context
openssl.certificateVerificationFailed=Certificate verification failed
openssl.checkConf=Checking OpenSSLConf
openssl.doubleInit=SSL context already initialized, ignoring
openssl.errApplyConf=Could not apply OpenSSLConf to SSL context
openssl.errCheckConf=Error during OpenSSLConf check
openssl.errMakeConf=Could not create OpenSSLConf context
openssl.errorSSLCtxInit=Error initializing SSL context
openssl.keyManagerMissing=No key manager found
openssl.makeConf=Creating OpenSSLConf context
openssl.nonJsseCertficate=The certificate [{0}] or its private key [{1}] could not be processed using a JSSE key manager and will be given directly to OpenSSL
openssl.nonJsseChain=The certificate chain [{0}] was not specified or was not valid and JSSE requires a valid certificate chain so attempting to use OpenSSL directly
openssl.trustManagerMissing=No trust manager found
opensslconf.applyCommand=OpenSSLConf applying command (name [{0}], value [{1}])
opensslconf.applyFailed=Failure while applying OpenSSLConf to SSL context
opensslconf.checkCommand=OpenSSLConf checking command (name [{0}], value [{1}])
opensslconf.checkFailed=Failure while checking OpenSSLConf
opensslconf.failedCommand=OpenSSLConf failed command (name [{0}], value [{1}]) with result [{2}] - will be ignored
opensslconf.finishFailed=OpenSSLConf finish failed with result [{0}]
opensslconf.noCommandName=OpenSSLConf no command name - will be ignored (command value [{0}])
opensslconf.resultCommand=OpenSSLConf command (name [{0}], value [{1}]) returned [{2}]
sessionContext.nullTicketKeys=Null keys

33
java/org/apache/tomcat/util/net/openssl/LocalStrings_de.properties Normal file
View File

@@ -0,0 +1,33 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
engine.ciphersFailure=Fehler beim abfragen der Cipher Liste
engine.emptyCipherSuite=leere Cipher-Suite
engine.inboundClose=Die eingehende Verbindung wurde vor einer close_notify Nachricht der Gegenstelle geschlossen
engine.noSession=SSL Session-ID nicht vorhanden
engine.openSSLError=OpenSSL Fehler: [{0}] Nachricht: [{1}]
engine.unsupportedProtocol=Protokoll [{0}] ist nicht unterstützt
openssl.addedClientCaCert=Client CA Zertifikat hinzugefügt: [{0}]
openssl.certificateVerificationFailed=Zertifikatsprüfung fehlgeschlagen
openssl.errApplyConf=Die OpenSSLConf konnte nicht auf den SSL Context angewandt werden
openssl.errCheckConf=Fehler beim Prüfen der OpenSSLConf
openssl.errMakeConf=Der OpenSSLConf Context konnte nicht erzeugt werden
openssl.errorSSLCtxInit=Fehler beim initialisieren des SSL Contexts
openssl.keyManagerMissing=Kein Key-Manager gefunden
openssl.trustManagerMissing=Kein Trust-Manager gefunden
opensslconf.applyFailed=Fehler bei der Anwendung der OpenSSLConf auf den SSL Context
opensslconf.checkFailed=Fehler beim Prüfen der OpenSSLConf

25
java/org/apache/tomcat/util/net/openssl/LocalStrings_es.properties Normal file
View File

@@ -0,0 +1,25 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
engine.emptyCipherSuite=Suite de cifrado vacía
engine.engineClosed=El notor esta cerrado
engine.noSession=El identificador de la sesión SSL no está disponible
engine.openSSLError=Error de OpenSSL: [{0}] mensage: [{1}]\n
engine.writeToSSLFailed=Fallo al escribir hacia SSL, resultado: [{0}]
openssl.addedClientCaCert=Ceritifcado CA de cliente adicionado: [{0}]
openssl.trustManagerMissing=No se encontró un manejador confiable
opensslconf.checkFailed=Fallo mientras se chequeaba OpenSSLConf\n

61
java/org/apache/tomcat/util/net/openssl/LocalStrings_fr.properties Normal file
View File

