Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Security >> Java Secure Socket Extension (JSSE)

HandshakeStatus is always WRAP

I am getting into the state where the status always stays at wrap...here is a code snippet....Any ideas what is wrong with my code? My buffer is logging the following over and over and over....(notice there is plenty of room in the buffer)...what is wrong?

Jun 18, 2005 1:13:43 PM biz.xsoftware.impl.niosecure.SecureDataHandler sendHandshakeMessage

FINE: [ClientChannel] bufPos2=139

Jun 18, 2005 1:13:43 PM biz.xsoftware.impl.niosecure.SecureDataHandler sendHandshakeMessage

FINE: [ClientChannel] bufLim2=16665

log.fine(id+"status = "+sslEngine.getHandshakeStatus());

log.fine(id+"bufCap="+engineToSocketData.capacity());

log.fine(id+"bufPos="+engineToSocketData.position());

log.fine(id+"bufLim="+engineToSocketData.limit());

helper.eraseBuffer(engineToSocketData);

HandshakeStatus status = HandshakeStatus.NEED_WRAP;

while(status == HandshakeStatus.NEED_WRAP){

log.fine(id+"bufPos2="+engineToSocketData.position());

log.fine(id+"bufLim2="+engineToSocketData.limit());

SSLEngineResult result = sslEngine.wrap(empty, engineToSocketData);

status = result.getHandshakeStatus();

log.fine(id+"bufPos3="+engineToSocketData.position());

log.fine(id+"bufLim3="+engineToSocketData.limit());

}

helper.doneFillingBuffer(engineToSocketData);

log.fine(id+"bufPos4="+engineToSocketData.position());

log.fine(id+"bufLim4="+engineToSocketData.limit());

Then the log is like so....

[1840 byte] By [deanhiller2000a] at [2007-10-1 16:36:23]
«« JTella
»» Algorithm missing yet not all client bytes received
# 1
Looks to me like your buffer is filled up, so the engine still needs more data wrapped, but can't stick it in what you are giving it. You should check the status of sslEngine.wrap as well as the handshake status. You will probably see that it says OVERFLOW.
Talchasa at 2007-7-11 0:57:11 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 2
I am not sure why, but when I add the write to the socket in that loop to clear the buffer, it fixes the problem even though the buffer was not close to full and had enough room for the next packet. It is a very strange issue and I still don't understand it too well.
deanhiller2000a at 2007-7-11 0:57:11 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 3

oh, I forgot about overflow and such, I will start checking those fields...I am now having problems where the server doesn't receive all the ssl handshake packets sent by the clients and says no alogrithm or bad version depending on some race condition I don't know about yet...it is like the engine is not waitting for all the data....not sure what yet....I will need to narrow it down before posting.

deanhiller2000a at 2007-7-11 0:57:11 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 4

The current SSLEngine is very conservative and will only wrap or unwrap to an empty buffer, so a strategy which always writes the netSendBuffer after a wrap will always work and for the current implementation will always be as optimal as you can get.

A better strategy is to write when it tells you, i.e. when there is a BUFFER_OVERFLOW after a wrap. Again in the current JDK 1.5 implementation the effect will be the same, but one day however your code will start writing less often, when Sun smarten up their code (which I am sure they will).

ejpa at 2007-7-11 0:57:11 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
Security
Java Secure Socket Extension (JSSE)

Security New Topic

Security Hot Topic

Security

All Classified