jdk-sandbox: comparison src/java.base/share/classes/sun/security/ssl/NamedGroup.java

equal deleted inserted replaced

-:bfcdcd00e4fb
+:a93b7b28f644
 import javax.crypto.spec.DHParameterSpec;
 import javax.net.ssl.SSLException;
 import java.io.IOException;
 import java.security.*;
 import java.security.spec.*;
+import java.util.Collections;
 import java.util.EnumSet;
 import java.util.List;
-import java.util.Map;
+import java.util.Set;
-import java.util.Optional;
+import javax.crypto.KeyAgreement;
-import java.util.concurrent.ConcurrentHashMap;
-import javax.crypto.*;
 import sun.security.ssl.DHKeyExchange.DHEPossession;
 import sun.security.ssl.ECDHKeyExchange.ECDHEPossession;
+import sun.security.util.CurveDB;
-import sun.security.util.ECUtil;
 /**
 * An enum containing all known named groups for use in TLS.
 *
 * The enum also contains the required properties of each group and the
 // Elliptic Curves (RFC 4492)
 //
 // See sun.security.util.CurveDB for the OIDs
 // NIST K-163
-SECT163_K1(0x0001, "sect163k1", "1.3.132.0.1",
+SECT163_K1(0x0001, "sect163k1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
-SECT163_R1(0x0002, "sect163r1", "1.3.132.0.2",
+CurveDB.lookup("sect163k1")),
-NamedGroupType.NAMED_GROUP_ECDHE,
+SECT163_R1(0x0002, "sect163r1",
-ProtocolVersion.PROTOCOLS_TO_12),
+NamedGroupSpec.NAMED_GROUP_ECDHE,
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("sect163r1")),
 // NIST B-163
-SECT163_R2(0x0003, "sect163r2", "1.3.132.0.15",
+SECT163_R2(0x0003, "sect163r2",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
-SECT193_R1(0x0004, "sect193r1", "1.3.132.0.24",
+CurveDB.lookup("sect163r2")),
-NamedGroupType.NAMED_GROUP_ECDHE,
+SECT193_R1(0x0004, "sect193r1",
-ProtocolVersion.PROTOCOLS_TO_12),
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-SECT193_R2(0x0005, "sect193r2", "1.3.132.0.25",
+ProtocolVersion.PROTOCOLS_TO_12,
-NamedGroupType.NAMED_GROUP_ECDHE,
+CurveDB.lookup("sect193r1")),
-ProtocolVersion.PROTOCOLS_TO_12),
+SECT193_R2(0x0005, "sect193r2",
+NamedGroupSpec.NAMED_GROUP_ECDHE,
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("sect193r2")),
 // NIST K-233
-SECT233_K1(0x0006, "sect233k1", "1.3.132.0.26",
+SECT233_K1(0x0006, "sect233k1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("sect233k1")),
 // NIST B-233
-SECT233_R1(0x0007, "sect233r1", "1.3.132.0.27",
+SECT233_R1(0x0007, "sect233r1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
-SECT239_K1(0x0008, "sect239k1", "1.3.132.0.3",
+CurveDB.lookup("sect233r1")),
-NamedGroupType.NAMED_GROUP_ECDHE,
+SECT239_K1(0x0008, "sect239k1",
-ProtocolVersion.PROTOCOLS_TO_12),
+NamedGroupSpec.NAMED_GROUP_ECDHE,
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("sect239k1")),
 // NIST K-283
-SECT283_K1(0x0009, "sect283k1", "1.3.132.0.16",
+SECT283_K1(0x0009, "sect283k1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("sect283k1")),
 // NIST B-283
-SECT283_R1(0x000A, "sect283r1", "1.3.132.0.17",
+SECT283_R1(0x000A, "sect283r1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("sect283r1")),
 // NIST K-409
-SECT409_K1(0x000B, "sect409k1", "1.3.132.0.36",
+SECT409_K1(0x000B, "sect409k1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("sect409k1")),
 // NIST B-409
-SECT409_R1(0x000C, "sect409r1", "1.3.132.0.37",
+SECT409_R1(0x000C, "sect409r1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("sect409r1")),
