Java Code Examples for javax.net.ssl.SSLEngineResult.HandshakeStatus#NEED_WRAP
The following examples show how to use
javax.net.ssl.SSLEngineResult.HandshakeStatus#NEED_WRAP .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SecureNioChannel.java From tomcatsrc with Apache License 2.0 | 6 votes |
|
/**
* Sends a SSL close message, will not physically close the connection here.<br>
* To close the connection, you could do something like
* <pre><code>
* close();
* while (isOpen() && !myTimeoutFunction()) Thread.sleep(25);
* if ( isOpen() ) close(true); //forces a close if you timed out
* </code></pre>
* @throws IOException if an I/O error occurs
* @throws IOException if there is data on the outgoing network buffer and we are unable to flush it
* TODO Implement this java.io.Closeable method
*/
@Override
public void close() throws IOException {
if (closing) return;
closing = true;
sslEngine.closeOutbound();
if (!flush(netOutBuffer)) {
throw new IOException("Remaining data in the network buffer, can't send SSL close message, force a close with close(true) instead");
}
//prep the buffer for the close message
netOutBuffer.clear();
//perform the close, since we called sslEngine.closeOutbound
SSLEngineResult handshake = sslEngine.wrap(getEmptyBuf(), netOutBuffer);
//we should be in a close state
if (handshake.getStatus() != SSLEngineResult.Status.CLOSED) {
throw new IOException("Invalid close state, will not send network data.");
}
//prepare the buffer for writing
netOutBuffer.flip();
//if there is data to be written
flush(netOutBuffer);
//is the channel closed?
closed = (!netOutBuffer.hasRemaining() && (handshake.getHandshakeStatus() != HandshakeStatus.NEED_WRAP));
}
Example 2
| Source File: SecureNioChannel.java From Tomcat7.0.67 with Apache License 2.0 | 6 votes |
|
/**
* Sends a SSL close message, will not physically close the connection here.<br>
* To close the connection, you could do something like
* <pre><code>
* close();
* while (isOpen() && !myTimeoutFunction()) Thread.sleep(25);
* if ( isOpen() ) close(true); //forces a close if you timed out
* </code></pre>
* @throws IOException if an I/O error occurs
* @throws IOException if there is data on the outgoing network buffer and we are unable to flush it
* TODO Implement this java.io.Closeable method
*/
@Override
public void close() throws IOException {
if (closing) return;
closing = true;
sslEngine.closeOutbound();
if (!flush(netOutBuffer)) {
throw new IOException("Remaining data in the network buffer, can't send SSL close message, force a close with close(true) instead");
}
//prep the buffer for the close message
netOutBuffer.clear();
//perform the close, since we called sslEngine.closeOutbound
SSLEngineResult handshake = sslEngine.wrap(getEmptyBuf(), netOutBuffer);
//we should be in a close state
if (handshake.getStatus() != SSLEngineResult.Status.CLOSED) {
throw new IOException("Invalid close state, will not send network data.");
}
//prepare the buffer for writing
netOutBuffer.flip();
//if there is data to be written
flush(netOutBuffer);
//is the channel closed?
closed = (!netOutBuffer.hasRemaining() && (handshake.getHandshakeStatus() != HandshakeStatus.NEED_WRAP));
}
Example 3
| Source File: EngineWriter.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
|
private HandshakeStatus getOutboundData(ByteBuffer dstBB) {
Object msg = outboundList.removeFirst();
assert(msg instanceof ByteBuffer);
ByteBuffer bbIn = (ByteBuffer) msg;
assert(dstBB.remaining() >= bbIn.remaining());
dstBB.put(bbIn);
/*
* If we have more data in the queue, it's either
* a finished message, or an indication that we need
* to call wrap again.
*/
if (hasOutboundDataInternal()) {
msg = outboundList.getFirst();
if (msg == HandshakeStatus.FINISHED) {
outboundList.removeFirst(); // consume the message
return HandshakeStatus.FINISHED;
} else {
return HandshakeStatus.NEED_WRAP;
}
} else {
return null;
}
}
Example 4
| Source File: SecureNioChannel.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
/**
* Sends an SSL close message, will not physically close the connection here.
