summaryrefslogtreecommitdiff
path: root/gnu/javax
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/javax')
-rw-r--r--gnu/javax/net/ssl/AbstractSessionContext.java9
-rw-r--r--gnu/javax/net/ssl/PrivateCredentials.java23
-rw-r--r--gnu/javax/net/ssl/SSLCipherSuite.java10
-rw-r--r--gnu/javax/net/ssl/SSLRecordHandler.java4
-rw-r--r--gnu/javax/net/ssl/Session.java32
-rw-r--r--gnu/javax/net/ssl/StaticTrustAnchors.java10
-rw-r--r--gnu/javax/net/ssl/provider/ClientHandshake.java2
-rw-r--r--gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java6
-rw-r--r--gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java6
-rw-r--r--gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java8
-rw-r--r--gnu/javax/net/ssl/provider/ServerDHParams.java9
-rw-r--r--gnu/javax/net/ssl/provider/ServerHandshake.java109
12 files changed, 161 insertions, 67 deletions
diff --git a/gnu/javax/net/ssl/AbstractSessionContext.java b/gnu/javax/net/ssl/AbstractSessionContext.java
index 96a4e6dd0..031e53a84 100644
--- a/gnu/javax/net/ssl/AbstractSessionContext.java
+++ b/gnu/javax/net/ssl/AbstractSessionContext.java
@@ -1,5 +1,5 @@
/* AbstractSessionContext -- stores SSL sessions, possibly persistently.
- Copyright (C) 2006 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -172,6 +172,7 @@ public abstract class AbstractSessionContext implements SSLSessionContext
* @return The found session, or null if no such session was found,
* or if that session has expired.
*/
+ @Override
public final SSLSession getSession (byte[] sessionId)
{
Session s = implGet (sessionId);
@@ -186,9 +187,9 @@ public abstract class AbstractSessionContext implements SSLSessionContext
public final SSLSession getSession(String host, int port)
{
- for (Enumeration e = getIds(); e.hasMoreElements(); )
+ for (Enumeration<byte[]> e = getIds(); e.hasMoreElements(); )
{
- byte[] id = (byte[]) e.nextElement();
+ byte[] id = e.nextElement();
SSLSession s = getSession(id);
if (s == null) // session expired.
continue;
@@ -221,6 +222,7 @@ public abstract class AbstractSessionContext implements SSLSessionContext
*/
protected abstract Session implGet (byte[] sessionId);
+ @Override
public int getSessionTimeout()
{
return (int) (timeout / 1000);
@@ -267,6 +269,7 @@ public abstract class AbstractSessionContext implements SSLSessionContext
/**
*
*/
+ @Override
public final void setSessionTimeout(int seconds)
{
if (timeout < 0)
diff --git a/gnu/javax/net/ssl/PrivateCredentials.java b/gnu/javax/net/ssl/PrivateCredentials.java
index 7fff253dd..9da9e7eba 100644
--- a/gnu/javax/net/ssl/PrivateCredentials.java
+++ b/gnu/javax/net/ssl/PrivateCredentials.java
@@ -1,5 +1,5 @@
/* PrivateCredentials.java -- private key/certificate pairs.
- Copyright (C) 2006, 2007 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2007, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -118,7 +118,7 @@ public class PrivateCredentials implements ManagerFactoryParameters
{
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certs = cf.generateCertificates(certChain);
- X509Certificate[] chain = (X509Certificate[]) certs.toArray(new X509Certificate[0]);
+ X509Certificate[] chain = certs.toArray(new X509Certificate[certs.size()]);
String alg = null;
String line = readLine(privateKey);
@@ -234,9 +234,9 @@ public class PrivateCredentials implements ManagerFactoryParameters
// Own methods.
