jdk-sandbox: src/java.base/share/classes/sun/security/ssl/SSLSocketOutputRecord.java@71c04702a3d5 (annotated)

30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	1	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	2	* Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	4	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	10	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	15	* accompanied this code).
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	16	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	20	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	23	* questions.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	24	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	25
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	26	package sun.security.ssl;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	27
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	28	import java.io.*;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	29	import java.nio.*;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	30	import java.util.Arrays;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	31
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	32	import javax.net.ssl.SSLException;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	33	import javax.net.ssl.SSLHandshakeException;
34687 d302ed125dc9 8144995: Move sun.misc.HexDumpEncoder to sun.security.util chegar parents: 30904 diff changeset	34	import sun.security.util.HexDumpEncoder;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	35
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	36
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	37	/**
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	38	* {@code OutputRecord} implementation for {@code SSLSocket}.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	39	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	40	final class SSLSocketOutputRecord extends OutputRecord implements SSLRecord {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	41	private OutputStream deliverStream = null;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	42
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	43	SSLSocketOutputRecord() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	44	this.writeAuthenticator = MAC.TLS_NULL;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	45
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	46	this.packetSize = SSLRecord.maxRecordSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	47	this.protocolVersion = ProtocolVersion.DEFAULT_TLS;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	48	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	49
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	50	@Override
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	51	void encodeAlert(byte level, byte description) throws IOException {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	52	// use the buf of ByteArrayOutputStream
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	53	int position = headerSize + writeCipher.getExplicitNonceSize();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	54	count = position;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	55
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	56	write(level);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	57	write(description);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	58
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	59	if (debug != null && Debug.isOn("record")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	60	System.out.println(Thread.currentThread().getName() +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	61	", WRITE: " + protocolVersion +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	62	" " + Record.contentName(Record.ct_alert) +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	63	", length = " + (count - headerSize));
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	64	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	65
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	66	// Encrypt the fragment and wrap up a record.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	67	encrypt(writeAuthenticator, writeCipher,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	68	Record.ct_alert, headerSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	69
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	70	// deliver this message
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	71	deliverStream.write(buf, 0, count); // may throw IOException
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	72	deliverStream.flush(); // may throw IOException
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	73
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	74	if (debug != null && Debug.isOn("packet")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	75	Debug.printHex(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	76	"[Raw write]: length = " + count, buf, 0, count);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	77	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	78
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	79	// reset the internal buffer
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	80	count = 0;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	81	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	82
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	83	@Override
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	84	void encodeHandshake(byte[] source,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	85	int offset, int length) throws IOException {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	86
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	87	if (firstMessage) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	88	firstMessage = false;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	89
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	90	if ((helloVersion == ProtocolVersion.SSL20Hello) &&
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	91	(source[offset] == HandshakeMessage.ht_client_hello) &&
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	92	// 5: recode header size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	93	(source[offset + 4 + 2 + 32] == 0)) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	94	// V3 session ID is empty
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	95	// 4: handshake header size
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	96	// 2: client_version in ClientHello
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	97	// 32: random in ClientHello
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	98
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	99	ByteBuffer v2ClientHello = encodeV2ClientHello(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	100	source, (offset + 4), (length - 4));
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	101
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	102	byte[] record = v2ClientHello.array(); // array offset is zero
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	103	int limit = v2ClientHello.limit();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	104	handshakeHash.update(record, 2, (limit - 2));
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	105
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	106	if (debug != null && Debug.isOn("record")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	107	System.out.println(Thread.currentThread().getName() +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	108	", WRITE: SSLv2 ClientHello message" +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	109	", length = " + limit);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	110	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	111
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	112	// deliver this message
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	113	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	114	// Version 2 ClientHello message should be plaintext.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	115	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	116	// No max fragment length negotiation.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	117	deliverStream.write(record, 0, limit);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	118	deliverStream.flush();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	119
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	120	if (debug != null && Debug.isOn("packet")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	121	Debug.printHex(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	122	"[Raw write]: length = " + count, record, 0, limit);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	123	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	124
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	125	return;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	126	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	127	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	128
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	129	byte handshakeType = source[0];
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	130	if (handshakeType != HandshakeMessage.ht_hello_request) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	131	handshakeHash.update(source, offset, length);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	132	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	133
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	134	int fragLimit = getFragLimit();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	135	int position = headerSize + writeCipher.getExplicitNonceSize();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	136	if (count == 0) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	137	count = position;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	138	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	139
