Example 31 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project jdk8u_jdk by JetBrains.
the class IllegalRecordVersion method main.
public static void main(String[] args) throws Exception {
SSLContext context = SSLContext.getDefault();
SSLEngine cliEngine = context.createSSLEngine();
cliEngine.setUseClientMode(true);
SSLEngine srvEngine = context.createSSLEngine();
srvEngine.setUseClientMode(false);
SSLSession session = cliEngine.getSession();
int netBufferMax = session.getPacketBufferSize();
int appBufferMax = session.getApplicationBufferSize();
ByteBuffer cliToSrv = ByteBuffer.allocateDirect(netBufferMax);
ByteBuffer srvIBuff = ByteBuffer.allocateDirect(appBufferMax + 50);
ByteBuffer cliOBuff = ByteBuffer.wrap("I'm client".getBytes());
System.out.println("client hello (record version(0xa9, 0xa2))");
SSLEngineResult cliRes = cliEngine.wrap(cliOBuff, cliToSrv);
System.out.println("Client wrap result: " + cliRes);
cliToSrv.flip();
if (cliToSrv.limit() > 5) {
cliToSrv.put(1, (byte) 0xa9);
cliToSrv.put(2, (byte) 0xa2);
}
try {
srvEngine.unwrap(cliToSrv, srvIBuff);
throw new Exception("Cannot catch the unsupported record version issue");
} catch (SSLException e) {
// get the expected exception
}
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Example 32 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project jdk8u_jdk by JetBrains.
the class HelloExtensionsTest method runTest.
private static void runTest(SSLEngine ssle) throws Exception {
/*
A client hello message captured via wireshark by selecting
a TLSv1.2 Client Hello record and clicking through to the
TLSv1.2 Record Layer line and then selecting the hex stream
via "copy -> bytes -> hex stream".
For Record purposes, here's the ClientHello :
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1469560450 bytes = { 108, 140, 12, 202,
2, 213, 10, 236, 143, 223, 58, 162, 228, 155, 239, 3, 98,
232, 89, 41, 116, 120, 13, 37, 105, 153, 97, 241 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1,
sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1,
sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1,
sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1,
secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms:
SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA,
SHA256withECDSA, SHA256withRSA, Unknown (hash:0x3, signature:0x3),
Unknown (hash:0x3, signature:0x1), SHA1withECDSA,
SHA1withRSA, SHA1withDSA
Extension server_name, server_name:
[host_name: bugs.openjdk.java.net]
*/
String hello = "16030300df010000db03035898b7826c8c0cc" + "a02d50aec8fdf3aa2e49bef0362e8592974780d25699961f" + "100003ac023c027003cc025c02900670040c009c013002fc" + "004c00e00330032c02bc02f009cc02dc031009e00a2c008c" + "012000ac003c00d0016001300ff01000078000a003400320" + "0170001000300130015000600070009000a0018000b000c0" + "019000d000e000f001000110002001200040005001400080" + "016000b00020100000d00180016060306010503050104030" + "401030303010203020102020000001a00180000156275677" + "32e6f70656e6a646b2e6a6176612e6e6574";
byte[] msg_clihello = hexStringToByteArray(hello);
ByteBuffer bf_clihello = ByteBuffer.wrap(msg_clihello);
SSLSession session = ssle.getSession();
int appBufferMax = session.getApplicationBufferSize();
int netBufferMax = session.getPacketBufferSize();
ByteBuffer serverIn = ByteBuffer.allocate(appBufferMax + 50);
ByteBuffer serverOut = ByteBuffer.wrap("I'm Server".getBytes());
ByteBuffer sTOc = ByteBuffer.allocate(netBufferMax);
ssle.beginHandshake();
// unwrap the clientHello message.
SSLEngineResult result = ssle.unwrap(bf_clihello, serverIn);
System.out.println("server unwrap " + result);
runDelegatedTasks(result, ssle);
if (!proceed) {
//expected exception occurred. Don't process anymore
return;
}
// one more step, ensure the clientHello message is parsed.
