com.sun.grizzly.util
Class SSLUtils

java.lang.Object
  extended by com.sun.grizzly.util.SSLUtils

public class SSLUtils
extends Object

SSL over NIO utility class. The class handle the SSLEngine operations needed to support SSL over NIO. TODO: Create an object that Wrap SSLEngine and its associated buffers.

Author:
Jeanfrancois Arcand

Field Summary
protected static ByteBuffer hsBB
           
static int MAX_BB_SIZE
          The maximum size a ByteBuffer can take.
 
Constructor Summary
SSLUtils()
           
 
Method Summary
static ByteBuffer doHandshake(SelectableChannel channel, ByteBuffer byteBuffer, ByteBuffer inputBB, ByteBuffer outputBB, SSLEngine sslEngine, SSLEngineResult.HandshakeStatus handshakeStatus)
          Perform an SSL handshake using the SSLEngine.
static ByteBuffer doHandshake(SelectableChannel channel, ByteBuffer byteBuffer, ByteBuffer inputBB, ByteBuffer outputBB, SSLEngine sslEngine, SSLEngineResult.HandshakeStatus handshakeStatus, int timeout)
          Perform an SSL handshake using the SSLEngine.
static ByteBuffer doHandshake(SelectableChannel channel, ByteBuffer byteBuffer, ByteBuffer inputBB, ByteBuffer outputBB, SSLEngine sslEngine, SSLEngineResult.HandshakeStatus handshakeStatus, int timeout, boolean useReadyBuffer)
          Perform an SSL handshake using the SSLEngine.
static Object[] doPeerCertificateChain(SelectableChannel channel, ByteBuffer byteBuffer, ByteBuffer inputBB, ByteBuffer outputBB, SSLEngine sslEngine, boolean needClientAuth, int timeout)
          Get the peer certificate list by initiating a new handshake.
static int doRead(SelectableChannel channel, ByteBuffer inputBB, SSLEngine sslEngine, int timeout)
          Read encrypted bytes using an SSLEngine.
static int doSecureRead(SelectableChannel channel, SSLEngine sslEngine, ByteBuffer byteBuffer, ByteBuffer inputBB)
          Read and decrypt bytes from the underlying SSL connections.
static SSLEngineResult.HandshakeStatus executeDelegatedTask(SSLEngine sslEngine)
          Complete hanshakes operations.
static int getReadTimeout()
           
static void setReadTimeout(int aReadTimeout)
           
static SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer inputBB, SSLEngine sslEngine)
          Unwrap available encrypted bytes from inputBB to byteBuffer using the SSLEngine
static ByteBuffer unwrapAll(ByteBuffer byteBuffer, ByteBuffer inputBB, SSLEngine sslEngine)
          Unwrap all encrypted bytes from inputBB to byteBuffer using the SSLEngine
static SSLEngineResult wrap(ByteBuffer byteBuffer, ByteBuffer outputBB, SSLEngine sslEngine)
          Encrypt bytes.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

MAX_BB_SIZE

public static final int MAX_BB_SIZE
The maximum size a ByteBuffer can take.

See Also:
Constant Field Values

hsBB

protected static final ByteBuffer hsBB
Constructor Detail

SSLUtils

public SSLUtils()
Method Detail

doSecureRead

public static int doSecureRead(SelectableChannel channel,
                               SSLEngine sslEngine,
                               ByteBuffer byteBuffer,
                               ByteBuffer inputBB)
                        throws IOException
Read and decrypt bytes from the underlying SSL connections.

Parameters:
socketChannel - underlying socket channel
sslEngine - SSLEngine
byteBuffer - buffer for application decrypted data
inputBB - buffer for reading enrypted data from socket
Returns:
number of bytes read
Throws:
IOException

doRead

public static int doRead(SelectableChannel channel,
                         ByteBuffer inputBB,
                         SSLEngine sslEngine,
                         int timeout)
Read encrypted bytes using an SSLEngine.

Parameters:
channel - The SelectableChannel
inputBB - The byteBuffer to store encrypted bytes
sslEngine - The SSLEngine uses to manage the SSL operations.
timeout - The Selector.select() timeout value. A value of 0 will be exectuted as a Selector.selectNow();
Returns:
the bytes read.

unwrapAll

public static ByteBuffer unwrapAll(ByteBuffer byteBuffer,
                                   ByteBuffer inputBB,
                                   SSLEngine sslEngine)
                            throws IOException
Unwrap all encrypted bytes from inputBB to byteBuffer using the SSLEngine

