Java Reference
In-Depth Information
Some of those methods that are speciic to SSLSocket (client socket) are the following:
getSSLParameters()/setSSLParameters(SSLParameters params)
—the get-
ters and setters for managing SSL parameters. While the getters retrieve the
SSLParameters
in efect for this
SSLSocket
, the setter method applies
SSLParameters
to this client
socket.
he
addHandshakeCompletedListener(HandshakeCompletedListenerli-
stener)
method registers an event listener to receive notiications that an SSL handshake
has completed on this connection, whereas the
removeHandshakeCompletedList
ener(Hand-shakeCompletedListener
listener)
method removes a previously
registered handshake completion listener.
8.5.3.4 The
SSLEngine
Class
he core class in this new abstraction is
javax.net.ssl.SSLEngine,
which is a nonblock-
ing I/O
SSLEngine
. his engine essentially encapsulates an SSL/TLS state machine and purely
operates on inbound and outbound byte bufers channels. We use a simple state diagram in
Figure 8.16 to represent this.
◾
he application supplies nonencrypted plaintext data in an application bufer and passes it
to the
SSLEngine
.
he
◾
SSLEngine
processes the data from the bufer (or any handshaking data) to produce
SSL/TLS encoded data and places it the network bufer associated with the application.
he application then appropriately transports the contents of the network bufer to its peer.
◾
◾
Upon receiving SSL/TLS encoded data from its peer (via the transport), the application
places the data into a network bufer and passes it to
SSLEngine
.
SSL Engine
Network
Buffers
Application
Buffers
Handshake
Data
APPLICATION
Privacy and Integrity
Protection
TRANSPORT
Handshake
Data
Application
Buffers
Application
Buffers
Figure 8.16
State diagram for the SSLengine class.
Search WWH ::
Custom Search