summaryrefslogtreecommitdiff
path: root/gnu/javax/net/ssl
diff options
context:
space:
mode:
authorAndrew John Hughes <gnu_andrew@member.fsf.org>2015-08-13 03:00:30 +0100
committerAndrew John Hughes <gnu_andrew@member.fsf.org>2015-08-13 03:00:30 +0100
commit1f7a4b1f0727b2d8a29498d78e57309f0bd87a6c (patch)
tree7a185a8e01210984dcc077866f0c662392236466 /gnu/javax/net/ssl
parent6bc8d84e4b0527f680b78a9a0c808cda74d4933d (diff)
downloadclasspath-1f7a4b1f0727b2d8a29498d78e57309f0bd87a6c.tar.gz
Revert undocumented changes accidentally included with last commit.
Diffstat (limited to 'gnu/javax/net/ssl')
-rw-r--r--gnu/javax/net/ssl/AbstractSessionContext.java9
-rw-r--r--gnu/javax/net/ssl/PrivateCredentials.java23
-rw-r--r--gnu/javax/net/ssl/SSLCipherSuite.java10
-rw-r--r--gnu/javax/net/ssl/SSLRecordHandler.java4
-rw-r--r--gnu/javax/net/ssl/Session.java32
-rw-r--r--gnu/javax/net/ssl/StaticTrustAnchors.java10
-rw-r--r--gnu/javax/net/ssl/provider/ClientHandshake.java2
-rw-r--r--gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java6
-rw-r--r--gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java6
-rw-r--r--gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java8
-rw-r--r--gnu/javax/net/ssl/provider/ServerDHParams.java9
-rw-r--r--gnu/javax/net/ssl/provider/ServerHandshake.java109
12 files changed, 67 insertions, 161 deletions
diff --git a/gnu/javax/net/ssl/AbstractSessionContext.java b/gnu/javax/net/ssl/AbstractSessionContext.java
index 031e53a84..96a4e6dd0 100644
--- a/gnu/javax/net/ssl/AbstractSessionContext.java
+++ b/gnu/javax/net/ssl/AbstractSessionContext.java
@@ -1,5 +1,5 @@
/* AbstractSessionContext -- stores SSL sessions, possibly persistently.
- Copyright (C) 2006, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -172,7 +172,6 @@ public abstract class AbstractSessionContext implements SSLSessionContext
* @return The found session, or null if no such session was found,
* or if that session has expired.
*/
- @Override
public final SSLSession getSession (byte[] sessionId)
{
Session s = implGet (sessionId);
@@ -187,9 +186,9 @@ public abstract class AbstractSessionContext implements SSLSessionContext
public final SSLSession getSession(String host, int port)
{
- for (Enumeration<byte[]> e = getIds(); e.hasMoreElements(); )
+ for (Enumeration e = getIds(); e.hasMoreElements(); )
{
- byte[] id = e.nextElement();
+ byte[] id = (byte[]) e.nextElement();
SSLSession s = getSession(id);
if (s == null) // session expired.
continue;
@@ -222,7 +221,6 @@ public abstract class AbstractSessionContext implements SSLSessionContext
*/
protected abstract Session implGet (byte[] sessionId);
- @Override
public int getSessionTimeout()
{
return (int) (timeout / 1000);
@@ -269,7 +267,6 @@ public abstract class AbstractSessionContext implements SSLSessionContext
/**
*
*/
- @Override
public final void setSessionTimeout(int seconds)
{
if (timeout < 0)
diff --git a/gnu/javax/net/ssl/PrivateCredentials.java b/gnu/javax/net/ssl/PrivateCredentials.java
index 9da9e7eba..7fff253dd 100644
--- a/gnu/javax/net/ssl/PrivateCredentials.java
+++ b/gnu/javax/net/ssl/PrivateCredentials.java
@@ -1,5 +1,5 @@
/* PrivateCredentials.java -- private key/certificate pairs.
- Copyright (C) 2006, 2007, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2007 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -118,7 +118,7 @@ public class PrivateCredentials implements ManagerFactoryParameters
{
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certs = cf.generateCertificates(certChain);
- X509Certificate[] chain = certs.toArray(new X509Certificate[certs.size()]);
+ X509Certificate[] chain = (X509Certificate[]) certs.toArray(new X509Certificate[0]);
String alg = null;
String line = readLine(privateKey);
@@ -234,9 +234,9 @@ public class PrivateCredentials implements ManagerFactoryParameters
// Own methods.