* <br>To close the connection, you could do something like
* <pre><code>
* close();
* while (isOpen() && !myTimeoutFunction()) Thread.sleep(25);
* if ( isOpen() ) close(true); //forces a close if you timed out
* </code></pre>
* @throws IOException if an I/O error occurs
* @throws IOException if there is data on the outgoing network buffer and
* we are unable to flush it
*/
@Override
public void close() throws IOException {
if (closing) {
return;
}
closing = true;
sslEngine.closeOutbound();
if (!flush(netOutBuffer)) {
throw new IOException(sm.getString("channel.nio.ssl.remainingDataDuringClose"));
}
//prep the buffer for the close message
netOutBuffer.clear();
//perform the close, since we called sslEngine.closeOutbound
SSLEngineResult handshake = sslEngine.wrap(getEmptyBuf(), netOutBuffer);
//we should be in a close state
if (handshake.getStatus() != SSLEngineResult.Status.CLOSED) {
throw new IOException(sm.getString("channel.nio.ssl.invalidCloseState"));
}
//prepare the buffer for writing
netOutBuffer.flip();
//if there is data to be written
flush(netOutBuffer);
//is the channel closed?
closed = (!netOutBuffer.hasRemaining() && (handshake.getHandshakeStatus() != HandshakeStatus.NEED_WRAP));
}
Example 5
| Source File: EngineWriter.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
|
private HandshakeStatus getOutboundData(ByteBuffer dstBB) {
Object msg = outboundList.removeFirst();
assert(msg instanceof ByteBuffer);
ByteBuffer bbIn = (ByteBuffer) msg;
assert(dstBB.remaining() >= bbIn.remaining());
dstBB.put(bbIn);
/*
* If we have more data in the queue, it's either
* a finished message, or an indication that we need
* to call wrap again.
*/
if (hasOutboundDataInternal()) {
msg = outboundList.getFirst();
if (msg == HandshakeStatus.FINISHED) {
outboundList.removeFirst(); // consume the message
return HandshakeStatus.FINISHED;
} else {
return HandshakeStatus.NEED_WRAP;
}
} else {
return null;
}
}
Example 6
| Source File: EngineWriter.java From hottub with GNU General Public License v2.0 | 5 votes |
|
private HandshakeStatus getOutboundData(ByteBuffer dstBB) {
Object msg = outboundList.removeFirst();
assert(msg instanceof ByteBuffer);
ByteBuffer bbIn = (ByteBuffer) msg;
assert(dstBB.remaining() >= bbIn.remaining());
dstBB.put(bbIn);
/*
* If we have more data in the queue, it's either
* a finished message, or an indication that we need
* to call wrap again.
*/
if (hasOutboundDataInternal()) {
msg = outboundList.getFirst();
if (msg == HandshakeStatus.FINISHED) {
outboundList.removeFirst(); // consume the message
return HandshakeStatus.FINISHED;
} else {
return HandshakeStatus.NEED_WRAP;
}
} else {
return null;
}
}
Example 7
| Source File: EngineWriter.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
private HandshakeStatus getOutboundData(ByteBuffer dstBB) {
Object msg = outboundList.removeFirst();
assert(msg instanceof ByteBuffer);
ByteBuffer bbIn = (ByteBuffer) msg;
assert(dstBB.remaining() >= bbIn.remaining());
dstBB.put(bbIn);
/*
* If we have more data in the queue, it's either
* a finished message, or an indication that we need
* to call wrap again.
*/
if (hasOutboundDataInternal()) {
msg = outboundList.getFirst();
if (msg == HandshakeStatus.FINISHED) {
outboundList.removeFirst(); // consume the message
return HandshakeStatus.FINISHED;
} else {
return HandshakeStatus.NEED_WRAP;
}
} else {
return null;
}
}
Example 8
| Source File: EngineWriter.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
private HandshakeStatus getOutboundData(ByteBuffer dstBB) {
Object msg = outboundList.removeFirst();
assert(msg instanceof ByteBuffer);
ByteBuffer bbIn = (ByteBuffer) msg;
assert(dstBB.remaining() >= bbIn.remaining());
dstBB.put(bbIn);
/*
* If we have more data in the queue, it's either
* a finished message, or an indication that we need
* to call wrap again.
*/
if (hasOutboundDataInternal()) {
msg = outboundList.getFirst();
if (msg == HandshakeStatus.FINISHED) {
outboundList.removeFirst(); // consume the message
return HandshakeStatus.FINISHED;
} else {
return HandshakeStatus.NEED_WRAP;
}
} else {
return null;
}
}
Example 9
| Source File: EngineWriter.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
|
private HandshakeStatus getOutboundData(ByteBuffer dstBB) {
Object msg = outboundList.removeFirst();
assert(msg instanceof ByteBuffer);
ByteBuffer bbIn = (ByteBuffer) msg;
assert(dstBB.remaining() >= bbIn.remaining());
dstBB.put(bbIn);
/*
* If we have more data in the queue, it's either
* a finished message, or an indication that we need
* to call wrap again.
