jdk-sandbox: jdk/src/java.base/share/classes/sun/security/ssl/ProtocolVersion.java@e4d5230193da (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	2	* Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 4236 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 4236 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 4236 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 4236 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 4236 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
28555 c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	28	import java.util.*;
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	29	import java.security.CryptoPrimitive;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	30	import sun.security.ssl.CipherSuite.*;
28555 c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	31
2 90ce3da70b43 Initial load duke parents: diff changeset	32	/**
90ce3da70b43 Initial load duke parents: diff changeset	33	* Type safe enum for an SSL/TLS protocol version. Instances are obtained
90ce3da70b43 Initial load duke parents: diff changeset	34	* using the static factory methods or by referencing the static members
90ce3da70b43 Initial load duke parents: diff changeset	35	* in this class. Member variables are final and can be accessed without
90ce3da70b43 Initial load duke parents: diff changeset	36	* accessor methods.
90ce3da70b43 Initial load duke parents: diff changeset	37	*
90ce3da70b43 Initial load duke parents: diff changeset	38	* There is only ever one instance per supported protocol version, this
90ce3da70b43 Initial load duke parents: diff changeset	39	* means == can be used for comparision instead of equals() if desired.
90ce3da70b43 Initial load duke parents: diff changeset	40	*
90ce3da70b43 Initial load duke parents: diff changeset	41	* Checks for a particular version number should generally take this form:
90ce3da70b43 Initial load duke parents: diff changeset	42	*
30374 2abaf49910ea 8079478: some docs cleanup for sun.security avstepan parents: 28555 diff changeset	43	* <pre>{@code
2 90ce3da70b43 Initial load duke parents: diff changeset	44	* if (protocolVersion.v >= ProtocolVersion.TLS10) {
90ce3da70b43 Initial load duke parents: diff changeset	45	* // TLS 1.0 code goes here
90ce3da70b43 Initial load duke parents: diff changeset	46	* } else {
90ce3da70b43 Initial load duke parents: diff changeset	47	* // SSL 3.0 code here
90ce3da70b43 Initial load duke parents: diff changeset	48	* }
30374 2abaf49910ea 8079478: some docs cleanup for sun.security avstepan parents: 28555 diff changeset	49	* }</pre>
2 90ce3da70b43 Initial load duke parents: diff changeset	50	*
90ce3da70b43 Initial load duke parents: diff changeset	51	* @author Andreas Sterbenz
90ce3da70b43 Initial load duke parents: diff changeset	52	* @since 1.4.1
90ce3da70b43 Initial load duke parents: diff changeset	53	*/
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	54	public final class ProtocolVersion implements Comparable<ProtocolVersion> {
2 90ce3da70b43 Initial load duke parents: diff changeset	55
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	56	// The limit of maximum protocol version
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	57	final static int LIMIT_MAX_VALUE = 0xFFFF;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	58
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	59	// The limit of minimum protocol version
5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	60	final static int LIMIT_MIN_VALUE = 0x0000;
5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	61
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	62	// Dummy protocol version value for invalid SSLSession
2 90ce3da70b43 Initial load duke parents: diff changeset	63	final static ProtocolVersion NONE = new ProtocolVersion(-1, "NONE");
90ce3da70b43 Initial load duke parents: diff changeset	64
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	65	// If enabled, send/accept SSLv2 hello messages
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	66	final static ProtocolVersion SSL20Hello =
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	67	new ProtocolVersion(0x0002, "SSLv2Hello");
2 90ce3da70b43 Initial load duke parents: diff changeset	68
90ce3da70b43 Initial load duke parents: diff changeset	69	// SSL 3.0
90ce3da70b43 Initial load duke parents: diff changeset	70	final static ProtocolVersion SSL30 = new ProtocolVersion(0x0300, "SSLv3");
90ce3da70b43 Initial load duke parents: diff changeset	71
90ce3da70b43 Initial load duke parents: diff changeset	72	// TLS 1.0
90ce3da70b43 Initial load duke parents: diff changeset	73	final static ProtocolVersion TLS10 = new ProtocolVersion(0x0301, "TLSv1");
90ce3da70b43 Initial load duke parents: diff changeset	74
90ce3da70b43 Initial load duke parents: diff changeset	75	// TLS 1.1
90ce3da70b43 Initial load duke parents: diff changeset	76	final static ProtocolVersion TLS11 = new ProtocolVersion(0x0302, "TLSv1.1");
90ce3da70b43 Initial load duke parents: diff changeset	77
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	78	// TLS 1.2
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	79	final static ProtocolVersion TLS12 = new ProtocolVersion(0x0303, "TLSv1.2");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	80
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	81	// DTLS 1.0
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	82	// {254, 255}, the version value of DTLS 1.0.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	83	final static ProtocolVersion DTLS10 =
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	84	new ProtocolVersion(0xFEFF, "DTLSv1.0");
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	85
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	86	// No DTLS 1.1, that version number was skipped in order to harmonize
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	87	// version numbers with TLS.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	88
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	89	// DTLS 1.2
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	90	// {254, 253}, the version value of DTLS 1.2.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	91	final static ProtocolVersion DTLS12 =
