IosSslSocket implementation: first version based on the Swift code provided in the GitHub issue #998.

	Change on 2018/10/02 by antoniocortes <[email protected]>

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=215466673

Author: antonio-cortes-perez

jre_emul/Classes/com/google/j2objc/net/ssl/IosSslSocket.h

@@ -13,11 +13,26 @@
 #ifndef _ComGoogleJ2objcNetSslIosSslSocket_H_
 #define _ComGoogleJ2objcNetSslIosSslSocket_H_
 
+#import "J2ObjC_header.h"
 #import "javax/net/ssl/SSLSocket.h"
 
 // A socket that uses Apple's SecureTransport API.
 @interface ComGoogleJ2objcNetSslIosSslSocket : JavaxNetSslSSLSocket
 
 @end
 
+J2OBJC_EMPTY_STATIC_INIT(ComGoogleJ2objcNetSslIosSslSocket)
+
+FOUNDATION_EXPORT void ComGoogleJ2objcNetSslIosSslSocket_initWithNSString_withInt_(
+    ComGoogleJ2objcNetSslIosSslSocket *self, NSString *host, jint port);
+
+FOUNDATION_EXPORT ComGoogleJ2objcNetSslIosSslSocket *
+    new_ComGoogleJ2objcNetSslIosSslSocket_initWithNSString_withInt_(NSString *host, jint port)
+    NS_RETURNS_RETAINED;
+
+FOUNDATION_EXPORT ComGoogleJ2objcNetSslIosSslSocket *
+    create_ComGoogleJ2objcNetSslIosSslSocket_initWithNSString_withInt_(NSString *host, jint port);
+
+J2OBJC_TYPE_LITERAL_HEADER(ComGoogleJ2objcNetSslIosSslSocket)
+
 #endif

jre_emul/Classes/com/google/j2objc/net/ssl/IosSslSocket.m

@@ -10,12 +10,201 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-#import "J2ObjC_source.h"
 #import "com/google/j2objc/net/ssl/IosSslSocket.h"
 
+#import <Security/Security.h>
+
+#import "J2ObjC_source.h"
+#import "java/io/InputStream.h"
+#import "java/io/OutputStream.h"
+#import "java/lang/Exception.h"
+#import "java/lang/UnsupportedOperationException.h"
+#import "java/net/InetAddress.h"
+#import "java/net/SocketException.h"
+#import "java/io/IOException.h"
+#import "jni_util.h"
+
+@class SslInputStream;
+@class SslOutputStream;
+static OSStatus SslReadCallback(SSLConnectionRef connection, void *data, size_t *dataLength);
+static OSStatus SslWriteCallback(SSLConnectionRef connection, const void *data, size_t *dataLength);
+static void checkStatus(OSStatus status);
+
+// The users of this class perform I/O via the two stream specializations: SslInputStream and
+// SslOutputStream. The actual network I/O operations are perfomed by the inherited java streams.
+// Expected data flow:
+//
+// - Read: SslInputStream.read --> SSLRead --> SslReadCallback --> JavaIoInputStream.read
+// - Write: SslOutputStream.write --> SSLWrite --> SslWriteCallback --> JavaIoOutputStream.write
+@interface ComGoogleJ2objcNetSslIosSslSocket() {
+@public
+  SSLContextRef _sslContext;
+  SslInputStream *_sslInputStream;
+  SslOutputStream *_sslOutputStream;
+  BOOL handshakeCompleted;
+
+  // Used to forward exceptions from the plain streams to the SSL streams.
+  JavaLangException *_sslException;
+}
+- (JavaIoInputStream *)plainInputStream;
+- (JavaIoOutputStream *)plainOutputStream;
+@end
+
+// An input stream that uses Apple's SSLRead.
+@interface SslInputStream : JavaIoInputStream {
+  ComGoogleJ2objcNetSslIosSslSocket *_socket;
+}
+- (instancetype)initWithSocket:(ComGoogleJ2objcNetSslIosSslSocket *)socket;
+@end
+
+@implementation SslInputStream
+
+- (instancetype)initWithSocket:(ComGoogleJ2objcNetSslIosSslSocket *)socket {
+  if (self = [super init]) {
+    _socket = socket;
+  }
+  return self;
+}
+
+- (jint)readWithByteArray:(IOSByteArray *)b
+                  withInt:(jint)off
+                  withInt:(jint)len {
+  size_t processed = 0;
+  OSStatus status;
+
+  [_socket startHandshake];
+  @synchronized (_socket) {
+    do {
+      size_t temp;
+      status = SSLRead(_socket->_sslContext, b->buffer_ + off, len, &temp);
+      off += temp;
+      len -= temp;
+      processed += temp;
+      // if less data than requested was actually transferred then, keep calling SSLRead until
+      // something different from errSSLWouldBlock is returned.
+    } while (status == errSSLWouldBlock);
+  }
+
+  checkStatus(status);
+  if (_socket->_sslException) {
+    @throw _socket->_sslException;
+  }
+  return (jint)processed;
+}
+
+- (jint)read {
+  IOSByteArray *b = [IOSByteArray arrayWithLength:1];
+  jint processed = [self readWithByteArray:b];
+  if (processed == 1) {
+    return b->buffer_[0];
+  }
+  return processed;
+}
+
+- (jlong)skipWithLong:(jlong)n {
+  J2ObjCThrowByName(JavaLangUnsupportedOperationException, @"");
+}
+
+@end
+
+// An output stream that uses Apple's SSLWrite.
+@interface SslOutputStream : JavaIoOutputStream {
+  ComGoogleJ2objcNetSslIosSslSocket *_socket;
+}
+- (instancetype)initWithSocket:(ComGoogleJ2objcNetSslIosSslSocket *)socket;
+@end
+
+@implementation SslOutputStream
+
+- (instancetype)initWithSocket:(ComGoogleJ2objcNetSslIosSslSocket *)socket {
+  if (self = [super init]) {
+    _socket = socket;
+  }
+  return self;
+}
+
+- (void)writeWithByteArray:(IOSByteArray *)b
+                   withInt:(jint)off
+                   withInt:(jint)len {
+  OSStatus status;
+  size_t processed = 0;
+
+  [_socket startHandshake];
+  while (len > 0) {
+    @synchronized (_socket) {
+      status = SSLWrite(_socket->_sslContext, b->buffer_ + off, len, &processed);
+    }
+    if (status == errSecSuccess || status == errSSLWouldBlock) {
+      off += processed;
+      len -= processed;
+    } else if (_socket->_sslException) {
+      @throw _socket->_sslException;
+    } else {
+      checkStatus(status);
+    }
+  }
+}
+
+- (void)writeWithInt:(jint)b {
+  IOSByteArray *array = [IOSByteArray arrayWithLength:1];
+  array->buffer_[0] = b;
+  [self writeWithByteArray:array];
+}
+
+- (void)flush {
+  // The framework keeps SSL caches for reading and writing. Whenever a call to SSLWrite returns
+  // errSSLWouldBlock, the data has been copied to the cache, but not yet (completely) sent.
+  // In order to flush this cache, we have to call SSLWrite on an empty buffer.
+  OSStatus status;
+  size_t processed = 0;
+  @synchronized (_socket) {
+    do {
+      status = SSLWrite(_socket->_sslContext, nil, 0, &processed);
+    } while (status == errSSLWouldBlock);
+  }
+  [[_socket plainOutputStream] flush];
+}
+
+@end
+
+
 @implementation ComGoogleJ2objcNetSslIosSslSocket
 
