jdk-sandbox: comparison src/java.base/share/classes/sun/security/ssl/SSLKeyExchange.java

equal deleted inserted replaced

-:356eaea05bf0
+:68fa3d4026ea
+/*
+* Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
+* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+*
+* This code is free software; you can redistribute it and/or modify it
+* under the terms of the GNU General Public License version 2 only, as
+* published by the Free Software Foundation.  Oracle designates this
+* particular file as subject to the "Classpath" exception as provided
+* by Oracle in the LICENSE file that accompanied this code.
+*
+* This code is distributed in the hope that it will be useful, but WITHOUT
+* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+* FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+* version 2 for more details (a copy is included in the LICENSE file that
+* accompanied this code).
+*
+* You should have received a copy of the GNU General Public License version
+* 2 along with this work; if not, write to the Free Software Foundation,
+* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+*
+* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+* or visit www.oracle.com if you need additional information or have any
+* questions.
+*/
+package sun.security.ssl;
+import java.io.IOException;
+import java.util.AbstractMap.SimpleImmutableEntry;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+import sun.security.ssl.DHKeyExchange.DHEPossession;
+import sun.security.ssl.ECDHKeyExchange.ECDHEPossession;
+import sun.security.ssl.SupportedGroupsExtension.NamedGroup;
+import sun.security.ssl.SupportedGroupsExtension.NamedGroupType;
+import sun.security.ssl.SupportedGroupsExtension.SupportedGroups;
+import sun.security.ssl.X509Authentication.X509Possession;
+final class SSLKeyExchange implements SSLKeyAgreementGenerator,
+SSLHandshakeBinding {
+private final SSLAuthentication authentication;
+private final SSLKeyAgreement keyAgreement;
+SSLKeyExchange(X509Authentication authentication,
+SSLKeyAgreement keyAgreement) {
+this.authentication = authentication;
+this.keyAgreement = keyAgreement;
+}
+SSLPossession[] createPossessions(HandshakeContext context) {
+// authentication
+SSLPossession authPossession = null;
+if (authentication != null) {
+authPossession = authentication.createPossession(context);
+if (authPossession == null) {
+return new SSLPossession[0];
+} else if (context instanceof ServerHandshakeContext) {
+// The authentication information may be used further for
+// key agreement parameters negotiation.
+ServerHandshakeContext shc = (ServerHandshakeContext)context;
+shc.interimAuthn = authPossession;
+}
+}
+// key agreement
+SSLPossession kaPossession;
+if (keyAgreement == T12KeyAgreement.RSA_EXPORT) {
+// a special case
+X509Possession x509Possession = (X509Possession)authPossession;
+if (JsseJce.getRSAKeyLength(
+x509Possession.popCerts[0].getPublicKey()) > 512) {
+kaPossession = keyAgreement.createPossession(context);
+if (kaPossession == null) {
+return new SSLPossession[0];
+} else {
+return authentication != null ?
+new SSLPossession[] {authPossession, kaPossession} :
+new SSLPossession[] {kaPossession};
+}
+} else {
+return authentication != null ?
+new SSLPossession[] {authPossession} :
+new SSLPossession[0];
+}
+} else {
+kaPossession = keyAgreement.createPossession(context);
+if (kaPossession == null) {
+// special cases
+if (keyAgreement == T12KeyAgreement.RSA ||
+keyAgreement == T12KeyAgreement.ECDH) {
+return authentication != null ?
+new SSLPossession[] {authPossession} :
+new SSLPossession[0];
+} else {
+return new SSLPossession[0];
+}
+} else {
+return authentication != null ?
