33 import java.util.LinkedList; |
33 import java.util.LinkedList; |
34 import java.util.Locale; |
34 import java.util.Locale; |
35 import sun.security.ssl.SSLHandshake.HandshakeMessage; |
35 import sun.security.ssl.SSLHandshake.HandshakeMessage; |
36 import sun.security.util.HexDumpEncoder; |
36 import sun.security.util.HexDumpEncoder; |
37 |
37 |
38 enum SSLExtension implements SSLStringize { |
38 enum SSLExtension implements SSLStringizer { |
39 // Extensions defined in RFC 6066 |
39 // Extensions defined in RFC 6066 |
40 CH_SERVER_NAME (0x0000, "server_name", |
40 CH_SERVER_NAME (0x0000, "server_name", |
41 SSLHandshake.CLIENT_HELLO, |
41 SSLHandshake.CLIENT_HELLO, |
42 ProtocolVersion.PROTOCOLS_TO_13, |
42 ProtocolVersion.PROTOCOLS_TO_13, |
43 ServerNameExtension.chNetworkProducer, |
43 ServerNameExtension.chNetworkProducer, |
44 ServerNameExtension.chOnLoadConsumer, |
44 ServerNameExtension.chOnLoadConsumer, |
45 null, |
45 null, |
46 null, |
46 null, |
47 null, |
47 null, |
48 ServerNameExtension.chStringize), |
48 ServerNameExtension.chStringizer), |
49 SH_SERVER_NAME (0x0000, "server_name", |
49 SH_SERVER_NAME (0x0000, "server_name", |
50 SSLHandshake.SERVER_HELLO, |
50 SSLHandshake.SERVER_HELLO, |
51 ProtocolVersion.PROTOCOLS_TO_12, |
51 ProtocolVersion.PROTOCOLS_TO_12, |
52 ServerNameExtension.shNetworkProducer, |
52 ServerNameExtension.shNetworkProducer, |
53 ServerNameExtension.shOnLoadConsumer, |
53 ServerNameExtension.shOnLoadConsumer, |
54 null, |
54 null, |
55 null, |
55 null, |
56 null, |
56 null, |
57 ServerNameExtension.shStringize), |
57 ServerNameExtension.shStringizer), |
58 EE_SERVER_NAME (0x0000, "server_name", |
58 EE_SERVER_NAME (0x0000, "server_name", |
59 SSLHandshake.ENCRYPTED_EXTENSIONS, |
59 SSLHandshake.ENCRYPTED_EXTENSIONS, |
60 ProtocolVersion.PROTOCOLS_OF_13, |
60 ProtocolVersion.PROTOCOLS_OF_13, |
61 ServerNameExtension.eeNetworkProducer, |
61 ServerNameExtension.eeNetworkProducer, |
62 ServerNameExtension.eeOnLoadConsumer, |
62 ServerNameExtension.eeOnLoadConsumer, |
63 null, |
63 null, |
64 null, |
64 null, |
65 null, |
65 null, |
66 ServerNameExtension.shStringize), |
66 ServerNameExtension.shStringizer), |
67 CH_MAX_FRAGMENT_LENGTH (0x0001, "max_fragment_length", |
67 CH_MAX_FRAGMENT_LENGTH (0x0001, "max_fragment_length", |
68 SSLHandshake.CLIENT_HELLO, |
68 SSLHandshake.CLIENT_HELLO, |
69 ProtocolVersion.PROTOCOLS_TO_13, |
69 ProtocolVersion.PROTOCOLS_TO_13, |
70 MaxFragExtension.chNetworkProducer, |
70 MaxFragExtension.chNetworkProducer, |
71 MaxFragExtension.chOnLoadConsumer, |
71 MaxFragExtension.chOnLoadConsumer, |
72 null, |
72 null, |
73 null, |
73 null, |
74 null, |
74 null, |
75 MaxFragExtension.maxFragLenStringize), |
75 MaxFragExtension.maxFragLenStringizer), |
