--- a/src/java.base/share/classes/sun/security/ssl/ClientHello.java Sat Jun 02 07:50:25 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/ClientHello.java Sat Jun 02 21:23:02 2018 -0700
@@ -669,7 +669,6 @@
// HelloRequest (SSL 3.0/TLS 1.0/1.1/1.2)
// ServerHello(HelloRetryRequest) (TLS 1.3)
// HelloVerifyRequest (DTLS 1.0/1.2)
- // KeyUpdate (TLS 1.3)
@Override
public byte[] produce(ConnectionContext context,
HandshakeMessage message) throws IOException {
@@ -727,10 +726,6 @@
// The handshake message has been delivered.
return null;
- case KEY_UPDATE:
- // TLS 1.3
- throw new UnsupportedOperationException(
- "Not supported yet.");
case HELLO_RETRY_REQUEST:
// TLS 1.3
// The HelloRetryRequest consumer should have updated the
--- a/src/java.base/share/classes/sun/security/ssl/HandshakeContext.java Sat Jun 02 07:50:25 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/HandshakeContext.java Sat Jun 02 21:23:02 2018 -0700
@@ -356,7 +356,8 @@
/**
* Parse the handshake record and return the contentType
*/
- static byte getHandshakeType(TransportContext conContext, Plaintext plaintext) throws IOException {
+ static byte getHandshakeType(TransportContext conContext,
+ Plaintext plaintext) throws IOException {
// struct {
// HandshakeType msg_type; /* handshake type */
// uint24 length; /* bytes in message */
@@ -392,10 +393,12 @@
}
void dispatch(byte handshakeType, Plaintext plaintext) throws IOException {
-
if (conContext.transport.useDelegatedTask()) {
boolean hasDelegated = !delegatedActions.isEmpty();
- if (hasDelegated || handshakeType != SSLHandshake.FINISHED.id) {
+ if (hasDelegated ||
+ (handshakeType != SSLHandshake.FINISHED.id &&
+ handshakeType != SSLHandshake.KEY_UPDATE.id &&
+ handshakeType != SSLHandshake.NEW_SESSION_TICKET.id)) {
if (!hasDelegated) {
taskDelegated = false;
delegatedThrown = null;
--- a/src/java.base/share/classes/sun/security/ssl/KeyUpdate.java Sat Jun 02 07:50:25 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/KeyUpdate.java Sat Jun 02 21:23:02 2018 -0700
@@ -28,6 +28,8 @@
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
+import java.text.MessageFormat;
+import java.util.Locale;
import sun.security.ssl.SSLHandshake.HandshakeMessage;
import sun.security.ssl.SSLCipher.SSLReadCipher;
@@ -63,29 +65,30 @@
* } KeyUpdate;
*/
static final class KeyUpdateMessage extends HandshakeMessage {
- static final byte NOTREQUSTED = 0;
- static final byte REQUSTED = 1;
- private byte status;
+ private final KeyUpdateRequest status;
- KeyUpdateMessage(PostHandshakeContext context, byte status) {
+ KeyUpdateMessage(PostHandshakeContext context,
+ KeyUpdateRequest status) {
super(context);
this.status = status;
- if (status > 1) {
- new IOException("KeyUpdate message value invalid: " + status);
- }
}
- KeyUpdateMessage(PostHandshakeContext context, ByteBuffer m)
- throws IOException{
+
+ KeyUpdateMessage(PostHandshakeContext context,
+ ByteBuffer m) throws IOException {
super(context);
if (m.remaining() != 1) {
- throw new IOException("KeyUpdate has an unexpected length of "+
+ context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
+ "KeyUpdate has an unexpected length of "+
m.remaining());
}
- status = m.get();
- if (status > 1) {
- new IOException("KeyUpdate message value invalid: " + status);
+ byte request = m.get();
+ this.status = KeyUpdateRequest.valueOf(request);
+ if (status == null) {
+ context.conContext.fatal(Alert.ILLEGAL_PARAMETER,
+ "Invalid KeyUpdate message value: " +
+ KeyUpdateRequest.nameOf(request));
}
}
@@ -102,16 +105,55 @@
@Override
public void send(HandshakeOutStream s) throws IOException {
- s.write(status);
+ s.putInt8(status.id);
}
@Override
public String toString() {