SSLEngineResult.HandshakeStatus status = ssle.getHandshakeStatus();
if (status == HandshakeStatus.NEED_UNWRAP) {
result = ssle.unwrap(bf_clihello, serverIn);
System.out.println("server unwrap " + result);
runDelegatedTasks(result, ssle);
} else if (status == HandshakeStatus.NEED_WRAP) {
result = ssle.wrap(serverOut, sTOc);
System.out.println("server wrap " + result);
runDelegatedTasks(result, ssle);
} else {
throw new Exception("unexpected handshake status " + status);
}
// enough, stop
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Example 33 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project jdk8u_jdk by JetBrains.
the class DHEKeySizing method test.
private void test(String cipherSuite, boolean exportable, int lenServerKeyEx, int lenClientKeyEx) throws Exception {
createSSLEngines();
createBuffers();
// ssle1's results from last operation
SSLEngineResult result1;
// ssle2's results from last operation
SSLEngineResult result2;
String[] suites = new String[] { cipherSuite };
ssle1.setEnabledCipherSuites(suites);
ssle2.setEnabledCipherSuites(suites);
log("======================================");
log("===================");
log("client hello");
result1 = ssle1.wrap(appOut1, oneToTwo);
checkResult(appOut1, oneToTwo, result1, Status.OK, HandshakeStatus.NEED_UNWRAP, 0, -1);
oneToTwo.flip();
result2 = ssle2.unwrap(oneToTwo, appIn2);
checkResult(oneToTwo, appIn2, result2, Status.OK, HandshakeStatus.NEED_TASK, result1.bytesProduced(), 0);
runDelegatedTasks(ssle2);
oneToTwo.compact();
log("===================");
log("ServerHello");
result2 = ssle2.wrap(appOut2, twoToOne);
checkResult(appOut2, twoToOne, result2, Status.OK, HandshakeStatus.NEED_UNWRAP, 0, -1);
twoToOne.flip();
log("Message length of ServerHello series: " + twoToOne.remaining());
if (twoToOne.remaining() < (lenServerKeyEx - KEY_LEN_BIAS) || twoToOne.remaining() > lenServerKeyEx) {
throw new Exception("Expected to generate ServerHello series messages of " + lenServerKeyEx + " bytes, but not " + twoToOne.remaining());
}
result1 = ssle1.unwrap(twoToOne, appIn1);
checkResult(twoToOne, appIn1, result1, Status.OK, HandshakeStatus.NEED_TASK, result2.bytesProduced(), 0);
runDelegatedTasks(ssle1);
twoToOne.compact();
log("===================");
log("Key Exchange");
result1 = ssle1.wrap(appOut1, oneToTwo);
checkResult(appOut1, oneToTwo, result1, Status.OK, HandshakeStatus.NEED_WRAP, 0, -1);
oneToTwo.flip();
log("Message length of ClientKeyExchange: " + oneToTwo.remaining());
if (oneToTwo.remaining() < (lenClientKeyEx - KEY_LEN_BIAS) || oneToTwo.remaining() > lenClientKeyEx) {
throw new Exception("Expected to generate ClientKeyExchange message of " + lenClientKeyEx + " bytes, but not " + oneToTwo.remaining());
}
result2 = ssle2.unwrap(oneToTwo, appIn2);
checkResult(oneToTwo, appIn2, result2, Status.OK, HandshakeStatus.NEED_TASK, result1.bytesProduced(), 0);
runDelegatedTasks(ssle2);
oneToTwo.compact();
log("===================");
log("Client CCS");
result1 = ssle1.wrap(appOut1, oneToTwo);
checkResult(appOut1, oneToTwo, result1, Status.OK, HandshakeStatus.NEED_WRAP, 0, -1);
oneToTwo.flip();
result2 = ssle2.unwrap(oneToTwo, appIn2);
checkResult(oneToTwo, appIn2, result2, Status.OK, HandshakeStatus.NEED_UNWRAP, result1.bytesProduced(), 0);
oneToTwo.compact();
log("===================");
log("Client Finished");
result1 = ssle1.wrap(appOut1, oneToTwo);
