CoCalc -- ExtendedMasterSecretExtension.java

GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/classes/sun/security/ssl/ExtendedMasterSecretExtension.java
³⁸⁸³⁰ views
1
/*
2
 * Copyright (c) 2017, Red Hat, Inc. and/or its affiliates.
3
 * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
4
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
5
 *
6
 * This code is free software; you can redistribute it and/or modify it
7
 * under the terms of the GNU General Public License version 2 only, as
8
 * published by the Free Software Foundation.  Oracle designates this
9
 * particular file as subject to the "Classpath" exception as provided
10
 * by Oracle in the LICENSE file that accompanied this code.
11
 *
12
 * This code is distributed in the hope that it will be useful, but WITHOUT
13
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
15
 * version 2 for more details (a copy is included in the LICENSE file that
16
 * accompanied this code).
17
 *
18
 * You should have received a copy of the GNU General Public License version
19
 * 2 along with this work; if not, write to the Free Software Foundation,
20
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
21
 *
22
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
23
 * or visit www.oracle.com if you need additional information or have any
24
 * questions.
25
 */
26

27
package sun.security.ssl;
28

29
import java.io.IOException;
30
import java.nio.ByteBuffer;
31
import javax.net.ssl.SSLProtocolException;
32
import static sun.security.ssl.SSLExtension.CH_EXTENDED_MASTER_SECRET;
33
import sun.security.ssl.SSLExtension.ExtensionConsumer;
34
import static sun.security.ssl.SSLExtension.SH_EXTENDED_MASTER_SECRET;
35
import sun.security.ssl.SSLExtension.SSLExtensionSpec;
36
import sun.security.ssl.SSLHandshake.HandshakeMessage;
37

38
/**
39
 * Pack of the "extended_master_secret" extensions [RFC 7627].
40
 */
41
final class ExtendedMasterSecretExtension {
42
    static final HandshakeProducer chNetworkProducer =
43
            new CHExtendedMasterSecretProducer();
44
    static final ExtensionConsumer chOnLoadConsumer =
45
            new CHExtendedMasterSecretConsumer();
46
    static final HandshakeAbsence chOnLoadAbsence =
47
            new CHExtendedMasterSecretAbsence();
48

49
    static final HandshakeProducer shNetworkProducer =
50
            new SHExtendedMasterSecretProducer();
51
    static final ExtensionConsumer shOnLoadConsumer =
52
            new SHExtendedMasterSecretConsumer();
53
    static final HandshakeAbsence shOnLoadAbsence =
54
            new SHExtendedMasterSecretAbsence();
55

56
    static final SSLStringizer emsStringizer =
57
            new ExtendedMasterSecretStringizer();
58

59
    /**
60
     * The "extended_master_secret" extension.
61
     */
62
    static final class ExtendedMasterSecretSpec implements SSLExtensionSpec {
63
        // A nominal object that does not holding any real renegotiation info.
64
        static final ExtendedMasterSecretSpec NOMINAL =
65
                new ExtendedMasterSecretSpec();
66

67
        private ExtendedMasterSecretSpec() {
68
            // blank
69
        }
70

71
        private ExtendedMasterSecretSpec(ByteBuffer m) throws IOException {
72
            // Parse the extension.
73
            if (m.hasRemaining()) {
74
                throw new SSLProtocolException(
75
                    "Invalid extended_master_secret extension data: " +
76
                    "not empty");
77
            }
78
        }
79

80
        @Override
81
        public String toString() {
82
            return "<empty>";
83
        }
84
    }
85

86
    private static final
87
            class ExtendedMasterSecretStringizer implements SSLStringizer {
88
        @Override
89
        public String toString(ByteBuffer buffer) {
90
            try {
91
                return (new ExtendedMasterSecretSpec(buffer)).toString();
92
            } catch (IOException ioe) {
93
                // For debug logging only, so please swallow exceptions.
94
                return ioe.getMessage();
95
            }
96
        }
97
    }
98

99
    /**
100
     * Network data producer of a "extended_master_secret" extension in
101
     * the ClientHello handshake message.
102
     */
103
    private static final
104
            class CHExtendedMasterSecretProducer implements HandshakeProducer {
105
        // Prevent instantiation of this class.
106
        private CHExtendedMasterSecretProducer() {
107
            // blank
108
        }
109

110
        @Override
111
        public byte[] produce(ConnectionContext context,
112
                HandshakeMessage message) throws IOException {
113
            // The producing happens in client side only.
114
            ClientHandshakeContext chc = (ClientHandshakeContext)context;
115

116
            // Is it a supported and enabled extension?
117
            if (!chc.sslConfig.isAvailable(CH_EXTENDED_MASTER_SECRET) ||
118
                    !SSLConfiguration.useExtendedMasterSecret ||
119
                    !chc.conContext.protocolVersion.useTLS10PlusSpec()) {
120
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
121
                    SSLLogger.fine(
122
                        "Ignore unavailable extended_master_secret extension");
123
                }
124

