jdk-sandbox: src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java@75527e40bdfd (annotated)

56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	1	/*
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	2	* Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	4	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	10	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	15	* accompanied this code).
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	16	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	20	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	23	* questions.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	24	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	25	package sun.security.ssl;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	26
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	27	import java.io.IOException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	28	import java.nio.ByteBuffer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	29	import java.security.*;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	30	import java.text.MessageFormat;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	31	import java.util.List;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	32	import java.util.ArrayList;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	33	import java.util.Locale;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	34	import java.util.Arrays;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	35	import java.util.Optional;
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	36	import javax.crypto.Mac;
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	37	import javax.crypto.SecretKey;
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	38	import sun.security.ssl.ClientHello.ClientHelloMessage;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	39	import sun.security.ssl.SSLExtension.ExtensionConsumer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	40	import sun.security.ssl.SSLExtension.SSLExtensionSpec;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	41	import sun.security.ssl.SSLHandshake.HandshakeMessage;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	42	import static sun.security.ssl.SSLExtension.*;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	43
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	44	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	45	* Pack of the "pre_shared_key" extension.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	46	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	47	final class PreSharedKeyExtension {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	48	static final HandshakeProducer chNetworkProducer =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	49	new CHPreSharedKeyProducer();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	50	static final ExtensionConsumer chOnLoadConsumer =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	51	new CHPreSharedKeyConsumer();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	52	static final HandshakeAbsence chOnLoadAbsence =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	53	new CHPreSharedKeyAbsence();
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	54	static final HandshakeConsumer chOnTradeConsumer =
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	55	new CHPreSharedKeyUpdate();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	56
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	57	static final HandshakeProducer shNetworkProducer =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	58	new SHPreSharedKeyProducer();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	59	static final ExtensionConsumer shOnLoadConsumer =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	60	new SHPreSharedKeyConsumer();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	61	static final HandshakeAbsence shOnLoadAbsence =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	62	new SHPreSharedKeyAbsence();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	63
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	64	private static final class PskIdentity {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	65	final byte[] identity;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	66	final int obfuscatedAge;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	67
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	68	PskIdentity(byte[] identity, int obfuscatedAge) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	69	this.identity = identity;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	70	this.obfuscatedAge = obfuscatedAge;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	71	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	72
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	73	int getEncodedLength() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	74	return 2 + identity.length + 4;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	75	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	76
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	77	void writeEncoded(ByteBuffer m) throws IOException {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	78	Record.putBytes16(m, identity);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	79	Record.putInt32(m, obfuscatedAge);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	80	}
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	81
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	82	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	83	public String toString() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	84	return "{" + Utilities.toHexString(identity) + "," +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	85	obfuscatedAge + "}";
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	86	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	87	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	88
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	89	private static final
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	90	class CHPreSharedKeySpec implements SSLExtensionSpec {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	91	final List<PskIdentity> identities;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	92	final List<byte[]> binders;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	93
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	94	CHPreSharedKeySpec(List<PskIdentity> identities, List<byte[]> binders) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	95	this.identities = identities;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	96	this.binders = binders;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	97	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	98
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	99	CHPreSharedKeySpec(HandshakeContext context,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	100	ByteBuffer m) throws IOException {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	101	// struct {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	102	// PskIdentity identities<7..2^16-1>;
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	103	// PskBinderEntry binders<33..2^16-1>;
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	104	// } OfferedPsks;
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	105	if (m.remaining() < 44) {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	106	context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	107	"Invalid pre_shared_key extension: " +
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	108	"insufficient data (length=" + m.remaining() + ")");
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	109	}
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	110
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	111	int idEncodedLength = Record.getInt16(m);
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	112	if (idEncodedLength < 7) {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	113	context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	114	"Invalid pre_shared_key extension: " +
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	115	"insufficient identities (length=" + idEncodedLength + ")");
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	116	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	117
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	118	identities = new ArrayList<>();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	119	int idReadLength = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	120	while (idReadLength < idEncodedLength) {
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	121	byte[] id = Record.getBytes16(m);
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	122	if (id.length < 1) {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	123	context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	124	"Invalid pre_shared_key extension: " +
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	125	"insufficient identity (length=" + id.length + ")");