@@ -0,0 +1,61 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
engine.ciphersFailure=Echec en essayant d'obtenir la liste des chiffres
engine.emptyCipherSuite=La suite de chiffrement (cipher suite) est vide
engine.engineClosed=Le moteur a déjà été fermé
engine.failedCipherSuite=Impossible d''activer la suite de chiffres [{0}]
engine.inboundClose=L'entrée a été fermée avant d'avoir reçu le close_notify du pair
engine.invalidBufferArray=offset: [{0}], length: [{1}] (attendu: offset <= offset + length <= srcs.length [{2}])
engine.noSSLContext=Pas de contexte SSL
engine.noSession=Identificateur de session SSL non disponible
engine.nullBuffer=Tampon null
engine.nullBufferInArray=Tampon null dans le tableau
engine.nullCipherSuite=Suite de chiffres nulle
engine.nullName=La valeur du nom est null
engine.nullValue=La valeur est null
engine.openSSLError=Erreur OpenSSL : [{0}] message : [{1}]
engine.oversizedPacket=Le paquet crypté est trop gros
engine.unsupportedCipher=Suite de chiffres non supportée: [{0}] [{1}]
engine.unsupportedProtocol=Le protocole [{0}] n''est pas supporté
engine.unverifiedPeer=Le pair n'est pas vérifié
engine.writeToSSLFailed=Echec d''écriture vers SSL, code de retour: [{0}]
openssl.X509FactoryError=Impossible d'obtenir l'instance de la fabrique X509
openssl.addedClientCaCert=Ajout du certificat CA du client: [{0}]
openssl.applyConf=Application de OpenSSLConfCmd au contexte SSL
openssl.certificateVerificationFailed=La vérification du certificat a échoué
openssl.checkConf=Vérification de OpenSSLConf en cours
openssl.doubleInit=Le contexte SSL a déjà été initialisé, ignoré
openssl.errApplyConf=Impossible d'appliquer la OpenSSLConf au contexte SSL
openssl.errCheckConf=Erreur pendant la vérification de OpenSSLConf
openssl.errMakeConf=Impossible de créer le contexte de OpenSSLConf
openssl.errorSSLCtxInit=Erreur d'initialisation du contexte SSL
openssl.keyManagerMissing=Aucun gestionnaire de clés trouvé
openssl.makeConf=Création du contexte de OpenSSLConf
openssl.nonJsseCertficate=Le certificat [{0}] ou sa clé privée [{1}] n''a pas pu être traité en utilisant un gestionnaire de clé de JSSE, et sera directement passée à OpenSSL
openssl.nonJsseChain=La chaîne de certificat [{0}] n''a pas été spécifiée ou est invalide et JSSE requiert une chaîne de certificats valide, donc OpenSSL sera utilisé directement
openssl.trustManagerMissing=Gestionnaire de confiance non trouvé
opensslconf.applyCommand=Application de la commande OpenSSLConf (nom [{0}] valeur [{1}])
opensslconf.applyFailed=Erreur en appliquant OpenSSLConf au contexte SSL
opensslconf.checkCommand=Vérification de la commande OpenSSLConf (nom [{0}] valeur [{1}])
opensslconf.checkFailed=Echec de la vérification de OpenSSLConf
opensslconf.failedCommand=La commande OpenSSLConf (nom [{0}] valeur [{1}]) a échoué avec le résultat [{2}] qui sera ignoré
opensslconf.finishFailed=OpenSSLConf s''est terminé en échec avec le résultat [{0}]
opensslconf.noCommandName=Pas de nom de commande OpenSSLConf (valeur [{0}]), cela sera ignoré
opensslconf.resultCommand=La commande OpenSSLConf (nom [{0}] valeur [{1}]) a retourné [{2}]
sessionContext.nullTicketKeys=Clés nulles

59
java/org/apache/tomcat/util/net/openssl/LocalStrings_ja.properties Normal file
View File

@@ -0,0 +1,59 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
engine.ciphersFailure=暗号リストを取得できません。
engine.emptyCipherSuite=暗号スイートがありません。
engine.engineClosed=エンジンが閉じられています
engine.failedCipherSuite=暗号スイート[{0}]を有効にできませんでした。
engine.inboundClose=ピアのclose_notifyを受信する前のインバウンドクローズ
engine.invalidBufferArray=オフセット: [{0}], 長さ: [{1}] (期待値: offset <= offset + length <= srcs.length [{2}])
engine.noSSLContext=SSLコンテキストがありません
engine.noSession=SSLセッションIDが利用可能ではありません
engine.nullBuffer=Null バッファ
engine.nullBufferInArray=配列内のNull バッファ
engine.nullCipherSuite=Null 暗号スイート
engine.nullName=Null値名
engine.nullValue=Null値
engine.openSSLError=OpenSSLエラー[{0}] メッセージ:[{1}]
engine.oversizedPacket=暗号化パケットのサイズが超過しています。
engine.unsupportedCipher=サポートされていない暗号スイート:[{0}] [{1}]
engine.unsupportedProtocol=プロトコル [{0}] には対応していません。
engine.unverifiedPeer=未確認のピア
engine.writeToSSLFailed=SSLへの書き込みに失敗しました。返却値[{0}]
openssl.X509FactoryError=X509ファクトリインスタンスの取得エラー
openssl.addedClientCaCert=クライアント CA 証明書を登録しました: [{0}]
openssl.applyConf=OpenSSLConfCmdをSSLコンテキストに適用します。
openssl.certificateVerificationFailed=証明書確認に失敗しました
openssl.checkConf=OpenSSLConfの確認
openssl.doubleInit=SSLコンテキストが既に初期化されています。無視します。
openssl.errApplyConf=OpenSSLConfをSSLコンテキストに適用できませんでした。
openssl.errCheckConf=OpenSSLConfチェック中のエラー
openssl.errMakeConf=OpenSSLConfコンテキストを作成できませんでした。
openssl.errorSSLCtxInit=SSL コンテキストの初期化中にエラーが発生しました。
openssl.keyManagerMissing=キーマネージャーが見つかりません。
openssl.makeConf=OpenSSLConfコンテキストの作成
openssl.trustManagerMissing=トラストマネージャが見つかりません
opensslconf.applyCommand=OpenSSLConfはコマンド名前[{0}]、値[{1}])を適用しています。
opensslconf.applyFailed=OpenSSLConfをSSLコンテキストに適用する際の失敗
opensslconf.checkCommand=OpenSSLConfチェックコマンド名前[{0}]、値[{1}]
opensslconf.checkFailed=OpenSSLConf のチェックが失敗しました。
opensslconf.failedCommand=結果[{2}]でOpenSSLConfがコマンド名前[{0}]、値[{1}])に失敗しました。無視されます。
opensslconf.finishFailed=結果[{0}]でOpenSSLConfのfinish処理が失敗しました
opensslconf.noCommandName=OpenSSLConfコマンド名なし - 無視されます(コマンド値[{0}]
opensslconf.resultCommand=OpenSSLConfコマンド名前[{0}]、値[{1}])が[{2}]を返しました。
sessionContext.nullTicketKeys=Null キー

