|
1 /* |
|
2 * Copyright (c) 2006, 2018, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. Oracle designates this |
|
8 * particular file as subject to the "Classpath" exception as provided |
|
9 * by Oracle in the LICENSE file that accompanied this code. |
|
10 * |
|
11 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 * version 2 for more details (a copy is included in the LICENSE file that |
|
15 * accompanied this code). |
|
16 * |
|
17 * You should have received a copy of the GNU General Public License version |
|
18 * 2 along with this work; if not, write to the Free Software Foundation, |
|
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 * |
|
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
22 * or visit www.oracle.com if you need additional information or have any |
|
23 * questions. |
|
24 */ |
|
25 |
|
26 package sun.security.ssl; |
|
27 |
|
28 import java.io.IOException; |
|
29 import java.nio.ByteBuffer; |
|
30 import java.util.AbstractMap.SimpleImmutableEntry; |
|
31 import java.util.Map; |
|
32 import javax.net.ssl.SSLException; |
|
33 |
|
34 enum SSLHandshake implements SSLConsumer, HandshakeProducer { |
|
35 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
36 HELLO_REQUEST ((byte)0x00, "hello_request", |
|
37 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
38 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
39 HelloRequest.handshakeConsumer, |
|
40 ProtocolVersion.PROTOCOLS_TO_12 |
|
41 ) |
|
42 }), |
|
43 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
44 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
45 HelloRequest.handshakeProducer, |
|
46 ProtocolVersion.PROTOCOLS_TO_12 |
|
47 ) |
|
48 })), |
|
49 |
|
50 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
51 CLIENT_HELLO ((byte)0x01, "client_hello", |
|
52 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
53 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
54 ClientHello.handshakeConsumer, |
|
55 ProtocolVersion.PROTOCOLS_TO_13 |
|
56 ) |
|
57 }), |
|
58 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
59 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
60 ClientHello.handshakeProducer, |
|
61 ProtocolVersion.PROTOCOLS_TO_13 |
|
62 ) |
|
63 })), |
|
64 |
|
65 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
66 SERVER_HELLO ((byte)0x02, "server_hello", |
|
67 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
68 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
69 ServerHello.handshakeConsumer, |
|
70 ProtocolVersion.PROTOCOLS_TO_13 |
|
71 ) |
|
72 }), |
|
73 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
74 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
75 ServerHello.t12HandshakeProducer, |
|
76 ProtocolVersion.PROTOCOLS_TO_12 |
|
77 ), |
|
78 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
79 ServerHello.t13HandshakeProducer, |
|
80 ProtocolVersion.PROTOCOLS_OF_13 |
|
81 ) |
|
82 })), |
|
83 |
|
84 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
85 HELLO_RETRY_REQUEST ((byte)0x02, "hello_retry_request", |
|
86 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
87 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
88 ServerHello.handshakeConsumer, // Use ServerHello consumer |
|
89 ProtocolVersion.PROTOCOLS_TO_13 |
|
90 ) |
|
91 }), |
|
92 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
93 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
94 ServerHello.hrrHandshakeProducer, |
|
95 ProtocolVersion.PROTOCOLS_OF_13 |
|
96 ) |
|
97 })), |
|
98 |
|
99 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
100 HELLO_VERIFY_REQUEST ((byte)0x03, "hello_verify_request", |
|
101 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
102 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
103 HelloVerifyRequest.handshakeConsumer, |
|
104 ProtocolVersion.PROTOCOLS_TO_12 |
|
105 ) |
|
106 }), |
|
107 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
108 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
109 HelloVerifyRequest.handshakeProducer, |
|
110 ProtocolVersion.PROTOCOLS_TO_12 |
|
111 ) |
|
112 })), |
|
113 |
|
114 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
