author | jnimeh |
Thu, 02 May 2019 17:43:26 -0700 | |
changeset 55715 | e2af6324d67c |
parent 53064 | 103ed9569fc8 |
permissions | -rw-r--r-- |
50768 | 1 |
/* |
55715 | 2 |
* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. |
50768 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. Oracle designates this |
|
8 |
* particular file as subject to the "Classpath" exception as provided |
|
9 |
* by Oracle in the LICENSE file that accompanied this code. |
|
10 |
* |
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
24 |
*/ |
|
25 |
||
26 |
package sun.security.ssl; |
|
27 |
||
28 |
import java.io.IOException; |
|
29 |
import java.nio.ByteBuffer; |
|
30 |
import java.util.Map; |
|
31 |
import sun.security.ssl.SSLHandshake.HandshakeMessage; |
|
32 |
||
33 |
/** |
|
34 |
* Pack of the ServerKeyExchange handshake message. |
|
35 |
*/ |
|
36 |
final class ServerKeyExchange { |
|
37 |
static final SSLConsumer handshakeConsumer = |
|
38 |
new ServerKeyExchangeConsumer(); |
|
39 |
static final HandshakeProducer handshakeProducer = |
|
40 |
new ServerKeyExchangeProducer(); |
|
41 |
||
42 |
/** |
|
43 |
* The "ServerKeyExchange" handshake message producer. |
|
44 |
*/ |
|
45 |
private static final |
|
46 |
class ServerKeyExchangeProducer implements HandshakeProducer { |
|
47 |
// Prevent instantiation of this class. |
|
48 |
private ServerKeyExchangeProducer() { |
|
49 |
// blank |
|
50 |
} |
|
51 |
||
52 |
@Override |
|
53 |
public byte[] produce(ConnectionContext context, |
|
54 |
HandshakeMessage message) throws IOException { |
|
55 |
// The producing happens in server side only. |
|
56 |
ServerHandshakeContext shc = (ServerHandshakeContext)context; |
|
57 |
||
58 |
SSLKeyExchange ke = SSLKeyExchange.valueOf( |
|
59 |
shc.negotiatedCipherSuite.keyExchange, |
|
60 |
shc.negotiatedProtocol); |
|
61 |
if (ke != null) { |
|
62 |
for (Map.Entry<Byte, HandshakeProducer> hc : |
|
63 |
ke.getHandshakeProducers(shc)) { |
|
64 |
if (hc.getKey() == SSLHandshake.SERVER_KEY_EXCHANGE.id) { |
|
65 |
return hc.getValue().produce(context, message); |
|
66 |
} |
|
67 |
} |
|
68 |
} |
|
69 |
||
70 |
// not producer defined. |
|
53064
103ed9569fc8
8215443: The use of TransportContext.fatal() leads to bad coding style
xuelei
parents:
50768
diff
changeset
|
71 |
throw shc.conContext.fatal(Alert.HANDSHAKE_FAILURE, |
50768 | 72 |
"No ServerKeyExchange handshake message can be produced."); |
73 |
} |
|
74 |
} |
|
75 |
||
76 |
/** |
|
77 |
* The "ServerKeyExchange" handshake message consumer. |
|
78 |
*/ |
|
79 |
private static final |
|
80 |
class ServerKeyExchangeConsumer implements SSLConsumer { |
|
81 |
// Prevent instantiation of this class. |
|
82 |
private ServerKeyExchangeConsumer() { |
|
83 |
// blank |
|
84 |
} |
|
85 |
||
86 |
@Override |
|
87 |
public void consume(ConnectionContext context, |
|
88 |
ByteBuffer message) throws IOException { |
|
89 |
// The consuming happens in client side only. |
|
90 |
ClientHandshakeContext chc = (ClientHandshakeContext)context; |
|
91 |
||
92 |
// clean up this consumer |
|
93 |
chc.handshakeConsumers.remove(SSLHandshake.SERVER_KEY_EXCHANGE.id); |
|
94 |
||
55715 | 95 |
SSLConsumer certStatCons = chc.handshakeConsumers.remove( |
96 |
SSLHandshake.CERTIFICATE_STATUS.id); |
|
97 |
if (certStatCons != null) { |
|
98 |
// Stapling was active but no certificate status message |
|
99 |
// was sent. We need to run the absence handler which will |
|
100 |
// check the certificate chain. |
|
101 |
CertificateStatus.handshakeAbsence.absent(context, null); |
|
102 |
} |
|
103 |
||
50768 | 104 |
SSLKeyExchange ke = SSLKeyExchange.valueOf( |
105 |
chc.negotiatedCipherSuite.keyExchange, |
|
106 |
chc.negotiatedProtocol); |
|
107 |
if (ke != null) { |
|
108 |
for (Map.Entry<Byte, SSLConsumer> hc : |
|
109 |
ke.getHandshakeConsumers(chc)) { |
|
110 |
if (hc.getKey() == SSLHandshake.SERVER_KEY_EXCHANGE.id) { |
|
111 |
hc.getValue().consume(context, message); |
|
112 |
return; |
|
113 |
} |
|
114 |
} |
|
115 |
} |
|
116 |
||
117 |
// no consumer defined. |
|
53064
103ed9569fc8
8215443: The use of TransportContext.fatal() leads to bad coding style
xuelei
parents:
50768
diff
changeset
|
118 |
throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, |
50768 | 119 |
"Unexpected ServerKeyExchange handshake message."); |
120 |
} |
|
121 |
} |
|
122 |
} |
|
123 |