jdk-sandbox: src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java@5b96c12f909d (annotated)

50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	1	/*
53734 cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53067 diff changeset	2	* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	4	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	10	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	15	* accompanied this code).
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	16	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	20	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	23	* questions.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	24	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	25
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	26	package sun.security.ssl;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	27
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	28	import java.security.AccessControlContext;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	29	import java.security.AccessController;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	30	import java.security.AlgorithmConstraints;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	31	import java.security.NoSuchAlgorithmException;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	32	import java.util.ArrayList;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	33	import java.util.Arrays;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	34	import java.util.Collection;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	35	import java.util.Collections;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	36	import java.util.HashMap;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	37	import java.util.List;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	38	import java.util.function.BiFunction;
53734 cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53067 diff changeset	39	import javax.crypto.KeyGenerator;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	40	import javax.net.ssl.HandshakeCompletedListener;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	41	import javax.net.ssl.SNIMatcher;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	42	import javax.net.ssl.SNIServerName;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	43	import javax.net.ssl.SSLEngine;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	44	import javax.net.ssl.SSLParameters;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	45	import javax.net.ssl.SSLSocket;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	46	import sun.security.ssl.SSLExtension.ClientExtensions;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	47	import sun.security.ssl.SSLExtension.ServerExtensions;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	48
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	49	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	50	* SSL/(D)TLS configuration.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	51	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	52	final class SSLConfiguration implements Cloneable {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	53	// configurations with SSLParameters
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	54	AlgorithmConstraints algorithmConstraints;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	55	List<ProtocolVersion> enabledProtocols;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	56	List<CipherSuite> enabledCipherSuites;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	57	ClientAuthType clientAuthType;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	58	String identificationProtocol;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	59	List<SNIServerName> serverNames;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	60	Collection<SNIMatcher> sniMatchers;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	61	String[] applicationProtocols;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	62	boolean preferLocalCipherSuites;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	63	boolean enableRetransmissions;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	64	int maximumPacketSize;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	65
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	66	// the maximum protocol version of enabled protocols
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	67	ProtocolVersion maximumProtocolVersion;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	68
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	69	// Configurations per SSLSocket or SSLEngine instance.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	70	boolean isClientMode;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	71	boolean enableSessionCreation;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	72
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	73	// the application layer protocol negotiation configuration
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	74	BiFunction<SSLSocket, List<String>, String> socketAPSelector;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	75	BiFunction<SSLEngine, List<String>, String> engineAPSelector;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	76
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	77	HashMap<HandshakeCompletedListener, AccessControlContext>
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	78	handshakeListeners;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	79
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	80	boolean noSniExtension;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	81	boolean noSniMatcher;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	82
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	83	// To switch off the extended_master_secret extension.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	84	static final boolean useExtendedMasterSecret;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	85
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	86	// Allow session resumption without Extended Master Secret extension.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	87	static final boolean allowLegacyResumption =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	88	Utilities.getBooleanProperty("jdk.tls.allowLegacyResumption", true);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	89
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	90	// Allow full handshake without Extended Master Secret extension.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	91	static final boolean allowLegacyMasterSecret =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	92	Utilities.getBooleanProperty("jdk.tls.allowLegacyMasterSecret", true);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	93
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	94	// Allow full handshake without Extended Master Secret extension.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	95	static final boolean useCompatibilityMode = Utilities.getBooleanProperty(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	96	"jdk.tls.client.useCompatibilityMode", true);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	97
51407 910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	98	// Respond a close_notify alert if receiving close_notify alert.
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	99	static final boolean acknowledgeCloseNotify = Utilities.getBooleanProperty(
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	100	"jdk.tls.acknowledgeCloseNotify", false);
910f7b56592f 8207009: TLS 1.3 half-close and synchronization issues xuelei parents: 50768 diff changeset	101
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	102	// Is the extended_master_secret extension supported?
