gpt4 book ai didi

java - 使用 SSLEngine 在 NIO SSL 握手过程中抛出异常

转载 作者:太空宇宙 更新时间:2023-11-03 14:51:59 25 4
gpt4 key购买 nike

我在 NIO SSL 握手时遇到以下异常。在握手过程中,

在客户端,

a) NEED_WRAP

b) NEED_UNWRAP

c) 需要任务

d) NEED_UNWRAP - 在调用 unwrap 时出现以下异常。

javax.net.ssl.SSLProtocolException: Handshake message sequence violation, 1
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1371)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:513)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:790)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at com.ipay.ssl.SSlClientNio.doHandshake(SSlClientNio.java:65)
at com.ipay.ssl.SSlClientNio.main(SSlClientNio.java:220)
javax.net.ssl.SSLProtocolException: Handshake message sequence violation, 1
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:133)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:808)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:806)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1299)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)

请告诉我我遵循的握手序列是否正确。我完全卡在了握手部分。

//已编辑

握手代码如下。

void doHandshake(SelectionKey key, SSLEngine engine,
ByteBuffer myNetData, ByteBuffer peerNetData) throws Exception {

SocketChannel socketChannel = (SocketChannel)key.channel();
// Create byte buffers to use for holding application data
int appBufferSize = engine.getSession().getApplicationBufferSize();
ByteBuffer myAppData = ByteBuffer.allocate(appBufferSize);

// Begin handshake
engine.beginHandshake();
SSLEngineResult.HandshakeStatus hs = engine.getHandshakeStatus();
System.out.println("handshake"+hs);

// Process handshaking message
while (hs != SSLEngineResult.HandshakeStatus.FINISHED &&
hs != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
switch (hs) {
case NEED_UNWRAP:
System.out.println("Reached NEED UNWRAP");
// Receive handshaking data from peer
if (socketChannel.read(myNetData) < 0) {
// Handle closed channel
System.out.println("not able toRead data from channel to buffer at client");
}
myNetData.flip();
// Process incoming handshaking data
if(myNetData.limit() == 0)
{
myNetData.clear();
break;
}
myAppData.clear();
System.out.println("checking limit"+myNetData.limit());
SSLEngineResult res = engine.unwrap(myNetData, myAppData);
myNetData.compact();
// Getting handshake status
hs = res.getHandshakeStatus();
System.out.println("Debugging in NEED_UNWRAP-->"+hs);
// Check status
switch (res.getStatus()) {
case OK :
// Handle OK status
System.out.println("OK");
break;
case BUFFER_OVERFLOW:
System.out.println("BUFFER OVERFLOW");
break;
case BUFFER_UNDERFLOW:
System.out.println("BUFFER UNDERFLOW");
break;
case CLOSED:
System.out.println("CLOSED");
break;

// Handle other status: BUFFER_UNDERFLOW, BUFFER_OVERFLOW, CLOSED
// ...
}
break;
case NEED_WRAP :
System.out.println("Reached NEED WRAP");
// Empty the local network packet buffer.
myNetData.clear();
// Generate handshaking data
res = engine.wrap(myAppData, myNetData);
// Getting handshake status
hs = res.getHandshakeStatus();
System.out.println("Debugging in NEED_WRAP-->"+hs);
System.out.println(engine.getSession().getApplicationBufferSize());
System.out.println(myNetData.capacity());
// Check status
switch (res.getStatus()) {
case OK :
System.out.println("OK");
myNetData.flip();

// Send the handshaking data to peer
while (myNetData.hasRemaining()) {
if (socketChannel.write(myNetData) < 0) {
// closing socket channel
}
}
break;
case BUFFER_OVERFLOW:
System.out.println("BUFFER OVERFLOW");
break;
case BUFFER_UNDERFLOW:
System.out.println("BUFFER UNDERFLOW");
break;
case CLOSED:
System.out.println("CLOSED");
break;
// Handle other status: BUFFER_OVERFLOW, BUFFER_UNDERFLOW, CLOSED
// ...
}
break;
case NEED_TASK :
System.out.println("NEED TASK");
System.out.println("Debugging in NEED_TASK-->"+hs);
Runnable task;

while((task=engine.getDelegatedTask()) != null)
{
System.out.println("Inside while loop");
ExecutorService executorService = Executors.newFixedThreadPool(1);
executorService.execute(task);

// Handle blocking tasks
}
// Whether following code is required
hs=engine.getHandshakeStatus();
System.out.println("Printing"+engine.getHandshakeStatus());
break;
case FINISHED:
System.out.println("Debugging in FINISHED-->"+hs);
System.out.println("handshake done");
break;

//...
}
}

// Processes after handshaking
//...
}

//更新异常...

