jdk-sandbox: src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java@56aaa6cb3693 (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	2	* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	28	import java.io.IOException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	29	import java.nio.ByteBuffer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	30	import java.nio.ReadOnlyBufferException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	31	import java.security.AccessController;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	32	import java.security.PrivilegedActionException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	33	import java.security.PrivilegedExceptionAction;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	34	import java.util.List;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	35	import java.util.Map;
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	36	import java.util.function.BiFunction;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	37	import javax.net.ssl.SSLEngine;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	38	import javax.net.ssl.SSLEngineResult;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	39	import javax.net.ssl.SSLEngineResult.HandshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	40	import javax.net.ssl.SSLEngineResult.Status;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	41	import javax.net.ssl.SSLException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	42	import javax.net.ssl.SSLHandshakeException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	43	import javax.net.ssl.SSLKeyException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	44	import javax.net.ssl.SSLParameters;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	45	import javax.net.ssl.SSLPeerUnverifiedException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	46	import javax.net.ssl.SSLProtocolException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	47	import javax.net.ssl.SSLSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	48
90ce3da70b43 Initial load duke parents: diff changeset	49	/**
90ce3da70b43 Initial load duke parents: diff changeset	50	* Implementation of an non-blocking SSLEngine.
90ce3da70b43 Initial load duke parents: diff changeset	51	*
90ce3da70b43 Initial load duke parents: diff changeset	52	* @author Brad Wetmore
90ce3da70b43 Initial load duke parents: diff changeset	53	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	54	final class SSLEngineImpl extends SSLEngine implements SSLTransport {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	55	private final SSLContextImpl sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	56	final TransportContext conContext;
2 90ce3da70b43 Initial load duke parents: diff changeset	57
90ce3da70b43 Initial load duke parents: diff changeset	58	/**
90ce3da70b43 Initial load duke parents: diff changeset	59	* Constructor for an SSLEngine from SSLContext, without
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	60	* host/port hints.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	61	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	62	* This Engine will not be able to cache sessions, but must renegotiate
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	63	* everything by hand.
2 90ce3da70b43 Initial load duke parents: diff changeset	64	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	65	SSLEngineImpl(SSLContextImpl sslContext) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	66	this(sslContext, null, -1);
2 90ce3da70b43 Initial load duke parents: diff changeset	67	}
90ce3da70b43 Initial load duke parents: diff changeset	68
90ce3da70b43 Initial load duke parents: diff changeset	69	/**
90ce3da70b43 Initial load duke parents: diff changeset	70	* Constructor for an SSLEngine from SSLContext.
90ce3da70b43 Initial load duke parents: diff changeset	71	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	72	SSLEngineImpl(SSLContextImpl sslContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	73	String host, int port) {
2 90ce3da70b43 Initial load duke parents: diff changeset	74	super(host, port);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	75	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	76	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	77	if (sslContext.isDTLS()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	78	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	79	new DTLSInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	80	new DTLSOutputRecord(handshakeHash));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	81	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	82	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	83	new SSLEngineInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	84	new SSLEngineOutputRecord(handshakeHash));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	85	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	86
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	87	// Server name indication is a connection scope extension.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	88	if (host != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	89	this.conContext.sslConfig.serverNames =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	90	Utilities.addToSNIServerNameList(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	91	conContext.sslConfig.serverNames, host);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	92	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	93	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	94
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	95	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	96	public synchronized void beginHandshake() throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	97	if (conContext.isUnsureMode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	98	throw new IllegalStateException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	99	"Client/Server mode has not yet been set.");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	100	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	101
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	102	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	103	conContext.kickstart();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	104	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	105	conContext.fatal(Alert.HANDSHAKE_FAILURE,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	106	"Couldn't kickstart handshaking", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	107	} catch (Exception ex) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	108	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	109	"Fail to begin handshake", ex);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	110	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	111	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	112
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	113	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	114	public synchronized SSLEngineResult wrap(ByteBuffer[] appData,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	115	int offset, int length, ByteBuffer netData) throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	116	return wrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	117	appData, offset, length, new ByteBuffer[]{ netData }, 0, 1);
2 90ce3da70b43 Initial load duke parents: diff changeset	118	}
90ce3da70b43 Initial load duke parents: diff changeset	119
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	120	// @Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	121	public synchronized SSLEngineResult wrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	122	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	123	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	124
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	125	if (conContext.isUnsureMode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	126	throw new IllegalStateException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	127	"Client/Server mode has not yet been set.");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	128	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	129
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	130	// See if the handshaker needs to report back some SSLException.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	131	if (conContext.outputRecord.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	132	checkTaskThrown();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	133	} // Otherwise, deliver cached records before throwing task exception.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	134
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	135	// check parameters
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	136	checkParams(srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	137
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	138	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	139	return writeRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	140	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	141	} catch (SSLProtocolException spe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	142	// may be an unexpected handshake message
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	143	conContext.fatal(Alert.UNEXPECTED_MESSAGE, spe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	144	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	145	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	146	"problem wrapping app data", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	147	} catch (Exception ex) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	148	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	149	"Fail to wrap application data", ex);
2 90ce3da70b43 Initial load duke parents: diff changeset	150	}
90ce3da70b43 Initial load duke parents: diff changeset	151
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	152	return null; // make compiler happy