*/
if (hasOutboundDataInternal()) {
msg = outboundList.getFirst();
if (msg == HandshakeStatus.FINISHED) {
outboundList.removeFirst(); // consume the message
return HandshakeStatus.FINISHED;
} else {
return HandshakeStatus.NEED_WRAP;
}
} else {
return null;
}
}
Example 10
| Source File: SslHandler.java From jane with GNU Lesser General Public License v3.0 | 5 votes |
|
WriteFuture writeNetBuffer(NextFilter nextFilter, boolean needFuture) throws Exception {
// Check if any net data needed to be writen
if (outNetBuffer == null || !outNetBuffer.hasRemaining())
return null; // no; bail out
// set flag that we are writing encrypted data (used in SSLFilter.filterWrite())
writingEncryptedData = true;
// write net data
WriteFuture writeFuture = (needFuture ? new DefaultWriteFuture(session) : null);
try {
IoBuffer writeBuffer = fetchOutNetBuffer();
sslFilter.filterWrite(nextFilter, session, writeFuture != null ? new DefaultWriteRequest(writeBuffer, writeFuture) : writeBuffer);
// loop while more writes required to complete handshake
while (handshakeStatus == HandshakeStatus.NEED_WRAP && !isInboundDone()) {
try {
handshake(nextFilter);
} catch (SSLException ssle) {
SSLException newSsle = new SSLHandshakeException("SSL handshake failed");
newSsle.initCause(ssle);
throw newSsle;
}
IoBuffer currentOutNetBuffer = fetchOutNetBuffer();
if (currentOutNetBuffer != null && currentOutNetBuffer.hasRemaining()) {
writeFuture = (needFuture ? new DefaultWriteFuture(session) : null);
sslFilter.filterWrite(nextFilter, session, writeFuture != null ? new DefaultWriteRequest(currentOutNetBuffer, writeFuture) : currentOutNetBuffer);
}
}
} finally {
writingEncryptedData = false;
}
return writeFuture;
}
Example 11
| Source File: SqueakSSL.java From trufflesqueak with MIT License | 5 votes |
|
private static void wrapEagerly(final SqSSL ssl, final ByteBuffer target) throws SSLException {
HandshakeStatus status = ssl.engine.getHandshakeStatus();
while (status == HandshakeStatus.NEED_WRAP) {
final SSLEngineResult result = wrap(ssl, EMPTY_BUFFER, target);
checkStatus("Handshake wrap", result, Status.OK);
runTasks(ssl);
if (result.getHandshakeStatus() == HandshakeStatus.FINISHED) {
handshakeCompleted(ssl);
}
status = ssl.engine.getHandshakeStatus();
}
}
Example 12
| Source File: SSLSocketChannel.java From mts with GNU General Public License v3.0 | 5 votes |
|
public synchronized boolean shutdown() throws IOException
{
shutdown = true;
if (!sslEngine.isOutboundDone())
{
sslEngine.closeOutbound();
}
// Try to "fire-and-forget" the closed notification (RFC2616).
SSLEngineResult result;
if (prepare(outputBuffer, minBufferSize))
{
result = sslEngine.wrap(emptyBuffer, outputBuffer[0]);
if (result.getStatus() != Status.CLOSED)
{
throw new SSLException("Unexpected shutdown status '" + result.getStatus() + '\'');
}
outputBuffer[0].flip();
}
else
{
result = null;
}
flush(outputBuffer[0]);
return !outputBuffer[0].hasRemaining() && (result != null)
&& (result.getHandshakeStatus() != HandshakeStatus.NEED_WRAP);
}
Example 13
| Source File: EngineWriter.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 5 votes |
|
private HandshakeStatus getOutboundData(ByteBuffer dstBB) {
Object msg = outboundList.removeFirst();
assert(msg instanceof ByteBuffer);
ByteBuffer bbIn = (ByteBuffer) msg;
assert(dstBB.remaining() >= bbIn.remaining());
dstBB.put(bbIn);
/*
* If we have more data in the queue, it's either
* a finished message, or an indication that we need
* to call wrap again.
