jdk-sandbox: src/java.base/share/classes/sun/security/ssl/SSLEngineInputRecord.java@7cc5a5b4eee9 (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
57799 7cc5a5b4eee9 8228757: Fail fast if the handshake type is unknown xuelei parents: 51407 diff changeset	2	* Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	28	import java.io.IOException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	29	import java.nio.ByteBuffer;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	30	import java.security.GeneralSecurityException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	31	import java.util.ArrayList;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	32	import javax.crypto.BadPaddingException;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	33	import javax.net.ssl.SSLException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	34	import javax.net.ssl.SSLHandshakeException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	35	import javax.net.ssl.SSLProtocolException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	36	import sun.security.ssl.SSLCipher.SSLReadCipher;
2 90ce3da70b43 Initial load duke parents: diff changeset	37
90ce3da70b43 Initial load duke parents: diff changeset	38	/**
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	39	* {@code InputRecord} implementation for {@code SSLEngine}.
2 90ce3da70b43 Initial load duke parents: diff changeset	40	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	41	final class SSLEngineInputRecord extends InputRecord implements SSLRecord {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	42	private boolean formatVerified = false; // SSLv2 ruled out?
2 90ce3da70b43 Initial load duke parents: diff changeset	43
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	44	// Cache for incomplete handshake messages.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	45	private ByteBuffer handshakeBuffer = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	46
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	47	SSLEngineInputRecord(HandshakeHash handshakeHash) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	48	super(handshakeHash, SSLReadCipher.nullTlsReadCipher());
2 90ce3da70b43 Initial load duke parents: diff changeset	49	}
90ce3da70b43 Initial load duke parents: diff changeset	50
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 5506 diff changeset	51	@Override
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	52	int estimateFragmentSize(int packetSize) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	53	if (packetSize > 0) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	54	return readCipher.estimateFragmentSize(packetSize, headerSize);
2 90ce3da70b43 Initial load duke parents: diff changeset	55	} else {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	56	return Record.maxDataSize;
2 90ce3da70b43 Initial load duke parents: diff changeset	57	}
90ce3da70b43 Initial load duke parents: diff changeset	58	}
90ce3da70b43 Initial load duke parents: diff changeset	59
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	60	@Override
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	61	int bytesInCompletePacket(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	62	ByteBuffer[] srcs, int srcsOffset, int srcsLength) throws IOException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	63
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	64	return bytesInCompletePacket(srcs[srcsOffset]);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	65	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	66
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	67	private int bytesInCompletePacket(ByteBuffer packet) throws SSLException {
2 90ce3da70b43 Initial load duke parents: diff changeset	68	/*
90ce3da70b43 Initial load duke parents: diff changeset	69	* SSLv2 length field is in bytes 0/1
90ce3da70b43 Initial load duke parents: diff changeset	70	* SSLv3/TLS length field is in bytes 3/4
90ce3da70b43 Initial load duke parents: diff changeset	71	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	72	if (packet.remaining() < 5) {
2 90ce3da70b43 Initial load duke parents: diff changeset	73	return -1;
90ce3da70b43 Initial load duke parents: diff changeset	74	}
90ce3da70b43 Initial load duke parents: diff changeset	75
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	76	int pos = packet.position();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	77	byte byteZero = packet.get(pos);
2 90ce3da70b43 Initial load duke parents: diff changeset	78
90ce3da70b43 Initial load duke parents: diff changeset	79	int len = 0;
90ce3da70b43 Initial load duke parents: diff changeset	80
90ce3da70b43 Initial load duke parents: diff changeset	81	/*
90ce3da70b43 Initial load duke parents: diff changeset	82	* If we have already verified previous packets, we can
90ce3da70b43 Initial load duke parents: diff changeset	83	* ignore the verifications steps, and jump right to the
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	84	* determination. Otherwise, try one last heuristic to
2 90ce3da70b43 Initial load duke parents: diff changeset	85	* see if it's SSL/TLS.
