--- a/jdk/src/share/classes/sun/security/ssl/Record.java Fri Oct 29 12:35:07 2010 +0200
+++ b/jdk/src/share/classes/sun/security/ssl/Record.java Sat Oct 30 18:39:17 2010 +0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -47,11 +47,12 @@
static final byte ct_handshake = 22;
static final byte ct_application_data = 23;
- static final int headerSize = 5; // SSLv3 record header
- static final int maxExpansion = 1024; // for bad compression
- static final int trailerSize = 20; // SHA1 hash size
- static final int maxDataSize = 16384; // 2^14 bytes of data
- static final int maxPadding = 256; // block cipher padding
+ static final int headerSize = 5; // SSLv3 record header
+ static final int maxExpansion = 1024; // for bad compression
+ static final int trailerSize = 20; // SHA1 hash size
+ static final int maxDataSize = 16384; // 2^14 bytes of data
+ static final int maxPadding = 256; // block cipher padding
+ static final int maxIVLength = 256; // block length
/*
* SSL has a maximum record size. It's header, (compressed) data,
@@ -59,8 +60,9 @@
* Some compression algorithms have rare cases where they expand the data.
* As we don't support compression at this time, leave that out.
*/
- static final int maxRecordSize =
+ static final int maxRecordSize =
headerSize // header
+ + maxIVLength // iv
+ maxDataSize // data
+ maxPadding // padding
+ trailerSize; // MAC
@@ -74,7 +76,7 @@
* The maximum large record size is defined as maxRecordSize plus 2^14,
* this is the amount OpenSSL is using.
*/
- static final int maxLargeRecordSize =
+ static final int maxLargeRecordSize =
maxRecordSize // Max size with a conforming implemenation
+ maxDataSize; // extra 2^14 bytes for large data packets.
@@ -84,7 +86,11 @@
* They only contain 2 and 1 bytes of data, respectively.
* Allocate a smaller array.
*/
- static final int maxAlertRecordSize =
- headerSize + 2 + maxPadding + trailerSize;
+ static final int maxAlertRecordSize =
+ headerSize // header
+ + maxIVLength // iv
+ + 2 // alert
+ + maxPadding // padding
+ + trailerSize; // MAC
}