I'm struggling to understand how to establish secure communication (the handshake) between a client and server using the JSSE library.
I've read the documentation and have understood the first few parts partially:
create an SSLContext - understood
use the SSLContext to construct an SSLEngine - also understood
using the SSLEngine, begin handshake - this is where I am having problems.
Now I understand that there are two variables whose cases we have to go through in order to go through the steps of the handshake (the SSLEngineResult.Status, and the SSLEngineResult.HandshakeStatus.)
I understand how to handle the cases for SSLEngineResult.Status but I am having a hard time understanding how to handle the various cases for the Handshake status.
For example, when the handshake status case is NEED_WRAP, I understand that some data needs to be wrapped and sent over to the peer, however, what I am struggling to understand is what data needs to be wrapped to be sent over to the peer.
Here is the code example that the documentation provides,
case NEED_WRAP :
// Empty the local network packet buffer.
myNetData.clear();
// Generate handshaking data
res = engine.wrap(myAppData, myNetData);
hs = res.getHandshakeStatus();
// Check status
switch (res.getStatus()) {
case OK :
myNetData.flip();
// Send the handshaking data to peer
while (myNetData.hasRemaining()) {
socketChannel.write(myNetData);
}
break;
// Handle other status: BUFFER_OVERFLOW, BUFFER_UNDERFLOW, CLOSED
...
}
break;
My question is, for the commented line "//Generate handshaking data" what data do I have to provide so that the handshake may continue?
The line engine.wrap(myAppData, myNetData); is essentially doing nothing in this particular snippet of code assuming the myAppData ByteBuffer is empty (which it is), so what do I need to populate the myAppData ByteBuffer with in order for the handshake to continue?
My intuition is telling me that running this code without having any data passed into the myAppData ByteBuffer will result in the handshake never completing. Is it possible that I don't need to pass any data at all and that the handshaking data is automatically passed even with an empty Byteb\Buffer being used in the wrap method as a source?
