--- a/src/java.base/share/classes/sun/security/ssl/Alert.java Tue Jun 05 11:53:36 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/Alert.java Tue Jun 05 12:01:35 2018 -0700
@@ -29,7 +29,8 @@
import java.nio.ByteBuffer;
import java.text.MessageFormat;
import java.util.Locale;
-import javax.net.ssl.*;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLHandshakeException;
/**
* SSL/(D)TLS Alter description
--- a/src/java.base/share/classes/sun/security/ssl/Authenticator.java Tue Jun 05 11:53:36 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/Authenticator.java Tue Jun 05 12:01:35 2018 -0700
@@ -268,8 +268,8 @@
// For TLS 1.3
private static final class TLS13Authenticator extends SSLAuthenticator {
// Block size of TLS v1.3:
- // sequence number + record type + protocol version + record length
- private static final int BLOCK_SIZE = 13; // 8 + 1 + 2 + 2
+ // record type + protocol version + record length + sequence number
+ private static final int BLOCK_SIZE = 13; // 1 + 2 + 2 + 8
private TLS13Authenticator(ProtocolVersion protocolVersion) {
super(new byte[BLOCK_SIZE]);
@@ -403,7 +403,7 @@
}
}
- static interface MAC {
+ interface MAC {
MacAlg macAlg();
/**
--- a/src/java.base/share/classes/sun/security/ssl/ChangeCipherSpec.java Tue Jun 05 11:53:36 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/ChangeCipherSpec.java Tue Jun 05 12:01:35 2018 -0700
@@ -66,7 +66,7 @@
SSLKeyDerivation kd = hc.handshakeKeyDerivation;
if (!(kd instanceof LegacyTrafficKeyDerivation)) {
- throw new UnsupportedOperationException("Not supported yet.");
+ throw new UnsupportedOperationException("Not supported.");
}
LegacyTrafficKeyDerivation tkd = (LegacyTrafficKeyDerivation)kd;
CipherSuite ncs = hc.negotiatedCipherSuite;
@@ -131,7 +131,7 @@
ByteBuffer message) throws IOException {
TransportContext tc = (TransportContext)context;
- // This comsumer can be used only once.
+ // This consumer can be used only once.
tc.consumers.remove(ContentType.CHANGE_CIPHER_SPEC.id);
// parse
@@ -197,7 +197,7 @@
}
tc.inputRecord.changeReadCiphers(readCipher);
} else {
- throw new UnsupportedOperationException("Not supported yet.");
+ throw new UnsupportedOperationException("Not supported.");
}
}
}
@@ -220,7 +220,7 @@
ByteBuffer message) throws IOException {
TransportContext tc = (TransportContext)context;
- // This comsumer can be used only once.
+ // This consumer can be used only once.
tc.consumers.remove(ContentType.CHANGE_CIPHER_SPEC.id);
// parse
--- a/src/java.base/share/classes/sun/security/ssl/ClientHandshakeContext.java Tue Jun 05 11:53:36 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/ClientHandshakeContext.java Tue Jun 05 12:01:35 2018 -0700
@@ -42,7 +42,7 @@
* Endpoint identification (See
* SSLParameters.getEndpointIdentificationAlgorithm()) is a pretty nice
* guarantee that the server certificate change in renegotiation is legal.
- * However, endpoing identification is only enabled for HTTPS and LDAP
+ * However, endpoint identification is only enabled for HTTPS and LDAP
* over SSL/TLS by default. It is not enough to protect SSL/TLS
* connections other than HTTPS and LDAP.
*
@@ -64,7 +64,7 @@
* jdk.tls.allowUnsafeServerCertChange, is used to define whether unsafe
* server certificate change in renegotiation is allowed or not. The
* default value of the system property is "false". To mitigate the
- * compactibility impact, applications may want to set the system
+ * compatibility impact, applications may want to set the system
* property to "true" at their own risk.
*
* If the value of the system property is "false", server certificate
--- a/src/java.base/share/classes/sun/security/ssl/ClientHello.java Tue Jun 05 11:53:36 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/ClientHello.java Tue Jun 05 12:01:35 2018 -0700
@@ -49,7 +49,6 @@
final class ClientHello {
static final SSLProducer kickstartProducer =
new ClientHelloKickstartProducer();
-
static final SSLConsumer handshakeConsumer =
new ClientHelloConsumer();
static final HandshakeProducer handshakeProducer =
@@ -191,7 +190,7 @@
this.cipherSuites = getCipherSuites(cipherSuiteIds);
this.compressionMethod = Record.getBytes8(m);
- // In TLS 1.3, use of certain extensions is mandatory.
+ // In TLS 1.3, use of certain extensions is mandatory.
if (m.hasRemaining()) {
this.extensions =
new SSLExtensions(this, m, supportedExtensions);
@@ -311,7 +310,6 @@
@Override
public void send(HandshakeOutStream hos) throws IOException {
-
sendCore(hos);
extensions.send(hos); // In TLS 1.3, use of certain
// extensions is mandatory.
@@ -439,7 +437,7 @@
if (SSLLogger.isOn &&
SSLLogger.isOn("ssl,handshake,verbose")) {
SSLLogger.finest(
- "Can't resume, the sessoin is not rejoinable");
+ "Can't resume, the session is not rejoinable");
}
}
}
@@ -452,7 +450,7 @@
if (SSLLogger.isOn &&
SSLLogger.isOn("ssl,handshake,verbose")) {
SSLLogger.finest(
- "Can't resume, unavailable sessoin cipher suite");
+ "Can't resume, unavailable session cipher suite");
}
}
}
@@ -517,7 +515,7 @@
SSLLogger.finest("Try resuming session", session);
}
- // only set session id if session is 1.2 or earlier
+ // only set session id if session is 1.2 or earlier
if (!session.getProtocolVersion().useTLS13PlusSpec()) {
sessionId = session.getSessionId();
}
@@ -798,7 +796,7 @@
ClientHelloMessage clientHello) throws IOException {
// Negotiate protocol version.
//
- // Check and lanuch SupportedVersions.
+ // Check and launch SupportedVersions.
SSLExtension[] extTypes = new SSLExtension[] {
SSLExtension.CH_SUPPORTED_VERSIONS
};
@@ -965,7 +963,7 @@
SSLLogger.isOn("ssl,handshake,verbose")) {
SSLLogger.finest(
"Can't resume, " +
- "the existing sessoin is not rejoinable");
+ "the existing session is not rejoinable");
}
}
// Validate the negotiated protocol version.
@@ -985,7 +983,6 @@
// Validate the required client authentication.
if (resumingSession &&
(shc.sslConfig.clientAuthType == CLIENT_AUTH_REQUIRED)) {
-
try {
previous.getPeerPrincipal();
} catch (SSLPeerUnverifiedException e) {
@@ -1238,7 +1235,7 @@
SSLLogger.isOn("ssl,handshake,verbose")) {
SSLLogger.finest(
"Can't resume, " +
- "the existing sessoin is not rejoinable");
+ "the existing session is not rejoinable");
}
}
// Validate the negotiated protocol version.