| author | jnimeh |
| Thu, 07 Jun 2018 21:55:35 -0700 | |
| branch | JDK-8145252-TLS13-branch |
| changeset 56704 | c3ee22c3a0f6 |
| parent 56702 | 75527e40bdfd |
| child 56705 | 585e6d31677b |
| permissions | -rw-r--r-- |
|
14330
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
1 |
/* |
| 56542 | 2 |
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. |
|
14330
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
4 |
* |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
7 |
* published by the Free Software Foundation. Oracle designates this |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
8 |
* particular file as subject to the "Classpath" exception as provided |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
9 |
* by Oracle in the LICENSE file that accompanied this code. |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
10 |
* |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
15 |
* accompanied this code). |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
16 |
* |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
17 |
* You should have received a copy of the GNU General Public License version |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
20 |
* |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
22 |
* or visit www.oracle.com if you need additional information or have any |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
23 |
* questions. |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
24 |
*/ |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
25 |
|
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
26 |
package sun.security.ssl; |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
27 |
|
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
28 |
import java.io.IOException; |
| 56542 | 29 |
import java.nio.ByteBuffer; |
30 |
import java.text.MessageFormat; |
|
31 |
import java.util.Collection; |
|
32 |
import java.util.Collections; |
|
33 |
import java.util.LinkedList; |
|
34 |
import java.util.Locale; |
|
35 |
import sun.security.ssl.SSLHandshake.HandshakeMessage; |
|
36 |
import sun.security.util.HexDumpEncoder; |
|
|
14330
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
37 |
|
| 56542 | 38 |
enum SSLExtension implements SSLStringize {
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
39 |
// Extensions defined in RFC 6066 |
| 56542 | 40 |
CH_SERVER_NAME (0x0000, "server_name", |
41 |
SSLHandshake.CLIENT_HELLO, |
|
42 |
ProtocolVersion.PROTOCOLS_TO_13, |
|
43 |
ServerNameExtension.chNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
44 |
ServerNameExtension.chOnLoadConsumer, |
| 56542 | 45 |
null, |
46 |
null, |
|
| 56584 | 47 |
null, |
| 56542 | 48 |
ServerNameExtension.chStringize), |
49 |
SH_SERVER_NAME (0x0000, "server_name", |
|
50 |
SSLHandshake.SERVER_HELLO, |
|
51 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
52 |
ServerNameExtension.shNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
53 |
ServerNameExtension.shOnLoadConsumer, |
| 56542 | 54 |
null, |
55 |
null, |
|
| 56584 | 56 |
null, |
| 56542 | 57 |
ServerNameExtension.shStringize), |
58 |
EE_SERVER_NAME (0x0000, "server_name", |
|
59 |
SSLHandshake.ENCRYPTED_EXTENSIONS, |
|
60 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
61 |
ServerNameExtension.eeNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
62 |
ServerNameExtension.eeOnLoadConsumer, |
| 56542 | 63 |
null, |
64 |
null, |
|
| 56584 | 65 |
null, |
| 56542 | 66 |
ServerNameExtension.shStringize), |
67 |
CH_MAX_FRAGMENT_LENGTH (0x0001, "max_fragment_length", |
|
68 |
SSLHandshake.CLIENT_HELLO, |
|
69 |
ProtocolVersion.PROTOCOLS_TO_13, |
|
70 |
MaxFragExtension.chNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
71 |
MaxFragExtension.chOnLoadConsumer, |
| 56542 | 72 |
null, |
73 |
null, |
|
| 56584 | 74 |
