Example 36 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project jdk8u_jdk by JetBrains.
the class LargeBufs method runTest.
private void runTest(String cipher) throws Exception {
boolean dataDone = false;
createSSLEngines();
System.out.println("Using " + cipher);
ssle1.setEnabledCipherSuites(new String[] { cipher });
ssle2.setEnabledCipherSuites(new String[] { cipher });
createBuffers();
// ssle1's results from last operation
SSLEngineResult result1;
// ssle2's results from last operation
SSLEngineResult result2;
while (!isEngineClosed(ssle1) || !isEngineClosed(ssle2)) {
log("================");
result1 = ssle1.wrap(appOut1, oneToTwo);
result2 = ssle2.wrap(appOut2, twoToOne);
if ((result1.bytesConsumed() != 0) && (result1.bytesConsumed() != appBufferMax) && (result1.bytesConsumed() != OFFSET)) {
throw new Exception("result1: " + result1);
}
if ((result2.bytesConsumed() != 0) && (result2.bytesConsumed() != appBufferMax) && (result2.bytesConsumed() != 2 * OFFSET)) {
throw new Exception("result1: " + result1);
}
log("wrap1: " + result1);
log("oneToTwo = " + oneToTwo);
log("");
log("wrap2: " + result2);
log("twoToOne = " + twoToOne);
runDelegatedTasks(result1, ssle1);
runDelegatedTasks(result2, ssle2);
oneToTwo.flip();
twoToOne.flip();
log("----");
result1 = ssle1.unwrap(twoToOne, appIn1);
result2 = ssle2.unwrap(oneToTwo, appIn2);
if ((result1.bytesProduced() != 0) && (result1.bytesProduced() != appBufferMax) && (result1.bytesProduced() != 2 * OFFSET)) {
throw new Exception("result1: " + result1);
}
if ((result2.bytesProduced() != 0) && (result2.bytesProduced() != appBufferMax) && (result2.bytesProduced() != OFFSET)) {
throw new Exception("result1: " + result1);
}
log("unwrap1: " + result1);
log("twoToOne = " + twoToOne);
log("");
log("unwrap2: " + result2);
log("oneToTwo = " + oneToTwo);
runDelegatedTasks(result1, ssle1);
runDelegatedTasks(result2, ssle2);
oneToTwo.compact();
twoToOne.compact();
/*
* If we've transfered all the data between app1 and app2,
* we try to close and see what that gets us.
*/
if (!dataDone && (appOut1.limit() == appIn2.position()) && (appOut2.limit() == appIn1.position())) {
checkTransfer(appOut1, appIn2);
checkTransfer(appOut2, appIn1);
log("Closing ssle1's *OUTBOUND*...");
ssle1.closeOutbound();
dataDone = true;
}
}
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Example 37 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project jdk8u_jdk by JetBrains.
the class SSLEngineTemplate method runTest.
/*
* Run the test.
*
* Sit in a tight loop, both engines calling wrap/unwrap regardless
* of whether data is available or not. We do this until both engines
* report back they are closed.
*
* The main loop handles all of the I/O phases of the SSLEngine's
* lifetime:
*
* initial handshaking
* application data transfer
* engine closing
*
* One could easily separate these phases into separate
* sections of code.
*/
private void runTest() throws Exception {
boolean dataDone = false;
createSSLEngines();
createBuffers();
// results from client's last operation
SSLEngineResult clientResult;
// results from server's last operation
SSLEngineResult serverResult;
/*
* Examining the SSLEngineResults could be much more involved,
* and may alter the overall flow of the application.
*
* For example, if we received a BUFFER_OVERFLOW when trying
* to write to the output pipe, we could reallocate a larger
* pipe, but instead we wait for the peer to drain it.