- throw new UnsupportedOperationException("Not supported yet.");
+ MessageFormat messageFormat = new MessageFormat(
+ "\"KeyUpdate\": '{'\n" +
+ " \"request_update\": {0}\n" +
+ "'}'",
+ Locale.ENGLISH);
+
+ Object[] messageFields = {
+ status.name
+ };
+
+ return messageFormat.format(messageFields);
+ }
+ }
+
+ enum KeyUpdateRequest {
+ NOTREQUSTED ((byte)0, "update_not_requested"),
+ REQUSTED ((byte)1, "update_requested");
+
+ final byte id;
+ final String name;
+
+ private KeyUpdateRequest(byte id, String name) {
+ this.id = id;
+ this.name = name;
}
- byte getStatus() {
- return status;
+ static KeyUpdateRequest valueOf(byte id) {
+ for (KeyUpdateRequest kur : KeyUpdateRequest.values()) {
+ if (kur.id == id) {
+ return kur;
+ }
+ }
+
+ return null;
+ }
+
+ static String nameOf(byte id) {
+ for (KeyUpdateRequest kur : KeyUpdateRequest.values()) {
+ if (kur.id == id) {
+ return kur.name;
+ }
+ }
+
+ return "<UNKNOWN KeyUpdateRequest TYPE: " + (id & 0x0FF) + ">";
}
}
@@ -126,9 +168,8 @@
@Override
public byte[] produce(ConnectionContext context) throws IOException {
PostHandshakeContext hc = (PostHandshakeContext)context;
- handshakeProducer.produce(hc,
- new KeyUpdateMessage(hc, KeyUpdateMessage.REQUSTED));
- return null;
+ return handshakeProducer.produce(context,
+ new KeyUpdateMessage(hc, KeyUpdateRequest.REQUSTED));
}
}
@@ -147,13 +188,14 @@
// The consuming happens in client side only.
PostHandshakeContext hc = (PostHandshakeContext)context;
KeyUpdateMessage km = new KeyUpdateMessage(hc, message);
-
- if (km.getStatus() == KeyUpdateMessage.NOTREQUSTED) {
- return;
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+ SSLLogger.fine(
+ "Consuming KeyUpdate post-handshake message", km);
}
+ // Update read key and IV.
SSLTrafficKeyDerivation kdg =
- SSLTrafficKeyDerivation.valueOf(hc.conContext.protocolVersion);
+ SSLTrafficKeyDerivation.valueOf(hc.conContext.protocolVersion);
if (kdg == null) {
// unlikely
hc.conContext.fatal(Alert.INTERNAL_ERROR,
@@ -164,38 +206,42 @@
SSLKeyDerivation skd = kdg.createKeyDerivation(hc,
hc.conContext.inputRecord.readCipher.baseSecret);
- SecretKey nplus1 = skd.deriveKey("TlsUpdateNplus1", null);
if (skd == null) {
// unlikely
- hc.conContext.fatal(Alert.INTERNAL_ERROR,
- "no key derivation");
+ hc.conContext.fatal(Alert.INTERNAL_ERROR, "no key derivation");
return;
}
+ SecretKey nplus1 = skd.deriveKey("TlsUpdateNplus1", null);
SSLKeyDerivation kd = kdg.createKeyDerivation(hc, nplus1);
SecretKey key = kd.deriveKey("TlsKey", null);
- IvParameterSpec ivSpec =
- new IvParameterSpec(kd.deriveKey("TlsIv", null)
- .getEncoded());
+ IvParameterSpec ivSpec = new IvParameterSpec(
+ kd.deriveKey("TlsIv", null).getEncoded());
try {
SSLReadCipher rc =
- hc.negotiatedCipherSuite.bulkCipher.createReadCipher(
- Authenticator.valueOf(hc.conContext.protocolVersion),
- hc.conContext.protocolVersion, key, ivSpec,
- hc.sslContext.getSecureRandom());
+ hc.negotiatedCipherSuite.bulkCipher.createReadCipher(
+ Authenticator.valueOf(hc.conContext.protocolVersion),
+ hc.conContext.protocolVersion, key, ivSpec,
+ hc.sslContext.getSecureRandom());
hc.conContext.inputRecord.changeReadCiphers(rc);
hc.conContext.inputRecord.readCipher.baseSecret = nplus1;
if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
SSLLogger.fine("KeyUpdate: read key updated");
}
-
- } catch (GeneralSecurityException e) {
- throw new IOException(e);
+ } catch (GeneralSecurityException gse) {
+ hc.conContext.fatal(Alert.INTERNAL_ERROR,
+ "Failure to derive read secrets", gse);
+ return;
}
- // Send Reply
- handshakeProducer.produce(hc,
- new KeyUpdateMessage(hc, KeyUpdateMessage.NOTREQUSTED));
+ if (km.status == KeyUpdateRequest.REQUSTED) {
+ // Update the write key and IV.