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	126	}
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	127	int obfuscatedTicketAge = Record.getInt32(m);
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	128
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	129	PskIdentity pskId = new PskIdentity(id, obfuscatedTicketAge);
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	130	identities.add(pskId);
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	131	idReadLength += pskId.getEncodedLength();
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	132	}
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	133
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	134	if (m.remaining() < 35) {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	135	context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	136	"Invalid pre_shared_key extension: " +
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	137	"insufficient binders data (length=" +
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	138	m.remaining() + ")");
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	139	}
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	140
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	141	int bindersEncodedLen = Record.getInt16(m);
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	142	if (bindersEncodedLen < 33) {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	143	context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	144	"Invalid pre_shared_key extension: " +
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	145	"insufficient binders (length=" +
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	146	bindersEncodedLen + ")");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	147	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	148
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	149	binders = new ArrayList<>();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	150	int bindersReadLength = 0;
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	151	while (bindersReadLength < bindersEncodedLen) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	152	byte[] binder = Record.getBytes8(m);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	153	if (binder.length < 32) {
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	154	context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	155	"Invalid pre_shared_key extension: " +
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	156	"insufficient binder entry (length=" +
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	157	binder.length + ")");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	158	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	159	binders.add(binder);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	160	bindersReadLength += 1 + binder.length;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	161	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	162	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	163
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	164	int getIdsEncodedLength() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	165	int idEncodedLength = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	166	for(PskIdentity curId : identities) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	167	idEncodedLength += curId.getEncodedLength();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	168	}
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	169
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	170	return idEncodedLength;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	171	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	172
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	173	int getBindersEncodedLength() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	174	int binderEncodedLength = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	175	for (byte[] curBinder : binders) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	176	binderEncodedLength += 1 + curBinder.length;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	177	}
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	178
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	179	return binderEncodedLength;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	180	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	181
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	182	byte[] getEncoded() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	183	int idsEncodedLength = getIdsEncodedLength();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	184	int bindersEncodedLength = getBindersEncodedLength();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	185	int encodedLength = 4 + idsEncodedLength + bindersEncodedLength;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	186	byte[] buffer = new byte[encodedLength];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	187	ByteBuffer m = ByteBuffer.wrap(buffer);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	188	Record.putInt16(m, idsEncodedLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	189	for(PskIdentity curId : identities) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	190	curId.writeEncoded(m);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	191	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	192	Record.putInt16(m, bindersEncodedLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	193	for (byte[] curBinder : binders) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	194	Record.putBytes8(m, curBinder);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	195	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	196
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	197	return buffer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	198	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	199
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	200	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	201	public String toString() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	202	MessageFormat messageFormat = new MessageFormat(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	203	"\"PreSharedKey\": '{'\n" +
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	204	" \"identities\" : \"{0}\",\n" +
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	205	" \"binders\" : \"{1}\",\n" +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	206	"'}'",
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	207	Locale.ENGLISH);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	208
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	209	Object[] messageFields = {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	210	Utilities.indent(identitiesString()),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	211	Utilities.indent(bindersString())
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	212	};
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	213
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	214	return messageFormat.format(messageFields);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	215	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	216
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	217	String identitiesString() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	218	StringBuilder result = new StringBuilder();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	219	for(PskIdentity curId : identities) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	220	result.append(curId.toString() + "\n");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	221	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	222
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	223	return result.toString();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	224	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	225
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	226	String bindersString() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	227	StringBuilder result = new StringBuilder();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	228	for(byte[] curBinder : binders) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	229	result.append("{" + Utilities.toHexString(curBinder) + "}\n");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	230	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	231
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	232	return result.toString();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	233	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	234	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	235
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	236	private static final
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	237	class SHPreSharedKeySpec implements SSLExtensionSpec {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	238	final int selectedIdentity;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	239