*/
if (hasOutboundDataInternal()) {
msg = outboundList.getFirst();
if (msg == HandshakeStatus.FINISHED) {
outboundList.removeFirst(); // consume the message
return HandshakeStatus.FINISHED;
} else {
return HandshakeStatus.NEED_WRAP;
}
} else {
return null;
}
}
Example 14
| Source File: EngineWriter.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
private HandshakeStatus getOutboundData(ByteBuffer dstBB) {
Object msg = outboundList.removeFirst();
assert(msg instanceof ByteBuffer);
ByteBuffer bbIn = (ByteBuffer) msg;
assert(dstBB.remaining() >= bbIn.remaining());
dstBB.put(bbIn);
/*
* If we have more data in the queue, it's either
* a finished message, or an indication that we need
* to call wrap again.
*/
if (hasOutboundDataInternal()) {
msg = outboundList.getFirst();
if (msg == HandshakeStatus.FINISHED) {
outboundList.removeFirst(); // consume the message
return HandshakeStatus.FINISHED;
} else {
return HandshakeStatus.NEED_WRAP;
}
} else {
return null;
}
}
Example 15
| Source File: EngineWriter.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
|
private HandshakeStatus getOutboundData(ByteBuffer dstBB) {
Object msg = outboundList.removeFirst();
assert(msg instanceof ByteBuffer);
ByteBuffer bbIn = (ByteBuffer) msg;
assert(dstBB.remaining() >= bbIn.remaining());
dstBB.put(bbIn);
/*
* If we have more data in the queue, it's either
* a finished message, or an indication that we need
* to call wrap again.
*/
if (hasOutboundDataInternal()) {
msg = outboundList.getFirst();
if (msg == HandshakeStatus.FINISHED) {
outboundList.removeFirst(); // consume the message
return HandshakeStatus.FINISHED;
} else {
return HandshakeStatus.NEED_WRAP;
}
} else {
return null;
}
}
Example 16
| Source File: EngineWriter.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
private HandshakeStatus getOutboundData(ByteBuffer dstBB) {
Object msg = outboundList.removeFirst();
assert(msg instanceof ByteBuffer);
ByteBuffer bbIn = (ByteBuffer) msg;
assert(dstBB.remaining() >= bbIn.remaining());
dstBB.put(bbIn);
/*
* If we have more data in the queue, it's either
* a finished message, or an indication that we need
* to call wrap again.
*/
if (hasOutboundDataInternal()) {
msg = outboundList.getFirst();
if (msg == HandshakeStatus.FINISHED) {
outboundList.removeFirst(); // consume the message
return HandshakeStatus.FINISHED;
} else {
return HandshakeStatus.NEED_WRAP;
}
} else {
return null;
}
}
Example 17
| Source File: EngineWriter.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
private HandshakeStatus getOutboundData(ByteBuffer dstBB) {
Object msg = outboundList.removeFirst();
assert(msg instanceof ByteBuffer);
ByteBuffer bbIn = (ByteBuffer) msg;
assert(dstBB.remaining() >= bbIn.remaining());
dstBB.put(bbIn);
/*
* If we have more data in the queue, it's either
* a finished message, or an indication that we need
* to call wrap again.
*/
if (hasOutboundDataInternal()) {
msg = outboundList.getFirst();
if (msg == HandshakeStatus.FINISHED) {
outboundList.removeFirst(); // consume the message
return HandshakeStatus.FINISHED;
} else {
return HandshakeStatus.NEED_WRAP;
}
} else {
return null;
}
}
Example 18
| Source File: TransportContext.java From openjsse with GNU General Public License v2.0 | 5 votes |
|
HandshakeStatus getHandshakeStatus() {
if (!outputRecord.isEmpty()) {
// If no handshaking, special case to wrap alters or
// post-handshake messages.
return HandshakeStatus.NEED_WRAP;
} else if (isOutboundClosed() && isInboundClosed()) {
return HandshakeStatus.NOT_HANDSHAKING;
} else if (handshakeContext != null) {
if (!handshakeContext.delegatedActions.isEmpty()) {
return HandshakeStatus.NEED_TASK;
} else if (!isInboundClosed()) {
//JDK8 NEED_UNWRAP returnned for NEED_UNWRAP_AGAIN status
// needUnwrapAgain should be used to determine NEED_UNWRAP_AGAIN
return HandshakeStatus.NEED_UNWRAP;
} else if (!isOutboundClosed()) {
// Special case that the inbound was closed, but outbound open.
return HandshakeStatus.NEED_WRAP;
}
} else if (isOutboundClosed() && !isInboundClosed()) {
// Special case that the outbound was closed, but inbound open.
return HandshakeStatus.NEED_UNWRAP;
} else if (!isOutboundClosed() && isInboundClosed()) {
// Special case that the inbound was closed, but outbound open.
