jdk-sandbox: comparison src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java

equal deleted inserted replaced

-:92cbbfc996f3
+:56aaa6cb3693
 /*
-* Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
+* Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */
 package sun.security.ssl;
-import java.net.*;
+import java.math.BigInteger;
+import java.net.InetAddress;
+import java.security.Principal;
+import java.security.PrivateKey;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
 import java.util.Enumeration;
 import java.util.Hashtable;
+import java.util.List;
 import java.util.Vector;
-import java.util.Collection;
+import java.util.Optional;
-import java.util.Collections;
-import java.util.List;
-import java.util.ArrayList;
-import java.security.Principal;
-import java.security.PrivateKey;
-import java.security.SecureRandom;
-import java.security.cert.X509Certificate;
-import java.security.cert.CertificateEncodingException;
 import javax.crypto.SecretKey;
+import javax.net.ssl.ExtendedSSLSession;
-import javax.net.ssl.SSLSessionContext;
+import javax.net.ssl.SNIServerName;
-import javax.net.ssl.SSLSessionBindingListener;
-import javax.net.ssl.SSLSessionBindingEvent;
 import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLPermission;
-import javax.net.ssl.ExtendedSSLSession;
+import javax.net.ssl.SSLSessionBindingEvent;
-import javax.net.ssl.SNIServerName;
+import javax.net.ssl.SSLSessionBindingListener;
+import javax.net.ssl.SSLSessionContext;
-import static sun.security.ssl.CipherSuite.KeyExchange.*;
 /**
 * Implements the SSL session interface, and exposes the session context
 * which is maintained by SSL servers.
 *
 private final SessionId             sessionId;
 private X509Certificate[]   peerCerts;
 private byte                compressionMethod;
 private CipherSuite         cipherSuite;
 private SecretKey           masterSecret;
-private final boolean       useExtendedMasterSecret;
+final boolean               useExtendedMasterSecret;
+private SecretKey           resumptionMasterSecret;
+private SecretKey           preSharedKey;
+private byte[]              pskIdentity;
+private final long          ticketCreationTime = System.currentTimeMillis();
+private int                 ticketAgeAdd;
 /*
 * Information not part of the SSLv3 protocol spec, but used
 * to support session management policies.
 */
-private final long          creationTime = System.currentTimeMillis();
+private final long          creationTime;
 private long                lastUsedTime = 0;
 private final String        host;
 private final int           port;
 private SSLSessionContextImpl       context;
 private int                 sessionCount;
 private boolean             invalidated;
 private X509Certificate[]   localCerts;
 private PrivateKey          localPrivateKey;
-private String[]            localSupportedSignAlgs;
+private final String[]      localSupportedSignAlgs;
 private String[]            peerSupportedSignAlgs;
-private List<SNIServerName>    requestedServerNames;
 private List<byte[]>        statusResponses;
 private int                 negotiatedMaxFragLen;
 private int                 maximumPacketSize;
 /*
 * Use of session caches is globally enabled/disabled.
 */
 private static boolean      defaultRejoinable = true;
-/* Class and subclass dynamic debugging support */
+// server name indication
-private static final Debug debug = Debug.getInstance("ssl");
+final SNIServerName         serverNameIndication;
+private final List<SNIServerName>    requestedServerNames;
+// Counter used to create unique nonces in NewSessionTicket
+private BigInteger ticketNonceCounter = BigInteger.ONE;
 /*
 * Create a new non-rejoinable session, using the default (null)
 * cipher spec.  This constructor returns a session which could
 * be used either by a client or by a server, as a connection is
 * first opened and before handshaking begins.
 */
 private SSLSessionImpl() {
-this(ProtocolVersion.NONE, CipherSuite.C_NULL, null,
+this.protocolVersion = ProtocolVersion.NONE;
-new SessionId(false, null), null, -1, false);
+this.cipherSuite = CipherSuite.C_NULL;
+this.sessionId = new SessionId(false, null);
+this.host = null;
+this.port = -1;
+this.localSupportedSignAlgs = new String[0];
+this.serverNameIndication = null;
+this.requestedServerNames = Collections.<SNIServerName>emptyList();
+this.useExtendedMasterSecret = false;
+this.creationTime = System.currentTimeMillis();
 }
 /*
 * Create a new session, using a given cipher spec.  This will
 * be rejoinable if session caching is enabled; the constructor
 * is intended mostly for use by serves.
