jdk-sandbox: src/java.base/share/classes/sun/security/ssl/RSAClientKeyExchange.java@56aaa6cb3693 (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	2	* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	28	import java.io.IOException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	29	import java.nio.ByteBuffer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	30	import java.security.GeneralSecurityException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	31	import java.security.PrivateKey;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	32	import java.security.PublicKey;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	33	import java.text.MessageFormat;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	34	import java.util.Locale;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	35	import javax.crypto.SecretKey;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	36	import sun.security.ssl.RSAKeyExchange.EphemeralRSACredentials;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	37	import sun.security.ssl.RSAKeyExchange.EphemeralRSAPossession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	38	import sun.security.ssl.RSAKeyExchange.RSAPremasterSecret;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	39	import sun.security.ssl.SSLHandshake.HandshakeMessage;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	40	import sun.security.ssl.X509Authentication.X509Credentials;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	41	import sun.security.ssl.X509Authentication.X509Possession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	42	import sun.security.util.HexDumpEncoder;
2 90ce3da70b43 Initial load duke parents: diff changeset	43
90ce3da70b43 Initial load duke parents: diff changeset	44	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	45	* Pack of the "ClientKeyExchange" handshake message.
2 90ce3da70b43 Initial load duke parents: diff changeset	46	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	47	final class RSAClientKeyExchange {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	48	static final SSLConsumer rsaHandshakeConsumer =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	49	new RSAClientKeyExchangeConsumer();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	50	static final HandshakeProducer rsaHandshakeProducer =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	51	new RSAClientKeyExchangeProducer();
2 90ce3da70b43 Initial load duke parents: diff changeset	52
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	53	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	54	* The RSA ClientKeyExchange handshake message.
2 90ce3da70b43 Initial load duke parents: diff changeset	55	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	56	private static final
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	57	class RSAClientKeyExchangeMessage extends HandshakeMessage {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	58	final int protocolVersion;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	59	final boolean useTLS10PlusSpec;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	60	final byte[] encrypted;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	61
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	62	RSAClientKeyExchangeMessage(HandshakeContext context,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	63	RSAPremasterSecret premaster,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	64	PublicKey publicKey) throws GeneralSecurityException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	65	super(context);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	66	this.protocolVersion = context.clientHelloVersion;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	67	this.encrypted = premaster.getEncoded(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	68	publicKey, context.sslContext.getSecureRandom());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	69	this.useTLS10PlusSpec = ProtocolVersion.useTLS10PlusSpec(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	70	protocolVersion, context.sslContext.isDTLS());
2 90ce3da70b43 Initial load duke parents: diff changeset	71	}
90ce3da70b43 Initial load duke parents: diff changeset	72
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	73	RSAClientKeyExchangeMessage(HandshakeContext context,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	74	ByteBuffer m) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	75	super(context);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	76	// This happens in server side only.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	77	ServerHandshakeContext shc =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	78	(ServerHandshakeContext)handshakeContext;
2 90ce3da70b43 Initial load duke parents: diff changeset	79
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	80	if (m.remaining() < 2) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	81	shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	82	"Invalid RSA ClientKeyExchange message: insufficient data");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	83	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	84
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	85	this.protocolVersion = context.clientHelloVersion;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	86	this.useTLS10PlusSpec = ProtocolVersion.useTLS10PlusSpec(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	87	protocolVersion, context.sslContext.isDTLS());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	88	if (useTLS10PlusSpec) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	89	this.encrypted = Record.getBytes16(m);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	90	} else { // SSL 3.0
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	91	this.encrypted = new byte[m.remaining()];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	92	m.get(encrypted);
38741 b29b75c25015 8158111: Make handling of 3rd party providers more stable igerasim parents: 36952 diff changeset	93	}
b29b75c25015 8158111: Make handling of 3rd party providers more stable igerasim parents: 36952 diff changeset	94	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	95
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	96	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	97	public SSLHandshake handshakeType() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	98	return SSLHandshake.CLIENT_KEY_EXCHANGE;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	99	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	100
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	101	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	102	public int messageLength() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	103	if (useTLS10PlusSpec) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	104	return encrypted.length + 2;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	105	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	106	return encrypted.length;
38741 b29b75c25015 8158111: Make handling of 3rd party providers more stable igerasim parents: 36952 diff changeset	107	}
b29b75c25015 8158111: Make handling of 3rd party providers more stable igerasim parents: 36952 diff changeset	108	}
b29b75c25015 8158111: Make handling of 3rd party providers more stable igerasim parents: 36952 diff changeset	109
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	110	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	111	public void send(HandshakeOutStream hos) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	112	if (useTLS10PlusSpec) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	113	hos.putBytes16(encrypted);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	114	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	115	hos.write(encrypted);
2 90ce3da70b43 Initial load duke parents: diff changeset	116	}
90ce3da70b43 Initial load duke parents: diff changeset	117	}
90ce3da70b43 Initial load duke parents: diff changeset	118
