Package net.spy.memcached

Class TLSConnectionHandler

java.lang.Object

net.spy.memcached.TLSConnectionHandler

public class TLSConnectionHandler
extends Object

Field Summary

Fields

Modifier and Type	Field	Description
protected ByteBuffer	myAppData	The ByteBuffer holds this peer's application data in plaintext.
protected ByteBuffer	myNetData	The ByteBuffer holds this peer's TLS encrypted data.
protected ByteBuffer	peerAppData	The ByteBuffer holds the other peer's application data in plaintext.
protected ByteBuffer	peerNetData	The ByteBuffer holds other peer's TLS encrypted data.

Constructor Summary

Constructors

Constructor	Description
TLSConnectionHandler(SocketChannel socketChannel, SSLEngine sslEngine)

Method Summary

Modifier and Type	Method	Description
ByteBuffer	decryptNextTLSDataRecord(ByteBuffer rbuf)	Decrypt the next TLS data record to plain text data.
boolean	doTlsHandshake(long timeoutInMillis)	Initial handshake (for establishing cipher suite and key exchange between client and server).
int	encryptNextTLSDataRecord(ByteBuffer obuf, ByteBuffer wbuf)	Convert plain text data record to encrypted data.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

myAppData

protected ByteBuffer myAppData

The ByteBuffer holds this peer's application data in plaintext.

myNetData

protected ByteBuffer myNetData

The ByteBuffer holds this peer's TLS encrypted data.

peerAppData

protected ByteBuffer peerAppData

The ByteBuffer holds the other peer's application data in plaintext.

peerNetData

protected ByteBuffer peerNetData

The ByteBuffer holds other peer's TLS encrypted data.

Constructor Details

TLSConnectionHandler

public TLSConnectionHandler(SocketChannel socketChannel,
 SSLEngine sslEngine)

Method Details

doTlsHandshake

public boolean doTlsHandshake(long timeoutInMillis)
                       throws IOException

Initial handshake (for establishing cipher suite and key exchange between client and server).

Parameters:

timeoutInMillis - the amount of time to wait for TLS handshake finish before timeout.

Returns:

true if handshake is successful, false if handshake is unsuccessful.

Throws:

IOException - if there is an error occurred during read/write to the socket channel.

SSLException - if a problem was encountered while signaling the SSLEngine to begin a new handshake or if a problem was encountered while processing the data that caused the SSLEngine to abort.

IllegalStateException - if the client/server mode has not yet been set.

IllegalArgumentException - if the handshake status is invalid.

OperationTimeoutException - if global operation timeout is exceeded

encryptNextTLSDataRecord

public int encryptNextTLSDataRecord(ByteBuffer obuf,
 ByteBuffer wbuf)
                             throws IOException

Convert plain text data record to encrypted data.

Returns:

the number of bytes produced if successfully encrypted plain text data record, -1 if the encryption fails with BUFFER_OVERFLOW error, 0 if not encrypt any data record.

Throws:

IOException

decryptNextTLSDataRecord

public ByteBuffer decryptNextTLSDataRecord(ByteBuffer rbuf)
                                    throws IOException

Decrypt the next TLS data record to plain text data.

Parameters:

rbuf - the buffer that contains TLS data record which will be decrypted.

Returns:

buffer contains plain text data, null if unable to decrypt the data contained in the given buffer

Throws:

IOException