Examples with SSLHandshakeCompletedEvent org.mozilla.jss.ssl.SSLHandshakeCompletedEvent used on opensource projects

Search in sources :

Example 1 with SSLHandshakeCompletedEvent

use of org.mozilla.jss.ssl.SSLHandshakeCompletedEvent in project jss by dogtagpki.

the class JSSEngineReferenceImpl method updateHandshakeState.

private void updateHandshakeState() {
    debug("JSSEngine: updateHandshakeState()");
    // already failed.
    if (seen_exception) {
        return;
    }
    // If we're already done, we should check for SSL ALerts.
    if (!step_handshake && handshake_state == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
        debug("JSSEngine.updateHandshakeState() - not handshaking");
        unknown_state_count = 0;
        ssl_exception = checkSSLAlerts();
        seen_exception = (ssl_exception != null);
        return;
    }
    // alerts.
    if (!step_handshake && handshake_state == SSLEngineResult.HandshakeStatus.FINISHED) {
        debug("JSSEngine.updateHandshakeState() - FINISHED to NOT_HANDSHAKING");
        // need to call SSL.ForceHandshake().
        if (returned_finished) {
            handshake_state = SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING;
        }
        unknown_state_count = 0;
        ssl_exception = checkSSLAlerts();
        seen_exception = (ssl_exception != null);
        return;
    }
    // Since we're not obviously done handshaking, and the last time we
    // were called, we were still handshaking, step the handshake.
    debug("JSSEngine.updateHandshakeState() - forcing handshake");
    if (SSL.ForceHandshake(ssl_fd) == SSL.SECFailure) {
        int error_value = PR.GetError();
        if (error_value != PRErrors.WOULD_BLOCK_ERROR) {
            debug("JSSEngine.updateHandshakeState() - FATAL " + getStatus());
            ssl_exception = new SSLHandshakeException("Error duing SSL.ForceHandshake() :: " + errorText(error_value));
            seen_exception = true;
            handshake_state = SSLEngineResult.HandshakeStatus.NEED_WRAP;
            return;
        }
    }
    // Check if we've just finished handshaking.
    debug("JSSEngine.updateHandshakeState() - read_buf.read=" + Buffer.ReadCapacity(read_buf) + " read_buf.write=" + Buffer.WriteCapacity(read_buf) + " write_buf.read=" + Buffer.ReadCapacity(write_buf) + " write_buf.write=" + Buffer.WriteCapacity(write_buf));
    // Set NEED_WRAP when we have data to send to the client.
    if (Buffer.ReadCapacity(write_buf) > 0 && handshake_state != SSLEngineResult.HandshakeStatus.NEED_WRAP) {
        // Can't write; to read, we need to call wrap to provide more
        // data to write.
        debug("JSSEngine.updateHandshakeState() - can write " + Buffer.ReadCapacity(write_buf) + " bytes, NEED_WRAP to process");
        handshake_state = SSLEngineResult.HandshakeStatus.NEED_WRAP;
        unknown_state_count = 0;
        return;
    }
    // call.
    if (ssl_fd.handshakeComplete && Buffer.ReadCapacity(write_buf) == 0) {
        debug("JSSEngine.updateHandshakeState() - handshakeComplete is " + ssl_fd.handshakeComplete + ", so we've just finished handshaking");
        step_handshake = false;
        handshake_state = SSLEngineResult.HandshakeStatus.FINISHED;
        unknown_state_count = 0;
        // handshaking.
        try {
            PK11Cert[] peer_chain = SSL.PeerCertificateChain(ssl_fd);
            session.setPeerCertificates(peer_chain);
        } catch (Exception e) {
            String msg = "Unable to get peer's certificate chain: ";
            msg += e.getMessage();
            seen_exception = true;
            ssl_exception = new SSLException(msg, e);
        }
        // Also update our session information here.
        session.refreshData();
        // Finally, fire any handshake completed event listeners now.
        fireHandshakeComplete(new SSLHandshakeCompletedEvent(this));
        return;
    }
    if (Buffer.ReadCapacity(read_buf) == 0 && handshake_state != SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
        // Set NEED_UNWRAP when we have no data to read from the client.
        debug("JSSEngine.updateHandshakeState() - can read " + Buffer.ReadCapacity(read_buf) + " bytes, NEED_UNWRAP to give us more");
        handshake_state = SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
        unknown_state_count = 0;
        return;
    }
    unknown_state_count += 1;
    if (unknown_state_count >= 4) {
        if (handshake_state == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
            handshake_state = SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
        } else {
            handshake_state = SSLEngineResult.HandshakeStatus.NEED_WRAP;
        }
        unknown_state_count = 1;
    }
}
Also used : SSLException(javax.net.ssl.SSLException) SSLHandshakeCompletedEvent(org.mozilla.jss.ssl.SSLHandshakeCompletedEvent) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) PK11Cert(org.mozilla.jss.pkcs11.PK11Cert) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) SSLException(javax.net.ssl.SSLException)

Aggregations

SSLException (javax.net.ssl.SSLException)1 SSLHandshakeException (javax.net.ssl.SSLHandshakeException)1 PK11Cert (org.mozilla.jss.pkcs11.PK11Cert)1 SSLHandshakeCompletedEvent (org.mozilla.jss.ssl.SSLHandshakeCompletedEvent)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial