jdk-sandbox: src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java@ad120e0dfcfb (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	2	* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	28	import java.io.IOException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	29	import java.nio.ByteBuffer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	30	import java.nio.ReadOnlyBufferException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	31	import java.security.AccessController;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	32	import java.security.PrivilegedActionException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	33	import java.security.PrivilegedExceptionAction;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	34	import java.util.List;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	35	import java.util.Map;
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	36	import java.util.function.BiFunction;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	37	import javax.net.ssl.SSLEngine;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	38	import javax.net.ssl.SSLEngineResult;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	39	import javax.net.ssl.SSLEngineResult.HandshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	40	import javax.net.ssl.SSLEngineResult.Status;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	41	import javax.net.ssl.SSLException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	42	import javax.net.ssl.SSLHandshakeException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	43	import javax.net.ssl.SSLKeyException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	44	import javax.net.ssl.SSLParameters;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	45	import javax.net.ssl.SSLPeerUnverifiedException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	46	import javax.net.ssl.SSLProtocolException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	47	import javax.net.ssl.SSLSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	48
90ce3da70b43 Initial load duke parents: diff changeset	49	/**
90ce3da70b43 Initial load duke parents: diff changeset	50	* Implementation of an non-blocking SSLEngine.
90ce3da70b43 Initial load duke parents: diff changeset	51	*
90ce3da70b43 Initial load duke parents: diff changeset	52	* @author Brad Wetmore
90ce3da70b43 Initial load duke parents: diff changeset	53	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	54	final class SSLEngineImpl extends SSLEngine implements SSLTransport {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	55	private final SSLContextImpl sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	56	final TransportContext conContext;
2 90ce3da70b43 Initial load duke parents: diff changeset	57
90ce3da70b43 Initial load duke parents: diff changeset	58	/**
90ce3da70b43 Initial load duke parents: diff changeset	59	* Constructor for an SSLEngine from SSLContext, without
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	60	* host/port hints.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	61	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	62	* This Engine will not be able to cache sessions, but must renegotiate
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	63	* everything by hand.
2 90ce3da70b43 Initial load duke parents: diff changeset	64	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	65	SSLEngineImpl(SSLContextImpl sslContext) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	66	this(sslContext, null, -1);
2 90ce3da70b43 Initial load duke parents: diff changeset	67	}
90ce3da70b43 Initial load duke parents: diff changeset	68
90ce3da70b43 Initial load duke parents: diff changeset	69	/**
90ce3da70b43 Initial load duke parents: diff changeset	70	* Constructor for an SSLEngine from SSLContext.
90ce3da70b43 Initial load duke parents: diff changeset	71	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	72	SSLEngineImpl(SSLContextImpl sslContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	73	String host, int port) {
2 90ce3da70b43 Initial load duke parents: diff changeset	74	super(host, port);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	75	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	76	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	77	if (sslContext.isDTLS()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	78	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	79	new DTLSInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	80	new DTLSOutputRecord(handshakeHash));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	81	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	82	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	83	new SSLEngineInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	84	new SSLEngineOutputRecord(handshakeHash));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	85	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	86
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	87	// Server name indication is a connection scope extension.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	88	if (host != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	89	this.conContext.sslConfig.serverNames =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	90	Utilities.addToSNIServerNameList(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	91	conContext.sslConfig.serverNames, host);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	92	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	93	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	94
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	95	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	96	public synchronized void beginHandshake() throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	97	if (conContext.isUnsureMode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	98	throw new IllegalStateException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	99	"Client/Server mode has not yet been set.");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	100	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	101
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	102	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	103	conContext.kickstart();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	104	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	105	conContext.fatal(Alert.HANDSHAKE_FAILURE,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	106	"Couldn't kickstart handshaking", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	107	} catch (Exception ex) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	108	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	109	"Fail to begin handshake", ex);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	110	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	111	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	112
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	113	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	114	public synchronized SSLEngineResult wrap(ByteBuffer[] appData,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	115	int offset, int length, ByteBuffer netData) throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	116	return wrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	117	appData, offset, length, new ByteBuffer[]{ netData }, 0, 1);
2 90ce3da70b43 Initial load duke parents: diff changeset	118	}
90ce3da70b43 Initial load duke parents: diff changeset	119
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	120	// @Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	121	public synchronized SSLEngineResult wrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	122	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	123	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	124
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	125	if (conContext.isUnsureMode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	126	throw new IllegalStateException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	127	"Client/Server mode has not yet been set.");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	128	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	129
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	130	// See if the handshaker needs to report back some SSLException.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	131	if (conContext.outputRecord.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	132	checkTaskThrown();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	133	} // Otherwise, deliver cached records before throwing task exception.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	134
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	135	// check parameters
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	136	checkParams(srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	137
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	138	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	139	return writeRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	140	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	141	} catch (SSLProtocolException spe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	142	// may be an unexpected handshake message
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	143	conContext.fatal(Alert.UNEXPECTED_MESSAGE, spe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	144	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	145	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	146	"problem wrapping app data", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	147	} catch (Exception ex) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	148	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	149	"Fail to wrap application data", ex);
2 90ce3da70b43 Initial load duke parents: diff changeset	150	}
90ce3da70b43 Initial load duke parents: diff changeset	151
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	152	return null; // make compiler happy
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	153	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	154
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	155	private SSLEngineResult writeRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	156	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	157	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	158
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	159	if (isOutboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	160	return new SSLEngineResult(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	161	Status.CLOSED, getHandshakeStatus(), 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	162	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	163
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	164	HandshakeContext hc = conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	165	HandshakeStatus hsStatus = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	166	if (!conContext.isNegotiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	167	conContext.kickstart();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	168
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	169	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	170	if (hsStatus == HandshakeStatus.NEED_UNWRAP) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	171	/*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	172	* For DTLS, if the handshake state is
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	173	* HandshakeStatus.NEED_UNWRAP, a call to SSLEngine.wrap()
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	174	* means that the previous handshake packets (if delivered)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	175	* get lost, and need retransmit the handshake messages.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	176	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	177	if (!sslContext.isDTLS() \|\| hc == null \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	178	!hc.sslConfig.enableRetransmissions \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	179	conContext.outputRecord.firstMessage) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	180
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	181	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	182	} // otherwise, need retransmission
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	183	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	184	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	185
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	186	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	187	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	188	}
2 90ce3da70b43 Initial load duke parents: diff changeset	189
90ce3da70b43 Initial load duke parents: diff changeset	190	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	191	* If we have a task outstanding, this MUST be done before
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	192	* doing any more wrapping, because we could be in the middle
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	193	* of receiving a handshake message, for example, a finished
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	194	* message which would change the ciphers.
