jdk-sandbox: src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java@f8f7e604e1f8 (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	2	* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5182 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	28	import java.io.IOException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	29	import java.nio.ByteBuffer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	30	import java.nio.ReadOnlyBufferException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	31	import java.security.AccessController;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	32	import java.security.PrivilegedActionException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	33	import java.security.PrivilegedExceptionAction;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	34	import java.util.List;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	35	import java.util.Map;
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	36	import java.util.function.BiFunction;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	37	import javax.net.ssl.SSLEngine;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	38	import javax.net.ssl.SSLEngineResult;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	39	import javax.net.ssl.SSLEngineResult.HandshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	40	import javax.net.ssl.SSLEngineResult.Status;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	41	import javax.net.ssl.SSLException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	42	import javax.net.ssl.SSLHandshakeException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	43	import javax.net.ssl.SSLKeyException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	44	import javax.net.ssl.SSLParameters;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	45	import javax.net.ssl.SSLPeerUnverifiedException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	46	import javax.net.ssl.SSLProtocolException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	47	import javax.net.ssl.SSLSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	48
90ce3da70b43 Initial load duke parents: diff changeset	49	/**
90ce3da70b43 Initial load duke parents: diff changeset	50	* Implementation of an non-blocking SSLEngine.
90ce3da70b43 Initial load duke parents: diff changeset	51	*
90ce3da70b43 Initial load duke parents: diff changeset	52	* @author Brad Wetmore
90ce3da70b43 Initial load duke parents: diff changeset	53	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	54	final class SSLEngineImpl extends SSLEngine implements SSLTransport {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	55	private final SSLContextImpl sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	56	final TransportContext conContext;
2 90ce3da70b43 Initial load duke parents: diff changeset	57
90ce3da70b43 Initial load duke parents: diff changeset	58	/**
90ce3da70b43 Initial load duke parents: diff changeset	59	* Constructor for an SSLEngine from SSLContext, without
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	60	* host/port hints.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	61	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	62	* This Engine will not be able to cache sessions, but must renegotiate
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	63	* everything by hand.
2 90ce3da70b43 Initial load duke parents: diff changeset	64	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	65	SSLEngineImpl(SSLContextImpl sslContext) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	66	this(sslContext, null, -1);
2 90ce3da70b43 Initial load duke parents: diff changeset	67	}
90ce3da70b43 Initial load duke parents: diff changeset	68
90ce3da70b43 Initial load duke parents: diff changeset	69	/**
90ce3da70b43 Initial load duke parents: diff changeset	70	* Constructor for an SSLEngine from SSLContext.
90ce3da70b43 Initial load duke parents: diff changeset	71	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	72	SSLEngineImpl(SSLContextImpl sslContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	73	String host, int port) {
2 90ce3da70b43 Initial load duke parents: diff changeset	74	super(host, port);
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	75	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	76	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	77	if (sslContext.isDTLS()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	78	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	79	new DTLSInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	80	new DTLSOutputRecord(handshakeHash));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	81	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	82	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	83	new SSLEngineInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	84	new SSLEngineOutputRecord(handshakeHash));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	85	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	86
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	87	// Server name indication is a connection scope extension.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	88	if (host != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	89	this.conContext.sslConfig.serverNames =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	90	Utilities.addToSNIServerNameList(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	91	conContext.sslConfig.serverNames, host);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	92	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	93	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	94
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	95	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	96	public synchronized void beginHandshake() throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	97	if (conContext.isUnsureMode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	98	throw new IllegalStateException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	99	"Client/Server mode has not yet been set.");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	100	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	101
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	102	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	103	conContext.kickstart();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	104	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	105	conContext.fatal(Alert.HANDSHAKE_FAILURE,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	106	"Couldn't kickstart handshaking", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	107	} catch (Exception ex) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	108	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	109	"Fail to begin handshake", ex);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	110	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	111	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	112
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	113	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	114	public synchronized SSLEngineResult wrap(ByteBuffer[] appData,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	115	int offset, int length, ByteBuffer netData) throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	116	return wrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	117	appData, offset, length, new ByteBuffer[]{ netData }, 0, 1);
2 90ce3da70b43 Initial load duke parents: diff changeset	118	}
90ce3da70b43 Initial load duke parents: diff changeset	119
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	120	// @Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	121	public synchronized SSLEngineResult wrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	122	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	123	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	124
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	125	if (conContext.isUnsureMode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	126	throw new IllegalStateException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	127	"Client/Server mode has not yet been set.");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	128	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	129
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	130	// See if the handshaker needs to report back some SSLException.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	131	if (conContext.outputRecord.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	132	checkTaskThrown();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	133	} // Otherwise, deliver cached records before throwing task exception.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	134
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	135	// check parameters
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	136	checkParams(srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	137
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	138	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	139	return writeRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	140	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	141	} catch (SSLProtocolException spe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	142	// may be an unexpected handshake message
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	143	conContext.fatal(Alert.UNEXPECTED_MESSAGE, spe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	144	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	145	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	146	"problem wrapping app data", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	147	} catch (Exception ex) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	148	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	149	"Fail to wrap application data", ex);
2 90ce3da70b43 Initial load duke parents: diff changeset	150	}
90ce3da70b43 Initial load duke parents: diff changeset	151
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	152	return null; // make compiler happy
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	153	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	154
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	155	private SSLEngineResult writeRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	156	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	157	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	158
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	159	if (isOutboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	160	return new SSLEngineResult(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	161	Status.CLOSED, getHandshakeStatus(), 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	162	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	163
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	164	HandshakeContext hc = conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	165	HandshakeStatus hsStatus = null;
56594 99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56544 diff changeset	166	if (!conContext.isNegotiated &&
99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56544 diff changeset	167	!conContext.isClosed() && !conContext.isBroken) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	168	conContext.kickstart();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	169
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	170	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	171	if (hsStatus == HandshakeStatus.NEED_UNWRAP) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	172	/*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	173	* For DTLS, if the handshake state is
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	174	* HandshakeStatus.NEED_UNWRAP, a call to SSLEngine.wrap()
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	175	* means that the previous handshake packets (if delivered)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	176	* get lost, and need retransmit the handshake messages.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	177	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	178	if (!sslContext.isDTLS() \|\| hc == null \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	179	!hc.sslConfig.enableRetransmissions \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	180	conContext.outputRecord.firstMessage) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	181
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	182	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	183	} // otherwise, need retransmission
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	184	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	185	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	186
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	187	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	188	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	189	}
2 90ce3da70b43 Initial load duke parents: diff changeset	190
90ce3da70b43 Initial load duke parents: diff changeset	191	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	192	* If we have a task outstanding, this MUST be done before
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	193	* doing any more wrapping, because we could be in the middle
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	194	* of receiving a handshake message, for example, a finished
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	195	* message which would change the ciphers.