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	153	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	154
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	155	private SSLEngineResult writeRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	156	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	157	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	158
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	159	if (isOutboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	160	return new SSLEngineResult(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	161	Status.CLOSED, getHandshakeStatus(), 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	162	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	163
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	164	HandshakeContext hc = conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	165	HandshakeStatus hsStatus = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	166	if (!conContext.isNegotiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	167	conContext.kickstart();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	168
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	169	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	170	if (hsStatus == HandshakeStatus.NEED_UNWRAP) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	171	/*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	172	* For DTLS, if the handshake state is
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	173	* HandshakeStatus.NEED_UNWRAP, a call to SSLEngine.wrap()
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	174	* means that the previous handshake packets (if delivered)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	175	* get lost, and need retransmit the handshake messages.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	176	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	177	if (!sslContext.isDTLS() \|\| hc == null \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	178	!hc.sslConfig.enableRetransmissions \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	179	conContext.outputRecord.firstMessage) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	180
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	181	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	182	} // otherwise, need retransmission
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	183	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	184	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	185
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	186	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	187	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	188	}
2 90ce3da70b43 Initial load duke parents: diff changeset	189
90ce3da70b43 Initial load duke parents: diff changeset	190	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	191	* If we have a task outstanding, this MUST be done before
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	192	* doing any more wrapping, because we could be in the middle
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	193	* of receiving a handshake message, for example, a finished
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	194	* message which would change the ciphers.
2 90ce3da70b43 Initial load duke parents: diff changeset	195	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	196	if (hsStatus == HandshakeStatus.NEED_TASK) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	197	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	198	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	199
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	200	int dstsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	201	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	202	dstsRemains += dsts[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	203	}
2 90ce3da70b43 Initial load duke parents: diff changeset	204
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	205	// Check destination buffer size.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	206	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	207	// We can be smarter about using smaller buffer sizes later. For
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	208	// now, force it to be large enough to handle any valid record.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	209	if (dstsRemains < conContext.conSession.getPacketBufferSize()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	210	return new SSLEngineResult(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	211	Status.BUFFER_OVERFLOW, getHandshakeStatus(), 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	212	}
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	213
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	214	int srcsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	215	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	216	srcsRemains += srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	217	}
6856 533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	218
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	219	Ciphertext ciphertext = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	220	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	221	// Acquire the buffered to-be-delivered records or retransmissions.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	222	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	223	// May have buffered records, or need retransmission if handshaking.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	224	if (!conContext.outputRecord.isEmpty() \|\| (hc != null &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	225	hc.sslConfig.enableRetransmissions &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	226	hc.sslContext.isDTLS() &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	227	hsStatus == HandshakeStatus.NEED_UNWRAP)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	228	ciphertext = encode(null, 0, 0,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	229	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	230	}
2 90ce3da70b43 Initial load duke parents: diff changeset	231
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	232	if (ciphertext == null && srcsRemains != 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	233	ciphertext = encode(srcs, srcsOffset, srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	234	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	235	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	236	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	237	if (ioe instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	238	throw ioe;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	239	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	240	throw new SSLException("Write problems", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	241	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	242	}
2 90ce3da70b43 Initial load duke parents: diff changeset	243
90ce3da70b43 Initial load duke parents: diff changeset	244	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	245	* Check for status.
2 90ce3da70b43 Initial load duke parents: diff changeset	246	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	247	Status status = (isOutboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	248	if (ciphertext != null && ciphertext.handshakeStatus != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	249	hsStatus = ciphertext.handshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	250	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	251	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	252	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	253
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	254	int deltaSrcs = srcsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	255	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	256	deltaSrcs -= srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	257	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	258
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	259	int deltaDsts = dstsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	260	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	261	deltaDsts -= dsts[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	262	}
2 90ce3da70b43 Initial load duke parents: diff changeset	263
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	264	return new SSLEngineResult(status, hsStatus, deltaSrcs, deltaDsts,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	265	ciphertext != null ? ciphertext.recordSN : -1L);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	266	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	267
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	268	private Ciphertext encode(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	269	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	270	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	271
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	272	Ciphertext ciphertext = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	273	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	274	ciphertext = conContext.outputRecord.encode(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	275	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	276	} catch (SSLHandshakeException she) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	277	// may be record sequence number overflow
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	278	conContext.fatal(Alert.HANDSHAKE_FAILURE, she);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	279	} catch (IOException e) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	280	conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	281	}
2 90ce3da70b43 Initial load duke parents: diff changeset	282
