jdk-sandbox: src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java@5022a4915fe9 (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	2	* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	28	import java.io.IOException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	29	import java.nio.ByteBuffer;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	30	import java.nio.ReadOnlyBufferException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	31	import java.security.AccessController;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	32	import java.security.PrivilegedActionException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	33	import java.security.PrivilegedExceptionAction;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	34	import java.util.List;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	35	import java.util.Map;
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	36	import java.util.function.BiFunction;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	37	import javax.net.ssl.SSLEngine;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	38	import javax.net.ssl.SSLEngineResult;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	39	import javax.net.ssl.SSLEngineResult.HandshakeStatus;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	40	import javax.net.ssl.SSLEngineResult.Status;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	41	import javax.net.ssl.SSLException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	42	import javax.net.ssl.SSLHandshakeException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	43	import javax.net.ssl.SSLKeyException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	44	import javax.net.ssl.SSLParameters;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	45	import javax.net.ssl.SSLPeerUnverifiedException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	46	import javax.net.ssl.SSLProtocolException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	47	import javax.net.ssl.SSLSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	48
90ce3da70b43 Initial load duke parents: diff changeset	49	/**
90ce3da70b43 Initial load duke parents: diff changeset	50	* Implementation of an non-blocking SSLEngine.
90ce3da70b43 Initial load duke parents: diff changeset	51	*
90ce3da70b43 Initial load duke parents: diff changeset	52	* @author Brad Wetmore
90ce3da70b43 Initial load duke parents: diff changeset	53	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	54	final class SSLEngineImpl extends SSLEngine implements SSLTransport {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	55	private final SSLContextImpl sslContext;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	56	final TransportContext conContext;
2 90ce3da70b43 Initial load duke parents: diff changeset	57
90ce3da70b43 Initial load duke parents: diff changeset	58	/**
90ce3da70b43 Initial load duke parents: diff changeset	59	* Constructor for an SSLEngine from SSLContext, without
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	60	* host/port hints.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	61	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	62	* This Engine will not be able to cache sessions, but must renegotiate
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	63	* everything by hand.
2 90ce3da70b43 Initial load duke parents: diff changeset	64	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	65	SSLEngineImpl(SSLContextImpl sslContext) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	66	this(sslContext, null, -1);
2 90ce3da70b43 Initial load duke parents: diff changeset	67	}
90ce3da70b43 Initial load duke parents: diff changeset	68
90ce3da70b43 Initial load duke parents: diff changeset	69	/**
90ce3da70b43 Initial load duke parents: diff changeset	70	* Constructor for an SSLEngine from SSLContext.
90ce3da70b43 Initial load duke parents: diff changeset	71	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	72	SSLEngineImpl(SSLContextImpl sslContext,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	73	String host, int port) {
2 90ce3da70b43 Initial load duke parents: diff changeset	74	super(host, port);
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	75	this.sslContext = sslContext;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	76	HandshakeHash handshakeHash = new HandshakeHash();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	77	if (sslContext.isDTLS()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	78	this.conContext = new TransportContext(sslContext, this,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	79	new DTLSInputRecord(handshakeHash),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	80	new DTLSOutputRecord(handshakeHash));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	81	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	82	this.conContext = new TransportContext(sslContext, this,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	83	new SSLEngineInputRecord(handshakeHash),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	84	new SSLEngineOutputRecord(handshakeHash));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	85	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	86
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	87	// Server name indication is a connection scope extension.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	88	if (host != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	89	this.conContext.sslConfig.serverNames =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	90	Utilities.addToSNIServerNameList(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	91	conContext.sslConfig.serverNames, host);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	92	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	93	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	94
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	95	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	96	public synchronized void beginHandshake() throws SSLException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	97	if (conContext.isUnsureMode) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	98	throw new IllegalStateException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	99	"Client/Server mode has not yet been set.");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	100	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	101
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	102	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	103	conContext.kickstart();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	104	} catch (IOException ioe) {
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 51574 diff changeset	105	throw conContext.fatal(Alert.HANDSHAKE_FAILURE,
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	106	"Couldn't kickstart handshaking", ioe);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	107	} catch (Exception ex) { // including RuntimeException
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 51574 diff changeset	108	throw conContext.fatal(Alert.INTERNAL_ERROR,
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	109	"Fail to begin handshake", ex);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	110	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	111	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	112
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	113	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	114	public synchronized SSLEngineResult wrap(ByteBuffer[] appData,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	115	int offset, int length, ByteBuffer netData) throws SSLException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	116	return wrap(appData, offset, length, new ByteBuffer[]{ netData }, 0, 1);
2 90ce3da70b43 Initial load duke parents: diff changeset	117	}
90ce3da70b43 Initial load duke parents: diff changeset	118
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	119	// @Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	120	public synchronized SSLEngineResult wrap(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	121	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	122	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	123
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	124	if (conContext.isUnsureMode) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	125	throw new IllegalStateException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	126	"Client/Server mode has not yet been set.");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	127	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	128
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	129	// See if the handshaker needs to report back some SSLException.
