jdk-sandbox: src/java.base/share/classes/sun/security/ssl/OutputRecord.java@56aaa6cb3693 (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	2	* Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 715 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 715 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 715 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 715 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 715 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	28	import java.io.ByteArrayOutputStream;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	29	import java.io.Closeable;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	30	import java.io.IOException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	31	import java.io.OutputStream;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	32	import java.nio.ByteBuffer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	33	import sun.security.ssl.SSLCipher.SSLWriteCipher;
2 90ce3da70b43 Initial load duke parents: diff changeset	34
90ce3da70b43 Initial load duke parents: diff changeset	35	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	36	* {@code OutputRecord} takes care of the management of SSL/(D)TLS
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	37	* output records, including buffering, encryption, handshake
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	38	* messages marshal, etc.
2 90ce3da70b43 Initial load duke parents: diff changeset	39	*
90ce3da70b43 Initial load duke parents: diff changeset	40	* @author David Brownell
90ce3da70b43 Initial load duke parents: diff changeset	41	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	42	abstract class OutputRecord
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	43	extends ByteArrayOutputStream implements Record, Closeable {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	44	SSLWriteCipher writeCipher;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	45	// Needed for KeyUpdate
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	46	TransportContext tc;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	47
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	48	final HandshakeHash handshakeHash;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	49	boolean firstMessage;
2 90ce3da70b43 Initial load duke parents: diff changeset	50
90ce3da70b43 Initial load duke parents: diff changeset	51	// current protocol version, sent as record version
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	52	ProtocolVersion protocolVersion;
2 90ce3da70b43 Initial load duke parents: diff changeset	53
90ce3da70b43 Initial load duke parents: diff changeset	54	// version for the ClientHello message. Only relevant if this is a
90ce3da70b43 Initial load duke parents: diff changeset	55	// client handshake record. If set to ProtocolVersion.SSL20Hello,
90ce3da70b43 Initial load duke parents: diff changeset	56	// the V3 client hello is converted to V2 format.
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	57	ProtocolVersion helloVersion;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	58
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	59	// Is it the first application record to write?
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	60	boolean isFirstAppOutputRecord = true;
2 90ce3da70b43 Initial load duke parents: diff changeset	61
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	62	// packet size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	63	int packetSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	64
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	65	// fragment size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	66	int fragmentSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	67
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	68	// closed or not?
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	69	boolean isClosed;
2 90ce3da70b43 Initial load duke parents: diff changeset	70
90ce3da70b43 Initial load duke parents: diff changeset	71	/*
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	72	* Mappings from V3 cipher suite encodings to their pure V2 equivalents.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	73	* This is taken from the SSL V3 specification, Appendix E.
2 90ce3da70b43 Initial load duke parents: diff changeset	74	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	75	private static final int[] V3toV2CipherMap1 =
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	76	{-1, -1, -1, 0x02, 0x01, -1, 0x04, 0x05, -1, 0x06, 0x07};
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	77	private static final int[] V3toV2CipherMap3 =
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	78	{-1, -1, -1, 0x80, 0x80, -1, 0x80, 0x80, -1, 0x40, 0xC0};
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	79
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	80	OutputRecord(HandshakeHash handshakeHash, SSLWriteCipher writeCipher) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	81	this.writeCipher = writeCipher;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	82	this.firstMessage = true;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	83	this.fragmentSize = Record.maxDataSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	84
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	85	this.handshakeHash = handshakeHash;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	86
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	87	// Please set packetSize and protocolVersion in the implementation.
2 90ce3da70b43 Initial load duke parents: diff changeset	88	}
90ce3da70b43 Initial load duke parents: diff changeset	89
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	90	void setVersion(ProtocolVersion protocolVersion) {
2 90ce3da70b43 Initial load duke parents: diff changeset	91	this.protocolVersion = protocolVersion;
90ce3da70b43 Initial load duke parents: diff changeset	92	}
90ce3da70b43 Initial load duke parents: diff changeset	93
90ce3da70b43 Initial load duke parents: diff changeset	94	/*
90ce3da70b43 Initial load duke parents: diff changeset	95	* Updates helloVersion of this record.
