< prev index next >

src/java.base/share/classes/sun/security/ssl/SSLSocketOutputRecord.java

Print this page


   1 /*
   2  * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any


  34 
  35 /**
  36  * {@code OutputRecord} implementation for {@code SSLSocket}.
  37  */
  38 final class SSLSocketOutputRecord extends OutputRecord implements SSLRecord {
  39     private OutputStream deliverStream = null;
  40 
  41     SSLSocketOutputRecord(HandshakeHash handshakeHash) {
  42         this(handshakeHash, null);
  43     }
  44 
  45     SSLSocketOutputRecord(HandshakeHash handshakeHash,
  46             TransportContext tc) {
  47         super(handshakeHash, SSLCipher.SSLWriteCipher.nullTlsWriteCipher());
  48         this.tc = tc;
  49         this.packetSize = SSLRecord.maxRecordSize;
  50         this.protocolVersion = ProtocolVersion.NONE;
  51     }
  52 
  53     @Override
  54     void encodeAlert(byte level, byte description) throws IOException {
  55         recordLock.lock();
  56         try {
  57             if (isClosed()) {
  58                 if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
  59                     SSLLogger.warning("outbound has closed, ignore outbound " +
  60                         "alert message: " + Alert.nameOf(description));
  61                 }
  62                 return;
  63             }
  64 
  65             // use the buf of ByteArrayOutputStream
  66             int position = headerSize + writeCipher.getExplicitNonceSize();
  67             count = position;
  68 
  69             write(level);
  70             write(description);
  71             if (SSLLogger.isOn && SSLLogger.isOn("record")) {
  72                 SSLLogger.fine("WRITE: " + protocolVersion +
  73                         " " + ContentType.ALERT.name +
  74                         "(" + Alert.nameOf(description) + ")" +
  75                         ", length = " + (count - headerSize));
  76             }


  77 
  78             // Encrypt the fragment and wrap up a record.
  79             encrypt(writeCipher, ContentType.ALERT.id, headerSize);
  80 
  81             // deliver this message
  82             deliverStream.write(buf, 0, count);    // may throw IOException
  83             deliverStream.flush();                 // may throw IOException






  84 
  85             if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
  86                 SSLLogger.fine("Raw write",
  87                         (new ByteArrayInputStream(buf, 0, count)));
  88             }
  89 
  90             // reset the internal buffer
  91             count = 0;
  92         } finally {
  93             recordLock.unlock();



  94         }



  95     }
  96 
  97     @Override
  98     void encodeHandshake(byte[] source,
  99             int offset, int length) throws IOException {
 100         recordLock.lock();
 101         try {
 102             if (isClosed()) {
 103                 if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
 104                     SSLLogger.warning("outbound has closed, ignore outbound " +
 105                             "handshake message",
 106                             ByteBuffer.wrap(source, offset, length));
 107                 }
 108                 return;
 109             }


 110 
 111             if (firstMessage) {
 112                 firstMessage = false;
 113 
 114                 if ((helloVersion == ProtocolVersion.SSL20Hello) &&
 115                     (source[offset] == SSLHandshake.CLIENT_HELLO.id) &&
 116                                             //  5: recode header size
 117                     (source[offset + 4 + 2 + 32] == 0)) {
 118                                             // V3 session ID is empty
 119                                             //  4: handshake header size
 120                                             //  2: client_version in ClientHello
 121                                             // 32: random in ClientHello
 122 
 123                     ByteBuffer v2ClientHello = encodeV2ClientHello(
 124                             source, (offset + 4), (length - 4));
 125 
 126                     // array offset is zero
 127                     byte[] record = v2ClientHello.array();
 128                     int limit = v2ClientHello.limit();
 129                     handshakeHash.deliver(record, 2, (limit - 2));
 130 
 131                     if (SSLLogger.isOn && SSLLogger.isOn("record")) {
 132                         SSLLogger.fine(
 133                                 "WRITE: SSLv2 ClientHello message" +
 134                                 ", length = " + limit);
 135                     }
 136 
 137                     // deliver this message
 138                     //
 139                     // Version 2 ClientHello message should be plaintext.
 140                     //
 141                     // No max fragment length negotiation.
 142                     deliverStream.write(record, 0, limit);
 143                     deliverStream.flush();
 144 
 145                     if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
 146                         SSLLogger.fine("Raw write",
 147                                 (new ByteArrayInputStream(record, 0, limit)));
 148                     }
 149 
 150                     return;
 151                 }
 152             }
 153 
 154             byte handshakeType = source[0];
 155             if (handshakeHash.isHashable(handshakeType)) {
 156                 handshakeHash.deliver(source, offset, length);
 157             }
 158 
 159             int fragLimit = getFragLimit();
 160             int position = headerSize + writeCipher.getExplicitNonceSize();
 161             if (count == 0) {
 162                 count = position;
 163             }
 164 
 165             if ((count - position) < (fragLimit - length)) {
 166                 write(source, offset, length);
 167                 return;
 168             }
 169 
 170             for (int limit = (offset + length); offset < limit;) {
 171 
 172                 int remains = (limit - offset) + (count - position);
 173                 int fragLen = Math.min(fragLimit, remains);
 174 
 175                 // use the buf of ByteArrayOutputStream
 176                 write(source, offset, fragLen);
 177                 if (remains < fragLimit) {
 178                     return;
 179                 }
 180 
 181                 if (SSLLogger.isOn && SSLLogger.isOn("record")) {
 182                     SSLLogger.fine(
 183                             "WRITE: " + protocolVersion +
 184                             " " + ContentType.HANDSHAKE.name +
 185                             ", length = " + (count - headerSize));
 186                 }
 187 
 188                 // Encrypt the fragment and wrap up a record.
 189                 encrypt(writeCipher, ContentType.HANDSHAKE.id, headerSize);
 190 
 191                 // deliver this message
 192                 deliverStream.write(buf, 0, count);    // may throw IOException
 193                 deliverStream.flush();                 // may throw IOException