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	130	checkTaskThrown();
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	131
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	132	// check parameters
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	133	checkParams(srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	134
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	135	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	136	return writeRecord(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	137	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	138	} catch (SSLProtocolException spe) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	139	// may be an unexpected handshake message
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 51574 diff changeset	140	throw conContext.fatal(Alert.UNEXPECTED_MESSAGE, spe);
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	141	} catch (IOException ioe) {
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 51574 diff changeset	142	throw conContext.fatal(Alert.INTERNAL_ERROR,
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	143	"problem wrapping app data", ioe);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	144	} catch (Exception ex) { // including RuntimeException
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 51574 diff changeset	145	throw conContext.fatal(Alert.INTERNAL_ERROR,
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	146	"Fail to wrap application data", ex);
2 90ce3da70b43 Initial load duke parents: diff changeset	147	}
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	148	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	149
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	150	private SSLEngineResult writeRecord(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	151	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	152	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	153
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	154	// May need to deliver cached records.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	155	if (isOutboundDone()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	156	return new SSLEngineResult(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	157	Status.CLOSED, getHandshakeStatus(), 0, 0);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	158	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	159
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	160	HandshakeContext hc = conContext.handshakeContext;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	161	HandshakeStatus hsStatus = null;
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	162	if (!conContext.isNegotiated && !conContext.isBroken &&
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	163	!conContext.isInboundClosed() &&
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	164	!conContext.isOutboundClosed()) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	165	conContext.kickstart();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	166
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	167	hsStatus = getHandshakeStatus();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	168	if (hsStatus == HandshakeStatus.NEED_UNWRAP) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	169	/*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	170	* For DTLS, if the handshake state is
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	171	* HandshakeStatus.NEED_UNWRAP, a call to SSLEngine.wrap()
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	172	* means that the previous handshake packets (if delivered)
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	173	* get lost, and need retransmit the handshake messages.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	174	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	175	if (!sslContext.isDTLS() \|\| hc == null \|\|
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	176	!hc.sslConfig.enableRetransmissions \|\|
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	177	conContext.outputRecord.firstMessage) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	178
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	179	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	180	} // otherwise, need retransmission
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	181	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	182	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	183
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	184	if (hsStatus == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	185	hsStatus = getHandshakeStatus();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	186	}
2 90ce3da70b43 Initial load duke parents: diff changeset	187
90ce3da70b43 Initial load duke parents: diff changeset	188	/*
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	189	* If we have a task outstanding, this MUST be done before
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	190	* doing any more wrapping, because we could be in the middle
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	191	* of receiving a handshake message, for example, a finished
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	192	* message which would change the ciphers.
2 90ce3da70b43 Initial load duke parents: diff changeset	193	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	194	if (hsStatus == HandshakeStatus.NEED_TASK) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	195	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	196	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	197
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	198	int dstsRemains = 0;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	199	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	200	dstsRemains += dsts[i].remaining();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	201	}
2 90ce3da70b43 Initial load duke parents: diff changeset	202
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	203	// Check destination buffer size.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	204	//
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	205	// We can be smarter about using smaller buffer sizes later. For
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	206	// now, force it to be large enough to handle any valid record.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	207	if (dstsRemains < conContext.conSession.getPacketBufferSize()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	208	return new SSLEngineResult(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	209	Status.BUFFER_OVERFLOW, getHandshakeStatus(), 0, 0);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	210	}
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	211
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	212	int srcsRemains = 0;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	213	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	214	srcsRemains += srcs[i].remaining();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	215	}
6856 533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	216
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	217	Ciphertext ciphertext = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	218	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	219	// Acquire the buffered to-be-delivered records or retransmissions.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	220	//
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	221	// May have buffered records, or need retransmission if handshaking.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	222	if (!conContext.outputRecord.isEmpty() \|\| (hc != null &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	223	hc.sslConfig.enableRetransmissions &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	224	hc.sslContext.isDTLS() &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	225	hsStatus == HandshakeStatus.NEED_UNWRAP)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	226	ciphertext = encode(null, 0, 0,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	227	dsts, dstsOffset, dstsLength);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	228	}
2 90ce3da70b43 Initial load duke parents: diff changeset	229
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	230	if (ciphertext == null && srcsRemains != 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	231	ciphertext = encode(srcs, srcsOffset, srcsLength,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	232	dsts, dstsOffset, dstsLength);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	233	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	234	} catch (IOException ioe) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	235	if (ioe instanceof SSLException) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	236	throw ioe;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	237	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	238	throw new SSLException("Write problems", ioe);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	239	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	240	}
2 90ce3da70b43 Initial load duke parents: diff changeset	241
90ce3da70b43 Initial load duke parents: diff changeset	242	/*
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	243	* Check for status.
2 90ce3da70b43 Initial load duke parents: diff changeset	244	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	245	Status status = (isOutboundDone() ? Status.CLOSED : Status.OK);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	246	if (ciphertext != null && ciphertext.handshakeStatus != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	247	hsStatus = ciphertext.handshakeStatus;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	248	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	249	hsStatus = getHandshakeStatus();
53289 5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	250	if (ciphertext == null && !conContext.isNegotiated &&
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	251	conContext.isInboundClosed() &&
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	252	hsStatus == HandshakeStatus.NEED_WRAP) {
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	253	// Even the outboud is open, no futher data could be wrapped as:
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	254	// 1. the outbound is empty
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	255	// 2. no negotiated connection
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	256	// 3. the inbound has closed, cannot complete the handshake
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	257	//
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	258	// Mark the engine as closed if the handshake status is
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	259	// NEED_WRAP. Otherwise, it could lead to dead loops in
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	260	// applications.
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	261	status = Status.CLOSED;
5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	262	}
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	263	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	264
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	265	int deltaSrcs = srcsRemains;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	266	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	267	deltaSrcs -= srcs[i].remaining();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	268	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	269
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	270	int deltaDsts = dstsRemains;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	271	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	272	deltaDsts -= dsts[i].remaining();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	273	}
2 90ce3da70b43 Initial load duke parents: diff changeset	274
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	275	return new SSLEngineResult(status, hsStatus, deltaSrcs, deltaDsts,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	276	ciphertext != null ? ciphertext.recordSN : -1L);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	277	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	278
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	279	private Ciphertext encode(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	280	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	281	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	282
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	283	Ciphertext ciphertext = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	284	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	285	ciphertext = conContext.outputRecord.encode(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	286	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	287	} catch (SSLHandshakeException she) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	288	// may be record sequence number overflow
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 51574 diff changeset	289	throw conContext.fatal(Alert.HANDSHAKE_FAILURE, she);
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	290	} catch (IOException e) {
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 51574 diff changeset	291	throw conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	292	}
2 90ce3da70b43 Initial load duke parents: diff changeset	293
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	294	if (ciphertext == null) {
53289 5022a4915fe9 8214418: half-closed SSLEngine status may cause application dead loop xuelei parents: 53064 diff changeset	295	return null;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	296	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	297
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	298	// Is the handshake completed?
