Java.nio Channels and TLS
3 answers
solution1
20 2012-02-02 19:18:17
You need to use the SSLEngine , as documented in Non-blocking I/O with SSLEngine . The libraries you mention use it or use libraries that use it.
(Note that this is notoriously difficult to use.)
You may find these links interesting:
- This answer (which also contains a link to a book chapter).
- Notes from Jean-François Arcand who implemented it in Grizzly .
- An example of the type of problems you can get with asynchronous SSL/TLS.
- Getting familiar with the problems mentioned in these this question should also be relevant (in particular, how to deal with them in async mode).
- The Simple Framework also has support for async SSL/TLS.
For Datagrams, you should look into using DTLS instead of TLS. I'm not sure of its implementation status in Java, but you could dig through the archives of the java.openjdk.security.devel mailing list.
solution2
9 2012-02-02 19:16:17
You need to use SSLEngine and do the handshake manually using that state machine. SSL/TLS is implemented on top of TCP so you can not use it directly on top of a DatagramChannel .
The article Non-blocking I/O with SSLEngine may be helpful.
solution3
5 2017-07-22 23:41:08
As Bruno correctly mentions, the standard way of doing that is using SSLEngine. But that class is seriously hard to use.
I came across the same problem some time ago and ended up writing my own library. There are some examples out there and of course there is also the code inside projects like Netty, etc. But neither option is robust or easily reusable.
TLS Channel wraps an SSLEngine in a ByteBuffer and allows to use it just like normal SocketChannels.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.