equal
deleted
inserted
replaced
1 /* |
1 /* |
2 * Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
30 * |
30 * |
31 * @author David Brownell |
31 * @author David Brownell |
32 */ |
32 */ |
33 interface SSLRecord extends Record { |
33 interface SSLRecord extends Record { |
34 |
34 |
35 static final int headerSize = 5; // SSLv3 record header |
35 static final int headerSize = 5; // SSLv3 record header |
|
36 static final int handshakeHeaderSize = 4; // SSLv3 handshake header |
36 |
37 |
37 /* |
38 /* |
38 * The size of the header plus the max IV length |
39 * The size of the header plus the max IV length |
39 */ |
40 */ |
40 static final int headerPlusMaxIVSize = |
41 static final int headerPlusMaxIVSize = |
65 + maxDataSize // data |
66 + maxDataSize // data |
66 + maxPadding // padding |
67 + maxPadding // padding |
67 + maxMacSize; // MAC or AEAD tag |
68 + maxMacSize; // MAC or AEAD tag |
68 |
69 |
69 /* |
70 /* |
70 * For CBC protection in SSL3/TLS1, we break some plaintext into two |
|
71 * packets. Max application data size for the second packet. |
|
72 */ |
|
73 static final int maxDataSizeMinusOneByteRecord = |
|
74 maxDataSize // max data size |
|
75 - ( // max one byte record size |
|
76 headerPlusMaxIVSize // header + iv |
|
77 + 1 // one byte data |
|
78 + maxPadding // padding |
|
79 + maxMacSize // MAC |
|
80 ); |
|
81 |
|
82 /* |
|
83 * The maximum large record size. |
71 * The maximum large record size. |
84 * |
72 * |
85 * Some SSL/TLS implementations support large fragment upto 2^15 bytes, |
73 * Some SSL/TLS implementations support large fragment upto 2^15 bytes, |
86 * such as Microsoft. We support large incoming fragments. |
74 * such as Microsoft. We support large incoming fragments. |
87 * |
75 * |
90 */ |
78 */ |
91 static final int maxLargeRecordSize = |
79 static final int maxLargeRecordSize = |
92 maxRecordSize // Max size with a conforming implementation |
80 maxRecordSize // Max size with a conforming implementation |
93 + maxDataSize; // extra 2^14 bytes for large data packets. |
81 + maxDataSize; // extra 2^14 bytes for large data packets. |
94 |
82 |
95 |
|
96 /* |
|
97 * Maximum record size for alert and change cipher spec records. |
|
98 * They only contain 2 and 1 bytes of data, respectively. |
|
99 * Allocate a smaller array. |
|
100 */ |
|
101 static final int maxAlertRecordSize = |
|
102 headerPlusMaxIVSize // header + iv |
|
103 + 2 // alert |
|
104 + maxPadding // padding |
|
105 + maxMacSize; // MAC |
|
106 |
|
107 /* |
83 /* |
108 * We may need to send this SSL v2 "No Cipher" message back, if we |
84 * We may need to send this SSL v2 "No Cipher" message back, if we |
109 * are faced with an SSLv2 "hello" that's not saying "I talk v3". |
85 * are faced with an SSLv2 "hello" that's not saying "I talk v3". |
110 * It's the only one documented in the V2 spec as a fatal error. |
86 * It's the only one documented in the V2 spec as a fatal error. |
111 */ |
87 */ |