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	283	if (ciphertext == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	284	return Ciphertext.CIPHERTEXT_NULL;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	285	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	286
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	287	// Is the handshake completed?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	288	boolean needRetransmission =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	289	conContext.sslContext.isDTLS() &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	290	conContext.handshakeContext != null &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	291	conContext.handshakeContext.sslConfig.enableRetransmissions;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	292	HandshakeStatus hsStatus =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	293	tryToFinishHandshake(ciphertext.contentType);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	294	if (needRetransmission &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	295	hsStatus == HandshakeStatus.FINISHED &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	296	conContext.sslContext.isDTLS() &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	297	ciphertext.handshakeType == SSLHandshake.FINISHED.id) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	298	// Retransmit the last flight for DTLS.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	299	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	300	// The application data transactions may begin immediately
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	301	// after the last flight. If the last flight get lost, the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	302	// application data may be discarded accordingly. As could
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	303	// be an issue for some applications. This impact can be
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	304	// mitigated by sending the last fligth twice.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	305	if (SSLLogger.isOn && SSLLogger.isOn("ssl,verbose")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	306	SSLLogger.finest("retransmit the last flight messages");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	307	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	308
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	309	conContext.outputRecord.launchRetransmission();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	310	hsStatus = HandshakeStatus.NEED_WRAP;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	311	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	312
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	313	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	314	hsStatus = conContext.getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	315	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	316
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	317	// Is the sequence number is nearly overflow?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	318	if (conContext.outputRecord.seqNumIsHuge()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	319	hsStatus = tryKeyUpdate(hsStatus);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	320	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	321
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	322	// update context status
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	323	ciphertext.handshakeStatus = hsStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	324
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	325	return ciphertext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	326	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	327
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	328	private HandshakeStatus tryToFinishHandshake(byte contentType) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	329	HandshakeStatus hsStatus = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	330	if ((contentType == ContentType.HANDSHAKE.id) &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	331	conContext.outputRecord.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	332	if (conContext.handshakeContext == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	333	hsStatus = HandshakeStatus.FINISHED;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	334	} else if (conContext.handshakeContext.handshakeFinished) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	335	hsStatus = conContext.finishHandshake();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	336	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	337	} // Otherwise, the followed call to getHSStatus() will help.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	338
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	339	return hsStatus;
2 90ce3da70b43 Initial load duke parents: diff changeset	340	}
90ce3da70b43 Initial load duke parents: diff changeset	341
90ce3da70b43 Initial load duke parents: diff changeset	342	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	343	* Try renegotiation or key update for sequence number wrap.
2 90ce3da70b43 Initial load duke parents: diff changeset	344	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	345	* Note that in order to maintain the handshake status properly, we check
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	346	* the sequence number after the last record reading/writing process. As
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	347	* we request renegotiation or close the connection for wrapped sequence
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	348	* number when there is enough sequence number space left to handle a few
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	349	* more records, so the sequence number of the last record cannot be
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	350	* wrapped.
2 90ce3da70b43 Initial load duke parents: diff changeset	351	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	352	private HandshakeStatus tryKeyUpdate(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	353	HandshakeStatus currentHandshakeStatus) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	354	// Don't bother to kickstart the renegotiation or key update when the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	355	// local is asking for it.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	356	if ((conContext.handshakeContext == null) &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	357	!conContext.isClosed() && !conContext.isBroken) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	358	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	359	SSLLogger.finest("key update to wrap sequence number");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	360	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	361	conContext.keyUpdate();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	362	return conContext.getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	363	}
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	364
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	365	return currentHandshakeStatus;
2 90ce3da70b43 Initial load duke parents: diff changeset	366	}
90ce3da70b43 Initial load duke parents: diff changeset	367
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	368	private static void checkParams(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	369	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	370	ByteBuffer[] dsts, int dstsOffset, int dstsLength) {
2 90ce3da70b43 Initial load duke parents: diff changeset	371
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	372	if ((srcs == null) \|\| (dsts == null)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	373	throw new IllegalArgumentException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	374	"source or destination buffer is null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	375	}
2 90ce3da70b43 Initial load duke parents: diff changeset	376
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	377	if ((srcsOffset < 0) \|\| (srcsLength < 0) \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	378	(srcsOffset > srcs.length - srcsLength)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	379	throw new IndexOutOfBoundsException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	380	"index out of bound of the source buffers");
2 90ce3da70b43 Initial load duke parents: diff changeset	381	}
1763 0a6b65d56746 6750401: SSL stress test with GF leads to 32 bit max process size in less than 5 minutes,with PCKS11 provider wetmore parents: 2 diff changeset	382
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	383	if ((dstsOffset < 0) \|\| (dstsLength < 0) \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	384	(dstsOffset > dsts.length - dstsLength)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	385	throw new IndexOutOfBoundsException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	386	"index out of bound of the destination buffers");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	387	}
2 90ce3da70b43 Initial load duke parents: diff changeset	388
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	389	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	390	if (srcs[i] == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	391	throw new IllegalArgumentException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	392	"source buffer[" + i + "] == null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	393	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	394	}
2 90ce3da70b43 Initial load duke parents: diff changeset	395
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	396	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	397	if (dsts[i] == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	398	throw new IllegalArgumentException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	399	"destination buffer[" + i + "] == null");
6856 533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	400	}
533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	401