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	92	new ProtocolVersion(0xFEFD, "DTLSv1.2");
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	93
2 90ce3da70b43 Initial load duke parents: diff changeset	94	private static final boolean FIPS = SunJSSE.isFIPS();
90ce3da70b43 Initial load duke parents: diff changeset	95
90ce3da70b43 Initial load duke parents: diff changeset	96	// minimum version we implement (SSL 3.0)
90ce3da70b43 Initial load duke parents: diff changeset	97	final static ProtocolVersion MIN = FIPS ? TLS10 : SSL30;
90ce3da70b43 Initial load duke parents: diff changeset	98
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	99	// maximum version we implement (TLS 1.2)
5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	100	final static ProtocolVersion MAX = TLS12;
2 90ce3da70b43 Initial load duke parents: diff changeset	101
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	102	// SSL/TLS ProtocolVersion to use by default (TLS 1.2)
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	103	final static ProtocolVersion DEFAULT_TLS = TLS12;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	104
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	105	// DTLS ProtocolVersion to use by default (TLS 1.2)
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	106	final static ProtocolVersion DEFAULT_DTLS = DTLS12;
2 90ce3da70b43 Initial load duke parents: diff changeset	107
90ce3da70b43 Initial load duke parents: diff changeset	108	// Default version for hello messages (SSLv2Hello)
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	109	final static ProtocolVersion DEFAULT_HELLO = FIPS ? TLS10 : SSL30;
2 90ce3da70b43 Initial load duke parents: diff changeset	110
28555 c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	111	// Available protocols
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	112	//
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	113	// Including all supported protocols except the disabled ones.
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	114	final static Set<ProtocolVersion> availableProtocols;
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	115
2 90ce3da70b43 Initial load duke parents: diff changeset	116	// version in 16 bit MSB format as it appears in records and
90ce3da70b43 Initial load duke parents: diff changeset	117	// messages, i.e. 0x0301 for TLS 1.0
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: 2 diff changeset	118	public final int v;
2 90ce3da70b43 Initial load duke parents: diff changeset	119
90ce3da70b43 Initial load duke parents: diff changeset	120	// major and minor version
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: 2 diff changeset	121	public final byte major, minor;
2 90ce3da70b43 Initial load duke parents: diff changeset	122
90ce3da70b43 Initial load duke parents: diff changeset	123	// name used in JSSE (e.g. TLSv1 for TLS 1.0)
90ce3da70b43 Initial load duke parents: diff changeset	124	final String name;
90ce3da70b43 Initial load duke parents: diff changeset	125
28555 c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	126	// Initialize the available protocols.
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	127	static {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	128	Set<ProtocolVersion> protocols = new HashSet<>(7);
28555 c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	129
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	130	ProtocolVersion[] pvs = new ProtocolVersion[] {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	131	SSL20Hello, SSL30, TLS10, TLS11, TLS12, DTLS10, DTLS12};
28555 c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	132	EnumSet<CryptoPrimitive> cryptoPrimitives =
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	133	EnumSet.<CryptoPrimitive>of(CryptoPrimitive.KEY_AGREEMENT);
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	134	for (ProtocolVersion p : pvs) {
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	135	if (SSLAlgorithmConstraints.DEFAULT_SSL_ONLY.permits(
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	136	cryptoPrimitives, p.name, null)) {
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	137	protocols.add(p);
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	138	}
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	139	}
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	140
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	141	availableProtocols =
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	142	Collections.<ProtocolVersion>unmodifiableSet(protocols);
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	143	}
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 25859 diff changeset	144
2 90ce3da70b43 Initial load duke parents: diff changeset	145	// private
90ce3da70b43 Initial load duke parents: diff changeset	146	private ProtocolVersion(int v, String name) {
90ce3da70b43 Initial load duke parents: diff changeset	147	this.v = v;
90ce3da70b43 Initial load duke parents: diff changeset	148	this.name = name;
90ce3da70b43 Initial load duke parents: diff changeset	149	major = (byte)(v >>> 8);
24263 f95477ce56e4 8042449: Issue for negative byte major record version xuelei parents: 22068 diff changeset	150	minor = (byte)(v & 0xFF);
2 90ce3da70b43 Initial load duke parents: diff changeset	151	}
90ce3da70b43 Initial load duke parents: diff changeset	152
90ce3da70b43 Initial load duke parents: diff changeset	153	// private
90ce3da70b43 Initial load duke parents: diff changeset	154	private static ProtocolVersion valueOf(int v) {
90ce3da70b43 Initial load duke parents: diff changeset	155	if (v == SSL30.v) {
90ce3da70b43 Initial load duke parents: diff changeset	156	return SSL30;
90ce3da70b43 Initial load duke parents: diff changeset	157	} else if (v == TLS10.v) {
90ce3da70b43 Initial load duke parents: diff changeset	158	return TLS10;
90ce3da70b43 Initial load duke parents: diff changeset	159	} else if (v == TLS11.v) {
90ce3da70b43 Initial load duke parents: diff changeset	160	return TLS11;
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	161	} else if (v == TLS12.v) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	162	return TLS12;
2 90ce3da70b43 Initial load duke parents: diff changeset	163	} else if (v == SSL20Hello.v) {