checkResult(appOut1, oneToTwo, result1, Status.OK, HandshakeStatus.NEED_UNWRAP, 0, -1);
oneToTwo.flip();
result2 = ssle2.unwrap(oneToTwo, appIn2);
checkResult(oneToTwo, appIn2, result2, Status.OK, HandshakeStatus.NEED_WRAP, result1.bytesProduced(), 0);
oneToTwo.compact();
log("===================");
log("Server CCS");
result2 = ssle2.wrap(appOut2, twoToOne);
checkResult(appOut2, twoToOne, result2, Status.OK, HandshakeStatus.NEED_WRAP, 0, -1);
twoToOne.flip();
result1 = ssle1.unwrap(twoToOne, appIn1);
checkResult(twoToOne, appIn1, result1, Status.OK, HandshakeStatus.NEED_UNWRAP, result2.bytesProduced(), 0);
twoToOne.compact();
log("===================");
log("Server Finished");
result2 = ssle2.wrap(appOut2, twoToOne);
checkResult(appOut2, twoToOne, result2, Status.OK, HandshakeStatus.FINISHED, 0, -1);
twoToOne.flip();
result1 = ssle1.unwrap(twoToOne, appIn1);
checkResult(twoToOne, appIn1, result1, Status.OK, HandshakeStatus.FINISHED, result2.bytesProduced(), 0);
twoToOne.compact();
log("===================");
log("Check Session/Ciphers");
String cs = ssle1.getSession().getCipherSuite();
if (!cs.equals(suites[0])) {
throw new Exception("suites not equal: " + cs + "/" + suites[0]);
}
cs = ssle2.getSession().getCipherSuite();
if (!cs.equals(suites[0])) {
throw new Exception("suites not equal: " + cs + "/" + suites[0]);
}
log("===================");
log("Done with SSL/TLS handshaking");
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Example 34 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project jdk8u_jdk by JetBrains.
the class TestAllSuites method runTest.
private void runTest(String suite, String[] protocols) throws Exception {
boolean dataDone = false;
System.out.println("======================================");
System.out.println("Testing: " + suite);
for (int i = 0; i < protocols.length; i++) {
System.out.print(protocols[i] + " ");
}
/*
* Don't run the Kerberized suites for now.
*/
if (suite.startsWith("TLS_KRB5")) {
System.out.println("Ignoring Kerberized suite");
return;
}
/*
* Don't run the SCSV suite
*/
if (suite.equals("TLS_EMPTY_RENEGOTIATION_INFO_SCSV")) {
System.out.println("Ignoring SCSV suite");
return;
}
if (!suite.contains("DH_anon")) {
ssle2.setNeedClientAuth(true);
}
String[] suites = new String[] { suite };
ssle1.setEnabledCipherSuites(suites);
ssle2.setEnabledCipherSuites(suites);
ssle1.setEnabledProtocols(protocols);
ssle2.setEnabledProtocols(protocols);
createBuffers();
// ssle1's results from last operation
SSLEngineResult result1;
// ssle2's results from last operation
SSLEngineResult result2;
Date start = new Date();
while (!isEngineClosed(ssle1) || !isEngineClosed(ssle2)) {
log("----------------");
result1 = ssle1.wrap(appOut1, oneToTwo);
result2 = ssle2.wrap(appOut2, twoToOne);
log("wrap1: " + result1);
log("oneToTwo = " + oneToTwo);
log("");
log("wrap2: " + result2);
log("twoToOne = " + twoToOne);
runDelegatedTasks(result1, ssle1);
runDelegatedTasks(result2, ssle2);
oneToTwo.flip();
twoToOne.flip();
log("----");
result1 = ssle1.unwrap(twoToOne, appIn1);
result2 = ssle2.unwrap(oneToTwo, appIn2);
log("unwrap1: " + result1);
log("twoToOne = " + twoToOne);
log("");
log("unwrap2: " + result2);
log("oneToTwo = " + oneToTwo);
runDelegatedTasks(result1, ssle1);
runDelegatedTasks(result2, ssle2);
oneToTwo.compact();
twoToOne.compact();
/*
* If we've transfered all the data between app1 and app2,
* we try to close and see what that gets us.