2 90ce3da70b43 Initial load duke parents: diff changeset	196	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	197	if (hsStatus == HandshakeStatus.NEED_TASK) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	198	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	199	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	200
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	201	int dstsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	202	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	203	dstsRemains += dsts[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	204	}
2 90ce3da70b43 Initial load duke parents: diff changeset	205
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	206	// Check destination buffer size.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	207	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	208	// We can be smarter about using smaller buffer sizes later. For
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	209	// now, force it to be large enough to handle any valid record.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	210	if (dstsRemains < conContext.conSession.getPacketBufferSize()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	211	return new SSLEngineResult(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	212	Status.BUFFER_OVERFLOW, getHandshakeStatus(), 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	213	}
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	214
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	215	int srcsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	216	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	217	srcsRemains += srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	218	}
6856 533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	219
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	220	Ciphertext ciphertext = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	221	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	222	// Acquire the buffered to-be-delivered records or retransmissions.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	223	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	224	// May have buffered records, or need retransmission if handshaking.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	225	if (!conContext.outputRecord.isEmpty() \|\| (hc != null &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	226	hc.sslConfig.enableRetransmissions &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	227	hc.sslContext.isDTLS() &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	228	hsStatus == HandshakeStatus.NEED_UNWRAP)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	229	ciphertext = encode(null, 0, 0,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	230	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	231	}
2 90ce3da70b43 Initial load duke parents: diff changeset	232
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	233	if (ciphertext == null && srcsRemains != 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	234	ciphertext = encode(srcs, srcsOffset, srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	235	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	236	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	237	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	238	if (ioe instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	239	throw ioe;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	240	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	241	throw new SSLException("Write problems", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	242	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	243	}
2 90ce3da70b43 Initial load duke parents: diff changeset	244
90ce3da70b43 Initial load duke parents: diff changeset	245	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	246	* Check for status.
2 90ce3da70b43 Initial load duke parents: diff changeset	247	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	248	Status status = (isOutboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	249	if (ciphertext != null && ciphertext.handshakeStatus != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	250	hsStatus = ciphertext.handshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	251	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	252	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	253	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	254
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	255	int deltaSrcs = srcsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	256	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	257	deltaSrcs -= srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	258	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	259
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	260	int deltaDsts = dstsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	261	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	262	deltaDsts -= dsts[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	263	}
2 90ce3da70b43 Initial load duke parents: diff changeset	264
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	265	return new SSLEngineResult(status, hsStatus, deltaSrcs, deltaDsts,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	266	ciphertext != null ? ciphertext.recordSN : -1L);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	267	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	268
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	269	private Ciphertext encode(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	270	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	271	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	272
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	273	Ciphertext ciphertext = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	274	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	275	ciphertext = conContext.outputRecord.encode(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	276	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	277	} catch (SSLHandshakeException she) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	278	// may be record sequence number overflow
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	279	conContext.fatal(Alert.HANDSHAKE_FAILURE, she);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	280	} catch (IOException e) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	281	conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	282	}
2 90ce3da70b43 Initial load duke parents: diff changeset	283
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	284	if (ciphertext == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	285	return Ciphertext.CIPHERTEXT_NULL;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	286	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	287
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	288	// Is the handshake completed?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	289	boolean needRetransmission =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	290	conContext.sslContext.isDTLS() &&
56544 ad120e0dfcfb start/beginHandshake and more post-handshake changes ascarpino parents: 56542 diff changeset	291	conContext.getHandshakeContext(TransportContext.PRE) != null &&
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	292	conContext.handshakeContext.sslConfig.enableRetransmissions;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	293	HandshakeStatus hsStatus =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	294	tryToFinishHandshake(ciphertext.contentType);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	295	if (needRetransmission &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	296	hsStatus == HandshakeStatus.FINISHED &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	297	conContext.sslContext.isDTLS() &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	298	ciphertext.handshakeType == SSLHandshake.FINISHED.id) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	299	// Retransmit the last flight for DTLS.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	300	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	301	// The application data transactions may begin immediately
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	302	// after the last flight. If the last flight get lost, the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	303	// application data may be discarded accordingly. As could
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	304	// be an issue for some applications. This impact can be
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	305	// mitigated by sending the last fligth twice.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	306	if (SSLLogger.isOn && SSLLogger.isOn("ssl,verbose")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	307	SSLLogger.finest("retransmit the last flight messages");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	308	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	309