76 SH_MAX_FRAGMENT_LENGTH (0x0001, "max_fragment_length", |
76 SH_MAX_FRAGMENT_LENGTH (0x0001, "max_fragment_length", |
77 SSLHandshake.SERVER_HELLO, |
77 SSLHandshake.SERVER_HELLO, |
78 ProtocolVersion.PROTOCOLS_TO_12, |
78 ProtocolVersion.PROTOCOLS_TO_12, |
79 MaxFragExtension.shNetworkProducer, |
79 MaxFragExtension.shNetworkProducer, |
80 MaxFragExtension.shOnLoadConsumer, |
80 MaxFragExtension.shOnLoadConsumer, |
81 null, |
81 null, |
82 MaxFragExtension.shOnTradeConsumer, |
82 MaxFragExtension.shOnTradeConsumer, |
83 null, |
83 null, |
84 MaxFragExtension.maxFragLenStringize), |
84 MaxFragExtension.maxFragLenStringizer), |
85 EE_MAX_FRAGMENT_LENGTH (0x0001, "max_fragment_length", |
85 EE_MAX_FRAGMENT_LENGTH (0x0001, "max_fragment_length", |
86 SSLHandshake.ENCRYPTED_EXTENSIONS, |
86 SSLHandshake.ENCRYPTED_EXTENSIONS, |
87 ProtocolVersion.PROTOCOLS_OF_13, |
87 ProtocolVersion.PROTOCOLS_OF_13, |
88 MaxFragExtension.eeNetworkProducer, |
88 MaxFragExtension.eeNetworkProducer, |
89 MaxFragExtension.eeOnLoadConsumer, |
89 MaxFragExtension.eeOnLoadConsumer, |
90 null, |
90 null, |
91 MaxFragExtension.eeOnTradeConsumer, |
91 MaxFragExtension.eeOnTradeConsumer, |
92 null, |
92 null, |
93 MaxFragExtension.maxFragLenStringize), |
93 MaxFragExtension.maxFragLenStringizer), |
94 CLIENT_CERTIFICATE_URL (0x0002, "client_certificate_url"), |
94 CLIENT_CERTIFICATE_URL (0x0002, "client_certificate_url"), |
95 TRUSTED_CA_KEYS (0x0003, "trusted_ca_keys"), |
95 TRUSTED_CA_KEYS (0x0003, "trusted_ca_keys"), |
96 TRUNCATED_HMAC (0x0004, "truncated_hmac"), |
96 TRUNCATED_HMAC (0x0004, "truncated_hmac"), |
97 |
97 |
98 CH_STATUS_REQUEST (0x0005, "status_request", |
98 CH_STATUS_REQUEST (0x0005, "status_request", |
183 SignatureAlgorithmsExtension.chNetworkProducer, |
183 SignatureAlgorithmsExtension.chNetworkProducer, |
184 SignatureAlgorithmsExtension.chOnLoadConsumer, |
184 SignatureAlgorithmsExtension.chOnLoadConsumer, |
185 SignatureAlgorithmsExtension.chOnLoadAbsence, |
185 SignatureAlgorithmsExtension.chOnLoadAbsence, |
186 SignatureAlgorithmsExtension.chOnTradeConsumer, |
186 SignatureAlgorithmsExtension.chOnTradeConsumer, |
187 SignatureAlgorithmsExtension.chOnTradeAbsence, |
187 SignatureAlgorithmsExtension.chOnTradeAbsence, |
188 SignatureAlgorithmsExtension.ssStringize), |
188 SignatureAlgorithmsExtension.ssStringizer), |
189 CR_SIGNATURE_ALGORITHMS (0x000D, "signature_algorithms", |
189 CR_SIGNATURE_ALGORITHMS (0x000D, "signature_algorithms", |
190 SSLHandshake.CERTIFICATE_REQUEST, |
190 SSLHandshake.CERTIFICATE_REQUEST, |
191 ProtocolVersion.PROTOCOLS_OF_13, |
191 ProtocolVersion.PROTOCOLS_OF_13, |
192 SignatureAlgorithmsExtension.crNetworkProducer, |
192 SignatureAlgorithmsExtension.crNetworkProducer, |
