jdk-sandbox: src/java.base/share/classes/sun/security/ssl/SignatureScheme.java@5bf98ad48412 (annotated)

50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	1	/*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	2	* Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	4	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	10	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	15	* accompanied this code).
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	16	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	20	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	23	* questions.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	24	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	25
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	26	package sun.security.ssl;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	27
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	28	import java.security.*;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	29	import java.security.interfaces.ECPrivateKey;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	30	import java.security.spec.AlgorithmParameterSpec;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	31	import java.security.spec.ECParameterSpec;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	32	import java.security.spec.MGF1ParameterSpec;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	33	import java.security.spec.PSSParameterSpec;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	34	import java.util.ArrayList;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	35	import java.util.Arrays;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	36	import java.util.Collection;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	37	import java.util.Collections;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	38	import java.util.EnumSet;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	39	import java.util.LinkedList;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	40	import java.util.List;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	41	import java.util.Set;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	42	import sun.security.ssl.SupportedGroupsExtension.NamedGroup;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	43	import sun.security.ssl.SupportedGroupsExtension.NamedGroupType;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	44	import sun.security.util.KeyUtil;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	45
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	46	enum SignatureScheme {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	47	// EdDSA algorithms
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	48	ED25519 (0x0807, "ed25519", "ed25519",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	49	"ed25519",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	50	ProtocolVersion.PROTOCOLS_OF_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	51	ED448 (0x0808, "ed448", "ed448",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	52	"ed448",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	53	ProtocolVersion.PROTOCOLS_OF_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	54
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	55	// ECDSA algorithms
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	56	ECDSA_SECP256R1_SHA256 (0x0403, "ecdsa_secp256r1_sha256",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	57	"SHA256withECDSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	58	"EC",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	59	NamedGroup.SECP256_R1,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	60	ProtocolVersion.PROTOCOLS_TO_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	61	ECDSA_SECP384R1_SHA384 (0x0503, "ecdsa_secp384r1_sha384",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	62	"SHA384withECDSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	63	"EC",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	64	NamedGroup.SECP384_R1,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	65	ProtocolVersion.PROTOCOLS_TO_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	66	ECDSA_SECP512R1_SHA512 (0x0603, "ecdsa_secp512r1_sha512",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	67	"SHA512withECDSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	68	"EC",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	69	NamedGroup.SECP521_R1,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	70	ProtocolVersion.PROTOCOLS_TO_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	71
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	72	// RSASSA-PSS algorithms with public key OID rsaEncryption
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	73	//
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	74	// The minimalKeySize is calculated as (See RFC 8017 for details):
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	75	// hash length + salt length + 16
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	76	RSA_PSS_RSAE_SHA256 (0x0804, "rsa_pss_rsae_sha256",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	77	"RSASSA-PSS", "RSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	78	SigAlgParamSpec.RSA_PSS_SHA256, 528,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	79	ProtocolVersion.PROTOCOLS_12_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	80	RSA_PSS_RSAE_SHA384 (0x0805, "rsa_pss_rsae_sha384",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	81	"RSASSA-PSS", "RSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	82	SigAlgParamSpec.RSA_PSS_SHA384, 784,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	83	ProtocolVersion.PROTOCOLS_12_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	84	RSA_PSS_RSAE_SHA512 (0x0806, "rsa_pss_rsae_sha512",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	85	"RSASSA-PSS", "RSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	86	SigAlgParamSpec.RSA_PSS_SHA512, 1040,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	87	ProtocolVersion.PROTOCOLS_12_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	88
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	89	// RSASSA-PSS algorithms with public key OID RSASSA-PSS
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	90	//
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	91	// The minimalKeySize is calculated as (See RFC 8017 for details):
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	92	// hash length + salt length + 16
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	93	RSA_PSS_PSS_SHA256 (0x0809, "rsa_pss_pss_sha256",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	94	"RSASSA-PSS", "RSASSA-PSS",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	95	SigAlgParamSpec.RSA_PSS_SHA256, 528,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	96	ProtocolVersion.PROTOCOLS_12_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	97	RSA_PSS_PSS_SHA384 (0x080A, "rsa_pss_pss_sha384",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	98	"RSASSA-PSS", "RSASSA-PSS",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	99	SigAlgParamSpec.RSA_PSS_SHA384, 784,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	100	ProtocolVersion.PROTOCOLS_12_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	101	RSA_PSS_PSS_SHA512 (0x080B, "rsa_pss_pss_sha512",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	102	"RSASSA-PSS", "RSASSA-PSS",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	103	SigAlgParamSpec.RSA_PSS_SHA512, 1040,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	104	ProtocolVersion.PROTOCOLS_12_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	105
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	106	// RSASSA-PKCS1-v1_5 algorithms