90ce3da70b43 Initial load duke parents: diff changeset	96	*/
90ce3da70b43 Initial load duke parents: diff changeset	97	synchronized void setHelloVersion(ProtocolVersion helloVersion) {
90ce3da70b43 Initial load duke parents: diff changeset	98	this.helloVersion = helloVersion;
90ce3da70b43 Initial load duke parents: diff changeset	99	}
90ce3da70b43 Initial load duke parents: diff changeset	100
90ce3da70b43 Initial load duke parents: diff changeset	101	/*
90ce3da70b43 Initial load duke parents: diff changeset	102	* Return true iff the record is empty -- to avoid doing the work
90ce3da70b43 Initial load duke parents: diff changeset	103	* of sending empty records over the network.
90ce3da70b43 Initial load duke parents: diff changeset	104	*/
90ce3da70b43 Initial load duke parents: diff changeset	105	boolean isEmpty() {
100 01ef29ca378f 6447412: Issue with socket.close() for ssl sockets when poweroff on other system xuelei parents: 2 diff changeset	106	return false;
01ef29ca378f 6447412: Issue with socket.close() for ssl sockets when poweroff on other system xuelei parents: 2 diff changeset	107	}
2 90ce3da70b43 Initial load duke parents: diff changeset	108
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	109	boolean seqNumIsHuge() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	110	return (writeCipher.authenticator != null) &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	111	writeCipher.authenticator.seqNumIsHuge();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	112	}
16913 a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16126 diff changeset	113
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	114	// SSLEngine and SSLSocket
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	115	abstract void encodeAlert(byte level, byte description) throws IOException;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	116
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	117	// SSLEngine and SSLSocket
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	118	abstract void encodeHandshake(byte[] buffer,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	119	int offset, int length) throws IOException;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	120
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	121	// SSLEngine and SSLSocket
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	122	abstract void encodeChangeCipherSpec() throws IOException;
16913 a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16126 diff changeset	123
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	124	// apply to SSLEngine only
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	125	Ciphertext encode(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	126	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	127	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	128
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	129	throw new UnsupportedOperationException();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	130	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	131
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	132	// apply to SSLEngine only
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	133	void encodeV2NoCipher() throws IOException {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	134	throw new UnsupportedOperationException();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	135	}
16913 a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16126 diff changeset	136
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	137	// apply to SSLSocket only
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	138	void deliver(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	139	byte[] source, int offset, int length) throws IOException {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	140	throw new UnsupportedOperationException();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	141	}
16913 a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16126 diff changeset	142
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	143	// apply to SSLSocket only
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	144	void setDeliverStream(OutputStream outputStream) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	145	throw new UnsupportedOperationException();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	146	}
16913 a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16126 diff changeset	147
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	148	void changeWriteCiphers(SSLWriteCipher writeCipher,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	149	boolean useChangeCipherSpec) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	150	if (useChangeCipherSpec) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	151	encodeChangeCipherSpec();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	152	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	153
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	154	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	155	* Dispose of any intermediate state in the underlying cipher.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	156	* For PKCS11 ciphers, this will release any attached sessions,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	157	* and thus make finalization faster.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	158	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	159	* Since MAC's doFinal() is called for every SSL/TLS packet, it's
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	160	* not necessary to do the same with MAC's.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	161	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	162	writeCipher.dispose();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	163
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	164	this.writeCipher = writeCipher;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	165	this.isFirstAppOutputRecord = true;
2 90ce3da70b43 Initial load duke parents: diff changeset	166	}
90ce3da70b43 Initial load duke parents: diff changeset	167
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	168	void changePacketSize(int packetSize) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	169	this.packetSize = packetSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	170	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	171
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	172	void changeFragmentSize(int fragmentSize) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	173	this.fragmentSize = fragmentSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	174	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	175
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	176	int getMaxPacketSize() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	177	return packetSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	178	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	179
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	180	// apply to DTLS SSLEngine
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	181	void initHandshaker() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	182	// blank
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	183	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	184
41820 3d8c88d00c9f 8167680: DTLS implementation bugs xuelei parents: 34687 diff changeset	185	// apply to DTLS SSLEngine
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	186	void finishHandshake() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	187	// blank
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	188	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	189
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	190	// apply to DTLS SSLEngine
41820 3d8c88d00c9f 8167680: DTLS implementation bugs xuelei parents: 34687 diff changeset	191	void launchRetransmission() {
3d8c88d00c9f 8167680: DTLS implementation bugs xuelei parents: 34687 diff changeset	192	// blank
3d8c88d00c9f 8167680: DTLS implementation bugs xuelei parents: 34687 diff changeset	193	}
3d8c88d00c9f 8167680: DTLS implementation bugs xuelei parents: 34687 diff changeset	194