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	310	conContext.outputRecord.launchRetransmission();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	311	hsStatus = HandshakeStatus.NEED_WRAP;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	312	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	313
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	314	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	315	hsStatus = conContext.getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	316	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	317
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	318	// Is the sequence number is nearly overflow?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	319	if (conContext.outputRecord.seqNumIsHuge()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	320	hsStatus = tryKeyUpdate(hsStatus);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	321	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	322
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	323	// update context status
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	324	ciphertext.handshakeStatus = hsStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	325
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	326	return ciphertext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	327	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	328
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	329	private HandshakeStatus tryToFinishHandshake(byte contentType) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	330	HandshakeStatus hsStatus = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	331	if ((contentType == ContentType.HANDSHAKE.id) &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	332	conContext.outputRecord.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	333	if (conContext.handshakeContext == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	334	hsStatus = HandshakeStatus.FINISHED;
56544 ad120e0dfcfb start/beginHandshake and more post-handshake changes ascarpino parents: 56542 diff changeset	335	} else if (conContext.getHandshakeContext(TransportContext.POST) != null) {
ad120e0dfcfb start/beginHandshake and more post-handshake changes ascarpino parents: 56542 diff changeset	336	return null;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	337	} else if (conContext.handshakeContext.handshakeFinished) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	338	hsStatus = conContext.finishHandshake();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	339	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	340	} // Otherwise, the followed call to getHSStatus() will help.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	341
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	342	return hsStatus;
2 90ce3da70b43 Initial load duke parents: diff changeset	343	}
90ce3da70b43 Initial load duke parents: diff changeset	344
90ce3da70b43 Initial load duke parents: diff changeset	345	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	346	* Try renegotiation or key update for sequence number wrap.
2 90ce3da70b43 Initial load duke parents: diff changeset	347	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	348	* Note that in order to maintain the handshake status properly, we check
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	349	* the sequence number after the last record reading/writing process. As
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	350	* we request renegotiation or close the connection for wrapped sequence
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	351	* number when there is enough sequence number space left to handle a few
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	352	* more records, so the sequence number of the last record cannot be
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	353	* wrapped.
2 90ce3da70b43 Initial load duke parents: diff changeset	354	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	355	private HandshakeStatus tryKeyUpdate(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	356	HandshakeStatus currentHandshakeStatus) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	357	// Don't bother to kickstart the renegotiation or key update when the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	358	// local is asking for it.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	359	if ((conContext.handshakeContext == null) &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	360	!conContext.isClosed() && !conContext.isBroken) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	361	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	362	SSLLogger.finest("key update to wrap sequence number");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	363	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	364	conContext.keyUpdate();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	365	return conContext.getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	366	}
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	367
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	368	return currentHandshakeStatus;
2 90ce3da70b43 Initial load duke parents: diff changeset	369	}
90ce3da70b43 Initial load duke parents: diff changeset	370
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	371	private static void checkParams(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	372	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	373	ByteBuffer[] dsts, int dstsOffset, int dstsLength) {
2 90ce3da70b43 Initial load duke parents: diff changeset	374
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	375	if ((srcs == null) \|\| (dsts == null)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	376	throw new IllegalArgumentException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	377	"source or destination buffer is null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	378	}
2 90ce3da70b43 Initial load duke parents: diff changeset	379
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	380	if ((srcsOffset < 0) \|\| (srcsLength < 0) \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	381	(srcsOffset > srcs.length - srcsLength)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	382	throw new IndexOutOfBoundsException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	383	"index out of bound of the source buffers");
2 90ce3da70b43 Initial load duke parents: diff changeset	384	}
1763 0a6b65d56746 6750401: SSL stress test with GF leads to 32 bit max process size in less than 5 minutes,with PCKS11 provider wetmore parents: 2 diff changeset	385
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	386	if ((dstsOffset < 0) \|\| (dstsLength < 0) \|\|
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	387	(dstsOffset > dsts.length - dstsLength)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	388	throw new IndexOutOfBoundsException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	389	"index out of bound of the destination buffers");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	390	}
2 90ce3da70b43 Initial load duke parents: diff changeset	391
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	392	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	393	if (srcs[i] == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	394	throw new IllegalArgumentException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	395	"source buffer[" + i + "] == null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	396	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	397	}
2 90ce3da70b43 Initial load duke parents: diff changeset	398
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	399	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	400	if (dsts[i] == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	401	throw new IllegalArgumentException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	402	"destination buffer[" + i + "] == null");
6856 533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	403	}
533f4ad71f88 6914943: Implement final TLS renegotiation fix xuelei parents: 5506 diff changeset	404
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	405	/*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	406	* Make sure the destination bufffers are writable.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	407	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	408	if (dsts[i].isReadOnly()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	409	throw new ReadOnlyBufferException();
2 90ce3da70b43 Initial load duke parents: diff changeset	410	}
90ce3da70b43 Initial load duke parents: diff changeset	411	}
90ce3da70b43 Initial load duke parents: diff changeset	412	}
90ce3da70b43 Initial load duke parents: diff changeset	413
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	414	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	415	public synchronized SSLEngineResult unwrap(ByteBuffer src,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	416	ByteBuffer[] dsts, int offset, int length) throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	417	return unwrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	418	new ByteBuffer[]{src}, 0, 1, dsts, offset, length);
2 90ce3da70b43 Initial load duke parents: diff changeset	419	}