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	107	RSA_PKCS1_SHA256 (0x0401, "rsa_pkcs1_sha256", "SHA256withRSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	108	"RSA", null, null, 511,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	109	ProtocolVersion.PROTOCOLS_TO_13,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	110	ProtocolVersion.PROTOCOLS_TO_12),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	111	RSA_PKCS1_SHA384 (0x0501, "rsa_pkcs1_sha384", "SHA384withRSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	112	"RSA", null, null, 768,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	113	ProtocolVersion.PROTOCOLS_TO_13,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	114	ProtocolVersion.PROTOCOLS_TO_12),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	115	RSA_PKCS1_SHA512 (0x0601, "rsa_pkcs1_sha512", "SHA512withRSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	116	"RSA", null, null, 768,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	117	ProtocolVersion.PROTOCOLS_TO_13,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	118	ProtocolVersion.PROTOCOLS_TO_12),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	119
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	120	// Legacy algorithms
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	121	DSA_SHA256 (0x0402, "dsa_sha256", "SHA256withDSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	122	"DSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	123	ProtocolVersion.PROTOCOLS_TO_12),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	124	ECDSA_SHA224 (0x0303, "ecdsa_sha224", "SHA224withECDSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	125	"EC",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	126	ProtocolVersion.PROTOCOLS_TO_12),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	127	RSA_SHA224 (0x0301, "rsa_sha224", "SHA224withRSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	128	"RSA", 511,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	129	ProtocolVersion.PROTOCOLS_TO_12),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	130	DSA_SHA224 (0x0302, "dsa_sha224", "SHA224withDSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	131	"DSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	132	ProtocolVersion.PROTOCOLS_TO_12),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	133	ECDSA_SHA1 (0x0203, "ecdsa_sha1", "SHA1withECDSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	134	"EC",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	135	ProtocolVersion.PROTOCOLS_TO_13),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	136	RSA_PKCS1_SHA1 (0x0201, "rsa_pkcs1_sha1", "SHA1withRSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	137	"RSA", null, null, 511,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	138	ProtocolVersion.PROTOCOLS_TO_13,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	139	ProtocolVersion.PROTOCOLS_TO_12),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	140	DSA_SHA1 (0x0202, "dsa_sha1", "SHA1withDSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	141	"DSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	142	ProtocolVersion.PROTOCOLS_TO_12),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	143	RSA_MD5 (0x0101, "rsa_md5", "MD5withRSA",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	144	"RSA", 511,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	145	ProtocolVersion.PROTOCOLS_TO_12);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	146
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	147	final int id; // hash + signature
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	148	final String name; // literal name
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	149	private final String algorithm; // signature algorithm
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	150	final String keyAlgorithm; // signature key algorithm
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	151	private final AlgorithmParameterSpec signAlgParameter;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	152	private final NamedGroup namedGroup; // associated named group
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	153
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	154	// The minimal required key size in bits.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	155	//
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	156	// Only need to check RSA algorithm at present. RSA keys of 512 bits
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	157	// have been shown to be practically breakable, it does not make much
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	158	// sense to use the strong hash algorithm for keys whose key size less
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	159	// than 512 bits. So it is not necessary to calculate the minimal
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	160	// required key size exactly for a hash algorithm.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	161	//
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	162	// Note that some provider may use 511 bits for 512-bit strength RSA keys.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	163	final int minimalKeySize;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	164	final List<ProtocolVersion> supportedProtocols;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	165
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	166	// Some signature schemes are supported in different versions for handshake
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	167	// messages and certificates. This field holds the supported protocols
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	168	// for handshake messages.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	169	final List<ProtocolVersion> handshakeSupportedProtocols;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	170	final boolean isAvailable;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	171
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	172	private static final String[] hashAlgorithms = new String[] {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	173	"none", "md5", "sha1", "sha224",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	174	"sha256", "sha384", "sha512"
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	175	};
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	176
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	177	private static final String[] signatureAlgorithms = new String[] {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	178	"anonymous", "rsa", "dsa", "ecdsa",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	179	};
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	180
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	181	static enum SigAlgParamSpec { // support RSASSA-PSS only now
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	182	RSA_PSS_SHA256 ("SHA-256", 32),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	183	RSA_PSS_SHA384 ("SHA-384", 48),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	184	RSA_PSS_SHA512 ("SHA-512", 64);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	185
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	186	final private AlgorithmParameterSpec parameterSpec;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	187	final boolean isAvailable;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	188
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	189	SigAlgParamSpec(String hash, int saltLength) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	190	// See RFC 8017
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	191	PSSParameterSpec pssParamSpec =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	192	new PSSParameterSpec(hash, "MGF1",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	193	new MGF1ParameterSpec(hash), saltLength, 1);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	194