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	195	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	196	public synchronized void close() throws IOException {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	197	if (!isClosed) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	198	isClosed = true;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	199	writeCipher.dispose();
12428 e9feb65d37fa 7157903: JSSE client sockets are very slow wetmore parents: 6856 diff changeset	200	}
e9feb65d37fa 7157903: JSSE client sockets are very slow wetmore parents: 6856 diff changeset	201	}
e9feb65d37fa 7157903: JSSE client sockets are very slow wetmore parents: 6856 diff changeset	202
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	203	synchronized boolean isClosed() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	204	return isClosed;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	205	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	206
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	207	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	208	// shared helpers
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	209	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	210
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	211	// Encrypt a fragment and wrap up a record.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	212	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	213	// To be consistent with the spec of SSLEngine.wrap() methods, the
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	214	// destination ByteBuffer's position is updated to reflect the amount
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	215	// of data produced. The limit remains the same.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	216	static long encrypt(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	217	SSLWriteCipher encCipher, byte contentType, ByteBuffer destination,
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	218	int headerOffset, int dstLim, int headerSize,
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	219	ProtocolVersion protocolVersion) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	220	boolean isDTLS = protocolVersion.isDTLS;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	221	if (isDTLS) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	222	if (protocolVersion.useTLS13PlusSpec()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	223	return d13Encrypt(encCipher,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	224	contentType, destination, headerOffset,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	225	dstLim, headerSize, protocolVersion);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	226	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	227	return d10Encrypt(encCipher,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	228	contentType, destination, headerOffset,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	229	dstLim, headerSize, protocolVersion);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	230	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	231	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	232	if (protocolVersion.useTLS13PlusSpec()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	233	return t13Encrypt(encCipher,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	234	contentType, destination, headerOffset,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	235	dstLim, headerSize, protocolVersion);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	236	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	237	return t10Encrypt(encCipher,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	238	contentType, destination, headerOffset,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	239	dstLim, headerSize, protocolVersion);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	240	}
2 90ce3da70b43 Initial load duke parents: diff changeset	241	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	242	}
2 90ce3da70b43 Initial load duke parents: diff changeset	243
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	244	static long d13Encrypt(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	245	SSLWriteCipher encCipher, byte contentType, ByteBuffer destination,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	246	int headerOffset, int dstLim, int headerSize,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	247	ProtocolVersion protocolVersion) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	248	throw new UnsupportedOperationException("Not supported yet.");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	249	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	250
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	251	private static long d10Encrypt(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	252	SSLWriteCipher encCipher, byte contentType, ByteBuffer destination,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	253	int headerOffset, int dstLim, int headerSize,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	254	ProtocolVersion protocolVersion) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	255	byte[] sequenceNumber = encCipher.authenticator.sequenceNumber();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	256	encCipher.encrypt(contentType, destination);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	257
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	258	// Finish out the record header.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	259	int fragLen = destination.limit() - headerOffset - headerSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	260
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	261	destination.put(headerOffset, contentType); // content type
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	262	destination.put(headerOffset + 1, protocolVersion.major);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	263	destination.put(headerOffset + 2, protocolVersion.minor);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	264
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	265	// epoch and sequence_number
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	266	destination.put(headerOffset + 3, sequenceNumber[0]);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	267	destination.put(headerOffset + 4, sequenceNumber[1]);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	268	destination.put(headerOffset + 5, sequenceNumber[2]);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	269	destination.put(headerOffset + 6, sequenceNumber[3]);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	270	destination.put(headerOffset + 7, sequenceNumber[4]);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	271	destination.put(headerOffset + 8, sequenceNumber[5]);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	272	destination.put(headerOffset + 9, sequenceNumber[6]);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	273	destination.put(headerOffset + 10, sequenceNumber[7]);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	274
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	275	// fragment length
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	276	destination.put(headerOffset + 11, (byte)(fragLen >> 8));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	277	destination.put(headerOffset + 12, (byte)fragLen);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	278
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	279	// Update destination position to reflect the amount of data produced.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	280	destination.position(destination.limit());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	281
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	282	return Authenticator.toLong(sequenceNumber);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	283	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	284