115 NEW_SESSION_TICKET ((byte)0x04, "new_session_ticket", |
|
116 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
117 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
118 NewSessionTicket.handshakeConsumer, |
|
119 ProtocolVersion.PROTOCOLS_OF_13 |
|
120 ) |
|
121 }), |
|
122 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
123 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
124 NewSessionTicket.handshakeProducer, |
|
125 ProtocolVersion.PROTOCOLS_OF_13 |
|
126 ) |
|
127 })), |
|
128 END_OF_EARLY_DATA ((byte)0x05, "end_of_early_data"), |
|
129 |
|
130 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
131 ENCRYPTED_EXTENSIONS ((byte)0x08, "encrypted_extensions", |
|
132 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
133 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
134 EncryptedExtensions.handshakeConsumer, |
|
135 ProtocolVersion.PROTOCOLS_OF_13 |
|
136 ) |
|
137 }), |
|
138 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
139 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
140 EncryptedExtensions.handshakeProducer, |
|
141 ProtocolVersion.PROTOCOLS_OF_13 |
|
142 ) |
|
143 })), |
|
144 |
|
145 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
146 CERTIFICATE ((byte)0x0B, "certificate", |
|
147 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
148 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
149 CertificateMessage.t12HandshakeConsumer, |
|
150 ProtocolVersion.PROTOCOLS_TO_12 |
|
151 ), |
|
152 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
153 CertificateMessage.t13HandshakeConsumer, |
|
154 ProtocolVersion.PROTOCOLS_OF_13 |
|
155 ) |
|
156 }), |
|
157 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
158 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
159 CertificateMessage.t12HandshakeProducer, |
|
160 ProtocolVersion.PROTOCOLS_TO_12 |
|
161 ), |
|
162 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
163 CertificateMessage.t13HandshakeProducer, |
|
164 ProtocolVersion.PROTOCOLS_OF_13 |
|
165 ) |
|
166 })), |
|
167 |
|
168 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
169 SERVER_KEY_EXCHANGE ((byte)0x0C, "server_key_exchange", |
|
170 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
171 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
172 ServerKeyExchange.handshakeConsumer, |
|
173 ProtocolVersion.PROTOCOLS_TO_12 |
|
174 ) |
|
175 }), |
|
176 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
177 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
178 ServerKeyExchange.handshakeProducer, |
|
179 ProtocolVersion.PROTOCOLS_TO_12 |
|
180 ) |
|
181 })), |
|
182 |
|
183 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
184 CERTIFICATE_REQUEST ((byte)0x0D, "certificate_request", |
|
185 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
186 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
187 CertificateRequest.t10HandshakeConsumer, |
|
188 ProtocolVersion.PROTOCOLS_TO_11 |
|
189 ), |
|
190 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
191 CertificateRequest.t12HandshakeConsumer, |
|
192 ProtocolVersion.PROTOCOLS_OF_12 |
|
193 ), |
|
194 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
195 CertificateRequest.t13HandshakeConsumer, |
|
196 ProtocolVersion.PROTOCOLS_OF_13 |
|
197 ) |
|
198 }), |
|
199 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
200 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
201 CertificateRequest.t10HandshakeProducer, |
|
202 ProtocolVersion.PROTOCOLS_TO_11 |
|
203 ), |
|
204 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
205 CertificateRequest.t12HandshakeProducer, |
|
206 ProtocolVersion.PROTOCOLS_OF_12 |
|
207 ), |
|
208 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
209 CertificateRequest.t13HandshakeProducer, |
|
210 ProtocolVersion.PROTOCOLS_OF_13 |
|
211 ) |
|
212 })), |
|
213 |
|
214 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
215 SERVER_HELLO_DONE ((byte)0x0E, "server_hello_done", |
|
216 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
217 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
218 ServerHelloDone.handshakeConsumer, |
|
219 ProtocolVersion.PROTOCOLS_TO_12 |
|
220 ) |
|
221 }), |
|
