aboutsummaryrefslogtreecommitdiffstats
path: root/jrt/src/com/yahoo/jrt/CryptoSocket.java
diff options
context:
space:
mode:
Diffstat (limited to 'jrt/src/com/yahoo/jrt/CryptoSocket.java')
-rw-r--r--jrt/src/com/yahoo/jrt/CryptoSocket.java88
1 files changed, 88 insertions, 0 deletions
diff --git a/jrt/src/com/yahoo/jrt/CryptoSocket.java b/jrt/src/com/yahoo/jrt/CryptoSocket.java
new file mode 100644
index 00000000000..626eed47468
--- /dev/null
+++ b/jrt/src/com/yahoo/jrt/CryptoSocket.java
@@ -0,0 +1,88 @@
+// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.jrt;
+
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.nio.channels.SocketChannel;
+
+
+/**
+ * Abstraction of a low-level async network socket which can produce
+ * io events and allows encrypting written data and decrypting read
+ * data. The interface is complexified to handle the use of internal
+ * buffers that may mask io events and pending work. The interface is
+ * simplified by assuming there will be no mid-stream re-negotiation
+ * (no read/write cross-dependencies). Handshaking is explicit and
+ * up-front. This interface is initially designed for persistent
+ * transport connections where closing the connection has no
+ * application-level semantics.
+ **/
+public interface CryptoSocket {
+
+ /**
+ * Obtain the underlying socket channel used by this CryptoSocket.
+ **/
+ public SocketChannel channel();
+
+ public enum HandshakeResult { DONE, NEED_READ, NEED_WRITE }
+
+ /**
+ * Try to progress the initial connection handshake. Handshaking
+ * will be done once, before any normal reads or writes are
+ * performed. Re-negotiation at a later stage will not be
+ * permitted. This function will be called multiple times until
+ * the status is either DONE or an IOException is thrown. When
+ * NEED_READ or NEED_WRITE is returned, the handshake function
+ * will be called again when the appropriate io event has
+ * triggered.
+ **/
+ public HandshakeResult handshake() throws IOException;
+
+ /**
+ * This function should be called after handshaking has completed
+ * before calling the read function. It dictates the minimum size
+ * of the application read buffer presented to the read
+ * function. This is needed to support frame-based stateless
+ * decryption of incoming data.
+ **/
+ public int getMinimumReadBufferSize();
+
+ /**
+ * Called when the underlying socket has available data. Read
+ * through the entire input pipeline. The semantics are the same
+ * as with a normal socket read except it can also fail for
+ * cryptographic reasons.
+ **/
+ public int read(ByteBuffer dst) throws IOException;
+
+ /**
+ * Similar to read, but this function is not allowed to read from
+ * the underlying socket. This is to enable the application to
+ * make sure that there is no more input data in the read pipeline
+ * that is independent of data not yet read from the actual
+ * socket. Draining data from the input pipeline is done to
+ * prevent masking read events.
+ **/
+ public int drain(ByteBuffer dst) throws IOException;
+
+ /**
+ * Called when the application has data it wants to write. Write
+ * through the entire output pipeline. The semantics are the same
+ * as with a normal socket write.
+ **/
+ public int write(ByteBuffer src) throws IOException;
+
+ public enum FlushResult { DONE, NEED_WRITE }
+
+ /**
+ * Try to flush data in the write pipeline that is not depenedent
+ * on data not yet written by the application into the underlying
+ * socket. This is to enable the application to identify pending
+ * work that may not be completed until the underlying socket is
+ * ready for writing more data. When NEED_WRITE is returned,
+ * either write or flush will be called again when the appropriate
+ * io event has triggered.
+ **/
+ public FlushResult flush() throws IOException;
+}