javax.net.ssl.SSLEngineResult Java Examples

The following examples show how to use javax.net.ssl.SSLEngineResult. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: BufferOverflowUnderflowTest.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
private void checkBufferOverflowOnUnWrap(SSLEngine wrappingEngine,
        SSLEngine unwrappingEngine)
        throws SSLException {
    String wrapperMode = wrappingEngine.getUseClientMode() ? "client"
            : "server";
    String unwrapperMode = unwrappingEngine.getUseClientMode() ? "client"
            : "server";
    if (wrapperMode.equals(unwrapperMode)) {
        throw new Error("Test error: both engines are in the same mode!");
    }
    System.out.println("================================================="
            + "===========");
    System.out.println("Testing SSLEngine buffer overflow"
            + " on unwrap by " + unwrapperMode);
    ByteBuffer app = ByteBuffer.wrap(MESSAGE.getBytes());
    ByteBuffer net = ByteBuffer
            .allocate(wrappingEngine.getSession().getPacketBufferSize());
    SSLEngineResult r = wrappingEngine.wrap(app, net);
    checkResult(r, SSLEngineResult.Status.OK);
    //Making app buffer size less than required by 1 byte.
    app = ByteBuffer.allocate(MESSAGE.length() - 1);
    net.flip();
    r = unwrappingEngine.unwrap(net, app);
    checkResult(r, SSLEngineResult.Status.BUFFER_OVERFLOW);
    System.out.println("Passed");
}
 
Example #2
Source File: SSLSocketChannel2.java    From clevertap-android-sdk with MIT License 6 votes vote down vote up
/**
 * performs the unwrap operation by unwrapping from {@link #inCrypt} to {@link #inData}
 **/
private synchronized ByteBuffer unwrap() throws SSLException {
    int rem;
    //There are some ssl test suites, which get around the selector.select() call, which cause an infinite unwrap and 100% cpu usage (see #459 and #458)
    if(readEngineResult.getStatus() == SSLEngineResult.Status.CLOSED && sslEngine.getHandshakeStatus() == HandshakeStatus.NOT_HANDSHAKING){
        try {
            close();
        } catch (IOException e) {
            //Not really interesting
        }
    }
    do {
        rem = inData.remaining();
        readEngineResult = sslEngine.unwrap( inCrypt, inData );
    } while ( readEngineResult.getStatus() == SSLEngineResult.Status.OK && ( rem != inData.remaining() || sslEngine.getHandshakeStatus() == HandshakeStatus.NEED_UNWRAP ) );
    inData.flip();
    return inData;
}
 
Example #3
Source File: TlsChannelImpl.java    From tls-channel with MIT License 6 votes vote down vote up
private SSLEngineResult callEngineWrap(ByteBufferSet source) throws SSLException {
  try {
    SSLEngineResult result =
        engine.wrap(source.array, source.offset, source.length, outEncrypted.buffer);
    if (logger.isTraceEnabled()) {
      logger.trace(
          "engine.wrap() result: [{}]; engine status: {}; srcBuffer: {}, outEncrypted: {}",
          Util.resultToString(result),
          result.getHandshakeStatus(),
          source,
          outEncrypted);
    }
    return result;
  } catch (SSLException e) {
    invalid = true;
    throw e;
  }
}
 
Example #4
Source File: SSLSocketChannel2.java    From clevertap-android-sdk with MIT License 6 votes vote down vote up
/**
 * {@link #read(ByteBuffer)} may not be to leave all buffers(inData, inCrypt)
 **/
private int readRemaining( ByteBuffer dst ) throws SSLException {
    if( inData.hasRemaining() ) {
        return transfereTo( inData, dst );
    }
    if( !inData.hasRemaining() )
        inData.clear();
    // test if some bytes left from last read (e.g. BUFFER_UNDERFLOW)
    if( inCrypt.hasRemaining() ) {
        unwrap();
        int amount = transfereTo( inData, dst );
        if (readEngineResult.getStatus() == SSLEngineResult.Status.CLOSED) {
            return -1;
        }
        if( amount > 0 )
            return amount;
    }
    return 0;
}
 
