jdk-sandbox: src/java.base/share/classes/sun/security/ssl/ServerKeyExchange.java@e2af6324d67c (annotated)

50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	1	/*
55715 e2af6324d67c 8222678: Improve TLS negotiation jnimeh parents: 53064 diff changeset	2	* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	4	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	10	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	15	* accompanied this code).
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	16	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	20	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	23	* questions.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	24	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	25
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	26	package sun.security.ssl;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	27
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	28	import java.io.IOException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	29	import java.nio.ByteBuffer;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	30	import java.util.Map;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	31	import sun.security.ssl.SSLHandshake.HandshakeMessage;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	32
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	33	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	34	* Pack of the ServerKeyExchange handshake message.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	35	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	36	final class ServerKeyExchange {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	37	static final SSLConsumer handshakeConsumer =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	38	new ServerKeyExchangeConsumer();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	39	static final HandshakeProducer handshakeProducer =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	40	new ServerKeyExchangeProducer();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	41
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	42	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	43	* The "ServerKeyExchange" handshake message producer.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	44	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	45	private static final
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	46	class ServerKeyExchangeProducer implements HandshakeProducer {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	47	// Prevent instantiation of this class.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	48	private ServerKeyExchangeProducer() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	49	// blank
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	50	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	51
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	52	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	53	public byte[] produce(ConnectionContext context,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	54	HandshakeMessage message) throws IOException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	55	// The producing happens in server side only.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	56	ServerHandshakeContext shc = (ServerHandshakeContext)context;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	57
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	58	SSLKeyExchange ke = SSLKeyExchange.valueOf(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	59	shc.negotiatedCipherSuite.keyExchange,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	60	shc.negotiatedProtocol);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	61	if (ke != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	62	for (Map.Entry<Byte, HandshakeProducer> hc :
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	63	ke.getHandshakeProducers(shc)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	64	if (hc.getKey() == SSLHandshake.SERVER_KEY_EXCHANGE.id) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	65	return hc.getValue().produce(context, message);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	66	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	67	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	68	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	69
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	70	// not producer defined.
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 50768 diff changeset	71	throw shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	72	"No ServerKeyExchange handshake message can be produced.");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	73	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	74	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	75
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	76	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	77	* The "ServerKeyExchange" handshake message consumer.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	78	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	79	private static final
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	80	class ServerKeyExchangeConsumer implements SSLConsumer {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	81	// Prevent instantiation of this class.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	82	private ServerKeyExchangeConsumer() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	83	// blank
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	84	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	85
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	86	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	87	public void consume(ConnectionContext context,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	88	ByteBuffer message) throws IOException {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	89	// The consuming happens in client side only.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	90	ClientHandshakeContext chc = (ClientHandshakeContext)context;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	91
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	92	// clean up this consumer
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	93	chc.handshakeConsumers.remove(SSLHandshake.SERVER_KEY_EXCHANGE.id);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	94
55715 e2af6324d67c 8222678: Improve TLS negotiation jnimeh parents: 53064 diff changeset	95	SSLConsumer certStatCons = chc.handshakeConsumers.remove(
e2af6324d67c 8222678: Improve TLS negotiation jnimeh parents: 53064 diff changeset	96	SSLHandshake.CERTIFICATE_STATUS.id);
e2af6324d67c 8222678: Improve TLS negotiation jnimeh parents: 53064 diff changeset	97	if (certStatCons != null) {
e2af6324d67c 8222678: Improve TLS negotiation jnimeh parents: 53064 diff changeset	98	// Stapling was active but no certificate status message
e2af6324d67c 8222678: Improve TLS negotiation jnimeh parents: 53064 diff changeset	99	// was sent. We need to run the absence handler which will
e2af6324d67c 8222678: Improve TLS negotiation jnimeh parents: 53064 diff changeset	100	// check the certificate chain.
e2af6324d67c 8222678: Improve TLS negotiation jnimeh parents: 53064 diff changeset	101	CertificateStatus.handshakeAbsence.absent(context, null);
e2af6324d67c 8222678: Improve TLS negotiation jnimeh parents: 53064 diff changeset	102	}
e2af6324d67c 8222678: Improve TLS negotiation jnimeh parents: 53064 diff changeset	103
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	104	SSLKeyExchange ke = SSLKeyExchange.valueOf(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	105	chc.negotiatedCipherSuite.keyExchange,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	106	chc.negotiatedProtocol);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	107	if (ke != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	108	for (Map.Entry<Byte, SSLConsumer> hc :
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	109	ke.getHandshakeConsumers(chc)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	110	if (hc.getKey() == SSLHandshake.SERVER_KEY_EXCHANGE.id) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	111	hc.getValue().consume(context, message);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	112	return;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	113	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	114	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	115	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	116
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	117	// no consumer defined.
53064 103ed9569fc8 8215443: The use of TransportContext.fatal() leads to bad coding style xuelei parents: 50768 diff changeset	118	throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE,
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	119	"Unexpected ServerKeyExchange handshake message.");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	120	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	121	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	122	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	123

author	jnimeh
	Thu, 02 May 2019 17:43:26 -0700
changeset 55715	e2af6324d67c
parent 53064	103ed9569fc8
permissions	-rw-r--r--