372 extensions.add(renegotiationInfo);
373 }
374
375 // add server_name extension
376 void addSNIExtension(List<SNIServerName> serverNames) {
377 try {
378 extensions.add(new ServerNameExtension(serverNames));
379 } catch (IOException ioe) {
380 // ignore the exception and return
381 }
382 }
383
384 // add signature_algorithm extension
385 void addSignatureAlgorithmsExtension(
386 Collection<SignatureAndHashAlgorithm> algorithms) {
387 HelloExtension signatureAlgorithm =
388 new SignatureAlgorithmsExtension(algorithms);
389 extensions.add(signatureAlgorithm);
390 }
391
392 void addMFLExtension(int maximumPacketSize) {
393 HelloExtension maxFragmentLength =
394 new MaxFragmentLengthExtension(maximumPacketSize);
395 extensions.add(maxFragmentLength);
396 }
397
398 void updateHelloCookie(MessageDigest cookieDigest) {
399 //
400 // Just use HandshakeOutStream to compute the hello verify cookie.
401 // Not actually used to output handshake message records.
402 //
403 HandshakeOutStream hos = new HandshakeOutStream(null);
404
405 try {
406 send(hos, false); // Do not count hello verify cookie.
407 } catch (IOException ioe) {
408 // unlikely to happen
409 }
410
411 cookieDigest.update(hos.toByteArray());
1424 NamedGroup namedGroup = NamedGroup.valueOf(params);
1425 if ((namedGroup == null) || (namedGroup.oid == null) ){
1426 // unlikely
1427 throw new SSLHandshakeException(
1428 "Unnamed EC parameter spec: " + params);
1429 }
1430 groupId = namedGroup.id;
1431
1432 if (privateKey == null) {
1433 // ECDH_anon
1434 return;
1435 }
1436
1437 Signature sig;
1438 if (protocolVersion.useTLS12PlusSpec()) {
1439 this.preferableSignatureAlgorithm = signAlgorithm;
1440 sig = JsseJce.getSignature(signAlgorithm.getAlgorithmName());
1441 } else {
1442 sig = getSignature(privateKey.getAlgorithm());
1443 }
1444 sig.initSign(privateKey); // where is the SecureRandom?
1445
1446 updateSignature(sig, clntNonce, svrNonce);
1447 signatureBytes = sig.sign();
1448 }
1449
1450 /*
1451 * Parse an ECDH server key exchange message.
1452 */
1453 ECDH_ServerKeyExchange(HandshakeInStream input, PublicKey signingKey,
1454 byte[] clntNonce, byte[] svrNonce,
1455 Collection<SignatureAndHashAlgorithm> localSupportedSignAlgs,
1456 ProtocolVersion protocolVersion)
1457 throws IOException, GeneralSecurityException {
1458
1459 this.protocolVersion = protocolVersion;
1460
1461 // read params: ServerECDHParams
1462 int curveType = input.getInt8();
1463 ECParameterSpec parameters;
1464 // These parsing errors should never occur as we negotiated
|
372 extensions.add(renegotiationInfo);
373 }
374
375 // add server_name extension
376 void addSNIExtension(List<SNIServerName> serverNames) {
377 try {
378 extensions.add(new ServerNameExtension(serverNames));
379 } catch (IOException ioe) {
380 // ignore the exception and return
381 }
382 }
383
384 // add signature_algorithm extension
385 void addSignatureAlgorithmsExtension(
386 Collection<SignatureAndHashAlgorithm> algorithms) {
387 HelloExtension signatureAlgorithm =
388 new SignatureAlgorithmsExtension(algorithms);
389 extensions.add(signatureAlgorithm);
390 }
391
392 void addExtendedMasterSecretExtension() {
393 extensions.add(new ExtendedMasterSecretExtension());
394 }
395
396 void addMFLExtension(int maximumPacketSize) {
397 HelloExtension maxFragmentLength =
398 new MaxFragmentLengthExtension(maximumPacketSize);
399 extensions.add(maxFragmentLength);
400 }
401
402 void updateHelloCookie(MessageDigest cookieDigest) {
403 //
404 // Just use HandshakeOutStream to compute the hello verify cookie.
405 // Not actually used to output handshake message records.
406 //
407 HandshakeOutStream hos = new HandshakeOutStream(null);
408
409 try {
410 send(hos, false); // Do not count hello verify cookie.
411 } catch (IOException ioe) {
412 // unlikely to happen
413 }
414
415 cookieDigest.update(hos.toByteArray());
1428 NamedGroup namedGroup = NamedGroup.valueOf(params);
1429 if ((namedGroup == null) || (namedGroup.oid == null) ){
1430 // unlikely
1431 throw new SSLHandshakeException(
1432 "Unnamed EC parameter spec: " + params);
1433 }
1434 groupId = namedGroup.id;
1435
1436 if (privateKey == null) {
1437 // ECDH_anon
1438 return;
1439 }
1440
1441 Signature sig;
1442 if (protocolVersion.useTLS12PlusSpec()) {
1443 this.preferableSignatureAlgorithm = signAlgorithm;
1444 sig = JsseJce.getSignature(signAlgorithm.getAlgorithmName());
1445 } else {
1446 sig = getSignature(privateKey.getAlgorithm());
1447 }
1448 sig.initSign(privateKey, sr);
1449
1450 updateSignature(sig, clntNonce, svrNonce);
1451 signatureBytes = sig.sign();
1452 }
1453
1454 /*
1455 * Parse an ECDH server key exchange message.
1456 */
1457 ECDH_ServerKeyExchange(HandshakeInStream input, PublicKey signingKey,
1458 byte[] clntNonce, byte[] svrNonce,
1459 Collection<SignatureAndHashAlgorithm> localSupportedSignAlgs,
1460 ProtocolVersion protocolVersion)
1461 throws IOException, GeneralSecurityException {
1462
1463 this.protocolVersion = protocolVersion;
1464
1465 // read params: ServerECDHParams
1466 int curveType = input.getInt8();
1467 ECParameterSpec parameters;
1468 // These parsing errors should never occur as we negotiated
|