222 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
223 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
224 ServerHelloDone.handshakeProducer, |
|
225 ProtocolVersion.PROTOCOLS_TO_12 |
|
226 ) |
|
227 })), |
|
228 |
|
229 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
230 CERTIFICATE_VERIFY ((byte)0x0F, "certificate_verify", |
|
231 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
232 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
233 CertificateVerify.s30HandshakeConsumer, |
|
234 ProtocolVersion.PROTOCOLS_OF_30 |
|
235 ), |
|
236 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
237 CertificateVerify.t10HandshakeConsumer, |
|
238 ProtocolVersion.PROTOCOLS_10_11 |
|
239 ), |
|
240 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
241 CertificateVerify.t12HandshakeConsumer, |
|
242 ProtocolVersion.PROTOCOLS_OF_12 |
|
243 ), |
|
244 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
245 CertificateVerify.t13HandshakeConsumer, |
|
246 ProtocolVersion.PROTOCOLS_OF_13 |
|
247 ) |
|
248 }), |
|
249 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
250 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
251 CertificateVerify.s30HandshakeProducer, |
|
252 ProtocolVersion.PROTOCOLS_OF_30 |
|
253 ), |
|
254 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
255 CertificateVerify.t10HandshakeProducer, |
|
256 ProtocolVersion.PROTOCOLS_10_11 |
|
257 ), |
|
258 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
259 CertificateVerify.t12HandshakeProducer, |
|
260 ProtocolVersion.PROTOCOLS_OF_12 |
|
261 ), |
|
262 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
263 CertificateVerify.t13HandshakeProducer, |
|
264 ProtocolVersion.PROTOCOLS_OF_13 |
|
265 ) |
|
266 })), |
|
267 |
|
268 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
269 CLIENT_KEY_EXCHANGE ((byte)0x10, "client_key_exchange", |
|
270 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
271 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
272 ClientKeyExchange.handshakeConsumer, |
|
273 ProtocolVersion.PROTOCOLS_TO_12 |
|
274 ) |
|
275 }), |
|
276 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
277 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
278 ClientKeyExchange.handshakeProducer, |
|
279 ProtocolVersion.PROTOCOLS_TO_12 |
|
280 ) |
|
281 })), |
|
282 |
|
283 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
284 FINISHED ((byte)0x14, "finished", |
|
285 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
286 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
287 Finished.t12HandshakeConsumer, |
|
288 ProtocolVersion.PROTOCOLS_TO_12 |
|
289 ), |
|
290 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
291 Finished.t13HandshakeConsumer, |
|
292 ProtocolVersion.PROTOCOLS_OF_13 |
|
293 ) |
|
294 }), |
|
295 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
296 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
297 Finished.t12HandshakeProducer, |
|
298 ProtocolVersion.PROTOCOLS_TO_12 |
|
299 ), |
|
300 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
301 Finished.t13HandshakeProducer, |
|
302 ProtocolVersion.PROTOCOLS_OF_13 |
|
303 ) |
|
304 })), |
|
305 |
|
306 CERTIFICATE_URL ((byte)0x15, "certificate_url"), |
|
307 |
|
308 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
309 CERTIFICATE_STATUS ((byte)0x16, "certificate_status", |
|
310 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
311 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
312 CertificateStatus.handshakeConsumer, |
|
313 ProtocolVersion.PROTOCOLS_TO_12 |
|
314 ) |
|
315 }), |
|
316 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
317 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
318 CertificateStatus.handshakeProducer, |
|
319 ProtocolVersion.PROTOCOLS_TO_12 |
|
320 ) |
|
321 }), |
|
322 (Map.Entry<HandshakeAbsence, ProtocolVersion[]>[])(new Map.Entry[] { |
|
323 new SimpleImmutableEntry<HandshakeAbsence, ProtocolVersion[]>( |
|
324 CertificateStatus.handshakeAbsence, |
|
325 ProtocolVersion.PROTOCOLS_TO_12 |
|
326 ) |
|
327 })), |
|
328 |
|
329 SUPPLEMENTAL_DATA ((byte)0x17, "supplemental_data"), |
|
330 |
|
331 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