 // NIST K-571
-SECT571_K1(0x000D, "sect571k1", "1.3.132.0.38",
+SECT571_K1(0x000D, "sect571k1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("sect571k1")),
 // NIST B-571
-SECT571_R1(0x000E, "sect571r1", "1.3.132.0.39",
+SECT571_R1(0x000E, "sect571r1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
-SECP160_K1(0x000F, "secp160k1", "1.3.132.0.9",
+CurveDB.lookup("sect571r1")),
-NamedGroupType.NAMED_GROUP_ECDHE,
+SECP160_K1(0x000F, "secp160k1",
-ProtocolVersion.PROTOCOLS_TO_12),
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-SECP160_R1(0x0010, "secp160r1", "1.3.132.0.8",
+ProtocolVersion.PROTOCOLS_TO_12,
-NamedGroupType.NAMED_GROUP_ECDHE,
+CurveDB.lookup("secp160k1")),
-ProtocolVersion.PROTOCOLS_TO_12),
+SECP160_R1(0x0010, "secp160r1",
-SECP160_R2(0x0011, "secp160r2", "1.3.132.0.30",
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-NamedGroupType.NAMED_GROUP_ECDHE,
+ProtocolVersion.PROTOCOLS_TO_12,
-ProtocolVersion.PROTOCOLS_TO_12),
+CurveDB.lookup("secp160r1")),
-SECP192_K1(0x0012, "secp192k1", "1.3.132.0.31",
+SECP160_R2(0x0011, "secp160r2",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("secp160r2")),
+SECP192_K1(0x0012, "secp192k1",
+NamedGroupSpec.NAMED_GROUP_ECDHE,
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("secp192k1")),
 // NIST P-192
-SECP192_R1(0x0013, "secp192r1", "1.2.840.10045.3.1.1",
+SECP192_R1(0x0013, "secp192r1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
-SECP224_K1(0x0014, "secp224k1", "1.3.132.0.32",
+CurveDB.lookup("secp192r1")),
-NamedGroupType.NAMED_GROUP_ECDHE,
+SECP224_K1(0x0014, "secp224k1",
-ProtocolVersion.PROTOCOLS_TO_12),
+NamedGroupSpec.NAMED_GROUP_ECDHE,
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("secp224k1")),
 // NIST P-224
-SECP224_R1(0x0015, "secp224r1", "1.3.132.0.33",
+SECP224_R1(0x0015, "secp224r1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
-SECP256_K1(0x0016, "secp256k1", "1.3.132.0.10",
+CurveDB.lookup("secp224r1")),
-NamedGroupType.NAMED_GROUP_ECDHE,
+SECP256_K1(0x0016, "secp256k1",
-ProtocolVersion.PROTOCOLS_TO_12),
+NamedGroupSpec.NAMED_GROUP_ECDHE,
+ProtocolVersion.PROTOCOLS_TO_12,
+CurveDB.lookup("secp256k1")),
 // NIST P-256
-SECP256_R1(0x0017, "secp256r1", "1.2.840.10045.3.1.7",
+SECP256_R1(0x0017, "secp256r1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_13),
+ProtocolVersion.PROTOCOLS_TO_13,
+CurveDB.lookup("secp256r1")),
 // NIST P-384
-SECP384_R1(0x0018, "secp384r1", "1.3.132.0.34",
+SECP384_R1(0x0018, "secp384r1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_13),
+ProtocolVersion.PROTOCOLS_TO_13,
+CurveDB.lookup("secp384r1")),
 // NIST P-521
-SECP521_R1(0x0019, "secp521r1", "1.3.132.0.35",
+SECP521_R1(0x0019, "secp521r1",
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-ProtocolVersion.PROTOCOLS_TO_13),
+ProtocolVersion.PROTOCOLS_TO_13,
+CurveDB.lookup("secp521r1")),
 // x25519 and x448 (RFC 8422/8446)
-X25519(0x001D, "x25519", "1.3.101.110",
+X25519(0x001D, "x25519",
-NamedGroupType.NAMED_GROUP_XDH,
+NamedGroupSpec.NAMED_GROUP_XDH,
-ProtocolVersion.PROTOCOLS_TO_13),
+ProtocolVersion.PROTOCOLS_TO_13,
-X448(0x001E, "x448", "1.3.101.111",
+NamedParameterSpec.X25519),
-NamedGroupType.NAMED_GROUP_XDH,
+X448(0x001E, "x448",
-ProtocolVersion.PROTOCOLS_TO_13),
+NamedGroupSpec.NAMED_GROUP_XDH,
+ProtocolVersion.PROTOCOLS_TO_13,
+NamedParameterSpec.X448),