2 90ce3da70b43 Initial load duke parents: diff changeset	195	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	196	if (hsStatus == HandshakeStatus.NEED_TASK) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	197	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	198	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	199
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	200	int dstsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	201	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	202	dstsRemains += dsts[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	203	}
2 90ce3da70b43 Initial load duke parents: diff changeset	204
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	205	// Check destination buffer size.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	206	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	207	// We can be smarter about using smaller buffer sizes later. For
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	208	// now, force it to be large enough to handle any valid record.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	209	if (dstsRemains < conContext.conSession.getPacketBufferSize()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	210	return new SSLEngineResult(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	211	Status.BUFFER_OVERFLOW, getHandshakeStatus(), 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	212	}
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	213
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	214	int srcsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	215	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	216	srcsRemains += srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	217	}
6856 533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	218
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	219	Ciphertext ciphertext = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	220	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	221	// Acquire the buffered to-be-delivered records or retransmissions.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	222	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	223	// May have buffered records, or need retransmission if handshaking.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	224	if (!conContext.outputRecord.isEmpty() \|\| (hc != null &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	225	hc.sslConfig.enableRetransmissions &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	226	hc.sslContext.isDTLS() &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	227	hsStatus == HandshakeStatus.NEED_UNWRAP)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	228	ciphertext = encode(null, 0, 0,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	229	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	230	}
2 90ce3da70b43 Initial load duke parents: diff changeset	231
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	232	if (ciphertext == null && srcsRemains != 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	233	ciphertext = encode(srcs, srcsOffset, srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	234	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	235	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	236	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	237	if (ioe instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	238	throw ioe;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	239	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	240	throw new SSLException("Write problems", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	241	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	242	}
2 90ce3da70b43 Initial load duke parents: diff changeset	243
90ce3da70b43 Initial load duke parents: diff changeset	244	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	245	* Check for status.
2 90ce3da70b43 Initial load duke parents: diff changeset	246	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	247	Status status = (isOutboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	248	if (ciphertext != null && ciphertext.handshakeStatus != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	249	hsStatus = ciphertext.handshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	250	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	251	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	252	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	253
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	254	int deltaSrcs = srcsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	255	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	256	deltaSrcs -= srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	257	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	258
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	259	int deltaDsts = dstsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	260	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	261	deltaDsts -= dsts[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	262	}
2 90ce3da70b43 Initial load duke parents: diff changeset	263
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	264	return new SSLEngineResult(status, hsStatus, deltaSrcs, deltaDsts,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	265	ciphertext != null ? ciphertext.recordSN : -1L);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	266	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	267
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	268	private Ciphertext encode(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	269	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	270	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	271
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	272	Ciphertext ciphertext = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	273	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	274	ciphertext = conContext.outputRecord.encode(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	275	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	276	} catch (SSLHandshakeException she) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	277	// may be record sequence number overflow
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	278	conContext.fatal(Alert.HANDSHAKE_FAILURE, she);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	279	} catch (IOException e) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	280	conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	281	}
2 90ce3da70b43 Initial load duke parents: diff changeset	282
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	283	if (ciphertext == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	284	return Ciphertext.CIPHERTEXT_NULL;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	285	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	286
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	287	// Is the handshake completed?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	288	boolean needRetransmission =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	289	conContext.sslContext.isDTLS() &&
56544 ad120e0dfcfb start/beginHandshake and more post-handshake changes ascarpino parents: 56542 diff changeset	290	conContext.getHandshakeContext(TransportContext.PRE) != null &&
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	291	conContext.handshakeContext.sslConfig.enableRetransmissions;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	292	HandshakeStatus hsStatus =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	293	tryToFinishHandshake(ciphertext.contentType);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	294	if (needRetransmission &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	295	hsStatus == HandshakeStatus.FINISHED &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	296	conContext.sslContext.isDTLS() &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	297	ciphertext.handshakeType == SSLHandshake.FINISHED.id) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	298	// Retransmit the last flight for DTLS.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	299	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	300	// The application data transactions may begin immediately