// -------------------------------------------------------------------------
- private static String readLine(InputStream in) throws IOException
+ private String readLine(InputStream in) throws IOException
{
- boolean eolIsCR = System.getProperty("line.separator").equals("\r");
+ boolean eol_is_cr = System.getProperty("line.separator").equals("\r");
CPStringBuilder str = new CPStringBuilder();
while (true)
{
@@ -245,11 +245,12 @@ public class PrivateCredentials implements ManagerFactoryParameters
{
if (str.length() > 0)
break;
- return null;
+ else
+ return null;
}
else if (i == '\r')
{
- if (eolIsCR)
+ if (eol_is_cr)
break;
}
else if (i == '\n')
@@ -268,7 +269,7 @@ public class PrivateCredentials implements ManagerFactoryParameters
if (cipher.equals("DES-EDE3-CBC"))
{
mode = ModeFactory.getInstance("CBC", "TripleDES", 8);
- HashMap<String,Object> attr = new HashMap<String,Object>();
+ HashMap attr = new HashMap();
attr.put(IMode.KEY_MATERIAL, deriveKey(salt, 24));
attr.put(IMode.IV, salt);
attr.put(IMode.STATE, new Integer(IMode.DECRYPTION));
@@ -277,7 +278,7 @@ public class PrivateCredentials implements ManagerFactoryParameters
else if (cipher.equals("DES-CBC"))
{
mode = ModeFactory.getInstance("CBC", "DES", 8);
- HashMap<String,Object> attr = new HashMap<String,Object>();
+ HashMap attr = new HashMap();
attr.put(IMode.KEY_MATERIAL, deriveKey(salt, 8));
attr.put(IMode.IV, salt);
attr.put(IMode.STATE, new Integer(IMode.DECRYPTION));
@@ -303,13 +304,13 @@ public class PrivateCredentials implements ManagerFactoryParameters
return result;
}
- private static byte[] deriveKey(byte[] salt, int keylen)
+ private byte[] deriveKey(byte[] salt, int keylen)
throws IOException
{
CallbackHandler passwordHandler = new ConsoleCallbackHandler();
try
{
- Class<?> c = Class.forName(Security.getProperty("jessie.password.handler"));
+ Class c = Class.forName(Security.getProperty("jessie.password.handler"));
passwordHandler = (CallbackHandler) c.newInstance();
}
catch (Exception x) { }
@@ -347,7 +348,7 @@ public class PrivateCredentials implements ManagerFactoryParameters
return key;
}
- private static byte[] toByteArray(String hex)
+ private byte[] toByteArray(String hex)
{
hex = hex.toLowerCase();
byte[] buf = new byte[hex.length() / 2];
diff --git a/gnu/javax/net/ssl/SSLCipherSuite.java b/gnu/javax/net/ssl/SSLCipherSuite.java
index d0dbba7e1..80068e5cb 100644
--- a/gnu/javax/net/ssl/SSLCipherSuite.java
+++ b/gnu/javax/net/ssl/SSLCipherSuite.java
@@ -1,5 +1,5 @@
/* SSLCipherSuite.java -- an SSL cipher suite.
- Copyright (C) 2006, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -63,7 +63,7 @@ public abstract class SSLCipherSuite
this.algorithm = algorithm;
if (id.length != 2)
throw new IllegalArgumentException ("cipher suite ID must be two bytes");
- this.id = id.clone ();
+ this.id = (byte[]) id.clone ();
this.version = version;
}
@@ -111,7 +111,9 @@ public abstract class SSLCipherSuite
catch (InvocationTargetException ite)
{
// XXX
- throw new NoSuchAlgorithmException (name, ite);
+ NoSuchAlgorithmException nsae = new NoSuchAlgorithmException (name);
+ nsae.initCause (ite);
+ throw nsae;
}
return suite;
}
@@ -123,7 +125,7 @@ public abstract class SSLCipherSuite
public final byte[] getId ()
{
- return id.clone ();
+ return (byte[]) id.clone ();
}
public final Provider getProvider ()
diff --git a/gnu/javax/net/ssl/SSLRecordHandler.java b/gnu/javax/net/ssl/SSLRecordHandler.java
index ec264a6b4..8a44245ce 100644
--- a/gnu/javax/net/ssl/SSLRecordHandler.java
+++ b/gnu/javax/net/ssl/SSLRecordHandler.java
@@ -1,5 +1,5 @@
/* SSLRecordHandler.java -- a class that handles SSL record layer messages.