 // Finite Field Diffie-Hellman Ephemeral Parameters (RFC 7919)
-FFDHE_2048(0x0100, "ffdhe2048", null,
+FFDHE_2048(0x0100, "ffdhe2048",
-NamedGroupType.NAMED_GROUP_FFDHE,
+NamedGroupSpec.NAMED_GROUP_FFDHE,
-ProtocolVersion.PROTOCOLS_TO_13),
+ProtocolVersion.PROTOCOLS_TO_13,
-FFDHE_3072(0x0101, "ffdhe3072", null,
+PredefinedDHParameterSpecs.ffdheParams.get(2048)),
-NamedGroupType.NAMED_GROUP_FFDHE,
-ProtocolVersion.PROTOCOLS_TO_13),
+FFDHE_3072(0x0101, "ffdhe3072",
-FFDHE_4096(0x0102, "ffdhe4096", null,
+NamedGroupSpec.NAMED_GROUP_FFDHE,
-NamedGroupType.NAMED_GROUP_FFDHE,
+ProtocolVersion.PROTOCOLS_TO_13,
-ProtocolVersion.PROTOCOLS_TO_13),
+PredefinedDHParameterSpecs.ffdheParams.get(3072)),
-FFDHE_6144(0x0103, "ffdhe6144", null,
+FFDHE_4096(0x0102, "ffdhe4096",
-NamedGroupType.NAMED_GROUP_FFDHE,
+NamedGroupSpec.NAMED_GROUP_FFDHE,
-ProtocolVersion.PROTOCOLS_TO_13),
+ProtocolVersion.PROTOCOLS_TO_13,
-FFDHE_8192(0x0104, "ffdhe8192", null,
+PredefinedDHParameterSpecs.ffdheParams.get(4096)),
-NamedGroupType.NAMED_GROUP_FFDHE,
+FFDHE_6144(0x0103, "ffdhe6144",
-ProtocolVersion.PROTOCOLS_TO_13),
+NamedGroupSpec.NAMED_GROUP_FFDHE,
+ProtocolVersion.PROTOCOLS_TO_13,
+PredefinedDHParameterSpecs.ffdheParams.get(6144)),
+FFDHE_8192(0x0104, "ffdhe8192",
+NamedGroupSpec.NAMED_GROUP_FFDHE,
+ProtocolVersion.PROTOCOLS_TO_13,
+PredefinedDHParameterSpecs.ffdheParams.get(8192)),
 // Elliptic Curves (RFC 4492)
 //
 // arbitrary prime and characteristic-2 curves
-ARBITRARY_PRIME(0xFF01, "arbitrary_explicit_prime_curves", null,
+ARBITRARY_PRIME(0xFF01, "arbitrary_explicit_prime_curves",
-NamedGroupType.NAMED_GROUP_ARBITRARY,
+NamedGroupSpec.NAMED_GROUP_ARBITRARY,
-ProtocolVersion.PROTOCOLS_TO_12),
+ProtocolVersion.PROTOCOLS_TO_12,
-ARBITRARY_CHAR2(0xFF02, "arbitrary_explicit_char2_curves", null,
+null),
-NamedGroupType.NAMED_GROUP_ARBITRARY,
+ARBITRARY_CHAR2(0xFF02, "arbitrary_explicit_char2_curves",
-ProtocolVersion.PROTOCOLS_TO_12);
+NamedGroupSpec.NAMED_GROUP_ARBITRARY,
+ProtocolVersion.PROTOCOLS_TO_12,
+null);
 final int id;               // hash + signature
-final NamedGroupType type;  // group type
 final String name;          // literal name
-final String oid;           // object identifier of the named group
+final NamedGroupSpec spec;  // group type
-final String algorithm;     // signature algorithm
 final ProtocolVersion[] supportedProtocols;
-private final NamedGroupFunctions functions;    // may be null
+final String algorithm;     // key exchange algorithm
+final AlgorithmParameterSpec keAlgParamSpec;
+final AlgorithmParameters keAlgParams;
+final boolean isAvailable;
+// performance optimization
+private static final Set<CryptoPrimitive> KEY_AGREEMENT_PRIMITIVE_SET =
+Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.KEY_AGREEMENT));
 // Constructor used for all NamedGroup types
-private NamedGroup(int id, String name, String oid,
+private NamedGroup(int id, String name,
-NamedGroupType namedGroupType,
+NamedGroupSpec namedGroupSpec,
-ProtocolVersion[] supportedProtocols) {
+ProtocolVersion[] supportedProtocols,
+AlgorithmParameterSpec keAlgParamSpec) {
 this.id = id;
 this.name = name;
-this.oid = oid;
+this.spec = namedGroupSpec;
-this.type = namedGroupType;
+this.algorithm = namedGroupSpec.algorithm;
 this.supportedProtocols = supportedProtocols;
+this.keAlgParamSpec = keAlgParamSpec;
-if (this.type == NamedGroupType.NAMED_GROUP_ECDHE) {