193 SignatureAlgorithmsExtension.crOnLoadConsumer, |
193 SignatureAlgorithmsExtension.crOnLoadConsumer, |
194 SignatureAlgorithmsExtension.crOnLoadAbsence, |
194 SignatureAlgorithmsExtension.crOnLoadAbsence, |
195 SignatureAlgorithmsExtension.crOnTradeConsumer, |
195 SignatureAlgorithmsExtension.crOnTradeConsumer, |
196 null, |
196 null, |
197 SignatureAlgorithmsExtension.ssStringize), |
197 SignatureAlgorithmsExtension.ssStringizer), |
198 |
198 |
199 CH_SIGNATURE_ALGORITHMS_CERT (0x0032, "signature_algorithms_cert", |
199 CH_SIGNATURE_ALGORITHMS_CERT (0x0032, "signature_algorithms_cert", |
200 SSLHandshake.CLIENT_HELLO, |
200 SSLHandshake.CLIENT_HELLO, |
201 ProtocolVersion.PROTOCOLS_12_13, |
201 ProtocolVersion.PROTOCOLS_12_13, |
202 CertSignAlgsExtension.chNetworkProducer, |
202 CertSignAlgsExtension.chNetworkProducer, |
203 CertSignAlgsExtension.chOnLoadConsumer, |
203 CertSignAlgsExtension.chOnLoadConsumer, |
204 null, |
204 null, |
205 CertSignAlgsExtension.chOnTradeConsumer, |
205 CertSignAlgsExtension.chOnTradeConsumer, |
206 null, |
206 null, |
207 CertSignAlgsExtension.ssStringize), |
207 CertSignAlgsExtension.ssStringizer), |
208 CR_SIGNATURE_ALGORITHMS_CERT (0x0032, "signature_algorithms_cert", |
208 CR_SIGNATURE_ALGORITHMS_CERT (0x0032, "signature_algorithms_cert", |
209 SSLHandshake.CERTIFICATE_REQUEST, |
209 SSLHandshake.CERTIFICATE_REQUEST, |
210 ProtocolVersion.PROTOCOLS_OF_13, |
210 ProtocolVersion.PROTOCOLS_OF_13, |
211 CertSignAlgsExtension.crNetworkProducer, |
211 CertSignAlgsExtension.crNetworkProducer, |
212 CertSignAlgsExtension.crOnLoadConsumer, |
212 CertSignAlgsExtension.crOnLoadConsumer, |
213 null, |
213 null, |
214 CertSignAlgsExtension.crOnTradeConsumer, |
214 CertSignAlgsExtension.crOnTradeConsumer, |
215 null, |
215 null, |
216 CertSignAlgsExtension.ssStringize), |
216 CertSignAlgsExtension.ssStringizer), |
217 |
217 |
218 // extensions defined in RFC 5764 |
218 // extensions defined in RFC 5764 |
219 USE_SRTP (0x000E, "use_srtp"), |
219 USE_SRTP (0x000E, "use_srtp"), |
220 |
220 |
221 // extensions defined in RFC 6520 |
221 // extensions defined in RFC 6520 |
228 AlpnExtension.chNetworkProducer, |
228 AlpnExtension.chNetworkProducer, |
229 AlpnExtension.chOnLoadConsumer, |
229 AlpnExtension.chOnLoadConsumer, |
230 AlpnExtension.chOnLoadAbsence, |
230 AlpnExtension.chOnLoadAbsence, |
231 null, |
231 null, |
232 null, |
232 null, |
233 AlpnExtension.alpnStringize), |
233 AlpnExtension.alpnStringizer), |
234 SH_ALPN (0x0010, "application_layer_protocol_negotiation", |
234 SH_ALPN (0x0010, "application_layer_protocol_negotiation", |
235 SSLHandshake.SERVER_HELLO, |
235 SSLHandshake.SERVER_HELLO, |
236 ProtocolVersion.PROTOCOLS_TO_12, |
236 ProtocolVersion.PROTOCOLS_TO_12, |
237 AlpnExtension.shNetworkProducer, |