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	240	SHPreSharedKeySpec(int selectedIdentity) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	241	this.selectedIdentity = selectedIdentity;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	242	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	243
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	244	SHPreSharedKeySpec(HandshakeContext context,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	245	ByteBuffer m) throws IOException {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	246	if (m.remaining() < 2) {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	247	context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	248	"Invalid pre_shared_key extension: " +
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	249	"insufficient selected_identity (length=" +
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	250	m.remaining() + ")");
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	251	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	252	this.selectedIdentity = Record.getInt16(m);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	253	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	254
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	255	byte[] getEncoded() throws IOException {
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	256	return new byte[] {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	257	(byte)((selectedIdentity >> 8) & 0xFF),
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	258	(byte)(selectedIdentity & 0xFF)
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	259	};
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	260	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	261
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	262	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	263	public String toString() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	264	MessageFormat messageFormat = new MessageFormat(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	265	"\"PreSharedKey\": '{'\n" +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	266	" \"selected_identity\" : \"{0}\",\n" +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	267	"'}'",
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	268	Locale.ENGLISH);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	269
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	270	Object[] messageFields = {
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	271	Utilities.byte16HexString(selectedIdentity)
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	272	};
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	273
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	274	return messageFormat.format(messageFields);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	275	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	276	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	277
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	278	private static final
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	279	class CHPreSharedKeyConsumer implements ExtensionConsumer {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	280	// Prevent instantiation of this class.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	281	private CHPreSharedKeyConsumer() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	282	// blank
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	283	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	284
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	285	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	286	public void consume(ConnectionContext context,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	287	HandshakeMessage message,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	288	ByteBuffer buffer) throws IOException {
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	289	ServerHandshakeContext shc = (ServerHandshakeContext)context;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	290	// Is it a supported and enabled extension?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	291	if (!shc.sslConfig.isAvailable(SSLExtension.CH_PRE_SHARED_KEY)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	292	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	293	SSLLogger.fine(
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	294	"Ignore unavailable pre_shared_key extension");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	295	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	296	return; // ignore the extension
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	297	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	298
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	299	// Parse the extension.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	300	CHPreSharedKeySpec pskSpec = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	301	try {
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	302	pskSpec = new CHPreSharedKeySpec(shc, buffer);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	303	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	304	shc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	305	return; // fatal() always throws, make the compiler happy.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	306	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	307
56702 75527e40bdfd Updates for session resumption and key update xuelei parents: 56661 diff changeset	308	// The "psk_key_exchange_modes" extension should have been loaded.
75527e40bdfd Updates for session resumption and key update xuelei parents: 56661 diff changeset	309	if (!shc.handshakeExtensions.containsKey(
75527e40bdfd Updates for session resumption and key update xuelei parents: 56661 diff changeset	310	SSLExtension.PSK_KEY_EXCHANGE_MODES)) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	311	shc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
56702 75527e40bdfd Updates for session resumption and key update xuelei parents: 56661 diff changeset	312	"Client sent PSK but not PSK modes, or the PSK " +
75527e40bdfd Updates for session resumption and key update xuelei parents: 56661 diff changeset	313	"extension is not the last extension");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	314	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	315
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	316	// error if id and binder lists are not the same length
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	317	if (pskSpec.identities.size() != pskSpec.binders.size()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	318	shc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	319	"PSK extension has incorrect number of binders");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	320	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	321
56702 75527e40bdfd Updates for session resumption and key update xuelei parents: 56661 diff changeset	322	if (shc.isResumption) { // resumingSession may not be set
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	323	SSLSessionContextImpl sessionCache = (SSLSessionContextImpl)
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	324	shc.sslContext.engineGetServerSessionContext();
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	325	int idIndex = 0;
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	326	for (PskIdentity requestedId : pskSpec.identities) {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	327	SSLSessionImpl s = sessionCache.get(requestedId.identity);
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	328	if (s != null && s.isRejoinable() &&
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	329	s.getPreSharedKey().isPresent()) {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	330	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	331	SSLLogger.fine("Resuming session: ", s);
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	332	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	333
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	334	// binder will be checked later
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	335	shc.resumingSession = s;
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	336	shc.handshakeExtensions.put(SH_PRE_SHARED_KEY,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	337	new SHPreSharedKeySpec(idIndex)); // for the index
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	338	break;
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	339	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	340
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	341	++idIndex;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	342	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	343
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	344	if (idIndex == pskSpec.identities.size()) {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	345	// no resumable session
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	346	shc.isResumption = false;
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	347	shc.resumingSession = null;