90ce3da70b43 Initial load duke parents: diff changeset	86	*/
90ce3da70b43 Initial load duke parents: diff changeset	87	if (formatVerified \|\|
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	88	(byteZero == ContentType.HANDSHAKE.id) \|\|
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	89	(byteZero == ContentType.ALERT.id)) {
2 90ce3da70b43 Initial load duke parents: diff changeset	90	/*
90ce3da70b43 Initial load duke parents: diff changeset	91	* Last sanity check that it's not a wild record
90ce3da70b43 Initial load duke parents: diff changeset	92	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	93	byte majorVersion = packet.get(pos + 1);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	94	byte minorVersion = packet.get(pos + 2);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	95	if (!ProtocolVersion.isNegotiable(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	96	majorVersion, minorVersion, false, false)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	97	throw new SSLException("Unrecognized record version " +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	98	ProtocolVersion.nameOf(majorVersion, minorVersion) +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	99	" , plaintext connection?");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	100	}
2 90ce3da70b43 Initial load duke parents: diff changeset	101
90ce3da70b43 Initial load duke parents: diff changeset	102	/*
90ce3da70b43 Initial load duke parents: diff changeset	103	* Reasonably sure this is a V3, disable further checks.
90ce3da70b43 Initial load duke parents: diff changeset	104	* We can't do the same in the v2 check below, because
90ce3da70b43 Initial load duke parents: diff changeset	105	* read still needs to parse/handle the v2 clientHello.
90ce3da70b43 Initial load duke parents: diff changeset	106	*/
90ce3da70b43 Initial load duke parents: diff changeset	107	formatVerified = true;
90ce3da70b43 Initial load duke parents: diff changeset	108
90ce3da70b43 Initial load duke parents: diff changeset	109	/*
90ce3da70b43 Initial load duke parents: diff changeset	110	* One of the SSLv3/TLS message types.
90ce3da70b43 Initial load duke parents: diff changeset	111	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	112	len = ((packet.get(pos + 3) & 0xFF) << 8) +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	113	(packet.get(pos + 4) & 0xFF) + headerSize;
2 90ce3da70b43 Initial load duke parents: diff changeset	114
90ce3da70b43 Initial load duke parents: diff changeset	115	} else {
90ce3da70b43 Initial load duke parents: diff changeset	116	/*
90ce3da70b43 Initial load duke parents: diff changeset	117	* Must be SSLv2 or something unknown.
90ce3da70b43 Initial load duke parents: diff changeset	118	* Check if it's short (2 bytes) or
90ce3da70b43 Initial load duke parents: diff changeset	119	* long (3) header.
90ce3da70b43 Initial load duke parents: diff changeset	120	*
90ce3da70b43 Initial load duke parents: diff changeset	121	* Internals can warn about unsupported SSLv2
90ce3da70b43 Initial load duke parents: diff changeset	122	*/
90ce3da70b43 Initial load duke parents: diff changeset	123	boolean isShort = ((byteZero & 0x80) != 0);
90ce3da70b43 Initial load duke parents: diff changeset	124
90ce3da70b43 Initial load duke parents: diff changeset	125	if (isShort &&
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	126	((packet.get(pos + 2) == 1) \|\| packet.get(pos + 2) == 4)) {
2 90ce3da70b43 Initial load duke parents: diff changeset	127
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	128	byte majorVersion = packet.get(pos + 3);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	129	byte minorVersion = packet.get(pos + 4);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	130	if (!ProtocolVersion.isNegotiable(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	131	majorVersion, minorVersion, false, false)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	132	throw new SSLException("Unrecognized record version " +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	133	ProtocolVersion.nameOf(majorVersion, minorVersion) +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	134	" , plaintext connection?");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	135	}
2 90ce3da70b43 Initial load duke parents: diff changeset	136
90ce3da70b43 Initial load duke parents: diff changeset	137	/*
90ce3da70b43 Initial load duke parents: diff changeset	138	* Client or Server Hello
90ce3da70b43 Initial load duke parents: diff changeset	139	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	140	int mask = (isShort ? 0x7F : 0x3F);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	141	len = ((byteZero & mask) << 8) +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	142	(packet.get(pos + 1) & 0xFF) + (isShort ? 2 : 3);
2 90ce3da70b43 Initial load duke parents: diff changeset	143
90ce3da70b43 Initial load duke parents: diff changeset	144	} else {
90ce3da70b43 Initial load duke parents: diff changeset	145	// Gobblygook!