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	301	// after the last flight. If the last flight get lost, the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	302	// application data may be discarded accordingly. As could
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	303	// be an issue for some applications. This impact can be
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	304	// mitigated by sending the last fligth twice.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	305	if (SSLLogger.isOn && SSLLogger.isOn("ssl,verbose")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	306	SSLLogger.finest("retransmit the last flight messages");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	307	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	308
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	309	conContext.outputRecord.launchRetransmission();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	310	hsStatus = HandshakeStatus.NEED_WRAP;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	311	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	312
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	313	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	314	hsStatus = conContext.getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	315	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	316
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	317	// Is the sequence number is nearly overflow?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	318	if (conContext.outputRecord.seqNumIsHuge()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	319	hsStatus = tryKeyUpdate(hsStatus);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	320	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	321
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	322	// update context status
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	323	ciphertext.handshakeStatus = hsStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	324
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	325	return ciphertext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	326	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	327
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	328	private HandshakeStatus tryToFinishHandshake(byte contentType) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	329	HandshakeStatus hsStatus = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	330	if ((contentType == ContentType.HANDSHAKE.id) &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	331	conContext.outputRecord.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	332	if (conContext.handshakeContext == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	333	hsStatus = HandshakeStatus.FINISHED;
56544 ad120e0dfcfb start/beginHandshake and more post-handshake changes ascarpino parents: 56542 diff changeset	334	} else if (conContext.getHandshakeContext(TransportContext.POST) != null) {
ad120e0dfcfb start/beginHandshake and more post-handshake changes ascarpino parents: 56542 diff changeset	335	return null;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	336	} else if (conContext.handshakeContext.handshakeFinished) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	337	hsStatus = conContext.finishHandshake();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	338	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	339	} // Otherwise, the followed call to getHSStatus() will help.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	340
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	341	return hsStatus;
2 90ce3da70b43 Initial load duke parents: diff changeset	342	}
90ce3da70b43 Initial load duke parents: diff changeset	343
90ce3da70b43 Initial load duke parents: diff changeset	344	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	345	* Try renegotiation or key update for sequence number wrap.
2 90ce3da70b43 Initial load duke parents: diff changeset	346	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	347	* Note that in order to maintain the handshake status properly, we check
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	348	* the sequence number after the last record reading/writing process. As
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	349	* we request renegotiation or close the connection for wrapped sequence
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	350	* number when there is enough sequence number space left to handle a few
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	351	* more records, so the sequence number of the last record cannot be
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	352	* wrapped.
2 90ce3da70b43 Initial load duke parents: diff changeset	353	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	354	private HandshakeStatus tryKeyUpdate(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	355	HandshakeStatus currentHandshakeStatus) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	356	// Don't bother to kickstart the renegotiation or key update when the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	357	// local is asking for it.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	358	if ((conContext.handshakeContext == null) &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	359	!conContext.isClosed() && !conContext.isBroken) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	360	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	361	SSLLogger.finest("key update to wrap sequence number");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	362	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	363	conContext.keyUpdate();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	364	return conContext.getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	365	}
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	366
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	367	return currentHandshakeStatus;
2 90ce3da70b43 Initial load duke parents: diff changeset	368	}
90ce3da70b43 Initial load duke parents: diff changeset	369
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	370	private static void checkParams(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	371	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	372	ByteBuffer[] dsts, int dstsOffset, int dstsLength) {
2 90ce3da70b43 Initial load duke parents: diff changeset	373
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	374	if ((srcs == null) \|\| (dsts == null)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	375	throw new IllegalArgumentException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	376	"source or destination buffer is null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	377	}
2 90ce3da70b43 Initial load duke parents: diff changeset	378
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	379	if ((srcsOffset < 0) \|\| (srcsLength < 0) \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	380	(srcsOffset > srcs.length - srcsLength)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	381	throw new IndexOutOfBoundsException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	382	"index out of bound of the source buffers");
2 90ce3da70b43 Initial load duke parents: diff changeset	383	}
1763 0a6b65d56746 6750401: SSL stress test with GF leads to 32 bit max process size in less than 5 minutes,with PCKS11 provider wetmore parents: 2 diff changeset	384
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	385	if ((dstsOffset < 0) \|\| (dstsLength < 0) \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	386	(dstsOffset > dsts.length - dstsLength)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	387	throw new IndexOutOfBoundsException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	388	"index out of bound of the destination buffers");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	389	}
2 90ce3da70b43 Initial load duke parents: diff changeset	390