// -------------------------------------------------------------------------
- private String readLine(InputStream in) throws IOException
+ private static String readLine(InputStream in) throws IOException
{
- boolean eol_is_cr = System.getProperty("line.separator").equals("\r");
+ boolean eolIsCR = System.getProperty("line.separator").equals("\r");
CPStringBuilder str = new CPStringBuilder();
while (true)
{
@@ -245,12 +245,11 @@ public class PrivateCredentials implements ManagerFactoryParameters
{
if (str.length() > 0)
break;
- else
- return null;
+ return null;
}
else if (i == '\r')
{
- if (eol_is_cr)
+ if (eolIsCR)
break;
}
else if (i == '\n')
@@ -269,7 +268,7 @@ public class PrivateCredentials implements ManagerFactoryParameters
if (cipher.equals("DES-EDE3-CBC"))
{
mode = ModeFactory.getInstance("CBC", "TripleDES", 8);
- HashMap attr = new HashMap();
+ HashMap<String,Object> attr = new HashMap<String,Object>();
attr.put(IMode.KEY_MATERIAL, deriveKey(salt, 24));
attr.put(IMode.IV, salt);
attr.put(IMode.STATE, new Integer(IMode.DECRYPTION));
@@ -278,7 +277,7 @@ public class PrivateCredentials implements ManagerFactoryParameters
else if (cipher.equals("DES-CBC"))
{
mode = ModeFactory.getInstance("CBC", "DES", 8);
- HashMap attr = new HashMap();
+ HashMap<String,Object> attr = new HashMap<String,Object>();
attr.put(IMode.KEY_MATERIAL, deriveKey(salt, 8));
attr.put(IMode.IV, salt);
attr.put(IMode.STATE, new Integer(IMode.DECRYPTION));
@@ -304,13 +303,13 @@ public class PrivateCredentials implements ManagerFactoryParameters
return result;
}
- private byte[] deriveKey(byte[] salt, int keylen)
+ private static byte[] deriveKey(byte[] salt, int keylen)
throws IOException
{
CallbackHandler passwordHandler = new ConsoleCallbackHandler();
try
{
- Class c = Class.forName(Security.getProperty("jessie.password.handler"));
+ Class<?> c = Class.forName(Security.getProperty("jessie.password.handler"));
passwordHandler = (CallbackHandler) c.newInstance();
}
catch (Exception x) { }
@@ -348,7 +347,7 @@ public class PrivateCredentials implements ManagerFactoryParameters
return key;
}
- private byte[] toByteArray(String hex)
+ private static byte[] toByteArray(String hex)
{
hex = hex.toLowerCase();
byte[] buf = new byte[hex.length() / 2];
diff --git a/gnu/javax/net/ssl/SSLCipherSuite.java b/gnu/javax/net/ssl/SSLCipherSuite.java
index 80068e5cb..d0dbba7e1 100644
--- a/gnu/javax/net/ssl/SSLCipherSuite.java
+++ b/gnu/javax/net/ssl/SSLCipherSuite.java
@@ -1,5 +1,5 @@
/* SSLCipherSuite.java -- an SSL cipher suite.
- Copyright (C) 2006 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -63,7 +63,7 @@ public abstract class SSLCipherSuite
this.algorithm = algorithm;
if (id.length != 2)
throw new IllegalArgumentException ("cipher suite ID must be two bytes");
- this.id = (byte[]) id.clone ();
+ this.id = id.clone ();
this.version = version;
}
@@ -111,9 +111,7 @@ public abstract class SSLCipherSuite
catch (InvocationTargetException ite)
{
// XXX
- NoSuchAlgorithmException nsae = new NoSuchAlgorithmException (name);
- nsae.initCause (ite);
- throw nsae;
+ throw new NoSuchAlgorithmException (name, ite);
}
return suite;
}
@@ -125,7 +123,7 @@ public abstract class SSLCipherSuite
public final byte[] getId ()
{
- return (byte[]) id.clone ();
+ return id.clone ();
}
public final Provider getProvider ()
diff --git a/gnu/javax/net/ssl/SSLRecordHandler.java b/gnu/javax/net/ssl/SSLRecordHandler.java
index 8a44245ce..ec264a6b4 100644
--- a/gnu/javax/net/ssl/SSLRecordHandler.java
+++ b/gnu/javax/net/ssl/SSLRecordHandler.java
@@ -1,5 +1,5 @@
/* SSLRecordHandler.java -- a class that handles SSL record layer messages.
