protected int applicationBufferSize() { return sslEngine.getSession().getApplicationBufferSize(); }
protected int netReadBufferSize() { return sslEngine.getSession().getPacketBufferSize(); }
private SSLConfigValidatorEngine(SslFactory sslFactory, SSLContext sslContext, Mode mode) { this.sslEngine = sslFactory.createSslEngine(sslContext, "localhost", 0); // these hints are not used for validation sslEngine.setUseClientMode(mode == Mode.CLIENT); appBuffer = ByteBuffer.allocate(sslEngine.getSession().getApplicationBufferSize()); netBuffer = ByteBuffer.allocate(sslEngine.getSession().getPacketBufferSize()); }
ByteBuffer get() { if (buffer == null) { buffer = ByteBuffer.allocate(sslEngine.getSession().getPacketBufferSize()); } return buffer; }
case BUFFER_OVERFLOW: final ByteBuffer tempBuffer = ByteBuffer.allocate(destinationBuffer.capacity() + sslEngine.getSession().getApplicationBufferSize()); destinationBuffer.flip(); tempBuffer.put(destinationBuffer);
case BUFFER_OVERFLOW: netBuffer.compact(); netBuffer = Utils.ensureCapacity(netBuffer, sslEngine.getSession().getPacketBufferSize()); netBuffer.flip(); break; case OK: break; case BUFFER_OVERFLOW: appBuffer = Utils.ensureCapacity(appBuffer, sslEngine.getSession().getApplicationBufferSize()); break; case BUFFER_UNDERFLOW: netBuffer = Utils.ensureCapacity(netBuffer, sslEngine.getSession().getPacketBufferSize()); break; case CLOSED:
ByteBuffer appBuffer = ByteBuffer.allocateDirect(sslEngine.getSession().getApplicationBufferSize());
/** * Allocate application buffer. */ private ByteBuffer allocateAppBuff() { int netBufSize = sslEngine.getSession().getPacketBufferSize() + 50; int appBufSize = Math.max(sslEngine.getSession().getApplicationBufferSize() + 50, netBufSize * 2); ByteBuffer buf = ByteBuffer.allocate(appBufSize); buf.order(order); return buf; }
void resize() { int increment = sslEngine.getSession().getPacketBufferSize(); int newSize = buffer.position() + increment; ByteBuffer newBuffer = ByteBuffer.allocate(newSize); buffer.flip(); newBuffer.flip(); buffer = Utils.appendBuffers(newBuffer, buffer, newBuffer.limit(), 50); buffer.compact(); }
case BUFFER_OVERFLOW: final ByteBuffer tempBuffer = ByteBuffer.allocate(encrypted.position() + sslEngine.getSession().getApplicationBufferSize()); destinationBuffer.flip(); tempBuffer.put(destinationBuffer);
public TLSWrapper(ConnectionConfiguration configuration, boolean clientMode ) { try { final EncryptionArtifactFactory factory = new EncryptionArtifactFactory( configuration ); if ( clientMode ) { tlsEngine = factory.createClientModeSSLEngine(); } else { tlsEngine = factory .createServerModeSSLEngine(); } final SSLSession sslSession = tlsEngine.getSession(); netBuffSize = sslSession.getPacketBufferSize(); appBuffSize = sslSession.getApplicationBufferSize(); } catch ( NoSuchAlgorithmException | KeyManagementException | KeyStoreException | UnrecoverableKeyException ex ) { Log.error("TLSHandler startup problem. SSLContext initialisation failed.", ex ); } }
protected int netWriteBufferSize() { return sslEngine.getSession().getPacketBufferSize(); }
/** * Enlarging a packet buffer (peerAppData or myAppData) * * @param buffer the buffer to enlarge * @return the enlarged buffer */ private ByteBuffer enlargeApplicationBuffer( ByteBuffer buffer ) { return enlargeBuffer( buffer, engine.getSession().getApplicationBufferSize() ); }
NioSslEngine(SSLEngine engine, DMStats stats) { this.stats = stats; SSLSession session = engine.getSession(); int appBufferSize = session.getApplicationBufferSize(); int packetBufferSize = engine.getSession().getPacketBufferSize(); this.myNetData = ByteBuffer.allocate(packetBufferSize); this.peerAppData = ByteBuffer.allocate(appBufferSize); this.engine = engine; }
