IT. Expert System.

Android Reference

SSLRecordProtocol


org.apache.harmony.xnet.provider.jsse

Class SSLRecordProtocol


  • public class SSLRecordProtocol
extends Object
    This class performs functionality dedicated to SSL record layer. It unpacks and routes income data to the appropriate client protocol (handshake, alert, application data protocols) and packages outcome data into SSL/TLS records. Initially created object has null connection state and does not perform any cryptography computations over the income/outcome data. After handshake protocol agreed upon security parameters they are placed into SSLSessionImpl object and available for record protocol as pending session. The order of setting up of the pending session as an active session differs for client and server modes. So for client mode the parameters are provided by handshake protocol during retrieving of change_cipher_spec message to be sent (by calling of getChangeCipherSpecMesage method). For server side mode record protocol retrieves the parameters from handshake protocol after receiving of client's change_cipher_spec message. After the pending session has been set up as a current session, new connection state object is created and used for encryption/decryption of the messages. Among with base functionality this class provides the information about constrains on the data length, and information about correspondence of plain and encrypted data lengths. For more information on TLS v1 see http://www.ietf.org/rfc/rfc2246.txt, on SSL v3 see http://wp.netscape.com/eng/ssl3, on SSL v2 see http://wp.netscape.com/eng/security/SSL_2.html.

    • Field Summary

      Fields
      Modifier and Type Field and Description
      protected static int MAX_CIPHERED_DATA_LENGTH
      Maximum length of allowed ciphered data fragment as specified by TLS specification.
      protected static int MAX_COMPRESSED_DATA_LENGTH
      Maximum length of allowed compressed data fragment as specified by TLS specification.
      protected static int MAX_DATA_LENGTH
      Maximum length of allowed plain data fragment as specified by TLS specification.
      protected static int MAX_SSL_PACKET_SIZE
      Maximum length of ssl record.

    • Method Summary

      Methods
      Modifier and Type Method and Description
      protected void alert(byte level, byte description)
      Passes the alert information to the alert protocol.
      protected byte[] getChangeCipherSpecMesage(SSLSessionImpl session)
      Returns the change cipher spec message to be sent to another peer.
      protected int getDataSize(int record_size)
      Returns the upper bound of length of data containing in the record with specified length.
      protected int getMinRecordSize()
      Returns the minimum possible length of the SSL record.
      protected int getRecordSize(int data_size)
      Returns the record length for the specified incoming data length.
      protected SSLSessionImpl getSession()
      Returns the session obtained during the handshake negotiation.
      protected void setVersion(byte[] ver)
      Sets up the SSL version used in this connection.
      protected void shutdown()
      Shuts down the protocol.
      protected int unwrap()
      Retrieves the fragment field of TLSCiphertext, and than depending on the established Connection State decrypts and decompresses it.
      protected byte[] wrap(byte content_type, byte[] fragment, int offset, int len)
      Depending on the Connection State (Session) encrypts and compress the provided data, and packs it into TLSCiphertext structure.
      protected byte[] wrap(byte content_type, DataStream dataStream)
      Depending on the Connection State (Session) encrypts and compress the provided data, and packs it into TLSCiphertext structure.

    • Field Detail

      • MAX_DATA_LENGTH

        protected static final int MAX_DATA_LENGTH
        Maximum length of allowed plain data fragment as specified by TLS specification.
        See Also:
        Constant Field Values

      • MAX_COMPRESSED_DATA_LENGTH

        protected static final int MAX_COMPRESSED_DATA_LENGTH
        Maximum length of allowed compressed data fragment as specified by TLS specification.
        See Also:
        Constant Field Values

      • MAX_CIPHERED_DATA_LENGTH

        protected static final int MAX_CIPHERED_DATA_LENGTH
        Maximum length of allowed ciphered data fragment as specified by TLS specification.
        See Also:
        Constant Field Values

      • MAX_SSL_PACKET_SIZE

        protected static final int MAX_SSL_PACKET_SIZE
        Maximum length of ssl record. It is counted as: type(1) + version(2) + length(2) + MAX_CIPHERED_DATA_LENGTH
        See Also:
        Constant Field Values

    • Constructor Detail

      • SSLRecordProtocol

        protected SSLRecordProtocol(HandshakeProtocol handshakeProtocol,
                 AlertProtocol alertProtocol,
                 SSLInputStream in,
                 Appendable appData)
        Creates an instance of record protocol and tunes up the client protocols to use ut.
        Parameters:
        handshakeProtocol: - HandshakeProtocol
        alertProtocol: - AlertProtocol
        in: - SSLInputStream
        appData: - Appendable

    • Method Detail

      • getSession

        protected SSLSessionImpl getSession()
        Returns the session obtained during the handshake negotiation. If the handshake process was not completed, method returns null.
        Returns:
        the session in effect.