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	402	/*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	403	* Make sure the destination bufffers are writable.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	404	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	405	if (dsts[i].isReadOnly()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	406	throw new ReadOnlyBufferException();
2 90ce3da70b43 Initial load duke parents: diff changeset	407	}
90ce3da70b43 Initial load duke parents: diff changeset	408	}
90ce3da70b43 Initial load duke parents: diff changeset	409	}
90ce3da70b43 Initial load duke parents: diff changeset	410
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	411	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	412	public synchronized SSLEngineResult unwrap(ByteBuffer src,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	413	ByteBuffer[] dsts, int offset, int length) throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	414	return unwrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	415	new ByteBuffer[]{src}, 0, 1, dsts, offset, length);
2 90ce3da70b43 Initial load duke parents: diff changeset	416	}
90ce3da70b43 Initial load duke parents: diff changeset	417
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	418	// @Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	419	public synchronized SSLEngineResult unwrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	420	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	421	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException {
2 90ce3da70b43 Initial load duke parents: diff changeset	422
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	423	if (conContext.isUnsureMode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	424	throw new IllegalStateException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	425	"Client/Server mode has not yet been set.");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	426	}
2 90ce3da70b43 Initial load duke parents: diff changeset	427
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	428	// See if the handshaker needs to report back some SSLException.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	429	checkTaskThrown();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	430
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	431	// check parameters
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	432	checkParams(srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
2 90ce3da70b43 Initial load duke parents: diff changeset	433
90ce3da70b43 Initial load duke parents: diff changeset	434	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	435	return readRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	436	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	437	} catch (SSLProtocolException spe) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	438	// may be an unexpected handshake message
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	439	conContext.fatal(Alert.UNEXPECTED_MESSAGE,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	440	spe.getMessage(), spe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	441	} catch (IOException ioe) {
2 90ce3da70b43 Initial load duke parents: diff changeset	442	/*
90ce3da70b43 Initial load duke parents: diff changeset	443	* Don't reset position so it looks like we didn't
90ce3da70b43 Initial load duke parents: diff changeset	444	* consume anything. We did consume something, and it
90ce3da70b43 Initial load duke parents: diff changeset	445	* got us into this situation, so report that much back.
90ce3da70b43 Initial load duke parents: diff changeset	446	* Our days of consuming are now over anyway.
90ce3da70b43 Initial load duke parents: diff changeset	447	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	448	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	449	"problem unwrapping net record", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	450	} catch (Exception ex) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	451	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	452	"Fail to unwrap network record", ex);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	453	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	454
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	455	return null; // make compiler happy
2 90ce3da70b43 Initial load duke parents: diff changeset	456	}
90ce3da70b43 Initial load duke parents: diff changeset	457
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	458	private SSLEngineResult readRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	459	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	460	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	461
90ce3da70b43 Initial load duke parents: diff changeset	462	/*
90ce3da70b43 Initial load duke parents: diff changeset	463	* Check if we are closing/closed.
90ce3da70b43 Initial load duke parents: diff changeset	464	*/
90ce3da70b43 Initial load duke parents: diff changeset	465	if (isInboundDone()) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	466	return new SSLEngineResult(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	467	Status.CLOSED, getHandshakeStatus(), 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	468	}
90ce3da70b43 Initial load duke parents: diff changeset	469
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	470	HandshakeStatus hsStatus = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	471	if (!conContext.isNegotiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	472	conContext.kickstart();
2 90ce3da70b43 Initial load duke parents: diff changeset	473
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	474	/*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	475	* If there's still outbound data to flush, we
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	476	* can return without trying to unwrap anything.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	477	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	478	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	479	if (hsStatus == HandshakeStatus.NEED_WRAP) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	480	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	481	}
90ce3da70b43 Initial load duke parents: diff changeset	482	}
90ce3da70b43 Initial load duke parents: diff changeset	483
90ce3da70b43 Initial load duke parents: diff changeset	484	if (hsStatus == null) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	485	hsStatus = getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	486	}
90ce3da70b43 Initial load duke parents: diff changeset	487
90ce3da70b43 Initial load duke parents: diff changeset	488	/*
90ce3da70b43 Initial load duke parents: diff changeset	489	* If we have a task outstanding, this MUST be done before
90ce3da70b43 Initial load duke parents: diff changeset	490	* doing any more unwrapping, because we could be in the middle
90ce3da70b43 Initial load duke parents: diff changeset	491	* of receiving a handshake message, for example, a finished
90ce3da70b43 Initial load duke parents: diff changeset	492	* message which would change the ciphers.
90ce3da70b43 Initial load duke parents: diff changeset	493	*/
90ce3da70b43 Initial load duke parents: diff changeset	494	if (hsStatus == HandshakeStatus.NEED_TASK) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	495	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	496	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	497
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	498	if (hsStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP_AGAIN) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	499	Plaintext plainText = null;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	500	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	501	plainText = decode(null, 0, 0,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	502	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	503	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	504	if (ioe instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	505	throw ioe;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	506	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	507	throw new SSLException("readRecord", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	508	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	509	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	510
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	511	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	512	if (plainText.handshakeStatus != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	513	hsStatus = plainText.handshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	514	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	515	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	516	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	517
2 90ce3da70b43 Initial load duke parents: diff changeset	518	return new SSLEngineResult(
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	519	status, hsStatus, 0, 0, plainText.recordSN);
2 90ce3da70b43 Initial load duke parents: diff changeset	520	}
90ce3da70b43 Initial load duke parents: diff changeset	521
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	522	int srcsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	523	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	524	srcsRemains += srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	525	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	526
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	527	if (srcsRemains == 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	528	return new SSLEngineResult(Status.OK, getHandshakeStatus(), 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	529	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	530
2 90ce3da70b43 Initial load duke parents: diff changeset	531	/*
90ce3da70b43 Initial load duke parents: diff changeset	532	* Check the packet to make sure enough is here.