Example #5
Source File: AsyncChannelWrapperSecure.java    From tomcatsrc with Apache License 2.0 6 votes vote down vote up
private void checkResult(SSLEngineResult result, boolean wrap)
        throws SSLException {

    handshakeStatus = result.getHandshakeStatus();
    resultStatus = result.getStatus();

    if (resultStatus != Status.OK &&
            (wrap || resultStatus != Status.BUFFER_UNDERFLOW)) {
        throw new SSLException("TODO");
    }
    if (wrap && result.bytesConsumed() != 0) {
        throw new SSLException("TODO");
    }
    if (!wrap && result.bytesProduced() != 0) {
        throw new SSLException("TODO");
    }
}
 
Example #6
Source File: SSLSocketChannel2.java    From ans-android-sdk with GNU General Public License v3.0 6 votes vote down vote up
public SSLSocketChannel2(SocketChannel channel, SSLEngine sslEngine, ExecutorService exec,
                         SelectionKey key)
        throws IOException {
    if (channel == null || sslEngine == null || exec == null) {
        throw new IllegalArgumentException("parameter must not be null");
    }

    this.socketChannel = channel;
    this.sslEngine = sslEngine;
    this.exec = exec;

    readEngineResult = writeEngineResult =
            new SSLEngineResult(Status.BUFFER_UNDERFLOW, sslEngine.getHandshakeStatus(), 0,
                    0); // init to prevent NPEs

    tasks = new ArrayList<Future<?>>(3);
    if (key != null) {
        key.interestOps(key.interestOps() | SelectionKey.OP_WRITE);
        this.selectionKey = key;
    }
    createBuffers(sslEngine.getSession());
    // kick off handshake
    socketChannel.write(wrap(emptybuffer));// initializes res
    processHandshake();
}
 
Example #7
Source File: SecureNioChannel.java    From Tomcat7.0.67 with Apache License 2.0 6 votes vote down vote up
/**
 * Sends a SSL close message, will not physically close the connection here.<br>
 * To close the connection, you could do something like
 * <pre><code>
 *   close();
 *   while (isOpen() && !myTimeoutFunction()) Thread.sleep(25);
 *   if ( isOpen() ) close(true); //forces a close if you timed out
 * </code></pre>
 * @throws IOException if an I/O error occurs
 * @throws IOException if there is data on the outgoing network buffer and we are unable to flush it
 * TODO Implement this java.io.Closeable method
 */
@Override
public void close() throws IOException {
    if (closing) return;
    closing = true;
    sslEngine.closeOutbound();

    if (!flush(netOutBuffer)) {
        throw new IOException("Remaining data in the network buffer, can't send SSL close message, force a close with close(true) instead");
    }
    //prep the buffer for the close message
    netOutBuffer.clear();
    //perform the close, since we called sslEngine.closeOutbound
    SSLEngineResult handshake = sslEngine.wrap(getEmptyBuf(), netOutBuffer);
    //we should be in a close state
    if (handshake.getStatus() != SSLEngineResult.Status.CLOSED) {
        throw new IOException("Invalid close state, will not send network data.");
    }
    //prepare the buffer for writing
    netOutBuffer.flip();
    //if there is data to be written
    flush(netOutBuffer);

    //is the channel closed?
    closed = (!netOutBuffer.hasRemaining() && (handshake.getHandshakeStatus() != HandshakeStatus.NEED_WRAP));
}
 
Example #8
Source File: SSLEngineResultTest.java    From j2objc with Apache License 2.0 6 votes vote down vote up
/**
 * Test for <code>toString()</code> method
 */
public void test_toString() {
    int[] pos = { 0, 1, 1000, Integer.MAX_VALUE, (Integer.MAX_VALUE - 1) };
    SSLEngineResult.Status [] enS =
        SSLEngineResult.Status.values();
    SSLEngineResult.HandshakeStatus [] enHS =
        SSLEngineResult.HandshakeStatus.values();
    for (int i = 0; i < enS.length; i++) {
        for (int j = 0; j < enHS.length; j++) {
            for (int n = 0; n < pos.length; n++) {
                for (int l = 0; l < pos.length; ++l) {
                    SSLEngineResult res = new SSLEngineResult(enS[i],
                            enHS[j], pos[n], pos[l]);
                    assertNotNull("Result of toSring() method is null",
                            res.toString());
                }
            }
        }
    }
}
 
