jdk-sandbox: src/java.base/share/classes/sun/security/ssl/HandshakeHash.java@cb1642ccc732 (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
53563 a4b7ea85d668 8218022: Repeated words typos in java.base prappo parents: 52928 diff changeset	2	* Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 2 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	28	import java.io.ByteArrayOutputStream;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	29	import java.io.IOException;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	30	import java.nio.ByteBuffer;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	31	import java.security.MessageDigest;
53734 cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	32	import java.security.NoSuchAlgorithmException;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	33	import java.util.Arrays;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	34	import java.util.LinkedList;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	35	import javax.crypto.SecretKey;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	36	import sun.security.util.MessageDigestSpi2;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	37
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	38	final class HandshakeHash {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	39	private TranscriptHash transcriptHash;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	40	private LinkedList<byte[]> reserves; // one handshake message per entry
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	41	private boolean hasBeenUsed;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	42
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	43	HandshakeHash() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	44	this.transcriptHash = new CacheOnlyHash();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	45	this.reserves = new LinkedList<>();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	46	this.hasBeenUsed = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	47	}
2 90ce3da70b43 Initial load duke parents: diff changeset	48
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	49	// fix the negotiated protocol version and cipher suite
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	50	void determine(ProtocolVersion protocolVersion,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	51	CipherSuite cipherSuite) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	52	if (!(transcriptHash instanceof CacheOnlyHash)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	53	throw new IllegalStateException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	54	"Not expected instance of transcript hash");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	55	}
2 90ce3da70b43 Initial load duke parents: diff changeset	56
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	57	CacheOnlyHash coh = (CacheOnlyHash)transcriptHash;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	58	if (protocolVersion.useTLS13PlusSpec()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	59	transcriptHash = new T13HandshakeHash(cipherSuite);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	60	} else if (protocolVersion.useTLS12PlusSpec()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	61	transcriptHash = new T12HandshakeHash(cipherSuite);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	62	} else if (protocolVersion.useTLS10PlusSpec()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	63	transcriptHash = new T10HandshakeHash(cipherSuite);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	64	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	65	transcriptHash = new S30HandshakeHash(cipherSuite);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	66	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	67
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	68	byte[] reserved = coh.baos.toByteArray();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	69	if (reserved.length != 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	70	transcriptHash.update(reserved, 0, reserved.length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	71	}
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	72	}
2 90ce3da70b43 Initial load duke parents: diff changeset	73
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	74	HandshakeHash copy() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	75	if (transcriptHash instanceof CacheOnlyHash) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	76	HandshakeHash result = new HandshakeHash();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	77	result.transcriptHash = ((CacheOnlyHash)transcriptHash).copy();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	78	result.reserves = new LinkedList<>(reserves);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	79	result.hasBeenUsed = hasBeenUsed;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	80	return result;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	81	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	82	throw new IllegalStateException("Hash does not support copying");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	83	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	84	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	85
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	86	void receive(byte[] input) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	87	reserves.add(Arrays.copyOf(input, input.length));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	88	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	89
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	90	void receive(ByteBuffer input, int length) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	91	if (input.hasArray()) {
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	92	int from = input.position() + input.arrayOffset();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	93	int to = from + length;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	94	reserves.add(Arrays.copyOfRange(input.array(), from, to));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	95	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	96	int inPos = input.position();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	97	byte[] holder = new byte[length];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	98	input.get(holder);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	99	input.position(inPos);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	100	reserves.add(Arrays.copyOf(holder, holder.length));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	101	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	102	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	103	void receive(ByteBuffer input) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	104	receive(input, input.remaining());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	105	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	106
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	107	// For HelloRetryRequest only! Please use this method very carefully!