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	299	boolean needRetransmission =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	300	conContext.sslContext.isDTLS() &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	301	conContext.handshakeContext != null &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	302	conContext.handshakeContext.sslConfig.enableRetransmissions;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	303	HandshakeStatus hsStatus =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	304	tryToFinishHandshake(ciphertext.contentType);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	305	if (needRetransmission &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	306	hsStatus == HandshakeStatus.FINISHED &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	307	conContext.sslContext.isDTLS() &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	308	ciphertext.handshakeType == SSLHandshake.FINISHED.id) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	309	// Retransmit the last flight for DTLS.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	310	//
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	311	// The application data transactions may begin immediately
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	312	// after the last flight. If the last flight get lost, the
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	313	// application data may be discarded accordingly. As could
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	314	// be an issue for some applications. This impact can be
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	315	// mitigated by sending the last fligth twice.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	316	if (SSLLogger.isOn && SSLLogger.isOn("ssl,verbose")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	317	SSLLogger.finest("retransmit the last flight messages");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	318	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	319
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	320	conContext.outputRecord.launchRetransmission();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	321	hsStatus = HandshakeStatus.NEED_WRAP;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	322	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	323
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	324	if (hsStatus == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	325	hsStatus = conContext.getHandshakeStatus();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	326	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	327
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	328	// Is the sequence number is nearly overflow?
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	329	if (conContext.outputRecord.seqNumIsHuge() \|\|
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	330	conContext.outputRecord.writeCipher.atKeyLimit()) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	331	hsStatus = tryKeyUpdate(hsStatus);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	332	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	333
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	334	// update context status
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	335	ciphertext.handshakeStatus = hsStatus;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	336
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	337	return ciphertext;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	338	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	339
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	340	private HandshakeStatus tryToFinishHandshake(byte contentType) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	341	HandshakeStatus hsStatus = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	342	if ((contentType == ContentType.HANDSHAKE.id) &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	343	conContext.outputRecord.isEmpty()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	344	if (conContext.handshakeContext == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	345	hsStatus = HandshakeStatus.FINISHED;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	346	} else if (conContext.isPostHandshakeContext()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	347	// unlikely, but just in case.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	348	hsStatus = conContext.finishPostHandshake();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	349	} else if (conContext.handshakeContext.handshakeFinished) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	350	hsStatus = conContext.finishHandshake();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	351	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	352	} // Otherwise, the followed call to getHSStatus() will help.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	353
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	354	return hsStatus;
2 90ce3da70b43 Initial load duke parents: diff changeset	355	}
90ce3da70b43 Initial load duke parents: diff changeset	356
90ce3da70b43 Initial load duke parents: diff changeset	357	/**
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	358	* Try key update for sequence number wrap or key usage limit.
2 90ce3da70b43 Initial load duke parents: diff changeset	359	*
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	360	* Note that in order to maintain the handshake status properly, we check
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	361	* the sequence number and key usage limit after the last record
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	362	* reading/writing process.
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	363	*
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	364	* As we request renegotiation or close the connection for wrapped sequence
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	365	* number when there is enough sequence number space left to handle a few
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	366	* more records, so the sequence number of the last record cannot be
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	367	* wrapped.
2 90ce3da70b43 Initial load duke parents: diff changeset	368	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	369	private HandshakeStatus tryKeyUpdate(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	370	HandshakeStatus currentHandshakeStatus) throws IOException {
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	371	// Don't bother to kickstart if handshaking is in progress, or if the
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	372	// connection is not duplex-open.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	373	if ((conContext.handshakeContext == null) &&
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	374	!conContext.isOutboundClosed() &&
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	375	!conContext.isInboundClosed() &&
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	376	!conContext.isBroken) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	377	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	378	SSLLogger.finest("trigger key update");
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	379	}
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	380	beginHandshake();
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	381	return conContext.getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	382	}
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	383
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	384	return currentHandshakeStatus;
2 90ce3da70b43 Initial load duke parents: diff changeset	385	}
90ce3da70b43 Initial load duke parents: diff changeset	386
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	387	private static void checkParams(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	388	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	389	ByteBuffer[] dsts, int dstsOffset, int dstsLength) {
2 90ce3da70b43 Initial load duke parents: diff changeset	390
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	391	if ((srcs == null) \|\| (dsts == null)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	392	throw new IllegalArgumentException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	393	"source or destination buffer is null");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	394	}
2 90ce3da70b43 Initial load duke parents: diff changeset	395
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	396	if ((dstsOffset < 0) \|\| (dstsLength < 0) \|\|
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	397	(dstsOffset > dsts.length - dstsLength)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	398	throw new IndexOutOfBoundsException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	399	"index out of bound of the destination buffers");
2 90ce3da70b43 Initial load duke parents: diff changeset	400	}
1763 0a6b65d56746 6750401: SSL stress test with GF leads to 32 bit max process size in less than 5 minutes,with PCKS11 provider wetmore parents: 2 diff changeset	401
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	402	if ((srcsOffset < 0) \|\| (srcsLength < 0) \|\|
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	403	(srcsOffset > srcs.length - srcsLength)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	404	throw new IndexOutOfBoundsException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	405	"index out of bound of the source buffers");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	406	}
2 90ce3da70b43 Initial load duke parents: diff changeset	407
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	408	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	409	if (dsts[i] == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	410	throw new IllegalArgumentException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	411	"destination buffer[" + i + "] == null");
6856 533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	412	}
533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	413
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	414	/*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	415	* Make sure the destination bufffers are writable.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	416	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	417	if (dsts[i].isReadOnly()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	418	throw new ReadOnlyBufferException();
5182 62836694baeb 6898739: TLS renegotiation issue xuelei parents: 1763 diff changeset	419	}