 */
-SSLSessionImpl(ProtocolVersion protocolVersion, CipherSuite cipherSuite,
+SSLSessionImpl(HandshakeContext hc, CipherSuite cipherSuite) {
-Collection<SignatureAndHashAlgorithm> algorithms,
+this(hc, cipherSuite,
-SecureRandom generator, String host, int port,
+new SessionId(defaultRejoinable, hc.sslContext.getSecureRandom()));
-boolean useExtendedMasterSecret) {
-this(protocolVersion, cipherSuite, algorithms,
-new SessionId(defaultRejoinable, generator), host, port,
-useExtendedMasterSecret);
 }
 /*
 * Record a new session, using a given cipher spec and session ID.
 */
-SSLSessionImpl(ProtocolVersion protocolVersion, CipherSuite cipherSuite,
+SSLSessionImpl(HandshakeContext hc, CipherSuite cipherSuite, SessionId id) {
-Collection<SignatureAndHashAlgorithm> algorithms,
+this(hc, cipherSuite, id, System.currentTimeMillis());
-SessionId id, String host, int port,
+}
-boolean useExtendedMasterSecret) {
-this.protocolVersion = protocolVersion;
+/*
-sessionId = id;
+* Record a new session, using a given cipher spec, session ID,
+* and creation time
+*/
+SSLSessionImpl(HandshakeContext hc, CipherSuite cipherSuite, SessionId id, long creationTime) {
+this.creationTime = creationTime;
+this.protocolVersion = hc.negotiatedProtocol;
+this.sessionId = id;
 peerCerts = null;
 compressionMethod = compression_null;
 this.cipherSuite = cipherSuite;
 masterSecret = null;
-this.host = host;
+this.host = hc.conContext.transport.getPeerHost();
-this.port = port;
+this.port = hc.conContext.transport.getPeerPort();
 sessionCount = ++counter;
-localSupportedSignAlgs =
+this.localSupportedSignAlgs =
-SignatureAndHashAlgorithm.getAlgorithmNames(algorithms);
+SignatureScheme.getAlgorithmNames(hc.localSupportedSignAlgs);
 negotiatedMaxFragLen = -1;
 statusResponses = null;
-this.useExtendedMasterSecret = useExtendedMasterSecret;
+this.requestedServerNames =
+Collections.unmodifiableList(hc.requestedServerNames);
-if (debug != null && Debug.isOn("session")) {
+this.serverNameIndication = hc.negotiatedServerName;
-System.out.println("%% Initialized:  " + this);
+if (hc.sslConfig.isClientMode) {
+this.useExtendedMasterSecret =
+(hc.handshakeExtensions.get(
+SSLExtension.CH_EXTENDED_MASTER_SECRET) != null) &&
+(hc.handshakeExtensions.get(
+SSLExtension.SH_EXTENDED_MASTER_SECRET) != null);
+} else {
+this.useExtendedMasterSecret =
+(hc.handshakeExtensions.get(
+SSLExtension.CH_EXTENDED_MASTER_SECRET) != null) &&
+(!hc.negotiatedProtocol.useTLS13PlusSpec());
+}
+if (SSLLogger.isOn && SSLLogger.isOn("session")) {
+SSLLogger.finest("Session initialized:  " + this);
 }
 }
 void setMasterSecret(SecretKey secret) {
 if (masterSecret == null) {
 } else {
 throw new RuntimeException("setMasterSecret() error");
 }
 }
+void setResumptionMasterSecret(SecretKey secret) {
+if (resumptionMasterSecret == null) {
+resumptionMasterSecret = secret;
+} else {
+throw new RuntimeException("setResumptionMasterSecret() error");
+}
+}
+void setPreSharedKey(SecretKey key) {
+if (preSharedKey == null) {
+preSharedKey = key;
+} else {
+throw new RuntimeException("setPreSharedKey() error");
+}
+}
+void setTicketAgeAdd(int ticketAgeAdd) {
+this.ticketAgeAdd = ticketAgeAdd;
+}
+void setPskIdentity(byte[] pskIdentity) {
+if (this.pskIdentity == null) {
+this.pskIdentity = pskIdentity;
+} else {
+throw new RuntimeException("setPskIdentity() error");
+}
+}
+BigInteger incrTicketNonceCounter() {
+BigInteger result = ticketNonceCounter;
+ticketNonceCounter = ticketNonceCounter.add(BigInteger.valueOf(1));
+return result;
+}
 /**
 * Returns the master secret ... treat with extreme caution!
