jdk-sandbox: src/java.base/share/classes/sun/security/ssl/NewSessionTicket.java@68fa3d4026ea (annotated)

50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	1	/*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	2	* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	4	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	10	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	15	* accompanied this code).
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	16	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	20	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	23	* questions.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	24	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	25	package sun.security.ssl;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	26
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	27	import java.io.IOException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	28	import java.math.BigInteger;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	29	import java.nio.ByteBuffer;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	30	import java.security.GeneralSecurityException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	31	import java.security.ProviderException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	32	import java.security.SecureRandom;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	33	import java.text.MessageFormat;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	34	import java.util.Locale;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	35	import java.util.Optional;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	36	import javax.crypto.SecretKey;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	37	import javax.net.ssl.SSLHandshakeException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	38	import sun.security.ssl.PskKeyExchangeModesExtension.PskKeyExchangeModesSpec;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	39
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	40	import sun.security.ssl.SSLHandshake.HandshakeMessage;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	41
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	42	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	43	* Pack of the NewSessionTicket handshake message.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	44	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	45	final class NewSessionTicket {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	46	private static final int MAX_TICKET_LIFETIME = 604800; // seconds, 7 days
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	47
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	48	static final SSLConsumer handshakeConsumer =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	49	new NewSessionTicketConsumer();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	50	static final SSLProducer kickstartProducer =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	51	new NewSessionTicketKickstartProducer();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	52	static final HandshakeProducer handshakeProducer =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	53	new NewSessionTicketProducer();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	54
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	55	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	56	* The NewSessionTicketMessage handshake message.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	57	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	58	static final class NewSessionTicketMessage extends HandshakeMessage {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	59	final int ticketLifetime;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	60	final int ticketAgeAdd;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	61	final byte[] ticketNonce;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	62	final byte[] ticket;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	63	final SSLExtensions extensions;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	64
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	65	NewSessionTicketMessage(HandshakeContext context,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	66	int ticketLifetime, SecureRandom generator,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	67	byte[] ticketNonce, byte[] ticket) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	68	super(context);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	69
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	70	this.ticketLifetime = ticketLifetime;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	71	this.ticketAgeAdd = generator.nextInt();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	72	this.ticketNonce = ticketNonce;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	73	this.ticket = ticket;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	74	this.extensions = new SSLExtensions(this);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	75	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	76
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	77	NewSessionTicketMessage(HandshakeContext context,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	78	ByteBuffer m) throws IOException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	79	super(context);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	80
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	81	// struct {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	82	// uint32 ticket_lifetime;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	83	// uint32 ticket_age_add;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	84	// opaque ticket_nonce<0..255>;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	85	// opaque ticket<1..2^16-1>;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	86	// Extension extensions<0..2^16-2>;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	87	// } NewSessionTicket;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	88	if (m.remaining() < 14) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	89	context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	90	"Invalid NewSessionTicket message: no sufficient data");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	91	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	92
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	93	this.ticketLifetime = Record.getInt32(m);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	94	this.ticketAgeAdd = Record.getInt32(m);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	95	this.ticketNonce = Record.getBytes8(m);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	96
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	97	if (m.remaining() < 5) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	98	context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	99	"Invalid NewSessionTicket message: no sufficient data");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	100	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	101
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	102	this.ticket = Record.getBytes16(m);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	103	if (ticket.length == 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	104	context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	105	"No ticket in the NewSessionTicket handshake message");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	106	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	107
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	108	if (m.remaining() < 2) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	109	context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	110	"Invalid NewSessionTicket message: no sufficient data");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	111	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	112
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	113	SSLExtension[] supportedExtensions =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	114	context.sslConfig.getEnabledExtensions(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	115	SSLHandshake.NEW_SESSION_TICKET);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	116	this.extensions = new SSLExtensions(this, m, supportedExtensions);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	117	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	118
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	119	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	120	public SSLHandshake handshakeType() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	121	return SSLHandshake.NEW_SESSION_TICKET;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	122	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	123
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	124	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	125	public int messageLength() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	126	int extLen = extensions.length();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	127	if (extLen == 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	128	extLen = 2; // empty extensions
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	129	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	130
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	131	return 8 + ticketNonce.length + 1 +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	132	ticket.length + 2 + extLen;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	133	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	134
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	135	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	136	public void send(HandshakeOutStream hos) throws IOException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	137	hos.putInt32(ticketLifetime);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	138	hos.putInt32(ticketAgeAdd);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	139	hos.putBytes8(ticketNonce);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	140	hos.putBytes16(ticket);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	141
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	142	// Is it an empty extensions?