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	195	boolean mediator = true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	196	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	197	Signature signer = JsseJce.getSignature("RSASSA-PSS");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	198	signer.setParameter(pssParamSpec);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	199	} catch (InvalidAlgorithmParameterException \|
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	200	NoSuchAlgorithmException exp) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	201	mediator = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	202	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	203	SSLLogger.warning(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	204	"RSASSA-PSS signature with " + hash +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	205	" is not supported by the underlying providers", exp);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	206	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	207	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	208
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	209	this.isAvailable = mediator;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	210	this.parameterSpec = mediator ? pssParamSpec : null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	211	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	212
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	213	AlgorithmParameterSpec getParameterSpec() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	214	return parameterSpec;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	215	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	216	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	217
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	218	// performance optimization
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	219	private static final Set<CryptoPrimitive> SIGNATURE_PRIMITIVE_SET =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	220	Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.SIGNATURE));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	221
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	222
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	223	private SignatureScheme(int id, String name,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	224	String algorithm, String keyAlgorithm,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	225	ProtocolVersion[] supportedProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	226	this(id, name, algorithm, keyAlgorithm, -1, supportedProtocols);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	227	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	228
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	229	private SignatureScheme(int id, String name,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	230	String algorithm, String keyAlgorithm,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	231	int minimalKeySize,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	232	ProtocolVersion[] supportedProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	233	this(id, name, algorithm, keyAlgorithm,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	234	null, minimalKeySize, supportedProtocols);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	235	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	236
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	237	private SignatureScheme(int id, String name,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	238	String algorithm, String keyAlgorithm,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	239	SigAlgParamSpec signAlgParamSpec, int minimalKeySize,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	240	ProtocolVersion[] supportedProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	241	this(id, name, algorithm, keyAlgorithm,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	242	signAlgParamSpec, null, minimalKeySize,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	243	supportedProtocols, supportedProtocols);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	244	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	245
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	246	private SignatureScheme(int id, String name,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	247	String algorithm, String keyAlgorithm,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	248	NamedGroup namedGroup,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	249	ProtocolVersion[] supportedProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	250	this(id, name, algorithm, keyAlgorithm,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	251	null, namedGroup, -1,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	252	supportedProtocols, supportedProtocols);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	253	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	254
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	255	private SignatureScheme(int id, String name,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	256	String algorithm, String keyAlgorithm,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	257	SigAlgParamSpec signAlgParamSpec,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	258	NamedGroup namedGroup, int minimalKeySize,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	259	ProtocolVersion[] supportedProtocols,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	260	ProtocolVersion[] handshakeSupportedProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	261	this.id = id;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	262	this.name = name;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	263	this.algorithm = algorithm;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	264	this.keyAlgorithm = keyAlgorithm;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	265	this.signAlgParameter =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	266	signAlgParamSpec != null ? signAlgParamSpec.parameterSpec : null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	267	this.namedGroup = namedGroup;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	268	this.minimalKeySize = minimalKeySize;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	269	this.supportedProtocols = Arrays.asList(supportedProtocols);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	270	this.handshakeSupportedProtocols =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	271	Arrays.asList(handshakeSupportedProtocols);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	272
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	273	boolean mediator = true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	274	if (signAlgParamSpec != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	275	mediator = signAlgParamSpec.isAvailable;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	276	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	277	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	278	JsseJce.getSignature(algorithm);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	279	} catch (Exception e) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	280	mediator = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	281	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	282	SSLLogger.warning(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	283	"Signature algorithm, " + algorithm +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	284	", is not supported by the underlying providers");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	285	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	286	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	287	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	288
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	289	if (mediator && ((id >> 8) & 0xFF) == 0x03) { // SHA224