-this.functions = ECDHFunctions.getInstance();
+AlgorithmParameters algParams = null;
-this.algorithm = "EC";
+boolean mediator = (keAlgParamSpec != null);
-} else if (this.type == NamedGroupType.NAMED_GROUP_FFDHE) {
+if (mediator) {
-this.functions = FFDHFunctions.getInstance();
+try {
-this.algorithm = "DiffieHellman";
+algParams =
-} else if (this.type == NamedGroupType.NAMED_GROUP_XDH) {
+AlgorithmParameters.getInstance(namedGroupSpec.algorithm);
-this.functions = XDHFunctions.getInstance();
+algParams.init(keAlgParamSpec);
-this.algorithm = "XDH";
+} catch (InvalidParameterSpecException
-} else if (this.type == NamedGroupType.NAMED_GROUP_ARBITRARY) {
+| NoSuchAlgorithmException exp) {
-this.functions = null;
+if (namedGroupSpec != NamedGroupSpec.NAMED_GROUP_XDH) {
-this.algorithm = "EC";
+mediator = false;
-} else {
+if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
-throw new RuntimeException("Unexpected Named Group Type");
+SSLLogger.warning(
-}
+"No AlgorithmParameters for " + name, exp);
 }
+} else {
-private Optional<NamedGroupFunctions> getFunctions() {
+// HACK CODE
-return Optional.ofNullable(functions);
+//
-}
+// Please remove the following code if the XDH/X25519/X448
+// AlgorithmParameters algorithms are supported in JDK.
+algParams = null;
+try {
+KeyAgreement.getInstance(name);
+// The following service is also needed.  But for
+// performance, check the KeyAgreement impl only.
+//
+// KeyFactory.getInstance(name);
+// KeyPairGenerator.getInstance(name);
+// AlgorithmParameters.getInstance(name);
+} catch (NoSuchAlgorithmException nsae) {
+mediator = false;
+if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+SSLLogger.warning(
+"No AlgorithmParameters for " + name, nsae);
+}
+}
+}
+}
+}
+this.isAvailable = mediator;
+this.keAlgParams = mediator ? algParams : null;
+}
+//
 // The next set of methods search & retrieve NamedGroups.
+//
 static NamedGroup valueOf(int id) {
 for (NamedGroup group : NamedGroup.values()) {
 if (group.id == id) {
 return group;
 }
 return null;
 }
 static NamedGroup valueOf(ECParameterSpec params) {
-String oid = ECUtil.getCurveName(null, params);
+for (NamedGroup ng : NamedGroup.values()) {
-if ((oid != null) && (!oid.isEmpty())) {
+if (ng.spec == NamedGroupSpec.NAMED_GROUP_ECDHE) {
-for (NamedGroup group : NamedGroup.values()) {
+if ((params == ng.keAlgParamSpec) ||
-if ((group.type == NamedGroupType.NAMED_GROUP_ECDHE)
+(ng.keAlgParamSpec == CurveDB.lookup(params))) {
-&& oid.equals(group.oid)) {
+return ng;
-return group;
 }
 }
 }
 return null;
 }
 static NamedGroup valueOf(DHParameterSpec params) {
 for (NamedGroup ng : NamedGroup.values()) {
-if (ng.type != NamedGroupType.NAMED_GROUP_FFDHE) {
+if (ng.spec != NamedGroupSpec.NAMED_GROUP_FFDHE) {
 continue;
 }
-DHParameterSpec ngParams = null;
+DHParameterSpec ngParams = (DHParameterSpec)ng.keAlgParamSpec;
-// functions is non-null for FFDHE type
-AlgorithmParameters aps = ng.functions.getParameters(ng);
-try {
-ngParams = aps.getParameterSpec(DHParameterSpec.class);
-} catch (InvalidParameterSpecException ipse) {
-// should be unlikely
-}
-if (ngParams == null) {
-continue;
-}
 if (ngParams.getP().equals(params.getP())
 && ngParams.getG().equals(params.getG())) {
 return ng;
 }
 }
 }
 return "UNDEFINED-NAMED-GROUP(" + id + ")";
 }
-// Are the NamedGroups available for the protocol desired?