null, |
| 56542 | 75 |
MaxFragExtension.maxFragLenStringize), |
76 |
SH_MAX_FRAGMENT_LENGTH (0x0001, "max_fragment_length", |
|
77 |
SSLHandshake.SERVER_HELLO, |
|
78 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
79 |
MaxFragExtension.shNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
80 |
MaxFragExtension.shOnLoadConsumer, |
| 56542 | 81 |
null, |
82 |
MaxFragExtension.shOnTradeConsumer, |
|
| 56584 | 83 |
null, |
| 56542 | 84 |
MaxFragExtension.maxFragLenStringize), |
85 |
EE_MAX_FRAGMENT_LENGTH (0x0001, "max_fragment_length", |
|
86 |
SSLHandshake.ENCRYPTED_EXTENSIONS, |
|
87 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
88 |
MaxFragExtension.eeNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
89 |
MaxFragExtension.eeOnLoadConsumer, |
| 56542 | 90 |
null, |
91 |
MaxFragExtension.eeOnTradeConsumer, |
|
| 56584 | 92 |
null, |
| 56542 | 93 |
MaxFragExtension.maxFragLenStringize), |
94 |
CLIENT_CERTIFICATE_URL (0x0002, "client_certificate_url"), |
|
95 |
TRUSTED_CA_KEYS (0x0003, "trusted_ca_keys"), |
|
96 |
TRUNCATED_HMAC (0x0004, "truncated_hmac"), |
|
97 |
||
98 |
CH_STATUS_REQUEST (0x0005, "status_request", |
|
99 |
SSLHandshake.CLIENT_HELLO, |
|
100 |
ProtocolVersion.PROTOCOLS_TO_13, |
|
101 |
CertStatusExtension.chNetworkProducer, |
|
102 |
CertStatusExtension.chOnLoadConsumer, |
|
103 |
null, |
|
104 |
null, |
|
| 56584 | 105 |
null, |
| 56542 | 106 |
CertStatusExtension.certStatusReqStringize), |
107 |
SH_STATUS_REQUEST (0x0005, "status_request", |
|
108 |
SSLHandshake.SERVER_HELLO, |
|
109 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
110 |
CertStatusExtension.shNetworkProducer, |
|
111 |
CertStatusExtension.shOnLoadConsumer, |
|
112 |
null, |
|
113 |
null, |
|
| 56584 | 114 |
null, |
| 56542 | 115 |
CertStatusExtension.certStatusReqStringize), |
116 |
||
117 |
CR_STATUS_REQUEST (0x0005, "status_request"), |
|
118 |
CT_STATUS_REQUEST (0x0005, "status_request", |
|
119 |
SSLHandshake.CERTIFICATE, |
|
120 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
121 |
CertStatusExtension.ctNetworkProducer, |
|
122 |
CertStatusExtension.ctOnLoadConsumer, |
|
123 |
null, |
|
124 |
null, |
|
| 56584 | 125 |
null, |
| 56542 | 126 |
CertStatusExtension.certStatusRespStringize), |
127 |
// extensions defined in RFC 4681 |
|
128 |
USER_MAPPING (0x0006, "user_mapping"), |
|
129 |
||
130 |
// extensions defined in RFC 5878 |
|
131 |
CLIENT_AUTHZ (0x0007, "client_authz"), |
|
132 |
SERVER_AUTHZ (0x0008, "server_authz"), |
|
133 |
||
134 |
// extensions defined in RFC 5081 |
|
135 |
CERT_TYPE (0x0009, "cert_type"), |
|
136 |
||
137 |
// extensions defined in RFC 4492 (ECC) |
|
138 |
CH_SUPPORTED_GROUPS (0x000A, "supported_groups", |
|
139 |
SSLHandshake.CLIENT_HELLO, |
|
140 |
ProtocolVersion.PROTOCOLS_TO_13, |
|
141 |
SupportedGroupsExtension.chNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
142 |
SupportedGroupsExtension.chOnLoadConsumer, |
| 56542 | 143 |
null, |
144 |
null, |
|
| 56584 | 145 |
null, |
| 56542 | 146 |
SupportedGroupsExtension.sgsStringize), |
147 |
EE_SUPPORTED_GROUPS (0x000A, "supported_groups", |
|
148 |
SSLHandshake.ENCRYPTED_EXTENSIONS, |
|
149 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
150 |
SupportedGroupsExtension.eeNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
151 |
SupportedGroupsExtension.eeOnLoadConsumer, |
| 56542 | 152 |
null, |
153 |
null, |
|
| 56584 | 154 |
null, |
| 56542 | 155 |
SupportedGroupsExtension.sgsStringize), |
156 |
||
157 |
CH_EC_POINT_FORMATS (0x000B, "ec_point_formats", |
|
158 |
SSLHandshake.CLIENT_HELLO, |
|
159 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
160 |
ECPointFormatsExtension.chNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
161 |
ECPointFormatsExtension.chOnLoadConsumer, |
| 56542 | 162 |
null, |
163 |
null, |
|