 */
 SecretKey getMasterSecret() {
 return masterSecret;
 }
-boolean getUseExtendedMasterSecret() {
+Optional<SecretKey> getResumptionMasterSecret() {
-return useExtendedMasterSecret;
+return Optional.ofNullable(resumptionMasterSecret);
+}
+synchronized Optional<SecretKey> getPreSharedKey() {
+return Optional.ofNullable(preSharedKey);
+}
+synchronized Optional<SecretKey> consumePreSharedKey() {
+Optional<SecretKey> result = Optional.ofNullable(preSharedKey);
+preSharedKey = null;
+return result;
+}
+int getTicketAgeAdd() {
+return ticketAgeAdd;
+}
+/*
+* Get the PSK identity. Take care not to use it in multiple connections.
+*/
+synchronized Optional<byte[]> getPskIdentity() {
+return Optional.ofNullable(pskIdentity);
+}
+/* PSK identities created from new_session_ticket messages should only
+* be used once. This method will return the identity and then clear it
+* so it cannot be used again.
+*/
+synchronized Optional<byte[]> consumePskIdentity() {
+Optional<byte[]> result = Optional.ofNullable(pskIdentity);
+pskIdentity = null;
+return result;
 }
 void setPeerCertificates(X509Certificate[] peer) {
 if (peerCerts == null) {
 peerCerts = peer;
 void setLocalPrivateKey(PrivateKey privateKey) {
 localPrivateKey = privateKey;
 }
 void setPeerSupportedSignatureAlgorithms(
-Collection<SignatureAndHashAlgorithm> algorithms) {
+Collection<SignatureScheme> signatureSchemes) {
 peerSupportedSignAlgs =
-SignatureAndHashAlgorithm.getAlgorithmNames(algorithms);
+SignatureScheme.getAlgorithmNames(signatureSchemes);
-}
-void setRequestedServerNames(List<SNIServerName> requestedServerNames) {
-this.requestedServerNames = new ArrayList<>(requestedServerNames);
 }
 /**
 * Provide status response data obtained during the SSL handshake.
 *
 /**
 * Check if the authentication used when establishing this session
 * is still valid. Returns true if no authentication was used
 */
-boolean isLocalAuthenticationValid() {
+private boolean isLocalAuthenticationValid() {
 if (localPrivateKey != null) {
 try {
 // if the private key is no longer valid, getAlgorithm()
 // should throw an exception
 // (e.g. Smartcard has been removed from the reader)
 } catch (Exception e) {
 invalidate();
 return false;
 }
 }
 return true;
 }
 /**
 * Returns the ID for this session.  The ID is fixed for the
 * Resets the cipher spec in use on this session
 */
 void setSuite(CipherSuite suite) {
 cipherSuite = suite;
-if (debug != null && Debug.isOn("session")) {
+if (SSLLogger.isOn && SSLLogger.isOn("session")) {
-System.out.println("%% Negotiating:  " + this);
+SSLLogger.finest("Negotiating session:  " + this);
 }
 }
 /**
 * Return true if the session is currently re-established with a
 */
 @Override
 public int hashCode() {
 return sessionId.hashCode();
 }
 /**
 * Returns true if sessions have same ids, false otherwise.
 */
 @Override
 //
 // clone to preserve integrity of session ... caller can't
 // change record of peer identity even by accident, much
 // less do it intentionally.
 //
-if (ClientKeyExchangeService.find(cipherSuite.keyExchange.name) != null) {
-throw new SSLPeerUnverifiedException("no certificates expected"
-+ " for " + cipherSuite.keyExchange + " cipher suites");
-}
 if (peerCerts == null) {
 throw new SSLPeerUnverifiedException("peer not authenticated");
 }
 // Certs are immutable objects, therefore we don't clone them.
 // But do need to clone the array, so that nothing is inserted
 //
 // clone to preserve integrity of session ... caller can't
 // change record of peer identity even by accident, much
 // less do it intentionally.
 //
-if (ClientKeyExchangeService.find(cipherSuite.keyExchange.name) != null) {
-throw new SSLPeerUnverifiedException("no certificates expected"
-+ " for " + cipherSuite.keyExchange + " cipher suites");
-}
 if (peerCerts == null) {
 throw new SSLPeerUnverifiedException("peer not authenticated");
 }
 javax.security.cert.X509Certificate[] certs;
 certs = new javax.security.cert.X509Certificate[peerCerts.length];
 /*
 * clone to preserve integrity of session ... caller can't
 * change record of peer identity even by accident, much
 * less do it intentionally.