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	348	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	349	}
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	350
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	351	// update the context
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	352	shc.handshakeExtensions.put(
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	353	SSLExtension.CH_PRE_SHARED_KEY, pskSpec);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	354	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	355	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	356
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	357	private static final
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	358	class CHPreSharedKeyUpdate implements HandshakeConsumer {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	359	// Prevent instantiation of this class.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	360	private CHPreSharedKeyUpdate() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	361	// blank
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	362	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	363
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	364	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	365	public void consume(ConnectionContext context,
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	366	HandshakeMessage message) throws IOException {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	367	ServerHandshakeContext shc = (ServerHandshakeContext)context;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	368	if (!shc.isResumption \|\| shc.resumingSession == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	369	// not resuming---nothing to do
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	370	return;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	371	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	372
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	373	CHPreSharedKeySpec chPsk = (CHPreSharedKeySpec)
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	374	shc.handshakeExtensions.get(SSLExtension.CH_PRE_SHARED_KEY);
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	375	SHPreSharedKeySpec shPsk = (SHPreSharedKeySpec)
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	376	shc.handshakeExtensions.get(SSLExtension.SH_PRE_SHARED_KEY);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	377	if (chPsk == null \|\| shPsk == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	378	shc.conContext.fatal(Alert.INTERNAL_ERROR,
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	379	"Required extensions are unavailable");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	380	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	381
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	382	byte[] binder = chPsk.binders.get(shPsk.selectedIdentity);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	383
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	384	// set up PSK binder hash
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	385	HandshakeHash pskBinderHash = shc.handshakeHash.copy();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	386	byte[] lastMessage = pskBinderHash.removeLastReceived();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	387	ByteBuffer messageBuf = ByteBuffer.wrap(lastMessage);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	388	// skip the type and length
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	389	messageBuf.position(4);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	390	// read to find the beginning of the binders
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	391	ClientHelloMessage.readPartial(shc.conContext, messageBuf);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	392	int length = messageBuf.position();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	393	messageBuf.position(0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	394	pskBinderHash.receive(messageBuf, length);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	395
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	396	checkBinder(shc, shc.resumingSession, pskBinderHash, binder);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	397	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	398	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	399
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	400	private static void checkBinder(ServerHandshakeContext shc,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	401	SSLSessionImpl session,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	402	HandshakeHash pskBinderHash, byte[] binder) throws IOException {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	403	Optional<SecretKey> pskOpt = session.getPreSharedKey();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	404	if (!pskOpt.isPresent()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	405	shc.conContext.fatal(Alert.INTERNAL_ERROR,
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	406	"Session has no PSK");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	407	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	408	SecretKey psk = pskOpt.get();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	409
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	410	SecretKey binderKey = deriveBinderKey(psk, session);
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	411	byte[] computedBinder =
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	412	computeBinder(binderKey, session, pskBinderHash);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	413	if (!Arrays.equals(binder, computedBinder)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	414	shc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	415	"Incorect PSK binder value");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	416	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	417	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	418
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	419	// Class that produces partial messages used to compute binder hash
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	420	static final class PartialClientHelloMessage extends HandshakeMessage {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	421
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	422	private final ClientHello.ClientHelloMessage msg;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	423	private final CHPreSharedKeySpec psk;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	424
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	425	PartialClientHelloMessage(HandshakeContext ctx,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	426	ClientHello.ClientHelloMessage msg,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	427	CHPreSharedKeySpec psk) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	428	super(ctx);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	429
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	430	this.msg = msg;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	431	this.psk = psk;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	432	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	433
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	434	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	435	SSLHandshake handshakeType() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	436	return msg.handshakeType();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	437	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	438
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	439	private int pskTotalLength() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	440	return psk.getIdsEncodedLength() +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	441	psk.getBindersEncodedLength() + 8;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	442	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	443
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	444	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	445	int messageLength() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	446
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	447	if (msg.extensions.get(SSLExtension.CH_PRE_SHARED_KEY) != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	448	return msg.messageLength();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	449	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	450	return msg.messageLength() + pskTotalLength();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	451	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	452	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	453
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	454	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	455	void send(HandshakeOutStream hos) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	456	msg.sendCore(hos);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	457
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	458	// complete extensions