| 56584 | 164 |
null, |
| 56542 | 165 |
ECPointFormatsExtension.epfStringize), |
166 |
SH_EC_POINT_FORMATS (0x000B, "ec_point_formats", |
|
167 |
SSLHandshake.SERVER_HELLO, |
|
168 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
169 |
null, // not use of the producer |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
170 |
ECPointFormatsExtension.shOnLoadConsumer, |
| 56542 | 171 |
null, |
172 |
null, |
|
| 56584 | 173 |
null, |
| 56542 | 174 |
ECPointFormatsExtension.epfStringize), |
175 |
||
176 |
// extensions defined in RFC 5054 |
|
177 |
SRP (0x000C, "srp"), |
|
178 |
||
179 |
// extensions defined in RFC 5246 |
|
180 |
CH_SIGNATURE_ALGORITHMS (0x000D, "signature_algorithms", |
|
181 |
SSLHandshake.CLIENT_HELLO, |
|
182 |
ProtocolVersion.PROTOCOLS_12_13, |
|
183 |
SignatureAlgorithmsExtension.chNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
184 |
SignatureAlgorithmsExtension.chOnLoadConsumer, |
| 56542 | 185 |
SignatureAlgorithmsExtension.chOnLoadAbsence, |
186 |
SignatureAlgorithmsExtension.chOnTradeConsumer, |
|
| 56584 | 187 |
SignatureAlgorithmsExtension.chOnTradeAbsence, |
| 56542 | 188 |
SignatureAlgorithmsExtension.ssStringize), |
189 |
CR_SIGNATURE_ALGORITHMS (0x000D, "signature_algorithms", |
|
190 |
SSLHandshake.CERTIFICATE_REQUEST, |
|
191 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
192 |
SignatureAlgorithmsExtension.crNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
193 |
SignatureAlgorithmsExtension.crOnLoadConsumer, |
| 56542 | 194 |
SignatureAlgorithmsExtension.crOnLoadAbsence, |
195 |
SignatureAlgorithmsExtension.crOnTradeConsumer, |
|
| 56584 | 196 |
null, |
| 56542 | 197 |
SignatureAlgorithmsExtension.ssStringize), |
198 |
||
199 |
CH_SIGNATURE_ALGORITHMS_CERT (0x0032, "signature_algorithms_cert", |
|
200 |
SSLHandshake.CLIENT_HELLO, |
|
201 |
ProtocolVersion.PROTOCOLS_12_13, |
|
202 |
CertSignAlgsExtension.chNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
203 |
CertSignAlgsExtension.chOnLoadConsumer, |
| 56542 | 204 |
null, |
205 |
CertSignAlgsExtension.chOnTradeConsumer, |
|
| 56584 | 206 |
null, |
| 56542 | 207 |
CertSignAlgsExtension.ssStringize), |
208 |
CR_SIGNATURE_ALGORITHMS_CERT (0x0032, "signature_algorithms_cert", |
|
209 |
SSLHandshake.CERTIFICATE_REQUEST, |
|
210 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
211 |
CertSignAlgsExtension.crNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
212 |
CertSignAlgsExtension.crOnLoadConsumer, |
| 56542 | 213 |
null, |
214 |
CertSignAlgsExtension.crOnTradeConsumer, |
|
| 56584 | 215 |
null, |
| 56542 | 216 |
CertSignAlgsExtension.ssStringize), |
217 |
||
218 |
// extensions defined in RFC 5764 |
|
219 |
USE_SRTP (0x000E, "use_srtp"), |
|
220 |
||
221 |
// extensions defined in RFC 6520 |
|
222 |
HEARTBEAT (0x000E, "heartbeat"), |
|
223 |
||
224 |
// extension defined in RFC 7301 (ALPN) |
|
225 |
CH_ALPN (0x0010, "application_layer_protocol_negotiation", |
|
226 |
SSLHandshake.CLIENT_HELLO, |
|
227 |
ProtocolVersion.PROTOCOLS_TO_13, |
|
228 |
AlpnExtension.chNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
229 |
AlpnExtension.chOnLoadConsumer, |
| 56542 | 230 |
AlpnExtension.chOnLoadAbsence, |
231 |
null, |
|
| 56584 | 232 |
null, |
| 56542 | 233 |
AlpnExtension.alpnStringize), |
234 |
SH_ALPN (0x0010, "application_layer_protocol_negotiation", |
|
235 |
SSLHandshake.SERVER_HELLO, |
|
236 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
237 |
AlpnExtension.shNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
238 |
AlpnExtension.shOnLoadConsumer, |
| 56542 | 239 |
AlpnExtension.shOnLoadAbsence, |
240 |
null, |
|
| 56584 | 241 |
null, |
| 56542 | 242 |
AlpnExtension.alpnStringize), |
243 |
EE_ALPN (0x0010, "application_layer_protocol_negotiation", |
|
244 |
SSLHandshake.ENCRYPTED_EXTENSIONS, |
|
