--- a/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java Thu Apr 11 14:47:54 2013 -0700
+++ b/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java Thu Apr 11 18:57:14 2013 -0700
@@ -292,7 +292,7 @@
/*
* Crypto state that's reinitialized when the session changes.
*/
- private MAC readMAC, writeMAC;
+ private Authenticator readAuthenticator, writeAuthenticator;
private CipherBox readCipher, writeCipher;
// NOTE: compression state would be saved here
@@ -586,9 +586,9 @@
* Note: compression support would go here too
*/
readCipher = CipherBox.NULL;
- readMAC = MAC.NULL;
+ readAuthenticator = MAC.NULL;
writeCipher = CipherBox.NULL;
- writeMAC = MAC.NULL;
+ writeAuthenticator = MAC.NULL;
// initial security parameters for secure renegotiation
secureRenegotiation = false;
@@ -829,8 +829,7 @@
boolean holdRecord) throws IOException {
// r.compress(c);
- r.addMAC(writeMAC);
- r.encrypt(writeCipher);
+ r.encrypt(writeAuthenticator, writeCipher);
if (holdRecord) {
// If we were requested to delay the record due to possibility
@@ -861,7 +860,7 @@
* of the last record cannot be wrapped.
*/
if (connectionState < cs_ERROR) {
- checkSequenceNumber(writeMAC, r.contentType());
+ checkSequenceNumber(writeAuthenticator, r.contentType());
}
// turn off the flag of the first application record
@@ -986,7 +985,7 @@
* throw a fatal alert if the integrity check fails.
*/
try {
- r.decrypt(readMAC, readCipher);
+ r.decrypt(readAuthenticator, readCipher);
} catch (BadPaddingException e) {
byte alertType = (r.contentType() == Record.ct_handshake)
? Alerts.alert_handshake_failure
@@ -1143,7 +1142,7 @@
* of the last record cannot be wrapped.
*/
if (connectionState < cs_ERROR) {
- checkSequenceNumber(readMAC, r.contentType());
+ checkSequenceNumber(readAuthenticator, r.contentType());
}
return;
@@ -1166,14 +1165,14 @@
* implementation would need to wrap a sequence number, it must
* renegotiate instead."
*/
- private void checkSequenceNumber(MAC mac, byte type)
+ private void checkSequenceNumber(Authenticator authenticator, byte type)
throws IOException {
/*
* Don't bother to check the sequence number for error or
* closed connections, or NULL MAC.
*/
- if (connectionState >= cs_ERROR || mac == MAC.NULL) {
+ if (connectionState >= cs_ERROR || authenticator == MAC.NULL) {
return;
}
@@ -1181,7 +1180,7 @@
* Conservatively, close the connection immediately when the
* sequence number is close to overflow
*/
- if (mac.seqNumOverflow()) {
+ if (authenticator.seqNumOverflow()) {
/*
* TLS protocols do not define a error alert for sequence
* number overflow. We use handshake_failure error alert
@@ -1203,7 +1202,7 @@
* Don't bother to kickstart the renegotiation when the local is
* asking for it.
*/
- if ((type != Record.ct_handshake) && mac.seqNumIsHuge()) {
+ if ((type != Record.ct_handshake) && authenticator.seqNumIsHuge()) {
if (debug != null && Debug.isOn("ssl")) {
System.out.println(Thread.currentThread().getName() +
", request renegotiation " +
@@ -2065,7 +2064,7 @@
try {
readCipher = handshaker.newReadCipher();
- readMAC = handshaker.newReadMAC();
+ readAuthenticator = handshaker.newReadAuthenticator();
} catch (GeneralSecurityException e) {
// "can't happen"
throw new SSLException("Algorithm missing: ", e);
@@ -2096,7 +2095,7 @@
try {
writeCipher = handshaker.newWriteCipher();
- writeMAC = handshaker.newWriteMAC();
+ writeAuthenticator = handshaker.newWriteAuthenticator();
} catch (GeneralSecurityException e) {
// "can't happen"
throw new SSLException("Algorithm missing: ", e);