90ce3da70b43 Initial load duke parents: diff changeset	420
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	421	// @Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	422	public synchronized SSLEngineResult unwrap(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	423	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	424	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException {
2 90ce3da70b43 Initial load duke parents: diff changeset	425
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	426	if (conContext.isUnsureMode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	427	throw new IllegalStateException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	428	"Client/Server mode has not yet been set.");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	429	}
2 90ce3da70b43 Initial load duke parents: diff changeset	430
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	431	// See if the handshaker needs to report back some SSLException.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	432	checkTaskThrown();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	433
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	434	// check parameters
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	435	checkParams(srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
2 90ce3da70b43 Initial load duke parents: diff changeset	436
90ce3da70b43 Initial load duke parents: diff changeset	437	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	438	return readRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	439	srcs, srcsOffset, srcsLength, dsts, dstsOffset, dstsLength);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	440	} catch (SSLProtocolException spe) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	441	// may be an unexpected handshake message
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	442	conContext.fatal(Alert.UNEXPECTED_MESSAGE,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	443	spe.getMessage(), spe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	444	} catch (IOException ioe) {
2 90ce3da70b43 Initial load duke parents: diff changeset	445	/*
90ce3da70b43 Initial load duke parents: diff changeset	446	* Don't reset position so it looks like we didn't
90ce3da70b43 Initial load duke parents: diff changeset	447	* consume anything. We did consume something, and it
90ce3da70b43 Initial load duke parents: diff changeset	448	* got us into this situation, so report that much back.
90ce3da70b43 Initial load duke parents: diff changeset	449	* Our days of consuming are now over anyway.
90ce3da70b43 Initial load duke parents: diff changeset	450	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	451	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	452	"problem unwrapping net record", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	453	} catch (Exception ex) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	454	conContext.fatal(Alert.INTERNAL_ERROR,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	455	"Fail to unwrap network record", ex);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	456	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	457
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	458	return null; // make compiler happy
2 90ce3da70b43 Initial load duke parents: diff changeset	459	}
90ce3da70b43 Initial load duke parents: diff changeset	460
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	461	private SSLEngineResult readRecord(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	462	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	463	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	464
90ce3da70b43 Initial load duke parents: diff changeset	465	/*
90ce3da70b43 Initial load duke parents: diff changeset	466	* Check if we are closing/closed.
90ce3da70b43 Initial load duke parents: diff changeset	467	*/
90ce3da70b43 Initial load duke parents: diff changeset	468	if (isInboundDone()) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	469	return new SSLEngineResult(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	470	Status.CLOSED, getHandshakeStatus(), 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	471	}
90ce3da70b43 Initial load duke parents: diff changeset	472
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	473	HandshakeStatus hsStatus = null;
56594 99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56544 diff changeset	474	if (!conContext.isNegotiated &&
99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56544 diff changeset	475	!conContext.isClosed() && !conContext.isBroken) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	476	conContext.kickstart();
2 90ce3da70b43 Initial load duke parents: diff changeset	477
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	478	/*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	479	* If there's still outbound data to flush, we
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	480	* can return without trying to unwrap anything.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	481	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	482	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	483	if (hsStatus == HandshakeStatus.NEED_WRAP) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	484	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	485	}
90ce3da70b43 Initial load duke parents: diff changeset	486	}
90ce3da70b43 Initial load duke parents: diff changeset	487
90ce3da70b43 Initial load duke parents: diff changeset	488	if (hsStatus == null) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	489	hsStatus = getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	490	}
90ce3da70b43 Initial load duke parents: diff changeset	491
90ce3da70b43 Initial load duke parents: diff changeset	492	/*
90ce3da70b43 Initial load duke parents: diff changeset	493	* If we have a task outstanding, this MUST be done before
90ce3da70b43 Initial load duke parents: diff changeset	494	* doing any more unwrapping, because we could be in the middle
90ce3da70b43 Initial load duke parents: diff changeset	495	* of receiving a handshake message, for example, a finished
90ce3da70b43 Initial load duke parents: diff changeset	496	* message which would change the ciphers.
90ce3da70b43 Initial load duke parents: diff changeset	497	*/
90ce3da70b43 Initial load duke parents: diff changeset	498	if (hsStatus == HandshakeStatus.NEED_TASK) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	499	return new SSLEngineResult(Status.OK, hsStatus, 0, 0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	500	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	501
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	502	if (hsStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP_AGAIN) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	503	Plaintext plainText = null;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	504	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	505	plainText = decode(null, 0, 0,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	506	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	507	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	508	if (ioe instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	509	throw ioe;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	510	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	511	throw new SSLException("readRecord", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	512	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	513	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	514
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	515	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	516	if (plainText.handshakeStatus != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	517	hsStatus = plainText.handshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	518	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	519	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	520	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	521
2 90ce3da70b43 Initial load duke parents: diff changeset	522	return new SSLEngineResult(
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	523	status, hsStatus, 0, 0, plainText.recordSN);
2 90ce3da70b43 Initial load duke parents: diff changeset	524	}
90ce3da70b43 Initial load duke parents: diff changeset	525
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	526	int srcsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	527	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	528	srcsRemains += srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	529	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	530
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	531	if (srcsRemains == 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	532	return new SSLEngineResult(Status.OK, getHandshakeStatus(), 0, 0);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	533	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	534
2 90ce3da70b43 Initial load duke parents: diff changeset	535	/*
90ce3da70b43 Initial load duke parents: diff changeset	536	* Check the packet to make sure enough is here.
