8196584: TLS 1.3 Implementation
Reviewed-by: ascarpino, coffeys, dfuchs, jjiang, jnimeh, mullan, rhalade, ssahoo, valeriep, weijun, wetmore, xuelei
Contributed-by: Adam Petcher <adam.petcher@oracle.com>, Amanda Jiang <amanda.jiang@oracle.com>, Anthony Scarpino <anthony.scarpino@oracle.com>, Bradford Wetmore <bradford.wetmore@oracle.com>, Jamil Nimeh <jamil.j.nimeh@oracle.com>, John Jiang <sha.jiang@oracle.com>, Rajan Halade <rajan.halade@oracle.com>, Sibabrata Sahoo <sibabrata.sahoo@oracle.com>, Valerie Peng <valerie.peng@oracle.com>, Weijun Wang <weijun.wang@oracle.com>, Xuelei Fan <xuelei.fan@oracle.com>
/*
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.ssl;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.text.MessageFormat;
import java.util.Locale;
import javax.net.ssl.SSLProtocolException;
import sun.security.ssl.ClientHello.ClientHelloMessage;
import sun.security.ssl.SSLExtension.ExtensionConsumer;
import sun.security.ssl.SSLHandshake.HandshakeMessage;
import sun.security.ssl.SSLExtension.SSLExtensionSpec;
import sun.security.ssl.ServerHello.ServerHelloMessage;
import sun.security.util.HexDumpEncoder;
public class CookieExtension {
static final HandshakeProducer chNetworkProducer =
new CHCookieProducer();
static final ExtensionConsumer chOnLoadConsumer =
new CHCookieConsumer();
static final HandshakeConsumer chOnTradeConsumer =
new CHCookieUpdate();
static final HandshakeProducer hrrNetworkProducer =
new HRRCookieProducer();
static final ExtensionConsumer hrrOnLoadConsumer =
new HRRCookieConsumer();
static final HandshakeProducer hrrNetworkReproducer =
new HRRCookieReproducer();
static final CookieStringizer cookieStringizer =
new CookieStringizer();
/**
* The "cookie" extension.
*/
static class CookieSpec implements SSLExtensionSpec {
final byte[] cookie;
private CookieSpec(ByteBuffer m) throws IOException {
// opaque cookie<1..2^16-1>;
if (m.remaining() < 3) {
throw new SSLProtocolException(
"Invalid cookie extension: insufficient data");
}
this.cookie = Record.getBytes16(m);
}
@Override
public String toString() {
MessageFormat messageFormat = new MessageFormat(
"\"cookie\": '{'\n" +
"{0}\n" +
"'}',", Locale.ENGLISH);
HexDumpEncoder hexEncoder = new HexDumpEncoder();
Object[] messageFields = {
Utilities.indent(hexEncoder.encode(cookie))
};
return messageFormat.format(messageFields);
}
}
private static final class CookieStringizer implements SSLStringizer {
@Override
public String toString(ByteBuffer buffer) {
try {
return (new CookieSpec(buffer)).toString();
} catch (IOException ioe) {
// For debug logging only, so please swallow exceptions.
return ioe.getMessage();
}
}
}
private static final
class CHCookieProducer implements HandshakeProducer {
// Prevent instantiation of this class.
private CHCookieProducer() {
// blank
}
@Override
public byte[] produce(ConnectionContext context,
HandshakeMessage message) throws IOException {
ClientHandshakeContext chc = (ClientHandshakeContext) context;
// Is it a supported and enabled extension?
if (!chc.sslConfig.isAvailable(SSLExtension.CH_COOKIE)) {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.fine(
"Ignore unavailable cookie extension");
}
return null;
}
// response to an HelloRetryRequest cookie
CookieSpec spec = (CookieSpec)chc.handshakeExtensions.get(
SSLExtension.HRR_COOKIE);
if (spec != null &&
spec.cookie != null && spec.cookie.length != 0) {
byte[] extData = new byte[spec.cookie.length + 2];
ByteBuffer m = ByteBuffer.wrap(extData);
Record.putBytes16(m, spec.cookie);
return extData;
}
return null;
}
}
private static final
class CHCookieConsumer implements ExtensionConsumer {
// Prevent instantiation of this class.
private CHCookieConsumer() {
// blank
}
@Override
public void consume(ConnectionContext context,
HandshakeMessage message, ByteBuffer buffer) throws IOException {
// The consuming happens in server side only.