 */
-if (ClientKeyExchangeService.find(cipherSuite.keyExchange.name) != null) {
-throw new SSLPeerUnverifiedException("no certificates expected"
-+ " for " + cipherSuite.keyExchange + " cipher suites");
-}
 if (peerCerts != null) {
 return peerCerts.clone();
 } else {
 throw new SSLPeerUnverifiedException("peer not authenticated");
 }
 */
 @Override
 public Principal getPeerPrincipal()
 throws SSLPeerUnverifiedException
 {
-if (ClientKeyExchangeService.find(cipherSuite.keyExchange.name) != null) {
-if (peerPrincipal == null) {
-throw new SSLPeerUnverifiedException("peer not authenticated");
-} else {
-return peerPrincipal;
-}
-}
 if (peerCerts == null) {
 throw new SSLPeerUnverifiedException("peer not authenticated");
 }
 return peerCerts[0].getSubjectX500Principal();
 }
 * Principal for Kerberos cipher suites, etc. If no principal was
 * sent, then null is returned.
 */
 @Override
 public Principal getLocalPrincipal() {
+return ((localCerts == null && localCerts.length != 0) ? null :
-if (ClientKeyExchangeService.find(cipherSuite.keyExchange.name) != null) {
-return (localPrincipal == null ? null : localPrincipal);
-}
-return (localCerts == null ? null :
 localCerts[0].getSubjectX500Principal());
+}
+/*
+* Return the time the ticket for this session was created.
+*/
+public long getTicketCreationTime() {
+return ticketCreationTime;
 }
 /**
 * Returns the time this session was created.
 */
 //
 if (this == nullSession) {
 return;
 }
 invalidated = true;
-if (debug != null && Debug.isOn("session")) {
+if (SSLLogger.isOn && SSLLogger.isOn("session")) {
-System.out.println("%% Invalidated:  " + this);
+SSLLogger.finest("Invalidated session:  " + this);
 }
 if (context != null) {
 context.remove(sessionId);
 context = null;
 }
 e = new SSLSessionBindingEvent(this, key);
 ((SSLSessionBindingListener)value).valueBound(e);
 }
 }
 /**
 * Returns the specified session value.
 */
 @Override
 * Application could accept large fragments up to 2^15 bytes by
 * setting the system property jsse.SSLEngine.acceptLargeFragments
 * to "true".
 */
 private boolean acceptLargeFragments =
-Debug.getBooleanProperty("jsse.SSLEngine.acceptLargeFragments", false);
+Utilities.getBooleanProperty(
+"jsse.SSLEngine.acceptLargeFragments", false);
 /**
 * Expand the buffer size of both SSL/TLS network packet and
 * application data.
 */
 // and negotiatedMaxFragLen.
 int packetSize = 0;
 if (negotiatedMaxFragLen > 0) {
 packetSize = cipherSuite.calculatePacketSize(
 negotiatedMaxFragLen, protocolVersion,
-protocolVersion.isDTLSProtocol());
+protocolVersion.isDTLS);
 }
 if (maximumPacketSize > 0) {
 return (maximumPacketSize > packetSize) ?
 maximumPacketSize : packetSize;
 if (packetSize != 0) {
 return packetSize;
 }
-if (protocolVersion.isDTLSProtocol()) {
+if (protocolVersion.isDTLS) {
 return DTLSRecord.maxRecordSize;
 } else {
 return acceptLargeFragments ?
 SSLRecord.maxLargeRecordSize : SSLRecord.maxRecordSize;
 }
 // and negotiatedMaxFragLen.
 int fragmentSize = 0;
 if (maximumPacketSize > 0) {
 fragmentSize = cipherSuite.calculateFragSize(
 maximumPacketSize, protocolVersion,
-protocolVersion.isDTLSProtocol());
+protocolVersion.isDTLS);
 }
 if (negotiatedMaxFragLen > 0) {
 return (negotiatedMaxFragLen > fragmentSize) ?
 negotiatedMaxFragLen : fragmentSize;
 if (fragmentSize != 0) {
 return fragmentSize;
 }
-if (protocolVersion.isDTLSProtocol()) {
+if (protocolVersion.isDTLS) {
 return Record.maxDataSize;
 } else {
 int maxPacketSize = acceptLargeFragments ?
 SSLRecord.maxLargeRecordSize : SSLRecord.maxRecordSize;
 return (maxPacketSize - SSLRecord.headerSize);
 public String toString() {
 return "[Session-" + sessionCount
 + ", " + getCipherSuite()
 + "]";
 }
 }
 /**
 * This "struct" class serves as a Hash Key that combines an
 * application-specific key and a security context.
 */
 class SecureKey {
 private static Object       nullObject = new Object();
-private Object        appKey;
+private Object        	appKey;
-private Object      securityCtx;
+private Object      	securityCtx;
 static Object getCurrentSecurityContext() {
 SecurityManager sm = System.getSecurityManager();
 Object context = null;

branch	JDK-8145252-TLS13-branch
changeset 56542	56aaa6cb3693
parent 48225	718669e6b375
child 56558	4a3deb6759b1