90ce3da70b43 Initial load duke parents: diff changeset	164	return SSL20Hello;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	165	} else if (v == DTLS10.v) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	166	return DTLS10;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	167	} else if (v == DTLS12.v) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	168	return DTLS12;
2 90ce3da70b43 Initial load duke parents: diff changeset	169	} else {
24263 f95477ce56e4 8042449: Issue for negative byte major record version xuelei parents: 22068 diff changeset	170	int major = (v >>> 8) & 0xFF;
f95477ce56e4 8042449: Issue for negative byte major record version xuelei parents: 22068 diff changeset	171	int minor = v & 0xFF;
2 90ce3da70b43 Initial load duke parents: diff changeset	172	return new ProtocolVersion(v, "Unknown-" + major + "." + minor);
90ce3da70b43 Initial load duke parents: diff changeset	173	}
90ce3da70b43 Initial load duke parents: diff changeset	174	}
90ce3da70b43 Initial load duke parents: diff changeset	175
90ce3da70b43 Initial load duke parents: diff changeset	176	/**
90ce3da70b43 Initial load duke parents: diff changeset	177	* Return a ProtocolVersion with the specified major and minor version
90ce3da70b43 Initial load duke parents: diff changeset	178	* numbers. Never throws exceptions.
90ce3da70b43 Initial load duke parents: diff changeset	179	*/
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: 2 diff changeset	180	public static ProtocolVersion valueOf(int major, int minor) {
24263 f95477ce56e4 8042449: Issue for negative byte major record version xuelei parents: 22068 diff changeset	181	return valueOf(((major & 0xFF) << 8) \| (minor & 0xFF));
2 90ce3da70b43 Initial load duke parents: diff changeset	182	}
90ce3da70b43 Initial load duke parents: diff changeset	183
90ce3da70b43 Initial load duke parents: diff changeset	184	/**
90ce3da70b43 Initial load duke parents: diff changeset	185	* Return a ProtocolVersion for the given name.
90ce3da70b43 Initial load duke parents: diff changeset	186	*
90ce3da70b43 Initial load duke parents: diff changeset	187	* @exception IllegalArgumentException if name is null or does not
90ce3da70b43 Initial load duke parents: diff changeset	188	* identify a supported protocol
90ce3da70b43 Initial load duke parents: diff changeset	189	*/
90ce3da70b43 Initial load duke parents: diff changeset	190	static ProtocolVersion valueOf(String name) {
90ce3da70b43 Initial load duke parents: diff changeset	191	if (name == null) {
90ce3da70b43 Initial load duke parents: diff changeset	192	throw new IllegalArgumentException("Protocol cannot be null");
90ce3da70b43 Initial load duke parents: diff changeset	193	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	194
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	195	if (FIPS && (name.equals(SSL30.name) \|\| name.equals(SSL20Hello.name))) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	196	throw new IllegalArgumentException(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	197	"Only TLS 1.0 or later allowed in FIPS mode");
2 90ce3da70b43 Initial load duke parents: diff changeset	198	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	199
2 90ce3da70b43 Initial load duke parents: diff changeset	200	if (name.equals(SSL30.name)) {
90ce3da70b43 Initial load duke parents: diff changeset	201	return SSL30;
90ce3da70b43 Initial load duke parents: diff changeset	202	} else if (name.equals(TLS10.name)) {
90ce3da70b43 Initial load duke parents: diff changeset	203	return TLS10;
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	204	} else if (name.equals(TLS11.name)) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	205	return TLS11;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	206	} else if (name.equals(TLS12.name)) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	207	return TLS12;
2 90ce3da70b43 Initial load duke parents: diff changeset	208	} else if (name.equals(SSL20Hello.name)) {
90ce3da70b43 Initial load duke parents: diff changeset	209	return SSL20Hello;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	210	} else if (name.equals(DTLS10.name)) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	211	return DTLS10;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	212	} else if (name.equals(DTLS12.name)) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	213	return DTLS12;
2 90ce3da70b43 Initial load duke parents: diff changeset	214	} else {
90ce3da70b43 Initial load duke parents: diff changeset	215	throw new IllegalArgumentException(name);
90ce3da70b43 Initial load duke parents: diff changeset	216	}
90ce3da70b43 Initial load duke parents: diff changeset	217	}
90ce3da70b43 Initial load duke parents: diff changeset	218
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 7043 diff changeset	219	@Override
2 90ce3da70b43 Initial load duke parents: diff changeset	220	public String toString() {
90ce3da70b43 Initial load duke parents: diff changeset	221	return name;
90ce3da70b43 Initial load duke parents: diff changeset	222	}
90ce3da70b43 Initial load duke parents: diff changeset	223
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	224	/**
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	225	* Compares this object with the specified object for order.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	226	*/
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 7043 diff changeset	227	@Override
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	228	public int compareTo(ProtocolVersion protocolVersion) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	229	if (maybeDTLSProtocol()) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	230	if (!protocolVersion.maybeDTLSProtocol()) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	231	throw new IllegalArgumentException("Not DTLS protocol");
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	232	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	233
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	234	return protocolVersion.v - this.v;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	235	} else {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	236	if (protocolVersion.maybeDTLSProtocol()) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	237	throw new IllegalArgumentException("Not TLS protocol");