+ handshakeProducer.produce(hc,
+ new KeyUpdateMessage(hc, KeyUpdateRequest.NOTREQUSTED));
+ }
+
+ // clean handshake context
+ hc.conContext.finishPostHandshake();
}
}
@@ -214,18 +260,14 @@
// The producing happens in server side only.
PostHandshakeContext hc = (PostHandshakeContext)context;
KeyUpdateMessage km = (KeyUpdateMessage)message;
- SecretKey secret;
-
- if (km.getStatus() == KeyUpdateMessage.REQUSTED) {
- secret = hc.conContext.outputRecord.writeCipher.baseSecret;
- } else {
- km.write(hc.handshakeOutput);
- hc.handshakeOutput.flush();
- return null;
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+ SSLLogger.fine(
+ "Produced KeyUpdate post-handshake message", km);
}
+ // Update the write key and IV.
SSLTrafficKeyDerivation kdg =
- SSLTrafficKeyDerivation.valueOf(hc.conContext.protocolVersion);
+ SSLTrafficKeyDerivation.valueOf(hc.conContext.protocolVersion);
if (kdg == null) {
// unlikely
hc.conContext.fatal(Alert.INTERNAL_ERROR,
@@ -233,20 +275,20 @@
hc.conContext.protocolVersion);
return null;
}
- // update the application traffic read keys.
- SSLKeyDerivation skd = kdg.createKeyDerivation(hc, secret);
+
+ SSLKeyDerivation skd = kdg.createKeyDerivation(hc,
+ hc.conContext.outputRecord.writeCipher.baseSecret);
if (skd == null) {
// unlikely
- hc.conContext.fatal(Alert.INTERNAL_ERROR,"no key derivation");
+ hc.conContext.fatal(Alert.INTERNAL_ERROR, "no key derivation");
return null;
}
+
SecretKey nplus1 = skd.deriveKey("TlsUpdateNplus1", null);
- SSLKeyDerivation kd =
- kdg.createKeyDerivation(hc, nplus1);
+ SSLKeyDerivation kd = kdg.createKeyDerivation(hc, nplus1);
SecretKey key = kd.deriveKey("TlsKey", null);
- IvParameterSpec ivSpec =
- new IvParameterSpec(kd.deriveKey("TlsIv", null)
- .getEncoded());
+ IvParameterSpec ivSpec = new IvParameterSpec(
+ kd.deriveKey("TlsIv", null).getEncoded());
SSLWriteCipher wc;
try {
@@ -254,21 +296,27 @@
Authenticator.valueOf(hc.conContext.protocolVersion),
hc.conContext.protocolVersion, key, ivSpec,
hc.sslContext.getSecureRandom());
-
- } catch (GeneralSecurityException gse){
+ } catch (GeneralSecurityException gse) {
hc.conContext.fatal(Alert.INTERNAL_ERROR,
- "Failure to derive application secrets", gse);
+ "Failure to derive write secrets", gse);
return null;
}
+ // Output the handshake message.
km.write(hc.handshakeOutput);
hc.handshakeOutput.flush();
+
+ // change write cipher
hc.conContext.outputRecord.changeWriteCiphers(wc, false);
hc.conContext.outputRecord.writeCipher.baseSecret = nplus1;
if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
SSLLogger.fine("KeyUpdate: write key updated");
}
- hc.free();
+
+ // clean handshake context
+ hc.conContext.finishPostHandshake();
+
+ // The handshake message has been delivered.