237 AlpnExtension.shNetworkProducer, |
238 AlpnExtension.shOnLoadConsumer, |
238 AlpnExtension.shOnLoadConsumer, |
239 AlpnExtension.shOnLoadAbsence, |
239 AlpnExtension.shOnLoadAbsence, |
240 null, |
240 null, |
241 null, |
241 null, |
242 AlpnExtension.alpnStringize), |
242 AlpnExtension.alpnStringizer), |
243 EE_ALPN (0x0010, "application_layer_protocol_negotiation", |
243 EE_ALPN (0x0010, "application_layer_protocol_negotiation", |
244 SSLHandshake.ENCRYPTED_EXTENSIONS, |
244 SSLHandshake.ENCRYPTED_EXTENSIONS, |
245 ProtocolVersion.PROTOCOLS_OF_13, |
245 ProtocolVersion.PROTOCOLS_OF_13, |
246 AlpnExtension.shNetworkProducer, |
246 AlpnExtension.shNetworkProducer, |
247 AlpnExtension.shOnLoadConsumer, |
247 AlpnExtension.shOnLoadConsumer, |
248 AlpnExtension.shOnLoadAbsence, |
248 AlpnExtension.shOnLoadAbsence, |
249 null, |
249 null, |
250 null, |
250 null, |
251 AlpnExtension.alpnStringize), |
251 AlpnExtension.alpnStringizer), |
252 |
252 |
253 // extensions defined in RFC 6961 |
253 // extensions defined in RFC 6961 |
254 CH_STATUS_REQUEST_V2 (0x0011, "status_request_v2", |
254 CH_STATUS_REQUEST_V2 (0x0011, "status_request_v2", |
255 SSLHandshake.CLIENT_HELLO, |
255 SSLHandshake.CLIENT_HELLO, |
256 ProtocolVersion.PROTOCOLS_TO_12, |
256 ProtocolVersion.PROTOCOLS_TO_12, |
257 CertStatusExtension.chV2NetworkProducer, |
257 CertStatusExtension.chV2NetworkProducer, |
258 CertStatusExtension.chV2OnLoadConsumer, |
258 CertStatusExtension.chV2OnLoadConsumer, |
259 null, |
259 null, |
260 null, |
260 null, |
261 null, |
261 null, |
262 CertStatusExtension.certStatusReqV2Stringize), |
262 CertStatusExtension.certStatusReqV2Stringizer), |
263 SH_STATUS_REQUEST_V2 (0x0011, "status_request_v2", |
263 SH_STATUS_REQUEST_V2 (0x0011, "status_request_v2", |
264 SSLHandshake.SERVER_HELLO, |
264 SSLHandshake.SERVER_HELLO, |
265 ProtocolVersion.PROTOCOLS_TO_12, |
265 ProtocolVersion.PROTOCOLS_TO_12, |
266 CertStatusExtension.shV2NetworkProducer, |
266 CertStatusExtension.shV2NetworkProducer, |
267 CertStatusExtension.shV2OnLoadConsumer, |
267 CertStatusExtension.shV2OnLoadConsumer, |
268 null, |
268 null, |
269 null, |
269 null, |
270 null, |
270 null, |
271 CertStatusExtension.certStatusReqV2Stringize), |
271 CertStatusExtension.certStatusReqV2Stringizer), |
272 |
272 |
273 // extensions defined in RFC 6962 |
273 // extensions defined in RFC 6962 |
274 SIGNED_CERT_TIMESTAMP (0x0012, "signed_certificate_timestamp"), |
274 SIGNED_CERT_TIMESTAMP (0x0012, "signed_certificate_timestamp"), |
275 |
275 |
276 // extensions defined in RFC 7250 |
276 // extensions defined in RFC 7250 |
323 SupportedVersionsExtension.chNetworkProducer, |
323 SupportedVersionsExtension.chNetworkProducer, |
324 SupportedVersionsExtension.chOnLoadConsumer, |