90ce3da70b43 Initial load duke parents: diff changeset	537	* This will also indirectly check for 0 len packets.
90ce3da70b43 Initial load duke parents: diff changeset	538	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	539	int packetLen = 0;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	540	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	541	packetLen = conContext.inputRecord.bytesInCompletePacket(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	542	srcs, srcsOffset, srcsLength);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	543	} catch (SSLException ssle) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	544	// Need to discard invalid records for DTLS protocols.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	545	if (sslContext.isDTLS()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	546	if (SSLLogger.isOn && SSLLogger.isOn("ssl,verbose")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	547	SSLLogger.finest("Discard invalid DTLS records", ssle);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	548	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	549
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	550	// invalid, discard the entire data [section 4.1.2.7, RFC 6347]
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	551	int deltaNet = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	552	// int deltaNet = netData.remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	553	// netData.position(netData.limit());
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	554
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	555	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	556	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	557	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	558	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	559
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	560	return new SSLEngineResult(status, hsStatus, deltaNet, 0, -1L);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	561	} else {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	562	throw ssle;
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	563	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	564	}
2 90ce3da70b43 Initial load duke parents: diff changeset	565
90ce3da70b43 Initial load duke parents: diff changeset	566	// Is this packet bigger than SSL/TLS normally allows?
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	567	if (packetLen > conContext.conSession.getPacketBufferSize()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	568	int largestRecordSize = sslContext.isDTLS() ?
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	569	DTLSRecord.maxRecordSize : SSLRecord.maxLargeRecordSize;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	570	if ((packetLen <= largestRecordSize) && !sslContext.isDTLS()) {
2 90ce3da70b43 Initial load duke parents: diff changeset	571	// Expand the expected maximum packet/application buffer
90ce3da70b43 Initial load duke parents: diff changeset	572	// sizes.
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	573	//
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	574	// Only apply to SSL/TLS protocols.
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	575
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	576	// Old behavior: shall we honor the System Property
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	577	// "jsse.SSLEngine.acceptLargeFragments" if it is "false"?
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	578	conContext.conSession.expandBufferSizes();
2 90ce3da70b43 Initial load duke parents: diff changeset	579	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	580
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	581	// check the packet again
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	582	largestRecordSize = conContext.conSession.getPacketBufferSize();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	583	if (packetLen > largestRecordSize) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	584	throw new SSLProtocolException(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	585	"Input record too big: max = " +
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	586	largestRecordSize + " len = " + packetLen);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	587	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	588	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	589
2 90ce3da70b43 Initial load duke parents: diff changeset	590	/*
90ce3da70b43 Initial load duke parents: diff changeset	591	* Check for OVERFLOW.
90ce3da70b43 Initial load duke parents: diff changeset	592	*
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	593	* Delay enforcing the application buffer free space requirement
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	594	* until after the initial handshaking.
2 90ce3da70b43 Initial load duke parents: diff changeset	595	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	596	int dstsRemains = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	597	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	598	dstsRemains += dsts[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	599	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	600
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	601	if (conContext.isNegotiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	602	int FragLen =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	603	conContext.inputRecord.estimateFragmentSize(packetLen);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	604	if (FragLen > dstsRemains) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	605	return new SSLEngineResult(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	606	Status.BUFFER_OVERFLOW, hsStatus, 0, 0);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	607	}
2 90ce3da70b43 Initial load duke parents: diff changeset	608	}
90ce3da70b43 Initial load duke parents: diff changeset	609
90ce3da70b43 Initial load duke parents: diff changeset	610	// check for UNDERFLOW.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	611	if ((packetLen == -1) \|\| (srcsRemains < packetLen)) {
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	612	return new SSLEngineResult(Status.BUFFER_UNDERFLOW, hsStatus, 0, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	613	}
90ce3da70b43 Initial load duke parents: diff changeset	614
90ce3da70b43 Initial load duke parents: diff changeset	615	/*
90ce3da70b43 Initial load duke parents: diff changeset	616	* We're now ready to actually do the read.
90ce3da70b43 Initial load duke parents: diff changeset	617	*/
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	618	Plaintext plainText = null;
2 90ce3da70b43 Initial load duke parents: diff changeset	619	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	620	plainText = decode(srcs, srcsOffset, srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	621	dsts, dstsOffset, dstsLength);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	622	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	623	if (ioe instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	624	throw ioe;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	625	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	626	throw new SSLException("readRecord", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	627	}
2 90ce3da70b43 Initial load duke parents: diff changeset	628	}
90ce3da70b43 Initial load duke parents: diff changeset	629
90ce3da70b43 Initial load duke parents: diff changeset	630	/*
90ce3da70b43 Initial load duke parents: diff changeset	631	* Check the various condition that we could be reporting.
