< prev index next >

src/java.base/share/classes/sun/security/ssl/HandshakeContext.java

Print this page




  29 import java.nio.BufferOverflowException;
  30 import java.nio.BufferUnderflowException;
  31 import java.nio.ByteBuffer;
  32 import java.security.AlgorithmConstraints;
  33 import java.security.CryptoPrimitive;
  34 import java.util.AbstractMap.SimpleImmutableEntry;
  35 import java.util.ArrayList;
  36 import java.util.Collections;
  37 import java.util.EnumMap;
  38 import java.util.EnumSet;
  39 import java.util.HashMap;
  40 import java.util.LinkedHashMap;
  41 import java.util.LinkedList;
  42 import java.util.List;
  43 import java.util.Map;
  44 import java.util.Queue;
  45 import javax.crypto.SecretKey;
  46 import javax.net.ssl.SNIServerName;
  47 import javax.net.ssl.SSLHandshakeException;
  48 import javax.security.auth.x500.X500Principal;
  49 import sun.security.ssl.NamedGroup.NamedGroupType;
  50 import static sun.security.ssl.NamedGroup.NamedGroupType.*;

  51 import sun.security.ssl.SupportedGroupsExtension.SupportedGroups;
  52 
  53 abstract class HandshakeContext implements ConnectionContext {
  54     // System properties
  55 
  56     // By default, disable the unsafe legacy session renegotiation.
  57     static final boolean allowUnsafeRenegotiation =
  58             Utilities.getBooleanProperty(
  59                     "sun.security.ssl.allowUnsafeRenegotiation", false);
  60 
  61     // For maximum interoperability and backward compatibility, RFC 5746
  62     // allows server (or client) to accept ClientHello (or ServerHello)
  63     // message without the secure renegotiation_info extension or SCSV.
  64     //
  65     // For maximum security, RFC 5746 also allows server (or client) to
  66     // reject such message with a fatal "handshake_failure" alert.
  67     //
  68     // By default, allow such legacy hello messages.
  69     static final boolean allowLegacyHelloMessages =
  70             Utilities.getBooleanProperty(


  84     final List<CipherSuite>                 activeCipherSuites;
  85     final AlgorithmConstraints              algorithmConstraints;
  86     final ProtocolVersion                   maximumActiveProtocol;
  87 
  88     // output stream
  89     final HandshakeOutStream                handshakeOutput;
  90 
  91     // handshake transcript hash
  92     final HandshakeHash                     handshakeHash;
  93 
  94     // negotiated security parameters
  95     SSLSessionImpl                          handshakeSession;
  96     boolean                                 handshakeFinished;
  97     // boolean                                 isInvalidated;
  98 
  99     boolean                                 kickstartMessageDelivered;
 100 
 101     // Resumption
 102     boolean                                 isResumption;
 103     SSLSessionImpl                          resumingSession;
 104     // Session is using stateless resumption
 105     boolean                                 statelessResumption = false;
 106 
 107     final Queue<Map.Entry<Byte, ByteBuffer>> delegatedActions;
 108     volatile boolean                        taskDelegated = false;
 109     volatile Exception                      delegatedThrown = null;
 110 
 111     ProtocolVersion                         negotiatedProtocol;
 112     CipherSuite                             negotiatedCipherSuite;
 113     final List<SSLPossession>               handshakePossessions;
 114     final List<SSLCredentials>              handshakeCredentials;
 115     SSLKeyDerivation                        handshakeKeyDerivation;
 116     SSLKeyExchange                          handshakeKeyExchange;
 117     SecretKey                               baseReadSecret;
 118     SecretKey                               baseWriteSecret;
 119 
 120     // protocol version being established
 121     int                                     clientHelloVersion;
 122     String                                  applicationProtocol;
 123 
 124     RandomCookie                            clientHelloRandom;
 125     RandomCookie                            serverHelloRandom;