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	108	void push(byte[] input) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	109	reserves.push(Arrays.copyOf(input, input.length));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	110	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	111
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	112	// For PreSharedKey to modify the state of the PSK binder hash
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	113	byte[] removeLastReceived() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	114	return reserves.removeLast();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	115	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	116
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	117	void deliver(byte[] input) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	118	update();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	119	transcriptHash.update(input, 0, input.length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	120	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	121
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	122	void deliver(byte[] input, int offset, int length) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	123	update();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	124	transcriptHash.update(input, offset, length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	125	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	126
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	127	void deliver(ByteBuffer input) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	128	update();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	129	if (input.hasArray()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	130	transcriptHash.update(input.array(),
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	131	input.position() + input.arrayOffset(), input.remaining());
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	132	} else {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	133	int inPos = input.position();
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	134	byte[] holder = new byte[input.remaining()];
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	135	input.get(holder);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	136	input.position(inPos);
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	137	transcriptHash.update(holder, 0, holder.length);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	138	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	139	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	140
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	141	// Use one handshake message if it has not been used.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	142	void utilize() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	143	if (hasBeenUsed) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	144	return;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	145	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	146	if (reserves.size() != 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	147	byte[] holder = reserves.remove();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	148	transcriptHash.update(holder, 0, holder.length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	149	hasBeenUsed = true;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	150	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	151	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	152
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	153	// Consume one handshake message if it has not been consumed.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	154	void consume() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	155	if (hasBeenUsed) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	156	hasBeenUsed = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	157	return;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	158	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	159	if (reserves.size() != 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	160	byte[] holder = reserves.remove();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	161	transcriptHash.update(holder, 0, holder.length);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	162	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	163	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	164
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	165	void update() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	166	while (reserves.size() != 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	167	byte[] holder = reserves.remove();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	168	transcriptHash.update(holder, 0, holder.length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	169	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	170	hasBeenUsed = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	171	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	172
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	173	byte[] digest() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	174	// Note that the reserve handshake message may be not a part of
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	175	// the expected digest.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	176	return transcriptHash.digest();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	177	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	178
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	179	void finish() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	180	this.transcriptHash = new CacheOnlyHash();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	181	this.reserves = new LinkedList<>();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	182	this.hasBeenUsed = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	183	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	184
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	185	// Optional
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	186	byte[] archived() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	187	// Note that the reserve handshake message may be not a part of
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	188	// the expected digest.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	189	return transcriptHash.archived();
2 90ce3da70b43 Initial load duke parents: diff changeset	190	}
90ce3da70b43 Initial load duke parents: diff changeset	191
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	192	// Optional, TLS 1.0/1.1 only
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	193	byte[] digest(String algorithm) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	194	T10HandshakeHash hh = (T10HandshakeHash)transcriptHash;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	195	return hh.digest(algorithm);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	196	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	197
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	198	// Optional, SSL 3.0 only
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	199	byte[] digest(String algorithm, SecretKey masterSecret) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	200	S30HandshakeHash hh = (S30HandshakeHash)transcriptHash;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	201	return hh.digest(algorithm, masterSecret);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	202	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	203
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	204	// Optional, SSL 3.0 only
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	205	byte[] digest(boolean useClientLabel, SecretKey masterSecret) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	206	S30HandshakeHash hh = (S30HandshakeHash)transcriptHash;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	207	return hh.digest(useClientLabel, masterSecret);
2 90ce3da70b43 Initial load duke parents: diff changeset	208	}
90ce3da70b43 Initial load duke parents: diff changeset	209
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	210	public boolean isHashable(byte handshakeType) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	211	return handshakeType != SSLHandshake.HELLO_REQUEST.id &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	212	handshakeType != SSLHandshake.HELLO_VERIFY_REQUEST.id;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	213	}
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	214
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	215	interface TranscriptHash {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	216	void update(byte[] input, int offset, int length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	217	byte[] digest();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	218	byte[] archived(); // optional
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	219	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	220