*/
while (!isEngineClosed(clientEngine) || !isEngineClosed(serverEngine)) {
log("================");
clientResult = clientEngine.wrap(clientOut, cTOs);
log("client wrap: ", clientResult);
runDelegatedTasks(clientResult, clientEngine);
serverResult = serverEngine.wrap(serverOut, sTOc);
log("server wrap: ", serverResult);
runDelegatedTasks(serverResult, serverEngine);
cTOs.flip();
sTOc.flip();
log("----");
clientResult = clientEngine.unwrap(sTOc, clientIn);
log("client unwrap: ", clientResult);
runDelegatedTasks(clientResult, clientEngine);
serverResult = serverEngine.unwrap(cTOs, serverIn);
log("server unwrap: ", serverResult);
runDelegatedTasks(serverResult, serverEngine);
cTOs.compact();
sTOc.compact();
/*
* After we've transfered all application data between the client
* and server, we close the clientEngine's outbound stream.
* This generates a close_notify handshake message, which the
* server engine receives and responds by closing itself.
*/
if (!dataDone && (clientOut.limit() == serverIn.position()) && (serverOut.limit() == clientIn.position())) {
/*
* A sanity check to ensure we got what was sent.
*/
checkTransfer(serverOut, clientIn);
checkTransfer(clientOut, serverIn);
log("\tClosing clientEngine's *OUTBOUND*...");
clientEngine.closeOutbound();
dataDone = true;
}
}
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Example 38 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project http-kit by http-kit.
the class HttpsRequest method wrapRequest.
private void wrapRequest() throws SSLException {
myNetData.clear();
SSLEngineResult res = engine.wrap(request, myNetData);
if (res.getStatus() != Status.OK) {
// TODO larger buffer, uberflow?
}
myNetData.flip();
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Example 39 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project http-kit by http-kit.
the class HttpsRequest method doHandshake.
final int doHandshake(ByteBuffer peerAppData) throws IOException {
SSLEngineResult.HandshakeStatus hs = engine.getHandshakeStatus();
while (!handshaken) {
switch(hs) {
case NEED_TASK:
Runnable runnable;
while ((runnable = engine.getDelegatedTask()) != null) {
runnable.run();
}
break;
case NEED_UNWRAP:
int read = ((SocketChannel) key.channel()).read(peerNetData);
if (read < 0) {
return -1;
} else {
peerNetData.flip();
SSLEngineResult res = engine.unwrap(peerNetData, peerAppData);
peerNetData.compact();
switch(res.getStatus()) {
case // Not possible, peerAppData is 64k
BUFFER_OVERFLOW:
break;
case CLOSED:
return -1;
case // need more data from peer
BUFFER_UNDERFLOW:
return 0;
}
// do not flip to write here, since TCP buffer is writable
}
break;
case NEED_WRAP:
SSLEngineResult res = engine.wrap(EMPTY_BUFFER, myNetData);
myNetData.flip();
((SocketChannel) key.channel()).write(myNetData);
if (myNetData.hasRemaining()) {
// TODO, make sure data get written
} else {
myNetData.clear();
if (res.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NEED_WRAP)
key.interestOps(SelectionKey.OP_READ);
}
break;
}
hs = engine.getHandshakeStatus();
handshaken = hs == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING || hs == SSLEngineResult.HandshakeStatus.FINISHED;
if (handshaken) {
wrapRequest();
// TCP buffer maybe empty this time
writeWrappedRequest();
}
}
return 0;
}
Also used :
SocketChannel(java.nio.channels.SocketChannel)
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Example 40 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project http-kit by http-kit.
the class NBlockingSSL method doHandshake.