245 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
246 |
AlpnExtension.shNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
247 |
AlpnExtension.shOnLoadConsumer, |
| 56542 | 248 |
AlpnExtension.shOnLoadAbsence, |
249 |
null, |
|
| 56584 | 250 |
null, |
| 56542 | 251 |
AlpnExtension.alpnStringize), |
|
14330
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
252 |
|
| 56542 | 253 |
// extensions defined in RFC 6961 |
254 |
CH_STATUS_REQUEST_V2 (0x0011, "status_request_v2", |
|
255 |
SSLHandshake.CLIENT_HELLO, |
|
256 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
257 |
CertStatusExtension.chV2NetworkProducer, |
|
258 |
CertStatusExtension.chV2OnLoadConsumer, |
|
259 |
null, |
|
260 |
null, |
|
| 56584 | 261 |
null, |
| 56542 | 262 |
CertStatusExtension.certStatusReqV2Stringize), |
263 |
SH_STATUS_REQUEST_V2 (0x0011, "status_request_v2", |
|
264 |
SSLHandshake.SERVER_HELLO, |
|
265 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
266 |
CertStatusExtension.shV2NetworkProducer, |
|
267 |
CertStatusExtension.shV2OnLoadConsumer, |
|
268 |
null, |
|
269 |
null, |
|
| 56584 | 270 |
null, |
| 56542 | 271 |
CertStatusExtension.certStatusReqV2Stringize), |
272 |
||
273 |
// extensions defined in RFC 6962 |
|
274 |
SIGNED_CERT_TIMESTAMP (0x0012, "signed_certificate_timestamp"), |
|
275 |
||
276 |
// extensions defined in RFC 7250 |
|
277 |
CLIENT_CERT_TYPE (0x0013, "padding"), |
|
278 |
SERVER_CERT_TYPE (0x0014, "server_certificate_type"), |
|
279 |
||
280 |
// extensions defined in RFC 7685 |
|
281 |
PADDING (0x0015, "client_certificate_type"), |
|
282 |
||
283 |
// extensions defined in RFC 7366 |
|
284 |
ENCRYPT_THEN_MAC (0x0016, "encrypt_then_mac"), |
|
285 |
||
286 |
// extensions defined in RFC 7627 |
|
287 |
CH_EXTENDED_MASTER_SECRET (0x0017, "extended_master_secret", |
|
288 |
SSLHandshake.CLIENT_HELLO, |
|
|
56559
a423173d0578
rollbak behavior changes of extended secret extension
xuelei
parents:
56542
diff
changeset
|
289 |
ProtocolVersion.PROTOCOLS_TO_12, |
| 56542 | 290 |
ExtendedMasterSecretExtension.chNetworkProducer, |
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
291 |
ExtendedMasterSecretExtension.chOnLoadConsumer, |
| 56542 | 292 |
ExtendedMasterSecretExtension.chOnLoadAbsence, |
293 |
null, |
|
| 56584 | 294 |
null, |
| 56542 | 295 |
ExtendedMasterSecretExtension.emsStringize), |
296 |
SH_EXTENDED_MASTER_SECRET (0x0017, "extended_master_secret", |
|
297 |
SSLHandshake.SERVER_HELLO, |
|
|
56559
a423173d0578
rollbak behavior changes of extended secret extension
xuelei
parents:
56542
diff
changeset
|
298 |
ProtocolVersion.PROTOCOLS_TO_12, |
| 56542 | 299 |
ExtendedMasterSecretExtension.shNetworkProducer, |
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
300 |
ExtendedMasterSecretExtension.shOnLoadConsumer, |
| 56542 | 301 |
ExtendedMasterSecretExtension.shOnLoadAbsence, |
302 |
null, |
|
| 56584 | 303 |
null, |
| 56542 | 304 |
ExtendedMasterSecretExtension.emsStringize), |
305 |
||
306 |
// extensions defined in RFC draft-ietf-tokbind-negotiation |
|
307 |
TOKEN_BINDING (0x0018, "token_binding "), |
|
308 |
||
309 |
// extensions defined in RFC 7924 |
|
310 |
CACHED_INFO (0x0019, "cached_info"), |
|
311 |
||
312 |
// extensions defined in RFC 4507/5077 |
|
313 |
SESSION_TICKET (0x0023, "session_ticket"), |
|
314 |
||
315 |
// extensions defined in TLS 1.3 |
|
316 |
CH_EARLY_DATA (0x002A, "early_data"), |
|
317 |
EE_EARLY_DATA (0x002A, "early_data"), |
|
318 |
NST_EARLY_DATA (0x002A, "early_data"), |
|
319 |
||
320 |
CH_SUPPORTED_VERSIONS (0x002B, "supported_versions", |
|
321 |
SSLHandshake.CLIENT_HELLO, |
|
322 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
323 |
SupportedVersionsExtension.chNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
324 |
SupportedVersionsExtension.chOnLoadConsumer, |
| 56542 | 325 |
