2006-07-18 Casey Marshall <csm@gnu.org>ssl-nio-branch

* gnu/javax/net/ssl/provider/ClientHandshake.java (implHandleInput, implHandleOutput): fix PSK exchange handling. (ClientDHGen.full): new field. (ClientDHGen.implRun): run full key exchange if `full' is true. (ClientDHGen.serverKey): new method. (RSAGen.full): new field. (RSAGen.implRun): run full key exchange if `full' is true. * gnu/javax/net/ssl/provider/ClientDHE_PSKParameters.java (params): slice the buffer. * gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java (<init>): use `dhParams,' not `buffer.' (params): slice the buffer. * gnu/javax/net/ssl/provider/ServerKeyExchange.java (length): handle case where parameters or signature are null. * gnu/javax/net/ssl/provider/ClientRSA_PSKParameters.java (version): removed. (<init>): don't take version argument. (<init>): don't take version argument; take buffer argument. (secret): pass TLS_1 to EncryptedPreMasterSecret constructor. * gnu/javax/net/ssl/provider/CipherSuite.java (isResolved): new field. (<init>, <init>): set `isResolved.' (resolve): add PSK cipher suite detection. (isResolved): new method. * gnu/javax/net/ssl/provider/ServerHandshake.java (serverKey): new field. (chooseSuites): choose NONE key exchanges, too; omit unresolved cipher suites. (implHandleInput, implHandleOutput): fix PSK handling. (checkKeyExchange): update for NONE and PSK exchanges. (CertLoader.implRun): grab our private key here. (RSAKeyExchange.implRun): initialize RSA cipher with our private key. (RSA_PSKExchange.implRun): likewise. * gnu/javax/net/ssl/provider/ExchangeKeys.java (<init>): duplicate and order the buffer; handle null argument. * gnu/javax/net/ssl/provider/ClientKeyExchange.java (exchangeKeys): handle NONE exchange. * gnu/javax/net/ssl/provider/SSLContextImpl.java (engineInit): handle PSK key managers properly. * gnu/javax/net/ssl/provider/SSLEngineImpl.java (<init>): remove debug logging. * gnu/javax/net/ssl/provider/ServerDHParams.java (<init>): duplicate and order the buffer. * gnu/javax/crypto/RSACipherImpl.java (doFinal): allow short input. (rsaDecrypt): ensure there's a leading zero. * gnu/javax/net/ssl/provider/EmptyExchangeKeys.java: new file.
author: Casey Marshall <csm@gnu.org> 2006-07-18 08:12:30 +0000
committer: Casey Marshall <csm@gnu.org> 2006-07-18 08:12:30 +0000
commit: ceca0e3930ab18748f1b02be3a6260c3daf4734f (patch)
tree: b13267f576e6612195406324e0f6b97086b17896 /gnu/javax/net/ssl/provider/CipherSuite.java
parent: 6ce231a4863bc4073ddc7eaa36429f08a8dd7a53 (diff)
download: classpath-ssl-nio-branch.tar.gz
1 files changed, 21 insertions, 1 deletions
diff --git a/gnu/javax/net/ssl/provider/CipherSuite.java b/gnu/javax/net/ssl/provider/CipherSuite.java
index ee02e8281..f9701bdc7 100644
--- a/gnu/javax/net/ssl/provider/CipherSuite.java
+++ b/gnu/javax/net/ssl/provider/CipherSuite.java
@@ -492,6 +492,7 @@ public final class CipherSuite implements Constructed
   private final int keyLength;
   private final byte[] id;
   private final String name;
+  private final boolean isResolved;
 
   // Constructors.
   // -------------------------------------------------------------------------
@@ -535,6 +536,7 @@ public final class CipherSuite implements Constructed
       {
         tlsSuiteNames.add(name);
       }
+    isResolved = true;
   }
 
   private CipherSuite(byte[] id)
@@ -549,6 +551,7 @@ public final class CipherSuite implements Constructed
     keyLength = 0;
     this.id = id;
     name = null;
+    isResolved = false;
   }
 
   // Class methods.
@@ -688,7 +691,7 @@ public final class CipherSuite implements Constructed
   
   public CipherSuite resolve()
   {
-    if (id[0] == 0x00) switch (id[1])
+    if (id[0] == 0x00) switch (id[1] & 0xFF)
       {
       case 0x00: return TLS_NULL_WITH_NULL_NULL;
       case 0x01: return TLS_RSA_WITH_NULL_MD5;
@@ -745,9 +748,26 @@ public final class CipherSuite implements Constructed
       case 0x7C: return TLS_RSA_WITH_3DES_EDE_CBC_RMD;
       case 0x7D: return TLS_RSA_WITH_AES_128_CBC_RMD;
       case 0x7E: return TLS_RSA_WITH_AES_256_CBC_RMD;*/
+      case 0x8A: return TLS_PSK_WITH_RC4_128_SHA;
+      case 0x8B: return TLS_PSK_WITH_3DES_EDE_CBC_SHA;
+      case 0x8C: return TLS_PSK_WITH_AES_128_CBC_SHA;
+      case 0x8D: return TLS_PSK_WITH_AES_256_CBC_SHA;
+      case 0x8E: return TLS_DHE_PSK_WITH_RC4_128_SHA;
+      case 0x8F: return TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA;
+      case 0x90: return TLS_DHE_PSK_WITH_AES_128_CBC_SHA;
+      case 0x91: return TLS_DHE_PSK_WITH_AES_256_CBC_SHA;
+      case 0x92: return TLS_RSA_PSK_WITH_RC4_128_SHA;
+      case 0x93: return TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA;
+      case 0x94: return TLS_RSA_PSK_WITH_AES_128_CBC_SHA;
+      case 0x95: return TLS_RSA_PSK_WITH_AES_256_CBC_SHA;
       }
     return this;
   }
+  
+  public boolean isResolved()
+  {
+    return isResolved;
+  }
 
   public int keyLength()
   {
author	Casey Marshall <csm@gnu.org>	2006-07-18 08:12:30 +0000
committer	Casey Marshall <csm@gnu.org>	2006-07-18 08:12:30 +0000
commit	ceca0e3930ab18748f1b02be3a6260c3daf4734f (patch)
tree	b13267f576e6612195406324e0f6b97086b17896 /gnu/javax/net/ssl/provider/CipherSuite.java
parent	6ce231a4863bc4073ddc7eaa36429f08a8dd7a53 (diff)
download	classpath-ssl-nio-branch.tar.gz