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	143	if (extensions.length() == 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	144	hos.putInt16(0);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	145	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	146	extensions.send(hos);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	147	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	148	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	149
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	150	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	151	public String toString() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	152	MessageFormat messageFormat = new MessageFormat(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	153	"\"NewSessionTicket\": '{'\n" +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	154	" \"ticket_lifetime\" : \"{0}\",\n" +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	155	" \"ticket_age_add\" : \"{1}\",\n" +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	156	" \"ticket_nonce\" : \"{2}\",\n" +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	157	" \"ticket\" : \"{3}\",\n" +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	158	" \"extensions\" : [\n" +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	159	"{4}\n" +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	160	" ]\n" +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	161	"'}'",
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	162	Locale.ENGLISH);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	163
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	164	Object[] messageFields = {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	165	ticketLifetime,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	166	"<omitted>", //ticketAgeAdd should not be logged
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	167	Utilities.toHexString(ticketNonce),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	168	Utilities.toHexString(ticket),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	169	Utilities.indent(extensions.toString(), " ")
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	170	};
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	171
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	172	return messageFormat.format(messageFields);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	173	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	174	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	175
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	176	private static SecretKey derivePreSharedKey(CipherSuite.HashAlg hashAlg,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	177	SecretKey resumptionMasterSecret, byte[] nonce) throws IOException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	178	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	179	HKDF hkdf = new HKDF(hashAlg.name);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	180	byte[] hkdfInfo = SSLSecretDerivation.createHkdfInfo(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	181	"tls13 resumption".getBytes(), nonce, hashAlg.hashLength);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	182	return hkdf.expand(resumptionMasterSecret, hkdfInfo,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	183	hashAlg.hashLength, "TlsPreSharedKey");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	184	} catch (GeneralSecurityException gse) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	185	throw (SSLHandshakeException) new SSLHandshakeException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	186	"Could not derive PSK").initCause(gse);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	187	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	188	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	189
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	190	private static final
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	191	class NewSessionTicketKickstartProducer implements SSLProducer {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	192	// Prevent instantiation of this class.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	193	private NewSessionTicketKickstartProducer() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	194	// blank
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	195	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	196
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	197	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	198	public byte[] produce(ConnectionContext context) throws IOException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	199	// The producing happens in server side only.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	200	ServerHandshakeContext shc = (ServerHandshakeContext)context;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	201
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	202	// Is this session resumable?
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	203	if (!shc.handshakeSession.isRejoinable()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	204	return null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	205	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	206
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	207	// What's the requested PSK key exchange modes?
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	208	//
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	209	// Note that currently, the NewSessionTicket post-handshake is
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	210	// produced and delivered only in the current handshake context
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	211	// if required.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	212	PskKeyExchangeModesSpec pkemSpec =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	213	(PskKeyExchangeModesSpec)shc.handshakeExtensions.get(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	214	SSLExtension.PSK_KEY_EXCHANGE_MODES);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	215	if (pkemSpec == null \|\| !pkemSpec.contains(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	216	PskKeyExchangeModesExtension.PskKeyExchangeMode.PSK_DHE_KE)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	217	// Client doesn't support PSK with (EC)DHE key establishment.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	218	return null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	219	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	220
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	221	// get a new session ID
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	222	SSLSessionContextImpl sessionCache = (SSLSessionContextImpl)
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	223	shc.sslContext.engineGetServerSessionContext();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	224	SessionId newId = new SessionId(true,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	225	shc.sslContext.getSecureRandom());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	226
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	227	Optional<SecretKey> resumptionMasterSecret =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	228	shc.handshakeSession.getResumptionMasterSecret();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	229	if (!resumptionMasterSecret.isPresent()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	230	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	231	SSLLogger.fine(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	232	"Session has no resumption secret. No ticket sent.");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	233	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	234	return null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	235	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	236
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	237	// construct the PSK and handshake message
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	238	BigInteger nonce = shc.handshakeSession.incrTicketNonceCounter();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	239	byte[] nonceArr = nonce.toByteArray();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	240	SecretKey psk = derivePreSharedKey(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	241	shc.negotiatedCipherSuite.hashAlg,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	242	resumptionMasterSecret.get(), nonceArr);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	243
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	244	int sessionTimeoutSeconds = sessionCache.getSessionTimeout();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	245	if (sessionTimeoutSeconds > MAX_TICKET_LIFETIME) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	246	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	247	SSLLogger.fine(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	248	"Session timeout is too long. No ticket sent.");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	249	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	250	return null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	251	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	252	NewSessionTicketMessage nstm = new NewSessionTicketMessage(shc,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	253	sessionTimeoutSeconds, shc.sslContext.getSecureRandom(),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	254	nonceArr, newId.getId());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	255	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	256	SSLLogger.fine(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	257	"Produced NewSessionTicket handshake message", nstm);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	258	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	259
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	260	// create and cache the new session
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	261	// The new session must be a child of the existing session so
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	262	// they will be invalidated together, etc.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	263	SSLSessionImpl sessionCopy = new SSLSessionImpl(shc,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	264	shc.handshakeSession.getSuite(), newId,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	265	shc.handshakeSession.getCreationTime());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	266	shc.handshakeSession.addChild(sessionCopy);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	267	sessionCopy.setPreSharedKey(psk);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	268	sessionCopy.setPskIdentity(newId.getId());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	269	sessionCopy.setTicketAgeAdd(nstm.ticketAgeAdd);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	270	sessionCache.put(sessionCopy);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	271