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	391	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	392	if (srcs[i] == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	393	throw new IllegalArgumentException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	394	"source buffer[" + i + "] == null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	395	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	396	}
2 90ce3da70b43 Initial load duke parents: diff changeset	397
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	398	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	399	if (dsts[i] == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	400	throw new IllegalArgumentException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	401	"destination buffer[" + i + "] == null");
6856 533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	402	}
533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	403
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	404	/*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	405	* Make sure the destination bufffers are writable.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	406	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	407	if (dsts[i].isReadOnly()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	408	throw new ReadOnlyBufferException();
2 90ce3da70b43 Initial load duke parents: diff changeset	409	}
90ce3da70b43 Initial load duke parents: diff changeset	410	}
90ce3da70b43 Initial load duke parents: diff changeset	411	}
90ce3da70b43 Initial load duke parents: diff changeset	412
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	413	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	414	public synchronized SSLEngineResult unwrap(ByteBuffer src,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	415	ByteBuffer[] dsts, int offset, int length) throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	416	return unwrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	417	new ByteBuffer[]{src}, 0, 1, dsts, offset, length);
2 90ce3da70b43 Initial load duke parents: diff changeset	418	}
90ce3da70b43 Initial load duke parents: diff changeset	419
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	420	// @Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	421	public synchronized SSLEngineResult unwrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	422	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	423	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException {
2 90ce3da70b43 Initial load duke parents: diff changeset	424
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	425	if (conContext.isUnsureMode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	426	throw new IllegalStateException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	427	"Client/Server mode has not yet been set.");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	428	}
2 90ce3da70b43 Initial load duke parents: diff changeset	429
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	430	// See if the handshaker needs to report back some SSLException.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	431	checkTaskThrown();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	432
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	433	// check parameters
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	434	checkParams(srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
2 90ce3da70b43 Initial load duke parents: diff changeset	435
90ce3da70b43 Initial load duke parents: diff changeset	436	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	437	return readRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	438	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	439	} catch (SSLProtocolException spe) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	440	// may be an unexpected handshake message
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	441	conContext.fatal(Alert.UNEXPECTED_MESSAGE,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	442	spe.getMessage(), spe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	443	} catch (IOException ioe) {
2 90ce3da70b43 Initial load duke parents: diff changeset	444	/*
90ce3da70b43 Initial load duke parents: diff changeset	445	* Don't reset position so it looks like we didn't
90ce3da70b43 Initial load duke parents: diff changeset	446	* consume anything. We did consume something, and it
90ce3da70b43 Initial load duke parents: diff changeset	447	* got us into this situation, so report that much back.
90ce3da70b43 Initial load duke parents: diff changeset	448	* Our days of consuming are now over anyway.
90ce3da70b43 Initial load duke parents: diff changeset	449	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	450	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	451	"problem unwrapping net record", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	452	} catch (Exception ex) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	453	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	454	"Fail to unwrap network record", ex);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	455	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	456
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	457	return null; // make compiler happy
2 90ce3da70b43 Initial load duke parents: diff changeset	458	}
90ce3da70b43 Initial load duke parents: diff changeset	459
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	460	private SSLEngineResult readRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	461	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	462	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	463
90ce3da70b43 Initial load duke parents: diff changeset	464	/*
90ce3da70b43 Initial load duke parents: diff changeset	465	* Check if we are closing/closed.
90ce3da70b43 Initial load duke parents: diff changeset	466	*/
90ce3da70b43 Initial load duke parents: diff changeset	467	if (isInboundDone()) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	468	return new SSLEngineResult(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	469	Status.CLOSED, getHandshakeStatus(), 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	470	}
90ce3da70b43 Initial load duke parents: diff changeset	471
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	472	HandshakeStatus hsStatus = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	473	if (!conContext.isNegotiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	474	conContext.kickstart();
2 90ce3da70b43 Initial load duke parents: diff changeset	475
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	476	/*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	477	* If there's still outbound data to flush, we
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	478	* can return without trying to unwrap anything.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	479	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	480	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	481	if (hsStatus == HandshakeStatus.NEED_WRAP) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	482	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	483	}
90ce3da70b43 Initial load duke parents: diff changeset	484	}
90ce3da70b43 Initial load duke parents: diff changeset	485
90ce3da70b43 Initial load duke parents: diff changeset	486	if (hsStatus == null) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	487	hsStatus = getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	488	}
90ce3da70b43 Initial load duke parents: diff changeset	489
90ce3da70b43 Initial load duke parents: diff changeset	490	/*
90ce3da70b43 Initial load duke parents: diff changeset	491	* If we have a task outstanding, this MUST be done before
90ce3da70b43 Initial load duke parents: diff changeset	492	* doing any more unwrapping, because we could be in the middle
90ce3da70b43 Initial load duke parents: diff changeset	493	* of receiving a handshake message, for example, a finished
90ce3da70b43 Initial load duke parents: diff changeset	494	* message which would change the ciphers.
