1915 */
1916 if (needClientVerify) {
1917 fatalSE(Alerts.alert_handshake_failure,
1918 "client did not send certificate verify message");
1919 }
1920
1921 /*
1922 * Verify the client's message with the "before" digest of messages,
1923 * and forget about continuing to use that digest.
1924 */
1925 boolean verified = mesg.verify(handshakeHash, Finished.CLIENT,
1926 session.getMasterSecret());
1927
1928 if (!verified) {
1929 fatalSE(Alerts.alert_handshake_failure,
1930 "client 'finished' message doesn't verify");
1931 // NOTREACHED
1932 }
1933
1934 /*
1935 * save client verify data for secure renegotiation
1936 */
1937 if (secureRenegotiation) {
1938 clientVerifyData = mesg.getVerifyData();
1939 }
1940
1941 /*
1942 * OK, it verified. If we're doing the full handshake, add that
1943 * "Finished" message to the hash of handshake messages, then send
1944 * the change_cipher_spec and Finished message.
1945 */
1946 if (!resumingSession) {
1947 sendChangeCipherAndFinish(true);
1948 } else {
1949 handshakeFinished = true;
1950 }
1951
1952 /*
1953 * Update the session cache only after the handshake completed, else
1954 * we're open to an attack against a partially completed handshake.
1955 */
1956 session.setLastAccessedTime(System.currentTimeMillis());
1957 if (!resumingSession && session.isRejoinable()) {
1958 ((SSLSessionContextImpl)sslContext.engineGetServerSessionContext())
1959 .put(session);
1973 * Compute finished message with the "server" digest (and then forget
1974 * about that digest, it can't be used again).
1975 */
1976 private void sendChangeCipherAndFinish(boolean finishedTag)
1977 throws IOException {
1978
1979 // Reload if this message has been reserved.
1980 handshakeHash.reload();
1981
1982 Finished mesg = new Finished(protocolVersion, handshakeHash,
1983 Finished.SERVER, session.getMasterSecret(), cipherSuite);
1984
1985 /*
1986 * Send the change_cipher_spec record; then our Finished handshake
1987 * message will be the last handshake message. Flush, and now we
1988 * are ready for application data!!
1989 */
1990 sendChangeCipherSpec(mesg, finishedTag);
1991
1992 /*
1993 * save server verify data for secure renegotiation
1994 */
1995 if (secureRenegotiation) {
1996 serverVerifyData = mesg.getVerifyData();
1997 }
1998 }
1999
2000
2001 /*
2002 * Returns a HelloRequest message to kickstart renegotiations
2003 */
2004 @Override
2005 HandshakeMessage getKickstartMessage() {
2006 return new HelloRequest();
2007 }
2008
2009
2010 /*
2011 * Fault detected during handshake.
2012 */
2013 @Override
2014 void handshakeAlert(byte description) throws SSLProtocolException {
2015
2016 String message = Alerts.alertDescription(description);
2017
|
1915 */
1916 if (needClientVerify) {
1917 fatalSE(Alerts.alert_handshake_failure,
1918 "client did not send certificate verify message");
1919 }
1920
1921 /*
1922 * Verify the client's message with the "before" digest of messages,
1923 * and forget about continuing to use that digest.
1924 */
1925 boolean verified = mesg.verify(handshakeHash, Finished.CLIENT,
1926 session.getMasterSecret());
1927
1928 if (!verified) {
1929 fatalSE(Alerts.alert_handshake_failure,
1930 "client 'finished' message doesn't verify");
1931 // NOTREACHED
1932 }
1933
1934 /*
1935 * save client verify data for secure renegotiation and TLS channel binding
1936 */
1937 clientVerifyData = mesg.getVerifyData();
1938
1939 /*
1940 * OK, it verified. If we're doing the full handshake, add that
1941 * "Finished" message to the hash of handshake messages, then send
1942 * the change_cipher_spec and Finished message.
1943 */
1944 if (!resumingSession) {
1945 sendChangeCipherAndFinish(true);
1946 } else {
1947 handshakeFinished = true;
1948 }
1949
1950 /*
1951 * Update the session cache only after the handshake completed, else
1952 * we're open to an attack against a partially completed handshake.
1953 */
1954 session.setLastAccessedTime(System.currentTimeMillis());
1955 if (!resumingSession && session.isRejoinable()) {
1956 ((SSLSessionContextImpl)sslContext.engineGetServerSessionContext())
1957 .put(session);
1971 * Compute finished message with the "server" digest (and then forget
1972 * about that digest, it can't be used again).
1973 */
1974 private void sendChangeCipherAndFinish(boolean finishedTag)
1975 throws IOException {
1976
1977 // Reload if this message has been reserved.
1978 handshakeHash.reload();
1979
1980 Finished mesg = new Finished(protocolVersion, handshakeHash,
1981 Finished.SERVER, session.getMasterSecret(), cipherSuite);
1982
1983 /*
1984 * Send the change_cipher_spec record; then our Finished handshake
1985 * message will be the last handshake message. Flush, and now we
1986 * are ready for application data!!
1987 */
1988 sendChangeCipherSpec(mesg, finishedTag);
1989
1990 /*
1991 * save server verify data for secure renegotiation and TLS channel binding
1992 */
1993 serverVerifyData = mesg.getVerifyData();
1994 }
1995
1996
1997 /*
1998 * Returns a HelloRequest message to kickstart renegotiations
1999 */
2000 @Override
2001 HandshakeMessage getKickstartMessage() {
2002 return new HelloRequest();
2003 }
2004
2005
2006 /*
2007 * Fault detected during handshake.
2008 */
2009 @Override
2010 void handshakeAlert(byte description) throws SSLProtocolException {
2011
2012 String message = Alerts.alertDescription(description);
2013
|