90ce3da70b43 Initial load duke parents: diff changeset	146	throw new SSLException(
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	147	"Unrecognized SSL message, plaintext connection?");
2 90ce3da70b43 Initial load duke parents: diff changeset	148	}
90ce3da70b43 Initial load duke parents: diff changeset	149	}
90ce3da70b43 Initial load duke parents: diff changeset	150
90ce3da70b43 Initial load duke parents: diff changeset	151	return len;
90ce3da70b43 Initial load duke parents: diff changeset	152	}
90ce3da70b43 Initial load duke parents: diff changeset	153
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	154	@Override
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	155	Plaintext[] decode(ByteBuffer[] srcs, int srcsOffset,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	156	int srcsLength) throws IOException, BadPaddingException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	157	if (srcs == null \|\| srcs.length == 0 \|\| srcsLength == 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	158	return new Plaintext[0];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	159	} else if (srcsLength == 1) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	160	return decode(srcs[srcsOffset]);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	161	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	162	ByteBuffer packet = extract(srcs,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	163	srcsOffset, srcsLength, SSLRecord.headerSize);
2 90ce3da70b43 Initial load duke parents: diff changeset	164
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	165	return decode(packet);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	166	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	167	}
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	168
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	169	private Plaintext[] decode(ByteBuffer packet)
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	170	throws IOException, BadPaddingException {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	171
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	172	if (isClosed) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	173	return null;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	174	}
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	175
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	176	if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	177	SSLLogger.fine("Raw read", packet);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	178	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	179
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	180	// The caller should have validated the record.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	181	if (!formatVerified) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	182	formatVerified = true;
16913 a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16126 diff changeset	183
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	184	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	185	* The first record must either be a handshake record or an
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	186	* alert message. If it's not, it is either invalid or an
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	187	* SSLv2 message.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	188	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	189	int pos = packet.position();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	190	byte byteZero = packet.get(pos);
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	191	if (byteZero != ContentType.HANDSHAKE.id &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	192	byteZero != ContentType.ALERT.id) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	193	return handleUnknownRecord(packet);
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	194	}
946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	195	}
946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	196
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	197	return decodeInputRecord(packet);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	198	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	199
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	200	private Plaintext[] decodeInputRecord(ByteBuffer packet)
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	201	throws IOException, BadPaddingException {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	202	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	203	// The packet should be a complete record, or more.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	204	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	205	int srcPos = packet.position();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	206	int srcLim = packet.limit();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	207
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	208	byte contentType = packet.get(); // pos: 0
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	209	byte majorVersion = packet.get(); // pos: 1
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	210	byte minorVersion = packet.get(); // pos: 2
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	211	int contentLen = Record.getInt16(packet); // pos: 3, 4
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	212
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	213	if (SSLLogger.isOn && SSLLogger.isOn("record")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	214	SSLLogger.fine(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	215	"READ: " +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	216	ProtocolVersion.nameOf(majorVersion, minorVersion) +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	217	" " + ContentType.nameOf(contentType) + ", length = " +
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	218	contentLen);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	219	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	220
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	221	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	222	// Check for upper bound.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	223	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	224	// Note: May check packetSize limit in the future.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	225	if (contentLen < 0 \|\| contentLen > maxLargeRecordSize - headerSize) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	226	throw new SSLProtocolException(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	227	"Bad input record size, TLSCiphertext.length = " + contentLen);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	228	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	229
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	230	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	231	// Decrypt the fragment
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	232	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	233	int recLim = srcPos + SSLRecord.headerSize + contentLen;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	234	packet.limit(recLim);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	235	packet.position(srcPos + SSLRecord.headerSize);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	236