+// Is the NamedGroup available for the protocols desired?
 boolean isAvailable(List<ProtocolVersion> protocolVersions) {
-for (ProtocolVersion pv : supportedProtocols) {
+if (this.isAvailable) {
-if (protocolVersions.contains(pv)) {
+for (ProtocolVersion pv : supportedProtocols) {
-return true;
+if (protocolVersions.contains(pv)) {
-}
+return true;
 }
+}
+}
 return false;
 }
 boolean isAvailable(ProtocolVersion protocolVersion) {
-for (ProtocolVersion pv : supportedProtocols) {
+if (this.isAvailable) {
-if (protocolVersion == pv) {
+for (ProtocolVersion pv : supportedProtocols) {
-return true;
+if (protocolVersion == pv) {
-}
+return true;
 }
+}
+}
 return false;
 }
 // Are the NamedGroups available for the ciphersuites desired?
 boolean isSupported(List<CipherSuite> cipherSuites) {
 for (CipherSuite cs : cipherSuites) {
 boolean isMatch = isAvailable(cs.supportedProtocols);
 if (isMatch && ((cs.keyExchange == null)
-|| (NamedGroupType.arrayContains(
+|| (NamedGroupSpec.arrayContains(
-cs.keyExchange.groupTypes, type)))) {
+cs.keyExchange.groupTypes, spec)))) {
 return true;
 }
 }
 return false;
 }
-// lazy loading of parameters
+boolean isPermitted(AlgorithmConstraints constraints) {
-AlgorithmParameters getParameters() {
+return constraints.permits(KEY_AGREEMENT_PRIMITIVE_SET,
-Optional<NamedGroupFunctions> ngf = getFunctions();
+this.name, null) &&
-if (ngf.isEmpty()) {
+constraints.permits(KEY_AGREEMENT_PRIMITIVE_SET,
-return null;
+this.algorithm, this.keAlgParams);
-}
-return ngf.get().getParameters(this);
-}
-// The next set of methods use the NamedGroupFunctions table
-// to do various operations in a consistent way.
-AlgorithmParameterSpec getParameterSpec() {
-Optional<NamedGroupFunctions> ngf = getFunctions();
-if (ngf.isEmpty()) {
-return null;
-}
-return ngf.get().getParameterSpec(this);
 }
 byte[] encodePossessionPublicKey(
 NamedGroupPossession namedGroupPossession) {
+return spec.encodePossessionPublicKey(namedGroupPossession);
-Optional<NamedGroupFunctions> ngf = getFunctions();
-if (ngf.isEmpty()) {
-return null;
-}
-return ngf.get().encodePossessionPublicKey(namedGroupPossession);
 }
 SSLCredentials decodeCredentials(byte[] encoded,
 AlgorithmConstraints constraints,
 ExceptionSupplier onConstraintFail)
 throws IOException, GeneralSecurityException {
+return spec.decodeCredentials(
-Optional<NamedGroupFunctions> ngf = getFunctions();
+this, encoded, constraints, onConstraintFail);
-if (ngf.isEmpty()) {
-return null;
-}
-return ngf.get().decodeCredentials(this, encoded, constraints,
-onConstraintFail);
 }
 SSLPossession createPossession(SecureRandom random) {
+return spec.createPossession(this, random);
-Optional<NamedGroupFunctions> ngf = getFunctions();
+}
-if (ngf.isEmpty()) {
-return null;
+SSLKeyDerivation createKeyDerivation(
-}
+HandshakeContext hc) throws IOException {
-return ngf.get().createPossession(this, random);
+return spec.createKeyDerivation(hc);
 }
-SSLKeyDerivation createKeyDerivation(HandshakeContext hc)
+interface ExceptionSupplier {
-throws IOException {
+void apply(String s) throws SSLException;
+}
-Optional<NamedGroupFunctions> ngf = getFunctions();
-if (ngf.isEmpty()) {
+// A list of operations related to named groups.