90ce3da70b43 Initial load duke parents: diff changeset	495	*/
90ce3da70b43 Initial load duke parents: diff changeset	496	if (hsStatus == HandshakeStatus.NEED_TASK) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	497	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	498	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	499
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	500	if (hsStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP_AGAIN) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	501	Plaintext plainText = null;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	502	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	503	plainText = decode(null, 0, 0,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	504	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	505	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	506	if (ioe instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	507	throw ioe;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	508	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	509	throw new SSLException("readRecord", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	510	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	511	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	512
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	513	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	514	if (plainText.handshakeStatus != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	515	hsStatus = plainText.handshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	516	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	517	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	518	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	519
2 90ce3da70b43 Initial load duke parents: diff changeset	520	return new SSLEngineResult(
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	521	status, hsStatus, 0, 0, plainText.recordSN);
2 90ce3da70b43 Initial load duke parents: diff changeset	522	}
90ce3da70b43 Initial load duke parents: diff changeset	523
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	524	int srcsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	525	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	526	srcsRemains += srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	527	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	528
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	529	if (srcsRemains == 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	530	return new SSLEngineResult(Status.OK, getHandshakeStatus(), 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	531	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	532
2 90ce3da70b43 Initial load duke parents: diff changeset	533	/*
90ce3da70b43 Initial load duke parents: diff changeset	534	* Check the packet to make sure enough is here.
90ce3da70b43 Initial load duke parents: diff changeset	535	* This will also indirectly check for 0 len packets.
90ce3da70b43 Initial load duke parents: diff changeset	536	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	537	int packetLen = 0;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	538	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	539	packetLen = conContext.inputRecord.bytesInCompletePacket(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	540	srcs, srcsOffset, srcsLength);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	541	} catch (SSLException ssle) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	542	// Need to discard invalid records for DTLS protocols.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	543	if (sslContext.isDTLS()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	544	if (SSLLogger.isOn && SSLLogger.isOn("ssl,verbose")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	545	SSLLogger.finest("Discard invalid DTLS records", ssle);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	546	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	547
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	548	// invalid, discard the entire data [section 4.1.2.7, RFC 6347]
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	549	// TODO
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	550	int deltaNet = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	551	// int deltaNet = netData.remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	552	// netData.position(netData.limit());
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	553
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	554	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	555	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	556	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	557	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	558
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	559	return new SSLEngineResult(status, hsStatus, deltaNet, 0, -1L);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	560	} else {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	561	throw ssle;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	562	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	563	}
2 90ce3da70b43 Initial load duke parents: diff changeset	564
90ce3da70b43 Initial load duke parents: diff changeset	565	// Is this packet bigger than SSL/TLS normally allows?
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	566	if (packetLen > conContext.conSession.getPacketBufferSize()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	567	int largestRecordSize = sslContext.isDTLS() ?
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	568	DTLSRecord.maxRecordSize : SSLRecord.maxLargeRecordSize;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	569	if ((packetLen <= largestRecordSize) && !sslContext.isDTLS()) {
2 90ce3da70b43 Initial load duke parents: diff changeset	570	// Expand the expected maximum packet/application buffer
90ce3da70b43 Initial load duke parents: diff changeset	571	// sizes.
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	572	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	573	// Only apply to SSL/TLS protocols.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	574
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	575	// Old behavior: shall we honor the System Property
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	576	// "jsse.SSLEngine.acceptLargeFragments" if it is "false"?
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	577	conContext.conSession.expandBufferSizes();
2 90ce3da70b43 Initial load duke parents: diff changeset	578	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	579
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	580	// check the packet again
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	581	largestRecordSize = conContext.conSession.getPacketBufferSize();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	582	if (packetLen > largestRecordSize) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	583	throw new SSLProtocolException(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	584	"Input record too big: max = " +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	585	largestRecordSize + " len = " + packetLen);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	586	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	587	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	588
2 90ce3da70b43 Initial load duke parents: diff changeset	589	/*
90ce3da70b43 Initial load duke parents: diff changeset	590	* Check for OVERFLOW.
90ce3da70b43 Initial load duke parents: diff changeset	591	*
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	592	* Delay enforcing the application buffer free space requirement
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	593	* until after the initial handshaking.
2 90ce3da70b43 Initial load duke parents: diff changeset	594	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	595	int dstsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	596	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	597	dstsRemains += dsts[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	598	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	599
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	600	if (conContext.isNegotiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	601	int FragLen =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	602	conContext.inputRecord.estimateFragmentSize(packetLen);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	603	if (FragLen > dstsRemains) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	604	return new SSLEngineResult(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	605	Status.BUFFER_OVERFLOW, hsStatus, 0, 0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	606	}
2 90ce3da70b43 Initial load duke parents: diff changeset	607	}
90ce3da70b43 Initial load duke parents: diff changeset	608
90ce3da70b43 Initial load duke parents: diff changeset	609	// check for UNDERFLOW.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	610	if ((packetLen == -1) \|\| (srcsRemains < packetLen)) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	611	return new SSLEngineResult(Status.BUFFER_UNDERFLOW, hsStatus, 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	612	}
90ce3da70b43 Initial load duke parents: diff changeset	613
90ce3da70b43 Initial load duke parents: diff changeset	614	/*
90ce3da70b43 Initial load duke parents: diff changeset	615	* We're now ready to actually do the read.
90ce3da70b43 Initial load duke parents: diff changeset	616	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	617	Plaintext plainText = null;
2 90ce3da70b43 Initial load duke parents: diff changeset	618	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	619	plainText = decode(srcs, srcsOffset, srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	620	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	621	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	622	if (ioe instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	623	throw ioe;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	624	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	625	throw new SSLException("readRecord", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	626	}
2 90ce3da70b43 Initial load duke parents: diff changeset	627	}
90ce3da70b43 Initial load duke parents: diff changeset	628
90ce3da70b43 Initial load duke parents: diff changeset	629	/*
90ce3da70b43 Initial load duke parents: diff changeset	630	* Check the various condition that we could be reporting.