90ce3da70b43 Initial load duke parents: diff changeset	632	*
90ce3da70b43 Initial load duke parents: diff changeset	633	* It's possible something might have happened between the
90ce3da70b43 Initial load duke parents: diff changeset	634	* above and now, but it was better to minimally lock "this"
90ce3da70b43 Initial load duke parents: diff changeset	635	* during the read process. We'll return the current
90ce3da70b43 Initial load duke parents: diff changeset	636	* status, which is more representative of the current state.
90ce3da70b43 Initial load duke parents: diff changeset	637	*
90ce3da70b43 Initial load duke parents: diff changeset	638	* status above should cover: FINISHED, NEED_TASK
90ce3da70b43 Initial load duke parents: diff changeset	639	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	640	Status status = (isInboundDone() ? Status.CLOSED : Status.OK);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	641	if (plainText.handshakeStatus != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	642	hsStatus = plainText.handshakeStatus;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	643	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	644	hsStatus = getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	645	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	646
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	647	int deltaNet = srcsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	648	for (int i = srcsOffset; i < srcsOffset + srcsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	649	deltaNet -= srcs[i].remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	650	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	651
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	652	int deltaApp = dstsRemains;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	653	for (int i = dstsOffset; i < dstsOffset + dstsLength; i++) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	654	deltaApp -= dsts[i].remaining();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	655	}
2 90ce3da70b43 Initial load duke parents: diff changeset	656
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	657	return new SSLEngineResult(
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	658	status, hsStatus, deltaNet, deltaApp, plainText.recordSN);
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	659	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	660
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	661	private Plaintext decode(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	662	ByteBuffer[] srcs, int srcsOffset, int srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	663	ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	664
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	665	Plaintext pt = SSLTransport.decode(conContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	666	srcs, srcsOffset, srcsLength,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	667	dsts, dstsOffset, dstsLength);
2 90ce3da70b43 Initial load duke parents: diff changeset	668
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	669	// Is the handshake completed?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	670	if (pt != Plaintext.PLAINTEXT_NULL) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	671	HandshakeStatus hsStatus = tryToFinishHandshake(pt.contentType);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	672	if (hsStatus == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	673	pt.handshakeStatus = conContext.getHandshakeStatus();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	674	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	675	pt.handshakeStatus = hsStatus;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	676	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	677
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	678	// Is the sequence number is nearly overflow?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	679	if (conContext.inputRecord.seqNumIsHuge()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	680	pt.handshakeStatus =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	681	tryKeyUpdate(pt.handshakeStatus);
2 90ce3da70b43 Initial load duke parents: diff changeset	682	}
90ce3da70b43 Initial load duke parents: diff changeset	683	}
90ce3da70b43 Initial load duke parents: diff changeset	684
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	685	return pt;
2 90ce3da70b43 Initial load duke parents: diff changeset	686	}
90ce3da70b43 Initial load duke parents: diff changeset	687
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	688	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	689	public synchronized Runnable getDelegatedTask() {
56544 ad120e0dfcfb start/beginHandshake and more post-handshake changes ascarpino parents: 56542 diff changeset	690	if (conContext.handshakeContext != null && // PRE or POST handshake
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	691	!conContext.handshakeContext.taskDelegated &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	692	!conContext.handshakeContext.delegatedActions.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	693	conContext.handshakeContext.taskDelegated = true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	694	return new DelegatedTask(this);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	695	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	696
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	697	return null;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 28550 diff changeset	698	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	699
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	700	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	701	public synchronized void closeInbound() throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	702	conContext.closeInbound();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	703	}
2 90ce3da70b43 Initial load duke parents: diff changeset	704
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	705	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	706	public synchronized boolean isInboundDone() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	707	return conContext.isInboundDone();
2 90ce3da70b43 Initial load duke parents: diff changeset	708	}
90ce3da70b43 Initial load duke parents: diff changeset	709
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	710	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	711	public synchronized void closeOutbound() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	712	conContext.closeOutbound();
2 90ce3da70b43 Initial load duke parents: diff changeset	713	}
90ce3da70b43 Initial load duke parents: diff changeset	714
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	715	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	716	public synchronized boolean isOutboundDone() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	717	return conContext.isOutboundDone();
2 90ce3da70b43 Initial load duke parents: diff changeset	718	}
90ce3da70b43 Initial load duke parents: diff changeset	719
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	720	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	721	public String[] getSupportedCipherSuites() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	722	return CipherSuite.namesOf(sslContext.getSupportedCipherSuites());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	723	}
2 90ce3da70b43 Initial load duke parents: diff changeset	724
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	725	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	726	public synchronized String[] getEnabledCipherSuites() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	727	return CipherSuite.namesOf(conContext.sslConfig.enabledCipherSuites);
2 90ce3da70b43 Initial load duke parents: diff changeset	728	}
90ce3da70b43 Initial load duke parents: diff changeset	729
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	730	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	731	public synchronized void setEnabledCipherSuites(String[] suites) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	732	if (suites == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	733	throw new IllegalArgumentException("CipherSuites cannot be null");
2 90ce3da70b43 Initial load duke parents: diff changeset	734	}
90ce3da70b43 Initial load duke parents: diff changeset	735
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	736	conContext.sslConfig.enabledCipherSuites =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	737	CipherSuite.validValuesOf(suites);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	738	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	739
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	740	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	741	public String[] getSupportedProtocols() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	742	return ProtocolVersion.toStringArray(
56611 f8f7e604e1f8 added jdk.tls.server.protocols ascarpino parents: 56603 diff changeset	743	sslContext.getSupportedProtocolVersions());
2 90ce3da70b43 Initial load duke parents: diff changeset	744	}
90ce3da70b43 Initial load duke parents: diff changeset	745
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	746	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	747	public synchronized String[] getEnabledProtocols() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	748	return ProtocolVersion.toStringArray(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	749	conContext.sslConfig.enabledProtocols);
2 90ce3da70b43 Initial load duke parents: diff changeset	750	}