90ce3da70b43 Initial load duke parents: diff changeset	533	* This will also indirectly check for 0 len packets.
90ce3da70b43 Initial load duke parents: diff changeset	534	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	535	int packetLen = 0;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	536	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	537	packetLen = conContext.inputRecord.bytesInCompletePacket(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	538	srcs, srcsOffset, srcsLength);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	539	} catch (SSLException ssle) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	540	// Need to discard invalid records for DTLS protocols.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	541	if (sslContext.isDTLS()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	542	if (SSLLogger.isOn && SSLLogger.isOn("ssl,verbose")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	543	SSLLogger.finest("Discard invalid DTLS records", ssle);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	544	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	545
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	546	// invalid, discard the entire data [section 4.1.2.7, RFC 6347]
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	547	// TODO
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	548	int deltaNet = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	549	// int deltaNet = netData.remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	550	// netData.position(netData.limit());
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	551
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	552	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	553	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	554	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	555	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	556
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	557	return new SSLEngineResult(status, hsStatus, deltaNet, 0, -1L);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	558	} else {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	559	throw ssle;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	560	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	561	}
2 90ce3da70b43 Initial load duke parents: diff changeset	562
90ce3da70b43 Initial load duke parents: diff changeset	563	// Is this packet bigger than SSL/TLS normally allows?
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	564	if (packetLen > conContext.conSession.getPacketBufferSize()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	565	int largestRecordSize = sslContext.isDTLS() ?
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	566	DTLSRecord.maxRecordSize : SSLRecord.maxLargeRecordSize;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	567	if ((packetLen <= largestRecordSize) && !sslContext.isDTLS()) {
2 90ce3da70b43 Initial load duke parents: diff changeset	568	// Expand the expected maximum packet/application buffer
90ce3da70b43 Initial load duke parents: diff changeset	569	// sizes.
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	570	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	571	// Only apply to SSL/TLS protocols.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	572
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	573	// Old behavior: shall we honor the System Property
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	574	// "jsse.SSLEngine.acceptLargeFragments" if it is "false"?
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	575	conContext.conSession.expandBufferSizes();
2 90ce3da70b43 Initial load duke parents: diff changeset	576	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	577
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	578	// check the packet again
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	579	largestRecordSize = conContext.conSession.getPacketBufferSize();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	580	if (packetLen > largestRecordSize) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	581	throw new SSLProtocolException(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	582	"Input record too big: max = " +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	583	largestRecordSize + " len = " + packetLen);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	584	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	585	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	586
2 90ce3da70b43 Initial load duke parents: diff changeset	587	/*
90ce3da70b43 Initial load duke parents: diff changeset	588	* Check for OVERFLOW.
90ce3da70b43 Initial load duke parents: diff changeset	589	*
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	590	* Delay enforcing the application buffer free space requirement
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	591	* until after the initial handshaking.
2 90ce3da70b43 Initial load duke parents: diff changeset	592	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	593	int dstsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	594	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	595	dstsRemains += dsts[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	596	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	597
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	598	if (conContext.isNegotiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	599	int FragLen =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	600	conContext.inputRecord.estimateFragmentSize(packetLen);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	601	if (FragLen > dstsRemains) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	602	return new SSLEngineResult(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	603	Status.BUFFER_OVERFLOW, hsStatus, 0, 0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	604	}
2 90ce3da70b43 Initial load duke parents: diff changeset	605	}
90ce3da70b43 Initial load duke parents: diff changeset	606
90ce3da70b43 Initial load duke parents: diff changeset	607	// check for UNDERFLOW.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	608	if ((packetLen == -1) \|\| (srcsRemains < packetLen)) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	609	return new SSLEngineResult(Status.BUFFER_UNDERFLOW, hsStatus, 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	610	}
90ce3da70b43 Initial load duke parents: diff changeset	611
90ce3da70b43 Initial load duke parents: diff changeset	612	/*
90ce3da70b43 Initial load duke parents: diff changeset	613	* We're now ready to actually do the read.
90ce3da70b43 Initial load duke parents: diff changeset	614	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	615	Plaintext plainText = null;
2 90ce3da70b43 Initial load duke parents: diff changeset	616	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	617	plainText = decode(srcs, srcsOffset, srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	618	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	619	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	620	if (ioe instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	621	throw ioe;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	622	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	623	throw new SSLException("readRecord", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	624	}
2 90ce3da70b43 Initial load duke parents: diff changeset	625	}
90ce3da70b43 Initial load duke parents: diff changeset	626
90ce3da70b43 Initial load duke parents: diff changeset	627	/*
90ce3da70b43 Initial load duke parents: diff changeset	628	* Check the various condition that we could be reporting.