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	119	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	120	public String toString() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	121	MessageFormat messageFormat = new MessageFormat(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	122	"\"RSA ClientKeyExchange\": '{'\n" +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	123	" \"client_version\": {0}\n" +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	124	" \"encncrypted\": '{'\n" +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	125	"{1}\n" +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	126	" '}'\n" +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	127	"'}'",
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	128	Locale.ENGLISH);
38741 b29b75c25015 8158111: Make handling of 3rd party providers more stable igerasim parents: 36952 diff changeset	129
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	130	HexDumpEncoder hexEncoder = new HexDumpEncoder();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	131	Object[] messageFields = {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	132	ProtocolVersion.nameOf(protocolVersion),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	133	Utilities.indent(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	134	hexEncoder.encodeBuffer(encrypted), " "),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	135	};
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	136	return messageFormat.format(messageFields);
22309 1990211a42e5 8023069: Enhance TLS connections xuelei parents: 16100 diff changeset	137	}
2 90ce3da70b43 Initial load duke parents: diff changeset	138	}
90ce3da70b43 Initial load duke parents: diff changeset	139
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	140	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	141	* The RSA "ClientKeyExchange" handshake message producer.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	142	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	143	private static final
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	144	class RSAClientKeyExchangeProducer implements HandshakeProducer {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	145	// Prevent instantiation of this class.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	146	private RSAClientKeyExchangeProducer() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	147	// blank
35279 5afd2941dfb7 8081297: SSL Problem with Tomcat igerasim parents: 30904 diff changeset	148	}
5afd2941dfb7 8081297: SSL Problem with Tomcat igerasim parents: 30904 diff changeset	149
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	150	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	151	public byte[] produce(ConnectionContext context,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	152	HandshakeMessage message) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	153	// This happens in client side only.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	154	ClientHandshakeContext chc = (ClientHandshakeContext)context;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	155
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	156	EphemeralRSACredentials rsaCredentials = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	157	X509Credentials x509Credentials = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	158	for (SSLCredentials credential : chc.handshakeCredentials) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	159	if (credential instanceof EphemeralRSACredentials) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	160	rsaCredentials = (EphemeralRSACredentials)credential;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	161	if (x509Credentials != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	162	break;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	163	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	164	} else if (credential instanceof X509Credentials) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	165	x509Credentials = (X509Credentials)credential;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	166	if (rsaCredentials != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	167	break;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	168	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	169	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	170	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	171
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	172	if (rsaCredentials == null && x509Credentials == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	173	chc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	174	"No RSA credentials negotiated for client key exchange");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	175	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	176
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	177	PublicKey publicKey = (rsaCredentials != null) ?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	178	rsaCredentials.popPublicKey : x509Credentials.popPublicKey;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	179	if (!publicKey.getAlgorithm().equals("RSA")) { // unlikely
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	180	chc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	181	"Not RSA public key for client key exchange");
35279 5afd2941dfb7 8081297: SSL Problem with Tomcat igerasim parents: 30904 diff changeset	182	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	183
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	184	RSAPremasterSecret premaster;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	185	RSAClientKeyExchangeMessage ckem;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	186	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	187	premaster = RSAPremasterSecret.createPremasterSecret(chc);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	188	chc.handshakePossessions.add(premaster);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	189	ckem = new RSAClientKeyExchangeMessage(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	190	chc, premaster, publicKey);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	191	} catch (GeneralSecurityException gse) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	192	chc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	193	"Cannot generate RSA premaster secret", gse);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	194
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	195	return null; // make the compiler happy
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	196	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	197	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	198	SSLLogger.fine(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	199	"Produced RSA ClientKeyExchange handshake message", ckem);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	200	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	201
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	202	// Output the handshake message.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	203	ckem.write(chc.handshakeOutput);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	204	chc.handshakeOutput.flush();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	205
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	206	// update the states
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	207	SSLKeyExchange ke =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	208	SSLKeyExchange.valueOf(chc.negotiatedCipherSuite.keyExchange);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	209	if (ke == null) { // unlikely
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	210	chc.conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	211	"Not supported key exchange type");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	212	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	213	SSLKeyDerivation masterKD = ke.createKeyDerivation(chc);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	214	SecretKey masterSecret = masterKD.deriveKey("TODO", null);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	215
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	216	// update the states
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	217	chc.handshakeSession.setMasterSecret(masterSecret);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	218	SSLTrafficKeyDerivation kd =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	219	SSLTrafficKeyDerivation.valueOf(chc.negotiatedProtocol);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	220	if (kd == null) { // unlikely
