Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Query about Handling of SSL Rengotiation in Java SSE!

801525Sep 28 2010 — edited Sep 29 2010

Hi All,

I have been analyzing the OpenSSL Library for some days now and I find that they don't allow using the same SSL session in two threads (i.e. one cannot call a SSL_read from one thread and SSL_write from another thread for the same SSL Connection).

I have the below queries related to Java SSL support in JSSE:
1. Does Java SSL support doing parallel read / write on the same SSL Connection?
2. In case of OpenSSL, they support seamless renegotiation, i.e. if the peer side triggers a renegotation, then SSL_write & SSL_read APIs will internally handle the renegotiation without informing about it to the application. So, in this case there is a possibility of SSL_read wanting to do a TCP send and an SSL_write wanting to do a TCP recv. This is one of the main reasons why they cannot support parallel read / write. How does Java SSL Handle this?

Thanks in Advance!

Regards,
Jay

Locked Post

New comments cannot be posted to this locked post.

Locked on Oct 27 2010

Added on Sep 28 2010

#java, #java-secure-socket-extension-jsse, #ssl

3 comments

374 views