90ce3da70b43 Initial load duke parents: diff changeset	631	*
90ce3da70b43 Initial load duke parents: diff changeset	632	* It's possible something might have happened between the
90ce3da70b43 Initial load duke parents: diff changeset	633	* above and now, but it was better to minimally lock "this"
90ce3da70b43 Initial load duke parents: diff changeset	634	* during the read process. We'll return the current
90ce3da70b43 Initial load duke parents: diff changeset	635	* status, which is more representative of the current state.
90ce3da70b43 Initial load duke parents: diff changeset	636	*
90ce3da70b43 Initial load duke parents: diff changeset	637	* status above should cover: FINISHED, NEED_TASK
90ce3da70b43 Initial load duke parents: diff changeset	638	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	639	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	640	if (plainText.handshakeStatus != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	641	hsStatus = plainText.handshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	642	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	643	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	644	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	645
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	646	int deltaNet = srcsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	647	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	648	deltaNet -= srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	649	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	650
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	651	int deltaApp = dstsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	652	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	653	deltaApp -= dsts[i].remaining();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	654	}
2 90ce3da70b43 Initial load duke parents: diff changeset	655
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	656	return new SSLEngineResult(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	657	status, hsStatus, deltaNet, deltaApp, plainText.recordSN);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	658	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	659
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	660	private Plaintext decode(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	661	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	662	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	663
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	664	Plaintext pt = SSLTransport.decode(conContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	665	srcs, srcsOffset, srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	666	dsts, dstsOffset, dstsLength);
2 90ce3da70b43 Initial load duke parents: diff changeset	667
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	668	// Is the handshake completed?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	669	if (pt != Plaintext.PLAINTEXT_NULL) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	670	HandshakeStatus hsStatus = tryToFinishHandshake(pt.contentType);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	671	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	672	pt.handshakeStatus = conContext.getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	673	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	674	pt.handshakeStatus = hsStatus;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	675	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	676
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	677	// Is the sequence number is nearly overflow?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	678	if (conContext.inputRecord.seqNumIsHuge()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	679	pt.handshakeStatus =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	680	tryKeyUpdate(pt.handshakeStatus);
2 90ce3da70b43 Initial load duke parents: diff changeset	681	}
90ce3da70b43 Initial load duke parents: diff changeset	682	}
90ce3da70b43 Initial load duke parents: diff changeset	683
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	684	return pt;
2 90ce3da70b43 Initial load duke parents: diff changeset	685	}
90ce3da70b43 Initial load duke parents: diff changeset	686
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	687	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	688	public synchronized Runnable getDelegatedTask() {
56544 ad120e0dfcfb start/beginHandshake and more post-handshake changes ascarpino parents: 56542 diff changeset	689	if (conContext.handshakeContext != null && // PRE or POST handshake
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	690	!conContext.handshakeContext.taskDelegated &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	691	!conContext.handshakeContext.delegatedActions.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	692	conContext.handshakeContext.taskDelegated = true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	693	return new DelegatedTask(this);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	694	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	695
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	696	return null;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	697	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	698
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	699	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	700	public synchronized void closeInbound() throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	701	conContext.closeInbound();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	702	}
2 90ce3da70b43 Initial load duke parents: diff changeset	703
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	704	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	705	public synchronized boolean isInboundDone() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	706	return conContext.isInboundDone();
2 90ce3da70b43 Initial load duke parents: diff changeset	707	}
90ce3da70b43 Initial load duke parents: diff changeset	708
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	709	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	710	public synchronized void closeOutbound() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	711	conContext.closeOutbound();
2 90ce3da70b43 Initial load duke parents: diff changeset	712	}
90ce3da70b43 Initial load duke parents: diff changeset	713
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	714	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	715	public synchronized boolean isOutboundDone() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	716	return conContext.isOutboundDone();
2 90ce3da70b43 Initial load duke parents: diff changeset	717	}
90ce3da70b43 Initial load duke parents: diff changeset	718
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	719	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	720	public String[] getSupportedCipherSuites() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	721	return CipherSuite.namesOf(sslContext.getSupportedCipherSuites());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	722	}
2 90ce3da70b43 Initial load duke parents: diff changeset	723
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	724	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	725	public synchronized String[] getEnabledCipherSuites() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	726	return CipherSuite.namesOf(conContext.sslConfig.enabledCipherSuites);
2 90ce3da70b43 Initial load duke parents: diff changeset	727	}
90ce3da70b43 Initial load duke parents: diff changeset	728
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	729	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	730	public synchronized void setEnabledCipherSuites(String[] suites) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	731	if (suites == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	732	throw new IllegalArgumentException("CipherSuites cannot be null");
2 90ce3da70b43 Initial load duke parents: diff changeset	733	}
90ce3da70b43 Initial load duke parents: diff changeset	734
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	735	conContext.sslConfig.enabledCipherSuites =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	736	CipherSuite.validValuesOf(suites);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	737	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	738
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	739	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	740	public String[] getSupportedProtocols() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	741	return ProtocolVersion.toStringArray(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	742	sslContext.getSuportedProtocolVersions());
2 90ce3da70b43 Initial load duke parents: diff changeset	743	}
90ce3da70b43 Initial load duke parents: diff changeset	744
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	745	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	746	public synchronized String[] getEnabledProtocols() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	747	return ProtocolVersion.toStringArray(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	748	conContext.sslConfig.enabledProtocols);
2 90ce3da70b43 Initial load duke parents: diff changeset	749	}
90ce3da70b43 Initial load duke parents: diff changeset	750