- Copyright (C) 2006, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -86,7 +86,6 @@ public abstract class SSLRecordHandler
return contentType;
}
- @Override
public boolean equals (final Object o)
{
if (!(o instanceof SSLRecordHandler))
@@ -94,7 +93,6 @@ public abstract class SSLRecordHandler
return ((SSLRecordHandler) o).contentType == contentType;
}
- @Override
public int hashCode ()
{
return contentType & 0xFF;
diff --git a/gnu/javax/net/ssl/Session.java b/gnu/javax/net/ssl/Session.java
index 38261694c..bfa94c29a 100644
--- a/gnu/javax/net/ssl/Session.java
+++ b/gnu/javax/net/ssl/Session.java
@@ -1,5 +1,5 @@
/* SessionImpl.java -- concrete definition of SSLSession.
- Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2014 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -95,25 +95,21 @@ public abstract class Session implements SSLSession, Serializable
lastAccessedTime = System.currentTimeMillis ();
}
- @Override
public int getApplicationBufferSize()
{
return applicationBufferSize;
}
- @Override
public String getCipherSuite()
{
return null;
}
- @Override
public long getCreationTime()
{
return creationTime;
}
- @Override
public byte[] getId()
{
return sessionId.id();
@@ -124,21 +120,18 @@ public abstract class Session implements SSLSession, Serializable
return sessionId;
}
- @Override
public long getLastAccessedTime()
{
return lastAccessedTime;
}
- @Override
public Certificate[] getLocalCertificates()
{
if (localCerts == null)
return null;
- return localCerts.clone();
+ return (Certificate[]) localCerts.clone();
}
- @Override
public Principal getLocalPrincipal()
{
if (localCerts != null)
@@ -149,23 +142,20 @@ public abstract class Session implements SSLSession, Serializable
return null;
}
- @Override
public int getPacketBufferSize()
{
return applicationBufferSize + 2048;
}
- @Override
public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException
{
if (!peerVerified)
throw new SSLPeerUnverifiedException("peer not verified");
if (peerCerts == null)
return null;
- return peerCerts.clone();
+ return (Certificate[]) peerCerts.clone();
}
- @Override
public X509Certificate[] getPeerCertificateChain()
throws SSLPeerUnverifiedException
{
@@ -173,22 +163,19 @@ public abstract class Session implements SSLSession, Serializable
throw new SSLPeerUnverifiedException("peer not verified");
if (peerCertChain == null)
return null;
- return peerCertChain.clone();
+ return (X509Certificate[]) peerCertChain.clone();
}
- @Override
public String getPeerHost()
{
return peerHost;
}
- @Override
public int getPeerPort()
{
return peerPort;
}
- @Override
public Principal getPeerPrincipal() throws SSLPeerUnverifiedException
{
if (!peerVerified)
@@ -198,38 +185,32 @@ public abstract class Session implements SSLSession, Serializable
return peerCertChain[0].getSubjectDN();
}
- @Override
public SSLSessionContext getSessionContext()
{
return context;
}
- @Override
public String[] getValueNames()
{
Set<String> keys = this.values.keySet();
return keys.toArray(new String[keys.size()]);
}
- @Override
public Object getValue(String name)
{
return values.get(name);
}
- @Override
public void invalidate()
{
valid = false;
}
- @Override
public boolean isValid()
{
return valid;
}
- @Override
public void putValue(String name, Object value)
{
values.put(name, value);
@@ -244,7 +225,6 @@ public abstract class Session implements SSLSession, Serializable
}
}
- @Override
public void removeValue(String name)
{
Object value = values.remove(name);
@@ -328,7 +308,7 @@ public abstract class Session implements SSLSession, Serializable
{
if (id.length > 32)
throw new IllegalArgumentException ("session ID's are limited to 32 bytes");
- this.id = id.clone();
+ this.id = (byte[]) id.clone();
}
// Instance methods.