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	290	// There are some problems to use SHA224 on Windows.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	291	if (Security.getProvider("SunMSCAPI") != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	292	mediator = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	293	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	294	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	295
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	296	this.isAvailable = mediator;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	297	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	298
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	299	static SignatureScheme valueOf(int id) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	300	for (SignatureScheme ss: SignatureScheme.values()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	301	if (ss.id == id) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	302	return ss;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	303	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	304	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	305
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	306	return null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	307	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	308
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	309	static String nameOf(int id) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	310	for (SignatureScheme ss: SignatureScheme.values()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	311	if (ss.id == id) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	312	return ss.name;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	313	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	314	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	315
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	316	// Use TLS 1.2 style name for unknown signature scheme.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	317	int hashId = ((id >> 8) & 0xFF);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	318	int signId = (id & 0xFF);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	319	String hashName = (hashId >= hashAlgorithms.length) ?
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	320	"UNDEFINED-HASH(" + hashId + ")" : hashAlgorithms[hashId];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	321	String signName = (signId >= signatureAlgorithms.length) ?
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	322	"UNDEFINED-SIGNATURE(" + signId + ")" :
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	323	signatureAlgorithms[signId];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	324
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	325	return signName + "_" + hashName;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	326	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	327
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	328	// Return the size of a SignatureScheme structure in TLS record
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	329	static int sizeInRecord() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	330	return 2;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	331	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	332
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	333	// Get local supported algorithm collection complying to algorithm
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	334	// constraints.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	335	static List<SignatureScheme> getSupportedAlgorithms(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	336	AlgorithmConstraints constraints,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	337	List<ProtocolVersion> activeProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	338	List<SignatureScheme> supported = new LinkedList<>();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	339	for (SignatureScheme ss: SignatureScheme.values()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	340	if (!ss.isAvailable) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	341	continue;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	342	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	343
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	344	boolean isMatch = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	345	for (ProtocolVersion pv : activeProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	346	if (ss.supportedProtocols.contains(pv)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	347	isMatch = true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	348	break;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	349	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	350	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	351
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	352	if (isMatch) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	353	if (constraints.permits(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	354	SIGNATURE_PRIMITIVE_SET, ss.algorithm, null)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	355	supported.add(ss);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	356	} else if (SSLLogger.isOn &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	357	SSLLogger.isOn("ssl,handshake,verbose")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	358	SSLLogger.finest(
52208 5bf98ad48412 8212752: Typo in SSL log message related to inactive/disabled signature scheme coffeys parents: 51574 diff changeset	359	"Ignore disabled signature scheme: " + ss.name);
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	360	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	361	} else if (SSLLogger.isOn &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	362	SSLLogger.isOn("ssl,handshake,verbose")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	363	SSLLogger.finest(
52208 5bf98ad48412 8212752: Typo in SSL log message related to inactive/disabled signature scheme coffeys parents: 51574 diff changeset	364	"Ignore inactive signature scheme: " + ss.name);
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	365	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	366	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	367
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	368	return supported;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	369	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	370
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	371	static List<SignatureScheme> getSupportedAlgorithms(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	372	AlgorithmConstraints constraints,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	373	ProtocolVersion protocolVersion, int[] algorithmIds) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	374	List<SignatureScheme> supported = new LinkedList<>();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	375	for (int ssid : algorithmIds) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	376	SignatureScheme ss = SignatureScheme.valueOf(ssid);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	377	if (ss == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	378	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	379	SSLLogger.warning(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	380	"Unsupported signature scheme: " +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	381	SignatureScheme.nameOf(ssid));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	382	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	383	} else if (ss.isAvailable &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	384	ss.supportedProtocols.contains(protocolVersion) &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	385	constraints.permits(SIGNATURE_PRIMITIVE_SET,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	386	ss.algorithm, null)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	387	supported.add(ss);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	388	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	389	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	390	SSLLogger.warning(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	391	"Unsupported signature scheme: " + ss.name);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	392	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	393	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	394	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	395