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	751	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	752	public synchronized void setEnabledProtocols(String[] protocols) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	753	if (protocols == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	754	throw new IllegalArgumentException("Protocols cannot be null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	755	}
2 90ce3da70b43 Initial load duke parents: diff changeset	756
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	757	conContext.sslConfig.enabledProtocols =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	758	ProtocolVersion.namesOf(protocols);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	759	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	760
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	761	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	762	public synchronized SSLSession getSession() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	763	return conContext.conSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	764	}
90ce3da70b43 Initial load duke parents: diff changeset	765
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	766	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	767	public synchronized SSLSession getHandshakeSession() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	768	return conContext.handshakeContext == null ?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	769	null : conContext.handshakeContext.handshakeSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	770	}
90ce3da70b43 Initial load duke parents: diff changeset	771
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	772	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	773	public synchronized SSLEngineResult.HandshakeStatus getHandshakeStatus() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	774	return conContext.getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	775	}
90ce3da70b43 Initial load duke parents: diff changeset	776
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	777	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	778	public synchronized void setUseClientMode(boolean mode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	779	conContext.setUseClientMode(mode);
2 90ce3da70b43 Initial load duke parents: diff changeset	780	}
90ce3da70b43 Initial load duke parents: diff changeset	781
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	782	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	783	public synchronized boolean getUseClientMode() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	784	return conContext.sslConfig.isClientMode;
2 90ce3da70b43 Initial load duke parents: diff changeset	785	}
90ce3da70b43 Initial load duke parents: diff changeset	786
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	787	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	788	public synchronized void setNeedClientAuth(boolean need) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	789	conContext.sslConfig.clientAuthType =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	790	(need ? ClientAuthType.CLIENT_AUTH_REQUIRED :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	791	ClientAuthType.CLIENT_AUTH_NONE);
2 90ce3da70b43 Initial load duke parents: diff changeset	792	}
90ce3da70b43 Initial load duke parents: diff changeset	793
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	794	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	795	public synchronized boolean getNeedClientAuth() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	796	return (conContext.sslConfig.clientAuthType ==
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	797	ClientAuthType.CLIENT_AUTH_REQUIRED);
2 90ce3da70b43 Initial load duke parents: diff changeset	798	}
90ce3da70b43 Initial load duke parents: diff changeset	799
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	800	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	801	public synchronized void setWantClientAuth(boolean want) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	802	conContext.sslConfig.clientAuthType =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	803	(want ? ClientAuthType.CLIENT_AUTH_REQUESTED :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	804	ClientAuthType.CLIENT_AUTH_NONE);
2 90ce3da70b43 Initial load duke parents: diff changeset	805	}
90ce3da70b43 Initial load duke parents: diff changeset	806
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	807	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	808	public synchronized boolean getWantClientAuth() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	809	return (conContext.sslConfig.clientAuthType ==
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	810	ClientAuthType.CLIENT_AUTH_REQUESTED);
2 90ce3da70b43 Initial load duke parents: diff changeset	811	}
90ce3da70b43 Initial load duke parents: diff changeset	812
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	813	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	814	public synchronized void setEnableSessionCreation(boolean flag) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	815	conContext.sslConfig.enableSessionCreation = flag;
2 90ce3da70b43 Initial load duke parents: diff changeset	816	}
90ce3da70b43 Initial load duke parents: diff changeset	817
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	818	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	819	public synchronized boolean getEnableSessionCreation() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	820	return conContext.sslConfig.enableSessionCreation;
2 90ce3da70b43 Initial load duke parents: diff changeset	821	}
90ce3da70b43 Initial load duke parents: diff changeset	822
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	823	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	824	public synchronized SSLParameters getSSLParameters() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	825	return conContext.sslConfig.getSSLParameters();
2 90ce3da70b43 Initial load duke parents: diff changeset	826	}
90ce3da70b43 Initial load duke parents: diff changeset	827
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	828	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	829	public synchronized void setSSLParameters(SSLParameters params) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	830	conContext.sslConfig.setSSLParameters(params);
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	831
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	832	if (conContext.sslConfig.maximumPacketSize != 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	833	conContext.outputRecord.changePacketSize(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	834	conContext.sslConfig.maximumPacketSize);
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	835	}
2 90ce3da70b43 Initial load duke parents: diff changeset	836	}
90ce3da70b43 Initial load duke parents: diff changeset	837
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	838	@Override
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	839	public synchronized String getApplicationProtocol() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	840	return conContext.applicationProtocol;
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	841	}
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	842
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	843	@Override
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	844	public synchronized String getHandshakeApplicationProtocol() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	845	return conContext.handshakeContext == null ?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	846	null : conContext.handshakeContext.applicationProtocol;
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	847	}
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	848
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	849	@Override
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	850	public synchronized void setHandshakeApplicationProtocolSelector(
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	851	BiFunction<SSLEngine, List<String>, String> selector) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	852	conContext.sslConfig.engineAPSelector = selector;
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	853	}
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	854
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	855	@Override
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	856	public synchronized BiFunction<SSLEngine, List<String>, String>
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	857	getHandshakeApplicationProtocolSelector() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	858	return conContext.sslConfig.engineAPSelector;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	859	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	860
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	861	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	862	public boolean useDelegatedTask() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	863	return true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	864	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	865
