# HG changeset patch # User xuelei # Date 1528224565 25200 # Node ID ec5537b61038dea799bc48013b703769c9622a31 # Parent 8ff60b6039912d67be458513b1a86f1e6bb9e863 cleanup on HelloCookieManager, RSAClientKeyExchange and NewSessionTicket diff -r 8ff60b603991 -r ec5537b61038 src/java.base/share/classes/sun/security/ssl/HelloCookieManager.java --- a/src/java.base/share/classes/sun/security/ssl/HelloCookieManager.java Mon Jun 04 14:59:53 2018 -0700 +++ b/src/java.base/share/classes/sun/security/ssl/HelloCookieManager.java Tue Jun 05 11:49:25 2018 -0700 @@ -94,13 +94,13 @@ return null; } - byte[] createCookie(ConnectionContext context, + byte[] createCookie(ServerHandshakeContext context, ClientHelloMessage clientHello) throws IOException { throw new UnsupportedOperationException( "Not yet supported handshake cookie manager"); } - boolean isCookieValid(ConnectionContext context, + boolean isCookieValid(ServerHandshakeContext context, ClientHelloMessage clientHello, byte[] cookie) throws IOException { throw new UnsupportedOperationException( "Not yet supported handshake cookie manager"); @@ -125,7 +125,7 @@ } @Override - byte[] createCookie(ConnectionContext context, + byte[] createCookie(ServerHandshakeContext context, ClientHelloMessage clientHello) throws IOException { int version; byte[] secret; @@ -153,7 +153,7 @@ } @Override - boolean isCookieValid(ConnectionContext context, + boolean isCookieValid(ServerHandshakeContext context, ClientHelloMessage clientHello, byte[] cookie) throws IOException { // no cookie exchange or not a valid cookie length if ((cookie == null) || (cookie.length != 32)) { @@ -186,13 +186,13 @@ } @Override - byte[] createCookie(ConnectionContext context, + byte[] createCookie(ServerHandshakeContext context, ClientHelloMessage clientHello) throws IOException { throw new UnsupportedOperationException("Not supported yet."); } @Override - boolean isCookieValid(ConnectionContext context, + boolean isCookieValid(ServerHandshakeContext context, ClientHelloMessage clientHello, byte[] cookie) throws IOException { throw new UnsupportedOperationException("Not supported yet."); } @@ -216,7 +216,7 @@ } @Override - byte[] createCookie(ConnectionContext context, + byte[] createCookie(ServerHandshakeContext context, ClientHelloMessage clientHello) throws IOException { int version; byte[] secret; @@ -234,18 +234,15 @@ cookieVersion++; // allow wrapped version number } - // happens in server side only - ServerHandshakeContext shc = (ServerHandshakeContext)context; - MessageDigest md = JsseJce.getMessageDigest( - shc.negotiatedCipherSuite.hashAlg.name); + context.negotiatedCipherSuite.hashAlg.name); byte[] headerBytes = clientHello.getHeaderBytes(); md.update(headerBytes); byte[] headerCookie = md.digest(secret); // hash of ClientHello handshake message - shc.handshakeHash.update(); - byte[] clientHelloHash = shc.handshakeHash.digest(); + context.handshakeHash.update(); + byte[] clientHelloHash = context.handshakeHash.digest(); // version and cipher suite // @@ -255,8 +252,8 @@ // + (hash length): Mac(ClientHello header) // + (hash length): Hash(ClientHello) byte[] prefix = new byte[] { - (byte)((shc.negotiatedCipherSuite.id >> 8) & 0xFF), - (byte)(shc.negotiatedCipherSuite.id & 0xFF), + (byte)((context.negotiatedCipherSuite.id >> 8) & 0xFF), + (byte)(context.negotiatedCipherSuite.id & 0xFF), (byte)((version >> 24) & 0xFF) }; @@ -271,7 +268,7 @@ } @Override - boolean isCookieValid(ConnectionContext context, + boolean isCookieValid(ServerHandshakeContext context, ClientHelloMessage clientHello, byte[] cookie) throws IOException { // no cookie exchange or not a valid cookie length if ((cookie == null) || (cookie.length <= 32)) { // 32: roughly @@ -303,9 +300,6 @@ } } - // happens in server side only - ServerHandshakeContext shc = (ServerHandshakeContext)context; - MessageDigest md = JsseJce.getMessageDigest(cs.hashAlg.name); byte[] headerBytes = clientHello.getHeaderBytes(); md.update(headerBytes); @@ -327,7 +321,7 @@ // Reproduce HelloRetryRequest handshake message byte[] hrrMessage = ServerHello.hrrReproducer.produce(context, clientHello); - shc.handshakeHash.push(hrrMessage); + context.handshakeHash.push(hrrMessage); // Construct the 1st ClientHello message for transcript hash byte[] hashedClientHello = new byte[4 + hashLen]; @@ -338,7 +332,7 @@ System.arraycopy(prevClientHelloHash, 0, hashedClientHello, 4, hashLen); - shc.handshakeHash.push(hashedClientHello); + context.handshakeHash.push(hashedClientHello); return true; } diff -r 8ff60b603991 -r ec5537b61038 src/java.base/share/classes/sun/security/ssl/NewSessionTicket.java --- a/src/java.base/share/classes/sun/security/ssl/NewSessionTicket.java Mon Jun 04 14:59:53 2018 -0700 +++ b/src/java.base/share/classes/sun/security/ssl/NewSessionTicket.java Tue Jun 05 11:49:25 2018 -0700 @@ -84,13 +84,12 @@ this.ticket = Record.getBytes16(m); if (this.ticket.length == 0) { context.conContext.fatal(Alert.ILLEGAL_PARAMETER, - "Ticket has length 0"); + "No ticket in the NewSessionTicket handshake message"); } SSLExtension[] supportedExtensions = - context.sslConfig.getEnabledExtensions( - SSLHandshake.NEW_SESSION_TICKET); - + context.sslConfig.getEnabledExtensions( + SSLHandshake.NEW_SESSION_TICKET); if (m.hasRemaining()) { this.extensions = new SSLExtensions(this, m, supportedExtensions); @@ -157,25 +156,21 @@ } private static SecretKey derivePreSharedKey(CipherSuite.HashAlg hashAlg, - SecretKey resumptionMasterSecret, - byte[] nonce) throws IOException { - + SecretKey resumptionMasterSecret, byte[] nonce) throws IOException { try { HKDF hkdf = new HKDF(hashAlg.name); byte[] hkdfInfo = SSLSecretDerivation.createHkdfInfo( - "tls13 resumption".getBytes(), nonce, hashAlg.hashLength); + "tls13 resumption".getBytes(), nonce, hashAlg.hashLength); return hkdf.expand(resumptionMasterSecret, hkdfInfo, - hashAlg.hashLength, "TlsPreSharedKey"); - + hashAlg.hashLength, "TlsPreSharedKey"); } catch (GeneralSecurityException gse) { throw (SSLHandshakeException) new SSLHandshakeException( - "Could not derive PSK").initCause(gse); + "Could not derive PSK").initCause(gse); } } private static final - class NewSessionTicketKickstartProducer implements SSLProducer { - + class NewSessionTicketKickstartProducer implements SSLProducer { @Override public byte[] produce(ConnectionContext context) throws IOException { // The producing happens in server side only. @@ -185,6 +180,7 @@ // client doesn't support PSK return null; } + if (!shc.handshakeSession.isRejoinable()) { return null; } @@ -200,7 +196,7 @@ if (!resumptionMasterSecret.isPresent()) { if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { SSLLogger.fine( - "Session has no resumption secret. No ticket sent."); + "Session has no resumption secret. No ticket sent."); } return null; } @@ -208,14 +204,15 @@ // construct the PSK and handshake message BigInteger nonce = shc.handshakeSession.incrTicketNonceCounter(); byte[] nonceArr = nonce.toByteArray(); - SecretKey psk = derivePreSharedKey(shc.negotiatedCipherSuite.hashAlg, - resumptionMasterSecret.get(), nonceArr); + SecretKey psk = derivePreSharedKey( + shc.negotiatedCipherSuite.hashAlg, + resumptionMasterSecret.get(), nonceArr); int sessionTimeoutSeconds = sessionCache.getSessionTimeout(); if (sessionTimeoutSeconds > SEVEN_DAYS_IN_SECONDS) { if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { SSLLogger.fine( - "Session timeout is too long. No NewSessionTicket sent."); + "Session timeout is too long. No ticket sent."); } return null; } @@ -348,6 +345,5 @@ hc.conContext.finishPostHandshake(); } } - } diff -r 8ff60b603991 -r ec5537b61038 src/java.base/share/classes/sun/security/ssl/RSAClientKeyExchange.java --- a/src/java.base/share/classes/sun/security/ssl/RSAClientKeyExchange.java Mon Jun 04 14:59:53 2018 -0700 +++ b/src/java.base/share/classes/sun/security/ssl/RSAClientKeyExchange.java Tue Jun 05 11:49:25 2018 -0700 @@ -73,12 +73,9 @@ RSAClientKeyExchangeMessage(HandshakeContext context, ByteBuffer m) throws IOException { super(context); - // This happens in server side only. - ServerHandshakeContext shc = - (ServerHandshakeContext)handshakeContext; if (m.remaining() < 2) { - shc.conContext.fatal(Alert.HANDSHAKE_FAILURE, + context.conContext.fatal(Alert.HANDSHAKE_FAILURE, "Invalid RSA ClientKeyExchange message: insufficient data"); } @@ -190,7 +187,7 @@ chc, premaster, publicKey); } catch (GeneralSecurityException gse) { chc.conContext.fatal(Alert.ILLEGAL_PARAMETER, - "Cannot generate RSA premaster secret", gse); + "Cannot generate RSA premaster secret", gse); return null; // make the compiler happy }