jdk-sandbox: src/java.base/share/classes/sun/security/ssl/InputRecord.java@68fa3d4026ea (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	2	* Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 715 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 715 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 715 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 715 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 715 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	28	import java.io.Closeable;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	29	import java.io.IOException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	30	import java.io.InputStream;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	31	import java.io.OutputStream;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	32	import java.nio.BufferUnderflowException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	33	import java.nio.ByteBuffer;
2 90ce3da70b43 Initial load duke parents: diff changeset	34	import javax.crypto.BadPaddingException;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	35	import sun.security.ssl.SSLCipher.SSLReadCipher;
2 90ce3da70b43 Initial load duke parents: diff changeset	36
90ce3da70b43 Initial load duke parents: diff changeset	37	/**
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	38	* {@code InputRecord} takes care of the management of SSL/TLS/DTLS input
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	39	* records, including buffering, decryption, handshake messages marshal, etc.
2 90ce3da70b43 Initial load duke parents: diff changeset	40	*
90ce3da70b43 Initial load duke parents: diff changeset	41	* @author David Brownell
90ce3da70b43 Initial load duke parents: diff changeset	42	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	43	abstract class InputRecord implements Record, Closeable {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	44	SSLReadCipher readCipher;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	45	// Needed for KeyUpdate, used after Handshake.Finished
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	46	TransportContext tc;
2 90ce3da70b43 Initial load duke parents: diff changeset	47
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	48	final HandshakeHash handshakeHash;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	49	boolean isClosed;
2 90ce3da70b43 Initial load duke parents: diff changeset	50
90ce3da70b43 Initial load duke parents: diff changeset	51	// The ClientHello version to accept. If set to ProtocolVersion.SSL20Hello
90ce3da70b43 Initial load duke parents: diff changeset	52	// and the first message we read is a ClientHello in V2 format, we convert
90ce3da70b43 Initial load duke parents: diff changeset	53	// it to V3. Otherwise we throw an exception when encountering a V2 hello.
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	54	ProtocolVersion helloVersion;
2 90ce3da70b43 Initial load duke parents: diff changeset	55
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	56	// fragment size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	57	int fragmentSize;
2 90ce3da70b43 Initial load duke parents: diff changeset	58
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	59	InputRecord(HandshakeHash handshakeHash, SSLReadCipher readCipher) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	60	this.readCipher = readCipher;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	61	this.helloVersion = ProtocolVersion.TLS10;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	62	this.handshakeHash = handshakeHash;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	63	this.isClosed = false;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	64	this.fragmentSize = Record.maxDataSize;
2 90ce3da70b43 Initial load duke parents: diff changeset	65	}
90ce3da70b43 Initial load duke parents: diff changeset	66
90ce3da70b43 Initial load duke parents: diff changeset	67	void setHelloVersion(ProtocolVersion helloVersion) {
90ce3da70b43 Initial load duke parents: diff changeset	68	this.helloVersion = helloVersion;
90ce3da70b43 Initial load duke parents: diff changeset	69	}
90ce3da70b43 Initial load duke parents: diff changeset	70
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	71	boolean seqNumIsHuge() {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	72	return (readCipher.authenticator != null) &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	73	readCipher.authenticator.seqNumIsHuge();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	74	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	75
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	76	boolean isEmpty() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	77	return false;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	78	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	79
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	80	// apply to DTLS SSLEngine
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	81	void expectingFinishFlight() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	82	// blank
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	83	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	84
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	85	// apply to DTLS SSLEngine
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	86	void finishHandshake() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	87	// blank
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	88	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	89
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	90	/**
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	91	* Prevent any more data from being read into this record,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	92	* and flag the record as holding no data.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	93	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	94	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	95	public synchronized void close() throws IOException {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	96	if (!isClosed) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	97	isClosed = true;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	98	readCipher.dispose();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	99	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	100	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	101
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	102	synchronized boolean isClosed() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	103	return isClosed;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	104	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	105
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	106	// apply to SSLSocket and SSLEngine
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	107	void changeReadCiphers(SSLReadCipher readCipher) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	108
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	109	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	110	* Dispose of any intermediate state in the underlying cipher.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	111	* For PKCS11 ciphers, this will release any attached sessions,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	112	* and thus make finalization faster.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	113	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	114	* Since MAC's doFinal() is called for every SSL/TLS packet, it's
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	115	* not necessary to do the same with MAC's.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	116	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	117	readCipher.dispose();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	118
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	119	this.readCipher = readCipher;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	120	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	121
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	122	// change fragment size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	123	void changeFragmentSize(int fragmentSize) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	124	this.fragmentSize = fragmentSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	125	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	126
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	127	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	128	* Check if there is enough inbound data in the ByteBuffer to make
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	129	* a inbound packet.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	130	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	131	* @return -1 if there are not enough bytes to tell (small header),
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	132	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	133	// apply to SSLEngine only
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	134	int bytesInCompletePacket(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	135	ByteBuffer[] srcs, int srcsOffset, int srcsLength) throws IOException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	136
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	137	throw new UnsupportedOperationException("Not supported yet.");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	138	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	139
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	140	// apply to SSLSocket only