null, |
326 |
null, |
|
| 56584 | 327 |
null, |
| 56542 | 328 |
SupportedVersionsExtension.chStringize), |
329 |
SH_SUPPORTED_VERSIONS (0x002B, "supported_versions", |
|
330 |
SSLHandshake.SERVER_HELLO, |
|
331 |
// and HelloRetryRequest |
|
332 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
333 |
SupportedVersionsExtension.shNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
334 |
SupportedVersionsExtension.shOnLoadConsumer, |
| 56542 | 335 |
null, |
336 |
null, |
|
| 56584 | 337 |
null, |
| 56542 | 338 |
SupportedVersionsExtension.shStringize), |
339 |
HRR_SUPPORTED_VERSIONS (0x002B, "supported_versions", |
|
340 |
SSLHandshake.HELLO_RETRY_REQUEST, |
|
341 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
342 |
SupportedVersionsExtension.hrrNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
343 |
SupportedVersionsExtension.hrrOnLoadConsumer, |
| 56542 | 344 |
null, |
345 |
null, |
|
| 56584 | 346 |
null, |
| 56542 | 347 |
SupportedVersionsExtension.hrrStringize), |
348 |
MH_SUPPORTED_VERSIONS (0x002B, "supported_versions", |
|
349 |
SSLHandshake.MESSAGE_HASH, |
|
350 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
351 |
SupportedVersionsExtension.hrrReproducer, |
|
352 |
null, null, null, |
|
| 56584 | 353 |
null, |
| 56542 | 354 |
SupportedVersionsExtension.hrrStringize), |
|
14330
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
355 |
|
| 56542 | 356 |
CH_COOKIE (0x002C, "cookie", |
357 |
SSLHandshake.CLIENT_HELLO, |
|
358 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
359 |
CookieExtension.chNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
360 |
CookieExtension.chOnLoadConsumer, |
| 56542 | 361 |
null, |
362 |
CookieExtension.chOnTradeConsumer, |
|
| 56584 | 363 |
null, |
| 56542 | 364 |
CookieExtension.cookieStringize), |
365 |
HRR_COOKIE (0x002C, "cookie", |
|
366 |
SSLHandshake.HELLO_RETRY_REQUEST, |
|
367 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
368 |
CookieExtension.hrrNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
369 |
CookieExtension.hrrOnLoadConsumer, |
| 56542 | 370 |
null, null, |
| 56584 | 371 |
null, |
| 56542 | 372 |
CookieExtension.cookieStringize), |
373 |
MH_COOKIE (0x002C, "cookie", |
|
374 |
SSLHandshake.MESSAGE_HASH, |
|
375 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
376 |
CookieExtension.hrrNetworkReproducer, |
|
377 |
null, null, null, |
|
| 56584 | 378 |
null, |
| 56542 | 379 |
CookieExtension.cookieStringize), |
380 |
||
381 |
PSK_KEY_EXCHANGE_MODES (0x002D, "psk_key_exchange_modes", |
|
382 |
SSLHandshake.CLIENT_HELLO, |
|
383 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
384 |
PskKeyExchangeModesExtension.chNetworkProducer, |
|
385 |
PskKeyExchangeModesExtension.chOnLoadConsumer, |
|
| 56702 | 386 |
PskKeyExchangeModesExtension.chOnLoadAbsence, |
387 |
null, |
|
388 |
PskKeyExchangeModesExtension.chOnTradeAbsence, |
|
389 |
PskKeyExchangeModesExtension.pkemStringize), |
|
| 56542 | 390 |
CERTIFICATE_AUTHORITIES (0x002F, "certificate_authorities"), |
391 |
OID_FILTERS (0x0030, "oid_filters"), |
|
392 |
POST_HANDSHAKE_AUTH (0x0030, "post_handshake_auth"), |
|
393 |
||
394 |
CH_KEY_SHARE (0x0033, "key_share", |
|
395 |
SSLHandshake.CLIENT_HELLO, |
|
396 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
397 |
KeyShareExtension.chNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
398 |
KeyShareExtension.chOnLoadConsumer, |
| 56584 | 399 |
null, null, null, |
| 56542 | 400 |
KeyShareExtension.chStringize), |
401 |
SH_KEY_SHARE (0x0033, "key_share", |
|
402 |
SSLHandshake.SERVER_HELLO, |
|
403 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
404 |
KeyShareExtension.shNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
405 |
KeyShareExtension.shOnLoadConsumer, |
| 56542 | 406 |
KeyShareExtension.shOnLoadAbsence, |
407 |
null, |