Parameters:
byteBuffer - the decrypted ByteBuffer
inputBB - the encrypted ByteBuffer
sslEngine - The SSLEngine used to manage the SSL operations.
Returns:
the decrypted ByteBuffer
Throws:
IOException

unwrap

public static SSLEngineResult unwrap(ByteBuffer byteBuffer,
                                     ByteBuffer inputBB,
                                     SSLEngine sslEngine)
                              throws IOException
Unwrap available encrypted bytes from inputBB to byteBuffer using the SSLEngine

Parameters:
byteBuffer - the decrypted ByteBuffer
inputBB - the encrypted ByteBuffer
sslEngine - The SSLEngine used to manage the SSL operations.
Returns:
SSLEngineResult of the SSLEngine.unwrap operation.
Throws:
IOException

wrap

public static SSLEngineResult wrap(ByteBuffer byteBuffer,
                                   ByteBuffer outputBB,
                                   SSLEngine sslEngine)
                            throws IOException
Encrypt bytes.

Parameters:
byteBuffer - the decrypted ByteBuffer
outputBB - the encrypted ByteBuffer
sslEngine - The SSLEngine used to manage the SSL operations.
Returns:
SSLEngineResult of the SSLEngine.wrap operation.
Throws:
IOException

executeDelegatedTask

public static SSLEngineResult.HandshakeStatus executeDelegatedTask(SSLEngine sslEngine)
Complete hanshakes operations.

Parameters:
sslEngine - The SSLEngine used to manage the SSL operations.
Returns:
SSLEngineResult.HandshakeStatus

doHandshake

public static ByteBuffer doHandshake(SelectableChannel channel,
                                     ByteBuffer byteBuffer,
                                     ByteBuffer inputBB,
                                     ByteBuffer outputBB,
                                     SSLEngine sslEngine,
                                     SSLEngineResult.HandshakeStatus handshakeStatus)
                              throws IOException
Perform an SSL handshake using the SSLEngine. Note: If handshake was done successfully - outputBB will be cleared out, but this is *not* ready data to be written.

Parameters:
channel - the SelectableChannel
byteBuffer - The application ByteBuffer
inputBB - The encrypted input ByteBuffer
outputBB - The encrypted output ByteBuffer
sslEngine - The SSLEngine used.
handshakeStatus - The current handshake status
Returns:
byteBuffer the new ByteBuffer
Throws:
IOException

doHandshake

public static ByteBuffer doHandshake(SelectableChannel channel,
                                     ByteBuffer byteBuffer,
                                     ByteBuffer inputBB,
                                     ByteBuffer outputBB,
                                     SSLEngine sslEngine,
                                     SSLEngineResult.HandshakeStatus handshakeStatus,
                                     int timeout)
                              throws IOException
Perform an SSL handshake using the SSLEngine. Note: If handshake was done successfully - outputBB will be cleared out, but this is *not* ready data to be written.

Parameters:
channel - the SelectableChannel
byteBuffer - The application ByteBuffer
inputBB - The encrypted input ByteBuffer
outputBB - The encrypted output ByteBuffer
sslEngine - The SSLEngine used.
handshakeStatus - The current handshake status
timeout -
Returns:
byteBuffer the new ByteBuffer
Throws:
IOException
IOException - if the handshake fail.

doHandshake

public static ByteBuffer doHandshake(SelectableChannel channel,
                                     ByteBuffer byteBuffer,
                                     ByteBuffer inputBB,
                                     ByteBuffer outputBB,
                                     SSLEngine sslEngine,
                                     SSLEngineResult.HandshakeStatus handshakeStatus,
                                     int timeout,
                                     boolean useReadyBuffer)
                              throws IOException
Perform an SSL handshake using the SSLEngine. Note: If handshake was done successfully - outputBB will be cleared out, but this is *not* ready data to be written.

Parameters:
channel - the SelectableChannel
byteBuffer - The application ByteBuffer
inputBB - The encrypted input ByteBuffer
outputBB - The encrypted output ByteBuffer
sslEngine - The SSLEngine used.
handshakeStatus - The current handshake status
timeout -
useReadyBuffer - does method need to read data before UNWRAP or use a data from inputBB
Returns:
byteBuffer the new ByteBuffer
Throws:
IOException
IOException - if the handshake fail.

doPeerCertificateChain

public static Object[] doPeerCertificateChain(SelectableChannel channel,
                                              ByteBuffer byteBuffer,
                                              ByteBuffer inputBB,
                                              ByteBuffer outputBB,
                                              SSLEngine sslEngine,
                                              boolean needClientAuth,
                                              int timeout)
                                       throws IOException
Get the peer certificate list by initiating a new handshake.

Parameters:
channel - SelectableChannel
needClientAuth -
Returns:
Object[] An array of X509Certificate.
Throws:
IOException

getReadTimeout

public static int getReadTimeout()

setReadTimeout

public static void setReadTimeout(int aReadTimeout)


Copyright © 2008 SUN Microsystems. All Rights Reserved.