2 90ce3da70b43 Initial load duke parents: diff changeset	420	}
90ce3da70b43 Initial load duke parents: diff changeset	421
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	422	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	423	if (srcs[i] == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	424	throw new IllegalArgumentException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	425	"source buffer[" + i + "] == null");
2 90ce3da70b43 Initial load duke parents: diff changeset	426	}
90ce3da70b43 Initial load duke parents: diff changeset	427	}
90ce3da70b43 Initial load duke parents: diff changeset	428	}
90ce3da70b43 Initial load duke parents: diff changeset	429
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	430	@Override
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	431	public synchronized SSLEngineResult unwrap(ByteBuffer src,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	432	ByteBuffer[] dsts, int offset, int length) throws SSLException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	433	return unwrap(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	434	new ByteBuffer[]{src}, 0, 1, dsts, offset, length);
2 90ce3da70b43 Initial load duke parents: diff changeset	435	}
90ce3da70b43 Initial load duke parents: diff changeset	436
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	437	// @Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	438	public synchronized SSLEngineResult unwrap(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	439	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	440	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException {
2 90ce3da70b43 Initial load duke parents: diff changeset	441
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	442	if (conContext.isUnsureMode) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	443	throw new IllegalStateException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	444	"Client/Server mode has not yet been set.");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	445	}
2 90ce3da70b43 Initial load duke parents: diff changeset	446
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	447	// See if the handshaker needs to report back some SSLException.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	448	checkTaskThrown();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	449
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	450	// check parameters
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	451	checkParams(srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
2 90ce3da70b43 Initial load duke parents: diff changeset	452
90ce3da70b43 Initial load duke parents: diff changeset	453	try {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	454	return readRecord(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	455	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	456	} catch (SSLProtocolException spe) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	457	// may be an unexpected handshake message
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 51574 diff changeset	458	throw conContext.fatal(Alert.UNEXPECTED_MESSAGE,
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	459	spe.getMessage(), spe);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	460	} catch (IOException ioe) {
2 90ce3da70b43 Initial load duke parents: diff changeset	461	/*
90ce3da70b43 Initial load duke parents: diff changeset	462	* Don't reset position so it looks like we didn't
90ce3da70b43 Initial load duke parents: diff changeset	463	* consume anything. We did consume something, and it
90ce3da70b43 Initial load duke parents: diff changeset	464	* got us into this situation, so report that much back.
90ce3da70b43 Initial load duke parents: diff changeset	465	* Our days of consuming are now over anyway.
90ce3da70b43 Initial load duke parents: diff changeset	466	*/
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 51574 diff changeset	467	throw conContext.fatal(Alert.INTERNAL_ERROR,
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	468	"problem unwrapping net record", ioe);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	469	} catch (Exception ex) { // including RuntimeException
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 51574 diff changeset	470	throw conContext.fatal(Alert.INTERNAL_ERROR,
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	471	"Fail to unwrap network record", ex);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	472	}
2 90ce3da70b43 Initial load duke parents: diff changeset	473	}
90ce3da70b43 Initial load duke parents: diff changeset	474
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	475	private SSLEngineResult readRecord(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	476	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	477	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	478
90ce3da70b43 Initial load duke parents: diff changeset	479	/*
90ce3da70b43 Initial load duke parents: diff changeset	480	* Check if we are closing/closed.
90ce3da70b43 Initial load duke parents: diff changeset	481	*/
90ce3da70b43 Initial load duke parents: diff changeset	482	if (isInboundDone()) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	483	return new SSLEngineResult(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	484	Status.CLOSED, getHandshakeStatus(), 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	485	}
90ce3da70b43 Initial load duke parents: diff changeset	486
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	487	HandshakeStatus hsStatus = null;
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	488	if (!conContext.isNegotiated && !conContext.isBroken &&
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	489	!conContext.isInboundClosed() &&
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	490	!conContext.isOutboundClosed()) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	491	conContext.kickstart();
2 90ce3da70b43 Initial load duke parents: diff changeset	492
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	493	/*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	494	* If there's still outbound data to flush, we
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	495	* can return without trying to unwrap anything.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	496	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	497	hsStatus = getHandshakeStatus();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	498	if (hsStatus == HandshakeStatus.NEED_WRAP) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	499	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	500	}
90ce3da70b43 Initial load duke parents: diff changeset	501	}
90ce3da70b43 Initial load duke parents: diff changeset	502
90ce3da70b43 Initial load duke parents: diff changeset	503	if (hsStatus == null) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	504	hsStatus = getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	505	}
90ce3da70b43 Initial load duke parents: diff changeset	506
90ce3da70b43 Initial load duke parents: diff changeset	507	/*
90ce3da70b43 Initial load duke parents: diff changeset	508	* If we have a task outstanding, this MUST be done before
90ce3da70b43 Initial load duke parents: diff changeset	509	* doing any more unwrapping, because we could be in the middle
90ce3da70b43 Initial load duke parents: diff changeset	510	* of receiving a handshake message, for example, a finished
90ce3da70b43 Initial load duke parents: diff changeset	511	* message which would change the ciphers.
90ce3da70b43 Initial load duke parents: diff changeset	512	*/
90ce3da70b43 Initial load duke parents: diff changeset	513	if (hsStatus == HandshakeStatus.NEED_TASK) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	514	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	515	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	516
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	517	if (hsStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP_AGAIN) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	518	Plaintext plainText = null;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	519	try {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	520	plainText = decode(null, 0, 0,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	521	dsts, dstsOffset, dstsLength);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	522	} catch (IOException ioe) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	523	if (ioe instanceof SSLException) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	524	throw ioe;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	525	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	526	throw new SSLException("readRecord", ioe);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	527	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	528	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	529
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	530	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	531	if (plainText.handshakeStatus != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	532	hsStatus = plainText.handshakeStatus;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	533	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	534	hsStatus = getHandshakeStatus();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	535	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	536
2 90ce3da70b43 Initial load duke parents: diff changeset	537	return new SSLEngineResult(
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	538	status, hsStatus, 0, 0, plainText.recordSN);
2 90ce3da70b43 Initial load duke parents: diff changeset	539	}
90ce3da70b43 Initial load duke parents: diff changeset	540
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	541	int srcsRemains = 0;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	542	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	543	srcsRemains += srcs[i].remaining();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	544	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	545
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	546	if (srcsRemains == 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	547	return new SSLEngineResult(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	548	Status.BUFFER_UNDERFLOW, hsStatus, 0, 0);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	549	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	550
2 90ce3da70b43 Initial load duke parents: diff changeset	551	/*
90ce3da70b43 Initial load duke parents: diff changeset	552	* Check the packet to make sure enough is here.
