users@grizzly.java.net

Re: SSL Handshake fails

From: pink_floyd <sinha.k_at_gmail.com>
Date: Thu, 28 Jan 2010 06:56:44 -0800 (PST)

Hello,

The associated files are attached.
http://old.nabble.com/file/p27357270/SSLTest.java SSLTest.java
http://old.nabble.com/file/p27357270/mykeystore mykeystore
http://old.nabble.com/file/p27357270/truststore truststore

How do I check out the latest code that you committed? Is it the one under
2.0.0-M3 tag? I guess I had tried that as well.



Oleksiy Stashok wrote:
>
> Hi,
>
> Can you pls. attach the real code you use, or at least working part of
> it?
> Recently I've commited on trunk some changes in Grizzly 2.0 API, so if
> you can send me your code - I can help with updating it to the latest
> API.
>
> WBR,
> Alexey.
>
> On Jan 28, 2010, at 7:05 , pink_floyd wrote:
>
>>
>> I have an issue similar to the other post related to SSLFilter.
>> However, I
>> get a timeout exception unlike him. I tried to create a testcase
>> using the
>> SSLTest unit testcase. The problem is that if you setup a processor
>> after
>> setting up the SSLFilter, the SSLFilter doesn't get called during
>> handshake.
>> In my case, I end up getting all the handshake data to the
>> DecodingFilter.handleRead method and it fails because it can't parse
>> it. Any
>> clues on how to get the handshake done?
>>
>>
>>
>> Have a look below:
>>
>> SSLTest.java
>> ----------------
>>
>> public static void main(String[] args) throws Exception
>> {
>> SSLTest sslTest = new SSLTest();
>> sslTest.testSimpleSyncSSL();
>> }
>>
>> private class CustomProtocolTransport
>> {
>> private final DefaultFilterChainFactory factory = new
>> DefaultFilterChainFactory();
>>
>>
>> public DefaultFilterChainFactory getDefaultFilterChainFactory()
>> {
>> return factory;
>> }
>>
>> public class DefaultFilterChainFactory implements
>> PatternFilterChainFactory
>> {
>> private FilterChain defaultFilterChain;
>>
>> public FilterChain getFilterChainPattern()
>> {
>> return defaultFilterChain;
>> }
>>
>> public void release(FilterChain chain)
>> {
>> // TODO: Nothing yet.
>> }
>>
>> public FilterChain create()
>> {
>> FilterChain filterChain = new DefaultFilterChain(this);
>> filterChain.addAll(defaultFilterChain);
>> return filterChain;
>> }
>>
>>
>> public void setFilterChainPattern(FilterChain chain)
>> {
>> defaultFilterChain = chain;
>> }
>>
>> private DefaultFilterChainFactory()
>> {
>> this.defaultFilterChain = new DefaultFilterChain(this);
>> this.defaultFilterChain.add(new TransportFilter());
>> this.defaultFilterChain.add(new DecodingFilter());
>> }
>>
>>
>> private class DecodingFilter extends FilterAdapter
>> {
>> @Override
>> public NextAction handleRead(FilterChainContext ctx,
>> NextAction nextAction) throws IOException
>> {
>> Connection<?> connection = ctx.getConnection();
>> StreamReader streamReader = ctx.getStreamReader();
>>
>> //ERROR: It bypasses the SSL filter and receives the
>> handshake
>> data.
>> return nextAction;
>> }
>> }
>>
>> }
>>
>> }
>>
>> private class MyFilterAdapter extends FilterAdapter
>> {
>>
>> //Accepts a client connection.
>> @Override
>> public NextAction handleAccept(
>> FilterChainContext ctx, NextAction nextAction) throws IOException
>> {
>> com.sun.grizzly.Connection connection = ctx.getConnection();
>>
>>
>> connection.configureBlocking(true);
>> connection.getStreamReader().setBlocking(true);
>> connection.getStreamWriter().setBlocking(true);
>> CustomProtocolTransport transport = new
>> CustomProtocolTransport();
>> connection.setProcessor(transport
>> .getDefaultFilterChainFactory().getFilterChainPattern());
>> return nextAction;
>> }
>> }
>>
>>