public SSLSocketChannel( SocketChannel inputSocketChannel, SSLEngine inputEngine, ExecutorService inputExecutor, SelectionKey key ) throws IOException { if( inputSocketChannel == null || inputEngine == null || executor == inputExecutor ) throw new IllegalArgumentException( "parameter must not be null" ); this.socketChannel = inputSocketChannel; this.engine = inputEngine; this.executor = inputExecutor; myNetData = ByteBuffer.allocate( engine.getSession().getPacketBufferSize() ); peerNetData = ByteBuffer.allocate( engine.getSession().getPacketBufferSize() ); this.engine.beginHandshake(); if( doHandshake() ) { if( key != null ) { key.interestOps( key.interestOps() | SelectionKey.OP_WRITE ); } } else { try { socketChannel.close(); } catch ( IOException e ) { log.error("Exception during the closing of the channel", e); } } }
/** * Reads the given ByteBuffer of data and returns a new ByteBuffer (which is "flipped" / ready to be read). The newly returned * ByteBuffer will be written to be written via the {@link #write(ByteBuffer)} method. I.e., it will have already been encrypted, if * necessary, and any other decorations that need to be applied before sending will already have been applied. * * @param plaintext the data to be prepped * @return a ByteBuffer containing the prepared data * @throws IOException if a failure occurs while encrypting the data */ public ByteBuffer prepareForWrite(final ByteBuffer plaintext) throws IOException { if (sslEngine == null) { return plaintext; } ByteBuffer prepared = ByteBuffer.allocate(Math.min(85, plaintext.capacity() - plaintext.position())); while (plaintext.hasRemaining()) { encrypt(plaintext); final int bytesRemaining = prepared.capacity() - prepared.position(); if (bytesRemaining < destinationBuffer.remaining()) { final ByteBuffer temp = ByteBuffer.allocate(prepared.capacity() + sslEngine.getSession().getApplicationBufferSize()); prepared.flip(); temp.put(prepared); prepared = temp; } prepared.put(destinationBuffer); } prepared.flip(); return prepared; }
public void write(final byte[] data, final int offset, final int len) throws IOException { logger.debug("{} Writing {} bytes of data", this, len); if (!connected) { connect(); } int iterations = len / MAX_WRITE_SIZE; if (len % MAX_WRITE_SIZE > 0) { iterations++; } for (int i = 0; i < iterations; i++) { streamOutManager.clear(); final int itrOffset = offset + i * MAX_WRITE_SIZE; final int itrLen = Math.min(len - itrOffset, MAX_WRITE_SIZE); final ByteBuffer byteBuffer = ByteBuffer.wrap(data, itrOffset, itrLen); final BufferStateManager buffMan = new BufferStateManager(byteBuffer, Direction.READ); final Status status = encryptAndWriteFully(buffMan); switch (status) { case BUFFER_OVERFLOW: streamOutManager.ensureSize(engine.getSession().getPacketBufferSize()); appDataManager.ensureSize(engine.getSession().getApplicationBufferSize()); continue; case OK: continue; case CLOSED: throw new IOException("Channel is closed"); case BUFFER_UNDERFLOW: throw new AssertionError("Got Buffer Underflow but should not have..."); } } }
@Override int calculateWrapBufferCapacity(SslHandler handler, int pendingBytes, int numComponents) { return handler.engine.getSession().getPacketBufferSize(); }
private Status encryptAndWriteFully(final BufferStateManager src) throws IOException { SSLEngineResult result = null; final ByteBuffer buff = src.prepareForRead(0); final ByteBuffer outBuff = streamOutManager.prepareForWrite(engine.getSession().getApplicationBufferSize()); logger.trace("{} Encrypting {} bytes", this, buff.remaining()); while (buff.remaining() > 0) { result = engine.wrap(buff, outBuff); if (result.getStatus() == Status.OK) { final ByteBuffer readableOutBuff = streamOutManager.prepareForRead(0); writeFully(readableOutBuff); streamOutManager.clear(); } else { return result.getStatus(); } } return result.getStatus(); }
public RapidoidTLS(SSLContext sslContext, RapidoidConnection conn) { this.sslContext = sslContext; this.conn = conn; this.engine = createServerEngine(); SSLSession session = engine.getSession(); int appBufferMax = session.getApplicationBufferSize(); int netBufferMax = session.getPacketBufferSize(); appIn = ByteBuffer.allocateDirect(appBufferMax + 64); netIn = ByteBuffer.allocateDirect(netBufferMax); netOut = ByteBuffer.allocateDirect(netBufferMax); }