90ce3da70b43 Initial load duke parents: diff changeset	629	*
90ce3da70b43 Initial load duke parents: diff changeset	630	* It's possible something might have happened between the
90ce3da70b43 Initial load duke parents: diff changeset	631	* above and now, but it was better to minimally lock "this"
90ce3da70b43 Initial load duke parents: diff changeset	632	* during the read process. We'll return the current
90ce3da70b43 Initial load duke parents: diff changeset	633	* status, which is more representative of the current state.
90ce3da70b43 Initial load duke parents: diff changeset	634	*
90ce3da70b43 Initial load duke parents: diff changeset	635	* status above should cover: FINISHED, NEED_TASK
90ce3da70b43 Initial load duke parents: diff changeset	636	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	637	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	638	if (plainText.handshakeStatus != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	639	hsStatus = plainText.handshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	640	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	641	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	642	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	643
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	644	int deltaNet = srcsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	645	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	646	deltaNet -= srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	647	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	648
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	649	int deltaApp = dstsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	650	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	651	deltaApp -= dsts[i].remaining();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	652	}
2 90ce3da70b43 Initial load duke parents: diff changeset	653
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	654	return new SSLEngineResult(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	655	status, hsStatus, deltaNet, deltaApp, plainText.recordSN);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	656	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	657
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	658	private Plaintext decode(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	659	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	660	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	661
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	662	Plaintext pt = SSLTransport.decode(conContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	663	srcs, srcsOffset, srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	664	dsts, dstsOffset, dstsLength);
2 90ce3da70b43 Initial load duke parents: diff changeset	665
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	666	// Is the handshake completed?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	667	if (pt != Plaintext.PLAINTEXT_NULL) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	668	HandshakeStatus hsStatus = tryToFinishHandshake(pt.contentType);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	669	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	670	pt.handshakeStatus = conContext.getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	671	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	672	pt.handshakeStatus = hsStatus;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	673	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	674
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	675	// Is the sequence number is nearly overflow?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	676	if (conContext.inputRecord.seqNumIsHuge()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	677	pt.handshakeStatus =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	678	tryKeyUpdate(pt.handshakeStatus);
2 90ce3da70b43 Initial load duke parents: diff changeset	679	}
90ce3da70b43 Initial load duke parents: diff changeset	680	}
90ce3da70b43 Initial load duke parents: diff changeset	681
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	682	return pt;
2 90ce3da70b43 Initial load duke parents: diff changeset	683	}
90ce3da70b43 Initial load duke parents: diff changeset	684
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	685	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	686	public synchronized Runnable getDelegatedTask() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	687	if (conContext.handshakeContext != null &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	688	!conContext.handshakeContext.taskDelegated &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	689	!conContext.handshakeContext.delegatedActions.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	690	conContext.handshakeContext.taskDelegated = true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	691	return new DelegatedTask(this);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	692	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	693
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	694	return null;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	695	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	696
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	697	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	698	public synchronized void closeInbound() throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	699	conContext.closeInbound();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	700	}
2 90ce3da70b43 Initial load duke parents: diff changeset	701
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	702	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	703	public synchronized boolean isInboundDone() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	704	return conContext.isInboundDone();
2 90ce3da70b43 Initial load duke parents: diff changeset	705	}
90ce3da70b43 Initial load duke parents: diff changeset	706
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	707	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	708	public synchronized void closeOutbound() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	709	conContext.closeOutbound();
2 90ce3da70b43 Initial load duke parents: diff changeset	710	}
90ce3da70b43 Initial load duke parents: diff changeset	711
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	712	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	713	public synchronized boolean isOutboundDone() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	714	return conContext.isOutboundDone();
2 90ce3da70b43 Initial load duke parents: diff changeset	715	}
90ce3da70b43 Initial load duke parents: diff changeset	716
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	717	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	718	public String[] getSupportedCipherSuites() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	719	return CipherSuite.namesOf(sslContext.getSupportedCipherSuites());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	720	}
2 90ce3da70b43 Initial load duke parents: diff changeset	721
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	722	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	723	public synchronized String[] getEnabledCipherSuites() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	724	return CipherSuite.namesOf(conContext.sslConfig.enabledCipherSuites);
2 90ce3da70b43 Initial load duke parents: diff changeset	725	}
90ce3da70b43 Initial load duke parents: diff changeset	726
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	727	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	728	public synchronized void setEnabledCipherSuites(String[] suites) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	729	if (suites == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	730	throw new IllegalArgumentException("CipherSuites cannot be null");
2 90ce3da70b43 Initial load duke parents: diff changeset	731	}
90ce3da70b43 Initial load duke parents: diff changeset	732
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	733	conContext.sslConfig.enabledCipherSuites =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	734	CipherSuite.validValuesOf(suites);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	735	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	736
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	737	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	738	public String[] getSupportedProtocols() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	739	return ProtocolVersion.toStringArray(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	740	sslContext.getSuportedProtocolVersions());
2 90ce3da70b43 Initial load duke parents: diff changeset	741	}
90ce3da70b43 Initial load duke parents: diff changeset	742
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	743	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	744	public synchronized String[] getEnabledProtocols() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	745	return ProtocolVersion.toStringArray(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	746	conContext.sslConfig.enabledProtocols);
2 90ce3da70b43 Initial load duke parents: diff changeset	747	}
90ce3da70b43 Initial load duke parents: diff changeset	748