90ce3da70b43 Initial load duke parents: diff changeset	553	* This will also indirectly check for 0 len packets.
90ce3da70b43 Initial load duke parents: diff changeset	554	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	555	int packetLen = 0;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	556	try {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	557	packetLen = conContext.inputRecord.bytesInCompletePacket(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	558	srcs, srcsOffset, srcsLength);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	559	} catch (SSLException ssle) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	560	// Need to discard invalid records for DTLS protocols.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	561	if (sslContext.isDTLS()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	562	if (SSLLogger.isOn && SSLLogger.isOn("ssl,verbose")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	563	SSLLogger.finest("Discard invalid DTLS records", ssle);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	564	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	565
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	566	// invalid, discard the entire data [section 4.1.2.7, RFC 6347]
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	567	int deltaNet = 0;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	568	// int deltaNet = netData.remaining();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	569	// netData.position(netData.limit());
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	570
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	571	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	572	if (hsStatus == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	573	hsStatus = getHandshakeStatus();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	574	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	575
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	576	return new SSLEngineResult(status, hsStatus, deltaNet, 0, -1L);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	577	} else {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	578	throw ssle;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	579	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	580	}
2 90ce3da70b43 Initial load duke parents: diff changeset	581
90ce3da70b43 Initial load duke parents: diff changeset	582	// Is this packet bigger than SSL/TLS normally allows?
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	583	if (packetLen > conContext.conSession.getPacketBufferSize()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	584	int largestRecordSize = sslContext.isDTLS() ?
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	585	DTLSRecord.maxRecordSize : SSLRecord.maxLargeRecordSize;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	586	if ((packetLen <= largestRecordSize) && !sslContext.isDTLS()) {
2 90ce3da70b43 Initial load duke parents: diff changeset	587	// Expand the expected maximum packet/application buffer
90ce3da70b43 Initial load duke parents: diff changeset	588	// sizes.
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	589	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	590	// Only apply to SSL/TLS protocols.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	591
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	592	// Old behavior: shall we honor the System Property
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	593	// "jsse.SSLEngine.acceptLargeFragments" if it is "false"?
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	594	conContext.conSession.expandBufferSizes();
2 90ce3da70b43 Initial load duke parents: diff changeset	595	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	596
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	597	// check the packet again
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	598	largestRecordSize = conContext.conSession.getPacketBufferSize();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	599	if (packetLen > largestRecordSize) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	600	throw new SSLProtocolException(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	601	"Input record too big: max = " +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	602	largestRecordSize + " len = " + packetLen);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	603	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	604	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	605
2 90ce3da70b43 Initial load duke parents: diff changeset	606	/*
90ce3da70b43 Initial load duke parents: diff changeset	607	* Check for OVERFLOW.
90ce3da70b43 Initial load duke parents: diff changeset	608	*
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	609	* Delay enforcing the application buffer free space requirement
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	610	* until after the initial handshaking.
2 90ce3da70b43 Initial load duke parents: diff changeset	611	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	612	int dstsRemains = 0;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	613	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	614	dstsRemains += dsts[i].remaining();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	615	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	616
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	617	if (conContext.isNegotiated) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	618	int FragLen =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	619	conContext.inputRecord.estimateFragmentSize(packetLen);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	620	if (FragLen > dstsRemains) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	621	return new SSLEngineResult(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	622	Status.BUFFER_OVERFLOW, hsStatus, 0, 0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	623	}
2 90ce3da70b43 Initial load duke parents: diff changeset	624	}
90ce3da70b43 Initial load duke parents: diff changeset	625
90ce3da70b43 Initial load duke parents: diff changeset	626	// check for UNDERFLOW.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	627	if ((packetLen == -1) \|\| (srcsRemains < packetLen)) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	628	return new SSLEngineResult(Status.BUFFER_UNDERFLOW, hsStatus, 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	629	}
90ce3da70b43 Initial load duke parents: diff changeset	630
90ce3da70b43 Initial load duke parents: diff changeset	631	/*
90ce3da70b43 Initial load duke parents: diff changeset	632	* We're now ready to actually do the read.
90ce3da70b43 Initial load duke parents: diff changeset	633	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	634	Plaintext plainText = null;
2 90ce3da70b43 Initial load duke parents: diff changeset	635	try {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	636	plainText = decode(srcs, srcsOffset, srcsLength,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	637	dsts, dstsOffset, dstsLength);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	638	} catch (IOException ioe) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	639	if (ioe instanceof SSLException) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	640	throw ioe;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	641	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	642	throw new SSLException("readRecord", ioe);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	643	}
2 90ce3da70b43 Initial load duke parents: diff changeset	644	}
90ce3da70b43 Initial load duke parents: diff changeset	645
90ce3da70b43 Initial load duke parents: diff changeset	646	/*
90ce3da70b43 Initial load duke parents: diff changeset	647	* Check the various condition that we could be reporting.
90ce3da70b43 Initial load duke parents: diff changeset	648	*
90ce3da70b43 Initial load duke parents: diff changeset	649	* It's possible something might have happened between the
90ce3da70b43 Initial load duke parents: diff changeset	650	* above and now, but it was better to minimally lock "this"
90ce3da70b43 Initial load duke parents: diff changeset	651	* during the read process. We'll return the current
90ce3da70b43 Initial load duke parents: diff changeset	652	* status, which is more representative of the current state.