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	396	return supported;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	397	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	398
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	399	static SignatureScheme getPreferableAlgorithm(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	400	List<SignatureScheme> schemes,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	401	SignatureScheme certScheme,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	402	ProtocolVersion version) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	403
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	404	for (SignatureScheme ss : schemes) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	405	if (ss.isAvailable &&
51574 ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 50768 diff changeset	406	ss.handshakeSupportedProtocols.contains(version) &&
ed52ea83f830 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy wetmore parents: 50768 diff changeset	407	certScheme.keyAlgorithm.equalsIgnoreCase(ss.keyAlgorithm)) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	408
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	409	return ss;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	410	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	411	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	412
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	413	return null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	414	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	415
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	416	static SignatureScheme getPreferableAlgorithm(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	417	List<SignatureScheme> schemes,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	418	PrivateKey signingKey,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	419	ProtocolVersion version) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	420
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	421	String keyAlgorithm = signingKey.getAlgorithm();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	422	int keySize;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	423	// Only need to check RSA algorithm at present.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	424	if (keyAlgorithm.equalsIgnoreCase("RSA") \|\|
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	425	keyAlgorithm.equalsIgnoreCase("RSASSA-PSS")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	426	keySize = KeyUtil.getKeySize(signingKey);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	427	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	428	keySize = Integer.MAX_VALUE;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	429	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	430	for (SignatureScheme ss : schemes) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	431	if (ss.isAvailable && (keySize >= ss.minimalKeySize) &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	432	ss.handshakeSupportedProtocols.contains(version) &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	433	keyAlgorithm.equalsIgnoreCase(ss.keyAlgorithm)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	434	if (ss.namedGroup != null &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	435	ss.namedGroup.type == NamedGroupType.NAMED_GROUP_ECDHE) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	436	ECParameterSpec params =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	437	((ECPrivateKey)signingKey).getParams();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	438	if (ss.namedGroup == NamedGroup.valueOf(params)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	439	return ss;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	440	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	441	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	442	return ss;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	443	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	444	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	445	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	446
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	447	return null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	448	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	449
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	450	static String[] getAlgorithmNames(Collection<SignatureScheme> schemes) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	451	if (schemes != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	452	ArrayList<String> names = new ArrayList<>(schemes.size());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	453	for (SignatureScheme scheme : schemes) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	454	names.add(scheme.algorithm);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	455	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	456
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	457	return names.toArray(new String[0]);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	458	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	459
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	460	return new String[0];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	461	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	462
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	463	Signature getSignature(Key key) throws NoSuchAlgorithmException,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	464	InvalidAlgorithmParameterException, InvalidKeyException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	465	if (!isAvailable) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	466	return null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	467	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	468
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	469	Signature signer = JsseJce.getSignature(algorithm);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	470	if (key instanceof PublicKey) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	471	signer.initVerify((PublicKey)(key));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	472	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	473	signer.initSign((PrivateKey)key);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	474	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	475
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	476	// Important note: Please don't set the parameters before signature
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	477	// or verification initialization, so that the crypto provider can
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	478	// be selected properly.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	479	if (signAlgParameter != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	480	signer.setParameter(signAlgParameter);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	481	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	482
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	483	return signer;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	484	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	485	}

author	coffeys
	Mon, 22 Oct 2018 10:47:28 +0100
changeset 52208	5bf98ad48412
parent 51574	ed52ea83f830
child 52337	346ad00d6154
permissions	-rw-r--r--