 194 
 195                 if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
 196                     SSLLogger.fine("Raw write",
 197                             (new ByteArrayInputStream(buf, 0, count)));
 198                 }
 199 
 200                 // reset the offset
 201                 offset += fragLen;
 202 
 203                 // reset the internal buffer
 204                 count = position;
 205             }
 206         } finally {
 207             recordLock.unlock();
 208         }
 209     }
 210 
 211     @Override
 212     void encodeChangeCipherSpec() throws IOException {
 213         recordLock.lock();
 214         try {
 215             if (isClosed()) {
 216                 if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
 217                     SSLLogger.warning("outbound has closed, ignore outbound " +
 218                         "change_cipher_spec message");
 219                 }
 220                 return;
 221             }
 222 
 223             // use the buf of ByteArrayOutputStream
 224             int position = headerSize + writeCipher.getExplicitNonceSize();

 225             count = position;

 226 
 227             write((byte)1);         // byte 1: change_cipher_spec(
 228 
 229             // Encrypt the fragment and wrap up a record.
 230             encrypt(writeCipher, ContentType.CHANGE_CIPHER_SPEC.id, headerSize);
 231 
 232             // deliver this message
 233             deliverStream.write(buf, 0, count);        // may throw IOException
 234             // deliverStream.flush();                  // flush in Finished
 235 
 236             if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
 237                 SSLLogger.fine("Raw write",
 238                         (new ByteArrayInputStream(buf, 0, count)));
 239             }
 240 
 241             // reset the internal buffer
 242             count = 0;
 243         } finally {
 244             recordLock.unlock();
 245         }
 246     }
 247 
 248     @Override
 249     public void flush() throws IOException {
 250         recordLock.lock();
 251         try {
 252             int position = headerSize + writeCipher.getExplicitNonceSize();
 253             if (count <= position) {
 254                 return;
 255             }
 256 
 257             if (SSLLogger.isOn && SSLLogger.isOn("record")) {
 258                 SSLLogger.fine(
 259                         "WRITE: " + protocolVersion +
 260                         " " + ContentType.HANDSHAKE.name +
 261                         ", length = " + (count - headerSize));
 262             }
 263 
 264             // Encrypt the fragment and wrap up a record.
 265             encrypt(writeCipher, ContentType.HANDSHAKE.id, headerSize);
 266 
 267             // deliver this message
 268             deliverStream.write(buf, 0, count);    // may throw IOException
 269             deliverStream.flush();                 // may throw IOException
 270 
 271             if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
 272                 SSLLogger.fine("Raw write",
 273                         (new ByteArrayInputStream(buf, 0, count)));
 274             }
 275 



 276             // reset the internal buffer
 277             count = 0;      // DON'T use position
 278         } finally {
 279             recordLock.unlock();
 280         }
 281     }
 282 
 283     @Override
 284     void deliver(byte[] source, int offset, int length) throws IOException {
 285         recordLock.lock();
 286         try {
 287             if (isClosed()) {
 288                 throw new SocketException(
 289                         "Connection or outbound has been closed");
 290             }