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	749	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	750	public synchronized void setEnabledProtocols(String[] protocols) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	751	if (protocols == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	752	throw new IllegalArgumentException("Protocols cannot be null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	753	}
2 90ce3da70b43 Initial load duke parents: diff changeset	754
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	755	conContext.sslConfig.enabledProtocols =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	756	ProtocolVersion.namesOf(protocols);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	757	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	758
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	759	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	760	public synchronized SSLSession getSession() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	761	return conContext.conSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	762	}
90ce3da70b43 Initial load duke parents: diff changeset	763
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	764	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	765	public synchronized SSLSession getHandshakeSession() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	766	return conContext.handshakeContext == null ?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	767	null : conContext.handshakeContext.handshakeSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	768	}
90ce3da70b43 Initial load duke parents: diff changeset	769
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	770	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	771	public synchronized SSLEngineResult.HandshakeStatus getHandshakeStatus() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	772	return conContext.getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	773	}
90ce3da70b43 Initial load duke parents: diff changeset	774
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	775	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	776	public synchronized void setUseClientMode(boolean mode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	777	conContext.setUseClientMode(mode);
2 90ce3da70b43 Initial load duke parents: diff changeset	778	}
90ce3da70b43 Initial load duke parents: diff changeset	779
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	780	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	781	public synchronized boolean getUseClientMode() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	782	return conContext.sslConfig.isClientMode;
2 90ce3da70b43 Initial load duke parents: diff changeset	783	}
90ce3da70b43 Initial load duke parents: diff changeset	784
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	785	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	786	public synchronized void setNeedClientAuth(boolean need) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	787	conContext.sslConfig.clientAuthType =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	788	(need ? ClientAuthType.CLIENT_AUTH_REQUIRED :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	789	ClientAuthType.CLIENT_AUTH_NONE);
2 90ce3da70b43 Initial load duke parents: diff changeset	790	}
90ce3da70b43 Initial load duke parents: diff changeset	791
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	792	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	793	public synchronized boolean getNeedClientAuth() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	794	return (conContext.sslConfig.clientAuthType ==
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	795	ClientAuthType.CLIENT_AUTH_REQUIRED);
2 90ce3da70b43 Initial load duke parents: diff changeset	796	}
90ce3da70b43 Initial load duke parents: diff changeset	797
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	798	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	799	public synchronized void setWantClientAuth(boolean want) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	800	conContext.sslConfig.clientAuthType =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	801	(want ? ClientAuthType.CLIENT_AUTH_REQUESTED :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	802	ClientAuthType.CLIENT_AUTH_NONE);
2 90ce3da70b43 Initial load duke parents: diff changeset	803	}
90ce3da70b43 Initial load duke parents: diff changeset	804
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	805	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	806	public synchronized boolean getWantClientAuth() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	807	return (conContext.sslConfig.clientAuthType ==
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	808	ClientAuthType.CLIENT_AUTH_REQUESTED);
2 90ce3da70b43 Initial load duke parents: diff changeset	809	}
90ce3da70b43 Initial load duke parents: diff changeset	810
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	811	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	812	public synchronized void setEnableSessionCreation(boolean flag) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	813	conContext.sslConfig.enableSessionCreation = flag;
2 90ce3da70b43 Initial load duke parents: diff changeset	814	}
90ce3da70b43 Initial load duke parents: diff changeset	815
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	816	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	817	public synchronized boolean getEnableSessionCreation() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	818	return conContext.sslConfig.enableSessionCreation;
2 90ce3da70b43 Initial load duke parents: diff changeset	819	}
90ce3da70b43 Initial load duke parents: diff changeset	820
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	821	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	822	public synchronized SSLParameters getSSLParameters() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	823	return conContext.sslConfig.getSSLParameters();
2 90ce3da70b43 Initial load duke parents: diff changeset	824	}
90ce3da70b43 Initial load duke parents: diff changeset	825
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	826	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	827	public synchronized void setSSLParameters(SSLParameters params) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	828	conContext.sslConfig.setSSLParameters(params);
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	829
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	830	if (conContext.sslConfig.maximumPacketSize != 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	831	conContext.outputRecord.changePacketSize(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	832	conContext.sslConfig.maximumPacketSize);
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	833	}
2 90ce3da70b43 Initial load duke parents: diff changeset	834	}
90ce3da70b43 Initial load duke parents: diff changeset	835
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	836	@Override
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	837	public synchronized String getApplicationProtocol() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	838	return conContext.applicationProtocol;
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	839	}
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	840
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	841	@Override
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	842	public synchronized String getHandshakeApplicationProtocol() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	843	return conContext.handshakeContext == null ?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	844	null : conContext.handshakeContext.applicationProtocol;
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	845	}
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	846
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	847	@Override
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	848	public synchronized void setHandshakeApplicationProtocolSelector(
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	849	BiFunction<SSLEngine, List<String>, String> selector) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	850	conContext.sslConfig.engineAPSelector = selector;
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	851	}
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	852
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	853	@Override
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	854	public synchronized BiFunction<SSLEngine, List<String>, String>
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	855	getHandshakeApplicationProtocolSelector() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	856	return conContext.sslConfig.engineAPSelector;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	857	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	858
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	859	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	860	public boolean useDelegatedTask() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	861	return true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	862	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	863