125
                return null;
126
            }
127

128
            if (chc.handshakeSession == null ||
129
                    chc.handshakeSession.useExtendedMasterSecret) {
130
                byte[] extData = new byte[0];
131
                chc.handshakeExtensions.put(CH_EXTENDED_MASTER_SECRET,
132
                        ExtendedMasterSecretSpec.NOMINAL);
133

134
                return extData;
135
            }
136

137
            return null;
138
        }
139
    }
140

141
    /**
142
     * Network data producer of a "extended_master_secret" extension in
143
     * the ServerHello handshake message.
144
     */
145
    private static final
146
            class CHExtendedMasterSecretConsumer implements ExtensionConsumer {
147
        // Prevent instantiation of this class.
148
        private CHExtendedMasterSecretConsumer() {
149
            // blank
150
        }
151

152
        @Override
153
        public void consume(ConnectionContext context,
154
            HandshakeMessage message, ByteBuffer buffer) throws IOException {
155

156
            // The consuming happens in server side only.
157
            ServerHandshakeContext shc = (ServerHandshakeContext)context;
158

159
            // Is it a supported and enabled extension?
160
            if (!shc.sslConfig.isAvailable(CH_EXTENDED_MASTER_SECRET) ||
161
                    !SSLConfiguration.useExtendedMasterSecret ||
162
                    !shc.negotiatedProtocol.useTLS10PlusSpec()) {
163
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
164
                    SSLLogger.fine("Ignore unavailable extension: " +
165
                            CH_EXTENDED_MASTER_SECRET.name);
166
                }
167
                return;     // ignore the extension
168
            }
169

170
            // Parse the extension.
171
            ExtendedMasterSecretSpec spec;
172
            try {
173
                spec = new ExtendedMasterSecretSpec(buffer);
174
            } catch (IOException ioe) {
175
                throw shc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, ioe);
176
            }
177

178
            if (shc.isResumption && shc.resumingSession != null &&
179
                    !shc.resumingSession.useExtendedMasterSecret) {
180
                // For abbreviated handshake request, If the original
181
                // session did not use the "extended_master_secret"
182
                // extension but the new ClientHello contains the
183
                // extension, then the server MUST NOT perform the
184
                // abbreviated handshake.  Instead, it SHOULD continue
185
                // with a full handshake.
186
                shc.isResumption = false;
187
                shc.resumingSession = null;
188
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
189
                    SSLLogger.fine(
190
                        "abort session resumption which did not use " +
191
                        "Extended Master Secret extension");
192
                }
193
            }
194

195
            // Update the context.
196
            //
197
            shc.handshakeExtensions.put(
198
                CH_EXTENDED_MASTER_SECRET, ExtendedMasterSecretSpec.NOMINAL);
199

200
            // No impact on session resumption.
201
        }
202
    }
203

204
    /**
205
     * The absence processing if a "extended_master_secret" extension is
206
     * not present in the ClientHello handshake message.
207
     */
208
    private static final
209
            class CHExtendedMasterSecretAbsence implements HandshakeAbsence {
210
        @Override
211
        public void absent(ConnectionContext context,
212
                HandshakeMessage message) throws IOException {
213
            // The producing happens in server side only.
214
            ServerHandshakeContext shc = (ServerHandshakeContext)context;
215

216
            // Is it a supported and enabled extension?
217
            if (!shc.sslConfig.isAvailable(CH_EXTENDED_MASTER_SECRET) ||
218
                    !SSLConfiguration.useExtendedMasterSecret) {
219
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
220
                    SSLLogger.fine("Ignore unavailable extension: " +
221
                            CH_EXTENDED_MASTER_SECRET.name);
222
                }
223
                return;     // ignore the extension
224
            }
225

226
            if (shc.negotiatedProtocol.useTLS10PlusSpec() &&
227
                    !SSLConfiguration.allowLegacyMasterSecret) {
228
                // For full handshake, if the server receives a ClientHello
229
                // without the extension, it SHOULD abort the handshake if
230
                // it does not wish to interoperate with legacy clients.
231
                //
232
                // As if extended master extension is required for full
233
                // handshake, it MUST be used in abbreviated handshake too.
234
                throw shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
235
                    "Extended Master Secret extension is required");
236
            }
237

238
            if (shc.isResumption && shc.resumingSession != null) {
239
                if (shc.resumingSession.useExtendedMasterSecret) {
240
                    // For abbreviated handshake request, if the original
241
                    // session used the "extended_master_secret" extension
242
                    // but the new ClientHello does not contain it, the
243
                    // server MUST abort the abbreviated handshake.
244
                    throw shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
245
                            "Missing Extended Master Secret extension " +
246
                            "on session resumption");
247
                } else {
248
                    // For abbreviated handshake request, if neither the
249
                    // original session nor the new ClientHello uses the
250
                    // extension, the server SHOULD abort the handshake.
251
                    if (!SSLConfiguration.allowLegacyResumption) {
252
                        throw shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
253
                            "Missing Extended Master Secret extension " +
254
                            "on session resumption");
255
                    } else {  // Otherwise, continue with a full handshake.
256
                        shc.isResumption = false;
257
                        shc.resumingSession = null;
258
                        if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
259
                            SSLLogger.fine(
260
                                "abort session resumption, " +
261
                                "missing Extended Master Secret extension");
262
                        }
263
                    }
264
                }
265
            }
266
        }
267
    }
268