private static void doHandshake() throws IOException {
SSLEngineResult.HandshakeStatus hs = engine.getHandshakeStatus();
isHandshakeDone = hs == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING || hs == SSLEngineResult.HandshakeStatus.FINISHED;
loop: while (!isHandshakeDone) {
switch(hs) {
case NEED_TASK:
Runnable runnable;
while ((runnable = engine.getDelegatedTask()) != null) {
logger.info("get task " + runnable);
runnable.run();
}
break;
case NEED_UNWRAP:
int read = socketChannel.read(peerNetData);
logger.info("read {} bytes", read);
if (read < 0) {
logger.info("closed");
// TODO closed
} else {
peerNetData.flip();
SSLEngineResult res = engine.unwrap(peerNetData, peerAppData);
logger.info("hs unwrap, " + res);
if (res.getStatus() != Status.OK) {
System.out.println("--------------------------");
}
peerNetData.compact();
switch(res.getStatus()) {
case OK:
break;
case BUFFER_UNDERFLOW:
// need more data from peer
logger.info("waiting for more info");
break loop;
case BUFFER_OVERFLOW:
// need larger peerAppData buffer
break;
case CLOSED:
break;
}
if (engine.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
key.interestOps(SelectionKey.OP_WRITE);
logger.info("for write");
break loop;
}
}
break;
case NEED_WRAP:
// myNetData.compact();
SSLEngineResult result = engine.wrap(ByteBuffer.allocate(0), myNetData);
logger.info("wrap: " + result);
myNetData.flip();
socketChannel.write(myNetData);
if (engine.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
}
if (!myNetData.hasRemaining()) {
// write done, so just for read
if ((key.interestOps() & SelectionKey.OP_READ) == 0) {
key.interestOps(SelectionKey.OP_READ);
logger.info("for read");
}
myNetData.clear();
// break loop;
} else {
myNetData.compact();
}
break;
}
hs = engine.getHandshakeStatus();
isHandshakeDone = hs == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING || hs == SSLEngineResult.HandshakeStatus.FINISHED;
if (isHandshakeDone) {
logger.info("handshake done");
peerNetData.clear();
ByteBuffer buffer = ByteBuffer.wrap(("GET / HTTP/1.1\r\nHost: " + HOST + "\r\n\r\n").getBytes());
SSLEngineResult res = engine.wrap(buffer, myNetData);
RandomAccessFile r = new RandomAccessFile("/home/feng/workspace/http-kit/blog.access.log", "r");
MappedByteBuffer b = r.getChannel().map(MapMode.READ_ONLY, 0, r.getChannel().size());
ByteBuffer bf = ByteBuffer.allocate(256 * 1024);
// even though b is big, bf is small, the two buffer just move
// forward
SSLEngineResult t = engine.wrap(b, bf);
System.out.println(t);
if (res.getStatus() == SSLEngineResult.Status.OK) {
myNetData.flip();
socketChannel.write(myNetData);
if (myNetData.hasRemaining()) {
key.interestOps(SelectionKey.OP_WRITE);
}
}
}
}
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
RandomAccessFile(java.io.RandomAccessFile)
MappedByteBuffer(java.nio.MappedByteBuffer)
ByteBuffer(java.nio.ByteBuffer)
MappedByteBuffer(java.nio.MappedByteBuffer)
Aggregations
SSLEngineResult (javax.net.ssl.SSLEngineResult)139
ByteBuffer (java.nio.ByteBuffer)53
IOException (java.io.IOException)32
SSLException (javax.net.ssl.SSLException)32
SSLEngine (javax.net.ssl.SSLEngine)25
Test (org.junit.Test)13
ReadOnlyBufferException (java.nio.ReadOnlyBufferException)12
SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)10
HandshakeStatus (javax.net.ssl.SSLEngineResult.HandshakeStatus)9
EOFException (java.io.EOFException)7
ByteBuf (io.netty.buffer.ByteBuf)6
SSLSession (javax.net.ssl.SSLSession)6
WritePendingException (java.nio.channels.WritePendingException)5
KeyManagementException (java.security.KeyManagementException)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
ExecutionException (java.util.concurrent.ExecutionException)5
TimeoutException (java.util.concurrent.TimeoutException)5
Status (javax.net.ssl.SSLEngineResult.Status)5
CompositeByteBuf (io.netty.buffer.CompositeByteBuf)4
BufferUnderflowException (java.nio.BufferUnderflowException)3