|
| 56584 | 408 |
null, |
| 56542 | 409 |
KeyShareExtension.shStringize), |
410 |
HRR_KEY_SHARE (0x0033, "key_share", |
|
411 |
SSLHandshake.HELLO_RETRY_REQUEST, |
|
412 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
413 |
KeyShareExtension.hrrNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
414 |
KeyShareExtension.hrrOnLoadConsumer, |
| 56584 | 415 |
null, null, null, |
| 56542 | 416 |
KeyShareExtension.hrrStringize), |
417 |
MH_KEY_SHARE (0x0033, "key_share", |
|
418 |
SSLHandshake.MESSAGE_HASH, |
|
419 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
420 |
KeyShareExtension.hrrNetworkReproducer, |
|
| 56584 | 421 |
null, null, null, null, |
| 56542 | 422 |
KeyShareExtension.hrrStringize), |
423 |
||
424 |
// Extensions defined in RFC 5746 |
|
425 |
CH_RENEGOTIATION_INFO (0xff01, "renegotiation_info", |
|
426 |
SSLHandshake.CLIENT_HELLO, |
|
427 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
428 |
RenegoInfoExtension.chNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
429 |
RenegoInfoExtension.chOnLoadConsumer, |
| 56542 | 430 |
RenegoInfoExtension.chOnLoadAbsence, |
431 |
null, |
|
| 56584 | 432 |
null, |
| 56542 | 433 |
RenegoInfoExtension.rniStringize), |
434 |
SH_RENEGOTIATION_INFO (0xff01, "renegotiation_info", |
|
435 |
SSLHandshake.SERVER_HELLO, |
|
436 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
437 |
RenegoInfoExtension.shNetworkProducer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
438 |
RenegoInfoExtension.shOnLoadConsumer, |
| 56542 | 439 |
RenegoInfoExtension.shOnLoadAbsence, |
440 |
null, |
|
| 56584 | 441 |
null, |
| 56542 | 442 |
RenegoInfoExtension.rniStringize), |
443 |
||
444 |
// TLS 1.3 PSK extension must be last |
|
445 |
CH_PRE_SHARED_KEY (0x0029, "pre_shared_key", |
|
| 56584 | 446 |
SSLHandshake.CLIENT_HELLO, |
447 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
448 |
PreSharedKeyExtension.chNetworkProducer, |
|
449 |
PreSharedKeyExtension.chOnLoadConsumer, |
|
450 |
PreSharedKeyExtension.chOnLoadAbsence, |
|
451 |
PreSharedKeyExtension.chOnTradeConsumer, |
|
452 |
null, null), |
|
| 56542 | 453 |
SH_PRE_SHARED_KEY (0x0029, "pre_shared_key", |
| 56584 | 454 |
SSLHandshake.SERVER_HELLO, |
455 |
ProtocolVersion.PROTOCOLS_OF_13, |
|
456 |
PreSharedKeyExtension.shNetworkProducer, |
|
457 |
PreSharedKeyExtension.shOnLoadConsumer, |
|
458 |
PreSharedKeyExtension.shOnLoadAbsence, |
|
459 |
null, null, null); |
|
| 56542 | 460 |
|
461 |
final int id; |
|
462 |
final SSLHandshake handshakeType; |
|
463 |
final String name; |
|
464 |
final ProtocolVersion[] supportedProtocols; |
|
465 |
final HandshakeProducer networkProducer; |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
466 |
final ExtensionConsumer onLoadConsumer; |
| 56542 | 467 |
final HandshakeAbsence onLoadAbsence; |
468 |
final HandshakeConsumer onTradeConsumer; |
|
| 56584 | 469 |
final HandshakeAbsence onTradeAbsence; |
| 56542 | 470 |
final SSLStringize stringize; |
471 |
||
472 |
// known but unsupported extension |
|
473 |
private SSLExtension(int id, String name) {
|
|
474 |
this.id = id; |
|
475 |
this.handshakeType = SSLHandshake.NOT_APPLICABLE; |
|
476 |
this.name = name; |
|
477 |
this.supportedProtocols = new ProtocolVersion[0]; |
|
478 |
this.networkProducer = null; |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
479 |
this.onLoadConsumer = null; |
| 56542 | 480 |
this.onLoadAbsence = null; |
481 |
this.onTradeConsumer = null; |
|
| 56584 | 482 |
this.onTradeAbsence = null; |
| 56542 | 483 |
this.stringize = null; |
|
14330
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
484 |
} |
|
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
485 |
|
| 56542 | 486 |
// supported extension |
487 |
private SSLExtension(int id, String name, SSLHandshake handshakeType, |
|
488 |