Example #9
Source File: TlsChannelImpl.java    From tls-channel with MIT License 6 votes vote down vote up
/** Returns last {@link HandshakeStatus} of the loop */
private void wrapLoop(ByteBufferSet source) throws SSLException {
  while (true) {
    SSLEngineResult result = callEngineWrap(source);
    switch (result.getStatus()) {
      case OK:
      case CLOSED:
        return;
      case BUFFER_OVERFLOW:
        Util.assertTrue(result.bytesConsumed() == 0);
        outEncrypted.enlarge();
        break;
      case BUFFER_UNDERFLOW:
        throw new IllegalStateException();
    }
  }
}
 
Example #10
Source File: Worker.java    From getty with Apache License 2.0 6 votes vote down vote up
SSLEngineResult wrap(ByteBuffer plainData) throws SSLException
{
  _buffers.prepareForWrap(plainData);
  SSLEngineResult result = doWrap();

  emitWrappedData(result);

  switch (result.getStatus()) {
    case BUFFER_UNDERFLOW:
      throw new RuntimeException("BUFFER_UNDERFLOW while wrapping!");
    case BUFFER_OVERFLOW:
      _buffers.grow(BufferType.OUT_CIPHER);
      if (plainData != null && plainData.hasRemaining()) {
        plainData.position(result.bytesConsumed());
        ByteBuffer remainingData = BufferUtils.slice(plainData);
        wrap(remainingData);
      }
      break;
    case OK:
      break;
    case CLOSED:
      _sessionClosedListener.onSessionClosed();
      break;
  }
  return result;
}
 
Example #11
Source File: SecureNioChannel.java    From tomcatsrc with Apache License 2.0 6 votes vote down vote up
/**
 * Sends a SSL close message, will not physically close the connection here.<br>
 * To close the connection, you could do something like
 * <pre><code>
 *   close();
 *   while (isOpen() && !myTimeoutFunction()) Thread.sleep(25);
 *   if ( isOpen() ) close(true); //forces a close if you timed out
 * </code></pre>
 * @throws IOException if an I/O error occurs
 * @throws IOException if there is data on the outgoing network buffer and we are unable to flush it
 * TODO Implement this java.io.Closeable method
 */
@Override
public void close() throws IOException {
    if (closing) return;
    closing = true;
    sslEngine.closeOutbound();

    if (!flush(netOutBuffer)) {
        throw new IOException("Remaining data in the network buffer, can't send SSL close message, force a close with close(true) instead");
    }
    //prep the buffer for the close message
    netOutBuffer.clear();
    //perform the close, since we called sslEngine.closeOutbound
    SSLEngineResult handshake = sslEngine.wrap(getEmptyBuf(), netOutBuffer);
    //we should be in a close state
    if (handshake.getStatus() != SSLEngineResult.Status.CLOSED) {
        throw new IOException("Invalid close state, will not send network data.");
    }
    //prepare the buffer for writing
    netOutBuffer.flip();
    //if there is data to be written
    flush(netOutBuffer);

    //is the channel closed?
    closed = (!netOutBuffer.hasRemaining() && (handshake.getHandshakeStatus() != HandshakeStatus.NEED_WRAP));
}
 
Example #12
Source File: SecureNioChannel.java    From Tomcat8-Source-Read with MIT License 6 votes vote down vote up
/**
 * Performs the WRAP function
 * @param doWrite boolean
 * @return the result
 * @throws IOException An IO error occurred
 */
protected SSLEngineResult handshakeWrap(boolean doWrite) throws IOException {
    //this should never be called with a network buffer that contains data
    //so we can clear it here.
    netOutBuffer.clear();
    //perform the wrap
    getBufHandler().configureWriteBufferForRead();
    SSLEngineResult result = sslEngine.wrap(getBufHandler().getWriteBuffer(), netOutBuffer);
    //prepare the results to be written
    netOutBuffer.flip();
    //set the status
    handshakeStatus = result.getHandshakeStatus();
    //optimization, if we do have a writable channel, write it now
    if (doWrite) {
        flush(netOutBuffer);
    }
    return result;
}
 