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	459	int extsLen = msg.extensions.length();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	460	if (msg.extensions.get(SSLExtension.CH_PRE_SHARED_KEY) == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	461	extsLen += pskTotalLength();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	462	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	463	hos.putInt16(extsLen - 2);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	464	// write the complete extensions
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	465	for (SSLExtension ext : SSLExtension.values()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	466	byte[] extData = msg.extensions.get(ext);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	467	if (extData == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	468	continue;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	469	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	470	// the PSK could be there from an earlier round
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	471	if (ext == SSLExtension.CH_PRE_SHARED_KEY) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	472	continue;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	473	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	474	int extID = ext.id;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	475	hos.putInt16(extID);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	476	hos.putBytes16(extData);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	477	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	478
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	479	// partial PSK extension
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	480	int extID = SSLExtension.CH_PRE_SHARED_KEY.id;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	481	hos.putInt16(extID);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	482	byte[] encodedPsk = psk.getEncoded();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	483	hos.putInt16(encodedPsk.length);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	484	hos.write(encodedPsk, 0, psk.getIdsEncodedLength() + 2);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	485	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	486	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	487
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	488	private static final
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	489	class CHPreSharedKeyProducer implements HandshakeProducer {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	490	// Prevent instantiation of this class.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	491	private CHPreSharedKeyProducer() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	492	// blank
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	493	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	494
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	495	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	496	public byte[] produce(ConnectionContext context,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	497	HandshakeMessage message) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	498
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	499	// The producing happens in client side only.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	500	ClientHandshakeContext chc = (ClientHandshakeContext)context;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	501	if (!chc.isResumption \|\| chc.resumingSession == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	502	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	503	SSLLogger.fine("No session to resume.");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	504	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	505	return null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	506	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	507
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	508	Optional<SecretKey> pskOpt = chc.resumingSession.getPreSharedKey();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	509	if (!pskOpt.isPresent()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	510	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	511	SSLLogger.fine("Existing session has no PSK.");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	512	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	513	return null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	514	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	515	SecretKey psk = pskOpt.get();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	516	Optional<byte[]> pskIdOpt = chc.resumingSession.getPskIdentity();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	517	if (!pskIdOpt.isPresent()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	518	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	519	SSLLogger.fine(
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	520	"PSK has no identity, or identity was already used");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	521	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	522	return null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	523	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	524	byte[] pskId = pskIdOpt.get();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	525
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	526	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	527	SSLLogger.fine(
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	528	"Found resumable session. Preparing PSK message.");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	529	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	530
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	531	List<PskIdentity> identities = new ArrayList<>();
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	532	int ageMillis = (int)(System.currentTimeMillis() -
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	533	chc.resumingSession.getTicketCreationTime());
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	534	int obfuscatedAge =
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	535	ageMillis + chc.resumingSession.getTicketAgeAdd();
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	536	identities.add(new PskIdentity(pskId, obfuscatedAge));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	537
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	538	SecretKey binderKey = deriveBinderKey(psk, chc.resumingSession);
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	539	ClientHelloMessage clientHello = (ClientHelloMessage)message;
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	540	CHPreSharedKeySpec pskPrototype = createPskPrototype(
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	541	chc.resumingSession.getSuite().hashAlg.hashLength, identities);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	542	HandshakeHash pskBinderHash = chc.handshakeHash.copy();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	543
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	544	byte[] binder = computeBinder(binderKey, pskBinderHash,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	545	chc.resumingSession, chc, clientHello, pskPrototype);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	546
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	547	List<byte[]> binders = new ArrayList<>();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	548	binders.add(binder);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	549
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	550	CHPreSharedKeySpec pskMessage =
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	551	new CHPreSharedKeySpec(identities, binders);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	552	chc.handshakeExtensions.put(CH_PRE_SHARED_KEY, pskMessage);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	553	return pskMessage.getEncoded();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	554	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	555
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	556	private CHPreSharedKeySpec createPskPrototype(
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	557	int hashLength, List<PskIdentity> identities) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	558	List<byte[]> binders = new ArrayList<>();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	559	byte[] binderProto = new byte[hashLength];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	560	for (PskIdentity curId : identities) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	561	binders.add(binderProto);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	562	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	563
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	564	return new CHPreSharedKeySpec(identities, binders);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	565	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	566	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	567