return HandshakeStatus.NEED_WRAP;
}
return HandshakeStatus.NOT_HANDSHAKING;
}
Example 19
| Source File: SSLEngineImpl.java From Bytecoder with Apache License 2.0 | 4 votes |
|
private Ciphertext encode(
ByteBuffer[] srcs, int srcsOffset, int srcsLength,
ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
Ciphertext ciphertext = null;
try {
ciphertext = conContext.outputRecord.encode(
srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
} catch (SSLHandshakeException she) {
// may be record sequence number overflow
throw conContext.fatal(Alert.HANDSHAKE_FAILURE, she);
} catch (IOException e) {
throw conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
}
if (ciphertext == null) {
return null;
}
// Is the handshake completed?
boolean needRetransmission =
conContext.sslContext.isDTLS() &&
conContext.handshakeContext != null &&
conContext.handshakeContext.sslConfig.enableRetransmissions;
HandshakeStatus hsStatus =
tryToFinishHandshake(ciphertext.contentType);
if (needRetransmission &&
hsStatus == HandshakeStatus.FINISHED &&
conContext.sslContext.isDTLS() &&
ciphertext.handshakeType == SSLHandshake.FINISHED.id) {
// Retransmit the last flight for DTLS.
//
// The application data transactions may begin immediately
// after the last flight. If the last flight get lost, the
// application data may be discarded accordingly. As could
// be an issue for some applications. This impact can be
// mitigated by sending the last fligth twice.
if (SSLLogger.isOn && SSLLogger.isOn("ssl,verbose")) {
SSLLogger.finest("retransmit the last flight messages");
}
conContext.outputRecord.launchRetransmission();
hsStatus = HandshakeStatus.NEED_WRAP;
}
if (hsStatus == null) {
hsStatus = conContext.getHandshakeStatus();
}
// Is the sequence number is nearly overflow?
if (conContext.outputRecord.seqNumIsHuge() ||
conContext.outputRecord.writeCipher.atKeyLimit()) {
hsStatus = tryKeyUpdate(hsStatus);
}
// Check if NewSessionTicket PostHandshake message needs to be sent
if (conContext.conSession.updateNST &&
!conContext.sslConfig.isClientMode) {
hsStatus = tryNewSessionTicket(hsStatus);
}
// update context status
ciphertext.handshakeStatus = hsStatus;
return ciphertext;
}
Example 20
| Source File: SSLEngineImpl.java From openjsse with GNU General Public License v2.0 | 4 votes |
|
private Ciphertext encode(
ByteBuffer[] srcs, int srcsOffset, int srcsLength,
ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
Ciphertext ciphertext = null;
try {
ciphertext = conContext.outputRecord.encode(
srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
} catch (SSLHandshakeException she) {
// may be record sequence number overflow
throw conContext.fatal(Alert.HANDSHAKE_FAILURE, she);
} catch (IOException e) {
throw conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
}
if (ciphertext == null) {
return Ciphertext.CIPHERTEXT_NULL;
}
// Is the handshake completed?
boolean needRetransmission =
conContext.sslContext.isDTLS() &&
conContext.handshakeContext != null &&
conContext.handshakeContext.sslConfig.enableRetransmissions;
HandshakeStatus hsStatus =
tryToFinishHandshake(ciphertext.contentType);
if (needRetransmission &&
hsStatus == HandshakeStatus.FINISHED &&
conContext.sslContext.isDTLS() &&
ciphertext.handshakeType == SSLHandshake.FINISHED.id) {
// Retransmit the last flight for DTLS.
//
// The application data transactions may begin immediately
// after the last flight. If the last flight get lost, the
// application data may be discarded accordingly. As could
// be an issue for some applications. This impact can be
// mitigated by sending the last fligth twice.
if (SSLLogger.isOn && SSLLogger.isOn("ssl,verbose")) {
SSLLogger.finest("retransmit the last flight messages");
}
conContext.outputRecord.launchRetransmission();
hsStatus = HandshakeStatus.NEED_WRAP;
}
if (hsStatus == null) {
hsStatus = conContext.getHandshakeStatus();
}
// Is the sequence number is nearly overflow?
if (conContext.outputRecord.seqNumIsHuge() ||
conContext.outputRecord.writeCipher.atKeyLimit()) {
hsStatus = tryKeyUpdate(hsStatus);
}
// update context status
ciphertext.handshakeStatus = hsStatus;
return ciphertext;
}