 291 
 292             if (writeCipher.authenticator.seqNumOverflow()) {
 293                 if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
 294                     SSLLogger.fine(
 295                         "sequence number extremely close to overflow " +
 296                         "(2^64-1 packets). Closing connection.");
 297                 }











 298 
 299                 throw new SSLHandshakeException("sequence number overflow");
 300             }

 301 
 302             boolean isFirstRecordOfThePayload = true;
 303             for (int limit = (offset + length); offset < limit;) {
 304                 int fragLen;
 305                 if (packetSize > 0) {
 306                     fragLen = Math.min(maxRecordSize, packetSize);
 307                     fragLen = writeCipher.calculateFragmentSize(
 308                             fragLen, headerSize);
 309 
 310                     fragLen = Math.min(fragLen, Record.maxDataSize);
 311                 } else {
 312                     fragLen = Record.maxDataSize;
 313                 }
 314 
 315                 // Calculate more impact, for example TLS 1.3 padding.
 316                 fragLen = calculateFragmentSize(fragLen);




 317 
 318                 if (isFirstRecordOfThePayload && needToSplitPayload()) {
 319                     fragLen = 1;
 320                     isFirstRecordOfThePayload = false;
 321                 } else {
 322                     fragLen = Math.min(fragLen, (limit - offset));
 323                 }
 324 
 325                 // use the buf of ByteArrayOutputStream
 326                 int position = headerSize + writeCipher.getExplicitNonceSize();
 327                 count = position;
 328                 write(source, offset, fragLen);




 329 
 330                 if (SSLLogger.isOn && SSLLogger.isOn("record")) {
 331                     SSLLogger.fine(
 332                             "WRITE: " + protocolVersion +
 333                             " " + ContentType.APPLICATION_DATA.name +
 334                             ", length = " + (count - position));
 335                 }
 336 
 337                 // Encrypt the fragment and wrap up a record.
 338                 encrypt(writeCipher,
 339                         ContentType.APPLICATION_DATA.id, headerSize);



 340 
 341                 // deliver this message
 342                 deliverStream.write(buf, 0, count);    // may throw IOException
 343                 deliverStream.flush();                 // may throw IOException



 344 
 345                 if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
 346                     SSLLogger.fine("Raw write",
 347                             (new ByteArrayInputStream(buf, 0, count)));
 348                 }
 349 
 350                 // reset the internal buffer
 351                 count = 0;





















 352 
 353                 if (isFirstAppOutputRecord) {
 354                     isFirstAppOutputRecord = false;
 355                 }

 356 
 357                 offset += fragLen;




 358             }
 359         } finally {
 360             recordLock.unlock();



















 361         }
 362     }
 363 
 364     @Override
 365     void setDeliverStream(OutputStream outputStream) {
 366         recordLock.lock();
 367         try {
 368             this.deliverStream = outputStream;
 369         } finally {
 370             recordLock.unlock();
 371         }
 372     }
 373 
 374     /*
 375      * Need to split the payload except the following cases:
 376      *
 377      * 1. protocol version is TLS 1.1 or later;
 378      * 2. bulk cipher does not use CBC mode, including null bulk cipher suites.
 379      * 3. the payload is the first application record of a freshly
 380      *    negotiated TLS session.
 381      * 4. the CBC protection is disabled;
 382      *
 383      * By default, we counter chosen plaintext issues on CBC mode
 384      * ciphersuites in SSLv3/TLS1.0 by sending one byte of application
 385      * data in the first record of every payload, and the rest in
 386      * subsequent record(s). Note that the issues have been solved in
 387      * TLS 1.1 or later.
 388      *
 389      * It is not necessary to split the very first application record of
 390      * a freshly negotiated TLS session, as there is no previous
 391      * application data to guess.  To improve compatibility, we will not


 395      * the peer must have similar protections.
 396      */
 397     private boolean needToSplitPayload() {
 398         return (!protocolVersion.useTLS11PlusSpec()) &&
 399                 writeCipher.isCBCMode() && !isFirstAppOutputRecord &&
 400                 Record.enableCBCProtection;
 401     }
 402 
 403     private int getFragLimit() {
 404         int fragLimit;
 405         if (packetSize > 0) {
 406             fragLimit = Math.min(maxRecordSize, packetSize);
 407             fragLimit =
 408                     writeCipher.calculateFragmentSize(fragLimit, headerSize);
 409 
 410             fragLimit = Math.min(fragLimit, Record.maxDataSize);
 411         } else {
 412             fragLimit = Record.maxDataSize;
 413         }
 414 
 415         // Calculate more impact, for example TLS 1.3 padding.
 416         fragLimit = calculateFragmentSize(fragLimit);