@@ -336,7 +316,7 @@ public abstract class Session implements SSLSession, Serializable
public byte[] id()
{
- return id.clone();
+ return (byte[]) id.clone();
}
@Override
diff --git a/gnu/javax/net/ssl/StaticTrustAnchors.java b/gnu/javax/net/ssl/StaticTrustAnchors.java
index fcdf3a8b1..480f1c754 100644
--- a/gnu/javax/net/ssl/StaticTrustAnchors.java
+++ b/gnu/javax/net/ssl/StaticTrustAnchors.java
@@ -1,5 +1,5 @@
/* StaticTrustAnchors.java -- static list of CA certificates.
- Copyright (C) 2006, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -68,7 +68,7 @@ public class StaticTrustAnchors implements ManagerFactoryParameters
public StaticTrustAnchors(X509Certificate[] certs)
{
- this.certs = certs.clone();
+ this.certs = (X509Certificate[]) certs.clone();
}
// Class method.
@@ -94,7 +94,7 @@ public class StaticTrustAnchors implements ManagerFactoryParameters
public X509Certificate[] getCertificates()
{
- return certs.clone();
+ return (X509Certificate[]) certs.clone();
}
// Constant.
@@ -112,7 +112,7 @@ public class StaticTrustAnchors implements ManagerFactoryParameters
static
{
- LinkedList<X509Certificate> certs = new LinkedList<X509Certificate>();
+ LinkedList certs = new LinkedList();
CertificateFactory factory = null;
try
@@ -1935,6 +1935,6 @@ public class StaticTrustAnchors implements ManagerFactoryParameters
"mmFei74pnykkiFY5LKjSq5YDWtRIn7lAhAuYaPsBQ9Yb4gmxlxw=\n" +
"-----END CERTIFICATE-----\n");
- CA_CERTS = new StaticTrustAnchors(certs.toArray(new X509Certificate[certs.size()]));
+ CA_CERTS = new StaticTrustAnchors((X509Certificate[]) certs.toArray(new X509Certificate[0]));
}
}
diff --git a/gnu/javax/net/ssl/provider/ClientHandshake.java b/gnu/javax/net/ssl/provider/ClientHandshake.java
index fc13b9be9..c938e284a 100644
--- a/gnu/javax/net/ssl/provider/ClientHandshake.java
+++ b/gnu/javax/net/ssl/provider/ClientHandshake.java
@@ -1,5 +1,5 @@
/* ClientHandshake.java --
- Copyright (C) 2006, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
diff --git a/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java b/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java
index b33efc629..5ef84ca1c 100644
--- a/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java
+++ b/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java
@@ -1,5 +1,5 @@
/* SSLv3HMacMD5.java --
- Copyright (C) 2006, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -38,8 +38,6 @@ exception statement from your version. */
package gnu.javax.net.ssl.provider;
-import gnu.javax.crypto.mac.IMac;
-
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
@@ -88,7 +86,7 @@ public class SSLv3HMacMD5Impl extends MacSpi
|| !key.getAlgorithm().equalsIgnoreCase("SSLv3HMac-MD5"))
throw new InvalidKeyException("expecting secret key with algorithm \"SSLv3HMac-MD5\"");
Map<String,byte[]> attr =
- Collections.singletonMap(IMac.MAC_KEY_MATERIAL, key.getEncoded());
+ Collections.singletonMap(SSLHMac.MAC_KEY_MATERIAL, key.getEncoded());
adaptee.init(attr);
}
diff --git a/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java b/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java
index d1e7ed768..6b9c9e9cc 100644
--- a/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java
+++ b/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java
@@ -1,5 +1,5 @@
/* SSLv3HMacSHA.java --
- Copyright (C) 2006, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -38,8 +38,6 @@ exception statement from your version. */
package gnu.javax.net.ssl.provider;
-import gnu.javax.crypto.mac.IMac;
-
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
@@ -88,7 +86,7 @@ public class SSLv3HMacSHAImpl extends MacSpi
|| !key.getAlgorithm().equalsIgnoreCase("SSLv3HMac-SHA"))