269
    /**
270
     * Network data producer of a "extended_master_secret" extension in
271
     * the ServerHello handshake message.
272
     */
273
    private static final
274
            class SHExtendedMasterSecretProducer implements HandshakeProducer {
275
        // Prevent instantiation of this class.
276
        private SHExtendedMasterSecretProducer() {
277
            // blank
278
        }
279

280
        @Override
281
        public byte[] produce(ConnectionContext context,
282
                HandshakeMessage message) throws IOException {
283
            // The producing happens in server side only.
284
            ServerHandshakeContext shc = (ServerHandshakeContext)context;
285

286
            if (shc.handshakeSession.useExtendedMasterSecret) {
287
                byte[] extData = new byte[0];
288
                shc.handshakeExtensions.put(SH_EXTENDED_MASTER_SECRET,
289
                        ExtendedMasterSecretSpec.NOMINAL);
290

291
                return extData;
292
            }
293

294
            return null;
295
        }
296
    }
297

298
    /**
299
     * Network data consumer of a "extended_master_secret" extension in
300
     * the ServerHello handshake message.
301
     */
302
    private static final
303
            class SHExtendedMasterSecretConsumer implements ExtensionConsumer {
304
        // Prevent instantiation of this class.
305
        private SHExtendedMasterSecretConsumer() {
306
            // blank
307
        }
308

309
        @Override
310
        public void consume(ConnectionContext context,
311
            HandshakeMessage message, ByteBuffer buffer) throws IOException {
312
            // The producing happens in client side only.
313
            ClientHandshakeContext chc = (ClientHandshakeContext)context;
314

315
            // In response to the client extended_master_secret extension
316
            // request, which is mandatory for ClientHello message.
317
            ExtendedMasterSecretSpec requstedSpec = (ExtendedMasterSecretSpec)
318
                    chc.handshakeExtensions.get(CH_EXTENDED_MASTER_SECRET);
319
            if (requstedSpec == null) {
320
                throw chc.conContext.fatal(Alert.UNSUPPORTED_EXTENSION,
321
                        "Server sent the extended_master_secret " +
322
                        "extension improperly");
323
            }
324

325
            // Parse the extension.
326
            ExtendedMasterSecretSpec spec;
327
            try {
328
                spec = new ExtendedMasterSecretSpec(buffer);
329
            } catch (IOException ioe) {
330
                throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, ioe);
331
            }
332

333
            if (chc.isResumption && chc.resumingSession != null &&
334
                    !chc.resumingSession.useExtendedMasterSecret) {
335
                throw chc.conContext.fatal(Alert.UNSUPPORTED_EXTENSION,
336
                        "Server sent an unexpected extended_master_secret " +
337
                        "extension on session resumption");
338
            }
339

340
            // Update the context.
341
            chc.handshakeExtensions.put(
342
                SH_EXTENDED_MASTER_SECRET, ExtendedMasterSecretSpec.NOMINAL);
343

344
            // No impact on session resumption.
345
        }
346
    }
347

348
    /**
349
     * The absence processing if a "extended_master_secret" extension is
350
     * not present in the ServerHello handshake message.
351
     */
352
    private static final
353
            class SHExtendedMasterSecretAbsence implements HandshakeAbsence {
354
        @Override
355
        public void absent(ConnectionContext context,
356
                HandshakeMessage message) throws IOException {
357
            // The producing happens in client side only.
358
            ClientHandshakeContext chc = (ClientHandshakeContext)context;
359

360
            if (SSLConfiguration.useExtendedMasterSecret &&
361
                    !SSLConfiguration.allowLegacyMasterSecret) {
362
                // For full handshake, if a client receives a ServerHello
363
                // without the extension, it SHOULD abort the handshake if
364
                // it does not wish to interoperate with legacy servers.
365
                throw chc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
366
                        "Extended Master Secret extension is required");
367
            }
368

369
            if (chc.isResumption && chc.resumingSession != null) {
370
                if (chc.resumingSession.useExtendedMasterSecret) {
371
                    // For abbreviated handshake, if the original session used
372
                    // the "extended_master_secret" extension but the new
373
                    // ServerHello does not contain the extension, the client
374
                    // MUST abort the handshake.
375
                    throw chc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
376
                            "Missing Extended Master Secret extension " +
377
                            "on session resumption");
378
                } else if (SSLConfiguration.useExtendedMasterSecret &&
379
                        !SSLConfiguration.allowLegacyResumption &&
380
                        chc.negotiatedProtocol.useTLS10PlusSpec()) {
381
                    // Unlikely, abbreviated handshake should be discarded.
382
                    throw chc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
383
                        "Extended Master Secret extension is required");
384
                }
385
            }
386
        }
387
    }
388
}
389

390

391
Product

Resources

Company