61
java/org/apache/tomcat/util/net/openssl/LocalStrings_ko.properties Normal file
View File

@@ -0,0 +1,61 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
engine.ciphersFailure=Cipher들의 목록을 얻지 못했습니다.
engine.emptyCipherSuite=CipherSuite 이름이 존재하지 않습니다.
engine.engineClosed=엔진이 닫혀 있습니다.
engine.failedCipherSuite=Cipher suite [{0}]을(를) 사용가능 상태로 설정하지 못했습니다.
engine.inboundClose=Peer의 close_notify를 받기 전에, Inbound가 닫혔습니다.
engine.invalidBufferArray=offset: [{0}], 길이: [{1}] (요구사항: offset <= offset + length <= srcs.length [{2}])
engine.noSSLContext=SSL 컨텍스트가 없음.
engine.noSession=SSL 세션 ID가 존재하지 않습니다.
engine.nullBuffer=널 버퍼
engine.nullBufferInArray=배열 내에 널 버퍼임
engine.nullCipherSuite=널 cipher suite
engine.nullName=name이 널입니다.
engine.nullValue=널 값
engine.openSSLError=OpenSSL 오류: [{0}], 메시지: [{1}]
engine.oversizedPacket=암호화된 패킷이 너무 큽니다.
engine.unsupportedCipher=지원되지 않는 cipher suite: [{0}] [{1}]
engine.unsupportedProtocol=프로토콜 [{0}]은(는) 지원되지 않습니다.
engine.unverifiedPeer=검증되지 않은 Peer
engine.writeToSSLFailed=SSL에 쓰기 실패, 반환 값: [{0}]
openssl.X509FactoryError=X509 팩토리 인스턴스를 얻는 중 오류 발생
openssl.addedClientCaCert=클라이언트 CA 인증서를 추가했습니다: [{0}]
openssl.applyConf=OpenSSLConfCmd를 SSL 컨텍스트에 적용합니다.
openssl.certificateVerificationFailed=인증서 검증에 실패했습니다.
openssl.checkConf=OpenSSLConf를 점검합니다.
openssl.doubleInit=SSL 컨텍스트가 이미 초기화되어 있으므로, 초기화 호출을 무시합니다.
openssl.errApplyConf=SSL 컨텍스트에 OpenSSLConf를 적용할 수 없었습니다.
openssl.errCheckConf=OpenSSLConf 점검 중 오류 발생
openssl.errMakeConf=OpenSSLConf 컨텍스트를 생성할 수 없었습니다.
openssl.errorSSLCtxInit=SSL 컨텍스트를 초기화 하는 중 오류 발생
openssl.keyManagerMissing=키 매니저를 찾을 수 없습니다.
openssl.makeConf=OpenSSLConf 컨텍스트를 생성합니다.
openssl.nonJsseCertficate=인증서 [{0}] 또는 그것의 개인 키 [{1}]이(가) JSSE 키 매니저를 사용하여 처리되지 못하였으므로, OpenSSL에 직접 전달할 것입니다.
openssl.nonJsseChain=해당 인증서 체인 [{0}]이(가) 지정되지 않았거나 유효하지 않으며, JSSE는 유효한 인증서 체인을 요구하므로, OpenSSL을 직접 사용하려 시도합니다.
openssl.trustManagerMissing=Trust 매니저를 찾을 수 없습니다.
opensslconf.applyCommand=OpenSSLConf이 명령을 적용합니다 (이름 [{0}], 값 [{1}]).
opensslconf.applyFailed=OpenSSLConf를 SSL 컨텍스트에 적용하는 중 실패
opensslconf.checkCommand=OpenSSLConf 점검 명령 (이름 [{0}], 값 [{1}])
opensslconf.checkFailed=OpenSSLConf 점검 실패
opensslconf.failedCommand=OpenSSLConf가 명령(이름: [{0}], 값: [{1}])을 처리하지 못했습니다 (결과: [{2}]). 이는 무시될 것입니다.
opensslconf.finishFailed=OpenSSLConf의 완료가 실패했습니다 (결과 값: [{0}]).
opensslconf.noCommandName=OpenSSLConf: 명령 이름이 없습니다 - 무시될 것입니다. (명령 값 [{0}])
opensslconf.resultCommand=OpenSSLConf 명령(이름: [{0}], 값: [{1}])이 [{2}]을(를) 반환했습니다.
sessionContext.nullTicketKeys=널 키들

