< prev index next >

src/java.base/share/classes/sun/security/ssl/SSLKeyExchange.java

Print this page

        

@@ -1,7 +1,7 @@
 /*
- * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.  Oracle designates this

@@ -28,10 +28,14 @@
 import java.io.IOException;
 import java.util.AbstractMap.SimpleImmutableEntry;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
+import sun.security.ssl.DHKeyExchange.DHEPossession;
+import sun.security.ssl.ECDHKeyExchange.ECDHEPossession;
+import sun.security.ssl.SupportedGroupsExtension.NamedGroup;
+import sun.security.ssl.SupportedGroupsExtension.NamedGroupType;
 import sun.security.ssl.SupportedGroupsExtension.SupportedGroups;
 import sun.security.ssl.X509Authentication.X509Possession;
 
 final class SSLKeyExchange implements SSLKeyAgreementGenerator,
         SSLHandshakeBinding {

@@ -237,11 +241,12 @@
 
     // TLS 1.3
     static SSLKeyExchange valueOf(NamedGroup namedGroup) {
         SSLKeyAgreement ka = T13KeyAgreement.valueOf(namedGroup);
         if (ka != null) {
-            return new SSLKeyExchange(null, ka);
+            return new SSLKeyExchange(
+                null, T13KeyAgreement.valueOf(namedGroup));
         }
 
         return null;
     }
 

@@ -330,11 +335,11 @@
         DHE_EXPORT      ("dhe_export",  DHKeyExchange.poExportableGenerator,
                                         DHKeyExchange.kaGenerator),
         ECDH            ("ecdh",        null,
                                         ECDHKeyExchange.ecdhKAGenerator),
         ECDHE           ("ecdhe",       ECDHKeyExchange.poGenerator,
-                                        ECDHKeyExchange.ecdheXdhKAGenerator);
+                                        ECDHKeyExchange.ecdheKAGenerator);
 
         final String name;
         final SSLPossessionGenerator possessionGenerator;
         final SSLKeyAgreementGenerator keyAgreementGenerator;
 

@@ -563,15 +568,29 @@
             return supportedKeyShares.get(namedGroup);
         }
 
         @Override
         public SSLPossession createPossession(HandshakeContext hc) {
-            return namedGroup.createPossession(hc.sslContext.getSecureRandom());
+            if (namedGroup.type == NamedGroupType.NAMED_GROUP_ECDHE) {
+                return new ECDHEPossession(
+                        namedGroup, hc.sslContext.getSecureRandom());
+            } else if (namedGroup.type == NamedGroupType.NAMED_GROUP_FFDHE) {
+                return new DHEPossession(
+                        namedGroup, hc.sslContext.getSecureRandom());
+            }
+
+            return null;
         }
 
         @Override
         public SSLKeyDerivation createKeyDerivation(
                 HandshakeContext hc) throws IOException {
-            return namedGroup.createKeyDerivation(hc);
+            if (namedGroup.type == NamedGroupType.NAMED_GROUP_ECDHE) {
+                return ECDHKeyExchange.ecdheKAGenerator.createKeyDerivation(hc);
+            } else if (namedGroup.type == NamedGroupType.NAMED_GROUP_FFDHE) {
+                return DHKeyExchange.kaGenerator.createKeyDerivation(hc);
+            }
+
+            return null;
         }
     }
 }
< prev index next >