324 SupportedVersionsExtension.chOnLoadConsumer, |
325 null, |
325 null, |
326 null, |
326 null, |
327 null, |
327 null, |
328 SupportedVersionsExtension.chStringize), |
328 SupportedVersionsExtension.chStringizer), |
329 SH_SUPPORTED_VERSIONS (0x002B, "supported_versions", |
329 SH_SUPPORTED_VERSIONS (0x002B, "supported_versions", |
330 SSLHandshake.SERVER_HELLO, |
330 SSLHandshake.SERVER_HELLO, |
331 // and HelloRetryRequest |
331 // and HelloRetryRequest |
332 ProtocolVersion.PROTOCOLS_OF_13, |
332 ProtocolVersion.PROTOCOLS_OF_13, |
333 SupportedVersionsExtension.shNetworkProducer, |
333 SupportedVersionsExtension.shNetworkProducer, |
334 SupportedVersionsExtension.shOnLoadConsumer, |
334 SupportedVersionsExtension.shOnLoadConsumer, |
335 null, |
335 null, |
336 null, |
336 null, |
337 null, |
337 null, |
338 SupportedVersionsExtension.shStringize), |
338 SupportedVersionsExtension.shStringizer), |
339 HRR_SUPPORTED_VERSIONS (0x002B, "supported_versions", |
339 HRR_SUPPORTED_VERSIONS (0x002B, "supported_versions", |
340 SSLHandshake.HELLO_RETRY_REQUEST, |
340 SSLHandshake.HELLO_RETRY_REQUEST, |
341 ProtocolVersion.PROTOCOLS_OF_13, |
341 ProtocolVersion.PROTOCOLS_OF_13, |
342 SupportedVersionsExtension.hrrNetworkProducer, |
342 SupportedVersionsExtension.hrrNetworkProducer, |
343 SupportedVersionsExtension.hrrOnLoadConsumer, |
343 SupportedVersionsExtension.hrrOnLoadConsumer, |
344 null, |
344 null, |
345 null, |
345 null, |
346 null, |
346 null, |
347 SupportedVersionsExtension.hrrStringize), |
347 SupportedVersionsExtension.hrrStringizer), |
348 MH_SUPPORTED_VERSIONS (0x002B, "supported_versions", |
348 MH_SUPPORTED_VERSIONS (0x002B, "supported_versions", |
349 SSLHandshake.MESSAGE_HASH, |
349 SSLHandshake.MESSAGE_HASH, |
350 ProtocolVersion.PROTOCOLS_OF_13, |
350 ProtocolVersion.PROTOCOLS_OF_13, |
351 SupportedVersionsExtension.hrrReproducer, |
351 SupportedVersionsExtension.hrrReproducer, |
352 null, null, null, |
352 null, null, null, |
353 null, |
353 null, |
354 SupportedVersionsExtension.hrrStringize), |
354 SupportedVersionsExtension.hrrStringizer), |
355 |
355 |
356 CH_COOKIE (0x002C, "cookie", |
356 CH_COOKIE (0x002C, "cookie", |
357 SSLHandshake.CLIENT_HELLO, |
357 SSLHandshake.CLIENT_HELLO, |
358 ProtocolVersion.PROTOCOLS_OF_13, |
358 ProtocolVersion.PROTOCOLS_OF_13, |
359 CookieExtension.chNetworkProducer, |
359 CookieExtension.chNetworkProducer, |
360 CookieExtension.chOnLoadConsumer, |
360 CookieExtension.chOnLoadConsumer, |
361 null, |
361 null, |
362 CookieExtension.chOnTradeConsumer, |
362 CookieExtension.chOnTradeConsumer, |
363 null, |
363 null, |
364 CookieExtension.cookieStringize), |
364 CookieExtension.cookieStringizer), |
365 HRR_COOKIE (0x002C, "cookie", |