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	221	// For cache only.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	222	private static final class CacheOnlyHash implements TranscriptHash {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	223	private final ByteArrayOutputStream baos;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	224
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	225	CacheOnlyHash() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	226	this.baos = new ByteArrayOutputStream();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	227	}
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	228
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	229	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	230	public void update(byte[] input, int offset, int length) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	231	baos.write(input, offset, length);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 25859 diff changeset	232	}
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	233
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	234	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	235	public byte[] digest() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	236	throw new IllegalStateException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	237	"Not expected call to handshake hash digest");
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	238	}
5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	239
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	240	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	241	public byte[] archived() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	242	return baos.toByteArray();
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	243	}
2 90ce3da70b43 Initial load duke parents: diff changeset	244
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	245	CacheOnlyHash copy() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	246	CacheOnlyHash result = new CacheOnlyHash();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	247	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	248	baos.writeTo(result.baos);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	249	} catch (IOException ex) {
53563 a4b7ea85d668 8218022: Repeated words typos in java.base prappo parents: 52928 diff changeset	250	throw new RuntimeException("unable to clone hash state");
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	251	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	252	return result;
2 90ce3da70b43 Initial load duke parents: diff changeset	253	}
90ce3da70b43 Initial load duke parents: diff changeset	254	}
90ce3da70b43 Initial load duke parents: diff changeset	255
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	256	static final class S30HandshakeHash implements TranscriptHash {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	257	static final byte[] MD5_pad1 = genPad(0x36, 48);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	258	static final byte[] MD5_pad2 = genPad(0x5c, 48);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	259
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	260	static final byte[] SHA_pad1 = genPad(0x36, 40);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	261	static final byte[] SHA_pad2 = genPad(0x5c, 40);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	262
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	263	private static final byte[] SSL_CLIENT = { 0x43, 0x4C, 0x4E, 0x54 };
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	264	private static final byte[] SSL_SERVER = { 0x53, 0x52, 0x56, 0x52 };
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	265
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	266	private final MessageDigest mdMD5;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	267	private final MessageDigest mdSHA;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	268	private final TranscriptHash md5;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	269	private final TranscriptHash sha;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	270	private final ByteArrayOutputStream baos;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	271
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	272	S30HandshakeHash(CipherSuite cipherSuite) {
53734 cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	273	try {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	274	this.mdMD5 = MessageDigest.getInstance("MD5");
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	275	this.mdSHA = MessageDigest.getInstance("SHA");
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	276	} catch (NoSuchAlgorithmException nsae) {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	277	throw new RuntimeException(
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	278	"Hash algorithm MD5 or SHA is not available", nsae);
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	279	}
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	280
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	281	boolean hasArchived = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	282	if (mdMD5 instanceof Cloneable) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	283	md5 = new CloneableHash(mdMD5);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	284	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	285	hasArchived = true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	286	md5 = new NonCloneableHash(mdMD5);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	287	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	288	if (mdSHA instanceof Cloneable) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	289	sha = new CloneableHash(mdSHA);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	290	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	291	hasArchived = true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	292	sha = new NonCloneableHash(mdSHA);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	293	}
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	294
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	295	if (hasArchived) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	296	this.baos = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	297	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	298	this.baos = new ByteArrayOutputStream();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	299	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	300	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	301
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	302	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	303	public void update(byte[] input, int offset, int length) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	304	md5.update(input, offset, length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	305	sha.update(input, offset, length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	306	if (baos != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	307	baos.write(input, offset, length);
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	308	}
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	309	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	310
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	311	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	312	public byte[] digest() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	313	byte[] digest = new byte[36];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	314	System.arraycopy(md5.digest(), 0, digest, 0, 16);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	315	System.arraycopy(sha.digest(), 0, digest, 16, 20);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	316
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	317	return digest;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	318	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	319
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	320	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	321	public byte[] archived() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	322	if (baos != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	323	return baos.toByteArray();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	324	} else if (md5 instanceof NonCloneableHash) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	325	return md5.archived();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	326	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	327	return sha.archived();
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	328	}
5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	329	}
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	330
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	331	byte[] digest(boolean useClientLabel, SecretKey masterSecret) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	332	MessageDigest md5Clone = cloneMd5();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	333	MessageDigest shaClone = cloneSha();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	334
