/*
   * Simple check to make sure everything came across as expected.
   */
  private static void checkTransfer(ByteBuffer a, ByteBuffer b) throws Exception {
    a.flip();
    b.flip();

    if (!a.equals(b)) {
      throw new Exception("Data didn't transfer cleanly");
    } else {
      log("\tData transferred cleanly");
    }

    a.position(a.limit());
    b.position(b.limit());
    a.limit(a.capacity());
    b.limit(b.capacity());
  }
Example #2
0
  /*
   * Constructor for a secure ChannelIO variant.
   */
  protected ChannelIOSecure(SocketChannel sc, boolean blocking, SSLContext sslc)
      throws IOException {
    super(sc, blocking);

    /*
     * We're a server, so no need to use host/port variant.
     *
     * The first call for a server is a NEED_UNWRAP.
     */
    sslEngine = sslc.createSSLEngine();
    sslEngine.setUseClientMode(false);
    initialHSStatus = HandshakeStatus.NEED_UNWRAP;
    initialHSComplete = false;

    // Create a buffer using the normal expected packet size we'll
    // be getting.  This may change, depending on the peer's
    // SSL implementation.
    netBBSize = sslEngine.getSession().getPacketBufferSize();
    inNetBB = ByteBuffer.allocate(netBBSize);
    outNetBB = ByteBuffer.allocate(netBBSize);
    outNetBB.position(0);
    outNetBB.limit(0);
  }
Example #3
0
  /*
   * Perform a FileChannel.TransferTo on the socket channel.
   * <P>
   * We have to copy the data into an intermediary app ByteBuffer
   * first, then send it through the SSLEngine.
   * <P>
   * We return the number of bytes actually read out of the
   * filechannel.  However, the data may actually be stuck
   * in the fileChannelBB or the outNetBB.  The caller
   * is responsible for making sure to call dataFlush()
   * before shutting down.
   */
  long transferTo(FileChannel fc, long pos, long len) throws IOException {

    if (!initialHSComplete) {
      throw new IllegalStateException();
    }

    if (fileChannelBB == null) {
      fileChannelBB = ByteBuffer.allocate(appBBSize);
      fileChannelBB.limit(0);
    }

    fileChannelBB.compact();
    int fileRead = fc.read(fileChannelBB);
    fileChannelBB.flip();

    /*
     * We ignore the return value here, we return the
     * number of bytes actually consumed from the the file.
     * We'll flush the output buffer before we start shutting down.
     */
    doWrite(fileChannelBB);

    return fileRead;
  }
  /*
   * Run the test.
   *
   * Sit in a tight loop, both engines calling wrap/unwrap regardless
   * of whether data is available or not.  We do this until both engines
   * report back they are closed.
   *
   * The main loop handles all of the I/O phases of the SSLEngine's
   * lifetime:
   *
   *     initial handshaking
   *     application data transfer
   *     engine closing
   *
   * One could easily separate these phases into separate
   * sections of code.
   */
  private SSLSession runTest() throws Exception {
    boolean dataDone = false;

    createSSLEngines();
    createBuffers();

    SSLEngineResult clientResult; // results from client's last operation
    SSLEngineResult serverResult; // results from server's last operation

    /*
     * Examining the SSLEngineResults could be much more involved,
     * and may alter the overall flow of the application.
     *
     * For example, if we received a BUFFER_OVERFLOW when trying
     * to write to the output pipe, we could reallocate a larger
     * pipe, but instead we wait for the peer to drain it.
     */
    while (!isEngineClosed(clientEngine) || !isEngineClosed(serverEngine)) {

      log("================");

      clientResult = clientEngine.wrap(clientOut, cTOs);
      log("client wrap: ", clientResult);
      runDelegatedTasks(clientResult, clientEngine);

      serverResult = serverEngine.wrap(serverOut, sTOc);
      log("server wrap: ", serverResult);
      runDelegatedTasks(serverResult, serverEngine);

      cTOs.flip();
      sTOc.flip();

      log("----");

      clientResult = clientEngine.unwrap(sTOc, clientIn);
      log("client unwrap: ", clientResult);
      runDelegatedTasks(clientResult, clientEngine);

      serverResult = serverEngine.unwrap(cTOs, serverIn);
      log("server unwrap: ", serverResult);
      runDelegatedTasks(serverResult, serverEngine);

      cTOs.compact();
      sTOc.compact();

      /*
       * After we've transfered all application data between the client
       * and server, we close the clientEngine's outbound stream.
       * This generates a close_notify handshake message, which the
       * server engine receives and responds by closing itself.
       */
      if (!dataDone
          && (clientOut.limit() == serverIn.position())
          && (serverOut.limit() == clientIn.position())) {

        /*
         * A sanity check to ensure we got what was sent.
         */
        checkTransfer(serverOut, clientIn);
        checkTransfer(clientOut, serverIn);

        log("\tClosing clientEngine's *OUTBOUND*...");
        clientEngine.closeOutbound();
        dataDone = true;
      }
    }

    return clientEngine.getSession();
  }