Example #13
Source File: SslHandler.java    From netty-4.1.22 with Apache License 2.0 6 votes vote down vote up
@Override
SSLEngineResult unwrap(SslHandler handler, ByteBuf in, int readerIndex, int len, ByteBuf out)
        throws SSLException {
    int nioBufferCount = in.nioBufferCount();
    int writerIndex = out.writerIndex();
    final SSLEngineResult result;
    if (nioBufferCount > 1) {
        /*
         * Use a special unwrap method without additional memory copies.
         */
        try {
            handler.singleBuffer[0] = toByteBuffer(out, writerIndex, out.writableBytes());
            result = ((ConscryptAlpnSslEngine) handler.engine).unwrap(
                    in.nioBuffers(readerIndex, len),
                    handler.singleBuffer);
        } finally {
            handler.singleBuffer[0] = null;
        }
    } else {
        result = handler.engine.unwrap(toByteBuffer(in, readerIndex, len),
                toByteBuffer(out, writerIndex, out.writableBytes()));
    }
    out.writerIndex(writerIndex + result.bytesProduced());
    return result;
}
 
Example #14
Source File: Worker.java    From t-io with Apache License 2.0 6 votes vote down vote up
/**
 * 解密
 * @return
 * @throws SSLException
 */
private SSLEngineResult doUnwrap() throws SSLException {
	ByteBuffer cipherText = _buffers.get(BufferType.IN_CIPHER);
	ByteBuffer plainText = _buffers.get(BufferType.IN_PLAIN);
	try {
		log.info("{}, doUnwrap(解密): 密文buffer:{}, 明文buffer: {}", channelContext, cipherText, plainText);
		return _engine.unwrap(cipherText, plainText);
	} catch (SSLException e) {
		if (log.isInfoEnabled()) {
			byte[] bs = new byte[cipherText.limit()];
			System.arraycopy(cipherText.array(), 0, bs, 0, bs.length);
			log.error(channelContext + ", 解密Error:" + e.toString() + ", byte:" + StrUtil.arrayToString(bs) + ", string:" + new String(bs) + ", buffer:" + cipherText, e);
		}
		throw e;
	}
}
 
Example #15
Source File: TlsChannelImpl.java    From tls-channel with MIT License 6 votes vote down vote up
private SSLEngineResult callEngineUnwrap(ByteBufferSet dest) throws SSLException {
  inEncrypted.buffer.flip();
  try {
    SSLEngineResult result =
        engine.unwrap(inEncrypted.buffer, dest.array, dest.offset, dest.length);
    if (logger.isTraceEnabled()) {
      logger.trace(
          "engine.unwrap() result [{}]. Engine status: {}; inEncrypted {}; inPlain: {}",
          Util.resultToString(result),
          result.getHandshakeStatus(),
          inEncrypted,
          dest);
    }
    return result;
  } catch (SSLException e) {
    // something bad was received from the underlying channel, we cannot
    // continue
    invalid = true;
    throw e;
  } finally {
    inEncrypted.buffer.compact();
  }
}
 
Example #16
Source File: SSLSocketChannel2.java    From clevertap-android-sdk with MIT License 6 votes vote down vote up
public SSLSocketChannel2( SocketChannel channel , SSLEngine sslEngine , ExecutorService exec , SelectionKey key ) throws IOException {
    if( channel == null || sslEngine == null || exec == null )
        throw new IllegalArgumentException( "parameter must not be null" );

    this.socketChannel = channel;
    this.sslEngine = sslEngine;
    this.exec = exec;

    readEngineResult = writeEngineResult = new SSLEngineResult( Status.BUFFER_UNDERFLOW, sslEngine.getHandshakeStatus(), 0, 0 ); // init to prevent NPEs

    tasks = new ArrayList<Future<?>>( 3 );
    if( key != null ) {
        key.interestOps( key.interestOps() | SelectionKey.OP_WRITE );
        this.selectionKey = key;
    }
    createBuffers( sslEngine.getSession() );
    // kick off handshake
    socketChannel.write( wrap( emptybuffer ) );// initializes res
    processHandshake();
}
 
Example #17
Source File: ReferenceCountedOpenSslEngine.java    From netty-4.1.22 with Apache License 2.0 5 votes vote down vote up
private SSLEngineResult.HandshakeStatus mayFinishHandshake(SSLEngineResult.HandshakeStatus status)
        throws SSLException {
    if (status == NOT_HANDSHAKING && handshakeState != HandshakeState.FINISHED) {
        // If the status was NOT_HANDSHAKING and we not finished the handshake we need to call
        // SSL_do_handshake() again
        return handshake();
    }
    return status;
}
 