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	103	static {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	104	boolean supportExtendedMasterSecret = Utilities.getBooleanProperty(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	105	"jdk.tls.useExtendedMasterSecret", true);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	106	if (supportExtendedMasterSecret) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	107	try {
53734 cb1642ccc732 8217835: Remove the experimental SunJSSE FIPS compliant mode xuelei parents: 53067 diff changeset	108	KeyGenerator.getInstance("SunTlsExtendedMasterSecret");
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	109	} catch (NoSuchAlgorithmException nae) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	110	supportExtendedMasterSecret = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	111	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	112	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	113	useExtendedMasterSecret = supportExtendedMasterSecret;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	114	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	115
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	116	SSLConfiguration(SSLContextImpl sslContext, boolean isClientMode) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	117
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	118	// Configurations with SSLParameters, default values.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	119	this.algorithmConstraints = SSLAlgorithmConstraints.DEFAULT;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	120	this.enabledProtocols =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	121	sslContext.getDefaultProtocolVersions(!isClientMode);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	122	this.enabledCipherSuites =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	123	sslContext.getDefaultCipherSuites(!isClientMode);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	124	this.clientAuthType = ClientAuthType.CLIENT_AUTH_NONE;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	125
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	126	this.identificationProtocol = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	127	this.serverNames = Collections.<SNIServerName>emptyList();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	128	this.sniMatchers = Collections.<SNIMatcher>emptyList();
54370 e057e45b49af 8168261: Use server cipher suites preference by default xuelei parents: 53734 diff changeset	129	this.preferLocalCipherSuites = true;
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	130
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	131	this.applicationProtocols = new String[0];
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	132	this.enableRetransmissions = sslContext.isDTLS();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	133	this.maximumPacketSize = 0; // please reset it explicitly later
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	134
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	135	this.maximumProtocolVersion = ProtocolVersion.NONE;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	136	for (ProtocolVersion pv : enabledProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	137	if (pv.compareTo(maximumProtocolVersion) > 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	138	this.maximumProtocolVersion = pv;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	139	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	140	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	141
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	142	// Configurations per SSLSocket or SSLEngine instance.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	143	this.isClientMode = isClientMode;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	144	this.enableSessionCreation = true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	145	this.socketAPSelector = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	146	this.engineAPSelector = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	147
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	148	this.handshakeListeners = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	149	this.noSniExtension = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	150	this.noSniMatcher = false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	151	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	152
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	153	SSLParameters getSSLParameters() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	154	SSLParameters params = new SSLParameters();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	155
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	156	params.setAlgorithmConstraints(this.algorithmConstraints);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	157	params.setProtocols(ProtocolVersion.toStringArray(enabledProtocols));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	158	params.setCipherSuites(CipherSuite.namesOf(enabledCipherSuites));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	159	switch (this.clientAuthType) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	160	case CLIENT_AUTH_REQUIRED:
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	161	params.setNeedClientAuth(true);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	162	break;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	163	case CLIENT_AUTH_REQUESTED:
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	164	params.setWantClientAuth(true);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	165	break;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	166	default:
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	167	params.setWantClientAuth(false);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	168	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	169	params.setEndpointIdentificationAlgorithm(this.identificationProtocol);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	170
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	171	if (serverNames.isEmpty() && !noSniExtension) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	172	// 'null' indicates none has been set
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	173	params.setServerNames(null);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	174	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	175	params.setServerNames(this.serverNames);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	176	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	177
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	178	if (sniMatchers.isEmpty() && !noSniMatcher) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	179	// 'null' indicates none has been set
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	180	params.setSNIMatchers(null);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	181	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	182	params.setSNIMatchers(this.sniMatchers);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	183	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	184
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	185	params.setApplicationProtocols(this.applicationProtocols);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	186	params.setUseCipherSuitesOrder(this.preferLocalCipherSuites);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	187	params.setEnableRetransmissions(this.enableRetransmissions);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	188	params.setMaximumPacketSize(this.maximumPacketSize);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	189
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	190	return params;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	191	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	192