*/
if (!dataDone && (appOut1.limit() == appIn2.position()) && (appOut2.limit() == appIn1.position())) {
checkTransfer(appOut1, appIn2);
checkTransfer(appOut2, appIn1);
log("Closing ssle1's *OUTBOUND*...");
ssle1.closeOutbound();
dataDone = true;
}
}
/*
* Just for grins, try closing again, make sure nothing
* strange is happening after we're closed.
*/
ssle1.closeInbound();
ssle1.closeOutbound();
ssle2.closeInbound();
ssle2.closeOutbound();
appOut1.rewind();
appIn1.clear();
oneToTwo.clear();
result1 = ssle1.wrap(appOut1, oneToTwo);
checkResult(result1);
result1 = ssle1.unwrap(oneToTwo, appIn1);
checkResult(result1);
System.out.println("Test Passed.");
System.out.println("\n======================================");
Date end = new Date();
elapsed += end.getTime() - start.getTime();
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Example 35 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project jdk8u_jdk by JetBrains.
the class ConnectionTest method test.
private void test() throws Exception {
ssle1.setUseClientMode(true);
ssle2.setUseClientMode(false);
ssle2.setNeedClientAuth(true);
System.out.println("Testing for early unwrap/wrap");
SSLEngineResult result1 = ssle1.unwrap(twoToOne, appIn1);
SSLEngineResult result2 = ssle2.wrap(appOut2, oneToTwo);
/*
* These should not consume/produce data, because they
* are client and server, respectively, and don't
* start handshaking this way.
*/
checkResult(result1, Status.OK, HandshakeStatus.NEED_WRAP, 0, 0, false);
checkResult(result2, Status.OK, HandshakeStatus.NEED_UNWRAP, 0, 0, false);
System.out.println("Doing Initial Handshake");
boolean done1 = false;
boolean done2 = false;
/*
* Do initial handshaking
*/
while (isHandshaking(ssle1) || isHandshaking(ssle2)) {
System.out.println("================");
result1 = ssle1.wrap(emptyBuffer, oneToTwo);
checkResult(result1, null, null, 0, -1, done1);
result2 = ssle2.wrap(emptyBuffer, twoToOne);
checkResult(result2, null, null, 0, -1, done2);
if (result1.getHandshakeStatus() == HandshakeStatus.FINISHED) {
done1 = true;
}
if (result2.getHandshakeStatus() == HandshakeStatus.FINISHED) {
done2 = true;
}
System.out.println("wrap1 = " + result1);
System.out.println("wrap2 = " + result2);
if (result1.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
Runnable runnable;
while ((runnable = ssle1.getDelegatedTask()) != null) {
runnable.run();
}
}
if (result2.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
Runnable runnable;
while ((runnable = ssle2.getDelegatedTask()) != null) {
runnable.run();
}
}
oneToTwo.flip();
twoToOne.flip();
oneToTwo.position(10);
twoToOne.position(10);
System.out.println("----");
result1 = ssle1.unwrap(twoToOne, appIn1);
checkResult(result1, null, null, -1, 0, done1);
result2 = ssle2.unwrap(oneToTwo, appIn2);
checkResult(result2, null, null, -1, 0, done2);
if (result1.getHandshakeStatus() == HandshakeStatus.FINISHED) {
done1 = true;
}
if (result2.getHandshakeStatus() == HandshakeStatus.FINISHED) {
done2 = true;
}
if (result1.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
Runnable runnable;
while ((runnable = ssle1.getDelegatedTask()) != null) {
runnable.run();
}
}
if (result2.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
Runnable runnable;
while ((runnable = ssle2.getDelegatedTask()) != null) {
runnable.run();
}
}
System.out.println("unwrap1 = " + result1);
System.out.println("unwrap2 = " + result2);
oneToTwoShifter.position(oneToTwo.position() - 10);
oneToTwoShifter.limit(oneToTwo.limit() - 10);
twoToOneShifter.position(twoToOne.position() - 10);
twoToOneShifter.limit(twoToOne.limit() - 10);
oneToTwoShifter.compact();
twoToOneShifter.compact();
oneToTwo.position(oneToTwoShifter.position() + 10);
oneToTwo.limit(oneToTwoShifter.limit() + 10);
twoToOne.position(twoToOneShifter.position() + 10);
twoToOne.limit(twoToOneShifter.limit() + 10);
}
System.out.println("\nDONE HANDSHAKING");
System.out.println("================");
if (!done1 || !done2) {
throw new Exception("Both should be true:\n" + " done1 = " + done1 + " done2 = " + done2);
}
String host = ssle1.getPeerHost();
int port = ssle1.getPeerPort();
if (!host.equals(hostname) || (port != portNumber)) {
throw new Exception("unexpected host/port " + host + ":" + port);
}
host = ssle2.getPeerHost();
port = ssle2.getPeerPort();
if ((host != null) || (port != -1)) {
throw new Exception("unexpected host/port " + host + ":" + port);
}
SSLSession ssls1 = ssle1.getSession();
host = ssls1.getPeerHost();
port = ssls1.getPeerPort();
if (!host.equals(hostname) || (port != portNumber)) {
throw new Exception("unexpected host/port " + host + ":" + port);
}
SSLSession ssls2 = ssle2.getSession();
host = ssls2.getPeerHost();
port = ssls2.getPeerPort();
if ((host != null) || (port != -1)) {
throw new Exception("unexpected host/port " + host + ":" + port);
}
/*
* Should be able to write/read a small buffer like this.