-return null;
+private interface NamedGroupScheme {
-}
+default void checkConstraints(PublicKey publicKey,
-return ngf.get().createKeyDerivation(hc);
+AlgorithmConstraints constraints,
+ExceptionSupplier onConstraintFail) throws SSLException {
-}
+if (!constraints.permits(
+EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), publicKey)) {
-boolean isAvailableGroup() {
+onConstraintFail.apply("key share entry does not "
-Optional<NamedGroupFunctions> ngfOpt = getFunctions();
++ "comply with algorithm constraints");
-if (ngfOpt.isEmpty()) {
+}
-return false;
+}
-}
-NamedGroupFunctions ngf = ngfOpt.get();
+byte[] encodePossessionPublicKey(
-return ngf.isAvailable(this);
+NamedGroupPossession namedGroupPossession);
-}
+SSLCredentials decodeCredentials(
-enum NamedGroupType {
+NamedGroup ng, byte[] encoded,
-NAMED_GROUP_ECDHE,      // Elliptic Curve Groups (ECDHE)
+AlgorithmConstraints constraints,
-NAMED_GROUP_FFDHE,      // Finite Field Groups (DHE)
+ExceptionSupplier onConstraintFail
-NAMED_GROUP_XDH,        // Finite Field Groups (XDH)
+) throws IOException, GeneralSecurityException;
-NAMED_GROUP_ARBITRARY,  // arbitrary prime and curves (ECDHE)
-NAMED_GROUP_NONE;       // Not predefined named group
+SSLPossession createPossession(NamedGroup ng, SecureRandom random);
+SSLKeyDerivation createKeyDerivation(
+HandshakeContext hc) throws IOException;
+}
+enum NamedGroupSpec implements NamedGroupScheme {
+// Elliptic Curve Groups (ECDHE)
+NAMED_GROUP_ECDHE("EC", ECDHEScheme.instance),
+// Finite Field Groups (DHE)
+NAMED_GROUP_FFDHE("DiffieHellman", FFDHEScheme.instance),
+// Finite Field Groups (XDH)
+NAMED_GROUP_XDH("XDH", XDHScheme.instance),
+// arbitrary prime and curves (ECDHE)
+NAMED_GROUP_ARBITRARY("EC", null),
+// Not predefined named group
+NAMED_GROUP_NONE("", null);
+private final String algorithm;     // key exchange name
+private final NamedGroupScheme scheme;  // named group operations
+private NamedGroupSpec(String algorithm, NamedGroupScheme scheme) {
+this.algorithm = algorithm;
+this.scheme = scheme;
+}
 boolean isSupported(List<CipherSuite> cipherSuites) {
 for (CipherSuite cs : cipherSuites) {
 if (cs.keyExchange == null ||
 arrayContains(cs.keyExchange.groupTypes, this)) {
 }
 return false;
 }
-static boolean arrayContains(NamedGroupType[] namedGroupTypes,
+static boolean arrayContains(NamedGroupSpec[] namedGroupTypes,
-NamedGroupType namedGroupType) {
+NamedGroupSpec namedGroupType) {
-for (NamedGroupType ng : namedGroupTypes) {
+for (NamedGroupSpec ng : namedGroupTypes) {
 if (ng == namedGroupType) {
 return true;
 }
 }
 return false;
 }
-}
+@Override
-interface ExceptionSupplier {
+public byte[] encodePossessionPublicKey(
-void apply(String s) throws SSLException;
+NamedGroupPossession namedGroupPossession) {
-}
+if (scheme != null) {
+return scheme.encodePossessionPublicKey(namedGroupPossession);
-/*
+}
-* A list of functions to do NamedGroup operations in a
-* algorithm-independent and consistent way.
+return null;
-*/
+}
-private static abstract class NamedGroupFunctions {
+@Override
-// cache to speed up the parameters construction
+public SSLCredentials decodeCredentials(NamedGroup ng, byte[] encoded,
-protected static final Map<NamedGroup, AlgorithmParameters>
+AlgorithmConstraints constraints,
-namedGroupParams = new ConcurrentHashMap<>();
+ExceptionSupplier onConstraintFail
+) throws IOException, GeneralSecurityException {
-protected void checkConstraints(PublicKey publicKey,
+if (scheme != null) {
-AlgorithmConstraints constraints,
+return scheme.decodeCredentials(
-ExceptionSupplier onConstraintFail)
+ng, encoded, constraints, onConstraintFail);
-throws SSLException {
+}
-if (!constraints.permits(
+return null;
-EnumSet.of(CryptoPrimitive.KEY_AGREEMENT),
+}
-publicKey)) {
+@Override
-onConstraintFail.apply("key share entry does not "
+public SSLPossession createPossession(
-+ "comply with algorithm constraints");
+NamedGroup ng, SecureRandom random) {
-}
+if (scheme != null) {
-}
+return scheme.createPossession(ng, random);
+}
-public AlgorithmParameters getParameters(NamedGroup ng) {
+return null;
-AlgorithmParameters result = namedGroupParams.get(ng);
+}
-if (result == null) {