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	335	if (useClientLabel) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	336	md5Clone.update(SSL_CLIENT);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	337	shaClone.update(SSL_CLIENT);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	338	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	339	md5Clone.update(SSL_SERVER);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	340	shaClone.update(SSL_SERVER);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	341	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	342
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	343	updateDigest(md5Clone, MD5_pad1, MD5_pad2, masterSecret);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	344	updateDigest(shaClone, SHA_pad1, SHA_pad2, masterSecret);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	345
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	346	byte[] digest = new byte[36];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	347	System.arraycopy(md5Clone.digest(), 0, digest, 0, 16);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	348	System.arraycopy(shaClone.digest(), 0, digest, 16, 20);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	349
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	350	return digest;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	351	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	352
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	353	byte[] digest(String algorithm, SecretKey masterSecret) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	354	if ("RSA".equalsIgnoreCase(algorithm)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	355	MessageDigest md5Clone = cloneMd5();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	356	MessageDigest shaClone = cloneSha();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	357	updateDigest(md5Clone, MD5_pad1, MD5_pad2, masterSecret);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	358	updateDigest(shaClone, SHA_pad1, SHA_pad2, masterSecret);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	359
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	360	byte[] digest = new byte[36];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	361	System.arraycopy(md5Clone.digest(), 0, digest, 0, 16);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	362	System.arraycopy(shaClone.digest(), 0, digest, 16, 20);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	363
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	364	return digest;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	365	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	366	MessageDigest shaClone = cloneSha();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	367	updateDigest(shaClone, SHA_pad1, SHA_pad2, masterSecret);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	368	return shaClone.digest();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	369	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	370	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	371
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	372	private static byte[] genPad(int b, int count) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	373	byte[] padding = new byte[count];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	374	Arrays.fill(padding, (byte)b);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	375	return padding;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	376	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	377
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	378	private MessageDigest cloneMd5() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	379	MessageDigest md5Clone;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	380	if (mdMD5 instanceof Cloneable) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	381	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	382	md5Clone = (MessageDigest)mdMD5.clone();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	383	} catch (CloneNotSupportedException ex) { // unlikely
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	384	throw new RuntimeException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	385	"MessageDigest does no support clone operation");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	386	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	387	} else {
53734 cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	388	try {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	389	md5Clone = MessageDigest.getInstance("MD5");
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	390	} catch (NoSuchAlgorithmException nsae) {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	391	throw new RuntimeException(
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	392	"Hash algorithm MD5 is not available", nsae);
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	393	}
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	394	md5Clone.update(md5.archived());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	395	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	396
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	397	return md5Clone;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	398	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	399
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	400	private MessageDigest cloneSha() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	401	MessageDigest shaClone;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	402	if (mdSHA instanceof Cloneable) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	403	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	404	shaClone = (MessageDigest)mdSHA.clone();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	405	} catch (CloneNotSupportedException ex) { // unlikely
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	406	throw new RuntimeException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	407	"MessageDigest does no support clone operation");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	408	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	409	} else {
53734 cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	410	try {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	411	shaClone = MessageDigest.getInstance("SHA");
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	412	} catch (NoSuchAlgorithmException nsae) {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	413	throw new RuntimeException(
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	414	"Hash algorithm SHA is not available", nsae);
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	415	}
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	416	shaClone.update(sha.archived());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	417	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	418
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	419	return shaClone;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	420	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	421
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	422	private static void updateDigest(MessageDigest md,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	423	byte[] pad1, byte[] pad2, SecretKey masterSecret) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	424	byte[] keyBytes = "RAW".equals(masterSecret.getFormat())
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	425	? masterSecret.getEncoded() : null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	426	if (keyBytes != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	427	md.update(keyBytes);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	428	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	429	digestKey(md, masterSecret);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	430	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	431	md.update(pad1);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	432	byte[] temp = md.digest();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	433
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	434	if (keyBytes != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	435	md.update(keyBytes);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	436	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	437	digestKey(md, masterSecret);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	438	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	439	md.update(pad2);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	440	md.update(temp);
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	441	}
5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	442