*/
int appOut1Len = appOut1.remaining();
int appOut2Len = appOut2.remaining();
int net1Len;
int net2Len;
result1 = ssle1.wrap(appOut1, oneToTwo);
checkResult(result1, Status.OK, HandshakeStatus.NOT_HANDSHAKING, appOut1Len, -1, false);
result2 = ssle2.wrap(appOut2, twoToOne);
checkResult(result2, Status.OK, HandshakeStatus.NOT_HANDSHAKING, appOut2Len, -1, false);
net1Len = result1.bytesProduced();
net2Len = result2.bytesProduced();
System.out.println("wrap1 = " + result1);
System.out.println("wrap2 = " + result2);
oneToTwo.flip();
twoToOne.flip();
oneToTwo.position(10);
twoToOne.position(10);
System.out.println("----");
result1 = ssle1.unwrap(twoToOne, appIn1);
checkResult(result1, Status.OK, HandshakeStatus.NOT_HANDSHAKING, net2Len, appOut2Len, false);
result2 = ssle2.unwrap(oneToTwo, appIn2);
checkResult(result2, Status.OK, HandshakeStatus.NOT_HANDSHAKING, net1Len, appOut1Len, false);
System.out.println("unwrap1 = " + result1);
System.out.println("unwrap2 = " + result2);
oneToTwoShifter.position(oneToTwo.position() - 10);
oneToTwoShifter.limit(oneToTwo.limit() - 10);
twoToOneShifter.position(twoToOne.position() - 10);
twoToOneShifter.limit(twoToOne.limit() - 10);
oneToTwoShifter.compact();
twoToOneShifter.compact();
oneToTwo.position(oneToTwoShifter.position() + 10);
oneToTwo.limit(oneToTwoShifter.limit() + 10);
twoToOne.position(twoToOneShifter.position() + 10);
twoToOne.limit(twoToOneShifter.limit() + 10);
ssls2.invalidate();
ssle2.beginHandshake();
System.out.println("\nRENEGOTIATING");
System.out.println("=============");
done1 = false;
done2 = false;
appIn1.clear();
appIn2.clear();
/*
* Do a quick test to see if this can do a switch
* into client mode, at this point, you shouldn't be able
* to switch back.