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	140	if ((count - position) < (fragLimit - length)) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	141	write(source, offset, length);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	142	return;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	143	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	144
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	145	for (int limit = (offset + length); offset < limit;) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	146
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	147	int remains = (limit - offset) + (count - position);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	148	int fragLen = Math.min(fragLimit, remains);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	149
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	150	// use the buf of ByteArrayOutputStream
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	151	write(source, offset, fragLen);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	152	if (remains < fragLimit) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	153	return;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	154	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	155
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	156	if (debug != null && Debug.isOn("record")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	157	System.out.println(Thread.currentThread().getName() +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	158	", WRITE: " + protocolVersion +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	159	" " + Record.contentName(Record.ct_handshake) +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	160	", length = " + (count - headerSize));
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	161	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	162
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	163	// Encrypt the fragment and wrap up a record.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	164	encrypt(writeAuthenticator, writeCipher,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	165	Record.ct_handshake, headerSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	166
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	167	// deliver this message
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	168	deliverStream.write(buf, 0, count); // may throw IOException
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	169	deliverStream.flush(); // may throw IOException
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	170
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	171	if (debug != null && Debug.isOn("packet")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	172	Debug.printHex(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	173	"[Raw write]: length = " + count, buf, 0, count);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	174	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	175
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	176	// reset the offset
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	177	offset += fragLen;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	178
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	179	// reset the internal buffer
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	180	count = position;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	181	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	182	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	183
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	184	@Override
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	185	void encodeChangeCipherSpec() throws IOException {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	186
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	187	// use the buf of ByteArrayOutputStream
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	188	int position = headerSize + writeCipher.getExplicitNonceSize();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	189	count = position;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	190
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	191	write((byte)1); // byte 1: change_cipher_spec(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	192
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	193	if (debug != null && Debug.isOn("record")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	194	System.out.println(Thread.currentThread().getName() +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	195	", WRITE: " + protocolVersion +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	196	" " + Record.contentName(Record.ct_change_cipher_spec) +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	197	", length = " + (count - headerSize));
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	198	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	199
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	200	// Encrypt the fragment and wrap up a record.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	201	encrypt(writeAuthenticator, writeCipher,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	202	Record.ct_change_cipher_spec, headerSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	203
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	204	// deliver this message
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	205	deliverStream.write(buf, 0, count); // may throw IOException
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	206	// deliverStream.flush(); // flush in Finished
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	207
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	208	if (debug != null && Debug.isOn("packet")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	209	Debug.printHex(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	210	"[Raw write]: length = " + count, buf, 0, count);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	211	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	212
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	213	// reset the internal buffer
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	214	count = 0;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	215	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	216
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	217	@Override
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	218	public void flush() throws IOException {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	219	int position = headerSize + writeCipher.getExplicitNonceSize();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	220	if (count <= position) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	221	return;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	222	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	223
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	224	if (debug != null && Debug.isOn("record")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	225	System.out.println(Thread.currentThread().getName() +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	226	", WRITE: " + protocolVersion +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	227	" " + Record.contentName(Record.ct_handshake) +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	228	", length = " + (count - headerSize));
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	229	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	230
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	231	// Encrypt the fragment and wrap up a record.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	232	encrypt(writeAuthenticator, writeCipher,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	233	Record.ct_handshake, headerSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	234
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	235	// deliver this message
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	236	deliverStream.write(buf, 0, count); // may throw IOException
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	237	deliverStream.flush(); // may throw IOException
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	238
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	239	if (debug != null && Debug.isOn("packet")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	240	Debug.printHex(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	241	"[Raw write]: length = " + count, buf, 0, count);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	242	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	243
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	244	// reset the internal buffer
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	245	count = 0; // DON'T use position
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	246	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	247
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	248	@Override
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	249	void deliver(byte[] source, int offset, int length) throws IOException {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	250
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	251	if (writeAuthenticator.seqNumOverflow()) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	252	if (debug != null && Debug.isOn("ssl")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	253	System.out.println(Thread.currentThread().getName() +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	254	", sequence number extremely close to overflow " +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	255	"(2^64-1 packets). Closing connection.");
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	256	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	257
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	258	throw new SSLHandshakeException("sequence number overflow");
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	259	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	260
