equal
deleted
inserted
replaced
408 */ |
408 */ |
409 if (chc.conContext.secureRenegotiation) { |
409 if (chc.conContext.secureRenegotiation) { |
410 chc.conContext.clientVerifyData = fm.verifyData; |
410 chc.conContext.clientVerifyData = fm.verifyData; |
411 } |
411 } |
412 |
412 |
|
413 if (chc.statelessResumption) { |
|
414 chc.handshakeConsumers.put( |
|
415 SSLHandshake.NEW_SESSION_TICKET.id, SSLHandshake.NEW_SESSION_TICKET); |
|
416 } |
413 // update the consumers and producers |
417 // update the consumers and producers |
414 if (!chc.isResumption) { |
418 if (!chc.isResumption) { |
415 chc.conContext.consumers.put(ContentType.CHANGE_CIPHER_SPEC.id, |
419 chc.conContext.consumers.put(ContentType.CHANGE_CIPHER_SPEC.id, |
416 ChangeCipherSpec.t10Consumer); |
420 ChangeCipherSpec.t10Consumer); |
417 chc.handshakeConsumers.put( |
421 chc.handshakeConsumers.put( |
439 return null; |
443 return null; |
440 } |
444 } |
441 |
445 |
442 private byte[] onProduceFinished(ServerHandshakeContext shc, |
446 private byte[] onProduceFinished(ServerHandshakeContext shc, |
443 HandshakeMessage message) throws IOException { |
447 HandshakeMessage message) throws IOException { |
|
448 if (shc.statelessResumption) { |
|
449 NewSessionTicket.handshake12Producer.produce(shc, message); |
|
450 } |
|
451 |
444 // Refresh handshake hash |
452 // Refresh handshake hash |
445 shc.handshakeHash.update(); |
453 shc.handshakeHash.update(); |
446 |
454 |
447 FinishedMessage fm = new FinishedMessage(shc); |
455 FinishedMessage fm = new FinishedMessage(shc); |
448 |
456 |
471 ChangeCipherSpec.t10Consumer); |
479 ChangeCipherSpec.t10Consumer); |
472 shc.handshakeConsumers.put( |
480 shc.handshakeConsumers.put( |
473 SSLHandshake.FINISHED.id, SSLHandshake.FINISHED); |
481 SSLHandshake.FINISHED.id, SSLHandshake.FINISHED); |
474 shc.conContext.inputRecord.expectingFinishFlight(); |
482 shc.conContext.inputRecord.expectingFinishFlight(); |
475 } else { |
483 } else { |
476 if (shc.handshakeSession.isRejoinable()) { |
484 if (shc.handshakeSession.isRejoinable() && |
|
485 !shc.statelessResumption) { |
477 ((SSLSessionContextImpl)shc.sslContext. |
486 ((SSLSessionContextImpl)shc.sslContext. |
478 engineGetServerSessionContext()).put( |
487 engineGetServerSessionContext()).put( |
479 shc.handshakeSession); |
488 shc.handshakeSession); |
480 } |
489 } |
481 shc.conContext.conSession = shc.handshakeSession.finish(); |
490 shc.conContext.conSession = shc.handshakeSession.finish(); |
589 if (shc.conContext.secureRenegotiation) { |
598 if (shc.conContext.secureRenegotiation) { |
590 shc.conContext.clientVerifyData = fm.verifyData; |
599 shc.conContext.clientVerifyData = fm.verifyData; |
591 } |
600 } |
592 |
601 |
593 if (shc.isResumption) { |
602 if (shc.isResumption) { |
594 if (shc.handshakeSession.isRejoinable()) { |
603 if (shc.handshakeSession.isRejoinable() && |
|
604 !shc.statelessResumption) { |
595 ((SSLSessionContextImpl)shc.sslContext. |
605 ((SSLSessionContextImpl)shc.sslContext. |
596 engineGetServerSessionContext()).put( |
606 engineGetServerSessionContext()).put( |
597 shc.handshakeSession); |
607 shc.handshakeSession); |
598 } |
608 } |
599 shc.conContext.conSession = shc.handshakeSession.finish(); |
609 shc.conContext.conSession = shc.handshakeSession.finish(); |
913 chc.negotiatedProtocol); |
923 chc.negotiatedProtocol); |
914 } |
924 } |
915 |
925 |
916 // save the session |
926 // save the session |
917 if (!chc.isResumption && chc.handshakeSession.isRejoinable()) { |
927 if (!chc.isResumption && chc.handshakeSession.isRejoinable()) { |
918 SSLSessionContextImpl sessionContext = (SSLSessionContextImpl) |
928 ((SSLSessionContextImpl)chc.sslContext. |
919 chc.sslContext.engineGetClientSessionContext(); |
929 engineGetClientSessionContext()). |
920 sessionContext.put(chc.handshakeSession); |
930 put(chc.handshakeSession); |
921 } |
931 } |
922 |
932 |
923 // derive salt secret |
933 // derive salt secret |
924 try { |
934 try { |
925 SecretKey saltSecret = kd.deriveKey("TlsSaltSecret", null); |
935 SecretKey saltSecret = kd.deriveKey("TlsSaltSecret", null); |
1026 throw shc.conContext.fatal(Alert.INTERNAL_ERROR, |
1036 throw shc.conContext.fatal(Alert.INTERNAL_ERROR, |
1027 "Not supported key derivation: " + |
1037 "Not supported key derivation: " + |
1028 shc.negotiatedProtocol); |
1038 shc.negotiatedProtocol); |
1029 } |
1039 } |
1030 |
1040 |
1031 // save the session |
1041 // Save the session if possible and not stateless |
1032 if (!shc.isResumption && shc.handshakeSession.isRejoinable()) { |
1042 if (!shc.statelessResumption && !shc.isResumption && |
|
1043 shc.handshakeSession.isRejoinable()) { |
1033 SSLSessionContextImpl sessionContext = (SSLSessionContextImpl) |
1044 SSLSessionContextImpl sessionContext = (SSLSessionContextImpl) |
1034 shc.sslContext.engineGetServerSessionContext(); |
1045 shc.sslContext.engineGetServerSessionContext(); |
1035 sessionContext.put(shc.handshakeSession); |
1046 sessionContext.put(shc.handshakeSession); |
1036 } |
1047 } |
1037 |
1048 |
1038 try { |
1049 try { |
1039 // update the application traffic read keys. |
1050 // update the application traffic read keys. |