-// Begin: implementation of JavaNetSSlSocket abstract methods.
+- (JavaIoInputStream *)plainInputStream {
+  return [super getInputStream];
+}
+
+- (JavaIoOutputStream *)plainOutputStream {
+  return [super getOutputStream];
+}
+
+- (void)dealloc {
+  CFRelease(_sslContext);
+  [_sslInputStream release];
+  [_sslOutputStream release];
+  [_sslException release];
+  [super dealloc];
+}
+
+#pragma mark JavaNetSocket methods
+
+- (void)close {
+  @synchronized(self) {
+    if ([self isClosed]) return;
+    checkStatus(SSLClose(_sslContext));
+    [super close];
+  }
+}
+
+- (JavaIoInputStream *)getInputStream {
+  return JreRetainedLocalValue(_sslInputStream);
+}
+
+- (JavaIoOutputStream *)getOutputStream {
+  return JreRetainedLocalValue(_sslOutputStream);
+}
+
+#pragma mark JavaNetSSlSocket methods
 
 - (IOSObjectArray *)getSupportedCipherSuites {
   return [IOSObjectArray arrayWithLength:0 type:NSString_class_()];
@@ -56,7 +245,16 @@ - (void)removeHandshakeCompletedListenerWithJavaxNetSslHandshakeCompletedListene
 }
 
 - (void)startHandshake {
-
+  @synchronized(self) {
+    if (!handshakeCompleted) {
+      OSStatus status;
+      do {
+        status = SSLHandshake(_sslContext);
+      } while (status == errSSLWouldBlock);
+      checkStatus(status);
+      handshakeCompleted = TRUE;
+    }
+  }
 }
 
 - (void)setUseClientModeWithBoolean:(jboolean)mode {
@@ -91,6 +289,93 @@ - (jboolean)getEnableSessionCreation {
   return FALSE;
 }
 