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	261	boolean isFirstRecordOfThePayload = true;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	262	for (int limit = (offset + length); offset < limit;) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	263	int macLen = 0;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	264	if (writeAuthenticator instanceof MAC) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	265	macLen = ((MAC)writeAuthenticator).MAClen();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	266	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	267
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	268	int fragLen;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	269	if (packetSize > 0) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	270	fragLen = Math.min(maxRecordSize, packetSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	271	fragLen = writeCipher.calculateFragmentSize(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	272	fragLen, macLen, headerSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	273
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	274	fragLen = Math.min(fragLen, Record.maxDataSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	275	} else {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	276	fragLen = Record.maxDataSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	277	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	278
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	279	if (fragmentSize > 0) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	280	fragLen = Math.min(fragLen, fragmentSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	281	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	282
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	283	if (isFirstRecordOfThePayload && needToSplitPayload()) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	284	fragLen = 1;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	285	isFirstRecordOfThePayload = false;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	286	} else {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	287	fragLen = Math.min(fragLen, (limit - offset));
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	288	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	289
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	290	// use the buf of ByteArrayOutputStream
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	291	int position = headerSize + writeCipher.getExplicitNonceSize();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	292	count = position;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	293	write(source, offset, fragLen);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	294
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	295	if (debug != null && Debug.isOn("record")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	296	System.out.println(Thread.currentThread().getName() +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	297	", WRITE: " + protocolVersion +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	298	" " + Record.contentName(Record.ct_application_data) +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	299	", length = " + (count - headerSize));
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	300	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	301
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	302	// Encrypt the fragment and wrap up a record.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	303	encrypt(writeAuthenticator, writeCipher,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	304	Record.ct_application_data, headerSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	305
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	306	// deliver this message
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	307	deliverStream.write(buf, 0, count); // may throw IOException
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	308	deliverStream.flush(); // may throw IOException
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	309
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	310	if (debug != null && Debug.isOn("packet")) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	311	Debug.printHex(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	312	"[Raw write]: length = " + count, buf, 0, count);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	313	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	314
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	315	// reset the internal buffer
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	316	count = 0;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	317
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	318	if (isFirstAppOutputRecord) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	319	isFirstAppOutputRecord = false;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	320	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	321
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	322	offset += fragLen;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	323	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	324	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	325
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	326	@Override
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	327	void setDeliverStream(OutputStream outputStream) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	328	this.deliverStream = outputStream;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	329	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	330
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	331	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	332	* Need to split the payload except the following cases:
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	333	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	334	* 1. protocol version is TLS 1.1 or later;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	335	* 2. bulk cipher does not use CBC mode, including null bulk cipher suites.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	336	* 3. the payload is the first application record of a freshly
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	337	* negotiated TLS session.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	338	* 4. the CBC protection is disabled;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	339	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	340	* By default, we counter chosen plaintext issues on CBC mode
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	341	* ciphersuites in SSLv3/TLS1.0 by sending one byte of application
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	342	* data in the first record of every payload, and the rest in
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	343	* subsequent record(s). Note that the issues have been solved in
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	344	* TLS 1.1 or later.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	345	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	346	* It is not necessary to split the very first application record of
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	347	* a freshly negotiated TLS session, as there is no previous
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	348	* application data to guess. To improve compatibility, we will not
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	349	* split such records.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	350	*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	351	* This avoids issues in the outbound direction. For a full fix,
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	352	* the peer must have similar protections.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	353	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	354	boolean needToSplitPayload() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	355	return (!protocolVersion.useTLS11PlusSpec()) &&
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	356	writeCipher.isCBCMode() && !isFirstAppOutputRecord &&
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	357	Record.enableCBCProtection;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	358	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	359
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	360	private int getFragLimit() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	361	int macLen = 0;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	362	if (writeAuthenticator instanceof MAC) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	363	macLen = ((MAC)writeAuthenticator).MAClen();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	364	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	365
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	366	int fragLimit;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	367	if (packetSize > 0) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	368	fragLimit = Math.min(maxRecordSize, packetSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	369	fragLimit = writeCipher.calculateFragmentSize(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	370	fragLimit, macLen, headerSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	371
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	372	fragLimit = Math.min(fragLimit, Record.maxDataSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	373	} else {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	374	fragLimit = Record.maxDataSize;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	375	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	376
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	377	if (fragmentSize > 0) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	378	fragLimit = Math.min(fragLimit, fragmentSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	379	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	380
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	381	return fragLimit;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	382	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: diff changeset	383	}

author	erikj
	Tue, 12 Sep 2017 19:03:39 +0200
changeset 47216	71c04702a3d5
parent 34687	jdk/src/java.base/share/classes/sun/security/ssl/SSLSocketOutputRecord.java@d302ed125dc9
child 50768	68fa3d4026ea
child 56542	56aaa6cb3693
permissions	-rw-r--r--