16
java/org/apache/tomcat/util/net/openssl/LocalStrings_ru.properties Normal file
View File

@@ -0,0 +1,16 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
engine.noSession=Идентификатор SSL сессии недоступен

35
java/org/apache/tomcat/util/net/openssl/LocalStrings_zh_CN.properties Normal file
View File

@@ -0,0 +1,35 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
engine.ciphersFailure=获取密码列表失败
engine.emptyCipherSuite=空密码套件
engine.engineClosed=引擎已经关闭
engine.noSession=SSL会话ID不可用
engine.nullCipherSuite=无加密套件
engine.openSSLError=OpenSSL 错误:[{0}] 信息: [{1}]
engine.unsupportedProtocol=不支持协议 [{0}]
engine.writeToSSLFailed=写入SSL失败返回[{0}]
openssl.X509FactoryError=获取X509工厂实例时出错
openssl.addedClientCaCert=添加了客户端 CA 证书:[{0}]
openssl.errApplyConf=无法将OpenSSLConf 应用于SSL 上下文
openssl.errMakeConf=无法创建OpenSSLConf上下文
openssl.keyManagerMissing=key管理器未找到
openssl.trustManagerMissing=没有找到.信任管理者
opensslconf.checkFailed=检查OpenSSLConf时失败。
opensslconf.finishFailed=OpenSSLConf 配置失败结果为 [{0}]
sessionContext.nullTicketKeys=Null keys

128
java/org/apache/tomcat/util/net/openssl/OpenSSLConf.java Normal file
View File

@@ -0,0 +1,128 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.jni.SSLConf;
import org.apache.tomcat.util.res.StringManager;
public class OpenSSLConf implements Serializable {
private static final long serialVersionUID = 1L;
private static final Log log = LogFactory.getLog(OpenSSLConf.class);
private static final StringManager sm = StringManager.getManager(OpenSSLConf.class);
private final List<OpenSSLConfCmd> commands = new ArrayList<>();
public void addCmd(OpenSSLConfCmd cmd) {
commands.add(cmd);
}
public List<OpenSSLConfCmd> getCommands() {
return commands;
}
public boolean check(long cctx) throws Exception {
boolean result = true;
OpenSSLConfCmd cmd;
String name;
String value;
int rc;
for (int i = 0; i < commands.size(); i++) {
cmd = commands.get(i);
name = cmd.getName();
value = cmd.getValue();
if (name == null) {
log.error(sm.getString("opensslconf.noCommandName", value));
result = false;
continue;
}
if (log.isDebugEnabled()) {
log.debug(sm.getString("opensslconf.checkCommand", name, value));
}
try {
rc = SSLConf.check(cctx, name, value);
} catch (Exception e) {
log.error(sm.getString("opensslconf.checkFailed"));
return false;
}
if (rc <= 0) {
log.error(sm.getString("opensslconf.failedCommand", name, value,
Integer.toString(rc)));
result = false;
} else if (log.isDebugEnabled()) {
log.debug(sm.getString("opensslconf.resultCommand", name, value,
Integer.toString(rc)));
}
}
if (!result) {
log.error(sm.getString("opensslconf.checkFailed"));
}
return result;
}
public boolean apply(long cctx, long ctx) throws Exception {
boolean result = true;
SSLConf.assign(cctx, ctx);
OpenSSLConfCmd cmd;
String name;
String value;
int rc;
for (int i = 0; i < commands.size(); i++) {
cmd = commands.get(i);
name = cmd.getName();
value = cmd.getValue();
if (name == null) {
log.error(sm.getString("opensslconf.noCommandName", value));
result = false;
continue;
}
if (log.isDebugEnabled()) {
log.debug(sm.getString("opensslconf.applyCommand", name, value));
}
try {
rc = SSLConf.apply(cctx, name, value);
} catch (Exception e) {
log.error(sm.getString("opensslconf.applyFailed"));
return false;
}
if (rc <= 0) {
log.error(sm.getString("opensslconf.failedCommand", name, value,
Integer.toString(rc)));
result = false;
} else if (log.isDebugEnabled()) {
log.debug(sm.getString("opensslconf.resultCommand", name, value,
Integer.toString(rc)));
}
}
rc = SSLConf.finish(cctx);
if (rc <= 0) {
log.error(sm.getString("opensslconf.finishFailed", Integer.toString(rc)));
result = false;
}
if (!result) {
log.error(sm.getString("opensslconf.applyFailed"));
}
return result;
}
}