 501     /**
 502      * Set the active protocol version and propagate it to the SSLSocket
 503      * and our handshake streams. Called from ClientHandshaker
 504      * and ServerHandshaker with the negotiated protocol version.
 505      */
 506     void setVersion(ProtocolVersion protocolVersion) {
 507         this.conContext.protocolVersion = protocolVersion;
 508     }
 509 
 510     private static boolean isActivatable(CipherSuite suite,
 511             AlgorithmConstraints algorithmConstraints,
 512             Map<NamedGroupType, Boolean> cachedStatus) {
 513 
 514         if (algorithmConstraints.permits(
 515                 EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), suite.name, null)) {
 516             if (suite.keyExchange == null) {
 517                 // TLS 1.3, no definition of key exchange in cipher suite.
 518                 return true;
 519             }
 520 
 521             // Is at least one of the group types available?
 522             boolean groupAvailable, retval = false;
 523             NamedGroupType[] groupTypes = suite.keyExchange.groupTypes;
 524             for (NamedGroupType groupType : groupTypes) {
 525                 if (groupType != NAMED_GROUP_NONE) {
 526                     Boolean checkedStatus = cachedStatus.get(groupType);
 527                     if (checkedStatus == null) {
 528                         groupAvailable = SupportedGroups.isActivatable(
 529                                 algorithmConstraints, groupType);
 530                         cachedStatus.put(groupType, groupAvailable);
 531 
 532                         if (!groupAvailable &&
 533                                 SSLLogger.isOn && SSLLogger.isOn("verbose")) {
 534                             SSLLogger.fine(
 535                                     "No activated named group in " + groupType);
 536                         }
 537                     } else {
 538                         groupAvailable = checkedStatus;
 539                     }
 540 
 541                     retval |= groupAvailable;
 542                 } else {
 543                     retval |= true;
 544                 }
 545             }
 546 
 547             if (!retval && SSLLogger.isOn && SSLLogger.isOn("verbose")) {
 548                 SSLLogger.fine("No active named group(s), ignore " + suite);





 549             }
 550 
 551             return retval;
 552 
 553         } else if (SSLLogger.isOn && SSLLogger.isOn("verbose")) {
 554             SSLLogger.fine("Ignore disabled cipher suite: " + suite);
 555         }
 556 
 557         return false;
 558     }
 559 
 560     List<SNIServerName> getRequestedServerNames() {
 561         if (requestedServerNames == null) {
 562             return Collections.emptyList();
 563         }
 564         return requestedServerNames;
 565     }
 566 }
 567 


  29 import java.nio.BufferOverflowException;
  30 import java.nio.BufferUnderflowException;
  31 import java.nio.ByteBuffer;
  32 import java.security.AlgorithmConstraints;
  33 import java.security.CryptoPrimitive;
  34 import java.util.AbstractMap.SimpleImmutableEntry;
  35 import java.util.ArrayList;
  36 import java.util.Collections;
  37 import java.util.EnumMap;
  38 import java.util.EnumSet;
  39 import java.util.HashMap;
  40 import java.util.LinkedHashMap;
  41 import java.util.LinkedList;
  42 import java.util.List;
  43 import java.util.Map;
  44 import java.util.Queue;
  45 import javax.crypto.SecretKey;
  46 import javax.net.ssl.SNIServerName;
  47 import javax.net.ssl.SSLHandshakeException;
  48 import javax.security.auth.x500.X500Principal;
  49 import sun.security.ssl.SupportedGroupsExtension.NamedGroup;
  50 import sun.security.ssl.SupportedGroupsExtension.NamedGroupType;
  51 import static sun.security.ssl.SupportedGroupsExtension.NamedGroupType.*;
  52 import sun.security.ssl.SupportedGroupsExtension.SupportedGroups;
  53 
  54 abstract class HandshakeContext implements ConnectionContext {
  55     // System properties
  56 
  57     // By default, disable the unsafe legacy session renegotiation.
  58     static final boolean allowUnsafeRenegotiation =
  59             Utilities.getBooleanProperty(
  60                     "sun.security.ssl.allowUnsafeRenegotiation", false);
  61 
  62     // For maximum interoperability and backward compatibility, RFC 5746
  63     // allows server (or client) to accept ClientHello (or ServerHello)
  64     // message without the secure renegotiation_info extension or SCSV.
  65     //
  66     // For maximum security, RFC 5746 also allows server (or client) to
  67     // reject such message with a fatal "handshake_failure" alert.
  68     //
  69     // By default, allow such legacy hello messages.
  70     static final boolean allowLegacyHelloMessages =
  71             Utilities.getBooleanProperty(