throw new InvalidKeyException("expecting secret key with algorithm \"SSLv3HMac-SHA\"");
Map<String,byte[]> attr =
- Collections.singletonMap(IMac.MAC_KEY_MATERIAL, key.getEncoded());
+ Collections.singletonMap(SSLHMac.MAC_KEY_MATERIAL, key.getEncoded());
adaptee.init(attr);
}
diff --git a/gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java b/gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java
index 6c53ed66a..1de3f8124 100644
--- a/gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java
+++ b/gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java
@@ -1,5 +1,5 @@
/* ServerDHE_PSKParameters.java --
- Copyright (C) 2006, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -57,7 +57,7 @@ import java.nio.charset.Charset;
*
* @author Casey Marshall (csm@gnu.org)
*/
-public class ServerDHE_PSKParameters implements Builder, ServerKeyExchangeParams
+public class ServerDHE_PSKParameters implements Constructed, Builder, ServerKeyExchangeParams
{
private ByteBuffer buffer;
@@ -81,7 +81,6 @@ public class ServerDHE_PSKParameters implements Builder, ServerKeyExchangeParams
buffer.put(dhParams);
}
- @Override
public KeyExchangeAlgorithm algorithm()
{
return KeyExchangeAlgorithm.DHE_PSK;
@@ -90,7 +89,6 @@ public class ServerDHE_PSKParameters implements Builder, ServerKeyExchangeParams
/* (non-Javadoc)
* @see gnu.javax.net.ssl.provider.Constructed#length()
*/
- @Override
public int length()
{
return (buffer.getShort(0) & 0xFFFF) + 2 + params().length();
@@ -117,7 +115,6 @@ public class ServerDHE_PSKParameters implements Builder, ServerKeyExchangeParams
/* (non-Javadoc)
* @see gnu.javax.net.ssl.provider.Builder#buffer()
*/
- @Override
public ByteBuffer buffer()
{
return (ByteBuffer) buffer.duplicate().rewind().limit(length());
@@ -131,7 +128,6 @@ public class ServerDHE_PSKParameters implements Builder, ServerKeyExchangeParams
/* (non-Javadoc)
* @see gnu.javax.net.ssl.provider.Constructed#toString(java.lang.String)
*/
- @Override
public String toString(String prefix)
{
StringWriter str = new StringWriter();
diff --git a/gnu/javax/net/ssl/provider/ServerDHParams.java b/gnu/javax/net/ssl/provider/ServerDHParams.java
index 225956e15..0e2c34881 100644
--- a/gnu/javax/net/ssl/provider/ServerDHParams.java
+++ b/gnu/javax/net/ssl/provider/ServerDHParams.java
@@ -1,5 +1,5 @@
/* ServerDHParams.java -- The server's Diffie-Hellman parameters.
- Copyright (C) 2006, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -104,13 +104,11 @@ public class ServerDHParams implements Builder, ServerKeyExchangeParams
buffer.put(y_bytes, y_off, y_len);
}
- @Deprecated @Override
- public KeyExchangeAlgorithm algorithm ()
+ @Deprecated public KeyExchangeAlgorithm algorithm ()
{
return null; // XXX can't support this.
}
- @Override
public int length ()
{
int offset1 = buffer.getShort (0) & 0xFFFF;
@@ -119,7 +117,6 @@ public class ServerDHParams implements Builder, ServerKeyExchangeParams
+ offset1 + offset2 + 6);
}
- @Override
public ByteBuffer buffer()
{
return (ByteBuffer) buffer.duplicate().position(0).limit(length());
@@ -224,13 +221,11 @@ public class ServerDHParams implements Builder, ServerKeyExchangeParams
buffer.put (buf, offset, length);
}
- @Override
public String toString ()
{
return toString (null);
}
- @Override
public String toString (final String prefix)
{
StringWriter str = new StringWriter ();
diff --git a/gnu/javax/net/ssl/provider/ServerHandshake.java b/gnu/javax/net/ssl/provider/ServerHandshake.java
index bfc7a28ef..d69fa120d 100644
--- a/gnu/javax/net/ssl/provider/ServerHandshake.java
+++ b/gnu/javax/net/ssl/provider/ServerHandshake.java
@@ -1,5 +1,5 @@
/* ServerHandshake.java -- the server-side handshake.