332 KEY_UPDATE ((byte)0x18, "key_update", |
|
333 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
334 new SimpleImmutableEntry<SSLConsumer, ProtocolVersion[]>( |
|
335 KeyUpdate.handshakeConsumer, |
|
336 ProtocolVersion.PROTOCOLS_OF_13 |
|
337 ) |
|
338 }), |
|
339 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])(new Map.Entry[] { |
|
340 new SimpleImmutableEntry<HandshakeProducer, ProtocolVersion[]>( |
|
341 KeyUpdate.handshakeProducer, |
|
342 ProtocolVersion.PROTOCOLS_OF_13 |
|
343 ) |
|
344 })), |
|
345 MESSAGE_HASH ((byte)0xFE, "message_hash"), |
|
346 NOT_APPLICABLE ((byte)0xFF, "not_applicable"); |
|
347 |
|
348 final byte id; |
|
349 final String name; |
|
350 final Map.Entry<SSLConsumer, ProtocolVersion[]>[] handshakeConsumers; |
|
351 final Map.Entry<HandshakeProducer, ProtocolVersion[]>[] handshakeProducers; |
|
352 final Map.Entry<HandshakeAbsence, ProtocolVersion[]>[] handshakeAbsences; |
|
353 |
|
354 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
355 SSLHandshake(byte id, String name) { |
|
356 this(id, name, |
|
357 (Map.Entry<SSLConsumer, ProtocolVersion[]>[])( |
|
358 new Map.Entry[0]), |
|
359 (Map.Entry<HandshakeProducer, ProtocolVersion[]>[])( |
|
360 new Map.Entry[0]), |
|
361 (Map.Entry<HandshakeAbsence, ProtocolVersion[]>[])( |
|
362 new Map.Entry[0])); |
|
363 } |
|
364 |
|
365 @SuppressWarnings({"unchecked", "rawtypes"}) |
|
366 SSLHandshake(byte id, String name, |
|
367 Map.Entry<SSLConsumer, ProtocolVersion[]>[] handshakeConsumers, |
|
368 Map.Entry<HandshakeProducer, ProtocolVersion[]>[] handshakeProducers) { |
|
369 this(id, name, handshakeConsumers, handshakeProducers, |
|
370 (Map.Entry<HandshakeAbsence, ProtocolVersion[]>[])( |
|
371 new Map.Entry[0])); |
|
372 } |
|
373 |
|
374 SSLHandshake(byte id, String name, |
|
375 Map.Entry<SSLConsumer, ProtocolVersion[]>[] handshakeConsumers, |
|
376 Map.Entry<HandshakeProducer, ProtocolVersion[]>[] handshakeProducers, |
|
377 Map.Entry<HandshakeAbsence, ProtocolVersion[]>[] handshakeAbsence) { |
|
378 this.id = id; |
|
379 this.name = name; |
|
380 this.handshakeConsumers = handshakeConsumers; |
|
381 this.handshakeProducers = handshakeProducers; |
|
382 this.handshakeAbsences = handshakeAbsence; |
|
383 } |
|
384 |
|
385 @Override |
|
386 public void consume(ConnectionContext context, |
|
387 ByteBuffer message) throws IOException { |
|
388 SSLConsumer hc = getHandshakeConsumer(context); |
|
389 if (hc != null) { |
|
390 hc.consume(context, message); |
|
391 } else { |
|
392 throw new UnsupportedOperationException( |
|
393 "Unsupported handshake consumer: " + this.name); |
|
394 } |
|
395 } |
|
396 |
|
397 private SSLConsumer getHandshakeConsumer(ConnectionContext context) { |
|
398 if (handshakeConsumers.length == 0) { |
|
399 return null; |
|
400 } |
|
401 |
|
402 // The comsuming happens in handshake context only. |
|
403 HandshakeContext hc = (HandshakeContext)context; |
|
404 ProtocolVersion protocolVersion; |
|
405 if ((hc.negotiatedProtocol == null) || |
|
406 (hc.negotiatedProtocol == ProtocolVersion.NONE)) { |
|
407 protocolVersion = hc.maximumActiveProtocol; |
|
408 } else { |
|
409 protocolVersion = hc.negotiatedProtocol; |
|
410 } |
|
411 |
|
412 for (Map.Entry<SSLConsumer, |
|
413 ProtocolVersion[]> phe : handshakeConsumers) { |
|
414 for (ProtocolVersion pv : phe.getValue()) { |
|
415 if (protocolVersion == pv) { |
|
416 return phe.getKey(); |
|
417 } |
|
418 } |
|
419 } |
|
420 |
|
421 return null; |
|
422 } |
|
423 |
|
424 @Override |
|
425 public byte[] produce(ConnectionContext context, |
|
426 HandshakeMessage message) throws IOException { |
|
427 HandshakeProducer hp = getHandshakeProducer(context); |
|
428 if (hp != null) { |
|
429 return hp.produce(context, message); |
|
430 } else { |
|
431 throw new UnsupportedOperationException( |
|
432 "Unsupported handshake producer: " + this.name); |
|
433 } |
|
434 } |
|
435 |
|
436 private HandshakeProducer getHandshakeProducer( |
|
437 ConnectionContext context) { |
|
438 if (handshakeConsumers.length == 0) { |
|
439 return null; |
|
440 } |
|
441 |
|
442 // The comsuming happens in handshake context only. |
|