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	568	private static byte[] computeBinder(SecretKey binderKey,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	569	SSLSessionImpl session,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	570	HandshakeHash pskBinderHash) throws IOException {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	571
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	572	pskBinderHash.determine(
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	573	session.getProtocolVersion(), session.getSuite());
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	574	pskBinderHash.update();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	575	byte[] digest = pskBinderHash.digest();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	576
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	577	return computeBinder(binderKey, session, digest);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	578	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	579
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	580	private static byte[] computeBinder(SecretKey binderKey,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	581	HandshakeHash hash, SSLSessionImpl session,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	582	HandshakeContext ctx, ClientHello.ClientHelloMessage hello,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	583	CHPreSharedKeySpec pskPrototype) throws IOException {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	584
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	585	PartialClientHelloMessage partialMsg =
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	586	new PartialClientHelloMessage(ctx, hello, pskPrototype);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	587
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	588	SSLEngineOutputRecord record = new SSLEngineOutputRecord(hash);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	589	HandshakeOutStream hos = new HandshakeOutStream(record);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	590	partialMsg.write(hos);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	591
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	592	hash.determine(session.getProtocolVersion(), session.getSuite());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	593	hash.update();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	594	byte[] digest = hash.digest();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	595
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	596	return computeBinder(binderKey, session, digest);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	597	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	598
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	599	private static byte[] computeBinder(SecretKey binderKey,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	600	SSLSessionImpl session, byte[] digest) throws IOException {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	601	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	602	CipherSuite.HashAlg hashAlg = session.getSuite().hashAlg;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	603	HKDF hkdf = new HKDF(hashAlg.name);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	604	byte[] label = ("tls13 finished").getBytes();
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	605	byte[] hkdfInfo = SSLSecretDerivation.createHkdfInfo(
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	606	label, new byte[0], hashAlg.hashLength);
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	607	SecretKey finishedKey = hkdf.expand(
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	608	binderKey, hkdfInfo, hashAlg.hashLength, "TlsBinderKey");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	609
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	610	String hmacAlg =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	611	"Hmac" + hashAlg.name.replace("-", "");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	612	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	613	Mac hmac = JsseJce.getMac(hmacAlg);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	614	hmac.init(finishedKey);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	615	return hmac.doFinal(digest);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	616	} catch (NoSuchAlgorithmException \| InvalidKeyException ex) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	617	throw new IOException(ex);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	618	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	619	} catch(GeneralSecurityException ex) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	620	throw new IOException(ex);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	621	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	622	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	623
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	624	private static SecretKey deriveBinderKey(SecretKey psk,
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	625	SSLSessionImpl session) throws IOException {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	626	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	627	CipherSuite.HashAlg hashAlg = session.getSuite().hashAlg;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	628	HKDF hkdf = new HKDF(hashAlg.name);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	629	byte[] zeros = new byte[hashAlg.hashLength];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	630	SecretKey earlySecret = hkdf.extract(zeros, psk, "TlsEarlySecret");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	631
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	632	byte[] label = ("tls13 res binder").getBytes();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	633	MessageDigest md = MessageDigest.getInstance(hashAlg.toString());;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	634	byte[] hkdfInfo = SSLSecretDerivation.createHkdfInfo(
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	635	label, md.digest(new byte[0]), hashAlg.hashLength);
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	636	return hkdf.expand(earlySecret,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	637	hkdfInfo, hashAlg.hashLength, "TlsBinderKey");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	638	} catch (GeneralSecurityException ex) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	639	throw new IOException(ex);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	640	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	641	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	642
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	643	private static final
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	644	class CHPreSharedKeyAbsence implements HandshakeAbsence {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	645	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	646	public void absent(ConnectionContext context,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	647	HandshakeMessage message) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	648
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	649	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	650	SSLLogger.fine(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	651	"Handling pre_shared_key absence.");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	652	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	653
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	654	ServerHandshakeContext shc = (ServerHandshakeContext)context;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	655
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	656	// Resumption is only determined by PSK, when enabled
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	657	shc.resumingSession = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	658	shc.isResumption = false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	659	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	660	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	661
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	662	private static final
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	663	class SHPreSharedKeyConsumer implements ExtensionConsumer {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	664	// Prevent instantiation of this class.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	665	private SHPreSharedKeyConsumer() {
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	666	// blank
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	667	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	668
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	669	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	670	public void consume(ConnectionContext context,
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	671	HandshakeMessage message, ByteBuffer buffer) throws IOException {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	672	// The consuming happens in client side only.