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	141	int bytesInCompletePacket() throws IOException {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	142	throw new UnsupportedOperationException();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	143	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	144
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	145	// apply to SSLSocket only
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	146	void setReceiverStream(InputStream inputStream) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	147	throw new UnsupportedOperationException();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	148	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	149
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	150	// apply to DTLS SSLEngine only
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	151	Plaintext acquirePlaintext()
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	152	throws IOException, BadPaddingException {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	153	throw new UnsupportedOperationException();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	154	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	155
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	156	// read, decrypt and decompress the network record.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	157	//
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	158	abstract Plaintext[] decode(ByteBuffer[] srcs, int srcsOffset,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	159	int srcsLength) throws IOException, BadPaddingException;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	160
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	161	// apply to SSLSocket only
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	162	void setDeliverStream(OutputStream outputStream) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	163	throw new UnsupportedOperationException();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	164	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	165
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	166	// calculate plaintext fragment size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	167	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	168	// apply to SSLEngine only
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	169	int estimateFragmentSize(int packetSize) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	170	throw new UnsupportedOperationException();
2 90ce3da70b43 Initial load duke parents: diff changeset	171	}
90ce3da70b43 Initial load duke parents: diff changeset	172
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	173	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	174	// shared helpers
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	175	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	176
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	177	// Not apply to DTLS
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	178	static ByteBuffer convertToClientHello(ByteBuffer packet) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	179	int srcPos = packet.position();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	180
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	181	byte firstByte = packet.get();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	182	byte secondByte = packet.get();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	183	int recordLen = (((firstByte & 0x7F) << 8) \| (secondByte & 0xFF)) + 2;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	184
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	185	packet.position(srcPos + 3); // the V2ClientHello record header
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	186
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	187	byte majorVersion = packet.get();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	188	byte minorVersion = packet.get();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	189
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	190	int cipherSpecLen = ((packet.get() & 0xFF) << 8) +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	191	(packet.get() & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	192	int sessionIdLen = ((packet.get() & 0xFF) << 8) +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	193	(packet.get() & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	194	int nonceLen = ((packet.get() & 0xFF) << 8) +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	195	(packet.get() & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	196
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	197	// Required space for the target SSLv3 ClientHello message.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	198	// 5: record header size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	199	// 4: handshake header size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	200	// 2: ClientHello.client_version
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	201	// 32: ClientHello.random
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	202	// 1: length byte of ClientHello.session_id
43008 c6c74a38f1ad 8172273: SSLEngine.unwrap fails with ArrayIndexOutOfBoundsException xuelei parents: 34687 diff changeset	203	// 2: length bytes of ClientHello.cipher_suites
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	204	// 2: empty ClientHello.compression_methods
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	205	int requiredSize = 48 + sessionIdLen + ((cipherSpecLen * 2 ) / 3);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	206	byte[] converted = new byte[requiredSize];
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	207
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	208	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	209	* Build the first part of the V3 record header from the V2 one
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	210	* that's now buffered up. (Lengths are fixed up later).
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	211	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	212	// Note: need not to set the header actually.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	213	converted[0] = ContentType.HANDSHAKE.id;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	214	converted[1] = majorVersion;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	215	converted[2] = minorVersion;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	216	// header [3..4] for handshake message length
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	217	// required size is 5;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	218
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	219	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	220	* Store the generic V3 handshake header: 4 bytes
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	221	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	222	converted[5] = 1; // HandshakeMessage.ht_client_hello
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	223	// buf [6..8] for length of ClientHello (int24)
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	224	// required size += 4;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	225
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	226	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	227	* ClientHello header starts with SSL version
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	228	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	229	converted[9] = majorVersion;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	230	converted[10] = minorVersion;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	231	// required size += 2;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	232	int pointer = 11;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	233
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	234	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	235	* Copy Random value/nonce ... if less than the 32 bytes of
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	236	* a V3 "Random", right justify and zero pad to the left. Else
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	237	* just take the last 32 bytes.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	238	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	239	int offset = srcPos + 11 + cipherSpecLen + sessionIdLen;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	240
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	241	if (nonceLen < 32) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	242	for (int i = 0; i < (32 - nonceLen); i++) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	243	converted[pointer++] = 0;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	244	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	245	packet.position(offset);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	246	packet.get(converted, pointer, nonceLen);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	247
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	248	pointer += nonceLen;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	249	} else {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	250	packet.position(offset + nonceLen - 32);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	251	packet.get(converted, pointer, 32);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	252
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	253	pointer += 32;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	254	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	255
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	256	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	257	* Copy session ID (only one byte length!)