443 HandshakeContext hc = (HandshakeContext)context; |
|
444 ProtocolVersion protocolVersion; |
|
445 if ((hc.negotiatedProtocol == null) || |
|
446 (hc.negotiatedProtocol == ProtocolVersion.NONE)) { |
|
447 protocolVersion = hc.maximumActiveProtocol; |
|
448 } else { |
|
449 protocolVersion = hc.negotiatedProtocol; |
|
450 } |
|
451 |
|
452 for (Map.Entry<HandshakeProducer, |
|
453 ProtocolVersion[]> phe : handshakeProducers) { |
|
454 for (ProtocolVersion pv : phe.getValue()) { |
|
455 if (protocolVersion == pv) { |
|
456 return phe.getKey(); |
|
457 } |
|
458 } |
|
459 } |
|
460 |
|
461 return null; |
|
462 } |
|
463 |
|
464 @Override |
|
465 public String toString() { |
|
466 return name; |
|
467 } |
|
468 |
|
469 /* |
|
470 static SSLHandshake valueOf(byte id) { |
|
471 for (SSLHandshake hs : SSLHandshake.values()) { |
|
472 if (hs.id == id) { |
|
473 return hs; |
|
474 } |
|
475 } |
|
476 |
|
477 return null; |
|
478 } |
|
479 */ |
|
480 |
|
481 static String nameOf(byte id) { |
|
482 // If two handshake message share the same handshake type, returns |
|
483 // the first handshake message name. |
|
484 // |
|
485 // It is not a big issue at present as only ServerHello and |
|
486 // HellRetryRequest share a handshake type. |
|
487 for (SSLHandshake hs : SSLHandshake.values()) { |
|
488 if (hs.id == id) { |
|
489 return hs.name; |
|
490 } |
|
491 } |
|
492 |
|
493 return "UNKNOWN-HANDSHAKE-MESSAGE(" + id + ")"; |
|
494 } |
|
495 |
|
496 static final void kickstart(HandshakeContext context) throws IOException { |
|
497 if (context instanceof ClientHandshakeContext) { |
|
498 // For initial handshaking, including session resumption, |
|
499 // ClientHello message is used as the kickstart message. |
|
500 // |
|
501 // (D)TLS 1.2 and older protocols support renegotiation on existing |
|
502 // connections. A ClientHello messages is used to kickstart the |
|
503 // renegotiation. |
|
504 // |
|
505 // (D)TLS 1.3 forbids renegotiation. The post-handshake KeyUpdate |
|
506 // message is used to update the sending cryptographic keys. |
|
507 if (context.conContext.isNegotiated && |
|
508 context.conContext.protocolVersion.useTLS13PlusSpec()) { |
|
509 // Use KeyUpdate message for renegotiation. |
|
510 KeyUpdate.kickstartProducer.produce(context); |
|
511 } else { |
|
512 // Using ClientHello message for the initial handshaking |
|
513 // (including session resumption) or renegotiation. |
|
514 // SSLHandshake.CLIENT_HELLO.produce(context); |
|
515 ClientHello.kickstartProducer.produce(context); |
|
516 } |
|
517 } else { |
|
518 // The server side can delivering kickstart message after the |
|
519 // connection has established. |
|
520 // |
|
521 // (D)TLS 1.2 and older protocols use HelloRequest to begin a |
|
522 // negotiation process anew. |
|
523 // |
|
524 // While (D)TLS 1.3 uses the post-handshake KeyUpdate message |
|
525 // to update the sending cryptographic keys. |
|
526 if (context.conContext.protocolVersion.useTLS13PlusSpec()) { |
|
527 // Use KeyUpdate message for renegotiation. |
|
528 KeyUpdate.kickstartProducer.produce(context); |
|
529 } else { |
|
530 // SSLHandshake.HELLO_REQUEST.produce(context); |
|
531 HelloRequest.kickstartProducer.produce(context); |
|
532 } |
|
533 } |
|
534 } |
|
535 |
|
536 /** |
|
537 * A (transparent) specification of handshake message. |
|
538 */ |
|
539 static abstract class HandshakeMessage { |
|
540 final HandshakeContext handshakeContext; |
|
541 |
|
542 HandshakeMessage(HandshakeContext handshakeContext) { |
|
543 this.handshakeContext = handshakeContext; |
|
544 } |
|
545 |
|
546 abstract SSLHandshake handshakeType(); |
|
547 abstract int messageLength(); |
|
548 abstract void send(HandshakeOutStream hos) throws IOException; |
|
549 |
|
550 void write(HandshakeOutStream hos) throws IOException { |
|
551 int len = messageLength(); |
|
552 if (len >= Record.OVERFLOW_OF_INT24) { |
|
553 throw new SSLException("Handshake message is overflow" |
|
554 + ", type = " + handshakeType() + ", len = " + len); |
|
555 } |
|
556 hos.write(handshakeType().id); |
|
557 hos.putInt24(len); |
|
558 send(hos); |
|
559 hos.complete(); |
|
560 } |
|
561 } |
|
562 } |