+new SSLPossession[] {authPossession, kaPossession} :
+new SSLPossession[] {kaPossession};
+}
+}
+}
+@Override
+public SSLKeyDerivation createKeyDerivation(
+HandshakeContext handshakeContext) throws IOException {
+return keyAgreement.createKeyDerivation(handshakeContext);
+}
+@Override
+public SSLHandshake[] getRelatedHandshakers(
+HandshakeContext handshakeContext) {
+SSLHandshake[] auHandshakes;
+if (authentication != null) {
+auHandshakes =
+authentication.getRelatedHandshakers(handshakeContext);
+} else {
+auHandshakes = null;
+}
+SSLHandshake[] kaHandshakes =
+keyAgreement.getRelatedHandshakers(handshakeContext);
+if (auHandshakes == null || auHandshakes.length == 0) {
+return kaHandshakes;
+} else if (kaHandshakes == null || kaHandshakes.length == 0) {
+return auHandshakes;
+} else {
+SSLHandshake[] producers = Arrays.copyOf(
+auHandshakes, auHandshakes.length + kaHandshakes.length);
+System.arraycopy(kaHandshakes, 0,
+producers, auHandshakes.length, kaHandshakes.length);
+return producers;
+}
+}
+@Override
+public Map.Entry<Byte, HandshakeProducer>[] getHandshakeProducers(
+HandshakeContext handshakeContext) {
+Map.Entry<Byte, HandshakeProducer>[] auProducers;
+if (authentication != null) {
+auProducers =
+authentication.getHandshakeProducers(handshakeContext);
+} else {
+auProducers = null;
+}
+Map.Entry<Byte, HandshakeProducer>[] kaProducers =
+keyAgreement.getHandshakeProducers(handshakeContext);
+if (auProducers == null || auProducers.length == 0) {
+return kaProducers;
+} else if (kaProducers == null || kaProducers.length == 0) {
+return auProducers;
+} else {
+Map.Entry<Byte, HandshakeProducer>[] producers = Arrays.copyOf(
+auProducers, auProducers.length + kaProducers.length);
+System.arraycopy(kaProducers, 0,
+producers, auProducers.length, kaProducers.length);
+return producers;
+}
+}
+@Override
+public Map.Entry<Byte, SSLConsumer>[] getHandshakeConsumers(
+HandshakeContext handshakeContext) {
+Map.Entry<Byte, SSLConsumer>[] auConsumers;
+if (authentication != null) {
+auConsumers =
+authentication.getHandshakeConsumers(handshakeContext);
+} else {
+auConsumers = null;
+}
+Map.Entry<Byte, SSLConsumer>[] kaConsumers =
+keyAgreement.getHandshakeConsumers(handshakeContext);
+if (auConsumers == null || auConsumers.length == 0) {
+return kaConsumers;
+} else if (kaConsumers == null || kaConsumers.length == 0) {
+return auConsumers;
+} else {
+Map.Entry<Byte, SSLConsumer>[] producers = Arrays.copyOf(
+auConsumers, auConsumers.length + kaConsumers.length);
+System.arraycopy(kaConsumers, 0,
+producers, auConsumers.length, kaConsumers.length);
+return producers;
+}
+}
+// SSL 3.0 - (D)TLS 1.2
+static SSLKeyExchange valueOf(
+CipherSuite.KeyExchange keyExchange,
+ProtocolVersion protocolVersion) {
+if (keyExchange == null || protocolVersion == null) {
+return null;
+}
+switch (keyExchange) {
+case K_RSA:
+return SSLKeyExRSA.KE;
+case K_RSA_EXPORT:
+return SSLKeyExRSAExport.KE;
+case K_DHE_DSS:
+return SSLKeyExDHEDSS.KE;
+case K_DHE_DSS_EXPORT:
+return SSLKeyExDHEDSSExport.KE;
+case K_DHE_RSA:
+if (protocolVersion.useTLS12PlusSpec()) {   // (D)TLS 1.2
+return SSLKeyExDHERSAOrPSS.KE;
+} else {    // SSL 3.0, TLS 1.0/1.1
+return SSLKeyExDHERSA.KE;
+}
+case K_DHE_RSA_EXPORT:
+return SSLKeyExDHERSAExport.KE;
+case K_DH_ANON:
+return SSLKeyExDHANON.KE;
+case K_DH_ANON_EXPORT:
+return SSLKeyExDHANONExport.KE;
+case K_ECDH_ECDSA:
+return SSLKeyExECDHECDSA.KE;
+case K_ECDH_RSA:
+return SSLKeyExECDHRSA.KE;
+case K_ECDHE_ECDSA:
+return SSLKeyExECDHEECDSA.KE;
+case K_ECDHE_RSA:
+if (protocolVersion.useTLS12PlusSpec()) {   // (D)TLS 1.2
+return SSLKeyExECDHERSAOrPSS.KE;
+} else {    // SSL 3.0, TLS 1.0/1.1
+return SSLKeyExECDHERSA.KE;
+}
+case K_ECDH_ANON:
+return SSLKeyExECDHANON.KE;
+}
+return null;
+}
+// TLS 1.3
+static SSLKeyExchange valueOf(NamedGroup namedGroup) {
+SSLKeyAgreement ka = T13KeyAgreement.valueOf(namedGroup);
+if (ka != null) {
+return new SSLKeyExchange(
+null, T13KeyAgreement.valueOf(namedGroup));
+}
+return null;
+}
+private static class SSLKeyExRSA {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.RSA, T12KeyAgreement.RSA);
+}