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	238	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	239
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	240	return this.v - protocolVersion.v;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	241	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	242	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	243
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	244	/**
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	245	* Returns true if a ProtocolVersion represents a DTLS protocol.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	246	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	247	boolean isDTLSProtocol() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	248	return this.v == DTLS12.v \|\| this.v == DTLS10.v;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	249	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	250
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	251	/**
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	252	* Returns true if a ProtocolVersion may represent a DTLS protocol.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	253	*/
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	254	boolean maybeDTLSProtocol() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	255	return (this.major & 0x80) != 0;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	256	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	257
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	258	boolean useTLS12PlusSpec() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	259	return maybeDTLSProtocol() ? (this.v <= DTLS12.v) : (this.v >= TLS12.v);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	260	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	261
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	262	boolean useTLS11PlusSpec() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	263	return maybeDTLSProtocol() ? true : (this.v >= TLS11.v);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	264	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	265
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	266	boolean useTLS10PlusSpec() {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	267	return maybeDTLSProtocol() ? true : (this.v >= TLS10.v);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	268	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	269
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	270	boolean obsoletes(CipherSuite suite) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	271	ProtocolVersion proto = this;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	272	if (proto.isDTLSProtocol()) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	273	// DTLS bans stream ciphers.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	274	if (suite.cipher.cipherType == CipherType.STREAM_CIPHER) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	275	return true;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	276	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	277
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	278	proto = mapToTLSProtocol(this);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	279	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	280
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	281	return (proto.v >= suite.obsoleted);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	282	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	283
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	284	boolean supports(CipherSuite suite) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	285	ProtocolVersion proto = this;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	286	if (proto.isDTLSProtocol()) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	287	// DTLS bans stream ciphers.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	288	if (suite.cipher.cipherType == CipherType.STREAM_CIPHER) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	289	return false;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	290	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	291
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	292	proto = mapToTLSProtocol(this);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	293	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	294
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	295	return (proto.v >= suite.supported);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	296	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	297
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	298	// Map a specified protocol to the corresponding TLS version.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	299	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	300	// DTLS 1.2 -> TLS 1.2
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	301	// DTLS 1.0 -> TLS 1.1
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	302	private static ProtocolVersion mapToTLSProtocol(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	303	ProtocolVersion protocolVersion) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	304
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	305	if (protocolVersion.isDTLSProtocol()) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	306	if (protocolVersion.v == DTLS10.v) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	307	protocolVersion = TLS11;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	308	} else { // DTLS12
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	309	protocolVersion = TLS12;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	310	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	311	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	312
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 30374 diff changeset	313	return protocolVersion;
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 5506 diff changeset	314	}
2 90ce3da70b43 Initial load duke parents: diff changeset	315	}

author	xuelei
	Wed, 22 Apr 2015 05:09:54 +0000
changeset 31712	e4d5230193da
parent 30904	ec0224270f90
child 32649	2ee9017c7597
permissions	-rw-r--r--