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	193	void setSSLParameters(SSLParameters params) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	194	AlgorithmConstraints ac = params.getAlgorithmConstraints();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	195	if (ac != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	196	this.algorithmConstraints = ac;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	197	} // otherwise, use the default value
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	198
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	199	String[] sa = params.getCipherSuites();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	200	if (sa != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	201	this.enabledCipherSuites = CipherSuite.validValuesOf(sa);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	202	} // otherwise, use the default values
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	203
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	204	sa = params.getProtocols();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	205	if (sa != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	206	this.enabledProtocols = ProtocolVersion.namesOf(sa);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	207
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	208	this.maximumProtocolVersion = ProtocolVersion.NONE;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	209	for (ProtocolVersion pv : enabledProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	210	if (pv.compareTo(maximumProtocolVersion) > 0) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	211	this.maximumProtocolVersion = pv;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	212	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	213	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	214	} // otherwise, use the default values
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	215
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	216	if (params.getNeedClientAuth()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	217	this.clientAuthType = ClientAuthType.CLIENT_AUTH_REQUIRED;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	218	} else if (params.getWantClientAuth()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	219	this.clientAuthType = ClientAuthType.CLIENT_AUTH_REQUESTED;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	220	} else {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	221	this.clientAuthType = ClientAuthType.CLIENT_AUTH_NONE;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	222	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	223
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	224	String s = params.getEndpointIdentificationAlgorithm();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	225	if (s != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	226	this.identificationProtocol = s;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	227	} // otherwise, use the default value
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	228
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	229	List<SNIServerName> sniNames = params.getServerNames();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	230	if (sniNames != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	231	this.noSniExtension = sniNames.isEmpty();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	232	this.serverNames = sniNames;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	233	} // null if none has been set
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	234
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	235	Collection<SNIMatcher> matchers = params.getSNIMatchers();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	236	if (matchers != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	237	this.noSniMatcher = matchers.isEmpty();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	238	this.sniMatchers = matchers;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	239	} // null if none has been set
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	240
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	241	sa = params.getApplicationProtocols();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	242	if (sa != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	243	this.applicationProtocols = sa;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	244	} // otherwise, use the default values
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	245
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	246	this.preferLocalCipherSuites = params.getUseCipherSuitesOrder();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	247	this.enableRetransmissions = params.getEnableRetransmissions();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	248	this.maximumPacketSize = params.getMaximumPacketSize();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	249	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	250
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	251	// SSLSocket only
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	252	void addHandshakeCompletedListener(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	253	HandshakeCompletedListener listener) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	254
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	255	if (handshakeListeners == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	256	handshakeListeners = new HashMap<>(4);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	257	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	258
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	259	handshakeListeners.put(listener, AccessController.getContext());
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	260	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	261
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	262	// SSLSocket only
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	263	void removeHandshakeCompletedListener(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	264	HandshakeCompletedListener listener) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	265
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	266	if (handshakeListeners == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	267	throw new IllegalArgumentException("no listeners");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	268	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	269
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	270	if (handshakeListeners.remove(listener) == null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	271	throw new IllegalArgumentException("listener not registered");
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	272	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	273
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	274	if (handshakeListeners.isEmpty()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	275	handshakeListeners = null;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	276	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	277	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	278
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	279	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	280	* Return true if the extension is available.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	281	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	282	boolean isAvailable(SSLExtension extension) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	283	for (ProtocolVersion protocolVersion : enabledProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	284	if (extension.isAvailable(protocolVersion)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	285	if (isClientMode ?