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	258	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	259	offset -= sessionIdLen;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	260	converted[pointer++] = (byte)(sessionIdLen & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	261	packet.position(offset);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	262	packet.get(converted, pointer, sessionIdLen);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	263
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	264	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	265	* Copy and translate cipher suites ... V2 specs with first byte zero
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	266	* are really V3 specs (in the last 2 bytes), just copy those and drop
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	267	* the other ones. Preference order remains unchanged.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	268	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	269	* Example: Netscape Navigator 3.0 (exportable) says:
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	270	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	271	* 0/3, SSL_RSA_EXPORT_WITH_RC4_40_MD5
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	272	* 0/6, SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	273	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	274	* Microsoft Internet Explorer 3.0 (exportable) supports only
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	275	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	276	* 0/3, SSL_RSA_EXPORT_WITH_RC4_40_MD5
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	277	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	278	int j;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	279
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	280	offset -= cipherSpecLen;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	281	packet.position(offset);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	282
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	283	j = pointer + 2;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	284	for (int i = 0; i < cipherSpecLen; i += 3) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	285	if (packet.get() != 0) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	286	// Ignore version 2.0 specific cipher suite. Clients
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	287	// should also include the version 3.0 equivalent in
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	288	// the V2ClientHello message.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	289	packet.get(); // ignore the 2nd byte
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	290	packet.get(); // ignore the 3rd byte
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	291	continue;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	292	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	293
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	294	converted[j++] = packet.get();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	295	converted[j++] = packet.get();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	296	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	297
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	298	j -= pointer + 2;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	299	converted[pointer++] = (byte)((j >>> 8) & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	300	converted[pointer++] = (byte)(j & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	301	pointer += j;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	302
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	303	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	304	* Append compression methods (default/null only)
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	305	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	306	converted[pointer++] = 1;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	307	converted[pointer++] = 0; // Session.compression_null
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	308
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	309	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	310	* Fill in lengths of the messages we synthesized (nested:
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	311	* V3 handshake message within V3 record).
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	312	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	313	// Note: need not to set the header actually.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	314	int fragLen = pointer - 5; // TLSPlaintext.length
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	315	converted[3] = (byte)((fragLen >>> 8) & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	316	converted[4] = (byte)(fragLen & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	317
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	318	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	319	* Handshake.length, length of ClientHello message
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	320	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	321	fragLen = pointer - 9; // Handshake.length
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	322	converted[6] = (byte)((fragLen >>> 16) & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	323	converted[7] = (byte)((fragLen >>> 8) & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	324	converted[8] = (byte)(fragLen & 0xFF);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	325
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	326	// consume the full record
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	327	packet.position(srcPos + recordLen);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	328
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	329	// Need no header bytes.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	330	return ByteBuffer.wrap(converted, 5, pointer - 5); // 5: header size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	331	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	332
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	333	// Extract an SSL/(D)TLS record from the specified source buffers.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	334	static ByteBuffer extract(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	335	ByteBuffer[] buffers, int offset, int length, int headerSize) {
2 90ce3da70b43 Initial load duke parents: diff changeset	336
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	337	boolean hasFullHeader = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	338	int contentLen = -1;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	339	for (int i = offset, j = 0;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	340	i < (offset + length) && j < headerSize; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	341	int remains = buffers[i].remaining();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	342	int pos = buffers[i].position();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	343	for (int k = 0; k < remains && j < headerSize; j++, k++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	344	byte b = buffers[i].get(pos + k);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	345	if (j == (headerSize - 2)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	346	contentLen = ((b & 0xFF) << 8);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	347	} else if (j == (headerSize -1)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	348	contentLen \|= (b & 0xFF);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	349	hasFullHeader = true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	350	break;
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	351	}
946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	352	}
2 90ce3da70b43 Initial load duke parents: diff changeset	353	}
90ce3da70b43 Initial load duke parents: diff changeset	354
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	355	if (!hasFullHeader) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	356	throw new BufferUnderflowException();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	357	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	358
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	359	int packetLen = headerSize + contentLen;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	360	int remains = 0;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	361	for (int i = offset; i < offset + length; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	362	remains += buffers[i].remaining();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	363	if (remains >= packetLen) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	364	break;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	365	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	366	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	367
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	368	if (remains < packetLen) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	369	throw new BufferUnderflowException();
2 90ce3da70b43 Initial load duke parents: diff changeset	370	}
90ce3da70b43 Initial load duke parents: diff changeset	371
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	372	byte[] packet = new byte[packetLen];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	373	int packetOffset = 0;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	374	int packetSpaces = packetLen;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	375	for (int i = offset; i < offset + length; i++) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	376	if (buffers[i].hasRemaining()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	377	int len = Math.min(packetSpaces, buffers[i].remaining());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	378	buffers[i].get(packet, packetOffset, len);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	379	packetOffset += len;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	380	packetSpaces -= len;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	381	}
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	382
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	383	if (packetSpaces <= 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	384	break;
2 90ce3da70b43 Initial load duke parents: diff changeset	385	}
90ce3da70b43 Initial load duke parents: diff changeset	386	}
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	387
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	388	return ByteBuffer.wrap(packet);
2 90ce3da70b43 Initial load duke parents: diff changeset	389	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	390	}

author	xuelei
	Mon, 25 Jun 2018 13:41:39 -0700
changeset 50768	68fa3d4026ea
parent 47216	71c04702a3d5
child 54443	dfba4e321ab3
permissions	-rw-r--r--