- Non-blocking - Exclusively.
- Minimal - Compiled .jar is 121KB small, only the essentials are included.
- Scalable - Supporting thousands of concurrent sockets, optimized for small data-size, short-lived communication.
- Small memory footprint - Server memory usage: ~10MB idle, ~200MB for 1000 concurrent two-way SSL/TLS clients.
- Simple - Implement your custom packets extending a single interface, and override two simple methods to get started.
- Well-documented - LOL
- Extensible - Custom packets and packet workers supported.
- SSL/TLS support - Supports both SSL/TLS encrypted and non-encrypted SocketChannels
- One or two-way SSL/TLS authentication - You decide.
- Configurable SSL/TLS protocols supported - via text file.
- Configurable cipher suites supported - via text file.
- Auto-scaling packet buffers - Never miss another application packet.
- Variable length packets - Variable length application packets are supported.
- Supports timeouts - Timeouts are internally used to disconnect expired SSL sessions, but can also be used extrinsically (e.g. to disconnect from a remote peer, to re-validate an SSL handshake and so on).
- v0.19
- Fixed an error where the SSLEngine may fail with IllegalStateException in some cases when receiving unexpected kinds of SSL records after being closed
- Fixed an error where if the SO_SNDBUF was full the selector would hang as we do not (re-)register for writes. As such, flushing() is now blocking until all data has been written to the socket
- Implemented (partial) logging
- Read static variables from properties on disk
- Additional support classes
- Additional javadoc (yay)
- v0.18 - First released version
All binaries are compiled using Java 1.7.0_09; Java HotSpot(TM) 64-Bit Server VM 23.5-b02 unless otherwise noted.
- Version 0.19 - SecureNIO_v0.19.jar SecureNIO_v0.19_doc.zip
- Version 0.18 - SecureNIO_v0.18.jar SecureNIO_v0.18_doc.zip
Two examples on how to use this framework are provided, each in their respective packages:
- ch.dermitza.securenio.test.singlebyte - A simple, one byte long application packet client/server implementation
- ch.dermitza.securenio.test.variablebyte - A simple, variable byte application packet client/server implementation
Sample server and client KeyStores and TrustStores have been provided and are ready to use. Needless to say, do not use these for anything other than testing. Steps to create a self-signed KeyStore (and certificates) and TrustStore for a server implementation:
- Generate a server KeyStore
keytool -genkey -keyalg RSA -alias server -keystore server.jks -storepass server -validity 360 -keysize 2048
- Extract the public key from the public-private key pair that you created
keytool -export -alias server -keystore server.jks -rfc -file serverPublic.cert
- Create the truststore using the public key (advised to use a different password, e.g. serverPublic)
keytool -import -alias server -file serverPublic.cert -keystore serverPublic.jks -storetype JKS
You can now use the serverPublic.jks in your clients to authenticate the server. To generate a KeyStore and/or TrustStore for the client (two-way authentication), repeat the above steps using appropriate names (i.e. replace server with client where appropriate).
You can currently browse the JavaDoc through the zipped version provided above. Additional documentation (sometimes extensive) is included in the source files.
GNU AFFERO GENERAL PUBLIC LICENSE Version 3
Copyright (C) 2014 K. Dermitzakis [email protected]
SecureNIO is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
SecureNIO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with SecureNIO. If not, see http://www.gnu.org/licenses/.