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	221	chc.conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	222	"Not supported key derivation: " +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	223	chc.negotiatedProtocol);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	224	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	225	chc.handshakeKeyDerivation =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	226	kd.createKeyDerivation(chc, masterSecret);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	227	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	228	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	229
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	230	// The handshake message has been delivered.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	231	return null;
35279 5afd2941dfb7 8081297: SSL Problem with Tomcat igerasim parents: 30904 diff changeset	232	}
5afd2941dfb7 8081297: SSL Problem with Tomcat igerasim parents: 30904 diff changeset	233	}
5afd2941dfb7 8081297: SSL Problem with Tomcat igerasim parents: 30904 diff changeset	234
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	235	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	236	* The RSA "ClientKeyExchange" handshake message consumer.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	237	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	238	private static final
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	239	class RSAClientKeyExchangeConsumer implements SSLConsumer {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	240	// Prevent instantiation of this class.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	241	private RSAClientKeyExchangeConsumer() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	242	// blank
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	243	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	244
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	245	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	246	public void consume(ConnectionContext context,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	247	ByteBuffer message) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	248	// The consuming happens in server side only.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	249	ServerHandshakeContext shc = (ServerHandshakeContext)context;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	250
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	251	EphemeralRSAPossession rsaPossession = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	252	X509Possession x509Possession = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	253	for (SSLPossession possession : shc.handshakePossessions) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	254	if (possession instanceof EphemeralRSAPossession) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	255	rsaPossession = (EphemeralRSAPossession)possession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	256	break;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	257	} else if (possession instanceof X509Possession) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	258	x509Possession = (X509Possession)possession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	259	if (rsaPossession != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	260	break;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	261	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	262	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	263	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	264
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	265	if (rsaPossession == null && x509Possession == null) { // unlikely
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	266	shc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	267	"No RSA possessions negotiated for client key exchange");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	268	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	269
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	270	PrivateKey privateKey = (rsaPossession != null) ?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	271	rsaPossession.popPrivateKey : x509Possession.popPrivateKey;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	272	if (!privateKey.getAlgorithm().equals("RSA")) { // unlikely
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	273	shc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	274	"Not RSA private key for client key exchange");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	275	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	276
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	277	RSAClientKeyExchangeMessage ckem =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	278	new RSAClientKeyExchangeMessage(shc, message);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	279	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	280	SSLLogger.fine(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	281	"Consuming RSA ClientKeyExchange handshake message", ckem);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	282	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	283
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	284	// create the credentials
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	285	RSAPremasterSecret premaster;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	286	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	287	premaster =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	288	RSAPremasterSecret.decode(shc, privateKey, ckem.encrypted);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	289	shc.handshakeCredentials.add(premaster);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	290	} catch (GeneralSecurityException gse) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	291	shc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	292	"Cannot decode RSA premaster secret", gse);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	293	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	294
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	295	// update the states
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	296	SSLKeyExchange ke =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	297	SSLKeyExchange.valueOf(shc.negotiatedCipherSuite.keyExchange);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	298	if (ke == null) { // unlikely
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	299	shc.conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	300	"Not supported key exchange type");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	301	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	302	SSLKeyDerivation masterKD = ke.createKeyDerivation(shc);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	303	SecretKey masterSecret = masterKD.deriveKey("TODO", null);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	304
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	305	// update the states
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	306	shc.handshakeSession.setMasterSecret(masterSecret);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	307	SSLTrafficKeyDerivation kd =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	308	SSLTrafficKeyDerivation.valueOf(shc.negotiatedProtocol);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	309	if (kd == null) { // unlikely
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	310	shc.conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	311	"Not supported key derivation: " +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	312	shc.negotiatedProtocol);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	313	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	314	shc.handshakeKeyDerivation =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	315	kd.createKeyDerivation(shc, masterSecret);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	316	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	317	}
2 90ce3da70b43 Initial load duke parents: diff changeset	318	}
90ce3da70b43 Initial load duke parents: diff changeset	319	}
90ce3da70b43 Initial load duke parents: diff changeset	320	}

author	wetmore
	Fri, 11 May 2018 15:53:12 -0700
branch	JDK-8145252-TLS13-branch
changeset 56542	56aaa6cb3693
parent 47216	71c04702a3d5
child 56603	f103e0c2be1e
permissions	-rw-r--r--