return null;
}
}
--- a/src/java.base/share/classes/sun/security/ssl/NewSessionTicket.java Sat Jun 02 07:50:25 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/NewSessionTicket.java Sat Jun 02 21:23:02 2018 -0700
@@ -344,8 +344,8 @@
sessionCopy.setPskIdentity(nstm.ticket);
sessionCache.put(sessionCopy);
- // The handshakeContext is no longer needed
- hc.free();
+ // clean handshake context
+ hc.conContext.finishPostHandshake();
}
}
--- a/src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java Sat Jun 02 07:50:25 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java Sat Jun 02 21:23:02 2018 -0700
@@ -28,33 +28,25 @@
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.LinkedHashMap;
+import java.util.Map;
/**
* A compact implementation of HandshakeContext for post-handshake messages
*/
-
-public class PostHandshakeContext extends HandshakeContext {
-
- final static LinkedHashMap<Byte, SSLConsumer> consumers;
- static {
- consumers = new LinkedHashMap<>() {{
- put(SSLHandshake.KEY_UPDATE.id,
- SSLHandshake.KEY_UPDATE);
- put(SSLHandshake.NEW_SESSION_TICKET.id,
- SSLHandshake.NEW_SESSION_TICKET);
- }};
- }
-
+final class PostHandshakeContext extends HandshakeContext {
+ private final static Map<Byte, SSLConsumer> consumers = Map.of(
+ SSLHandshake.KEY_UPDATE.id, SSLHandshake.KEY_UPDATE,
+ SSLHandshake.NEW_SESSION_TICKET.id, SSLHandshake.NEW_SESSION_TICKET);
PostHandshakeContext(TransportContext context) throws IOException {
super(context);
if (!negotiatedProtocol.useTLS13PlusSpec()) {
- conContext.fatal(Alert.UNEXPECTED_MESSAGE, "Post-handshake not " +
- "supported in " + negotiatedProtocol.name);
+ conContext.fatal(Alert.UNEXPECTED_MESSAGE,
+ "Post-handshake not supported in " + negotiatedProtocol.name);
}
- handshakeConsumers = consumers;
+ handshakeConsumers = new LinkedHashMap<>(consumers);
handshakeFinished = true;
}
@@ -65,7 +57,6 @@
@Override
void dispatch(byte handshakeType, ByteBuffer fragment) throws IOException {
-
SSLConsumer consumer = handshakeConsumers.get(handshakeType);
if (consumer == null) {
conContext.fatal(Alert.UNEXPECTED_MESSAGE,
@@ -82,10 +73,4 @@
SSLHandshake.nameOf(handshakeType), unsoe);
}
}
-
- void free() {
- if (delegatedActions.isEmpty()) {
- conContext.handshakeContext = null;
- }
- }
}
--- a/src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java Sat Jun 02 07:50:25 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java Sat Jun 02 21:23:02 2018 -0700
@@ -288,7 +288,7 @@
// Is the handshake completed?
boolean needRetransmission =
conContext.sslContext.isDTLS() &&
- conContext.getHandshakeContext(TransportContext.PRE) != null &&
+ conContext.handshakeContext != null &&
conContext.handshakeContext.sslConfig.enableRetransmissions;
HandshakeStatus hsStatus =
tryToFinishHandshake(ciphertext.contentType);
@@ -332,8 +332,9 @@
conContext.outputRecord.isEmpty()) {
if (conContext.handshakeContext == null) {
hsStatus = HandshakeStatus.FINISHED;
- } else if (conContext.getHandshakeContext(TransportContext.POST) != null) {
- return null;
+ } else if (conContext.isPostHandshakeContext()) {
+ // unlikely, but just in case.
+ hsStatus = conContext.finishPostHandshake();
} else if (conContext.handshakeContext.handshakeFinished) {
hsStatus = conContext.finishHandshake();
}
--- a/src/java.base/share/classes/sun/security/ssl/SSLEngineOutputRecord.java Sat Jun 02 07:50:25 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/SSLEngineOutputRecord.java Sat Jun 02 21:23:02 2018 -0700
@@ -32,6 +32,7 @@
import sun.security.ssl.SSLCipher.SSLWriteCipher;
import sun.security.ssl.KeyUpdate.KeyUpdateMessage;
+import sun.security.ssl.KeyUpdate.KeyUpdateRequest;
/**
* {@code OutputRecord} implementation for {@code SSLEngine}.