  85     final List<CipherSuite>                 activeCipherSuites;
  86     final AlgorithmConstraints              algorithmConstraints;
  87     final ProtocolVersion                   maximumActiveProtocol;
  88 
  89     // output stream
  90     final HandshakeOutStream                handshakeOutput;
  91 
  92     // handshake transcript hash
  93     final HandshakeHash                     handshakeHash;
  94 
  95     // negotiated security parameters
  96     SSLSessionImpl                          handshakeSession;
  97     boolean                                 handshakeFinished;
  98     // boolean                                 isInvalidated;
  99 
 100     boolean                                 kickstartMessageDelivered;
 101 
 102     // Resumption
 103     boolean                                 isResumption;
 104     SSLSessionImpl                          resumingSession;


 105 
 106     final Queue<Map.Entry<Byte, ByteBuffer>> delegatedActions;
 107     volatile boolean                        taskDelegated = false;
 108     volatile Exception                      delegatedThrown = null;
 109 
 110     ProtocolVersion                         negotiatedProtocol;
 111     CipherSuite                             negotiatedCipherSuite;
 112     final List<SSLPossession>               handshakePossessions;
 113     final List<SSLCredentials>              handshakeCredentials;
 114     SSLKeyDerivation                        handshakeKeyDerivation;
 115     SSLKeyExchange                          handshakeKeyExchange;
 116     SecretKey                               baseReadSecret;
 117     SecretKey                               baseWriteSecret;
 118 
 119     // protocol version being established
 120     int                                     clientHelloVersion;
 121     String                                  applicationProtocol;
 122 
 123     RandomCookie                            clientHelloRandom;
 124     RandomCookie                            serverHelloRandom;


 500     /**
 501      * Set the active protocol version and propagate it to the SSLSocket
 502      * and our handshake streams. Called from ClientHandshaker
 503      * and ServerHandshaker with the negotiated protocol version.
 504      */
 505     void setVersion(ProtocolVersion protocolVersion) {
 506         this.conContext.protocolVersion = protocolVersion;
 507     }
 508 
 509     private static boolean isActivatable(CipherSuite suite,
 510             AlgorithmConstraints algorithmConstraints,
 511             Map<NamedGroupType, Boolean> cachedStatus) {
 512 
 513         if (algorithmConstraints.permits(
 514                 EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), suite.name, null)) {
 515             if (suite.keyExchange == null) {
 516                 // TLS 1.3, no definition of key exchange in cipher suite.
 517                 return true;
 518             }
 519 
 520             boolean available;
 521             NamedGroupType groupType = suite.keyExchange.groupType;
 522             if (groupType != NAMED_GROUP_NONE) {
 523                 Boolean checkedStatus = cachedStatus.get(groupType);
 524                 if (checkedStatus == null) {
 525                     available = SupportedGroups.isActivatable(
 526                             algorithmConstraints, groupType);
 527                     cachedStatus.put(groupType, available);
 528 
 529                     if (!available &&
 530                             SSLLogger.isOn && SSLLogger.isOn("verbose")) {
 531                         SSLLogger.fine("No activated named group");






 532                     }


 533                 } else {
 534                     available = checkedStatus;
 535                 }

 536 
 537                 if (!available && SSLLogger.isOn && SSLLogger.isOn("verbose")) {
 538                     SSLLogger.fine(
 539                         "No active named group, ignore " + suite);
 540                 }
 541                 return available;
 542             } else {
 543                 return true;
 544             }



 545         } else if (SSLLogger.isOn && SSLLogger.isOn("verbose")) {
 546             SSLLogger.fine("Ignore disabled cipher suite: " + suite);
 547         }
 548 
 549         return false;
 550     }
 551 
 552     List<SNIServerName> getRequestedServerNames() {
 553         if (requestedServerNames == null) {
 554             return Collections.<SNIServerName>emptyList();
 555         }
 556         return requestedServerNames;
 557     }
 558 }
 559 
< prev index next >