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	285	static long t13Encrypt(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	286	SSLWriteCipher encCipher, byte contentType, ByteBuffer destination,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	287	int headerOffset, int dstLim, int headerSize,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	288	ProtocolVersion protocolVersion) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	289	if (!encCipher.isNullCipher()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	290	// inner plaintext, using zero length padding.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	291	int pos = destination.position();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	292	destination.position(destination.limit());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	293	destination.limit(destination.limit() + 1);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	294	destination.put(contentType);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	295	destination.position(pos);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	296	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	297
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	298	// use the right TLSCiphertext.opaque_type and legacy_record_version
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	299	ProtocolVersion pv = protocolVersion;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	300	if (!encCipher.isNullCipher()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	301	pv = ProtocolVersion.TLS12;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	302	contentType = ContentType.APPLICATION_DATA.id;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	303	} else if (protocolVersion.useTLS13PlusSpec()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	304	pv = ProtocolVersion.TLS12;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	305	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	306
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	307	byte[] sequenceNumber = encCipher.authenticator.sequenceNumber();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	308	encCipher.encrypt(contentType, destination);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	309
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	310	// Finish out the record header.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	311	int fragLen = destination.limit() - headerOffset - headerSize;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	312	destination.put(headerOffset, contentType);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	313	destination.put(headerOffset + 1, pv.major);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	314	destination.put(headerOffset + 2, pv.minor);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	315
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	316	// fragment length
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	317	destination.put(headerOffset + 3, (byte)(fragLen >> 8));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	318	destination.put(headerOffset + 4, (byte)fragLen);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	319
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	320	// Update destination position to reflect the amount of data produced.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	321	destination.position(destination.limit());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	322
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	323	return Authenticator.toLong(sequenceNumber);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	324	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	325
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	326	static long t10Encrypt(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	327	SSLWriteCipher encCipher, byte contentType, ByteBuffer destination,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	328	int headerOffset, int dstLim, int headerSize,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	329	ProtocolVersion protocolVersion) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	330	byte[] sequenceNumber = encCipher.authenticator.sequenceNumber();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	331	encCipher.encrypt(contentType, destination);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	332
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	333	// Finish out the record header.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	334	int fragLen = destination.limit() - headerOffset - headerSize;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	335
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	336	destination.put(headerOffset, contentType); // content type
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	337	destination.put(headerOffset + 1, protocolVersion.major);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	338	destination.put(headerOffset + 2, protocolVersion.minor);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	339
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	340	// fragment length
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	341	destination.put(headerOffset + 3, (byte)(fragLen >> 8));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	342	destination.put(headerOffset + 4, (byte)fragLen);
2 90ce3da70b43 Initial load duke parents: diff changeset	343
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	344	// Update destination position to reflect the amount of data produced.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	345	destination.position(destination.limit());
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	346
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	347	return Authenticator.toLong(sequenceNumber);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	348	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	349
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	350	// Encrypt a fragment and wrap up a record.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	351	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	352	// Uses the internal expandable buf variable and the current
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	353	// protocolVersion variable.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	354	long encrypt(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	355	SSLWriteCipher encCipher, byte contentType, int headerSize) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	356	if (protocolVersion.useTLS13PlusSpec()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	357	return t13Encrypt(encCipher, contentType, headerSize);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	358	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	359	return t10Encrypt(encCipher, contentType, headerSize);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	360	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	361	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	362
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	363	private static final class T13PaddingHolder {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	364	private static final byte[] zeros = new byte[16];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	365	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	366
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	367	long t13Encrypt(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	368	SSLWriteCipher encCipher, byte contentType, int headerSize) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	369	if (!encCipher.isNullCipher()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	370	// inner plaintext
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	371	write(contentType);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	372	write(T13PaddingHolder.zeros, 0, T13PaddingHolder.zeros.length);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	373	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	374
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	375	byte[] sequenceNumber = encCipher.authenticator.sequenceNumber();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	376	int position = headerSize;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	377	int contentLen = count - position;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	378
