179 } |
179 } |
180 |
180 |
181 private static void doTask(SSLEngineResult result, |
181 private static void doTask(SSLEngineResult result, |
182 SSLEngine engine) throws Exception { |
182 SSLEngine engine) throws Exception { |
183 |
183 |
184 if (result.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_TASK) { |
184 if (result.getHandshakeStatus() == |
|
185 SSLEngineResult.HandshakeStatus.NEED_TASK) { |
185 Runnable runnable; |
186 Runnable runnable; |
186 while ((runnable = engine.getDelegatedTask()) != null) { |
187 while ((runnable = engine.getDelegatedTask()) != null) { |
187 print("\trunning delegated task..."); |
188 print("\trunning delegated task..."); |
188 runnable.run(); |
189 runnable.run(); |
189 } |
190 } |
190 SSLEngineResult.HandshakeStatus hsStatus = engine.getHandshakeStatus(); |
191 SSLEngineResult.HandshakeStatus hsStatus = |
|
192 engine.getHandshakeStatus(); |
191 if (hsStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) { |
193 if (hsStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) { |
192 throw new Exception( |
194 throw new Exception( |
193 "handshake shouldn't need additional tasks"); |
195 "handshake shouldn't need additional tasks"); |
194 } |
196 } |
195 print("\tnew HandshakeStatus: " + hsStatus); |
197 print("\tnew HandshakeStatus: " + hsStatus); |
245 " rem: " + getWriteBuf().remaining() + |
247 " rem: " + getWriteBuf().remaining() + |
246 " lim: " + getWriteBuf().limit() + |
248 " lim: " + getWriteBuf().limit() + |
247 " cap: " + getWriteBuf().capacity()); |
249 " cap: " + getWriteBuf().capacity()); |
248 } |
250 } |
249 if (again && r.getStatus() == SSLEngineResult.Status.OK && |
251 if (again && r.getStatus() == SSLEngineResult.Status.OK && |
250 r.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_WRAP) { |
252 r.getHandshakeStatus() == |
|
253 SSLEngineResult.HandshakeStatus.NEED_WRAP) { |
251 print("again"); |
254 print("again"); |
252 again = false; |
255 again = false; |
253 continue; |
256 continue; |
254 } |
257 } |
255 break; |
258 break; |
315 while (!exit) { |
318 while (!exit) { |
316 buf2.put(b); |
319 buf2.put(b); |
317 buf2.flip(); |
320 buf2.flip(); |
318 r = eng.wrap(buf2, getWriteBuf()); |
321 r = eng.wrap(buf2, getWriteBuf()); |
319 log("read wrap", r); |
322 log("read wrap", r); |
320 if (debug) { //&& r.getStatus() != SSLEngineResult.Status.OK) { |
323 if (debug) { |
|
324 // && r.getStatus() != SSLEngineResult.Status.OK) { |
321 print("buf2 pos: " + buf2.position() + |
325 print("buf2 pos: " + buf2.position() + |
322 " rem: " + buf2.remaining() + |
326 " rem: " + buf2.remaining() + |
323 " cap: " + buf2.capacity()); |
327 " cap: " + buf2.capacity()); |
324 print("writebuf pos: " + getWriteBuf().position() + |
328 print("writebuf pos: " + getWriteBuf().position() + |
325 " rem: " + getWriteBuf().remaining() + |
329 " rem: " + getWriteBuf().remaining() + |
326 " cap: " + getWriteBuf().capacity()); |
330 " cap: " + getWriteBuf().capacity()); |
327 } |
331 } |
328 if (again && r.getStatus() == SSLEngineResult.Status.OK && |
332 if (again && r.getStatus() == SSLEngineResult.Status.OK && |
329 r.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_WRAP) { |
333 r.getHandshakeStatus() == |
|
334 SSLEngineResult.HandshakeStatus.NEED_WRAP) { |
330 buf2.compact(); |
335 buf2.compact(); |
331 again = false; |
336 again = false; |
332 continue; |
337 continue; |
333 } |
338 } |
334 exit = true; |
339 exit = true; |
345 |
350 |
346 while (true) { |
351 while (true) { |
347 buf.clear(); |
352 buf.clear(); |
348 r = eng.unwrap(getReadBuf(), buf); |
353 r = eng.unwrap(getReadBuf(), buf); |
349 log("read unwrap", r); |
354 log("read unwrap", r); |
350 if (debug && r.getStatus() != SSLEngineResult.Status.OK) { |
355 if (debug && |
|
356 r.getStatus() != SSLEngineResult.Status.OK) { |
351 print("buf pos " + buf.position() + |
357 print("buf pos " + buf.position() + |
352 " rem: " + buf.remaining() + |
358 " rem: " + buf.remaining() + |
353 " lim: " + buf.limit() + |
359 " lim: " + buf.limit() + |
354 " cap: " + buf.capacity()); |
360 " cap: " + buf.capacity()); |
355 print("readbuf pos: " + getReadBuf().position() + |
361 print("readbuf pos: " + getReadBuf().position() + |
396 SSLContext initContext() throws Exception { |
403 SSLContext initContext() throws Exception { |
397 SSLContext sc = SSLContext.getInstance("TLSv1.3"); |
404 SSLContext sc = SSLContext.getInstance("TLSv1.3"); |
398 KeyStore ks = KeyStore.getInstance( |
405 KeyStore ks = KeyStore.getInstance( |
399 new File(System.getProperty("javax.net.ssl.keyStore")), |
406 new File(System.getProperty("javax.net.ssl.keyStore")), |
400 passwd.toCharArray()); |
407 passwd.toCharArray()); |
401 KeyManagerFactory kmf = |
408 KeyManagerFactory kmf = KeyManagerFactory.getInstance( |
402 KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); |
409 KeyManagerFactory.getDefaultAlgorithm()); |
403 kmf.init(ks, passwd.toCharArray()); |
410 kmf.init(ks, passwd.toCharArray()); |
404 TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); |
411 TrustManagerFactory tmf = TrustManagerFactory.getInstance( |
|
412 TrustManagerFactory.getDefaultAlgorithm()); |
405 tmf.init(ks); |
413 tmf.init(ks); |
406 sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom()); |
414 sc.init(kmf.getKeyManagers(), |
|
415 tmf.getTrustManagers(), new SecureRandom()); |
407 return sc; |
416 return sc; |
408 } |
417 } |
409 |
418 |
410 static class Server extends SSLEngineKeyLimit implements Runnable { |
419 static class Server extends SSLEngineKeyLimit implements Runnable { |
411 Server() throws Exception { |
420 Server() throws Exception { |
412 super(); |
421 super(); |
413 eng = initContext().createSSLEngine(); |
422 eng = initContext().createSSLEngine(); |
414 eng.setUseClientMode(false); |
423 eng.setUseClientMode(false); |
415 eng.setNeedClientAuth(true); |
424 eng.setNeedClientAuth(true); |
416 } |
425 } |
417 |
426 |
418 public void run() { |
427 public void run() { |
419 try { |
428 try { |
420 if (serverwrite) { |
429 if (serverwrite) { |
421 write(); |
430 write(); |
422 } else { |
431 } else { |