 417 
 418         return fragLimit;
 419     }
 420 }
   1 /*
   2  * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any


  34 
  35 /**
  36  * {@code OutputRecord} implementation for {@code SSLSocket}.
  37  */
  38 final class SSLSocketOutputRecord extends OutputRecord implements SSLRecord {
  39     private OutputStream deliverStream = null;
  40 
  41     SSLSocketOutputRecord(HandshakeHash handshakeHash) {
  42         this(handshakeHash, null);
  43     }
  44 
  45     SSLSocketOutputRecord(HandshakeHash handshakeHash,
  46             TransportContext tc) {
  47         super(handshakeHash, SSLCipher.SSLWriteCipher.nullTlsWriteCipher());
  48         this.tc = tc;
  49         this.packetSize = SSLRecord.maxRecordSize;
  50         this.protocolVersion = ProtocolVersion.NONE;
  51     }
  52 
  53     @Override
  54     synchronized void encodeAlert(
  55             byte level, byte description) throws IOException {
  56         if (isClosed()) {
  57             if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
  58                 SSLLogger.warning("outbound has closed, ignore outbound " +
  59                     "alert message: " + Alert.nameOf(description));
















  60             }
  61             return;
  62         }
  63 
  64         // use the buf of ByteArrayOutputStream
  65         int position = headerSize + writeCipher.getExplicitNonceSize();
  66         count = position;
  67 
  68         write(level);
  69         write(description);
  70         if (SSLLogger.isOn && SSLLogger.isOn("record")) {
  71             SSLLogger.fine("WRITE: " + protocolVersion +
  72                     " " + ContentType.ALERT.name +
  73                     "(" + Alert.nameOf(description) + ")" +
  74                     ", length = " + (count - headerSize));
  75         }
  76 
  77         // Encrypt the fragment and wrap up a record.
  78         encrypt(writeCipher, ContentType.ALERT.id, headerSize);


  79 
  80         // deliver this message
  81         deliverStream.write(buf, 0, count);    // may throw IOException
  82         deliverStream.flush();                 // may throw IOException
  83 
  84         if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
  85             SSLLogger.fine("Raw write",
  86                     (new ByteArrayInputStream(buf, 0, count)));
  87         }
  88 
  89         // reset the internal buffer
  90         count = 0;
  91     }
  92 
  93     @Override
  94     synchronized void encodeHandshake(byte[] source,
  95             int offset, int length) throws IOException {
  96         if (isClosed()) {
  97             if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
  98                 SSLLogger.warning("outbound has closed, ignore outbound " +
  99                         "handshake message",
 100                         ByteBuffer.wrap(source, offset, length));




 101             }
 102             return;
 103         }
 104 
 105         if (firstMessage) {
 106             firstMessage = false;
 107 
 108             if ((helloVersion == ProtocolVersion.SSL20Hello) &&
 109                 (source[offset] == SSLHandshake.CLIENT_HELLO.id) &&
 110                                             //  5: recode header size
 111                 (source[offset + 4 + 2 + 32] == 0)) {
 112                                             // V3 session ID is empty
 113                                             //  4: handshake header size
 114                                             //  2: client_version in ClientHello
 115                                             // 32: random in ClientHello
 116 
 117                 ByteBuffer v2ClientHello = encodeV2ClientHello(
 118                         source, (offset + 4), (length - 4));

















































 119 
 120                 byte[] record = v2ClientHello.array();  // array offset is zero
 121                 int limit = v2ClientHello.limit();
 122                 handshakeHash.deliver(record, 2, (limit - 2));


 123 
 124                 if (SSLLogger.isOn && SSLLogger.isOn("record")) {
 125                     SSLLogger.fine(
 126                             "WRITE: SSLv2 ClientHello message" +
 127                             ", length = " + limit);

 128                 }
 129 



 130                 // deliver this message
 131                 //
 132                 // Version 2 ClientHello message should be plaintext.
 133                 //
 134                 // No max fragment length negotiation.
 135                 deliverStream.write(record, 0, limit);
 136                 deliverStream.flush();
 137 
 138                 if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
 139                     SSLLogger.fine("Raw write",
 140                             (new ByteArrayInputStream(record, 0, limit)));
 141                 }
 142 
 143                 return;