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	286	ClientExtensions.defaults.contains(extension) :
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	287	ServerExtensions.defaults.contains(extension)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	288	return true;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	289	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	290	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	291	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	292
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	293	return false;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	294	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	295
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	296	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	297	* Return true if the extension is available for the specific protocol.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	298	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	299	boolean isAvailable(SSLExtension extension,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	300	ProtocolVersion protocolVersion) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	301	return extension.isAvailable(protocolVersion) &&
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	302	(isClientMode ? ClientExtensions.defaults.contains(extension) :
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	303	ServerExtensions.defaults.contains(extension));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	304	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	305
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	306	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	307	* Get the enabled extensions for the specific handshake message.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	308	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	309	* Used to consume handshake extensions.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	310	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	311	SSLExtension[] getEnabledExtensions(SSLHandshake handshakeType) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	312	List<SSLExtension> extensions = new ArrayList<>();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	313	for (SSLExtension extension : SSLExtension.values()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	314	if (extension.handshakeType == handshakeType) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	315	if (isAvailable(extension)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	316	extensions.add(extension);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	317	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	318	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	319	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	320
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	321	return extensions.toArray(new SSLExtension[0]);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	322	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	323
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	324	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	325	* Get the enabled extensions for the specific handshake message, excluding
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	326	* the specified extensions.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	327	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	328	* Used to consume handshake extensions.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	329	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	330	SSLExtension[] getExclusiveExtensions(SSLHandshake handshakeType,
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	331	List<SSLExtension> excluded) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	332	List<SSLExtension> extensions = new ArrayList<>();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	333	for (SSLExtension extension : SSLExtension.values()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	334	if (extension.handshakeType == handshakeType) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	335	if (isAvailable(extension) && !excluded.contains(extension)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	336	extensions.add(extension);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	337	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	338	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	339	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	340
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	341	return extensions.toArray(new SSLExtension[0]);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	342	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	343
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	344	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	345	* Get the enabled extensions for the specific handshake message
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	346	* and the specific protocol version.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	347	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	348	* Used to produce handshake extensions after handshake protocol
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	349	* version negotiation.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	350	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	351	SSLExtension[] getEnabledExtensions(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	352	SSLHandshake handshakeType, ProtocolVersion protocolVersion) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	353	return getEnabledExtensions(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	354	handshakeType, Arrays.asList(protocolVersion));
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	355	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	356
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	357	/**
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	358	* Get the enabled extensions for the specific handshake message
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	359	* and the specific protocol versions.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	360	*
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	361	* Used to produce ClientHello extensions before handshake protocol
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	362	* version negotiation.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	363	*/
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	364	SSLExtension[] getEnabledExtensions(
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	365	SSLHandshake handshakeType, List<ProtocolVersion> activeProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	366	List<SSLExtension> extensions = new ArrayList<>();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	367	for (SSLExtension extension : SSLExtension.values()) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	368	if (extension.handshakeType == handshakeType) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	369	if (!isAvailable(extension)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	370	continue;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	371	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	372
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	373	for (ProtocolVersion protocolVersion : activeProtocols) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	374	if (extension.isAvailable(protocolVersion)) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	375	extensions.add(extension);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	376	break;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	377	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	378	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	379	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	380	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	381
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	382	return extensions.toArray(new SSLExtension[0]);
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	383	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	384
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	385	@Override
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	386	@SuppressWarnings({"unchecked", "CloneDeclaresCloneNotSupported"})
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	387	public Object clone() {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	388	// Note that only references to the configurations are copied.
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	389	try {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	390	SSLConfiguration config = (SSLConfiguration)super.clone();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	391	if (handshakeListeners != null) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	392	config.handshakeListeners =
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	393	(HashMap<HandshakeCompletedListener, AccessControlContext>)
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	394	handshakeListeners.clone();
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	395	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	396
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	397	return config;
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	398	} catch (CloneNotSupportedException cnse) {
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	399	// unlikely
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	400	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	401
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	402	return null; // unlikely
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	403	}
68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: diff changeset	404	}

author	phh
	Sat, 30 Nov 2019 14:33:05 -0800
changeset 59330	5b96c12f909d
parent 54370	e057e45b49af
permissions	-rw-r--r--