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	379	// ensure the capacity
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	380	int packetSize = encCipher.calculatePacketSize(contentLen, headerSize);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	381	if (packetSize > buf.length) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	382	byte[] newBuf = new byte[packetSize];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	383	System.arraycopy(buf, 0, newBuf, 0, count);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	384	buf = newBuf;
2 90ce3da70b43 Initial load duke parents: diff changeset	385	}
90ce3da70b43 Initial load duke parents: diff changeset	386
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	387	// use the right TLSCiphertext.opaque_type and legacy_record_version
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	388	ProtocolVersion pv = protocolVersion;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	389	if (!encCipher.isNullCipher()) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	390	pv = ProtocolVersion.TLS12;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	391	contentType = ContentType.APPLICATION_DATA.id;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	392	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	393	pv = ProtocolVersion.TLS12;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	394	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	395
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	396	ByteBuffer destination = ByteBuffer.wrap(buf, position, contentLen);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	397	count = headerSize + encCipher.encrypt(contentType, destination);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	398
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	399	// Fill out the header, write it and the message.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	400	int fragLen = count - headerSize;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	401
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	402	buf[0] = contentType;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	403	buf[1] = pv.major;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	404	buf[2] = pv.minor;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	405	buf[3] = (byte)((fragLen >> 8) & 0xFF);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	406	buf[4] = (byte)(fragLen & 0xFF);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	407
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	408	return Authenticator.toLong(sequenceNumber);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	409	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	410
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	411	long t10Encrypt(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	412	SSLWriteCipher encCipher, byte contentType, int headerSize) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	413	byte[] sequenceNumber = encCipher.authenticator.sequenceNumber();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	414	int position = headerSize + writeCipher.getExplicitNonceSize();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	415	int contentLen = count - position;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	416
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	417	// ensure the capacity
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	418	int packetSize = encCipher.calculatePacketSize(contentLen, headerSize);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	419	if (packetSize > buf.length) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	420	byte[] newBuf = new byte[packetSize];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	421	System.arraycopy(buf, 0, newBuf, 0, count);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	422	buf = newBuf;
2 90ce3da70b43 Initial load duke parents: diff changeset	423	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	424	ByteBuffer destination = ByteBuffer.wrap(buf, position, contentLen);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	425	count = headerSize + encCipher.encrypt(contentType, destination);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	426
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	427	// Fill out the header, write it and the message.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	428	int fragLen = count - headerSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	429	buf[0] = contentType;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	430	buf[1] = protocolVersion.major;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	431	buf[2] = protocolVersion.minor;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	432	buf[3] = (byte)((fragLen >> 8) & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	433	buf[4] = (byte)(fragLen & 0xFF);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	434
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	435	return Authenticator.toLong(sequenceNumber);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	436	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	437
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	438	static ByteBuffer encodeV2ClientHello(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	439	byte[] fragment, int offset, int length) throws IOException {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	440	int v3SessIdLenOffset = offset + 34; // 2: client_version
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	441	// 32: random
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	442
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	443	int v3SessIdLen = fragment[v3SessIdLenOffset];
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	444	int v3CSLenOffset = v3SessIdLenOffset + 1 + v3SessIdLen;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	445	int v3CSLen = ((fragment[v3CSLenOffset] & 0xff) << 8) +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	446	(fragment[v3CSLenOffset + 1] & 0xff);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	447	int cipherSpecs = v3CSLen / 2; // 2: cipher spec size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	448
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	449	// Estimate the max V2ClientHello message length
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	450	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	451	// 11: header size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	452	// (cipherSpecs * 6): cipher_specs
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	453	// 6: one cipher suite may need 6 bytes, see V3toV2CipherSuite.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	454	// 3: placeholder for the TLS_EMPTY_RENEGOTIATION_INFO_SCSV
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	455	// signaling cipher suite
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	456	// 32: challenge size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	457	int v2MaxMsgLen = 11 + (cipherSpecs * 6) + 3 + 32;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	458
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	459	// Create a ByteBuffer backed by an accessible byte array.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	460	byte[] dstBytes = new byte[v2MaxMsgLen];
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	461	ByteBuffer dstBuf = ByteBuffer.wrap(dstBytes);
2 90ce3da70b43 Initial load duke parents: diff changeset	462
12428 e9feb65d37fa 7157903: JSSE client sockets are very slow wetmore parents: 6856 diff changeset	463	/*
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	464	* Copy over the cipher specs. We don't care about actually
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	465	* translating them for use with an actual V2 server since
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	466	* we only talk V3. Therefore, just copy over the V3 cipher
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	467	* spec values with a leading 0.
