1 /* |
1 /* |
2 * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
23 * questions. |
23 * questions. |
24 */ |
24 */ |
25 |
25 |
26 package sun.security.internal.spec; |
26 package sun.security.internal.spec; |
27 |
27 |
|
28 import sun.security.action.GetBooleanAction; |
|
29 |
28 import java.security.spec.AlgorithmParameterSpec; |
30 import java.security.spec.AlgorithmParameterSpec; |
29 import java.security.AccessController; |
|
30 import java.security.PrivilegedAction; |
|
31 |
31 |
32 /** |
32 /** |
33 * Parameters for SSL/TLS RSA premaster secret. |
33 * Parameters for SSL/TLS RSA premaster secret. |
34 * |
34 * |
35 * <p>Instances of this class are immutable. |
35 * <p>Instances of this class are immutable. |
49 * The TLS spec says that the version in the RSA premaster secret must |
49 * The TLS spec says that the version in the RSA premaster secret must |
50 * be the maximum version supported by the client (i.e. the version it |
50 * be the maximum version supported by the client (i.e. the version it |
51 * requested in its client hello version). However, we (and other |
51 * requested in its client hello version). However, we (and other |
52 * implementations) used to send the active negotiated version. The |
52 * implementations) used to send the active negotiated version. The |
53 * system property below allows to toggle the behavior. |
53 * system property below allows to toggle the behavior. |
54 */ |
|
55 private static final String PROP_NAME = |
|
56 "com.sun.net.ssl.rsaPreMasterSecretFix"; |
|
57 |
|
58 /* |
|
59 * Default is "false" (old behavior) for compatibility reasons in |
54 * Default is "false" (old behavior) for compatibility reasons in |
60 * SSLv3/TLSv1. Later protocols (TLSv1.1+) do not use this property. |
55 * SSLv3/TLSv1. Later protocols (TLSv1.1+) do not use this property. |
61 */ |
56 */ |
62 private static final boolean rsaPreMasterSecretFix = |
57 private static final boolean rsaPreMasterSecretFix = GetBooleanAction |
63 AccessController.doPrivileged(new PrivilegedAction<Boolean>() { |
58 .privilegedGetProperty("com.sun.net.ssl.rsaPreMasterSecretFix"); |
64 public Boolean run() { |
|
65 String value = System.getProperty(PROP_NAME); |
|
66 if (value != null && value.equalsIgnoreCase("true")) { |
|
67 return Boolean.TRUE; |
|
68 } |
|
69 |
|
70 return Boolean.FALSE; |
|
71 } |
|
72 }); |
|
73 |
59 |
74 private final int clientVersion; |
60 private final int clientVersion; |
75 private final int serverVersion; |
61 private final int serverVersion; |
76 |
62 |
77 /** |
63 /** |