365 HRR_COOKIE (0x002C, "cookie", |
366 SSLHandshake.HELLO_RETRY_REQUEST, |
366 SSLHandshake.HELLO_RETRY_REQUEST, |
367 ProtocolVersion.PROTOCOLS_OF_13, |
367 ProtocolVersion.PROTOCOLS_OF_13, |
368 CookieExtension.hrrNetworkProducer, |
368 CookieExtension.hrrNetworkProducer, |
369 CookieExtension.hrrOnLoadConsumer, |
369 CookieExtension.hrrOnLoadConsumer, |
370 null, null, |
370 null, null, |
371 null, |
371 null, |
372 CookieExtension.cookieStringize), |
372 CookieExtension.cookieStringizer), |
373 MH_COOKIE (0x002C, "cookie", |
373 MH_COOKIE (0x002C, "cookie", |
374 SSLHandshake.MESSAGE_HASH, |
374 SSLHandshake.MESSAGE_HASH, |
375 ProtocolVersion.PROTOCOLS_OF_13, |
375 ProtocolVersion.PROTOCOLS_OF_13, |
376 CookieExtension.hrrNetworkReproducer, |
376 CookieExtension.hrrNetworkReproducer, |
377 null, null, null, |
377 null, null, null, |
378 null, |
378 null, |
379 CookieExtension.cookieStringize), |
379 CookieExtension.cookieStringizer), |
380 |
380 |
381 PSK_KEY_EXCHANGE_MODES (0x002D, "psk_key_exchange_modes", |
381 PSK_KEY_EXCHANGE_MODES (0x002D, "psk_key_exchange_modes", |
382 SSLHandshake.CLIENT_HELLO, |
382 SSLHandshake.CLIENT_HELLO, |
383 ProtocolVersion.PROTOCOLS_OF_13, |
383 ProtocolVersion.PROTOCOLS_OF_13, |
384 PskKeyExchangeModesExtension.chNetworkProducer, |
384 PskKeyExchangeModesExtension.chNetworkProducer, |
385 PskKeyExchangeModesExtension.chOnLoadConsumer, |
385 PskKeyExchangeModesExtension.chOnLoadConsumer, |
386 PskKeyExchangeModesExtension.chOnLoadAbsence, |
386 PskKeyExchangeModesExtension.chOnLoadAbsence, |
387 null, |
387 null, |
388 PskKeyExchangeModesExtension.chOnTradeAbsence, |
388 PskKeyExchangeModesExtension.chOnTradeAbsence, |
389 PskKeyExchangeModesExtension.pkemStringize), |
389 PskKeyExchangeModesExtension.pkemStringizer), |
390 CERTIFICATE_AUTHORITIES (0x002F, "certificate_authorities"), |
390 CERTIFICATE_AUTHORITIES (0x002F, "certificate_authorities"), |
391 OID_FILTERS (0x0030, "oid_filters"), |
391 OID_FILTERS (0x0030, "oid_filters"), |
392 POST_HANDSHAKE_AUTH (0x0030, "post_handshake_auth"), |
392 POST_HANDSHAKE_AUTH (0x0030, "post_handshake_auth"), |
393 |
393 |
394 CH_KEY_SHARE (0x0033, "key_share", |
394 CH_KEY_SHARE (0x0033, "key_share", |
395 SSLHandshake.CLIENT_HELLO, |
395 SSLHandshake.CLIENT_HELLO, |
396 ProtocolVersion.PROTOCOLS_OF_13, |
396 ProtocolVersion.PROTOCOLS_OF_13, |
397 KeyShareExtension.chNetworkProducer, |
397 KeyShareExtension.chNetworkProducer, |
398 KeyShareExtension.chOnLoadConsumer, |
398 KeyShareExtension.chOnLoadConsumer, |
399 null, null, null, |
399 null, null, null, |
400 KeyShareExtension.chStringize), |
400 KeyShareExtension.chStringizer), |
401 SH_KEY_SHARE (0x0033, "key_share", |
401 SH_KEY_SHARE (0x0033, "key_share", |
402 SSLHandshake.SERVER_HELLO, |