90ce3da70b43 Initial load duke parents: diff changeset	653	*
90ce3da70b43 Initial load duke parents: diff changeset	654	* status above should cover: FINISHED, NEED_TASK
90ce3da70b43 Initial load duke parents: diff changeset	655	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	656	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	657	if (plainText.handshakeStatus != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	658	hsStatus = plainText.handshakeStatus;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	659	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	660	hsStatus = getHandshakeStatus();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	661	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	662
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	663	int deltaNet = srcsRemains;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	664	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	665	deltaNet -= srcs[i].remaining();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	666	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	667
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	668	int deltaApp = dstsRemains;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	669	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	670	deltaApp -= dsts[i].remaining();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	671	}
2 90ce3da70b43 Initial load duke parents: diff changeset	672
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	673	return new SSLEngineResult(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	674	status, hsStatus, deltaNet, deltaApp, plainText.recordSN);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	675	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	676
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	677	private Plaintext decode(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	678	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	679	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	680
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	681	Plaintext pt = SSLTransport.decode(conContext,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	682	srcs, srcsOffset, srcsLength,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	683	dsts, dstsOffset, dstsLength);
2 90ce3da70b43 Initial load duke parents: diff changeset	684
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	685	// Is the handshake completed?
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	686	if (pt != Plaintext.PLAINTEXT_NULL) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	687	HandshakeStatus hsStatus = tryToFinishHandshake(pt.contentType);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	688	if (hsStatus == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	689	pt.handshakeStatus = conContext.getHandshakeStatus();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	690	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	691	pt.handshakeStatus = hsStatus;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	692	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	693
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	694	// Is the sequence number is nearly overflow?
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	695	if (conContext.inputRecord.seqNumIsHuge() \|\|
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	696	conContext.inputRecord.readCipher.atKeyLimit()) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	697	pt.handshakeStatus =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	698	tryKeyUpdate(pt.handshakeStatus);
2 90ce3da70b43 Initial load duke parents: diff changeset	699	}
90ce3da70b43 Initial load duke parents: diff changeset	700	}
90ce3da70b43 Initial load duke parents: diff changeset	701
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	702	return pt;
2 90ce3da70b43 Initial load duke parents: diff changeset	703	}
90ce3da70b43 Initial load duke parents: diff changeset	704
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	705	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	706	public synchronized Runnable getDelegatedTask() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	707	if (conContext.handshakeContext != null && // PRE or POST handshake
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	708	!conContext.handshakeContext.taskDelegated &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	709	!conContext.handshakeContext.delegatedActions.isEmpty()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	710	conContext.handshakeContext.taskDelegated = true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	711	return new DelegatedTask(this);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	712	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	713
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	714	return null;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	715	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	716
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	717	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	718	public synchronized void closeInbound() throws SSLException {
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	719	if (isInboundDone()) {
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	720	return;
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	721	}
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	722
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	723	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	724	SSLLogger.finest("Closing inbound of SSLEngine");
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	725	}
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	726
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	727	// Is it ready to close inbound?
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	728	//
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	729	// No need to throw exception if the initial handshake is not started.
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	730	if (!conContext.isInputCloseNotified &&
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	731	(conContext.isNegotiated \|\| conContext.handshakeContext != null)) {
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	732
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 51574 diff changeset	733	throw conContext.fatal(Alert.INTERNAL_ERROR,
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	734	"closing inbound before receiving peer's close_notify");
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	735	}
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	736
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	737	conContext.closeInbound();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	738	}
2 90ce3da70b43 Initial load duke parents: diff changeset	739
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	740	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	741	public synchronized boolean isInboundDone() {
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	742	return conContext.isInboundClosed();
2 90ce3da70b43 Initial load duke parents: diff changeset	743	}
90ce3da70b43 Initial load duke parents: diff changeset	744
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	745	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	746	public synchronized void closeOutbound() {
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	747	if (conContext.isOutboundClosed()) {
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	748	return;
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	749	}
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	750
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	751	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	752	SSLLogger.finest("Closing outbound of SSLEngine");
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	753	}
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	754
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	755	conContext.closeOutbound();
2 90ce3da70b43 Initial load duke parents: diff changeset	756	}
90ce3da70b43 Initial load duke parents: diff changeset	757
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	758	@Override
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	759	public synchronized boolean isOutboundDone() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	760	return conContext.isOutboundDone();
2 90ce3da70b43 Initial load duke parents: diff changeset	761	}
90ce3da70b43 Initial load duke parents: diff changeset	762
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	763	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	764	public String[] getSupportedCipherSuites() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	765	return CipherSuite.namesOf(sslContext.getSupportedCipherSuites());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	766	}
2 90ce3da70b43 Initial load duke parents: diff changeset	767
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	768	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	769	public synchronized String[] getEnabledCipherSuites() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	770	return CipherSuite.namesOf(conContext.sslConfig.enabledCipherSuites);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	771	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	772
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	773	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	774	public synchronized void setEnabledCipherSuites(String[] suites) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	775	conContext.sslConfig.enabledCipherSuites =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	776	CipherSuite.validValuesOf(suites);
2 90ce3da70b43 Initial load duke parents: diff changeset	777	}
90ce3da70b43 Initial load duke parents: diff changeset	778
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	779	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	780	public String[] getSupportedProtocols() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	781	return ProtocolVersion.toStringArray(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	782	sslContext.getSupportedProtocolVersions());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	783	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	784
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	785	@Override
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	786	public synchronized String[] getEnabledProtocols() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	787	return ProtocolVersion.toStringArray(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	788	conContext.sslConfig.enabledProtocols);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	789	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	790
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	791	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	792	public synchronized void setEnabledProtocols(String[] protocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	793	if (protocols == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	794	throw new IllegalArgumentException("Protocols cannot be null");
2 90ce3da70b43 Initial load duke parents: diff changeset	795	}
90ce3da70b43 Initial load duke parents: diff changeset	796
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	797	conContext.sslConfig.enabledProtocols =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	798	ProtocolVersion.namesOf(protocols);
2 90ce3da70b43 Initial load duke parents: diff changeset	799	}
90ce3da70b43 Initial load duke parents: diff changeset	800
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	801	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	802	public synchronized SSLSession getSession() {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	803	return conContext.conSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	804	}
90ce3da70b43 Initial load duke parents: diff changeset	805
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	806	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	807	public synchronized SSLSession getHandshakeSession() {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	808	return conContext.handshakeContext == null ?
