Friday, 15 July 2011

java - Grizzly 2.2.19 SSL sample code not working -



java - Grizzly 2.2.19 SSL sample code not working -

very little documentation, above exists in sample code available grizzly 2.2 , have found hard navigate relates ssl implementation. desperately in need of guidance in area. after reviewing code determine need post in order pose finish question, realized might beneficial first cement basics.

below 3 classes provided grizzly project in order demonstrate sample implementation of grizzly's ssl capabilities. besides removal of comments, code identical 2.2.19 released code base of operations maintained in git @ git://java.net/grizzly~git , available here.

the git repository provides referenced truststore , keystore.

echofilter: public class echofilter extends basefilter{ @override public nextaction handleread(filterchaincontext ctx)throws ioexception { //|peer address used non-connected udp connection final object peeraddress = ctx.getaddress(); final object message = ctx.getmessage(); ctx.write(peeraddress, message, null); homecoming ctx.getstopaction(); } } sslechoserver: public class sslechoserver{ public static final string host = "localhost"; public static final int port = 7777; public static void main(string[] args) throws ioexception{ //|create filterchain using filterchainbuilder filterchainbuilder filterchainbuilder = filterchainbuilder.stateless(); //|add transportfilter, responsible reading , writing info connection filterchainbuilder.add(new transportfilter()); //|initialize , add together sslfilter final sslengineconfigurator serverconfig = initializessl(); final sslengineconfigurator clientconfig = serverconfig.copy().setclientmode(true); filterchainbuilder.add(new sslfilter(serverconfig, clientconfig)); //|add stringfilter, responsible buffer <-> string transformation filterchainbuilder.add(new stringfilter(charset.forname("utf-8"))); //|use plain echofilter filterchainbuilder.add(new echofilter()); //|create tcp transport final tcpniotransport transport = tcpniotransportbuilder.newinstance().build(); //|set filterchain transport processor transport.setprocessor(filterchainbuilder.build()); try{ //|binding transport start hear on host , port transport.bind(host, port); //|start transport transport.start(); system.out.println("press key stop server..."); system.in.read(); }finally{ system.out.println("stopping transport..."); //|stop transport transport.stop(); system.out.println("stopped transport..."); } } private static sslengineconfigurator initializessl(){ //|initialize sslcontext configuration sslcontextconfigurator sslcontextconfig = new sslcontextconfigurator(); //|set key store classloader cl = sslechoserver.class.getclassloader(); url cacertsurl = cl.getresource("ssltest-cacerts.jks"); if(cacertsurl != null){ sslcontextconfig.settruststorefile(cacertsurl.getfile()); sslcontextconfig.settruststorepass("changeit"); } //|set trust store url keystoreurl = cl.getresource("ssltest-keystore.jks"); if(keystoreurl != null){ sslcontextconfig.setkeystorefile(keystoreurl.getfile()); sslcontextconfig.setkeystorepass("changeit"); } //|create sslengine configurator homecoming new sslengineconfigurator(sslcontextconfig.createsslcontext(), false, false, false); } } sslechoclient: public class sslechoclient{ private static final string message = "hello world!"; public static void main(string[] args) throws ioexception{ //|create filterchain using filterchainbuilder filterchainbuilder filterchainbuilder = filterchainbuilder.stateless(); //|add transportfilter, responsible reading , writing info connection filterchainbuilder.add(new transportfilter()); //|initialize , add together sslfilter final sslengineconfigurator serverconfig = initializessl(); final sslengineconfigurator clientconfig = serverconfig.copy().setclientmode(true); final sslfilter sslfilter = new sslfilter(serverconfig, clientconfig); filterchainbuilder.add(sslfilter); //|add stringfilter, responsible buffer <-> string transformation filterchainbuilder.add(new stringfilter(charset.forname("utf-8"))); //|add filter, send greeting message , check result filterchainbuilder.add(new sendmessagefilter(sslfilter)); //|create tcp transport final tcpniotransport transport = tcpniotransportbuilder.newinstance().build(); //|set filterchain transport processor transport.setprocessor(filterchainbuilder.build()); try{ //|start transport transport.start(); //|perform async. connect server transport.connect(sslechoserver.host, sslechoserver.port); system.out.println("press key stop client..."); system.in.read(); }finally{ system.out.println("stopping transport..."); //|stop transport transport.stop(); system.out.println("stopped transport..."); } } private static class sendmessagefilter extends basefilter{ private final sslfilter sslfilter; public sendmessagefilter(sslfilter sslfilter){ this.sslfilter = sslfilter; } @override @suppresswarnings("unchecked") public nextaction handleconnect(filterchaincontext ctx) throws ioexception{ final connection connection = ctx.getconnection(); //|execute async ssl handshake sslfilter.handshake(connection, new emptycompletionhandler<sslengine>(){ //|once ssl handshake completed - send greeting message @override public void completed(sslengine result){ //|here send string straight connection.write(message); } }); homecoming ctx.getinvokeaction(); } @override public nextaction handleread(filterchaincontext ctx) throws ioexception{ //|the received message string final string message = (string) ctx.getmessage(); //|check message if(message.equals(message)){ system.out.println("got echo message: \"" + message + "\""); }else{ system.out.println("got unexpected echo message: \"" + message + "\""); } homecoming ctx.getstopaction(); } } private static sslengineconfigurator initializessl(){ //|initialize sslcontext configuration sslcontextconfigurator sslcontextconfig = new sslcontextconfigurator(); //|set key store classloader cl = sslechoclient.class.getclassloader(); url cacertsurl = cl.getresource("ssltest-cacerts.jks"); if(cacertsurl != null){ sslcontextconfig.settruststorefile(cacertsurl.getfile()); sslcontextconfig.settruststorepass("changeit"); } //|set trust store url keystoreurl = cl.getresource("ssltest-keystore.jks"); if(keystoreurl != null){ sslcontextconfig.setkeystorefile(keystoreurl.getfile()); sslcontextconfig.setkeystorepass("changeit"); } //|create sslengine configurator homecoming new sslengineconfigurator(sslcontextconfig.createsslcontext(), false, false, false); } } when executing:

run sslechoserver:

press key stop server...

run sslechoclient:

press key stop client...

question:

what code supposed accomplish or demonstrate? beyond console output see above, code nil on end.

in reviewing code, expectation client supposed start tcp transport , connect server. in process of connection beingness made, sendmessagefilter added filter stream execute handleconnect() method, confirmed execute. but, code never executes connection.write(message) statement.

it's clear intention here execute write() method after handshake thread completes, doesn't appear so, , in examining handshake() method in sslfilter class in grizzly-framework-2.2.19, unable determine overridden parent completed() method defined.

can lend insight whether disconnect due lack of understanding here or if potentially bug in sample implementation provided grizzly? believe clearing go long way farther understanding here. give thanks in advance!

java ssl grizzly

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)