*/
try {
System.out.println("Try to change client mode");
ssle2.setUseClientMode(true);
throw new Exception("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException e) {
System.out.println("Caught correct IllegalArgumentException");
}
while (isHandshaking(ssle1) || isHandshaking(ssle2)) {
System.out.println("================");
result1 = ssle1.wrap(emptyBuffer, oneToTwo);
checkResult(result1, null, null, 0, -1, done1);
result2 = ssle2.wrap(emptyBuffer, twoToOne);
checkResult(result2, null, null, 0, -1, done2);
if (result1.getHandshakeStatus() == HandshakeStatus.FINISHED) {
done1 = true;
}
if (result2.getHandshakeStatus() == HandshakeStatus.FINISHED) {
done2 = true;
}
System.out.println("wrap1 = " + result1);
System.out.println("wrap2 = " + result2);
if (result1.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
Runnable runnable;
while ((runnable = ssle1.getDelegatedTask()) != null) {
runnable.run();
}
}
if (result2.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
Runnable runnable;
while ((runnable = ssle2.getDelegatedTask()) != null) {
runnable.run();
}
}
oneToTwo.flip();
twoToOne.flip();
oneToTwo.position(10);
twoToOne.position(10);
System.out.println("----");
result1 = ssle1.unwrap(twoToOne, appIn1);
checkResult(result1, null, null, -1, 0, done1);
result2 = ssle2.unwrap(oneToTwo, appIn2);
checkResult(result2, null, null, -1, 0, done2);
if (result1.getHandshakeStatus() == HandshakeStatus.FINISHED) {
done1 = true;
}
if (result2.getHandshakeStatus() == HandshakeStatus.FINISHED) {
done2 = true;
}
System.out.println("unwrap1 = " + result1);
System.out.println("unwrap2 = " + result2);
if (result1.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
Runnable runnable;
while ((runnable = ssle1.getDelegatedTask()) != null) {
runnable.run();
}
}
if (result2.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
Runnable runnable;
while ((runnable = ssle2.getDelegatedTask()) != null) {
runnable.run();
}
}
oneToTwoShifter.position(oneToTwo.position() - 10);
oneToTwoShifter.limit(oneToTwo.limit() - 10);
twoToOneShifter.position(twoToOne.position() - 10);
twoToOneShifter.limit(twoToOne.limit() - 10);
oneToTwoShifter.compact();
twoToOneShifter.compact();
oneToTwo.position(oneToTwoShifter.position() + 10);
oneToTwo.limit(oneToTwoShifter.limit() + 10);
twoToOne.position(twoToOneShifter.position() + 10);
twoToOne.limit(twoToOneShifter.limit() + 10);
}
host = ssle1.getPeerHost();
port = ssle1.getPeerPort();
if (!host.equals(hostname) || (port != portNumber)) {
throw new Exception("unexpected host/port " + host + ":" + port);
}
host = ssle2.getPeerHost();
port = ssle2.getPeerPort();
if ((host != null) || (port != -1)) {
throw new Exception("unexpected host/port " + host + ":" + port);
}
SSLSession ssls3 = ssle2.getSession();
host = ssls1.getPeerHost();
port = ssls1.getPeerPort();
if (!host.equals(hostname) || (port != portNumber)) {
throw new Exception("unexpected host/port " + host + ":" + port);
}
SSLSession ssls4 = ssle2.getSession();
host = ssls2.getPeerHost();
port = ssls2.getPeerPort();
if ((host != null) || (port != -1)) {
throw new Exception("unexpected host/port " + host + ":" + port);
}
System.out.println("\nDoing close");
System.out.println("===========");
ssle1.closeOutbound();
ssle2.closeOutbound();
oneToTwo.flip();
twoToOne.flip();
oneToTwo.position(10);
twoToOne.position(10);
appIn1.clear();
appIn2.clear();
System.out.println("LAST UNWRAP");
result1 = ssle1.unwrap(twoToOne, appIn1);
checkResult(result1, Status.BUFFER_UNDERFLOW, HandshakeStatus.NEED_WRAP, 0, 0, false);
result2 = ssle2.unwrap(oneToTwo, appIn2);
checkResult(result2, Status.BUFFER_UNDERFLOW, HandshakeStatus.NEED_WRAP, 0, 0, false);
System.out.println("unwrap1 = " + result1);