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	237	ByteBuffer fragment;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	238	try {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	239	Plaintext plaintext =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	240	readCipher.decrypt(contentType, packet, null);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	241	fragment = plaintext.fragment;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	242	contentType = plaintext.contentType;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	243	} catch (BadPaddingException bpe) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	244	throw bpe;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	245	} catch (GeneralSecurityException gse) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	246	throw (SSLProtocolException)(new SSLProtocolException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	247	"Unexpected exception")).initCause(gse);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	248	} finally {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	249	// consume a complete record
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	250	packet.limit(srcLim);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	251	packet.position(recLim);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	252	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	253
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	254	//
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	255	// check for handshake fragment
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	256	//
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	257	if (contentType != ContentType.HANDSHAKE.id &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	258	handshakeBuffer != null && handshakeBuffer.hasRemaining()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	259	throw new SSLProtocolException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	260	"Expecting a handshake fragment, but received " +
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	261	ContentType.nameOf(contentType));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	262	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	263
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	264	//
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	265	// parse handshake messages
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	266	//
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	267	if (contentType == ContentType.HANDSHAKE.id) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	268	ByteBuffer handshakeFrag = fragment;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	269	if ((handshakeBuffer != null) &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	270	(handshakeBuffer.remaining() != 0)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	271	ByteBuffer bb = ByteBuffer.wrap(new byte[
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	272	handshakeBuffer.remaining() + fragment.remaining()]);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	273	bb.put(handshakeBuffer);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	274	bb.put(fragment);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	275	handshakeFrag = bb.rewind();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	276	handshakeBuffer = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	277	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	278
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	279	ArrayList<Plaintext> plaintexts = new ArrayList<>(5);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	280	while (handshakeFrag.hasRemaining()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	281	int remaining = handshakeFrag.remaining();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	282	if (remaining < handshakeHeaderSize) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	283	handshakeBuffer = ByteBuffer.wrap(new byte[remaining]);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	284	handshakeBuffer.put(handshakeFrag);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	285	handshakeBuffer.rewind();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	286	break;
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	287	}
946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	288
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	289	handshakeFrag.mark();
57799 7cc5a5b4eee9 8228757: Fail fast if the handshake type is unknown xuelei parents: 51407 diff changeset	290
7cc5a5b4eee9 8228757: Fail fast if the handshake type is unknown xuelei parents: 51407 diff changeset	291	// Fail fast for unknown handshake message.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	292	byte handshakeType = handshakeFrag.get();
57799 7cc5a5b4eee9 8228757: Fail fast if the handshake type is unknown xuelei parents: 51407 diff changeset	293	if (!SSLHandshake.isKnown(handshakeType)) {
7cc5a5b4eee9 8228757: Fail fast if the handshake type is unknown xuelei parents: 51407 diff changeset	294	throw new SSLProtocolException(
7cc5a5b4eee9 8228757: Fail fast if the handshake type is unknown xuelei parents: 51407 diff changeset	295	"Unknown handshake type size, Handshake.msg_type = " +
7cc5a5b4eee9 8228757: Fail fast if the handshake type is unknown xuelei parents: 51407 diff changeset	296	(handshakeType & 0xFF));
7cc5a5b4eee9 8228757: Fail fast if the handshake type is unknown xuelei parents: 51407 diff changeset	297	}
7cc5a5b4eee9 8228757: Fail fast if the handshake type is unknown xuelei parents: 51407 diff changeset	298
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	299	int handshakeBodyLen = Record.getInt24(handshakeFrag);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	300	handshakeFrag.reset();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	301	int handshakeMessageLen =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	302	handshakeHeaderSize + handshakeBodyLen;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	303	if (remaining < handshakeMessageLen) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	304	handshakeBuffer = ByteBuffer.wrap(new byte[remaining]);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	305	handshakeBuffer.put(handshakeFrag);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	306	handshakeBuffer.rewind();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	307	break;
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	308	} else if (remaining == handshakeMessageLen) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	309	if (handshakeHash.isHashable(handshakeType)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	310	handshakeHash.receive(handshakeFrag);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	311	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	312
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	313	plaintexts.add(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	314	new Plaintext(contentType,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	315	majorVersion, minorVersion, -1, -1L, handshakeFrag)
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	316	);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	317	break;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	318	} else {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	319	int fragPos = handshakeFrag.position();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	320	int fragLim = handshakeFrag.limit();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	321	int nextPos = fragPos + handshakeMessageLen;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	322	handshakeFrag.limit(nextPos);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	323
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	324	if (handshakeHash.isHashable(handshakeType)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	325	handshakeHash.receive(handshakeFrag);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	326	}
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	327