>> public void testSimpleSyncSSL() throws Exception {
>> ..
>> //transport.getFilterChain().add(new EchoFilter());
>> transport.getFilterChain().add(new MyFilterAdapter());
>> ..
>>
>> }
>>
>> The output is:
>>
>> ***
>> found key for : mykey
>> chain [0] = [
>> [
>> Version: V3
>> Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
>>
>> Key: Sun RSA public key, 1024 bits
>> modulus:
>> 118567974256410042452991025386174340566769259958133868983714943300016489649763883603890320095455567224646241449363020215946997571751589998888541470052694403418995789267075031195803825604783061926424722475378193630177677062771711456194062379770562505567517207633744031569465470281784505668081144741188883228161
>> public exponent: 65537
>> Validity: [From: Wed Jan 27 22:02:03 CST 2010,
>> To: Tue Apr 27 23:02:03 CDT 2010]
>> Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> SerialNumber: [ 4b610c3b]
>>
>> ]
>> Algorithm: [SHA1withRSA]
>> Signature:
>> 0000: 8E 97 AE 4C 91 29 05 C4 EE B5 48 F7 7B 9B 65
>> 23 ...L.)....H...e#
>> 0010: B6 24 D3 1A 09 92 E3 2C FE 3C A0 24 57 C0 FA 39 .$.....,.<.
>> $W..9
>> 0020: 82 6C 18 7F 30 68 56 2D 68 B4 86 96 91 0D FB 2C .l..0hV-
>> h......,
>> 0030: A3 90 6A 75 60 19 2B 5D EF 26 37 C5 0E 3D 9A E0 ..ju`.
>> +].&7..=..
>> 0040: F1 99 E1 C8 22 E2 7F 32 D4 B2 B4 E5 C7 D3 24 6E ...."..
>> 2......$n
>> 0050: 6D 4B 72 22 79 4A 28 AC DA E9 B2 E7 A0 B5 E2 B2
>> mKr"yJ(.........
>> 0060: B3 E0 82 09 B1 31 2A 3D 85 16 E1 67 37 43 9F 78 .....
>> 1*=...g7C.x
>> 0070: C9 9E D0 1B 61 18 F1 C5 4D 29 E3 C0 61 17 2C
>> 31 ....a...M)..a.,1
>>
>> ]
>> ***
>> adding as trusted cert:
>> Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> Algorithm: RSA; Serial number: 0x4b610c3b
>> Valid from Wed Jan 27 22:02:03 CST 2010 until Tue Apr 27 23:02:03
>> CDT 2010
>>
>> ***
>> found key for : mykey
>> chain [0] = [
>> [
>> Version: V3
>> Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
>>
>> Key: Sun RSA public key, 1024 bits
>> modulus:
>> 118567974256410042452991025386174340566769259958133868983714943300016489649763883603890320095455567224646241449363020215946997571751589998888541470052694403418995789267075031195803825604783061926424722475378193630177677062771711456194062379770562505567517207633744031569465470281784505668081144741188883228161
>> public exponent: 65537
>> Validity: [From: Wed Jan 27 22:02:03 CST 2010,
>> To: Tue Apr 27 23:02:03 CDT 2010]
>> Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> SerialNumber: [ 4b610c3b]
>>
>> ]
>> Algorithm: [SHA1withRSA]
>> Signature:
>> 0000: 8E 97 AE 4C 91 29 05 C4 EE B5 48 F7 7B 9B 65
>> 23 ...L.)....H...e#
>> 0010: B6 24 D3 1A 09 92 E3 2C FE 3C A0 24 57 C0 FA 39 .$.....,.<.
>> $W..9
>> 0020: 82 6C 18 7F 30 68 56 2D 68 B4 86 96 91 0D FB 2C .l..0hV-
>> h......,
>> 0030: A3 90 6A 75 60 19 2B 5D EF 26 37 C5 0E 3D 9A E0 ..ju`.
>> +].&7..=..
>> 0040: F1 99 E1 C8 22 E2 7F 32 D4 B2 B4 E5 C7 D3 24 6E ...."..
>> 2......$n
>> 0050: 6D 4B 72 22 79 4A 28 AC DA E9 B2 E7 A0 B5 E2 B2
>> mKr"yJ(.........
>> 0060: B3 E0 82 09 B1 31 2A 3D 85 16 E1 67 37 43 9F 78 .....
>> 1*=...g7C.x
>> 0070: C9 9E D0 1B 61 18 F1 C5 4D 29 E3 C0 61 17 2C
>> 31 ....a...M)..a.,1
>>
>> ]
>> ***
>> adding as trusted cert:
>> Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> Algorithm: RSA; Serial number: 0x4b610c3b
>> Valid from Wed Jan 27 22:02:03 CST 2010 until Tue Apr 27 23:02:03
>> CDT 2010
>>
>> trigger seeding of SecureRandom
>> done seeding SecureRandom
>> ***
>> found key for : mykey
>> chain [0] = [
>> [
>> Version: V3
>> Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
>>
>> Key: Sun RSA public key, 1024 bits
>> modulus:
>> 118567974256410042452991025386174340566769259958133868983714943300016489649763883603890320095455567224646241449363020215946997571751589998888541470052694403418995789267075031195803825604783061926424722475378193630177677062771711456194062379770562505567517207633744031569465470281784505668081144741188883228161
>> public exponent: 65537
>> Validity: [From: Wed Jan 27 22:02:03 CST 2010,
>> To: Tue Apr 27 23:02:03 CDT 2010]
>> Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> SerialNumber: [ 4b610c3b]
>>
>> ]
>> Algorithm: [SHA1withRSA]
>> Signature:
>> 0000: 8E 97 AE 4C 91 29 05 C4 EE B5 48 F7 7B 9B 65
>> 23 ...L.)....H...e#
>> 0010: B6 24 D3 1A 09 92 E3 2C FE 3C A0 24 57 C0 FA 39 .$.....,.<.
>> $W..9
>> 0020: 82 6C 18 7F 30 68 56 2D 68 B4 86 96 91 0D FB 2C .l..0hV-
>> h......,
>> 0030: A3 90 6A 75 60 19 2B 5D EF 26 37 C5 0E 3D 9A E0 ..ju`.
>> +].&7..=..
>> 0040: F1 99 E1 C8 22 E2 7F 32 D4 B2 B4 E5 C7 D3 24 6E ...."..
>> 2......$n
>> 0050: 6D 4B 72 22 79 4A 28 AC DA E9 B2 E7 A0 B5 E2 B2
>> mKr"yJ(.........
>> 0060: B3 E0 82 09 B1 31 2A 3D 85 16 E1 67 37 43 9F 78 .....
>> 1*=...g7C.x
>> 0070: C9 9E D0 1B 61 18 F1 C5 4D 29 E3 C0 61 17 2C
>> 31 ....a...M)..a.,1
>>
>> ]
>> ***
>> adding as trusted cert:
>> Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
>> Algorithm: RSA; Serial number: 0x4b610c3b
>> Valid from Wed Jan 27 22:02:03 CST 2010 until Tue Apr 27 23:02:03
>> CDT 2010
>>
>> trigger seeding of SecureRandom
>> done seeding SecureRandom
>> Using SSLEngineImpl.
>> %% No cached client session
>> *** ClientHello, TLSv1
>> RandomCookie: GMT: 1264658535 bytes = { 238, 46, 135, 54, 216, 161,
>> 156,
>> 183, 142, 218, 69, 153, 27, 52, 156, 102, 144, 124, 186, 113, 180,
>> 67, 27,
>> 106, 243, 188, 241, 179 }
>> Session ID: {}
>> Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
>> TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA,
>> TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
>> TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
>> SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
>> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA,
>> SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA,
>> SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
>> SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
>> SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
>> Compression Methods: { 0 }
>> ***
>> main, WRITE: TLSv1 Handshake, length = 79
>> main, WRITE: SSLv2 client hello message, length = 107
>>
>>
>> Exception in thread "main" java.util.concurrent.ExecutionException:
>> java.util.concurrent.TimeoutException
>> at com.sun.grizzly.impl.ReadyFutureImpl.get(ReadyFutureImpl.java:138)
>> at grizzly.SSLTest.testSimpleSyncSSL(SSLTest.java:182)
>> at grizzly.SSLTest.main(SSLTest.java:47)
>> Caused by: java.util.concurrent.TimeoutException
>> at com.sun.grizzly.impl.FutureImpl.get(FutureImpl.java:170)
>> at
>> com
>> .sun
>> .grizzly
>> .ssl.BlockingSSLHandshaker.handshake(BlockingSSLHandshaker.java:119)
>> at grizzly.SSLTest.testSimpleSyncSSL(SSLTest.java:178)
>> --
>> View this message in context:
>> http://old.nabble.com/SSL-Handshake-fails-tp27351491p27351491.html
>> Sent from the Grizzly - Users mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_grizzly.dev.java.net
>> For additional commands, e-mail: users-help_at_grizzly.dev.java.net
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_grizzly.dev.java.net
> For additional commands, e-mail: users-help_at_grizzly.dev.java.net
>
>
> 

-- 
View this message in context: http://old.nabble.com/SSL-Handshake-fails-tp27351491p27357270.html
Sent from the Grizzly - Users mailing list archive at Nabble.com.
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.