@@ -255,7 +256,7 @@
PostHandshakeContext p = new PostHandshakeContext(tc);
KeyUpdate.handshakeProducer.produce(p,
- new KeyUpdateMessage(p, KeyUpdateMessage.REQUSTED));
+ new KeyUpdateMessage(p, KeyUpdateRequest.REQUSTED));
}
}
--- a/src/java.base/share/classes/sun/security/ssl/SSLSocketOutputRecord.java Sat Jun 02 07:50:25 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/SSLSocketOutputRecord.java Sat Jun 02 21:23:02 2018 -0700
@@ -32,6 +32,7 @@
import javax.net.ssl.SSLHandshakeException;
import sun.security.ssl.KeyUpdate.KeyUpdateMessage;
+import sun.security.ssl.KeyUpdate.KeyUpdateRequest;
/**
* {@code OutputRecord} implementation for {@code SSLSocket}.
@@ -311,7 +312,7 @@
PostHandshakeContext p = new PostHandshakeContext(tc);
KeyUpdate.handshakeProducer.produce(p,
- new KeyUpdateMessage(p, KeyUpdateMessage.REQUSTED));
+ new KeyUpdateMessage(p, KeyUpdateRequest.REQUSTED));
}
}
}
--- a/src/java.base/share/classes/sun/security/ssl/TransportContext.java Sat Jun 02 07:50:25 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/TransportContext.java Sat Jun 02 21:23:02 2018 -0700
@@ -64,7 +64,7 @@
boolean isBroken;
boolean isInputCloseNotified;
boolean isOutputCloseNotified;
- Exception closeReason; //SSLException or RuntimeException
+ Exception closeReason;
// negotiated security parameters
SSLSessionImpl conSession;
@@ -185,7 +185,14 @@
if (handshakeContext == null) {
if (type == SSLHandshake.KEY_UPDATE.id ||
type == SSLHandshake.NEW_SESSION_TICKET.id) {
- handshakeContext = new PostHandshakeContext(this);
+ if (isNegotiated &&
+ protocolVersion.useTLS13PlusSpec()) {
+ handshakeContext = new PostHandshakeContext(this);
+ } else {
+ fatal(Alert.UNEXPECTED_MESSAGE,
+ "Unexpected post-handshake message: " +
+ SSLHandshake.nameOf(type));
+ }
} else {
handshakeContext = sslConfig.isClientMode ?
new ClientHandshakeContext(sslContext, this) :
@@ -251,25 +258,9 @@
kickstart();
}
- final static byte PRE = 1;
- final static byte POST = 2;
-
- HandshakeContext getHandshakeContext(byte type) {
- if (handshakeContext == null) {
- return null;
- }
-
- if (type == PRE &&
- (handshakeContext instanceof ClientHandshakeContext ||
- handshakeContext instanceof ServerHandshakeContext)) {
- return handshakeContext;
- }
-
- if (type == POST && handshakeContext instanceof PostHandshakeContext) {
- return handshakeContext;
- }
-
- return null;
+ boolean isPostHandshakeContext() {
+ return handshakeContext != null &&
+ (handshakeContext instanceof PostHandshakeContext);
}
// Note: close_notify is delivered as a warning alert.
@@ -614,7 +605,8 @@
// Note; HandshakeStatus.FINISHED status is retrieved in other places.
HandshakeStatus getHandshakeStatus() {
if (!outputRecord.isEmpty()) {
- // If no handshaking, special case to wrap alters.
+ // If no handshaking, special case to wrap alters or
+ // post-handshake messages.
return HandshakeStatus.NEED_WRAP;
} else if (handshakeContext != null) {
if (!handshakeContext.delegatedActions.isEmpty()) {
@@ -647,6 +639,7 @@
inputRecord.readCipher.baseSecret = handshakeContext.baseReadSecret;
outputRecord.writeCipher.baseSecret = handshakeContext.baseWriteSecret;
}
+
handshakeContext = null;
// inputRecord and outputRecord shares the same handshakeHash
// inputRecord.handshakeHash.finish();
@@ -669,6 +662,16 @@
false);
thread.start();
}
+
+ return HandshakeStatus.FINISHED;
+ }
+
+ HandshakeStatus finishPostHandshake() {
+ handshakeContext = null;
+
+ // Note: May need trigger handshake completion even for post-handshake
+ // authenticiation in the future.
+
return HandshakeStatus.FINISHED;
}
--- a/test/jdk/sun/security/ssl/SSLSocketImpl/NonAutoClose.java Sat Jun 02 07:50:25 2018 -0700
+++ b/test/jdk/sun/security/ssl/SSLSocketImpl/NonAutoClose.java Sat Jun 02 21:23:02 2018 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -21,14 +21,18 @@
* questions.
