Class JSSEngineReferenceImpl

java.lang.Object
javax.net.ssl.SSLEngine
org.mozilla.jss.ssl.javax.JSSEngine
org.mozilla.jss.ssl.javax.JSSEngineReferenceImpl

public class JSSEngineReferenceImpl extends JSSEngine
The reference JSSEngine implementation. This JSSEngine implementation is a reference for future JSSEngine implementations, providing a pure-Java overview of what should happen at each step of the init, wrap, and unwrap calls. This implementation allows for extended debug logging, but also debug packet logging. The latter writes out packets sent via wrap(...) and received from unwrap(...) to a port on localhost. This allows one to easily attach Wireshark or tcpdump and inspect the TLS packets, even if errors occur during the test suite (where packets aren't sent over the wire by default). This maintains the client/server relationship, and are logged as being from the appropriate side of the TLS connection.
  • Field Details

    • peer_info

      private String peer_info
      Faked peer information that we pass to the underlying BufferPRFD implementation. This is used by NSS for session resumption. However, because we don't have the exact peer information at the JSSEngine level, at best we can guess.
    • closed_fd

      private boolean closed_fd
      Whether or not the underlying ssl_fd is closed or not. Because the socket isn't open yet, we set it to true, to indicate that no data can be sent or received.
    • read_buf

      private BufferProxy read_buf
      Data to be read by the NSS SSL implementation; data from the peer.
    • write_buf

      private BufferProxy write_buf
      Data written by the NSS SSL implementation; data sent to the peer.
    • unknown_state_count

      private int unknown_state_count
      Number of times heuristic has not matched the current state. Because this JSSEngine uses a heuristic for determining when the handshake is completed (or, when we need to switch from WRAP to UNWRAP), and the heuristic is sometimes wrong, we track how many times it is in an unknown state. When we hit some internal threshold, we swap states.
    • step_handshake

      private boolean step_handshake
      Whether or not to step the handshake.
    • returned_finished

      private boolean returned_finished
      Whether or not a FINISHED handshake status has been returned to our caller. Because this JSSEngine implementation re-enters the updateHandshakeState() method potentially multiple times during a single call to wrap() or unwrap(), we need to know whether or not the top-level call has returned a FINISHED result. If it hasn't, we want to keep the state on FINISHED until it has been returned, otherwise we'll skip straight to NOT_HANDSHAKING, confusing our peer.
    • ssl_exception

      private SSLException ssl_exception
      Value of the SSLException we've encountered.
    • seen_exception

      private boolean seen_exception
      Whether or not we've seen an ssl exception. Note that, when the exception ultimately gets thrown to the caller, ssl_exception will be NULLed; this tracks whether or not the connection has failed previously for some reason.
    • debug_port

      private int debug_port
    • ss_socket

      private ServerSocket ss_socket
    • s_socket

      private Socket s_socket
    • c_socket

      private Socket c_socket
    • s_istream

      private InputStream s_istream
    • s_ostream

      private OutputStream s_ostream
    • c_istream

      private InputStream c_istream
    • c_ostream

      private OutputStream c_ostream
    • name

      private String name
      Internal name for this JSSEngine instance; most commonly used during testing.
    • prefix

      private String prefix
      Automatically generated prefix for debug information.
    • task

      Runnable task; this performs certificate validation against user-provided TrustManager instances, passing the result back to NSS.
  • Constructor Details

    • JSSEngineReferenceImpl

      public JSSEngineReferenceImpl()
    • JSSEngineReferenceImpl

      public JSSEngineReferenceImpl(String peerHost, int peerPort)
    • JSSEngineReferenceImpl

      public JSSEngineReferenceImpl(String peerHost, int peerPort, X509Certificate localCert, PrivateKey localKey)
  • Method Details