833 // fatalSE(Alerts.alert_illegal_parameter,
834 // "Not an allowed max_fragment_length value");
835 }
836 }
837
838 if (maxFragLenExt != null) {
839 session.setNegotiatedMaxFragSize(maxFragLen);
840 }
841 }
842
843 session.setMaximumPacketSize(maximumPacketSize);
844 } else {
845 // set the handshake session
846 setHandshakeSessionSE(session);
847 }
848
849 if (protocolVersion.useTLS12PlusSpec()) {
850 handshakeHash.setFinishedAlg(cipherSuite.prfAlg.getPRFHashAlg());
851 }
852
853 m1.cipherSuite = cipherSuite;
854 m1.sessionId = session.getSessionId();
855 m1.compression_method = session.getCompression();
856
857 if (secureRenegotiation) {
858 // For ServerHellos that are initial handshakes, then the
859 // "renegotiated_connection" field in "renegotiation_info"
860 // extension is of zero length.
861 //
862 // For ServerHellos that are renegotiating, this field contains
863 // the concatenation of client_verify_data and server_verify_data.
864 //
865 // Note that for initial handshakes, both the clientVerifyData
866 // variable and serverVerifyData variable are of zero length.
867 HelloExtension serverHelloRI = new RenegotiationInfoExtension(
868 clientVerifyData, serverVerifyData);
869 m1.extensions.add(serverHelloRI);
870 }
871
872 if (!sniMatchers.isEmpty() && clientHelloSNIExt != null) {
873 // When resuming a session, the server MUST NOT include a
874 // server_name extension in the server hello.
875 if (!resumingSession) {
876 ServerNameExtension serverHelloSNI = new ServerNameExtension();
877 m1.extensions.add(serverHelloSNI);
878 }
879 }
880
881 if ((maxFragLenExt != null) && !resumingSession) {
882 // When resuming a session, the server MUST NOT include a
883 // max_fragment_length extension in the server hello.
884 //
885 // Otherwise, use the same value as the requested extension.
886 m1.extensions.add(maxFragLenExt);
887 }
888
889 StaplingParameters staplingParams = processStapling(mesg);
890 if (staplingParams != null) {
891 // We now can safely assert status_request[_v2] in our
892 // ServerHello, and know for certain that we can provide
893 // responses back to this client for this connection.
894 if (staplingParams.statusRespExt ==
895 ExtensionType.EXT_STATUS_REQUEST) {
896 m1.extensions.add(new CertStatusReqExtension());
897 } else if (staplingParams.statusRespExt ==
898 ExtensionType.EXT_STATUS_REQUEST_V2) {
899 m1.extensions.add(new CertStatusReqListV2Extension());
900 }
901 }
902
903 // Prepare the ALPN response
904 if (clientHelloALPN != null) {
905 List<String> peerAPs = clientHelloALPN.getPeerAPs();
906
|
833 // fatalSE(Alerts.alert_illegal_parameter,
834 // "Not an allowed max_fragment_length value");
835 }
836 }
837
838 if (maxFragLenExt != null) {
839 session.setNegotiatedMaxFragSize(maxFragLen);
840 }
841 }
842
843 session.setMaximumPacketSize(maximumPacketSize);
844 } else {
845 // set the handshake session
846 setHandshakeSessionSE(session);
847 }
848
849 if (protocolVersion.useTLS12PlusSpec()) {
850 handshakeHash.setFinishedAlg(cipherSuite.prfAlg.getPRFHashAlg());
851 }
852
853 if (useExtendedMasterSecretExtension) {
854 // check Extended Master Secret extension
855 ExtendedMasterSecretExtension extendedMasterSecretExtension = (ExtendedMasterSecretExtension)
856 mesg.extensions.get(ExtensionType.EXT_EXTENDED_MASTER_SECRET);
857 if (extendedMasterSecretExtension != null) {
858 if (resumingSession) {
859 if (!session.getUseExtendedMasterSecret()) {
860 // Full-handshake was not using Extended Master Secret
861 // However, Extended Master Secret was received on
862 // session resumption.
863 throw new SSLHandshakeException(
864 "Unexpected Extended Master Secret extension on session resumption");
865 }
866 } else {
867 session.setUseExtendedMasterSecret();
868 }
869 } else {
870 if (resumingSession) {
871 if (session.getUseExtendedMasterSecret()) {
872 // Full-handshake was using Extended Master Secret
873 // However, Extended Master Secret was not received
874 // on session resumption.
875 throw new SSLHandshakeException(
876 "Extended Master Secret extension missing on session resumption");
877 }
878 }
879 }
880 }
881
882 m1.cipherSuite = cipherSuite;
883 m1.sessionId = session.getSessionId();
884 m1.compression_method = session.getCompression();
885
886 if (secureRenegotiation) {
887 // For ServerHellos that are initial handshakes, then the
888 // "renegotiated_connection" field in "renegotiation_info"
889 // extension is of zero length.
890 //
891 // For ServerHellos that are renegotiating, this field contains
892 // the concatenation of client_verify_data and server_verify_data.
893 //
894 // Note that for initial handshakes, both the clientVerifyData
895 // variable and serverVerifyData variable are of zero length.
896 HelloExtension serverHelloRI = new RenegotiationInfoExtension(
897 clientVerifyData, serverVerifyData);
898 m1.extensions.add(serverHelloRI);
899 }
900
901 if (!sniMatchers.isEmpty() && clientHelloSNIExt != null) {
902 // When resuming a session, the server MUST NOT include a
903 // server_name extension in the server hello.
904 if (!resumingSession) {
905 ServerNameExtension serverHelloSNI = new ServerNameExtension();
906 m1.extensions.add(serverHelloSNI);
907 }
908 }
909
910 if ((maxFragLenExt != null) && !resumingSession) {
911 // When resuming a session, the server MUST NOT include a
912 // max_fragment_length extension in the server hello.
913 //
914 // Otherwise, use the same value as the requested extension.
915 m1.extensions.add(maxFragLenExt);
916 }
917
918 if (useExtendedMasterSecretExtension) {
919 if (session.getUseExtendedMasterSecret()) {
920 m1.extensions.add(new ExtendedMasterSecretExtension());
921 }
922 }
923
924 StaplingParameters staplingParams = processStapling(mesg);
925 if (staplingParams != null) {
926 // We now can safely assert status_request[_v2] in our
927 // ServerHello, and know for certain that we can provide
928 // responses back to this client for this connection.
929 if (staplingParams.statusRespExt ==
930 ExtensionType.EXT_STATUS_REQUEST) {
931 m1.extensions.add(new CertStatusReqExtension());
932 } else if (staplingParams.statusRespExt ==
933 ExtensionType.EXT_STATUS_REQUEST_V2) {
934 m1.extensions.add(new CertStatusReqListV2Extension());
935 }
936 }
937
938 // Prepare the ALPN response
939 if (clientHelloALPN != null) {
940 List<String> peerAPs = clientHelloALPN.getPeerAPs();
941
|