43
java/org/apache/tomcat/util/net/openssl/OpenSSLConfCmd.java Normal file
View File

@@ -0,0 +1,43 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl;
import java.io.Serializable;
public class OpenSSLConfCmd implements Serializable {
private static final long serialVersionUID = 1L;
private String name = null;
private String value = null;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getValue() {
return value;
}
public void setValue(String value) {
this.value = value;
}
}

563
java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java Normal file
View File

File diff suppressed because it is too large Load Diff

1433
java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java Normal file
View File

File diff suppressed because it is too large Load Diff

44
java/org/apache/tomcat/util/net/openssl/OpenSSLImplementation.java Normal file
View File

@@ -0,0 +1,44 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl;
import javax.net.ssl.SSLSession;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
import org.apache.tomcat.util.net.SSLImplementation;
import org.apache.tomcat.util.net.SSLSupport;
import org.apache.tomcat.util.net.SSLUtil;
import org.apache.tomcat.util.net.jsse.JSSESupport;
public class OpenSSLImplementation extends SSLImplementation {
@Override
public SSLSupport getSSLSupport(SSLSession session) {
return new JSSESupport(session);
}
@Override
public SSLUtil getSSLUtil(SSLHostConfigCertificate certificate) {
return new OpenSSLUtil(certificate);
}
@Override
public boolean isAlpnSupported() {
// OpenSSL supported ALPN
return true;
}
}

148
java/org/apache/tomcat/util/net/openssl/OpenSSLSessionContext.java Normal file
View File

@@ -0,0 +1,148 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl;
import java.util.Enumeration;
import java.util.NoSuchElementException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionContext;
import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.jni.SSLContext;
import org.apache.tomcat.util.res.StringManager;
/**
* OpenSSL specific {@link SSLSessionContext} implementation.
*/
public class OpenSSLSessionContext implements SSLSessionContext {
private static final StringManager sm = StringManager.getManager(OpenSSLSessionContext.class);
private static final Enumeration<byte[]> EMPTY = new EmptyEnumeration();
private final OpenSSLSessionStats stats;
// This is deliberately unused. The reference is retained so that a
// reference chain is established and maintained to the OpenSSLContext while
// there is a connection that is using the OpenSSLContext. Therefore, the
// OpenSSLContext can not be eligible for GC while it is in use.
@SuppressWarnings("unused")
private final OpenSSLContext context;
private final long contextID;
OpenSSLSessionContext(OpenSSLContext context) {
this.context = context;
this.contextID = context.getSSLContextID();
stats = new OpenSSLSessionStats(contextID);
}
@Override
public SSLSession getSession(byte[] bytes) {
return null;
}
@Override
public Enumeration<byte[]> getIds() {
return EMPTY;
}
/**
* Sets the SSL session ticket keys of this context.
*
* @param keys The session ticket keys
*/
public void setTicketKeys(byte[] keys) {
if (keys == null) {
throw new IllegalArgumentException(sm.getString("sessionContext.nullTicketKeys"));
}
SSLContext.setSessionTicketKeys(contextID, keys);
}
/**
* Enable or disable caching of SSL sessions.
*
* @param enabled {@code true} to enable caching, {@code false} to disable
*/
public void setSessionCacheEnabled(boolean enabled) {
long mode = enabled ? SSL.SSL_SESS_CACHE_SERVER : SSL.SSL_SESS_CACHE_OFF;
SSLContext.setSessionCacheMode(contextID, mode);
}
/**
* @return {@code true} if caching of SSL sessions is enabled, {@code false}
* otherwise.
*/
public boolean isSessionCacheEnabled() {
return SSLContext.getSessionCacheMode(contextID) == SSL.SSL_SESS_CACHE_SERVER;
}
/**
* @return The statistics for this context.
*/
public OpenSSLSessionStats stats() {
return stats;
}
@Override
public void setSessionTimeout(int seconds) {
if (seconds < 0) {
throw new IllegalArgumentException();
}
SSLContext.setSessionCacheTimeout(contextID, seconds);
}
@Override
public int getSessionTimeout() {
return (int) SSLContext.getSessionCacheTimeout(contextID);
}
@Override
public void setSessionCacheSize(int size) {
if (size < 0) {
throw new IllegalArgumentException();
}
SSLContext.setSessionCacheSize(contextID, size);
}
@Override
public int getSessionCacheSize() {
return (int) SSLContext.getSessionCacheSize(contextID);
}
/**
* Set the context within which session be reused (server side only)
* See <a href="http://www.openssl.org/docs/ssl/SSL_CTX_set_session_id_context.html">
* man SSL_CTX_set_session_id_context</a>
*
* @param sidCtx can be any kind of binary data, it is therefore possible to use e.g. the name
* of the application and/or the hostname and/or service name
* @return {@code true} if success, {@code false} otherwise.
*/
public boolean setSessionIdContext(byte[] sidCtx) {
return SSLContext.setSessionIdContext(contextID, sidCtx);
}
private static final class EmptyEnumeration implements Enumeration<byte[]> {
@Override
public boolean hasMoreElements() {
return false;
}
@Override
public byte[] nextElement() {
throw new NoSuchElementException();
}
}
}