ServerHandshakeContext shc = (ServerHandshakeContext)context;
// Is it a supported and enabled extension?
if (!shc.sslConfig.isAvailable(SSLExtension.CH_COOKIE)) {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.fine(
"Ignore unavailable cookie extension");
}
return; // ignore the extension
}
CookieSpec spec;
try {
spec = new CookieSpec(buffer);
} catch (IOException ioe) {
shc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, ioe);
return; // fatal() always throws, make the compiler happy.
}
shc.handshakeExtensions.put(SSLExtension.CH_COOKIE, spec);
// No impact on session resumption.
//
// Note that the protocol version negotiation happens before the
// session resumption negotiation. And the session resumption
// negotiation depends on the negotiated protocol version.
}
}
private static final
class CHCookieUpdate implements HandshakeConsumer {
// Prevent instantiation of this class.
private CHCookieUpdate() {
// blank
}
@Override
public void consume(ConnectionContext context,
HandshakeMessage message) throws IOException {
// The consuming happens in server side only.
ServerHandshakeContext shc = (ServerHandshakeContext)context;
ClientHelloMessage clientHello = (ClientHelloMessage)message;
CookieSpec spec = (CookieSpec)
shc.handshakeExtensions.get(SSLExtension.CH_COOKIE);
if (spec == null) {
// Ignore, no "cookie" extension requested.
return;
}
HelloCookieManager hcm =
shc.sslContext.getHelloCookieManager(shc.negotiatedProtocol);
if (!hcm.isCookieValid(shc, clientHello, spec.cookie)) {
shc.conContext.fatal(Alert.UNEXPECTED_MESSAGE,
"unrecognized cookie");
return; // fatal() always throws, make the compiler happy.
}
}
}
private static final
class HRRCookieProducer implements HandshakeProducer {
// Prevent instantiation of this class.
private HRRCookieProducer() {
// blank
}
@Override
public byte[] produce(ConnectionContext context,
HandshakeMessage message) throws IOException {
// The producing happens in server side only.
ServerHandshakeContext shc = (ServerHandshakeContext)context;
ServerHelloMessage hrrm = (ServerHelloMessage)message;
// Is it a supported and enabled extension?
if (!shc.sslConfig.isAvailable(SSLExtension.HRR_COOKIE)) {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.fine(
"Ignore unavailable cookie extension");
}
return null;
}
HelloCookieManager hcm =
shc.sslContext.getHelloCookieManager(shc.negotiatedProtocol);
byte[] cookie = hcm.createCookie(shc, hrrm.clientHello);
byte[] extData = new byte[cookie.length + 2];
ByteBuffer m = ByteBuffer.wrap(extData);
Record.putBytes16(m, cookie);
return extData;
}
}
private static final
class HRRCookieConsumer implements ExtensionConsumer {
// Prevent instantiation of this class.
private HRRCookieConsumer() {
// blank
}
@Override
public void consume(ConnectionContext context,
HandshakeMessage message, ByteBuffer buffer) throws IOException {
// The consuming happens in client side only.
ClientHandshakeContext chc = (ClientHandshakeContext)context;
// Is it a supported and enabled extension?
if (!chc.sslConfig.isAvailable(SSLExtension.HRR_COOKIE)) {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.fine(
"Ignore unavailable cookie extension");
}
return; // ignore the extension
}
CookieSpec spec;
try {
spec = new CookieSpec(buffer);
} catch (IOException ioe) {
chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, ioe);
return; // fatal() always throws, make the compiler happy.
}
chc.handshakeExtensions.put(SSLExtension.HRR_COOKIE, spec);
}
}
private static final
class HRRCookieReproducer implements HandshakeProducer {
// Prevent instantiation of this class.
private HRRCookieReproducer() {
// blank
}
@Override
public byte[] produce(ConnectionContext context,
HandshakeMessage message) throws IOException {
// The producing happens in server side only.
ServerHandshakeContext shc = (ServerHandshakeContext) context;
// Is it a supported and enabled extension?
if (!shc.sslConfig.isAvailable(SSLExtension.HRR_COOKIE)) {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.fine(
"Ignore unavailable cookie extension");
}
return null;
}
// copy of the ClientHello cookie
CookieSpec spec = (CookieSpec)shc.handshakeExtensions.get(
SSLExtension.CH_COOKIE);
if (spec != null &&
spec.cookie != null && spec.cookie.length != 0) {
byte[] extData = new byte[spec.cookie.length + 2];
ByteBuffer m = ByteBuffer.wrap(extData);
Record.putBytes16(m, spec.cookie);
return extData;
}
return null;
}
}
}