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	864	private synchronized void checkTaskThrown() throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	865	HandshakeContext hc = conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	866	if (hc != null && hc.delegatedThrown != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	867	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	868	throw getTaskThrown(hc.delegatedThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	869	} finally {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	870	hc.delegatedThrown = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	871	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	872	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	873
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	874	if (conContext.isBroken && conContext.closeReason != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	875	throw getTaskThrown(conContext.closeReason);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	876	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	877	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	878
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	879	private static SSLException getTaskThrown(Exception taskThrown) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	880	String msg = taskThrown.getMessage();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	881
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	882	if (msg == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	883	msg = "Delegated task threw Exception or Error";
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	884	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	885
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	886	if (taskThrown instanceof RuntimeException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	887	throw new RuntimeException(msg, taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	888	} else if (taskThrown instanceof SSLHandshakeException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	889	return (SSLHandshakeException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	890	new SSLHandshakeException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	891	} else if (taskThrown instanceof SSLKeyException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	892	return (SSLKeyException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	893	new SSLKeyException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	894	} else if (taskThrown instanceof SSLPeerUnverifiedException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	895	return (SSLPeerUnverifiedException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	896	new SSLPeerUnverifiedException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	897	} else if (taskThrown instanceof SSLProtocolException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	898	return (SSLProtocolException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	899	new SSLProtocolException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	900	} else if (taskThrown instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	901	return (SSLException)taskThrown;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	902	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	903	return new SSLException(msg, taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	904	}
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	905	}
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	906
2 90ce3da70b43 Initial load duke parents: diff changeset	907	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	908	* Implement a simple task delegator.
2 90ce3da70b43 Initial load duke parents: diff changeset	909	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	910	private static class DelegatedTask implements Runnable {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	911	private final SSLEngineImpl engine;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	912
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	913	DelegatedTask(SSLEngineImpl engineInstance) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	914	this.engine = engineInstance;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	915	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	916
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	917	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	918	public void run() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	919	synchronized (engine) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	920	HandshakeContext hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	921	if (hc == null \|\| hc.delegatedActions.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	922	return;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	923	}
2 90ce3da70b43 Initial load duke parents: diff changeset	924
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	925	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	926	AccessController.doPrivileged(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	927	new DelegatedAction(hc), engine.conContext.acc);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	928	} catch (PrivilegedActionException pae) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	929	// Get the handshake context again in case the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	930	// handshaking has completed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	931	hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	932	if (hc != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	933	hc.delegatedThrown = pae.getException();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	934	} else if (engine.conContext.closeReason != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	935	engine.conContext.closeReason =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	936	getTaskThrown(pae.getException());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	937	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	938	} catch (RuntimeException rte) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	939	// Get the handshake context again in case the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	940	// handshaking has completed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	941	hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	942	if (hc != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	943	hc.delegatedThrown = rte;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	944	} else if (engine.conContext.closeReason != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	945	engine.conContext.closeReason = rte;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	946	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	947	}
2 90ce3da70b43 Initial load duke parents: diff changeset	948
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	949	// Get the handshake context again in case the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	950	// handshaking has completed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	951	hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	952	if (hc != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	953	hc.taskDelegated = false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	954	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	955	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	956	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	957
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	958	private static class DelegatedAction
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	959	implements PrivilegedExceptionAction<Void> {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	960	final HandshakeContext context;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	961	DelegatedAction(HandshakeContext context) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	962	this.context = context;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	963	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	964
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	965	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	966	public Void run() throws Exception {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	967	while (!context.delegatedActions.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	968	// Report back the task SSLException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	969	if (context.delegatedThrown != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	970	Exception delegatedThrown = context.delegatedThrown;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	971	context.delegatedThrown = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	972	throw getTaskThrown(delegatedThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	973	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	974
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	975	Map.Entry<Byte, ByteBuffer> me =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	976	context.delegatedActions.poll();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	977	if (me != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	978	context.dispatch(me.getKey(), me.getValue());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	979	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	980	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	981	return null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	982	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	983	}
2 90ce3da70b43 Initial load duke parents: diff changeset	984	}
90ce3da70b43 Initial load duke parents: diff changeset	985	}

author	wetmore
	Fri, 11 May 2018 15:53:12 -0700
branch	JDK-8145252-TLS13-branch
changeset 56542	56aaa6cb3693
parent 47216	71c04702a3d5
child 56544	ad120e0dfcfb
permissions	-rw-r--r--