126
java/org/apache/tomcat/util/net/openssl/OpenSSLSessionStats.java Normal file
View File

@@ -0,0 +1,126 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl;
import org.apache.tomcat.jni.SSLContext;
/**
* Stats exposed by an OpenSSL session context.
*
* @see <a href="https://www.openssl.org/docs/ssl/SSL_CTX_sess_number.html"><code>SSL_CTX_sess_number</code></a>
*/
public final class OpenSSLSessionStats {
private final long context;
OpenSSLSessionStats(long context) {
this.context = context;
}
/**
* @return The current number of sessions in the internal session cache.
*/
public long number() {
return SSLContext.sessionNumber(context);
}
/**
* @return The number of started SSL/TLS handshakes in client mode.
*/
public long connect() {
return SSLContext.sessionConnect(context);
}
/**
* @return The number of successfully established SSL/TLS sessions in client mode.
*/
public long connectGood() {
return SSLContext.sessionConnectGood(context);
}
/**
* @return The number of start renegotiations in client mode.
*/
public long connectRenegotiate() {
return SSLContext.sessionConnectRenegotiate(context);
}
/**
* @return The number of started SSL/TLS handshakes in server mode.
*/
public long accept() {
return SSLContext.sessionAccept(context);
}
/**
* @return The number of successfully established SSL/TLS sessions in server mode.
*/
public long acceptGood() {
return SSLContext.sessionAcceptGood(context);
}
/**
* @return The number of start renegotiations in server mode.
*/
public long acceptRenegotiate() {
return SSLContext.sessionAcceptRenegotiate(context);
}
/**
* @return The number of successfully reused sessions. In client mode, a
* session set with {@code SSL_set_session} successfully reused is
* counted as a hit. In server mode, a session successfully
* retrieved from internal or external cache is counted as a hit.
*/
public long hits() {
return SSLContext.sessionHits(context);
}
/**
* @return The number of successfully retrieved sessions from the external
* session cache in server mode.
*/
public long cbHits() {
return SSLContext.sessionCbHits(context);
}
/**
* @return The number of sessions proposed by clients that were not found in
* the internal session cache in server mode.
*/
public long misses() {
return SSLContext.sessionMisses(context);
}
/**
* @return The number of sessions proposed by clients and either found in
* the internal or external session cache in server mode, but that
* were invalid due to timeout. These sessions are not included in
* the {@link #hits()} count.
*/
public long timeouts() {
return SSLContext.sessionTimeouts(context);
}
/**
* @return The number of sessions that were removed because the maximum
* session cache size was exceeded.
*/
public long cacheFull() {
return SSLContext.sessionCacheFull(context);
}
}

128
java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Normal file
View File

@@ -0,0 +1,128 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl;
import java.io.IOException;
import java.security.KeyStoreException;
import java.util.List;
import java.util.Set;
import javax.net.ssl.KeyManager;
import javax.net.ssl.X509KeyManager;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.net.SSLContext;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
import org.apache.tomcat.util.net.SSLUtilBase;
import org.apache.tomcat.util.net.jsse.JSSEKeyManager;
import org.apache.tomcat.util.res.StringManager;
public class OpenSSLUtil extends SSLUtilBase {
private static final Log log = LogFactory.getLog(OpenSSLUtil.class);
private static final StringManager sm = StringManager.getManager(OpenSSLContext.class);
public OpenSSLUtil(SSLHostConfigCertificate certificate) {
super(certificate);
}
@Override
protected Log getLog() {
return log;
}
@Override
protected Set<String> getImplementedProtocols() {
return OpenSSLEngine.IMPLEMENTED_PROTOCOLS_SET;
}
@Override
protected Set<String> getImplementedCiphers() {
return OpenSSLEngine.AVAILABLE_CIPHER_SUITES;
}
@Override
protected boolean isTls13RenegAuthAvailable() {
// OpenSSL does support authentication after the initial handshake
return true;
}
@Override
public SSLContext createSSLContextInternal(List<String> negotiableProtocols) throws Exception {
return new OpenSSLContext(certificate, negotiableProtocols);
}
public static X509KeyManager chooseKeyManager(KeyManager[] managers) throws Exception {
if (managers == null) {
return null;
}
for (KeyManager manager : managers) {
if (manager instanceof JSSEKeyManager) {
return (JSSEKeyManager) manager;
}
}
for (KeyManager manager : managers) {
if (manager instanceof X509KeyManager) {
return (X509KeyManager) manager;
}
}
throw new IllegalStateException(sm.getString("openssl.keyManagerMissing"));
}
@Override
public KeyManager[] getKeyManagers() throws Exception {
try {
return super.getKeyManagers();
} catch (IllegalArgumentException e) {
// No (or invalid?) certificate chain was provided for the cert
String msg = sm.getString("openssl.nonJsseChain", certificate.getCertificateChainFile());
if (log.isDebugEnabled()) {
log.info(msg, e);
} else {
log.info(msg);
}
return null;
} catch (KeyStoreException | IOException e) {
// Depending on what is presented, JSSE may also throw
// KeyStoreException or IOException if it doesn't understand the
// provided file.
if (certificate.getCertificateFile() != null) {
String msg = sm.getString("openssl.nonJsseCertficate",
certificate.getCertificateFile(), certificate.getCertificateKeyFile());
if (log.isDebugEnabled()) {
log.info(msg, e);
} else {
log.info(msg);
}
// Assume JSSE processing of the certificate failed, try again with OpenSSL
// without a key manager
return null;
}
throw e;
}
}
}