Example #18
Source File: SecureNioChannel.java    From Tomcat7.0.67 with Apache License 2.0 5 votes vote down vote up
/**
 * Executes all the tasks needed on the same thread.
 * @return HandshakeStatus
 */
protected SSLEngineResult.HandshakeStatus tasks() {
    Runnable r = null;
    while ( (r = sslEngine.getDelegatedTask()) != null) {
        r.run();
    }
    return sslEngine.getHandshakeStatus();
}
 
Example #19
Source File: SNISSLEngine.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
public SSLEngineResult unwrap(final ByteBuffer src, final ByteBuffer[] dsts, final int offset, final int length) throws SSLException {
    SSLEngine next;
    final int mark = src.position();
    try {
        if (src.remaining() < SNISSLExplorer.RECORD_HEADER_SIZE) {
            packetBufferSize = SNISSLExplorer.RECORD_HEADER_SIZE;
            return UNDERFLOW_UNWRAP;
        }
        final int requiredSize = SNISSLExplorer.getRequiredSize(src);
        if (src.remaining() < requiredSize) {
            packetBufferSize = requiredSize;
            return UNDERFLOW_UNWRAP;
        }
        List<SNIServerName> names = SNISSLExplorer.explore(src);
        SSLContext sslContext = selector.getContext(names);
        if (sslContext == null) {
            // no SSL context is available
            throw UndertowMessages.MESSAGES.noContextForSslConnection();
        }
        next = engineFunction.apply(sslContext);
        next.setUseClientMode(false);
        final int flagsVal = flags.get();
        if ((flagsVal & FL_WANT_C_AUTH) != 0) {
            next.setWantClientAuth(true);
        } else if ((flagsVal & FL_NEED_C_AUTH) != 0) {
            next.setNeedClientAuth(true);
        }
        if ((flagsVal & FL_SESSION_CRE) != 0) {
            next.setEnableSessionCreation(true);
        }
        next = selectionCallback.apply(next);
        currentRef.set(next);
    } finally {
        src.position(mark);
    }
    return next.unwrap(src, dsts, offset, length);
}
 
Example #20
Source File: SSLEngineTest.java    From netty-4.1.22 with Apache License 2.0 5 votes vote down vote up
@Test
public void testSSLEngineUnwrapNoSslRecord() throws Exception {
    clientSslCtx = SslContextBuilder
            .forClient()
            .sslProvider(sslClientProvider())
            .build();
    SSLEngine client = clientSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT);

    try {
        ByteBuffer src = allocateBuffer(client.getSession().getApplicationBufferSize());
        ByteBuffer dst = allocateBuffer(client.getSession().getPacketBufferSize());
        ByteBuffer empty = allocateBuffer(0);

        SSLEngineResult clientResult = client.wrap(empty, dst);
        assertEquals(SSLEngineResult.Status.OK, clientResult.getStatus());
        assertEquals(SSLEngineResult.HandshakeStatus.NEED_UNWRAP, clientResult.getHandshakeStatus());

        try {
            client.unwrap(src, dst);
            fail();
        } catch (SSLException expected) {
            // expected
        }
    } finally {
        cleanupClientSslEngine(client);
    }
}
 
Example #21
Source File: SSLEngineTest.java    From netty-4.1.22 with Apache License 2.0 5 votes vote down vote up
@Test
public void testWrapAfterCloseOutbound() throws Exception {
    SelfSignedCertificate cert = new SelfSignedCertificate();

    clientSslCtx = SslContextBuilder
            .forClient()
            .trustManager(cert.cert())
            .sslProvider(sslClientProvider())
            .build();
    SSLEngine client = clientSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT);

    serverSslCtx = SslContextBuilder
            .forServer(cert.certificate(), cert.privateKey())
            .sslProvider(sslServerProvider())
            .build();
    SSLEngine server = serverSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT);

    try {
        ByteBuffer dst = allocateBuffer(client.getSession().getPacketBufferSize());
        ByteBuffer src = allocateBuffer(1024);

        handshake(client, server);

        // This will produce a close_notify
        client.closeOutbound();
        SSLEngineResult result = client.wrap(src, dst);
        assertEquals(SSLEngineResult.Status.CLOSED, result.getStatus());
        assertEquals(0, result.bytesConsumed());
        assertTrue(result.bytesProduced() > 0);

        assertTrue(client.isOutboundDone());
        assertFalse(client.isInboundDone());
    } finally {
        cert.delete();
        cleanupClientSslEngine(client);
        cleanupServerSslEngine(server);
    }
}
 
