1

We are trying to read large amount of data through NIO TCPs SocketChannel.
Code is working for small amount of data(less than 16KB), but above than first it read 16KB into destination buffer again try to read for remaining data it gives BUFFER_UNDERFLOW exception.

Based on the documentation

Client is reading partial data from the network, we need to force the client to read it again. But,
Its not happening with our code. We are using following code :

  protected ByteBuffer read(SocketChannel socketChannel, SSLEngine engine) throws Exception {
                mPeerNetData.clear();
                int waitToReadMillis = 50;
                boolean exitReadLoop = false;
                while (!exitReadLoop) {
                    int bytesRead = socketChannel.read(mPeerNetData);
                    if (bytesRead > 0) {
                        mPeerNetData.flip();
                        while (mPeerNetData.hasRemaining()) {
                            mPeerAppData.clear();
                            SSLEngineResult result = engine.unwrap(mPeerNetData, mPeerAppData);
                            switch (result.getStatus()) {
                                case OK:
                                    mPeerAppData.flip();
                                    exitReadLoop = true;
                                    break;
                                case BUFFER_OVERFLOW:
                                    mPeerAppData = enlargeApplicationBuffer(engine, mPeerAppData);
                                    break;
                                case BUFFER_UNDERFLOW:
                                    mPeerNetData = handleBufferUnderflow(engine, mPeerNetData);
                                    break;
                                case CLOSED:
                                    closeConnection(socketChannel, engine);
                                    return null;
                                default:
                                    throw new IllegalStateException("Invalid SSL status: " + result.getStatus());
                            }
                        }
                    } else if (bytesRead < 0) {
                        handleEndOfStream(socketChannel, engine);
                        return null;
                    }
                    Thread.sleep(waitToReadMillis);
                }
                return mPeerAppData;
            }

Above code reference has been taken from here:

After debugging the code, We get the following exception

javax.net.ssl.SSLException: Unable to parse TLS packet header
System.err:     at org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:792)
com.amg.androidntg6poc W/System.err:     at org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:733)
com.amg.androidntg6poc W/System.err:     at org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:698)
2019-09-12 12:21:58.478 5040-6411/com.amg.androidntg6poc W/System.err:     at thrift.transport.sslengine.TTLSClient.read(TTLSClient.java:194)
2019-09-12 12:21:58.485 5040-6449/com.amg.androidntg6poc I/System.out: 2019/09/12 12:21:58
2019-09-12 12:21:58.488 5040-6411/com.amg.androidntg6poc W/System.err:     at thrift.transport.sslengine.TTLSClient.read(TTLSClient.java:168)
2019-09-12 12:21:58.488 5040-6411/com.amg.androidntg6poc W/System.err:     at thrift.transport.TTcpTransport$2.canRead(TTcpTransport.java:721)
2019-09-12 12:21:58.489 5040-6411/com.amg.androidntg6poc W/System.err:     at thrift.TReactor.threadProc(TReactor.java:215)
2019-09-12 12:21:58.489 5040-6451/com.amg.androidntg6poc I/System.out: 2019/09/12 12:21:58
2019-09-12 12:21:58.504 5040-6411/com.amg.androidntg6poc W/System.err:     at thrift.TReactor.access$000(TReactor.java:30)
2019-09-12 12:21:58.504 5040-6411/com.amg.androidntg6poc W/System.err:     at thrift.TReactor$1.run(TReactor.java:105)
2019-09-12 12:21:58.505 5040-6411/com.amg.androidntg6poc W/System.err:     at java.lang.Thread.run(Thread.java:764)
2019-09-12 12:21:58.509 5040-6450/com.amg.androidntg6poc W/System.err: TException(E_TRANSPORT_CLOSED)
2019-09-12 12:21:58.510 5040-6450/com.amg.androidntg6poc W/System.err:     at thrift.TServiceBroker.transportStatusChanged(TServiceBroker.java:548)
2019-09-12 12:21:58.510 5040-6450/com.amg.androidntg6poc W/System.err:     at thrift.transport.TTransport$1.run(TTransport.java:258)
2019-09-12 12:21:58.511 5040-6450/com.amg.androidntg6poc W/System.err:     at thrift.TReactor.threadProc(TReactor.java:148)
2019-09-12 12:21:58.511 5040-6411/com.amg.androidntg6poc D/ThriftGeneralService: connectionStatusChanged() :: 6
2019-09-12 12:21:58.511 5040-6411/com.amg.androidntg6poc D/ThriftGeneralService: client :thrift.transport.TTcpTransport@4608884, state :DISCONNECTED
2019-09-12 12:21:58.511 5040-6450/com.amg.androidntg6poc W/System.err:     at thrift.TReactor.access$000(TReactor.java:30)
2019-09-12 12:21:58.511 5040-6450/com.amg.androidntg6poc W/System.err:     at thrift.TReactor$1.run(TReactor.java:105)
2019-09-12 12:21:58.512 5040-6450/com.amg.androidntg6poc W/System.err:     at java.lang.Thread.run(Thread.java:764)
2019-09-12 12:21:58.513 5040-6450/com.amg.androidntg6poc E/ThriftGeneralService: TException(E_TRANSPORT_CLOSED)
        at thrift.TServiceBroker.transportStatusChanged(TServiceBroker.java:548)
        at thrift.transport.TTransport$1.run(TTransport.java:258)
        at thrift.TReactor.threadProc(TReactor.java:148)
        at thrift.TReactor.access$000(TReactor.java:30)
        at thrift.TReactor$1.run(TReactor.java:105)
        at java.lang.Thread.run(Thread.java:764)

We are using Conscrypt library for establishing PSK(pre shared key) based communication to TCps server and therefore using the sslContext initialised from pskKeyManagers provided from Conscrypt. During api request which has large data payload, we are receiving this above mentioned error.

Also, it would be helpful if we can get any sample code for TLS Read/Write communication using Conscrypt.


We are breaking our head for the last 10 days. If anyone can help, it would be grateful.

Dor
  • 657
  • 1
  • 5
  • 11
user3615458
  • 19
  • 3

0 Answers0