- Copyright (C) 2006, 2015 Free Software Foundation, Inc.
+ Copyright (C) 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -194,7 +194,8 @@ class ServerHandshake extends AbstractHandshake
* we have enabled.
*/
private CipherSuite chooseSuite (final CipherSuiteList clientSuites,
- final String[] enabledSuites)
+ final String[] enabledSuites,
+ final ProtocolVersion version)
throws SSLException
{
// Figure out which SignatureAlgorithms we can support.
@@ -335,7 +336,8 @@ class ServerHandshake extends AbstractHandshake
engine.getEnabledProtocols ());
engine.session().suite =
chooseSuite (hello.cipherSuites (),
- engine.getEnabledCipherSuites ());
+ engine.getEnabledCipherSuites (),
+ engine.session().version);
compression = chooseCompression (hello.compressionMethods ());
if (Debug.DEBUG)
logger.logv(Component.SSL_HANDSHAKE,
@@ -511,10 +513,10 @@ class ServerHandshake extends AbstractHandshake
{
ClientDHE_PSKParameters params = (ClientDHE_PSKParameters)
kex.exchangeKeys();
- DHPublicKey srvKey = (DHPublicKey) dhPair.getPublic();
+ DHPublicKey serverKey = (DHPublicKey) dhPair.getPublic();
DHPublicKey clientKey =
- new GnuDHPublicKey(null, srvKey.getParams().getP(),
- srvKey.getParams().getG(),
+ new GnuDHPublicKey(null, serverKey.getParams().getP(),
+ serverKey.getParams().getG(),
params.params().publicValue());
SecretKey psk = null;
try
@@ -571,12 +573,6 @@ class ServerHandshake extends AbstractHandshake
engine.session().privateData.masterSecret = new byte[0];
}
break;
- case DH_DSS:
- case DH_RSA:
- // Message contains no data in this case (RFC2246, 7.4.7)
- break;
- default:
- throw new SSLException("Unsupported algorithm: " + alg);
}
// XXX SRP
@@ -694,9 +690,6 @@ class ServerHandshake extends AbstractHandshake
}
}
break;
-
- default:
- throw new IllegalStateException("Invalid state: " + state);
}
handshakeOffset += handshake.length() + 4;
@@ -731,7 +724,8 @@ class ServerHandshake extends AbstractHandshake
{
if (state.isWriteState() || outBuffer.hasRemaining())
return HandshakeStatus.NEED_WRAP;
- return HandshakeStatus.NEED_UNWRAP;
+ else
+ return HandshakeStatus.NEED_UNWRAP;
}
// XXX what we need to do here is generate a "stream" of handshake
@@ -1149,8 +1143,6 @@ output_loop:
state = DONE;
}
break;
- default:
- throw new IllegalStateException("Invalid state: " + state);
}
}
if (!tasks.isEmpty())
@@ -1202,7 +1194,7 @@ output_loop:
helloV2 = true;
}
- ByteBuffer signParams(ByteBuffer serverParams)
+ private ByteBuffer signParams(ByteBuffer serverParams)
throws NoSuchAlgorithmException, InvalidKeyException, SignatureException
{
SignatureAlgorithm alg = engine.session().suite.signatureAlgorithm();
@@ -1262,43 +1254,6 @@ output_loop:
}
}
- // Accessors and mutators for delegated tasks.
-
- void setKeyAlias(final String ka)
- {
- keyAlias = ka;
- }
-
- String getKeyAlias()
- {
- return keyAlias;
- }
-
- void setLocalCert(final X509Certificate lc)
- {
- localCert = lc;
- }
-
- X509Certificate getLocalCert()
- {
- return localCert;
- }
-
- void setServerKey(final PrivateKey sk)
- {
- serverKey = sk;
- }
-
- PrivateKey getServerKey()
- {
- return serverKey;
- }
-
- void setDHPair(KeyPair dh)
- {
- dhPair = dh;
- }
-
// Delegated tasks.
class CertLoader extends DelegatedTask
@@ -1307,24 +1262,21 @@ output_loop:
{
}
- @Override
public void implRun() throws SSLException
{
KeyExchangeAlgorithm kexalg = engine.session().suite.keyExchangeAlgorithm();
X509ExtendedKeyManager km = engine.contextImpl.keyManager;
Principal[] issuers = null; // XXX use TrustedAuthorities extension.