+private static class SSLKeyExRSAExport {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.RSA, T12KeyAgreement.RSA_EXPORT);
+}
+private static class SSLKeyExDHEDSS {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.DSA, T12KeyAgreement.DHE);
+}
+private static class SSLKeyExDHEDSSExport {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.DSA, T12KeyAgreement.DHE_EXPORT);
+}
+private static class SSLKeyExDHERSA {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.RSA, T12KeyAgreement.DHE);
+}
+private static class SSLKeyExDHERSAOrPSS {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.RSA_OR_PSS, T12KeyAgreement.DHE);
+}
+private static class SSLKeyExDHERSAExport {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.RSA, T12KeyAgreement.DHE_EXPORT);
+}
+private static class SSLKeyExDHANON {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+null, T12KeyAgreement.DHE);
+}
+private static class SSLKeyExDHANONExport {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+null, T12KeyAgreement.DHE_EXPORT);
+}
+private static class SSLKeyExECDHECDSA {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.EC, T12KeyAgreement.ECDH);
+}
+private static class SSLKeyExECDHRSA {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.EC, T12KeyAgreement.ECDH);
+}
+private static class SSLKeyExECDHEECDSA {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.EC, T12KeyAgreement.ECDHE);
+}
+private static class SSLKeyExECDHERSA {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.RSA, T12KeyAgreement.ECDHE);
+}
+private static class SSLKeyExECDHERSAOrPSS {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+X509Authentication.RSA_OR_PSS, T12KeyAgreement.ECDHE);
+}
+private static class SSLKeyExECDHANON {
+private static SSLKeyExchange KE = new SSLKeyExchange(
+null, T12KeyAgreement.ECDHE);
+}
+private enum T12KeyAgreement implements SSLKeyAgreement {
+RSA             ("rsa",         null,
+RSAKeyExchange.kaGenerator),
+RSA_EXPORT      ("rsa_export",  RSAKeyExchange.poGenerator,
+RSAKeyExchange.kaGenerator),
+DHE             ("dhe",         DHKeyExchange.poGenerator,
+DHKeyExchange.kaGenerator),
+DHE_EXPORT      ("dhe_export",  DHKeyExchange.poExportableGenerator,
+DHKeyExchange.kaGenerator),
+ECDH            ("ecdh",        null,
+ECDHKeyExchange.ecdhKAGenerator),
+ECDHE           ("ecdhe",       ECDHKeyExchange.poGenerator,
+ECDHKeyExchange.ecdheKAGenerator);
+final String name;
+final SSLPossessionGenerator possessionGenerator;
+final SSLKeyAgreementGenerator keyAgreementGenerator;
+T12KeyAgreement(String name,
+SSLPossessionGenerator possessionGenerator,
+SSLKeyAgreementGenerator keyAgreementGenerator) {
+this.name = name;
+this.possessionGenerator = possessionGenerator;
+this.keyAgreementGenerator = keyAgreementGenerator;
+}
+@Override
+public SSLPossession createPossession(HandshakeContext context) {
+if (possessionGenerator != null) {
+return possessionGenerator.createPossession(context);
+}
+return null;
+}
+@Override
+public SSLKeyDerivation createKeyDerivation(
+HandshakeContext context) throws IOException {
+return keyAgreementGenerator.createKeyDerivation(context);
+}
+@Override
+public SSLHandshake[] getRelatedHandshakers(
+HandshakeContext handshakeContext) {
+if (!handshakeContext.negotiatedProtocol.useTLS13PlusSpec()) {
+if (this.possessionGenerator != null) {
+return new SSLHandshake[] {
+SSLHandshake.SERVER_KEY_EXCHANGE
+};
+}
+}
+return new SSLHandshake[0];
+}
+@Override
+@SuppressWarnings({"unchecked", "rawtypes"})
+public Map.Entry<Byte, HandshakeProducer>[] getHandshakeProducers(
+HandshakeContext handshakeContext) {
+if (handshakeContext.negotiatedProtocol.useTLS13PlusSpec()) {
+return (Map.Entry<Byte, HandshakeProducer>[])(new Map.Entry[0]);
+}
+if (handshakeContext.sslConfig.isClientMode) {
+switch (this) {
+case RSA:
+case RSA_EXPORT:
+return (Map.Entry<Byte,
+HandshakeProducer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+RSAClientKeyExchange.rsaHandshakeProducer
+)
+});
+case DHE:
+case DHE_EXPORT:
+return (Map.Entry<Byte,
+HandshakeProducer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<Byte, HandshakeProducer>(
+SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+DHClientKeyExchange.dhHandshakeProducer