System.out.println("unwrap2 = " + result2);
oneToTwoShifter.position(oneToTwo.position() - 10);
oneToTwoShifter.limit(oneToTwo.limit() - 10);
twoToOneShifter.position(twoToOne.position() - 10);
twoToOneShifter.limit(twoToOne.limit() - 10);
oneToTwoShifter.compact();
twoToOneShifter.compact();
oneToTwo.position(oneToTwoShifter.position() + 10);
oneToTwo.limit(oneToTwoShifter.limit() + 10);
twoToOne.position(twoToOneShifter.position() + 10);
twoToOne.limit(twoToOneShifter.limit() + 10);
System.out.println("LAST WRAP");
result1 = ssle1.wrap(appOut1, oneToTwo);
checkResult(result1, Status.CLOSED, HandshakeStatus.NEED_UNWRAP, 0, -1, false);
result2 = ssle2.wrap(appOut2, twoToOne);
checkResult(result2, Status.CLOSED, HandshakeStatus.NEED_UNWRAP, 0, -1, false);
System.out.println("wrap1 = " + result1);
System.out.println("wrap2 = " + result2);
net1Len = result1.bytesProduced();
net2Len = result2.bytesProduced();
oneToTwo.flip();
twoToOne.flip();
oneToTwo.position(10);
twoToOne.position(10);
result1 = ssle1.unwrap(twoToOne, appIn1);
checkResult(result1, Status.CLOSED, HandshakeStatus.NOT_HANDSHAKING, net1Len, 0, false);
result2 = ssle2.unwrap(oneToTwo, appIn2);
checkResult(result2, Status.CLOSED, HandshakeStatus.NOT_HANDSHAKING, net2Len, 0, false);
System.out.println("unwrap1 = " + result1);
System.out.println("unwrap2 = " + result2);
oneToTwoShifter.position(oneToTwo.position() - 10);
oneToTwoShifter.limit(oneToTwo.limit() - 10);
twoToOneShifter.position(twoToOne.position() - 10);
twoToOneShifter.limit(twoToOne.limit() - 10);
oneToTwoShifter.compact();
twoToOneShifter.compact();
oneToTwo.position(oneToTwoShifter.position() + 10);
oneToTwo.limit(oneToTwoShifter.limit() + 10);
twoToOne.position(twoToOneShifter.position() + 10);
twoToOne.limit(twoToOneShifter.limit() + 10);
System.out.println("EXTRA WRAP");
result1 = ssle1.wrap(appOut1, oneToTwo);
checkResult(result1, Status.CLOSED, HandshakeStatus.NOT_HANDSHAKING, 0, 0, false);
result2 = ssle2.wrap(appOut2, twoToOne);
checkResult(result2, Status.CLOSED, HandshakeStatus.NOT_HANDSHAKING, 0, 0, false);
System.out.println("wrap1 = " + result1);
System.out.println("wrap2 = " + result2);
oneToTwo.flip();
twoToOne.flip();
oneToTwo.position(10);
twoToOne.position(10);
System.out.println("EXTRA UNWRAP");
result1 = ssle1.unwrap(twoToOne, appIn1);
checkResult(result1, Status.CLOSED, HandshakeStatus.NOT_HANDSHAKING, 0, 0, false);
result2 = ssle2.unwrap(oneToTwo, appIn2);
checkResult(result2, Status.CLOSED, HandshakeStatus.NOT_HANDSHAKING, 0, 0, false);
System.out.println("unwrap1 = " + result1);
System.out.println("unwrap2 = " + result2);
checkSession(ssls1, ssls2, ssls3, ssls4);
System.out.println(ssle1);
System.out.println(ssle2);
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Aggregations
SSLEngineResult (javax.net.ssl.SSLEngineResult)139
ByteBuffer (java.nio.ByteBuffer)53
IOException (java.io.IOException)32
SSLException (javax.net.ssl.SSLException)32
SSLEngine (javax.net.ssl.SSLEngine)25
Test (org.junit.Test)13
ReadOnlyBufferException (java.nio.ReadOnlyBufferException)12
SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)10
HandshakeStatus (javax.net.ssl.SSLEngineResult.HandshakeStatus)9
EOFException (java.io.EOFException)7
ByteBuf (io.netty.buffer.ByteBuf)6
SSLSession (javax.net.ssl.SSLSession)6
WritePendingException (java.nio.channels.WritePendingException)5
KeyManagementException (java.security.KeyManagementException)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
ExecutionException (java.util.concurrent.ExecutionException)5
TimeoutException (java.util.concurrent.TimeoutException)5
Status (javax.net.ssl.SSLEngineResult.Status)5
CompositeByteBuf (io.netty.buffer.CompositeByteBuf)4
BufferUnderflowException (java.nio.BufferUnderflowException)3