ProtocolVersion[] supportedProtocols, |
|
489 |
HandshakeProducer producer, |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
490 |
ExtensionConsumer onLoadConsumer, HandshakeAbsence onLoadAbsence, |
| 56584 | 491 |
HandshakeConsumer onTradeConsumer, HandshakeAbsence onTradeAbsence, |
492 |
SSLStringize stringize) {
|
|
| 56542 | 493 |
this.id = id; |
494 |
this.handshakeType = handshakeType; |
|
495 |
this.name = name; |
|
496 |
this.supportedProtocols = supportedProtocols; |
|
497 |
this.networkProducer = producer; |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
498 |
this.onLoadConsumer = onLoadConsumer; |
| 56542 | 499 |
this.onLoadAbsence = onLoadAbsence; |
500 |
this.onTradeConsumer = onTradeConsumer; |
|
| 56584 | 501 |
this.onTradeAbsence = onTradeAbsence; |
| 56542 | 502 |
this.stringize = stringize; |
503 |
} |
|
504 |
||
505 |
static SSLExtension valueOf(SSLHandshake handshakeType, int extensionType) {
|
|
506 |
for (SSLExtension ext : SSLExtension.values()) {
|
|
507 |
if (ext.id == extensionType && |
|
508 |
ext.handshakeType == handshakeType) {
|
|
509 |
return ext; |
|
510 |
} |
|
511 |
} |
|
512 |
||
513 |
return null; |
|
514 |
} |
|
515 |
||
516 |
static boolean isConsumable(int extensionType) {
|
|
517 |
for (SSLExtension ext : SSLExtension.values()) {
|
|
518 |
if (ext.id == extensionType && |
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
519 |
ext.onLoadConsumer != null) {
|
| 56542 | 520 |
return true; |
521 |
} |
|
522 |
} |
|
523 |
||
524 |
return false; |
|
525 |
} |
|
526 |
||
527 |
public byte[] produce(ConnectionContext context, |
|
528 |
HandshakeMessage message) throws IOException {
|
|
529 |
if (networkProducer != null) {
|
|
530 |
return networkProducer.produce(context, message); |
|
531 |
} else {
|
|
532 |
throw new UnsupportedOperationException( |
|
533 |
"Not yet supported extension producing."); |
|
534 |
} |
|
535 |
} |
|
|
14330
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
536 |
|
| 56542 | 537 |
public void consumeOnLoad(ConnectionContext context, |
538 |
HandshakeMessage message, ByteBuffer buffer) throws IOException {
|
|
|
56704
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
539 |
if (onLoadConsumer != null) {
|
|
c3ee22c3a0f6
Minor nits and cleanup across SSLExtension classes
jnimeh
parents:
56702
diff
changeset
|
540 |
onLoadConsumer.consume(context, message, buffer); |
| 56542 | 541 |
} else {
|
542 |
throw new UnsupportedOperationException( |
|
543 |
"Not yet supported extension loading."); |
|
544 |
} |
|
545 |
} |
|
546 |
||
547 |
public void consumeOnTrade(ConnectionContext context, |
|
548 |
HandshakeMessage message) throws IOException {
|
|
549 |
if (onTradeConsumer != null) {
|
|
550 |
onTradeConsumer.consume(context, message); |
|
551 |
} else {
|
|
552 |
throw new UnsupportedOperationException( |
|
553 |
"Not yet supported extension processing."); |
|
554 |
} |
|
555 |
} |
|
556 |
||
| 56584 | 557 |
void absentOnLoad(ConnectionContext context, |
| 56542 | 558 |
HandshakeMessage message) throws IOException {
|
559 |
if (onLoadAbsence != null) {
|
|
560 |
onLoadAbsence.absent(context, message); |
|
561 |
} else {
|
|
562 |
throw new UnsupportedOperationException( |
|
563 |
"Not yet supported extension absence processing."); |
|
564 |
} |
|
565 |
} |
|
566 |
||
| 56584 | 567 |
void absentOnTrade(ConnectionContext context, |
568 |
HandshakeMessage message) throws IOException {
|
|
569 |
if (onTradeAbsence != null) {
|
|
570 |
onTradeAbsence.absent(context, message); |
|
571 |
} else {
|
|
572 |
throw new UnsupportedOperationException( |
|
573 |
"Not yet supported extension absence processing."); |
|
574 |
} |
|
575 |
} |
|
576 |
||
| 56542 | 577 |
public boolean isAvailable(ProtocolVersion protocolVersion) {
|
578 |
for (int i = 0; i < supportedProtocols.length; i++) {
|
|