- String kAlias = km.chooseEngineServerAlias(kexalg.name(), issuers, engine);
- setKeyAlias(kAlias);
- if (kAlias == null)
+ keyAlias = km.chooseEngineServerAlias(kexalg.name(), issuers, engine);
+ if (keyAlias == null)
throw new SSLException("no certificates available");
- X509Certificate[] chain = km.getCertificateChain(kAlias);
+ X509Certificate[] chain = km.getCertificateChain(keyAlias);
engine.session().setLocalCertificates(chain);
- X509Certificate lCert = chain[0];
- setLocalCert(lCert);
- setServerKey(km.getPrivateKey(kAlias));
+ localCert = chain[0];
+ serverKey = km.getPrivateKey(keyAlias);
if (kexalg == DH_DSS || kexalg == DH_RSA)
- setDHPair(new KeyPair(lCert.getPublicKey(),
- km.getPrivateKey(keyAlias)));
+ dhPair = new KeyPair(localCert.getPublicKey(),
+ km.getPrivateKey(keyAlias));
}
}
@@ -1336,15 +1288,6 @@ output_loop:
ByteBuffer paramsBuffer;
ByteBuffer sigBuffer;
- /**
- * Public constructor to avoid synthetic accessor.
- */
- public GenDH()
- {
- super();
- }
-
- @Override
protected void implRun()
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException,
InvalidKeyException, SignatureException
@@ -1352,9 +1295,8 @@ output_loop:
KeyPairGenerator dhGen = KeyPairGenerator.getInstance("DH");
DHParameterSpec dhparams = DiffieHellman.getParams().getParams();
dhGen.initialize(dhparams, engine.session().random());
- KeyPair pair = dhGen.generateKeyPair();
- setDHPair(pair);
- DHPublicKey pub = (DHPublicKey) pair.getPublic();
+ dhPair = dhGen.generateKeyPair();
+ DHPublicKey pub = (DHPublicKey) dhPair.getPublic();
// Generate the parameters message.
ServerDHParams params = new ServerDHParams(pub.getParams().getP(),
@@ -1371,7 +1313,7 @@ output_loop:
if (Debug.DEBUG_KEY_EXCHANGE)
logger.logv(Component.SSL_KEY_EXCHANGE,
"Diffie-Hellman public:{0} private:{1}",
- pair.getPublic(), pair.getPrivate());
+ dhPair.getPublic(), dhPair.getPrivate());
}
}
@@ -1384,14 +1326,13 @@ output_loop:
this.encryptedPreMasterSecret = encryptedPreMasterSecret;
}
- @Override
public void implRun()
throws BadPaddingException, IllegalBlockSizeException, InvalidKeyException,
NoSuchAlgorithmException, NoSuchPaddingException, SSLException
{
Cipher rsa = Cipher.getInstance("RSA");
- rsa.init(Cipher.DECRYPT_MODE, getServerKey());
- rsa.init(Cipher.DECRYPT_MODE, getLocalCert());
+ rsa.init(Cipher.DECRYPT_MODE, serverKey);
+ rsa.init(Cipher.DECRYPT_MODE, localCert);
preMasterSecret = rsa.doFinal(encryptedPreMasterSecret);
generateMasterSecret(clientRandom, serverRandom, engine.session());
byte[][] keys = generateKeys(clientRandom, serverRandom, engine.session());
@@ -1415,8 +1356,8 @@ output_loop:
NoSuchAlgorithmException, NoSuchPaddingException, SSLException
{
Cipher rsa = Cipher.getInstance("RSA");
- rsa.init(Cipher.DECRYPT_MODE, getServerKey());
- rsa.init(Cipher.DECRYPT_MODE, getLocalCert());
+ rsa.init(Cipher.DECRYPT_MODE, serverKey);
+ rsa.init(Cipher.DECRYPT_MODE, localCert);
byte[] rsaSecret = rsa.doFinal(encryptedPreMasterSecret);
byte[] psSecret = psKey.getEncoded();
preMasterSecret = new byte[rsaSecret.length + psSecret.length + 4];
View Lorry Controller Status