90ce3da70b43 Initial load duke parents: diff changeset	751
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	752	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	753	public synchronized void setEnabledProtocols(String[] protocols) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	754	if (protocols == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	755	throw new IllegalArgumentException("Protocols cannot be null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	756	}
2 90ce3da70b43 Initial load duke parents: diff changeset	757
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	758	conContext.sslConfig.enabledProtocols =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	759	ProtocolVersion.namesOf(protocols);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	760	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	761
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	762	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	763	public synchronized SSLSession getSession() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	764	return conContext.conSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	765	}
90ce3da70b43 Initial load duke parents: diff changeset	766
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	767	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	768	public synchronized SSLSession getHandshakeSession() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	769	return conContext.handshakeContext == null ?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	770	null : conContext.handshakeContext.handshakeSession;
2 90ce3da70b43 Initial load duke parents: diff changeset	771	}
90ce3da70b43 Initial load duke parents: diff changeset	772
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	773	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	774	public synchronized SSLEngineResult.HandshakeStatus getHandshakeStatus() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	775	return conContext.getHandshakeStatus();
2 90ce3da70b43 Initial load duke parents: diff changeset	776	}
90ce3da70b43 Initial load duke parents: diff changeset	777
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	778	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	779	public synchronized void setUseClientMode(boolean mode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	780	conContext.setUseClientMode(mode);
2 90ce3da70b43 Initial load duke parents: diff changeset	781	}
90ce3da70b43 Initial load duke parents: diff changeset	782
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	783	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	784	public synchronized boolean getUseClientMode() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	785	return conContext.sslConfig.isClientMode;
2 90ce3da70b43 Initial load duke parents: diff changeset	786	}
90ce3da70b43 Initial load duke parents: diff changeset	787
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	788	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	789	public synchronized void setNeedClientAuth(boolean need) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	790	conContext.sslConfig.clientAuthType =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	791	(need ? ClientAuthType.CLIENT_AUTH_REQUIRED :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	792	ClientAuthType.CLIENT_AUTH_NONE);
2 90ce3da70b43 Initial load duke parents: diff changeset	793	}
90ce3da70b43 Initial load duke parents: diff changeset	794
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	795	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	796	public synchronized boolean getNeedClientAuth() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	797	return (conContext.sslConfig.clientAuthType ==
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	798	ClientAuthType.CLIENT_AUTH_REQUIRED);
2 90ce3da70b43 Initial load duke parents: diff changeset	799	}
90ce3da70b43 Initial load duke parents: diff changeset	800
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	801	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	802	public synchronized void setWantClientAuth(boolean want) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	803	conContext.sslConfig.clientAuthType =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	804	(want ? ClientAuthType.CLIENT_AUTH_REQUESTED :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	805	ClientAuthType.CLIENT_AUTH_NONE);
2 90ce3da70b43 Initial load duke parents: diff changeset	806	}
90ce3da70b43 Initial load duke parents: diff changeset	807
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	808	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	809	public synchronized boolean getWantClientAuth() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	810	return (conContext.sslConfig.clientAuthType ==
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	811	ClientAuthType.CLIENT_AUTH_REQUESTED);
2 90ce3da70b43 Initial load duke parents: diff changeset	812	}
90ce3da70b43 Initial load duke parents: diff changeset	813
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	814	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	815	public synchronized void setEnableSessionCreation(boolean flag) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	816	conContext.sslConfig.enableSessionCreation = flag;
2 90ce3da70b43 Initial load duke parents: diff changeset	817	}
90ce3da70b43 Initial load duke parents: diff changeset	818
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	819	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	820	public synchronized boolean getEnableSessionCreation() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	821	return conContext.sslConfig.enableSessionCreation;
2 90ce3da70b43 Initial load duke parents: diff changeset	822	}
90ce3da70b43 Initial load duke parents: diff changeset	823
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	824	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	825	public synchronized SSLParameters getSSLParameters() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	826	return conContext.sslConfig.getSSLParameters();
2 90ce3da70b43 Initial load duke parents: diff changeset	827	}
90ce3da70b43 Initial load duke parents: diff changeset	828
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	829	@Override
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 30904 diff changeset	830	public synchronized void setSSLParameters(SSLParameters params) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	831	conContext.sslConfig.setSSLParameters(params);
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	832
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	833	if (conContext.sslConfig.maximumPacketSize != 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	834	conContext.outputRecord.changePacketSize(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	835	conContext.sslConfig.maximumPacketSize);
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	836	}
2 90ce3da70b43 Initial load duke parents: diff changeset	837	}
90ce3da70b43 Initial load duke parents: diff changeset	838
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	839	@Override
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	840	public synchronized String getApplicationProtocol() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	841	return conContext.applicationProtocol;
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	842	}
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	843
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	844	@Override
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	845	public synchronized String getHandshakeApplicationProtocol() {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	846	return conContext.handshakeContext == null ?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	847	null : conContext.handshakeContext.applicationProtocol;
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	848	}
2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32649 diff changeset	849
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	850	@Override
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	851	public synchronized void setHandshakeApplicationProtocolSelector(
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	852	BiFunction<SSLEngine, List<String>, String> selector) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	853	conContext.sslConfig.engineAPSelector = selector;
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	854	}
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	855
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	856	@Override
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	857	public synchronized BiFunction<SSLEngine, List<String>, String>
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	858	getHandshakeApplicationProtocolSelector() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	859	return conContext.sslConfig.engineAPSelector;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	860	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	861
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	862	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	863	public boolean useDelegatedTask() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	864	return true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	865	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	866