579 |
if (supportedProtocols[i] == protocolVersion) {
|
|
580 |
return true; |
|
581 |
} |
|
582 |
} |
|
583 |
||
584 |
return false; |
|
585 |
} |
|
586 |
||
587 |
@Override |
|
588 |
public String toString() {
|
|
589 |
return name; |
|
590 |
} |
|
|
14330
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
591 |
|
|
14664
e71aa0962e70
8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl
xuelei
parents:
14342
diff
changeset
|
592 |
@Override |
| 56542 | 593 |
public String toString(ByteBuffer byteBuffer) {
|
594 |
MessageFormat messageFormat = new MessageFormat( |
|
595 |
"\"{0} ({1})\": '{'\n" +
|
|
596 |
"{2}\n" +
|
|
597 |
"'}'", |
|
598 |
Locale.ENGLISH); |
|
599 |
||
600 |
String extData; |
|
601 |
if (stringize == null) {
|
|
602 |
HexDumpEncoder hexEncoder = new HexDumpEncoder(); |
|
603 |
String encoded = hexEncoder.encode(byteBuffer.duplicate()); |
|
604 |
extData = encoded; |
|
605 |
} else {
|
|
606 |
extData = stringize.toString(byteBuffer); |
|
607 |
} |
|
608 |
||
609 |
Object[] messageFields = {
|
|
610 |
this.name, |
|
611 |
this.id, |
|
612 |
Utilities.indent(extData) |
|
613 |
}; |
|
614 |
||
615 |
return messageFormat.format(messageFields); |
|
616 |
} |
|
617 |
||
618 |
////////////////////////////////////////////////////// |
|
619 |
// Nested extension, consumer and producer interfaces. |
|
620 |
||
621 |
static interface ExtensionConsumer {
|
|
622 |
void consume(ConnectionContext context, |
|
623 |
HandshakeMessage message, ByteBuffer buffer) throws IOException; |
|
624 |
} |
|
625 |
||
626 |
/** |
|
627 |
* A (transparent) specification of extension data. |
|
628 |
* |
|
629 |
* This interface contains no methods or constants. Its only purpose is to |
|
630 |
* group all extension data. All extension data should implement this |
|
631 |
* interface if the data is expected to handle in the following handshake |
|
632 |
* processes. |
|
633 |
*/ |
|
634 |
static interface SSLExtensionSpec {
|
|
635 |
// blank |
|
636 |
} |
|
637 |
||
638 |
// Default enabled client extensions. |
|
639 |
static final class ClientExtensions {
|
|
640 |
static final Collection<SSLExtension> defaults; |
|
641 |
||
642 |
static {
|
|
643 |
Collection<SSLExtension> extensions = new LinkedList<>(); |
|
644 |
for (SSLExtension extension : SSLExtension.values()) {
|
|
645 |
if (extension.handshakeType != SSLHandshake.NOT_APPLICABLE) {
|
|
646 |
extensions.add(extension); |
|
647 |
} |
|
648 |
} |
|
649 |
||
650 |
// Switch off SNI extention? |
|
651 |
boolean enableExtension = |
|
652 |
Utilities.getBooleanProperty("jsse.enableSNIExtension", true);
|
|
653 |
if (!enableExtension) {
|
|
654 |
extensions.remove(CH_SERVER_NAME); |
|
655 |
} |
|
656 |
||
657 |
// To switch off the max_fragment_length extension. |
|
658 |
enableExtension = |
|
659 |
Utilities.getBooleanProperty("jsse.enableMFLExtension", false);
|
|
660 |
if (!enableExtension) {
|
|
661 |
extensions.remove(CH_MAX_FRAGMENT_LENGTH); |
|
662 |
} |
|
|
14330
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
663 |
|
| 56542 | 664 |
defaults = Collections.unmodifiableCollection(extensions); |
665 |
} |
|
666 |
} |
|
667 |
||
668 |
// Default enabled server extensions. |
|
669 |
static final class ServerExtensions {
|
|
670 |
static final Collection<SSLExtension> defaults; |
|
671 |
||
672 |
static {
|
|
673 |
Collection<SSLExtension> extensions = new LinkedList<>(); |
|
674 |
for (SSLExtension extension : SSLExtension.values()) {
|
|
675 |
if (extension.handshakeType != SSLHandshake.NOT_APPLICABLE) {
|
|
676 |
extensions.add(extension); |
|
677 |
} |
|
678 |
} |
|
679 |
||
680 |
defaults = Collections.unmodifiableCollection(extensions); |
|
681 |
} |
|
682 |
} |
|
|
14330
e4cb78065603
8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK
ohrstrom
parents:
diff
changeset
|
683 |
} |