      • getMinRecordSize

        protected int getMinRecordSize()
        Returns the minimum possible length of the SSL record.
        Returns:

      • getRecordSize

        protected int getRecordSize(int data_size)
        Returns the record length for the specified incoming data length. If actual resulting record length is greater than MAX_CIPHERED_DATA_LENGTH, MAX_CIPHERED_DATA_LENGTH is returned.

      • getDataSize

        protected int getDataSize(int record_size)
        Returns the upper bound of length of data containing in the record with specified length. If the provided record_size is greater or equal to MAX_CIPHERED_DATA_LENGTH the returned value will be MAX_DATA_LENGTH counted as for data with MAX_CIPHERED_DATA_LENGTH length.

      • wrap

        protected byte[] wrap(byte content_type,
          DataStream dataStream)
        Depending on the Connection State (Session) encrypts and compress the provided data, and packs it into TLSCiphertext structure.
        Parameters:
        content_type: - int
        Returns:
        ssl packet created over the current connection state

      • wrap

        protected byte[] wrap(byte content_type,
          byte[] fragment,
          int offset,
          int len)
        Depending on the Connection State (Session) encrypts and compress the provided data, and packs it into TLSCiphertext structure.
        Parameters:
        content_type: - int
        fragment: - byte[]
        Returns:
        ssl packet created over the current connection state

      • getChangeCipherSpecMesage

        protected byte[] getChangeCipherSpecMesage(SSLSessionImpl session)
        Returns the change cipher spec message to be sent to another peer. The pending connection state will be built on the base of provided session object The calling of this method triggers pending write connection state to be active.
        Returns:
        ssl record containing the "change cipher spec" message.

      • unwrap

        protected int unwrap()
              throws IOException
        Retrieves the fragment field of TLSCiphertext, and than depending on the established Connection State decrypts and decompresses it. The following structure is expected on the input at the moment of the call: struct { ContentType type; ProtocolVersion version; uint16 length; select (CipherSpec.cipher_type) { case stream: GenericStreamCipher; case block: GenericBlockCipher; } fragment; } TLSCiphertext; (as specified by RFC 2246, TLS v1 Protocol specification) In addition this method can recognize SSLv2 hello message which are often used to establish the SSL/TLS session.
        Returns:
        the type of unwrapped message.
        Throws:
        IOException - if some io errors have been occurred
        EndOfSourceException - if underlying input stream has ran out of data.
        EndOfBufferException - if there was not enough data to build complete ssl packet.

      • alert

        protected void alert(byte level,
         byte description)
        Passes the alert information to the alert protocol.
        Parameters:
        level: - byte
        description: - byte

      • setVersion

        protected void setVersion(byte[] ver)
        Sets up the SSL version used in this connection. This method is calling from the handshake protocol after it becomes known which protocol version will be used.
        Parameters:
        ver: - byte[]

      • shutdown

        protected void shutdown()
        Shuts down the protocol. It will be impossible to use the instance after the calling of this method.


Content

Android Reference

Java basics

Java Enterprise Edition (EE)

Java Standard Edition (SE)

SQL

HTML

PHP

CSS

Java Script

MYSQL

JQUERY

VBS

REGEX

C

C++

C#

Design patterns

RFC (standard status)

RFC (proposed standard status)

RFC (draft standard status)

RFC (informational status)

RFC (experimental status)

RFC (best current practice status)

RFC (historic status)

RFC (unknown status)

IT dictionary

License.
All information of this service is derived from the free sources and is provided solely in the form of quotations. This service provides information and interfaces solely for the familiarization (not ownership) and under the "as is" condition.
Copyright 2016 © ELTASK.COM. All rights reserved.
Site is optimized for mobile devices.
Downloads: 2790 / . Delta: 0.04171 с