-// End: implementation of JavaNetSSlSocket abstract methods.
-
 @end
+
+static OSStatus SslReadCallback(SSLConnectionRef connection, void *data, size_t *dataLength) {
+  // The SecureTransport API sometimes requests data from the callback even if it still has
+  // application data in its buffer. If we would blindly read from the underlying (blocking) socket
+  // in that case, the application layer would only get the data from the SecureTransport buffer
+  // after the blocking read on the underlying socket returns, which in some cases means we'd have
+  // to wait for the timeout to kick in. By letting the SecureTransport API know we don't have any
+  // more data at this point, we can force it to deplete its internal buffer of application data.
+  ComGoogleJ2objcNetSslIosSslSocket *socket = (ComGoogleJ2objcNetSslIosSslSocket *) connection;
+  @try {
+    // The underlying socket supports available() and reported that no data is available.
+    if ([[socket plainInputStream] available] == 0) {
+      *dataLength = 0;
+      return errSSLWouldBlock;
+    }
+  } @catch (JavaIoIOException *e) {}
+
+  IOSByteArray *array = [IOSByteArray arrayWithLength:*dataLength];
+  jint processed;
+  @try {
+    processed = [[socket plainInputStream] readWithByteArray:array];
+  } @catch (JavaIoIOException *e) {
+    JreStrongAssign(&socket->_sslException, e);
+    return errSSLInternal;
+  }
+
+  if (processed  < 0) {
+    return errSSLClosedAbort;
+  }
+
+  OSStatus status = processed < *dataLength ? errSSLWouldBlock : errSecSuccess;
+  if (processed > 0) {
+    [array getBytes:(jbyte *)data length:processed];
+  }
+  *dataLength = processed;
+  return status;
+}
+
+static OSStatus SslWriteCallback(SSLConnectionRef connection,
+                                 const void *data,
+                                 size_t *dataLength) {
+  ComGoogleJ2objcNetSslIosSslSocket *socket = (ComGoogleJ2objcNetSslIosSslSocket *) connection;
+  IOSByteArray *array = [IOSByteArray arrayWithBytes:(const jbyte *)data count:*dataLength];
+  @try {
+    [[socket plainOutputStream] writeWithByteArray:array];
+    [[socket plainOutputStream] flush];
+  } @catch (JavaIoIOException *e) {
+    JreStrongAssign(&socket->_sslException, e);
+    return errSSLInternal;
+  }
+  return errSecSuccess;
+}
+
+static void checkStatus(OSStatus status) {
+  if (status != errSecSuccess) {
+    NSString *msg = [NSString stringWithFormat:@"status: %d", (int)status];
+    J2ObjCThrowByName(JavaNetSocketException, msg);
+  }
+}
+
+static void setup(ComGoogleJ2objcNetSslIosSslSocket *self) {
+  self->_sslContext = SSLCreateContext(nil, kSSLClientSide, kSSLStreamType);
+  self->_sslInputStream = [[SslInputStream alloc] initWithSocket:self];
+  self->_sslOutputStream = [[SslOutputStream alloc] initWithSocket:self];
+  self->_sslException = nil;
+
+  checkStatus(SSLSetIOFuncs(self->_sslContext, SslReadCallback, SslWriteCallback));
+  checkStatus(SSLSetConnection(self->_sslContext, self));
+  NSString *hostName = [[self getInetAddress] getHostName];
+  checkStatus(SSLSetPeerDomainName(self->_sslContext, [hostName UTF8String], [hostName length]));
+}
+
+void ComGoogleJ2objcNetSslIosSslSocket_initWithNSString_withInt_(
+    ComGoogleJ2objcNetSslIosSslSocket *self, NSString *host, jint port) {
+  JavaxNetSslSSLSocket_initWithNSString_withInt_(self, host, port);
+  setup(self);
+}
+
+ComGoogleJ2objcNetSslIosSslSocket *
+    new_ComGoogleJ2objcNetSslIosSslSocket_initWithNSString_withInt_(NSString *host, jint port) {
+  J2OBJC_NEW_IMPL(ComGoogleJ2objcNetSslIosSslSocket, initWithNSString_withInt_, host, port)
+}
+
+ComGoogleJ2objcNetSslIosSslSocket *
+    create_ComGoogleJ2objcNetSslIosSslSocket_initWithNSString_withInt_(NSString *host, jint port) {
+  J2OBJC_CREATE_IMPL(ComGoogleJ2objcNetSslIosSslSocket, initWithNSString_withInt_, host, port)
+}
+
+J2OBJC_CLASS_TYPE_LITERAL_SOURCE(ComGoogleJ2objcNetSslIosSslSocket)

jre_emul/Classes/com/google/j2objc/net/ssl/IosSslSocketFactory.java

@@ -41,7 +41,7 @@ public Socket createSocket(Socket s, String host, int port, boolean autoClose)
 
   @Override
   public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
-    throw new UnsupportedOperationException();
+    return new IosSslSocket(host, port);
   }
 
   @Override

jre_emul/stub_classes/com/google/j2objc/net/ssl/IosSslSocket.java

@@ -25,6 +25,8 @@
  */
 public class IosSslSocket extends SSLSocket {
 
+  public IosSslSocket(String host, int port) {}
+
   @Override
   public String[] getSupportedCipherSuites() {
     return new String[0];