402 SSLHandshake.SERVER_HELLO, |
403 ProtocolVersion.PROTOCOLS_OF_13, |
403 ProtocolVersion.PROTOCOLS_OF_13, |
404 KeyShareExtension.shNetworkProducer, |
404 KeyShareExtension.shNetworkProducer, |
405 KeyShareExtension.shOnLoadConsumer, |
405 KeyShareExtension.shOnLoadConsumer, |
406 KeyShareExtension.shOnLoadAbsence, |
406 KeyShareExtension.shOnLoadAbsence, |
407 null, |
407 null, |
408 null, |
408 null, |
409 KeyShareExtension.shStringize), |
409 KeyShareExtension.shStringizer), |
410 HRR_KEY_SHARE (0x0033, "key_share", |
410 HRR_KEY_SHARE (0x0033, "key_share", |
411 SSLHandshake.HELLO_RETRY_REQUEST, |
411 SSLHandshake.HELLO_RETRY_REQUEST, |
412 ProtocolVersion.PROTOCOLS_OF_13, |
412 ProtocolVersion.PROTOCOLS_OF_13, |
413 KeyShareExtension.hrrNetworkProducer, |
413 KeyShareExtension.hrrNetworkProducer, |
414 KeyShareExtension.hrrOnLoadConsumer, |
414 KeyShareExtension.hrrOnLoadConsumer, |
415 null, null, null, |
415 null, null, null, |
416 KeyShareExtension.hrrStringize), |
416 KeyShareExtension.hrrStringizer), |
417 MH_KEY_SHARE (0x0033, "key_share", |
417 MH_KEY_SHARE (0x0033, "key_share", |
418 SSLHandshake.MESSAGE_HASH, |
418 SSLHandshake.MESSAGE_HASH, |
419 ProtocolVersion.PROTOCOLS_OF_13, |
419 ProtocolVersion.PROTOCOLS_OF_13, |
420 KeyShareExtension.hrrNetworkReproducer, |
420 KeyShareExtension.hrrNetworkReproducer, |
421 null, null, null, null, |
421 null, null, null, null, |
422 KeyShareExtension.hrrStringize), |
422 KeyShareExtension.hrrStringizer), |
423 |
423 |
424 // Extensions defined in RFC 5746 |
424 // Extensions defined in RFC 5746 |
425 CH_RENEGOTIATION_INFO (0xff01, "renegotiation_info", |
425 CH_RENEGOTIATION_INFO (0xff01, "renegotiation_info", |
426 SSLHandshake.CLIENT_HELLO, |
426 SSLHandshake.CLIENT_HELLO, |
427 ProtocolVersion.PROTOCOLS_TO_12, |
427 ProtocolVersion.PROTOCOLS_TO_12, |
428 RenegoInfoExtension.chNetworkProducer, |
428 RenegoInfoExtension.chNetworkProducer, |
429 RenegoInfoExtension.chOnLoadConsumer, |
429 RenegoInfoExtension.chOnLoadConsumer, |
430 RenegoInfoExtension.chOnLoadAbsence, |
430 RenegoInfoExtension.chOnLoadAbsence, |
431 null, |
431 null, |
432 null, |
432 null, |
433 RenegoInfoExtension.rniStringize), |
433 RenegoInfoExtension.rniStringizer), |
434 SH_RENEGOTIATION_INFO (0xff01, "renegotiation_info", |
434 SH_RENEGOTIATION_INFO (0xff01, "renegotiation_info", |
435 SSLHandshake.SERVER_HELLO, |
435 SSLHandshake.SERVER_HELLO, |
436 ProtocolVersion.PROTOCOLS_TO_12, |
436 ProtocolVersion.PROTOCOLS_TO_12, |
437 RenegoInfoExtension.shNetworkProducer, |
437 RenegoInfoExtension.shNetworkProducer, |
438 RenegoInfoExtension.shOnLoadConsumer, |
438 RenegoInfoExtension.shOnLoadConsumer, |
439 RenegoInfoExtension.shOnLoadAbsence, |
439 RenegoInfoExtension.shOnLoadAbsence, |