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	809	null : conContext.handshakeContext.handshakeSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	810	}
90ce3da70b43 Initial load duke parents: diff changeset	811
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	812	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	813	public synchronized SSLEngineResult.HandshakeStatus getHandshakeStatus() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	814	return conContext.getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	815	}
90ce3da70b43 Initial load duke parents: diff changeset	816
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	817	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	818	public synchronized void setUseClientMode(boolean mode) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	819	conContext.setUseClientMode(mode);
2 90ce3da70b43 Initial load duke parents: diff changeset	820	}
90ce3da70b43 Initial load duke parents: diff changeset	821
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	822	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	823	public synchronized boolean getUseClientMode() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	824	return conContext.sslConfig.isClientMode;
2 90ce3da70b43 Initial load duke parents: diff changeset	825	}
90ce3da70b43 Initial load duke parents: diff changeset	826
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	827	@Override
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	828	public synchronized void setNeedClientAuth(boolean need) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	829	conContext.sslConfig.clientAuthType =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	830	(need ? ClientAuthType.CLIENT_AUTH_REQUIRED :
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	831	ClientAuthType.CLIENT_AUTH_NONE);
2 90ce3da70b43 Initial load duke parents: diff changeset	832	}
90ce3da70b43 Initial load duke parents: diff changeset	833
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	834	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	835	public synchronized boolean getNeedClientAuth() {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	836	return (conContext.sslConfig.clientAuthType ==
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	837	ClientAuthType.CLIENT_AUTH_REQUIRED);
2 90ce3da70b43 Initial load duke parents: diff changeset	838	}
90ce3da70b43 Initial load duke parents: diff changeset	839
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	840	@Override
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	841	public synchronized void setWantClientAuth(boolean want) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	842	conContext.sslConfig.clientAuthType =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	843	(want ? ClientAuthType.CLIENT_AUTH_REQUESTED :
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	844	ClientAuthType.CLIENT_AUTH_NONE);
2 90ce3da70b43 Initial load duke parents: diff changeset	845	}
90ce3da70b43 Initial load duke parents: diff changeset	846
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	847	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	848	public synchronized boolean getWantClientAuth() {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	849	return (conContext.sslConfig.clientAuthType ==
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	850	ClientAuthType.CLIENT_AUTH_REQUESTED);
2 90ce3da70b43 Initial load duke parents: diff changeset	851	}
90ce3da70b43 Initial load duke parents: diff changeset	852
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	853	@Override
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	854	public synchronized void setEnableSessionCreation(boolean flag) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	855	conContext.sslConfig.enableSessionCreation = flag;
2 90ce3da70b43 Initial load duke parents: diff changeset	856	}
90ce3da70b43 Initial load duke parents: diff changeset	857
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	858	@Override
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	859	public synchronized boolean getEnableSessionCreation() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	860	return conContext.sslConfig.enableSessionCreation;
2 90ce3da70b43 Initial load duke parents: diff changeset	861	}
90ce3da70b43 Initial load duke parents: diff changeset	862
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	863	@Override
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	864	public synchronized SSLParameters getSSLParameters() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	865	return conContext.sslConfig.getSSLParameters();
2 90ce3da70b43 Initial load duke parents: diff changeset	866	}
90ce3da70b43 Initial load duke parents: diff changeset	867
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	868	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	869	public synchronized void setSSLParameters(SSLParameters params) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	870	conContext.sslConfig.setSSLParameters(params);
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	871
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	872	if (conContext.sslConfig.maximumPacketSize != 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	873	conContext.outputRecord.changePacketSize(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	874	conContext.sslConfig.maximumPacketSize);
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	875	}
2 90ce3da70b43 Initial load duke parents: diff changeset	876	}
90ce3da70b43 Initial load duke parents: diff changeset	877
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	878	@Override
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	879	public synchronized String getApplicationProtocol() {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	880	return conContext.applicationProtocol;
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	881	}
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	882
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	883	@Override
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	884	public synchronized String getHandshakeApplicationProtocol() {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	885	return conContext.handshakeContext == null ?
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	886	null : conContext.handshakeContext.applicationProtocol;
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	887	}
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	888
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	889	@Override
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	890	public synchronized void setHandshakeApplicationProtocolSelector(
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	891	BiFunction<SSLEngine, List<String>, String> selector) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	892	conContext.sslConfig.engineAPSelector = selector;
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	893	}
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	894
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	895	@Override
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	896	public synchronized BiFunction<SSLEngine, List<String>, String>
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	897	getHandshakeApplicationProtocolSelector() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	898	return conContext.sslConfig.engineAPSelector;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	899	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	900
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	901	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	902	public boolean useDelegatedTask() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	903	return true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	904	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	905
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	906	/*
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	907	* Depending on whether the error was just a warning and the
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	908	* handshaker wasn't closed, or fatal and the handshaker is now
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	909	* null, report back the Exception that happened in the delegated
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	910	* task(s).
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	911	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	912	private synchronized void checkTaskThrown() throws SSLException {
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	913
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	914	Exception exc = null;
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	915
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	916	// First check the handshake context.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	917	HandshakeContext hc = conContext.handshakeContext;
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	918	if ((hc != null) && (hc.delegatedThrown != null)) {
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	919	exc = hc.delegatedThrown;
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	920	hc.delegatedThrown = null;
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	921	}
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	922
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	923	/*
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	924	* hc.delegatedThrown and conContext.delegatedThrown are most likely
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	925	* the same, but it's possible we could have had a non-fatal
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	926	* exception and thus the new HandshakeContext is still valid
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	927	* (alert warning). If so, then we may have a secondary exception
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	928	* waiting to be reported from the TransportContext, so we will
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	929	* need to clear that on a successive call. Otherwise, clear it now.