*/
+//
+// SunJSSE does not support dynamic system properties, no way to re-use
+// system properties in samevm/agentvm mode.
+//
+
/*
* @test
* @bug 4404399
+ * @ignore this test does not work any more as the TLS spec changes the
+ * behaviors of close_notify.
* @summary When a layered SSL socket is closed, it should wait for close_notify
* @run main/othervm NonAutoClose
- *
- * SunJSSE does not support dynamic system properties, no way to re-use
- * system properties in samevm/agentvm mode.
* @author Brad Wetmore
*/
@@ -72,7 +76,7 @@
* Turn on SSL debugging?
*/
private final static boolean DEBUG = false;
- private final static boolean VERBOSE = false;
+ private final static boolean VERBOSE = true;
private final static int NUM_ITERATIONS = 10;
private final static int PLAIN_SERVER_VAL = 1;
private final static int PLAIN_CLIENT_VAL = 2;
@@ -90,7 +94,7 @@
void expectValue(int got, int expected, String msg) throws IOException {
if (VERBOSE) {
- System.out.println(msg + ": read (" + got + ")");
+ System.err.println(msg + ": read (" + got + ")");
}
if (got != expected) {
throw new IOException(msg + ": read (" + got
@@ -108,7 +112,7 @@
void doServerSide() throws Exception {
if (VERBOSE) {
- System.out.println("Starting server");
+ System.err.println("Starting server");
}
/*
@@ -137,8 +141,8 @@
for (int i = 1; i <= NUM_ITERATIONS; i++) {
if (VERBOSE) {
- System.out.println("=================================");
- System.out.println("Server Iteration #" + i);
+ System.err.println("=================================");
+ System.err.println("Server Iteration #" + i);
}
SSLSocket ssls = (SSLSocket) sslsf.createSocket(plainSocket,
@@ -158,7 +162,7 @@
ssls.close();
if (VERBOSE) {
- System.out.println("TLS socket is closed");
+ System.err.println("TLS socket is closed");
}
}
@@ -172,7 +176,7 @@
plainSocket.close();
if (VERBOSE) {
- System.out.println("Server plain socket is closed");
+ System.err.println("Server plain socket is closed");
}
}
@@ -191,7 +195,7 @@
}
if (VERBOSE) {
- System.out.println("Starting client");
+ System.err.println("Starting client");
}
/*
@@ -211,8 +215,8 @@
for (int i = 1; i <= NUM_ITERATIONS; i++) {
if (VERBOSE) {
- System.out.println("===================================");
- System.out.println("Client Iteration #" + i);
+ System.err.println("===================================");
+ System.err.println("Client Iteration #" + i);
}
SSLSocket ssls = (SSLSocket) sslsf.createSocket(plainSocket,
@@ -233,7 +237,7 @@
ssls.close();
if (VERBOSE) {
- System.out.println("Client TLS socket is closed");
+ System.err.println("Client TLS socket is closed");
}
}
@@ -247,7 +251,7 @@
plainSocket.close();
if (VERBOSE) {
- System.out.println("Client plain socket is closed");
+ System.err.println("Client plain socket is closed");
}
}
--- a/test/jdk/sun/security/ssl/internal/java.base/sun/security/ssl/TestHkdf.java Sat Jun 02 07:50:25 2018 -0700
+++ b/test/jdk/sun/security/ssl/internal/java.base/sun/security/ssl/TestHkdf.java Sat Jun 02 21:23:02 2018 -0700
@@ -184,10 +184,10 @@
result &= compareKeyAndData(actualOKM, testData.expectedOKM);
// *** HKDF Extract-then-Expand testing
- System.out.println("* HKDF-Extract-then-Expand:");
- actualOKM = kdfHkdf.extractExpand(ikmKey, saltKey, testData.info,
- testData.outLen, "HKDF-OKM2");
- result &= compareKeyAndData(actualOKM, testData.expectedOKM);
+ // System.out.println("* HKDF-Extract-then-Expand:");
+ // actualOKM = kdfHkdf.extractExpand(ikmKey, saltKey, testData.info,
+ // testData.outLen, "HKDF-OKM2");
+ // result &= compareKeyAndData(actualOKM, testData.expectedOKM);
return result;
}