+)
+});
+case ECDH:
+return (Map.Entry<Byte,
+HandshakeProducer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+ECDHClientKeyExchange.ecdhHandshakeProducer
+)
+});
+case ECDHE:
+return (Map.Entry<Byte,
+HandshakeProducer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+ECDHClientKeyExchange.ecdheHandshakeProducer
+)
+});
+}
+} else {
+switch (this) {
+case RSA_EXPORT:
+return (Map.Entry<Byte,
+HandshakeProducer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.SERVER_KEY_EXCHANGE.id,
+RSAServerKeyExchange.rsaHandshakeProducer
+)
+});
+case DHE:
+case DHE_EXPORT:
+return (Map.Entry<Byte,
+HandshakeProducer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.SERVER_KEY_EXCHANGE.id,
+DHServerKeyExchange.dhHandshakeProducer
+)
+});
+case ECDHE:
+return (Map.Entry<Byte,
+HandshakeProducer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.SERVER_KEY_EXCHANGE.id,
+ECDHServerKeyExchange.ecdheHandshakeProducer
+)
+});
+}
+}
+return (Map.Entry<Byte, HandshakeProducer>[])(new Map.Entry[0]);
+}
+@Override
+@SuppressWarnings({"unchecked", "rawtypes"})
+public Map.Entry<Byte, SSLConsumer>[] getHandshakeConsumers(
+HandshakeContext handshakeContext) {
+if (handshakeContext.negotiatedProtocol.useTLS13PlusSpec()) {
+return (Map.Entry<Byte, SSLConsumer>[])(new Map.Entry[0]);
+}
+if (handshakeContext.sslConfig.isClientMode) {
+switch (this) {
+case RSA_EXPORT:
+return (Map.Entry<Byte,
+SSLConsumer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.SERVER_KEY_EXCHANGE.id,
+RSAServerKeyExchange.rsaHandshakeConsumer
+)
+});
+case DHE:
+case DHE_EXPORT:
+return (Map.Entry<Byte,
+SSLConsumer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.SERVER_KEY_EXCHANGE.id,
+DHServerKeyExchange.dhHandshakeConsumer
+)
+});
+case ECDHE:
+return (Map.Entry<Byte,
+SSLConsumer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.SERVER_KEY_EXCHANGE.id,
+ECDHServerKeyExchange.ecdheHandshakeConsumer
+)
+});
+}
+} else {
+switch (this) {
+case RSA:
+case RSA_EXPORT:
+return (Map.Entry<Byte,
+SSLConsumer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+RSAClientKeyExchange.rsaHandshakeConsumer
+)
+});
+case DHE:
+case DHE_EXPORT:
+return (Map.Entry<Byte,
+SSLConsumer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+DHClientKeyExchange.dhHandshakeConsumer
+)
+});
+case ECDH:
+return (Map.Entry<Byte,
+SSLConsumer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+ECDHClientKeyExchange.ecdhHandshakeConsumer
+)
+});
+case ECDHE:
+return (Map.Entry<Byte,
+SSLConsumer>[])(new Map.Entry[] {
+new SimpleImmutableEntry<>(
+SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+ECDHClientKeyExchange.ecdheHandshakeConsumer
+)
+});
+}
+}
+return (Map.Entry<Byte, SSLConsumer>[])(new Map.Entry[0]);
+}
+}
+private static final class T13KeyAgreement implements SSLKeyAgreement {
+private final NamedGroup namedGroup;
+static final Map<NamedGroup, T13KeyAgreement>
+supportedKeyShares = new HashMap<>();
+static {
+for (NamedGroup namedGroup :
+SupportedGroups.supportedNamedGroups) {
+supportedKeyShares.put(
+namedGroup, new T13KeyAgreement(namedGroup));
+}
+}
+private T13KeyAgreement(NamedGroup namedGroup) {
+this.namedGroup = namedGroup;
+}
+static T13KeyAgreement valueOf(NamedGroup namedGroup) {
+return supportedKeyShares.get(namedGroup);
+}
+@Override
+public SSLPossession createPossession(HandshakeContext hc) {
+if (namedGroup.type == NamedGroupType.NAMED_GROUP_ECDHE) {
+return new ECDHEPossession(
+namedGroup, hc.sslContext.getSecureRandom());
+} else if (namedGroup.type == NamedGroupType.NAMED_GROUP_FFDHE) {
+return new DHEPossession(
+namedGroup, hc.sslContext.getSecureRandom());
+}
+return null;
+}
+@Override
+public SSLKeyDerivation createKeyDerivation(
+HandshakeContext hc) throws IOException {
+if (namedGroup.type == NamedGroupType.NAMED_GROUP_ECDHE) {
+return ECDHKeyExchange.ecdheKAGenerator.createKeyDerivation(hc);
+} else if (namedGroup.type == NamedGroupType.NAMED_GROUP_FFDHE) {
+return DHKeyExchange.kaGenerator.createKeyDerivation(hc);
+}
+return null;
+}
+}
+}

changeset 50768	68fa3d4026ea
parent 47216	71c04702a3d5
child 55353	946f7f2d321c
child 56858	829e9b5ace08