Example #22
Source File: Worker.java    From t-io with Apache License 2.0 5 votes vote down vote up
private void emitPlainData(SSLEngineResult result) {
	if (result.bytesProduced() > 0) {
		ByteBuffer internalPlainBuffer = _buffers.get(BufferType.IN_PLAIN);
		ByteBuffer plainBuffer = (makeExternalBuffer(internalPlainBuffer));
		_sslListener.onPlainData(plainBuffer);
	}

}
 
Example #23
Source File: Handshaker.java    From t-io with Apache License 2.0 5 votes vote down vote up
void handleUnwrapResult(SSLEngineResult result) throws SSLException {
	if (result.getHandshakeStatus().equals(SSLEngineResult.HandshakeStatus.FINISHED)) {
		handshakeFinished(); //客户端会走到这一行
	} else {
		shakehands();
	}
}
 
Example #24
Source File: SSLSocketChannel.java    From mts with GNU General Public License v3.0 5 votes vote down vote up
/**
 * Runs delegated handshaking tasks.
 * 
 * @return the handshake status.
 */
private SSLEngineResult.HandshakeStatus runTasks()
{
    Runnable runnable;
    while ((runnable = sslEngine.getDelegatedTask()) != null)
    {
        runnable.run();
    }
    return sslEngine.getHandshakeStatus();
}
 
Example #25
Source File: DefaultSslCodec.java    From craft-atom with MIT License 5 votes vote down vote up
private void renegotiateIfNeeded(SSLEngineResult res) throws SSLException {
	if (   (res.getStatus()           != SSLEngineResult.Status.CLOSED)           
	    && (res.getStatus()           != SSLEngineResult.Status.BUFFER_UNDERFLOW) 
		&& (res.getHandshakeStatus()  != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING)) {
		// Renegotiation required.
		handshakeComplete = false;
		handshakeStatus = res.getHandshakeStatus();
		handshake0();
	}
}
 
Example #26
Source File: TestTLS12.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
private static void runDelegatedTasks(SSLEngineResult result,
        SSLEngine engine) throws Exception {

    if (result.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
        Runnable runnable;
        while ((runnable = engine.getDelegatedTask()) != null) {
            runnable.run();
        }
        HandshakeStatus hsStatus = engine.getHandshakeStatus();
        if (hsStatus == HandshakeStatus.NEED_TASK) {
            throw new Exception(
                "handshake shouldn't need additional tasks");
        }
    }
}
 
Example #27
Source File: SimpleSslTransportWrapper.java    From qpid-proton-j with Apache License 2.0 5 votes vote down vote up
private void updateCipherAndProtocolName(SSLEngineResult result)
{
    if (result.getHandshakeStatus() == HandshakeStatus.FINISHED)
    {
        _cipherName = _sslEngine.getCipherSuite();
        _protocolName = _sslEngine.getProtocol();
    }
}
 
Example #28
Source File: ReferenceCountedOpenSslEngine.java    From netty-4.1.22 with Apache License 2.0 5 votes vote down vote up
@Override
public final synchronized SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts) throws SSLException {
    try {
        return unwrap(singleSrcBuffer(src), dsts);
    } finally {
        resetSingleSrcBuffer();
    }
}
 
Example #29
Source File: Debugger.java    From jlibs with Apache License 2.0 5 votes vote down vote up
public static void println(SSLEngineResult result){
    println(String.format(
            "RESULT: %5d %5d %-16s %-15s",
            result.bytesConsumed(), result.bytesProduced(),
            result.getStatus(), result.getHandshakeStatus()
    ));
}
 
Example #30
Source File: DefaultSslCodec.java    From craft-atom with MIT License 5 votes vote down vote up
private void checkStatus(SSLEngineResult res) throws SSLException {
    SSLEngineResult.Status status = res.getStatus();

    /*
     * The status may be:
     * OK          - Normal operation
     * OVERFLOW    - Should never happen since the application buffer is sized to hold the maximum packet size.
     * UNDERFLOW   - Need to read more data from the socket. It's normal.
     * CLOSED      - The other peer closed the socket. Also normal.
     */
    if (status == SSLEngineResult.Status.BUFFER_OVERFLOW) {
        throw new SSLException("SSLEngine error during decrypt: " + status + " inNetBuffer: " + inNetBuffer + "appBuffer: " + appBuffer);
    }
}