190
java/org/apache/tomcat/util/net/openssl/OpenSSLX509Certificate.java Normal file
View File

@@ -0,0 +1,190 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Set;
final class OpenSSLX509Certificate extends X509Certificate {
private final byte[] bytes;
private X509Certificate wrapped;
public OpenSSLX509Certificate(byte[] bytes) {
this.bytes = bytes;
}
@Override
public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
unwrap().checkValidity();
}
@Override
public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
unwrap().checkValidity(date);
}
@Override
public int getVersion() {
return unwrap().getVersion();
}
@Override
public BigInteger getSerialNumber() {
return unwrap().getSerialNumber();
}
@Override
public Principal getIssuerDN() {
return unwrap().getIssuerDN();
}
@Override
public Principal getSubjectDN() {
return unwrap().getSubjectDN();
}
@Override
public Date getNotBefore() {
return unwrap().getNotBefore();
}
@Override
public Date getNotAfter() {
return unwrap().getNotAfter();
}
@Override
public byte[] getTBSCertificate() throws CertificateEncodingException {
return unwrap().getTBSCertificate();
}
@Override
public byte[] getSignature() {
return unwrap().getSignature();
}
@Override
public String getSigAlgName() {
return unwrap().getSigAlgName();
}
@Override
public String getSigAlgOID() {
return unwrap().getSigAlgOID();
}
@Override
public byte[] getSigAlgParams() {
return unwrap().getSigAlgParams();
}
@Override
public boolean[] getIssuerUniqueID() {
return unwrap().getIssuerUniqueID();
}
@Override
public boolean[] getSubjectUniqueID() {
return unwrap().getSubjectUniqueID();
}
@Override
public boolean[] getKeyUsage() {
return unwrap().getKeyUsage();
}
@Override
public int getBasicConstraints() {
return unwrap().getBasicConstraints();
}
@Override
public byte[] getEncoded() {
return bytes.clone();
}
@Override
public void verify(PublicKey key)
throws CertificateException, NoSuchAlgorithmException,
InvalidKeyException, NoSuchProviderException, SignatureException {
unwrap().verify(key);
}
@Override
public void verify(PublicKey key, String sigProvider)
throws CertificateException, NoSuchAlgorithmException, InvalidKeyException,
NoSuchProviderException, SignatureException {
unwrap().verify(key, sigProvider);
}
@Override
public String toString() {
return unwrap().toString();
}
@Override
public PublicKey getPublicKey() {
return unwrap().getPublicKey();
}
@Override
public boolean hasUnsupportedCriticalExtension() {
return unwrap().hasUnsupportedCriticalExtension();
}
@Override
public Set<String> getCriticalExtensionOIDs() {
return unwrap().getCriticalExtensionOIDs();
}
@Override
public Set<String> getNonCriticalExtensionOIDs() {
return unwrap().getNonCriticalExtensionOIDs();
}
@Override
public byte[] getExtensionValue(String oid) {
return unwrap().getExtensionValue(oid);
}
private X509Certificate unwrap() {
X509Certificate wrapped = this.wrapped;
if (wrapped == null) {
try {
wrapped = this.wrapped = (X509Certificate) OpenSSLContext.X509_CERT_FACTORY.generateCertificate(
new ByteArrayInputStream(bytes));
} catch (CertificateException e) {
throw new IllegalStateException(e);
}
}
return wrapped;
}
}

34
java/org/apache/tomcat/util/net/openssl/ciphers/Authentication.java Normal file
View File