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	673	ClientHandshakeContext chc = (ClientHandshakeContext)context;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	674
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	675	// Is it a response of the specific request?
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	676	if (!chc.handshakeExtensions.containsKey(
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	677	SSLExtension.CH_PRE_SHARED_KEY)) {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	678	chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE,
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	679	"Server sent unexpected pre_shared_key extension");
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	680	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	681
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	682	SHPreSharedKeySpec shPsk = new SHPreSharedKeySpec(chc, buffer);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	683	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	684	SSLLogger.fine(
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	685	"Received pre_shared_key extension: ", shPsk);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	686	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	687
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	688	// The PSK identity should not be reused, even if it is
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	689	// not selected.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	690	chc.resumingSession.consumePskIdentity();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	691
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	692	if (shPsk.selectedIdentity != 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	693	chc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	694	"Selected identity index is not in correct range.");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	695	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	696
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	697	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	698	SSLLogger.fine(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	699	"Resuming session: ", chc.resumingSession);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	700	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	701
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	702	// remove the session from the cache
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	703	SSLSessionContextImpl sessionCache = (SSLSessionContextImpl)
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	704	chc.sslContext.engineGetClientSessionContext();
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	705	sessionCache.remove(chc.resumingSession.getSessionId());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	706	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	707	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	708
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	709	private static final
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	710	class SHPreSharedKeyAbsence implements HandshakeAbsence {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	711	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	712	public void absent(ConnectionContext context,
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	713	HandshakeMessage message) throws IOException {
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	714	ClientHandshakeContext chc = (ClientHandshakeContext)context;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	715
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	716	if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	717	SSLLogger.fine("Handling pre_shared_key absence.");
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	718	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	719
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	720	if (chc.handshakeExtensions.containsKey(
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	721	SSLExtension.CH_PRE_SHARED_KEY)) {
56608 34f33526b9a5 A couple of minor session resumption fixes apetcher parents: 56558 diff changeset	722	// The PSK identity should not be reused, even if it is
34f33526b9a5 A couple of minor session resumption fixes apetcher parents: 56558 diff changeset	723	// not selected.
34f33526b9a5 A couple of minor session resumption fixes apetcher parents: 56558 diff changeset	724	chc.resumingSession.consumePskIdentity();
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	725	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	726
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	727	// The server refused to resume, or the client did not
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	728	// request 1.3 resumption.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	729	chc.resumingSession = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	730	chc.isResumption = false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	731	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	732	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	733
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	734	private static final
2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	735	class SHPreSharedKeyProducer implements HandshakeProducer {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	736	// Prevent instantiation of this class.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	737	private SHPreSharedKeyProducer() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	738	// blank
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	739	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	740
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	741	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	742	public byte[] produce(ConnectionContext context,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	743	HandshakeMessage message) throws IOException {
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	744	ServerHandshakeContext shc = (ServerHandshakeContext)context;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	745	SHPreSharedKeySpec psk = (SHPreSharedKeySpec)
56661 2a820e434f17 pre_shared_key extensio code cleanup, and a test update xuelei parents: 56608 diff changeset	746	shc.handshakeExtensions.get(SH_PRE_SHARED_KEY);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	747	if (psk == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	748	return null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	749	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	750
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	751	return psk.getEncoded();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	752	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	753	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: diff changeset	754	}

author	xuelei
	Thu, 07 Jun 2018 21:16:21 -0700
branch	JDK-8145252-TLS13-branch
changeset 56702	75527e40bdfd
parent 56661	2a820e434f17
child 56703	33a2451070d3
permissions	-rw-r--r--