 144             }


 145         }

 146 
 147         byte handshakeType = source[0];
 148         if (handshakeHash.isHashable(handshakeType)) {
 149             handshakeHash.deliver(source, offset, length);
 150         }







 151 
 152         int fragLimit = getFragLimit();
 153         int position = headerSize + writeCipher.getExplicitNonceSize();
 154         if (count == 0) {
 155             count = position;
 156         }
 157 
 158         if ((count - position) < (fragLimit - length)) {
 159             write(source, offset, length);
 160             return;
 161         }




 162 
 163         for (int limit = (offset + length); offset < limit;) {



 164 
 165             int remains = (limit - offset) + (count - position);
 166             int fragLen = Math.min(fragLimit, remains);




 167 
 168             // use the buf of ByteArrayOutputStream
 169             write(source, offset, fragLen);
 170             if (remains < fragLimit) {



 171                 return;
 172             }
 173 
 174             if (SSLLogger.isOn && SSLLogger.isOn("record")) {
 175                 SSLLogger.fine(
 176                         "WRITE: " + protocolVersion +
 177                         " " + ContentType.HANDSHAKE.name +
 178                         ", length = " + (count - headerSize));
 179             }
 180 
 181             // Encrypt the fragment and wrap up a record.
 182             encrypt(writeCipher, ContentType.HANDSHAKE.id, headerSize);
 183 
 184             // deliver this message
 185             deliverStream.write(buf, 0, count);    // may throw IOException
 186             deliverStream.flush();                 // may throw IOException
 187 
 188             if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
 189                 SSLLogger.fine("Raw write",
 190                         (new ByteArrayInputStream(buf, 0, count)));
 191             }
 192 
 193             // reset the offset
 194             offset += fragLen;
 195 
 196             // reset the internal buffer
 197             count = position;


 198         }
 199     }
 200 
 201     @Override
 202     synchronized void encodeChangeCipherSpec() throws IOException {
 203         if (isClosed()) {
 204             if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
 205                 SSLLogger.warning("outbound has closed, ignore outbound " +
 206                     "change_cipher_spec message");

 207             }
 208             return;
 209         }
 210 
 211         // use the buf of ByteArrayOutputStream
 212         int position = headerSize + writeCipher.getExplicitNonceSize();
 213         count = position;
 214 
 215         write((byte)1);         // byte 1: change_cipher_spec(
 216 
 217         // Encrypt the fragment and wrap up a record.
 218         encrypt(writeCipher, ContentType.CHANGE_CIPHER_SPEC.id, headerSize);
 219 
 220         // deliver this message
 221         deliverStream.write(buf, 0, count);        // may throw IOException
 222         // deliverStream.flush();                  // flush in Finished
 223 
 224         if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
 225             SSLLogger.fine("Raw write",
 226                     (new ByteArrayInputStream(buf, 0, count)));
 227         }
 228 
 229         // reset the internal buffer
 230         count = 0;
 231     }
 232 
 233     @Override
 234     public synchronized void flush() throws IOException {
 235         int position = headerSize + writeCipher.getExplicitNonceSize();
 236         if (count <= position) {
 237             return;
 238         }






 239 
 240         if (SSLLogger.isOn && SSLLogger.isOn("record")) {
 241             SSLLogger.fine(
 242                     "WRITE: " + protocolVersion +
 243                     " " + ContentType.HANDSHAKE.name +
 244                     ", length = " + (count - headerSize));
 245         }
 246 
 247         // Encrypt the fragment and wrap up a record.
 248         encrypt(writeCipher, ContentType.HANDSHAKE.id, headerSize);




 249 
 250         // deliver this message
 251         deliverStream.write(buf, 0, count);    // may throw IOException
 252         deliverStream.flush();                 // may throw IOException
 253 
 254         if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
 255             SSLLogger.fine("Raw write",
 256                     (new ByteArrayInputStream(buf, 0, count)));
 257         }
 258 
 259         // reset the internal buffer
 260         count = 0;      // DON'T use position
 261     }