@@ -0,0 +1,34 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl.ciphers;
public enum Authentication {
RSA /* RSA auth */,
DSS /* DSS auth */,
aNULL /* no auth (i.e. use ADH or AECDH) */,
DH /* Fixed DH auth (kDHd or kDHr) */,
ECDH /* Fixed ECDH auth (kECDHe or kECDHr) */,
KRB5 /* KRB5 auth */,
ECDSA /* ECDSA auth*/,
PSK /* PSK auth */,
GOST94 /* GOST R 34.10-94 signature auth */,
GOST01 /* GOST R 34.10-2001 */,
FZA /* Fortezza */,
SRP,
ANY /* TLS 1.3 */
}

5119
java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java Normal file
View File

File diff suppressed because it is too large Load Diff

43
java/org/apache/tomcat/util/net/openssl/ciphers/Encryption.java Normal file
View File

@@ -0,0 +1,43 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl.ciphers;
enum Encryption {
AES128,
AES128CCM,
AES128CCM8,
AES128GCM,
AES256,
AES256CCM,
AES256CCM8,
AES256GCM,
ARIA128GCM,
ARIA256GCM,
CAMELLIA256,
CAMELLIA128,
CHACHA20POLY1305,
TRIPLE_DES,
DES,
IDEA,
eGOST2814789CNT,
SEED,
FZA,
RC4,
RC2,
eNULL
}

28
java/org/apache/tomcat/util/net/openssl/ciphers/EncryptionLevel.java Normal file
View File

@@ -0,0 +1,28 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl.ciphers;
enum EncryptionLevel {
STRONG_NONE,
EXP40,
EXP56,
LOW,
MEDIUM,
HIGH,
FIPS
}

37
java/org/apache/tomcat/util/net/openssl/ciphers/KeyExchange.java Normal file
View File

@@ -0,0 +1,37 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl.ciphers;
enum KeyExchange {
EECDH /* SSL_kEECDH - ephemeral ECDH */,
RSA /* SSL_kRSA - RSA key exchange */,
DHr /* SSL_kDHr - DH cert, RSA CA cert */ /* no such ciphersuites supported! */,
DHd /* SSL_kDHd - DH cert, DSA CA cert */ /* no such ciphersuite supported! */,
EDH /* SSL_kDHE - tmp DH key no DH cert */,
PSK /* SSK_kPSK - PSK */,
FZA /* SSL_kFZA - Fortezza */ /* no such ciphersuite supported! */,
KRB5 /* SSL_kKRB5 - Kerberos 5 key exchange */,
ECDHr /* SSL_kECDHr - ECDH cert, RSA CA cert */,
ECDHe /* SSL_kECDHe - ECDH cert, ECDSA CA cert */,
GOST /* SSL_kGOST - GOST key exchange */,
SRP /* SSL_kSRP - SRP */,
RSAPSK,
ECDHEPSK,
DHEPSK,
ANY /* TLS 1.3 */
}

16
java/org/apache/tomcat/util/net/openssl/ciphers/LocalStrings.properties Normal file
View File

@@ -0,0 +1,16 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
converter.mapping=Cipher suite mapping: [{0}] => [{1}]

16
java/org/apache/tomcat/util/net/openssl/ciphers/LocalStrings_fr.properties Normal file
View File

@@ -0,0 +1,16 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
converter.mapping=Association de la suite de chiffres: [{0}] => [{1}]

16
java/org/apache/tomcat/util/net/openssl/ciphers/LocalStrings_ja.properties Normal file
View File

@@ -0,0 +1,16 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
converter.mapping=暗号スイートの対応付け: [{0}] => [{1}]

16
java/org/apache/tomcat/util/net/openssl/ciphers/LocalStrings_ko.properties Normal file
View File

@@ -0,0 +1,16 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
converter.mapping=Cipher suite 매핑: [{0}] => [{1}]

28
java/org/apache/tomcat/util/net/openssl/ciphers/MessageDigest.java Normal file
View File

@@ -0,0 +1,28 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl.ciphers;
enum MessageDigest {
MD5,
SHA1,
GOST94,
GOST89MAC,
SHA256,
SHA384,
AEAD
}

915
java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java Normal file
View File

File diff suppressed because it is too large Load Diff

44
java/org/apache/tomcat/util/net/openssl/ciphers/Protocol.java Normal file
View File

@@ -0,0 +1,44 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.openssl.ciphers;
import org.apache.tomcat.util.net.Constants;
enum Protocol {
SSLv3(Constants.SSL_PROTO_SSLv3),
SSLv2(Constants.SSL_PROTO_SSLv2),
TLSv1(Constants.SSL_PROTO_TLSv1),
TLSv1_2(Constants.SSL_PROTO_TLSv1_2),
TLSv1_3(Constants.SSL_PROTO_TLSv1_3);
private final String openSSLName;
private Protocol(String openSSLName) {
this.openSSLName = openSSLName;
}
/**
* The name returned by OpenSSL in the protocol column when using
* <code>openssl ciphers -v</code>. This is currently only used by the unit
* tests hence it is package private.
*/
String getOpenSSLName() {
return openSSLName;
}
}