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	328	plaintexts.add(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	329	new Plaintext(contentType, majorVersion, minorVersion,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	330	-1, -1L, handshakeFrag.slice())
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	331	);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	332
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	333	handshakeFrag.position(nextPos);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	334	handshakeFrag.limit(fragLim);
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	335	}
946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	336	}
946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	337
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	338	return plaintexts.toArray(new Plaintext[0]);
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	339	}
946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	340
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	341	return new Plaintext[] {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	342	new Plaintext(contentType,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	343	majorVersion, minorVersion, -1, -1L, fragment)
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	344	};
2 90ce3da70b43 Initial load duke parents: diff changeset	345	}
90ce3da70b43 Initial load duke parents: diff changeset	346
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	347	private Plaintext[] handleUnknownRecord(ByteBuffer packet)
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	348	throws IOException, BadPaddingException {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	349	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	350	// The packet should be a complete record.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	351	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	352	int srcPos = packet.position();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	353	int srcLim = packet.limit();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	354
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	355	byte firstByte = packet.get(srcPos);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	356	byte thirdByte = packet.get(srcPos + 2);
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	357
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	358	// Does it look like a Version 2 client hello (V2ClientHello)?
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	359	if (((firstByte & 0x80) != 0) && (thirdByte == 1)) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	360	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	361	* If SSLv2Hello is not enabled, throw an exception.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	362	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	363	if (helloVersion != ProtocolVersion.SSL20Hello) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	364	throw new SSLHandshakeException("SSLv2Hello is not enabled");
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	365	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	366
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	367	byte majorVersion = packet.get(srcPos + 3);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	368	byte minorVersion = packet.get(srcPos + 4);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	369
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	370	if ((majorVersion == ProtocolVersion.SSL20Hello.major) &&
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	371	(minorVersion == ProtocolVersion.SSL20Hello.minor)) {
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	372
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	373	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	374	* Looks like a V2 client hello, but not one saying
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	375	* "let's talk SSLv3". So we need to send an SSLv2
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	376	* error message, one that's treated as fatal by
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	377	* clients (Otherwise we'll hang.)
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	378	*/
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	379	if (SSLLogger.isOn && SSLLogger.isOn("record")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	380	SSLLogger.fine(
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	381	"Requested to negotiate unsupported SSLv2!");
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	382	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	383
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	384	// hack code, the exception is caught in SSLEngineImpl
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	385	// so that SSLv2 error message can be delivered properly.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	386	throw new UnsupportedOperationException( // SSLv2Hello
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	387	"Unsupported SSL v2.0 ClientHello");
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	388	}
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	389
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	390	/*
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	391	* If we can map this into a V3 ClientHello, read and
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	392	* hash the rest of the V2 handshake, turn it into a
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	393	* V3 ClientHello message, and pass it up.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	394	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	395	packet.position(srcPos + 2); // exclude the header
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	396	handshakeHash.receive(packet);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	397	packet.position(srcPos);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	398
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	399	ByteBuffer converted = convertToClientHello(packet);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	400
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	401	if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	402	SSLLogger.fine(
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	403	"[Converted] ClientHello", converted);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	404	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	405
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	406	return new Plaintext[] {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	407	new Plaintext(ContentType.HANDSHAKE.id,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	408	majorVersion, minorVersion, -1, -1L, converted)
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	409	};
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	410	} else {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	411	if (((firstByte & 0x80) != 0) && (thirdByte == 4)) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	412	throw new SSLException("SSL V2.0 servers are not supported.");
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	413	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	414
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 27292 diff changeset	415	throw new SSLException("Unsupported or unrecognized SSL message");
16113 946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	416	}
946ec9b22004 8006777: Improve TLS handling of invalid messages xuelei parents: 14664 diff changeset	417	}
2 90ce3da70b43 Initial load duke parents: diff changeset	418	}

author	xuelei
	Mon, 19 Aug 2019 12:56:48 -0700
changeset 57799	7cc5a5b4eee9
parent 51407	910f7b56592f
permissions	-rw-r--r--