Name

SSLEngine

Synopsis

This class performs SSL handshaking, encryption and decryption, but does not send or receive messages over the network. This leaves the network transport mechanism up to the user of this class, and enables SSL communication using the nonblocking I/O mechanisms of the java.nio package. The price of this flexibility is that your code must follow a relatively complex protocol to use an SSLEngine correctly.

Create an SSLEngine with SSLContext.createSSLEngine( ) . Next, configure it with the various setter methods to specify authentication requirements, encryption algorithms, etc. After creating and configuring an engine, you use it to encrypt outbound data from one ByteBuffer to another with wrap( ) and to decrypt inbound data from one byte buffer to another with unwrap( ). (Note that the wrap( ) and unwrap( ) methods also come in gathering and scattering variants.) Both methods return an SSLEngineResult.

The initial call or calls to wrap( ) produce outbound handshaking data without consuming any of the source bytes in the buffer you provide. Initial calls to unwrap( ) may consume inbound handshaking data without producing any result bytes. Monitor the SSLEngineResult.HandshakeStatus value to ensure that handshaking is proceeding as needed. When handshaking is complete, you can call getSession( ) to obtain the SSLSession object that describes session details negotiated during handshaking. Remember that either peer of an SSL connection may request a new handshake ...

Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.