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	443	private static void digestKey(MessageDigest md, SecretKey key) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	444	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	445	if (md instanceof MessageDigestSpi2) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	446	((MessageDigestSpi2)md).engineUpdate(key);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	447	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	448	throw new Exception(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	449	"Digest does not support implUpdate(SecretKey)");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	450	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	451	} catch (Exception e) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	452	throw new RuntimeException(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	453	"Could not obtain encoded key and "
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	454	+ "MessageDigest cannot digest key", e);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	455	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	456	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	457	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	458
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	459	// TLS 1.0 and TLS 1.1
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	460	static final class T10HandshakeHash implements TranscriptHash {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	461	private final TranscriptHash md5;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	462	private final TranscriptHash sha;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	463	private final ByteArrayOutputStream baos;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	464
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	465	T10HandshakeHash(CipherSuite cipherSuite) {
53734 cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	466	MessageDigest mdMD5;
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	467	MessageDigest mdSHA;
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	468	try {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	469	mdMD5 = MessageDigest.getInstance("MD5");
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	470	mdSHA = MessageDigest.getInstance("SHA");
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	471	} catch (NoSuchAlgorithmException nsae) {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	472	throw new RuntimeException(
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	473	"Hash algorithm MD5 or SHA is not available", nsae);
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	474	}
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	475
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	476	boolean hasArchived = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	477	if (mdMD5 instanceof Cloneable) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	478	md5 = new CloneableHash(mdMD5);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	479	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	480	hasArchived = true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	481	md5 = new NonCloneableHash(mdMD5);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	482	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	483	if (mdSHA instanceof Cloneable) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	484	sha = new CloneableHash(mdSHA);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	485	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	486	hasArchived = true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	487	sha = new NonCloneableHash(mdSHA);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	488	}
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	489
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	490	if (hasArchived) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	491	this.baos = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	492	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	493	this.baos = new ByteArrayOutputStream();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	494	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	495	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	496
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	497	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	498	public void update(byte[] input, int offset, int length) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	499	md5.update(input, offset, length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	500	sha.update(input, offset, length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	501	if (baos != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	502	baos.write(input, offset, length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	503	}
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	504	}
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	505
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	506	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	507	public byte[] digest() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	508	byte[] digest = new byte[36];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	509	System.arraycopy(md5.digest(), 0, digest, 0, 16);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	510	System.arraycopy(sha.digest(), 0, digest, 16, 20);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	511
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	512	return digest;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	513	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	514
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	515	byte[] digest(String algorithm) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	516	if ("RSA".equalsIgnoreCase(algorithm)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	517	return digest();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	518	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	519	return sha.digest();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	520	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	521	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	522
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	523	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	524	public byte[] archived() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	525	if (baos != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	526	return baos.toByteArray();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	527	} else if (md5 instanceof NonCloneableHash) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	528	return md5.archived();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	529	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	530	return sha.archived();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	531	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	532	}
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	533	}
5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	534
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	535	static final class T12HandshakeHash implements TranscriptHash {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	536	private final TranscriptHash transcriptHash;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	537	private final ByteArrayOutputStream baos;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	538
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	539	T12HandshakeHash(CipherSuite cipherSuite) {
53734 cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	540	MessageDigest md;
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	541	try {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	542	md = MessageDigest.getInstance(cipherSuite.hashAlg.name);
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	543	} catch (NoSuchAlgorithmException nsae) {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	544	throw new RuntimeException(
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	545	"Hash algorithm " +
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	546	cipherSuite.hashAlg.name + " is not available", nsae);
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	547	}
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	548
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	549	if (md instanceof Cloneable) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	550	transcriptHash = new CloneableHash(md);
52928 d59955700113 8214098: sun.security.ssl.HandshakeHash.T12HandshakeHash constructor check backwards. ascarpino parents: 50768 diff changeset	551	this.baos = new ByteArrayOutputStream();
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	552	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	553	transcriptHash = new NonCloneableHash(md);
52928 d59955700113 8214098: sun.security.ssl.HandshakeHash.T12HandshakeHash constructor check backwards. ascarpino parents: 50768 diff changeset	554	this.baos = null;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	555	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	556	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	557