12428 e9feb65d37fa 7157903: JSSE client sockets are very slow wetmore parents: 6856 diff changeset	468	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	469	int v3CSOffset = v3CSLenOffset + 2; // skip length field
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	470	int v2CSLen = 0;
2 90ce3da70b43 Initial load duke parents: diff changeset	471
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	472	dstBuf.position(11);
6856 533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	473	boolean containsRenegoInfoSCSV = false;
2 90ce3da70b43 Initial load duke parents: diff changeset	474	for (int i = 0; i < cipherSpecs; i++) {
90ce3da70b43 Initial load duke parents: diff changeset	475	byte byte1, byte2;
90ce3da70b43 Initial load duke parents: diff changeset	476
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	477	byte1 = fragment[v3CSOffset++];
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	478	byte2 = fragment[v3CSOffset++];
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	479	v2CSLen += V3toV2CipherSuite(dstBuf, byte1, byte2);
6856 533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	480	if (!containsRenegoInfoSCSV &&
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	481	byte1 == (byte)0x00 && byte2 == (byte)0xFF) {
6856 533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	482	containsRenegoInfoSCSV = true;
533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	483	}
533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	484	}
533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	485
533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	486	if (!containsRenegoInfoSCSV) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	487	v2CSLen += V3toV2CipherSuite(dstBuf, (byte)0x00, (byte)0xFF);
2 90ce3da70b43 Initial load duke parents: diff changeset	488	}
90ce3da70b43 Initial load duke parents: diff changeset	489
90ce3da70b43 Initial load duke parents: diff changeset	490	/*
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	491	* Copy in the nonce.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	492	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	493	dstBuf.put(fragment, (offset + 2), 32);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	494
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	495	/*
2 90ce3da70b43 Initial load duke parents: diff changeset	496	* Build the first part of the V3 record header from the V2 one
90ce3da70b43 Initial load duke parents: diff changeset	497	* that's now buffered up. (Lengths are fixed up later).
90ce3da70b43 Initial load duke parents: diff changeset	498	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	499	int msgLen = dstBuf.position() - 2; // Exclude the legth field itself
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	500	dstBuf.position(0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	501	dstBuf.put((byte)(0x80 \| ((msgLen >>> 8) & 0xFF))); // pos: 0
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	502	dstBuf.put((byte)(msgLen & 0xFF)); // pos: 1
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	503	dstBuf.put(SSLHandshake.CLIENT_HELLO.id); // pos: 2
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	504	dstBuf.put(fragment[offset]); // major version, pos: 3
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	505	dstBuf.put(fragment[offset + 1]); // minor version, pos: 4
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	506	dstBuf.put((byte)(v2CSLen >>> 8)); // pos: 5
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	507	dstBuf.put((byte)(v2CSLen & 0xFF)); // pos: 6
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	508	dstBuf.put((byte)0x00); // session_id_length, pos: 7
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	509	dstBuf.put((byte)0x00); // pos: 8
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	510	dstBuf.put((byte)0x00); // challenge_length, pos: 9
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	511	dstBuf.put((byte)32); // pos: 10
2 90ce3da70b43 Initial load duke parents: diff changeset	512
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	513	dstBuf.position(0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	514	dstBuf.limit(msgLen + 2);
2 90ce3da70b43 Initial load duke parents: diff changeset	515
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	516	return dstBuf;
2 90ce3da70b43 Initial load duke parents: diff changeset	517	}
90ce3da70b43 Initial load duke parents: diff changeset	518
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	519	private static int V3toV2CipherSuite(ByteBuffer dstBuf,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	520	byte byte1, byte byte2) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	521	dstBuf.put((byte)0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	522	dstBuf.put(byte1);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	523	dstBuf.put(byte2);
2 90ce3da70b43 Initial load duke parents: diff changeset	524
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	525	if (((byte2 & 0xff) > 0xA) \|\| (V3toV2CipherMap1[byte2] == -1)) {
2 90ce3da70b43 Initial load duke parents: diff changeset	526	return 3;
90ce3da70b43 Initial load duke parents: diff changeset	527	}
90ce3da70b43 Initial load duke parents: diff changeset	528
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	529	dstBuf.put((byte)V3toV2CipherMap1[byte2]);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	530	dstBuf.put((byte)0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	531	dstBuf.put((byte)V3toV2CipherMap3[byte2]);
2 90ce3da70b43 Initial load duke parents: diff changeset	532
90ce3da70b43 Initial load duke parents: diff changeset	533	return 6;
90ce3da70b43 Initial load duke parents: diff changeset	534	}
90ce3da70b43 Initial load duke parents: diff changeset	535	}

author	wetmore
	Fri, 11 May 2018 15:53:12 -0700
branch	JDK-8145252-TLS13-branch
changeset 56542	56aaa6cb3693
parent 47216	71c04702a3d5
child 56686	07dc566630ee
permissions	-rw-r--r--