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	930	*/
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	931	if (conContext.delegatedThrown != null) {
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	932	if (exc != null) {
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	933	// hc object comparison
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	934	if (conContext.delegatedThrown == exc) {
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	935	// clear if/only if both are the same
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	936	conContext.delegatedThrown = null;
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	937	} // otherwise report the hc delegatedThrown
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	938	} else {
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	939	// Nothing waiting in HandshakeContext, but one is in the
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	940	// TransportContext.
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	941	exc = conContext.delegatedThrown;
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	942	conContext.delegatedThrown = null;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	943	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	944	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	945
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	946	// Anything to report?
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	947	if (exc == null) {
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	948	return;
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	949	}
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	950
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	951	// If it wasn't a RuntimeException/SSLException, need to wrap it.
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	952	if (exc instanceof SSLException) {
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	953	throw (SSLException)exc;
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	954	} else if (exc instanceof RuntimeException) {
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	955	throw (RuntimeException)exc;
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	956	} else {
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	957	throw getTaskThrown(exc);
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	958	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	959	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	960
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	961	private static SSLException getTaskThrown(Exception taskThrown) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	962	String msg = taskThrown.getMessage();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	963
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	964	if (msg == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	965	msg = "Delegated task threw Exception or Error";
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	966	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	967
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	968	if (taskThrown instanceof RuntimeException) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	969	throw new RuntimeException(msg, taskThrown);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	970	} else if (taskThrown instanceof SSLHandshakeException) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	971	return (SSLHandshakeException)
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	972	new SSLHandshakeException(msg).initCause(taskThrown);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	973	} else if (taskThrown instanceof SSLKeyException) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	974	return (SSLKeyException)
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	975	new SSLKeyException(msg).initCause(taskThrown);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	976	} else if (taskThrown instanceof SSLPeerUnverifiedException) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	977	return (SSLPeerUnverifiedException)
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	978	new SSLPeerUnverifiedException(msg).initCause(taskThrown);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	979	} else if (taskThrown instanceof SSLProtocolException) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	980	return (SSLProtocolException)
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	981	new SSLProtocolException(msg).initCause(taskThrown);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	982	} else if (taskThrown instanceof SSLException) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	983	return (SSLException)taskThrown;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	984	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	985	return new SSLException(msg, taskThrown);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	986	}
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	987	}
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	988
2 90ce3da70b43 Initial load duke parents: diff changeset	989	/**
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	990	* Implement a simple task delegator.
2 90ce3da70b43 Initial load duke parents: diff changeset	991	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	992	private static class DelegatedTask implements Runnable {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	993	private final SSLEngineImpl engine;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	994
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	995	DelegatedTask(SSLEngineImpl engineInstance) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	996	this.engine = engineInstance;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	997	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	998
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	999	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1000	public void run() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1001	synchronized (engine) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1002	HandshakeContext hc = engine.conContext.handshakeContext;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1003	if (hc == null \|\| hc.delegatedActions.isEmpty()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1004	return;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1005	}
2 90ce3da70b43 Initial load duke parents: diff changeset	1006
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1007	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1008	AccessController.doPrivileged(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1009	new DelegatedAction(hc), engine.conContext.acc);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1010	} catch (PrivilegedActionException pae) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1011	// Get the handshake context again in case the
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1012	// handshaking has completed.
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1013	Exception reportedException = pae.getException();
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1014
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1015	// Report to both the TransportContext...
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1016	if (engine.conContext.delegatedThrown == null) {
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1017	engine.conContext.delegatedThrown = reportedException;
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1018	}
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1019
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1020	// ...and the HandshakeContext in case condition
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1021	// wasn't fatal and the handshakeContext is still
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1022	// around.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1023	hc = engine.conContext.handshakeContext;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1024	if (hc != null) {
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1025	hc.delegatedThrown = reportedException;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1026	} else if (engine.conContext.closeReason != null) {
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1027	// Update the reason in case there was a previous.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1028	engine.conContext.closeReason =
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1029	getTaskThrown(reportedException);
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1030	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1031	} catch (RuntimeException rte) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1032	// Get the handshake context again in case the
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1033	// handshaking has completed.
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1034
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1035	// Report to both the TransportContext...
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1036	if (engine.conContext.delegatedThrown == null) {
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1037	engine.conContext.delegatedThrown = rte;
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1038	}
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1039
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1040	// ...and the HandshakeContext in case condition
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1041	// wasn't fatal and the handshakeContext is still
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1042	// around.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1043	hc = engine.conContext.handshakeContext;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1044	if (hc != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1045	hc.delegatedThrown = rte;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1046	} else if (engine.conContext.closeReason != null) {
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 51407 diff changeset	1047	// Update the reason in case there was a previous.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1048	engine.conContext.closeReason = rte;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1049	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1050	}
2 90ce3da70b43 Initial load duke parents: diff changeset	1051
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1052	// Get the handshake context again in case the
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1053	// handshaking has completed.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1054	hc = engine.conContext.handshakeContext;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1055	if (hc != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1056	hc.taskDelegated = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1057	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1058	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1059	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1060
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1061	private static class DelegatedAction
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1062	implements PrivilegedExceptionAction<Void> {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1063	final HandshakeContext context;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1064	DelegatedAction(HandshakeContext context) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1065	this.context = context;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1066	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1067
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1068	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1069	public Void run() throws Exception {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1070	while (!context.delegatedActions.isEmpty()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1071	Map.Entry<Byte, ByteBuffer> me =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1072	context.delegatedActions.poll();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1073	if (me != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1074	context.dispatch(me.getKey(), me.getValue());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1075	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1076	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1077	return null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1078	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	1079	}
2 90ce3da70b43 Initial load duke parents: diff changeset	1080	}
90ce3da70b43 Initial load duke parents: diff changeset	1081	}

author	xuelei
	Mon, 14 Jan 2019 10:00:45 -0800
changeset 53289	5022a4915fe9
parent 53064	103ed9569fc8
child 54443	dfba4e321ab3
permissions	-rw-r--r--