Name
SSLEngine
Synopsis
This class performs SSL handshaking,
encryption and decryption, but does not send or receive messages over
the network. This leaves the network transport mechanism up to the
user of this class, and enables SSL communication using the
nonblocking I/O mechanisms of the
java.nio package. The price of this flexibility is
that your code must follow a relatively complex protocol to use an
SSLEngine correctly.
Create an SSLEngine with
SSLContext.createSSLEngine(
)
. Next, configure it with the
various setter methods to specify authentication requirements,
encryption algorithms, etc. After creating and configuring an engine,
you use it to encrypt outbound data from one
ByteBuffer to another with wrap(
)
and to decrypt inbound data from
one byte buffer to another with unwrap( ). (Note
that the wrap( ) and unwrap( )
methods also come in gathering and scattering variants.) Both methods
return an SSLEngineResult.
The initial call or calls to wrap( ) produce
outbound handshaking data without consuming any of the source bytes
in the buffer you provide. Initial calls to unwrap(
) may consume inbound handshaking data without producing
any result bytes. Monitor the
SSLEngineResult.HandshakeStatus value to ensure
that handshaking is proceeding as needed. When handshaking is
complete, you can call getSession( ) to obtain the
SSLSession object that describes session details negotiated during handshaking. Remember that either peer of an SSL connection may request a new handshake ...
Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