 262 
 263     @Override
 264     synchronized void deliver(
 265             byte[] source, int offset, int length) throws IOException {
 266         if (isClosed()) {
 267             throw new SocketException("Connection or outbound has been closed");
 268         }
 269 
 270         if (writeCipher.authenticator.seqNumOverflow()) {
 271             if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
 272                 SSLLogger.fine(
 273                     "sequence number extremely close to overflow " +
 274                     "(2^64-1 packets). Closing connection.");
 275             }
 276 
 277             throw new SSLHandshakeException("sequence number overflow");
 278         }


 279 
 280         boolean isFirstRecordOfThePayload = true;
 281         for (int limit = (offset + length); offset < limit;) {
 282             int fragLen;
 283             if (packetSize > 0) {
 284                 fragLen = Math.min(maxRecordSize, packetSize);
 285                 fragLen =
 286                         writeCipher.calculateFragmentSize(fragLen, headerSize);
 287 
 288                 fragLen = Math.min(fragLen, Record.maxDataSize);
 289             } else {
 290                 fragLen = Record.maxDataSize;
 291             }
 292 
 293             if (fragmentSize > 0) {
 294                 fragLen = Math.min(fragLen, fragmentSize);
 295             }
 296 
 297             if (isFirstRecordOfThePayload && needToSplitPayload()) {
 298                 fragLen = 1;
 299                 isFirstRecordOfThePayload = false;
 300             } else {
 301                 fragLen = Math.min(fragLen, (limit - offset));
 302             }
 303 
 304             // use the buf of ByteArrayOutputStream
 305             int position = headerSize + writeCipher.getExplicitNonceSize();
 306             count = position;
 307             write(source, offset, fragLen);
 308 
 309             if (SSLLogger.isOn && SSLLogger.isOn("record")) {
 310                 SSLLogger.fine(
 311                         "WRITE: " + protocolVersion +
 312                         " " + ContentType.APPLICATION_DATA.name +
 313                         ", length = " + (count - position));
 314             }
 315 
 316             // Encrypt the fragment and wrap up a record.
 317             encrypt(writeCipher, ContentType.APPLICATION_DATA.id, headerSize);
 318 
 319             // deliver this message
 320             deliverStream.write(buf, 0, count);    // may throw IOException
 321             deliverStream.flush();                 // may throw IOException
 322 
 323             if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
 324                 SSLLogger.fine("Raw write",
 325                         (new ByteArrayInputStream(buf, 0, count)));
 326             }
 327 
 328             // reset the internal buffer
 329             count = 0;
 330 
 331             if (isFirstAppOutputRecord) {
 332                 isFirstAppOutputRecord = false;
 333             }
 334 
 335             offset += fragLen;
 336         }
 337     }
 338 
 339     @Override
 340     synchronized void setDeliverStream(OutputStream outputStream) {
 341         this.deliverStream = outputStream;





 342     }
 343 
 344     /*
 345      * Need to split the payload except the following cases:
 346      *
 347      * 1. protocol version is TLS 1.1 or later;
 348      * 2. bulk cipher does not use CBC mode, including null bulk cipher suites.
 349      * 3. the payload is the first application record of a freshly
 350      *    negotiated TLS session.
 351      * 4. the CBC protection is disabled;
 352      *
 353      * By default, we counter chosen plaintext issues on CBC mode
 354      * ciphersuites in SSLv3/TLS1.0 by sending one byte of application
 355      * data in the first record of every payload, and the rest in
 356      * subsequent record(s). Note that the issues have been solved in
 357      * TLS 1.1 or later.
 358      *
 359      * It is not necessary to split the very first application record of
 360      * a freshly negotiated TLS session, as there is no previous
 361      * application data to guess.  To improve compatibility, we will not


 365      * the peer must have similar protections.
 366      */
 367     private boolean needToSplitPayload() {
 368         return (!protocolVersion.useTLS11PlusSpec()) &&
 369                 writeCipher.isCBCMode() && !isFirstAppOutputRecord &&
 370                 Record.enableCBCProtection;
 371     }
 372 
 373     private int getFragLimit() {
 374         int fragLimit;
 375         if (packetSize > 0) {
 376             fragLimit = Math.min(maxRecordSize, packetSize);
 377             fragLimit =
 378                     writeCipher.calculateFragmentSize(fragLimit, headerSize);
 379 
 380             fragLimit = Math.min(fragLimit, Record.maxDataSize);
 381         } else {
 382             fragLimit = Record.maxDataSize;
 383         }
 384 
 385         if (fragmentSize > 0) {
 386             fragLimit = Math.min(fragLimit, fragmentSize);
 387         }
 388 
 389         return fragLimit;
 390     }
 391 }
< prev index next >