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	272	// Output the handshake message.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	273	nstm.write(shc.handshakeOutput);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	274	shc.handshakeOutput.flush();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	275
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	276	// The message has been delivered.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	277	return null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	278	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	279	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	280
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	281	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	282	* The "NewSessionTicket" handshake message producer.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	283	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	284	private static final class NewSessionTicketProducer
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	285	implements HandshakeProducer {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	286
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	287	// Prevent instantiation of this class.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	288	private NewSessionTicketProducer() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	289	// blank
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	290	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	291
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	292	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	293	public byte[] produce(ConnectionContext context,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	294	HandshakeMessage message) throws IOException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	295
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	296	// NSTM may be sent in response to handshake messages.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	297	// For example: key update
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	298
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	299	throw new ProviderException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	300	"NewSessionTicket handshake producer not implemented");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	301	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	302	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	303
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	304	private static final
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	305	class NewSessionTicketConsumer implements SSLConsumer {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	306	// Prevent instantiation of this class.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	307	private NewSessionTicketConsumer() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	308	// blank
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	309	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	310
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	311	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	312	public void consume(ConnectionContext context,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	313	ByteBuffer message) throws IOException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	314
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	315	// Note: Although the resumption master secret depends on the
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	316	// client's second flight, servers which do not request client
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	317	// authentication MAY compute the remainder of the transcript
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	318	// independently and then send a NewSessionTicket immediately
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	319	// upon sending its Finished rather than waiting for the client
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	320	// Finished.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	321	//
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	322	// The consuming happens in client side only. As the server
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	323	// may send the NewSessionTicket before handshake complete, the
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	324	// context may be a PostHandshakeContext or HandshakeContext
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	325	// instance.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	326	HandshakeContext hc = (HandshakeContext)context;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	327	NewSessionTicketMessage nstm =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	328	new NewSessionTicketMessage(hc, message);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	329	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	330	SSLLogger.fine(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	331	"Consuming NewSessionTicket message", nstm);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	332	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	333
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	334	// discard tickets with timeout 0
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	335	if (nstm.ticketLifetime <= 0 \|\|
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	336	nstm.ticketLifetime > MAX_TICKET_LIFETIME) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	337	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	338	SSLLogger.fine(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	339	"Discarding NewSessionTicket with lifetime "
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	340	+ nstm.ticketLifetime, nstm);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	341	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	342	return;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	343	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	344
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	345	SSLSessionContextImpl sessionCache = (SSLSessionContextImpl)
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	346	hc.sslContext.engineGetClientSessionContext();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	347
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	348	if (sessionCache.getSessionTimeout() > MAX_TICKET_LIFETIME) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	349	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	350	SSLLogger.fine(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	351	"Session cache lifetime is too long. Discarding ticket.");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	352	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	353	return;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	354	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	355
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	356	SSLSessionImpl sessionToSave = hc.conContext.conSession;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	357
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	358	Optional<SecretKey> resumptionMasterSecret =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	359	sessionToSave.getResumptionMasterSecret();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	360	if (!resumptionMasterSecret.isPresent()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	361	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	362	SSLLogger.fine(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	363	"Session has no resumption master secret. Ignoring ticket.");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	364	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	365	return;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	366	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	367
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	368	// derive the PSK
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	369	SecretKey psk = derivePreSharedKey(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	370	sessionToSave.getSuite().hashAlg, resumptionMasterSecret.get(),
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	371	nstm.ticketNonce);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	372
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	373	// create and cache the new session
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	374	// The new session must be a child of the existing session so
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	375	// they will be invalidated together, etc.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	376	SessionId newId =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	377	new SessionId(true, hc.sslContext.getSecureRandom());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	378	SSLSessionImpl sessionCopy = new SSLSessionImpl(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	379	hc, sessionToSave.getSuite(), newId,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	380	sessionToSave.getCreationTime());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	381	sessionToSave.addChild(sessionCopy);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	382	sessionCopy.setPreSharedKey(psk);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	383	sessionCopy.setTicketAgeAdd(nstm.ticketAgeAdd);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	384	sessionCopy.setPskIdentity(nstm.ticket);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	385	sessionCache.put(sessionCopy);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	386
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	387	// clean handshake context
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	388	hc.conContext.finishPostHandshake();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	389	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	390	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	391	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	392

author	xuelei
	Mon, 25 Jun 2018 13:41:39 -0700
changeset 50768	68fa3d4026ea
child 52512	1838347a803b
permissions	-rw-r--r--