1 /* 2 * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.ssl; 27 28 import java.io.IOException; 29 import java.nio.BufferOverflowException; 30 import java.nio.BufferUnderflowException; 31 import java.nio.ByteBuffer; 32 import java.util.ArrayList; 33 34 /** 35 * A compact implementation of HandshakeContext for post-handshake messages 36 */ 37 final class PostHandshakeContext extends HandshakeContext { 38 PostHandshakeContext(TransportContext context) throws IOException { 39 super(context); 40 41 if (!negotiatedProtocol.useTLS13PlusSpec()) { 42 throw conContext.fatal(Alert.UNEXPECTED_MESSAGE, 43 "Post-handshake not supported in " + negotiatedProtocol.name); 44 } 45 46 this.localSupportedSignAlgs = new ArrayList<>( 47 context.conSession.getLocalSupportedSignatureSchemes()); 48 49 // Add the potential post-handshake consumers. 50 if (context.sslConfig.isClientMode) { 51 handshakeConsumers.putIfAbsent( 52 SSLHandshake.KEY_UPDATE.id, 53 SSLHandshake.KEY_UPDATE); 54 handshakeConsumers.putIfAbsent( 55 SSLHandshake.NEW_SESSION_TICKET.id, 56 SSLHandshake.NEW_SESSION_TICKET); 57 } else { 58 handshakeConsumers.putIfAbsent( 59 SSLHandshake.KEY_UPDATE.id, 60 SSLHandshake.KEY_UPDATE); 61 } 62 63 handshakeFinished = true; 64 } 65 66 @Override 67 void kickstart() throws IOException { 68 SSLHandshake.kickstart(this); 69 } 70 71 @Override 72 void dispatch(byte handshakeType, ByteBuffer fragment) throws IOException { 73 SSLConsumer consumer = handshakeConsumers.get(handshakeType); 74 if (consumer == null) { 75 throw conContext.fatal(Alert.UNEXPECTED_MESSAGE, 76 "Unexpected post-handshake message: " + 77 SSLHandshake.nameOf(handshakeType)); 78 } 79 80 try { 81 consumer.consume(this, fragment); 82 } catch (UnsupportedOperationException unsoe) { 83 throw conContext.fatal(Alert.UNEXPECTED_MESSAGE, 84 "Unsupported post-handshake message: " + 85 SSLHandshake.nameOf(handshakeType), unsoe); 86 } catch (BufferUnderflowException | BufferOverflowException be) { 87 throw conContext.fatal(Alert.DECODE_ERROR, 88 "Illegal handshake message: " + 89 SSLHandshake.nameOf(handshakeType), be); 90 } 91 } 92 93 static boolean isConsumable(TransportContext context, byte handshakeType) { 94 if (handshakeType == SSLHandshake.KEY_UPDATE.id) { 95 // The KeyUpdate handshake message does not apply to TLS 1.2 and 96 // previous protocols. 97 return context.protocolVersion.useTLS13PlusSpec(); 98 } 99 100 if (handshakeType == SSLHandshake.NEW_SESSION_TICKET.id) { 101 // The new session ticket handshake message could be consumer in 102 // client side only. 103 return context.sslConfig.isClientMode; 104 } 105 106 // No more post-handshake message supported currently. 107 return false; 108 } 109 }