< prev index next >

src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java

Print this page

        

@@ -30,22 +30,20 @@
 import java.text.MessageFormat;
 import java.util.List;
 import java.util.ArrayList;
 import java.util.Locale;
 import java.util.Arrays;
+import java.util.Objects;
 import java.util.Collection;
 import javax.crypto.Mac;
 import javax.crypto.SecretKey;
 import javax.net.ssl.SSLPeerUnverifiedException;
 import static sun.security.ssl.ClientAuthType.CLIENT_AUTH_REQUIRED;
 import sun.security.ssl.ClientHello.ClientHelloMessage;
 import sun.security.ssl.SSLExtension.ExtensionConsumer;
 import sun.security.ssl.SSLExtension.SSLExtensionSpec;
 import sun.security.ssl.SSLHandshake.HandshakeMessage;
-import sun.security.ssl.SessionTicketExtension.SessionTicketSpec;
-import sun.security.util.HexDumpEncoder;
-
 import static sun.security.ssl.SSLExtension.*;
 
 /**
  * Pack of the "pre_shared_key" extension.
  */

@@ -88,11 +86,11 @@
             Record.putInt32(m, obfuscatedAge);
         }
 
         @Override
         public String toString() {
-            return "{" + Utilities.toHexString(identity) + ", " +
+            return "{" + Utilities.toHexString(identity) + "," +
                 obfuscatedAge + "}";
         }
     }
 
     private static final

@@ -208,14 +206,12 @@
 
         @Override
         public String toString() {
             MessageFormat messageFormat = new MessageFormat(
                 "\"PreSharedKey\": '{'\n" +
-                "  \"identities\": '{'\n" +
-                "{0}\n" +
-                "  '}'" +
-                "  \"binders\": \"{1}\",\n" +
+                "  \"identities\"    : \"{0}\",\n" +
+                "  \"binders\"       : \"{1}\",\n" +
                 "'}'",
                 Locale.ENGLISH);
 
             Object[] messageFields = {
                 Utilities.indent(identitiesString()),

@@ -224,17 +220,13 @@
 
             return messageFormat.format(messageFields);
         }
 
         String identitiesString() {
-            HexDumpEncoder hexEncoder = new HexDumpEncoder();
-
             StringBuilder result = new StringBuilder();
             for (PskIdentity curId : identities) {
-                result.append("  {\n"+ Utilities.indent(
-                        hexEncoder.encode(curId.identity), "    ") +
-                        "\n  }\n");
+                result.append(curId.toString() + "\n");
             }
 
             return result.toString();
         }
 

@@ -284,11 +276,11 @@
                         m.remaining() + ")");
             }
             this.selectedIdentity = Record.getInt16(m);
         }
 
-        byte[] getEncoded() {
+        byte[] getEncoded() throws IOException {
             return new byte[] {
                 (byte)((selectedIdentity >> 8) & 0xFF),
                 (byte)(selectedIdentity & 0xFF)
             };
         }

@@ -374,40 +366,12 @@
 
             if (shc.isResumption) {     // resumingSession may not be set
                 SSLSessionContextImpl sessionCache = (SSLSessionContextImpl)
                         shc.sslContext.engineGetServerSessionContext();
                 int idIndex = 0;
-                SSLSessionImpl s = null;
-
                 for (PskIdentity requestedId : pskSpec.identities) {
-                    // If we are keeping state, see if the identity is in the cache
-                    if (requestedId.identity.length == SessionId.MAX_LENGTH) {
-                        s = sessionCache.get(requestedId.identity);
-                    }
-                    // See if the identity is a stateless ticket
-                    if (s == null &&
-                            requestedId.identity.length > SessionId.MAX_LENGTH &&
-                            sessionCache.statelessEnabled()) {
-                        ByteBuffer b =
-                                new SessionTicketSpec(requestedId.identity).
-                                        decrypt(shc);
-                        if (b != null) {
-                            try {
-                                s = new SSLSessionImpl(shc, b);
-                            } catch (IOException | RuntimeException e) {
-                                s = null;
-                            }
-                        }
-                        if (b == null || s == null) {
-                            if (SSLLogger.isOn &&
-                                    SSLLogger.isOn("ssl,handshake")) {
-                                SSLLogger.fine(
-                                        "Stateless session ticket invalid");
-                            }
-                        }
-                    }
-
+                    SSLSessionImpl s = sessionCache.get(requestedId.identity);
                     if (s != null && canRejoin(clientHello, shc, s)) {
                         if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                             SSLLogger.fine("Resuming session: ", s);
                         }
 

@@ -425,10 +389,11 @@
                     // no resumable session
                     shc.isResumption = false;
                     shc.resumingSession = null;
                 }
             }
+
             // update the context
             shc.handshakeExtensions.put(
                 SSLExtension.CH_PRE_SHARED_KEY, pskSpec);
         }
     }

@@ -741,12 +706,11 @@
 
         private CHPreSharedKeySpec createPskPrototype(
                 int hashLength, List<PskIdentity> identities) {
             List<byte[]> binders = new ArrayList<>();
             byte[] binderProto = new byte[hashLength];
-            int i = identities.size();
-            while (i-- > 0) {
+            for (PskIdentity curId : identities) {
                 binders.add(binderProto);
             }
 
             return new CHPreSharedKeySpec(identities, binders);
         }
< prev index next >