1 /*
2 * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.ssl;
27
28 import java.io.IOException;
29 import java.nio.BufferOverflowException;
30 import java.nio.BufferUnderflowException;
31 import java.nio.ByteBuffer;
32 import java.util.ArrayList;
33
34 /**
35 * A compact implementation of HandshakeContext for post-handshake messages
36 */
37 final class PostHandshakeContext extends HandshakeContext {
38 PostHandshakeContext(TransportContext context) throws IOException {
39 super(context);
40
41 if (!negotiatedProtocol.useTLS13PlusSpec()) {
42 throw conContext.fatal(Alert.UNEXPECTED_MESSAGE,
43 "Post-handshake not supported in " + negotiatedProtocol.name);
44 }
45
46 this.localSupportedSignAlgs = new ArrayList<>(
47 context.conSession.getLocalSupportedSignatureSchemes());
48
49 // Add the potential post-handshake consumers.
50 if (context.sslConfig.isClientMode) {
51 handshakeConsumers.putIfAbsent(
52 SSLHandshake.KEY_UPDATE.id,
53 SSLHandshake.KEY_UPDATE);
54 handshakeConsumers.putIfAbsent(
55 SSLHandshake.NEW_SESSION_TICKET.id,
56 SSLHandshake.NEW_SESSION_TICKET);
57 } else {
58 handshakeConsumers.putIfAbsent(
59 SSLHandshake.KEY_UPDATE.id,
60 SSLHandshake.KEY_UPDATE);
61 }
62
63 handshakeFinished = true;
64 }
65
66 @Override
67 void kickstart() throws IOException {
68 SSLHandshake.kickstart(this);
69 }
70
71 @Override
72 void dispatch(byte handshakeType, ByteBuffer fragment) throws IOException {
73 SSLConsumer consumer = handshakeConsumers.get(handshakeType);
74 if (consumer == null) {
75 throw conContext.fatal(Alert.UNEXPECTED_MESSAGE,
76 "Unexpected post-handshake message: " +
77 SSLHandshake.nameOf(handshakeType));
78 }
79
80 try {
81 consumer.consume(this, fragment);
82 } catch (UnsupportedOperationException unsoe) {
83 throw conContext.fatal(Alert.UNEXPECTED_MESSAGE,
84 "Unsupported post-handshake message: " +
85 SSLHandshake.nameOf(handshakeType), unsoe);
86 } catch (BufferUnderflowException | BufferOverflowException be) {
87 throw conContext.fatal(Alert.DECODE_ERROR,
88 "Illegal handshake message: " +
89 SSLHandshake.nameOf(handshakeType), be);
90 }
91 }
92
93 static boolean isConsumable(TransportContext context, byte handshakeType) {
94 if (handshakeType == SSLHandshake.KEY_UPDATE.id) {
95 // The KeyUpdate handshake message does not apply to TLS 1.2 and
96 // previous protocols.
97 return context.protocolVersion.useTLS13PlusSpec();
98 }
99
100 if (handshakeType == SSLHandshake.NEW_SESSION_TICKET.id) {
101 // The new session ticket handshake message could be consumer in
102 // client side only.
103 return context.sslConfig.isClientMode;
104 }
105
106 // No more post-handshake message supported currently.
107 return false;
108 }
109 }