RE: [classlib][xnet] Problem connecting using SSLSocketImpl

Tue, 17 Oct 2006 17:17:13 -0700 

Hi Alexander, I'm a bit new at this ASF Harmony stuff so bear with me.  I'm
using Eclipse on Windblows XP.  I set it up per the instructions on the
Apache-Harmony web set for configuring Eclipse to work on Harmony code -
including downloading that VM from IBM.  When I run my class under Eclipse,
here are the console error messages I get:
javax.net.ssl.SSLException: Fatal alert received unexpected_message
        at
org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.processAlert(SSLSocketIm
pl.java:790)
        at
org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.doHandshake(SSLSocketImp
l.java:731)
        at
org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.startHandshake(SSLSocket
Impl.java:437)
        at CreateSSLEng.<init>(CreateSSLEng.java:72)
        at CreateSSLEng.main(CreateSSLEng.java:93)

Here is my code:
import javax.net.ssl.*;

import org.apache.harmony.xnet.provider.jsse.SSLContextImpl;
import org.apache.harmony.xnet.provider.jsse.SSLSocketImpl;

import java.security.KeyStore;
import java.util.Properties;
import java.io.*;


public class CreateSSLEng {

        //       Create/initialize the SSLContext with key material

        private int PORT = 0;
        private String HOST = null;
        Properties safeInterProps = new Properties();
    String PropsToUse = "safeinter.props";
        
        public CreateSSLEng()
        {

                try {
                        safeInterProps.load(new
FileInputStream(PropsToUse));
                        String
KEYSTORE_FILE=safeInterProps.getProperty("KEYSTORE");
                        String
PASSWORD=safeInterProps.getProperty("KEY_PASSWD");
                        String
TRUSTPASSWORD=safeInterProps.getProperty("TRUST_PASSWD");
                        String
TRUSTSTORE_FILE=safeInterProps.getProperty("TRUSTSTORE");
        //       First initialize the key and trust material.
                KeyStore ksKeys = KeyStore.getInstance("PKCS12");
                KeyStore ksTrust = KeyStore.getInstance("JKS");
            ksKeys.load(new FileInputStream(KEYSTORE_FILE),
PASSWORD.toCharArray());
                ksTrust.load(new FileInputStream(TRUSTSTORE_FILE),
TRUSTPASSWORD.toCharArray());
        
        //       KeyManager's decide which key material to use.
                KeyManagerFactory kmf =
                    KeyManagerFactory.getInstance("SunX509");
                kmf.init(ksKeys, PASSWORD.toCharArray());
        
        //       TrustManager's decide whether to allow connections.
                TrustManagerFactory tmf =
                    TrustManagerFactory.getInstance("SunX509");
                tmf.init(ksTrust);

        //       We're ready for the engine.
                HOST = safeInterProps.getProperty("HOST");
                PORT = new
Integer(safeInterProps.getProperty("PORT")).intValue();
                SSLContextImpl sslc = new SSLContextImpl();
                sslc.engineInit(kmf.getKeyManagers(),
tmf.getTrustManagers(), null);
                SSLEngine engine = sslc.engineCreateSSLEngine();

                SSLSocketFactory sf = sslc.engineGetSocketFactory();
                SSLSocketImpl sock = (SSLSocketImpl) sf.createSocket(HOST,
PORT);
                sock.startHandshake();  // Here is where she blows

I tried the -Djsse=record,prf,socket VM option you suggest (both in the
Target field of the Eclipse shortcut and as a Target Platform/Launching
Arguments VM argument within Eclipse Preferences), but I see nothing in
Eclipse showing this output.  Perhaps there is a log file somewhere?  I
dunno.

Thanks,
Gerald Jerome
Vnet 262-2375



-----Original Message-----
From: Alexander Kleymenov [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, October 17, 2006 2:27 AM
To: harmony-dev@incubator.apache.org
Subject: Re: [classlib][xnet] Problem connecting using SSLSocketImpl

Hello Gerald!

It is glad to hear that You are trying to use Harmony's JSSE provider!

> I'd like to inquire if there is any intention in the future to support any
of the TLS AES type cipher suites?

Now only the base Cipher Suites (described by RFC 2246) are supported.
But the design of the provider allows easily extending its set of suites.
The point for extension is
org.apache.harmony.xnet.provider.jsse.CipherSuiteclass.
Harmony's Cipher provider (implemented by Bouncy Castle) supports AES
Cipher, so it won't be a problem.

> If you have any other ideas on what may be causing this exception please
let me know.

I think you are 100% right about the nature of failure, but detailed
information (std output, stack trace) can help to analyze it accurately.
Could you show it please? You may want to file a new JIRA report and provide
this detailed information as an attachment for it. Or if it is more
convenient you can attach zipped info here.
BTW, there are some logging capabilities in JSSE provider. You can turn them
on by specifying
-Djsse=record,prf,socket
as an option to VM. Log output could be useful in problem analysis.

Thank You,
Alexander Kleymenov



---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to