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	558	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	559	public void update(byte[] input, int offset, int length) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	560	transcriptHash.update(input, offset, length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	561	if (baos != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	562	baos.write(input, offset, length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	563	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	564	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	565
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	566	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	567	public byte[] digest() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	568	return transcriptHash.digest();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	569	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	570
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	571	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	572	public byte[] archived() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	573	if (baos != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	574	return baos.toByteArray();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	575	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	576	return transcriptHash.archived();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	577	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	578	}
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	579	}
5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	580
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	581	static final class T13HandshakeHash implements TranscriptHash {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	582	private final TranscriptHash transcriptHash;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	583
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	584	T13HandshakeHash(CipherSuite cipherSuite) {
53734 cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	585	MessageDigest md;
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	586	try {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	587	md = MessageDigest.getInstance(cipherSuite.hashAlg.name);
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	588	} catch (NoSuchAlgorithmException nsae) {
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	589	throw new RuntimeException(
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	590	"Hash algorithm " +
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	591	cipherSuite.hashAlg.name + " is not available", nsae);
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	592	}
cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53563 diff changeset	593
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	594	if (md instanceof Cloneable) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	595	transcriptHash = new CloneableHash(md);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	596	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	597	transcriptHash = new NonCloneableHash(md);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	598	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	599	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	600
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	601	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	602	public void update(byte[] input, int offset, int length) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	603	transcriptHash.update(input, offset, length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	604	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	605
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	606	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	607	public byte[] digest() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	608	return transcriptHash.digest();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	609	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	610
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	611	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	612	public byte[] archived() {
52928 d59955700113 8214098: sun.security.ssl.HandshakeHash.T12HandshakeHash constructor check backwards. ascarpino parents: 50768 diff changeset	613	// This method is not necessary in T13
d59955700113 8214098: sun.security.ssl.HandshakeHash.T12HandshakeHash constructor check backwards. ascarpino parents: 50768 diff changeset	614	throw new UnsupportedOperationException(
d59955700113 8214098: sun.security.ssl.HandshakeHash.T12HandshakeHash constructor check backwards. ascarpino parents: 50768 diff changeset	615	"TLS 1.3 does not require archived.");
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	616	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	617	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	618
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	619	static final class CloneableHash implements TranscriptHash {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	620	private final MessageDigest md;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	621
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	622	CloneableHash(MessageDigest md) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	623	this.md = md;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	624	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	625
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	626	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	627	public void update(byte[] input, int offset, int length) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	628	md.update(input, offset, length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	629	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	630
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	631	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	632	public byte[] digest() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	633	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	634	return ((MessageDigest)md.clone()).digest();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	635	} catch (CloneNotSupportedException ex) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	636	// unlikely
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	637	return new byte[0];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	638	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	639	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	640
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	641	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	642	public byte[] archived() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	643	throw new UnsupportedOperationException("Not supported yet.");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	644	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	645	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	646
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	647	static final class NonCloneableHash implements TranscriptHash {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	648	private final MessageDigest md;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	649	private final ByteArrayOutputStream baos = new ByteArrayOutputStream();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	650
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	651	NonCloneableHash(MessageDigest md) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	652	this.md = md;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	653	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	654
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	655	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	656	public void update(byte[] input, int offset, int length) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	657	baos.write(input, offset, length);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	658	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	659
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	660	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	661	public byte[] digest() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	662	byte[] bytes = baos.toByteArray();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	663	md.reset();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	664	return md.digest(bytes);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	665	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	666
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	667	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	668	public byte[] archived() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 48358 diff changeset	669	return baos.toByteArray();
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	670	}
5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 5506 diff changeset	671	}
2 90ce3da70b43 Initial load duke parents: diff changeset	672	}

author	xuelei
	Tue, 12 Feb 2019 13:36:15 -0800
changeset 53734	cb1642ccc732
parent 53563	a4b7ea85d668
permissions	-rw-r--r--