-Optional<AlgorithmParameters> paramsOpt = getParametersImpl(ng);
+@Override
-if (paramsOpt.isPresent()) {
+public SSLKeyDerivation createKeyDerivation(
-result = paramsOpt.get();
+HandshakeContext hc) throws IOException {
-namedGroupParams.put(ng, result);
+if (scheme != null) {
-}
+return scheme.createKeyDerivation(hc);
 }
-return result;
+return null;
 }
+}
-public abstract byte[] encodePossessionPublicKey(
-NamedGroupPossession namedGroupPossession);
+private static class FFDHEScheme implements NamedGroupScheme {
+private static final FFDHEScheme instance = new FFDHEScheme();
-public abstract SSLCredentials decodeCredentials(
-NamedGroup ng, byte[] encoded,
-AlgorithmConstraints constraints,
-ExceptionSupplier onConstraintFail)
-throws IOException, GeneralSecurityException;
-public abstract SSLPossession createPossession(NamedGroup ng,
-SecureRandom random);
-public abstract SSLKeyDerivation createKeyDerivation(
-HandshakeContext hc) throws IOException;
-protected abstract Optional<AlgorithmParameters> getParametersImpl(
-NamedGroup ng);
-public abstract AlgorithmParameterSpec getParameterSpec(NamedGroup ng);
-public abstract boolean isAvailable(NamedGroup ng);
-}
-private static class FFDHFunctions extends NamedGroupFunctions {
-// lazy initialization
-private static class FunctionsHolder {
-private static final FFDHFunctions instance = new FFDHFunctions();
-}
-private static FFDHFunctions getInstance() {
-return FunctionsHolder.instance;
-}
 @Override
 public byte[] encodePossessionPublicKey(
 NamedGroupPossession namedGroupPossession) {
 return ((DHEPossession)namedGroupPossession).encode();
 }
 @Override
 public SSLCredentials decodeCredentials(NamedGroup ng, byte[] encoded,
 AlgorithmConstraints constraints,
-ExceptionSupplier onConstraintFail)
+ExceptionSupplier onConstraintFail
-throws IOException, GeneralSecurityException {
+) throws IOException, GeneralSecurityException {
 DHKeyExchange.DHECredentials result
 = DHKeyExchange.DHECredentials.valueOf(ng, encoded);
 checkConstraints(result.getPublicKey(), constraints,
 NamedGroup ng, SecureRandom random) {
 return new DHKeyExchange.DHEPossession(ng, random);
 }
 @Override
-public SSLKeyDerivation createKeyDerivation(HandshakeContext hc)
+public SSLKeyDerivation createKeyDerivation(
-throws IOException {
+HandshakeContext hc) throws IOException {
 return DHKeyExchange.kaGenerator.createKeyDerivation(hc);
 }
+}
-@Override
-public AlgorithmParameterSpec getParameterSpec(NamedGroup ng) {
+private static class ECDHEScheme implements NamedGroupScheme {
-return getDHParameterSpec(ng);
+private static final ECDHEScheme instance = new ECDHEScheme();
-}
-DHParameterSpec getDHParameterSpec(NamedGroup ng) {
-AlgorithmParameters params = getParameters(ng);
-try {
-return params.getParameterSpec(DHParameterSpec.class);
-} catch (InvalidParameterSpecException ipse) {
-// should be unlikely
-return getPredefinedDHParameterSpec(ng);
-}
-}
-private static DHParameterSpec getFFDHEDHParameterSpec(
-NamedGroup namedGroup) {
-DHParameterSpec spec = null;
-switch (namedGroup) {
-case FFDHE_2048:
-spec = PredefinedDHParameterSpecs.ffdheParams.get(2048);
-break;
-case FFDHE_3072:
-spec = PredefinedDHParameterSpecs.ffdheParams.get(3072);
-break;
-case FFDHE_4096:
-spec = PredefinedDHParameterSpecs.ffdheParams.get(4096);
-break;
-case FFDHE_6144:
-spec = PredefinedDHParameterSpecs.ffdheParams.get(6144);
-break;
-case FFDHE_8192:
-spec = PredefinedDHParameterSpecs.ffdheParams.get(8192);
-}
-return spec;
-}
-private static DHParameterSpec getPredefinedDHParameterSpec(
-NamedGroup namedGroup) {
-DHParameterSpec spec = null;
-switch (namedGroup) {
-case FFDHE_2048:
-spec = PredefinedDHParameterSpecs.definedParams.get(2048);
-break;
-case FFDHE_3072:
-spec = PredefinedDHParameterSpecs.definedParams.get(3072);
-break;
-case FFDHE_4096:
-spec = PredefinedDHParameterSpecs.definedParams.get(4096);
-break;
-case FFDHE_6144:
-spec = PredefinedDHParameterSpecs.definedParams.get(6144);
-break;
-case FFDHE_8192:
-spec = PredefinedDHParameterSpecs.definedParams.get(8192);
-}
-return spec;
-}
-@Override
-public boolean isAvailable(NamedGroup ng) {
-AlgorithmParameters params = getParameters(ng);