440 null, |
440 null, |
441 null, |
441 null, |
442 RenegoInfoExtension.rniStringize), |
442 RenegoInfoExtension.rniStringizer), |
443 |
443 |
444 // TLS 1.3 PSK extension must be last |
444 // TLS 1.3 PSK extension must be last |
445 CH_PRE_SHARED_KEY (0x0029, "pre_shared_key", |
445 CH_PRE_SHARED_KEY (0x0029, "pre_shared_key", |
446 SSLHandshake.CLIENT_HELLO, |
446 SSLHandshake.CLIENT_HELLO, |
447 ProtocolVersion.PROTOCOLS_OF_13, |
447 ProtocolVersion.PROTOCOLS_OF_13, |
448 PreSharedKeyExtension.chNetworkProducer, |
448 PreSharedKeyExtension.chNetworkProducer, |
449 PreSharedKeyExtension.chOnLoadConsumer, |
449 PreSharedKeyExtension.chOnLoadConsumer, |
450 PreSharedKeyExtension.chOnLoadAbsence, |
450 PreSharedKeyExtension.chOnLoadAbsence, |
451 PreSharedKeyExtension.chOnTradeConsumer, |
451 PreSharedKeyExtension.chOnTradeConsumer, |
452 null, |
452 null, |
453 PreSharedKeyExtension.chStringize), |
453 PreSharedKeyExtension.chStringizer), |
454 SH_PRE_SHARED_KEY (0x0029, "pre_shared_key", |
454 SH_PRE_SHARED_KEY (0x0029, "pre_shared_key", |
455 SSLHandshake.SERVER_HELLO, |
455 SSLHandshake.SERVER_HELLO, |
456 ProtocolVersion.PROTOCOLS_OF_13, |
456 ProtocolVersion.PROTOCOLS_OF_13, |
457 PreSharedKeyExtension.shNetworkProducer, |
457 PreSharedKeyExtension.shNetworkProducer, |
458 PreSharedKeyExtension.shOnLoadConsumer, |
458 PreSharedKeyExtension.shOnLoadConsumer, |
459 PreSharedKeyExtension.shOnLoadAbsence, |
459 PreSharedKeyExtension.shOnLoadAbsence, |
460 null, null, |
460 null, null, |
461 PreSharedKeyExtension.shStringize); |
461 PreSharedKeyExtension.shStringizer); |
462 |
462 |
463 final int id; |
463 final int id; |
464 final SSLHandshake handshakeType; |
464 final SSLHandshake handshakeType; |
465 final String name; |
465 final String name; |
466 final ProtocolVersion[] supportedProtocols; |
466 final ProtocolVersion[] supportedProtocols; |
467 final HandshakeProducer networkProducer; |
467 final HandshakeProducer networkProducer; |
468 final ExtensionConsumer onLoadConsumer; |
468 final ExtensionConsumer onLoadConsumer; |
469 final HandshakeAbsence onLoadAbsence; |
469 final HandshakeAbsence onLoadAbsence; |
470 final HandshakeConsumer onTradeConsumer; |
470 final HandshakeConsumer onTradeConsumer; |
471 final HandshakeAbsence onTradeAbsence; |
471 final HandshakeAbsence onTradeAbsence; |
472 final SSLStringize stringize; |
472 final SSLStringizer stringizer; |
473 |
473 |
474 // known but unsupported extension |
474 // known but unsupported extension |
475 private SSLExtension(int id, String name) { |
475 private SSLExtension(int id, String name) { |
476 this.id = id; |
476 this.id = id; |
477 this.handshakeType = SSLHandshake.NOT_APPLICABLE; |
477 this.handshakeType = SSLHandshake.NOT_APPLICABLE; |