Refine search
@Override public synchronized int write( ByteBuffer output ) throws IOException { int num = 0; while( output.hasRemaining() ) { // The loop has a meaning for (outgoing) messages larger than 16KB. // Every wrap call will remove 16KB from the original message and send it to the remote peer. myNetData.clear(); SSLEngineResult result = engine.wrap( output, myNetData ); switch(result.getStatus()) { case OK: myNetData.flip(); while( myNetData.hasRemaining() ) { num += socketChannel.write( myNetData ); } break; case BUFFER_OVERFLOW: myNetData = enlargePacketBuffer( myNetData ); break; case BUFFER_UNDERFLOW: throw new SSLException( "Buffer underflow occured after a wrap. I don't think we should ever get here." ); case CLOSED: closeConnection(); return 0; default: throw new IllegalStateException( "Invalid SSL status: " + result.getStatus() ); } } return num; }
private Status encryptAndWriteFully(final BufferStateManager src) throws IOException { SSLEngineResult result = null; final ByteBuffer buff = src.prepareForRead(0); final ByteBuffer outBuff = streamOutManager.prepareForWrite(engine.getSession().getApplicationBufferSize()); logger.trace("{} Encrypting {} bytes", this, buff.remaining()); while (buff.remaining() > 0) { result = engine.wrap(buff, outBuff); if (result.getStatus() == Status.OK) { final ByteBuffer readableOutBuff = streamOutManager.prepareForRead(0); writeFully(readableOutBuff); streamOutManager.clear(); } else { return result.getStatus(); } } return result.getStatus(); }
/** * Performs the WRAP function * @param doWrite boolean * @return SSLEngineResult * @throws IOException */ private SSLEngineResult handshakeWrap(boolean doWrite) throws IOException { log.trace("SSLHandshake handshakeWrap {}", channelId); if (netWriteBuffer.hasRemaining()) throw new IllegalStateException("handshakeWrap called with netWriteBuffer not empty"); //this should never be called with a network buffer that contains data //so we can clear it here. netWriteBuffer.clear(); SSLEngineResult result = sslEngine.wrap(emptyBuf, netWriteBuffer); //prepare the results to be written netWriteBuffer.flip(); handshakeStatus = result.getHandshakeStatus(); if (result.getStatus() == SSLEngineResult.Status.OK && result.getHandshakeStatus() == HandshakeStatus.NEED_TASK) { handshakeStatus = runDelegatedTasks(); } if (doWrite) flush(netWriteBuffer); return result; }
SSLEngineResult wrapResult = sslEngine.wrap(emptyBuf, netWriteBuffer); if (wrapResult.getStatus() != SSLEngineResult.Status.CLOSED) { throw new IOException("Unexpected status returned by SSLEngine.wrap, expected CLOSED, received " + wrapResult.getStatus() + ". Will not send close message to peer."); netWriteBuffer.flip(); flush(netWriteBuffer);
switch (handshakeStatus) { case NEED_WRAP: handshakeResult = sslEngine.wrap(EMPTY_BUF, netBuffer); switch (handshakeResult.getStatus()) { case OK: break; case BUFFER_OVERFLOW: netBuffer.compact(); netBuffer = Utils.ensureCapacity(netBuffer, sslEngine.getSession().getPacketBufferSize()); netBuffer.flip(); break; case BUFFER_UNDERFLOW: case CLOSED: default: throw new SSLException("Unexpected handshake status: " + handshakeResult.getStatus()); if (peerEngine.netBuffer.position() == 0) // no data to unwrap, return to process peer return; peerEngine.netBuffer.flip(); // unwrap the data from peer handshakeResult = sslEngine.unwrap(peerEngine.netBuffer, appBuffer); peerEngine.netBuffer.compact(); handshakeStatus = handshakeResult.getHandshakeStatus(); switch (handshakeResult.getStatus()) { case OK: break; case BUFFER_OVERFLOW:
private synchronized void wrapOutput() { if (!isClosed()) { debug("- WRAP"); SSLEngineResult result; try { result = engine.wrap(new ByteBuffer[]{}, 0, 0, netOut); } catch (SSLException e) { throw U.rte(e); } debug("wrap: ", result); debug("OUT " + netOut); netOut.flip(); synchronized (conn.outgoing) { conn.outgoing.append(netOut); } netOut.compact(); reactToResult(result); } }
final SSLEngineResult wrapHelloResult = engine.wrap(appDataOut, outboundBuffer); if (wrapHelloResult.getStatus() == Status.BUFFER_OVERFLOW) { streamOutManager.prepareForWrite(engine.getSession().getApplicationBufferSize()); continue; if (wrapHelloResult.getStatus() != Status.OK) { throw new SSLHandshakeException("Could not generate SSL Handshake information: SSLEngineResult: " + wrapHelloResult.toString()); logger.trace("{} Handshake response after unwrapping: {}", this, handshakeResponseResult); if (handshakeResponseResult.getStatus() == Status.BUFFER_UNDERFLOW) { final ByteBuffer writableDataIn = streamInManager.prepareForWrite(engine.getSession().getPacketBufferSize()); final int bytesRead = readData(writableDataIn);
SSLEngineResult wrapResult = sslEngine.wrap(src, netWriteBuffer); netWriteBuffer.flip(); if (wrapResult.getHandshakeStatus() != HandshakeStatus.NOT_HANDSHAKING && wrapResult.getStatus() == Status.OK) throw renegotiationException(); if (wrapResult.getStatus() == Status.OK) { written = wrapResult.bytesConsumed(); flush(netWriteBuffer); } else if (wrapResult.getStatus() == Status.BUFFER_OVERFLOW) { int currentNetWriteBufferSize = netWriteBufferSize(); netWriteBuffer.compact(); netWriteBuffer = Utils.ensureCapacity(netWriteBuffer, currentNetWriteBufferSize); netWriteBuffer.flip(); if (netWriteBuffer.limit() >= currentNetWriteBufferSize) throw new IllegalStateException("SSL BUFFER_OVERFLOW when available data size (" + netWriteBuffer.limit() + ") >= network buffer size (" + currentNetWriteBufferSize + ")");
/** * Writes close_notify message to the network output buffer. * * @throws SSLException If wrap failed or SSL engine does not get closed * after wrap. * @return {@code True} if <tt>close_notify</tt> message was encoded, {@code false} if outbound * stream was already closed. */ boolean closeOutbound() throws SSLException { assert isHeldByCurrentThread(); if (!sslEngine.isOutboundDone()) { sslEngine.closeOutbound(); outNetBuf.clear(); SSLEngineResult res = sslEngine.wrap(handshakeBuf, outNetBuf); if (res.getStatus() != CLOSED) throw new SSLException("Incorrect SSL engine status after closeOutbound call [status=" + res.getStatus() + ", handshakeStatus=" + res.getHandshakeStatus() + ", ses=" + ses + ']'); outNetBuf.flip(); return true; } return false; }