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	866	private synchronized void checkTaskThrown() throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	867	HandshakeContext hc = conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	868	if (hc != null && hc.delegatedThrown != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	869	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	870	throw getTaskThrown(hc.delegatedThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	871	} finally {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	872	hc.delegatedThrown = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	873	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	874	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	875
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	876	if (conContext.isBroken && conContext.closeReason != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	877	throw getTaskThrown(conContext.closeReason);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	878	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	879	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	880
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	881	private static SSLException getTaskThrown(Exception taskThrown) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	882	String msg = taskThrown.getMessage();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	883
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	884	if (msg == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	885	msg = "Delegated task threw Exception or Error";
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	886	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	887
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	888	if (taskThrown instanceof RuntimeException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	889	throw new RuntimeException(msg, taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	890	} else if (taskThrown instanceof SSLHandshakeException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	891	return (SSLHandshakeException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	892	new SSLHandshakeException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	893	} else if (taskThrown instanceof SSLKeyException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	894	return (SSLKeyException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	895	new SSLKeyException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	896	} else if (taskThrown instanceof SSLPeerUnverifiedException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	897	return (SSLPeerUnverifiedException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	898	new SSLPeerUnverifiedException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	899	} else if (taskThrown instanceof SSLProtocolException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	900	return (SSLProtocolException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	901	new SSLProtocolException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	902	} else if (taskThrown instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	903	return (SSLException)taskThrown;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	904	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	905	return new SSLException(msg, taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	906	}
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	907	}
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	908
2 90ce3da70b43 Initial load duke parents: diff changeset	909	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	910	* Implement a simple task delegator.
2 90ce3da70b43 Initial load duke parents: diff changeset	911	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	912	private static class DelegatedTask implements Runnable {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	913	private final SSLEngineImpl engine;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	914
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	915	DelegatedTask(SSLEngineImpl engineInstance) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	916	this.engine = engineInstance;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	917	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	918
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	919	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	920	public void run() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	921	synchronized (engine) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	922	HandshakeContext hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	923	if (hc == null \|\| hc.delegatedActions.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	924	return;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	925	}
2 90ce3da70b43 Initial load duke parents: diff changeset	926
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	927	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	928	AccessController.doPrivileged(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	929	new DelegatedAction(hc), engine.conContext.acc);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	930	} catch (PrivilegedActionException pae) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	931	// Get the handshake context again in case the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	932	// handshaking has completed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	933	hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	934	if (hc != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	935	hc.delegatedThrown = pae.getException();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	936	} else if (engine.conContext.closeReason != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	937	engine.conContext.closeReason =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	938	getTaskThrown(pae.getException());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	939	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	940	} catch (RuntimeException rte) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	941	// Get the handshake context again in case the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	942	// handshaking has completed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	943	hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	944	if (hc != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	945	hc.delegatedThrown = rte;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	946	} else if (engine.conContext.closeReason != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	947	engine.conContext.closeReason = rte;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	948	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	949	}
2 90ce3da70b43 Initial load duke parents: diff changeset	950
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	951	// Get the handshake context again in case the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	952	// handshaking has completed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	953	hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	954	if (hc != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	955	hc.taskDelegated = false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	956	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	957	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	958	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	959
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	960	private static class DelegatedAction
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	961	implements PrivilegedExceptionAction<Void> {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	962	final HandshakeContext context;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	963	DelegatedAction(HandshakeContext context) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	964	this.context = context;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	965	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	966
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	967	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	968	public Void run() throws Exception {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	969	while (!context.delegatedActions.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	970	// Report back the task SSLException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	971	if (context.delegatedThrown != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	972	Exception delegatedThrown = context.delegatedThrown;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	973	context.delegatedThrown = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	974	throw getTaskThrown(delegatedThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	975	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	976
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	977	Map.Entry<Byte, ByteBuffer> me =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	978	context.delegatedActions.poll();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	979	if (me != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	980	context.dispatch(me.getKey(), me.getValue());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	981	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	982	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	983	return null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	984	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	985	}
2 90ce3da70b43 Initial load duke parents: diff changeset	986	}
90ce3da70b43 Initial load duke parents: diff changeset	987	}

author	ascarpino
	Sun, 13 May 2018 08:52:25 -0700
branch	JDK-8145252-TLS13-branch
changeset 56544	ad120e0dfcfb
parent 56542	56aaa6cb3693
child 56594	99e0f3f3f0e4
permissions	-rw-r--r--