我在服务器端收到以下异常。我用谷歌搜索了它。但不知道。

请在这部分帮助我..

javax.net.ssl.SSLProtocolException: Handshake message sequence violation, state = 1, type=1   
javax.net.ssl.SSLProtocolException: Handshake message sequence violation, state = 1, type = 1

at sun.security.ssl.Handshaker.checkThrown(Unknown Source)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(Unknown Source)
at sun.security.ssl.SSLEngineImpl.readNetRecord(Unknown Source)
at sun.security.ssl.SSLEngineImpl.unwrap(Unknown Source)
at javax.net.ssl.SSLEngine.unwrap(Unknown Source)
at com.ipay.ssl.SSLServerNio.doHandshake(SSLServerNio.java:55)
at com.ipay.ssl.SSLServerNio.main(SSLServerNio.java:216)
Caused by: javax.net.ssl.SSLProtocolException: Handshake message sequence violation, state = 1, type = 1
at sun.security.ssl.ServerHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker$1.run(Unknown Source)
at sun.security.ssl.Handshaker$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

meteor

最佳答案

在使用 SSLEngine 时,您不应该“遵循”“顺序” .您应该对它提供的状态和异常做出 react :

  • NEED_WRAP :做一个wrap()从应用程序发送缓冲区到网络发送缓冲区
  • NEED_UNWRAP : 做一个 unwrap()从网络接收缓冲区到应用程序接收缓冲区
  • BUFFER_OVERFLOW :做一个flip()/write()/compact()在网络上发送缓冲区,或 flip()/get()/compact()在应用程序接收缓冲区上
  • BUFFER_UNDERFLOW :做一个read()在网络接收缓冲区中,或者应用程序发送缓冲区中没有任何内容。

编辑这是什么?

if(myNetData.limit() == 0)
{
myNetData.clear();
}

还有这个?

case NEED_WRAP:
myNetData.clear();

您不能就这样丢弃引擎数据。完全摆脱这些。除了 flip(), compact(), wrap(), 之外,您不能对网络发送或接收缓冲区执行任何操作。和 unwrap().此外,您似乎没有单独的网络发送和接收缓冲区。你需要两者。您总共需要四个:网络发送、网络接收、应用程序发送和应用程序接收。网络缓冲区需要具有 SSLEngine. 建议的大小

除此之外,您的 react 并不完全像我上面说的那样。例如,取 NEED_UNWRAP小路。你应该:

  1. unwrap()从网络接收缓冲区到应用程序接收缓冲区。
  2. 如果你那么得到BUFFER_UNDERFLOW , read()进入网络接收缓冲区并重复 (1)。

对于 NEED_WRAP :

  1. wrap()从应用程序发送缓冲区到网络发送缓冲区。
  2. 如果你得到 BUFFER_OVERFLOW , write()来自网络发送缓冲区并重复 3.

当你需要读取应用程序数据时:

  1. flip()/get()/compact()来自应用程序接收缓冲区。
  2. 如果结果是 BufferUnderflowException , unwrap()并重复,记住 unwrap()可能导致 NEED_WRAPNEED_WRAPBUFFER_UNDERFLOWBUFFER_OVERFLOW.

当你需要写入应用数据时:

  1. put()进入应用程序发送缓冲区。
  2. 如果结果是 BufferOverflowException , flip()/wrap()/compact() , 请记住 wrap()可能导致 NEED_WRAPNEED_WRAPBUFFER_UNDERFLOWBUFFER_OVERFLOW .

关于java - 使用 SSLEngine 在 NIO SSL 握手过程中抛出异常,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/33558073/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com