-return params != null;
-}
-@Override
-protected Optional<AlgorithmParameters> getParametersImpl(
-NamedGroup ng) {
-try {
-AlgorithmParameters params
-= AlgorithmParameters.getInstance("DiffieHellman");
-AlgorithmParameterSpec spec
-= getFFDHEDHParameterSpec(ng);
-params.init(spec);
-return Optional.of(params);
-} catch (InvalidParameterSpecException
-| NoSuchAlgorithmException ex) {
-return Optional.empty();
-}
-}
-}
-private static class ECDHFunctions extends NamedGroupFunctions {
-// lazy initialization
-private static class FunctionsHolder {
-private static final ECDHFunctions instance = new ECDHFunctions();
-}
-private static ECDHFunctions getInstance() {
-return FunctionsHolder.instance;
-}
 @Override
 public byte[] encodePossessionPublicKey(
 NamedGroupPossession namedGroupPossession) {
 return ((ECDHEPossession)namedGroupPossession).encode();
 }
 @Override
 public SSLCredentials decodeCredentials(NamedGroup ng, byte[] encoded,
 AlgorithmConstraints constraints,
-ExceptionSupplier onConstraintFail)
+ExceptionSupplier onConstraintFail
-throws IOException, GeneralSecurityException {
+) throws IOException, GeneralSecurityException {
 ECDHKeyExchange.ECDHECredentials result
 = ECDHKeyExchange.ECDHECredentials.valueOf(ng, encoded);
 checkConstraints(result.getPublicKey(), constraints,
 NamedGroup ng, SecureRandom random) {
 return new ECDHKeyExchange.ECDHEPossession(ng, random);
 }
 @Override
-public SSLKeyDerivation createKeyDerivation(HandshakeContext hc)
+public SSLKeyDerivation createKeyDerivation(
-throws IOException {
+HandshakeContext hc) throws IOException {
 return ECDHKeyExchange.ecdheKAGenerator.createKeyDerivation(hc);
 }
+}
-@Override
-public AlgorithmParameterSpec getParameterSpec(NamedGroup ng) {
+private static class XDHScheme implements NamedGroupScheme {
-return SupportedGroupsExtension.SupportedGroups
+private static final XDHScheme instance = new XDHScheme();
-.getECGenParamSpec(ng);
-}
-@Override
-public boolean isAvailable(NamedGroup ng) {
-AlgorithmParameters params = getParameters(ng);
-return params != null;
-}
-@Override
-protected Optional<AlgorithmParameters> getParametersImpl(
-NamedGroup ng) {
-try {
-AlgorithmParameters params
-= AlgorithmParameters.getInstance("EC");
-AlgorithmParameterSpec spec
-= new ECGenParameterSpec(ng.oid);
-params.init(spec);
-return Optional.of(params);
-} catch (InvalidParameterSpecException
-| NoSuchAlgorithmException ex) {
-return Optional.empty();
-}
-}
-}
-private static class XDHFunctions extends NamedGroupFunctions {
-// lazy initialization
-private static class FunctionsHolder {
-private static final XDHFunctions instance = new XDHFunctions();
-}
-private static XDHFunctions getInstance() {
-return FunctionsHolder.instance;
-}
 @Override
 public byte[] encodePossessionPublicKey(NamedGroupPossession poss) {
 return ((XDHKeyExchange.XDHEPossession)poss).encode();
 }
 @Override
 public SSLCredentials decodeCredentials(NamedGroup ng, byte[] encoded,
 AlgorithmConstraints constraints,
-ExceptionSupplier onConstraintFail)
+ExceptionSupplier onConstraintFail
-throws IOException, GeneralSecurityException {
+) throws IOException, GeneralSecurityException {
 XDHKeyExchange.XDHECredentials result
 = XDHKeyExchange.XDHECredentials.valueOf(ng, encoded);
 checkConstraints(result.getPublicKey(), constraints,
 NamedGroup ng, SecureRandom random) {
 return new XDHKeyExchange.XDHEPossession(ng, random);
 }
 @Override
-public SSLKeyDerivation createKeyDerivation(HandshakeContext hc)
+public SSLKeyDerivation createKeyDerivation(
-throws IOException {
+HandshakeContext hc) throws IOException {
 return XDHKeyExchange.xdheKAGenerator.createKeyDerivation(hc);
 }
-@Override
-public AlgorithmParameterSpec getParameterSpec(NamedGroup ng) {
-return new NamedParameterSpec(ng.name);
-}
-@Override
-public boolean isAvailable(NamedGroup ng) {
-try {
-KeyAgreement.getInstance(ng.algorithm);
-return true;
-} catch (NoSuchAlgorithmException ex) {
-return false;
-}
-}
-@Override
-protected Optional<AlgorithmParameters> getParametersImpl(
-NamedGroup ng) {
-return Optional.empty();
-}
 }
 }

changeset 57718	a93b7b28f644
parent 55353	946f7f2d321c
child 58679	9c3209ff7550
child 59214	e7df7c86eda1