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	867	private synchronized void checkTaskThrown() throws SSLException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	868	HandshakeContext hc = conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	869	if (hc != null && hc.delegatedThrown != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	870	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	871	throw getTaskThrown(hc.delegatedThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	872	} finally {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	873	hc.delegatedThrown = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	874	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	875	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	876
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	877	if (conContext.isBroken && conContext.closeReason != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	878	throw getTaskThrown(conContext.closeReason);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	879	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	880	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	881
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	882	private static SSLException getTaskThrown(Exception taskThrown) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	883	String msg = taskThrown.getMessage();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	884
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	885	if (msg == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	886	msg = "Delegated task threw Exception or Error";
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	887	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	888
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	889	if (taskThrown instanceof RuntimeException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	890	throw new RuntimeException(msg, taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	891	} else if (taskThrown instanceof SSLHandshakeException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	892	return (SSLHandshakeException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	893	new SSLHandshakeException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	894	} else if (taskThrown instanceof SSLKeyException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	895	return (SSLKeyException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	896	new SSLKeyException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	897	} else if (taskThrown instanceof SSLPeerUnverifiedException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	898	return (SSLPeerUnverifiedException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	899	new SSLPeerUnverifiedException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	900	} else if (taskThrown instanceof SSLProtocolException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	901	return (SSLProtocolException)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	902	new SSLProtocolException(msg).initCause(taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	903	} else if (taskThrown instanceof SSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	904	return (SSLException)taskThrown;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	905	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	906	return new SSLException(msg, taskThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	907	}
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	908	}
796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 41910 diff changeset	909
2 90ce3da70b43 Initial load duke parents: diff changeset	910	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	911	* Implement a simple task delegator.
2 90ce3da70b43 Initial load duke parents: diff changeset	912	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	913	private static class DelegatedTask implements Runnable {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	914	private final SSLEngineImpl engine;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	915
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	916	DelegatedTask(SSLEngineImpl engineInstance) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	917	this.engine = engineInstance;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	918	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	919
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	920	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	921	public void run() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	922	synchronized (engine) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	923	HandshakeContext hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	924	if (hc == null \|\| hc.delegatedActions.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	925	return;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	926	}
2 90ce3da70b43 Initial load duke parents: diff changeset	927
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	928	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	929	AccessController.doPrivileged(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	930	new DelegatedAction(hc), engine.conContext.acc);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	931	} catch (PrivilegedActionException pae) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	932	// Get the handshake context again in case the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	933	// handshaking has completed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	934	hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	935	if (hc != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	936	hc.delegatedThrown = pae.getException();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	937	} else if (engine.conContext.closeReason != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	938	engine.conContext.closeReason =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	939	getTaskThrown(pae.getException());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	940	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	941	} catch (RuntimeException rte) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	942	// Get the handshake context again in case the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	943	// handshaking has completed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	944	hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	945	if (hc != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	946	hc.delegatedThrown = rte;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	947	} else if (engine.conContext.closeReason != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	948	engine.conContext.closeReason = rte;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	949	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	950	}
2 90ce3da70b43 Initial load duke parents: diff changeset	951
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	952	// Get the handshake context again in case the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	953	// handshaking has completed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	954	hc = engine.conContext.handshakeContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	955	if (hc != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	956	hc.taskDelegated = false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	957	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	958	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	959	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	960
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	961	private static class DelegatedAction
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	962	implements PrivilegedExceptionAction<Void> {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	963	final HandshakeContext context;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	964	DelegatedAction(HandshakeContext context) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	965	this.context = context;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	966	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	967
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	968	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	969	public Void run() throws Exception {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	970	while (!context.delegatedActions.isEmpty()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	971	// Report back the task SSLException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	972	if (context.delegatedThrown != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	973	Exception delegatedThrown = context.delegatedThrown;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	974	context.delegatedThrown = null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	975	throw getTaskThrown(delegatedThrown);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	976	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	977
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	978	Map.Entry<Byte, ByteBuffer> me =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	979	context.delegatedActions.poll();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	980	if (me != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	981	context.dispatch(me.getKey(), me.getValue());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	982	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	983	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	984	return null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	985	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	986	}
2 90ce3da70b43 Initial load duke parents: diff changeset	987	}
90ce3da70b43 Initial load duke parents: diff changeset	988	}

author	ascarpino
	Fri, 25 May 2018 12:43:45 -0700
branch	JDK-8145252-TLS13-branch
changeset 56611	f8f7e604e1f8
parent 56603	f103e0c2be1e
child 56646	e57205a6e4ee
permissions	-rw-r--r--