- Copyright (C) 2006 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -86,6 +86,7 @@ public abstract class SSLRecordHandler
return contentType;
}
+ @Override
public boolean equals (final Object o)
{
if (!(o instanceof SSLRecordHandler))
@@ -93,6 +94,7 @@ public abstract class SSLRecordHandler
return ((SSLRecordHandler) o).contentType == contentType;
}
+ @Override
public int hashCode ()
{
return contentType & 0xFF;
diff --git a/gnu/javax/net/ssl/Session.java b/gnu/javax/net/ssl/Session.java
index bfa94c29a..38261694c 100644
--- a/gnu/javax/net/ssl/Session.java
+++ b/gnu/javax/net/ssl/Session.java
@@ -1,5 +1,5 @@
/* SessionImpl.java -- concrete definition of SSLSession.
- Copyright (C) 2006, 2014 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -95,21 +95,25 @@ public abstract class Session implements SSLSession, Serializable
lastAccessedTime = System.currentTimeMillis ();
}
+ @Override
public int getApplicationBufferSize()
{
return applicationBufferSize;
}
+ @Override
public String getCipherSuite()
{
return null;
}
+ @Override
public long getCreationTime()
{
return creationTime;
}
+ @Override
public byte[] getId()
{
return sessionId.id();
@@ -120,18 +124,21 @@ public abstract class Session implements SSLSession, Serializable
return sessionId;
}
+ @Override
public long getLastAccessedTime()
{
return lastAccessedTime;
}
+ @Override
public Certificate[] getLocalCertificates()
{
if (localCerts == null)
return null;
- return (Certificate[]) localCerts.clone();
+ return localCerts.clone();
}
+ @Override
public Principal getLocalPrincipal()
{
if (localCerts != null)
@@ -142,20 +149,23 @@ public abstract class Session implements SSLSession, Serializable
return null;
}
+ @Override
public int getPacketBufferSize()
{
return applicationBufferSize + 2048;
}
+ @Override
public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException
{
if (!peerVerified)
throw new SSLPeerUnverifiedException("peer not verified");
if (peerCerts == null)
return null;
- return (Certificate[]) peerCerts.clone();
+ return peerCerts.clone();
}
+ @Override
public X509Certificate[] getPeerCertificateChain()
throws SSLPeerUnverifiedException
{
@@ -163,19 +173,22 @@ public abstract class Session implements SSLSession, Serializable
throw new SSLPeerUnverifiedException("peer not verified");
if (peerCertChain == null)
return null;
- return (X509Certificate[]) peerCertChain.clone();
+ return peerCertChain.clone();
}
+ @Override
public String getPeerHost()
{
return peerHost;
}
+ @Override
public int getPeerPort()
{
return peerPort;
}
+ @Override
public Principal getPeerPrincipal() throws SSLPeerUnverifiedException
{
if (!peerVerified)
@@ -185,32 +198,38 @@ public abstract class Session implements SSLSession, Serializable
return peerCertChain[0].getSubjectDN();
}
+ @Override
public SSLSessionContext getSessionContext()
{
return context;
}
+ @Override
public String[] getValueNames()
{
Set<String> keys = this.values.keySet();
return keys.toArray(new String[keys.size()]);
}
+ @Override
public Object getValue(String name)
{
return values.get(name);
}
+ @Override
public void invalidate()
{
valid = false;
}
+ @Override
public boolean isValid()
{
return valid;
}
+ @Override
public void putValue(String name, Object value)
{
values.put(name, value);
@@ -225,6 +244,7 @@ public abstract class Session implements SSLSession, Serializable
}
}
+ @Override
public void removeValue(String name)
{
Object value = values.remove(name);
@@ -308,7 +328,7 @@ public abstract class Session implements SSLSession, Serializable
{
if (id.length > 32)
throw new IllegalArgumentException ("session ID's are limited to 32 bytes");
- this.id = (byte[]) id.clone();
+ this.id = id.clone();
}
// Instance methods.
@@ -316,7 +336,7 @@ public abstract class Session implements SSLSession, Serializable
public byte[] id()
{
- return (byte[]) id.clone();
+ return id.clone();
}
@Override
diff --git a/gnu/javax/net/ssl/StaticTrustAnchors.java b/gnu/javax/net/ssl/StaticTrustAnchors.java
index 480f1c754..fcdf3a8b1 100644
--- a/gnu/javax/net/ssl/StaticTrustAnchors.java
+++ b/gnu/javax/net/ssl/StaticTrustAnchors.java
@@ -1,5 +1,5 @@
/* StaticTrustAnchors.java -- static list of CA certificates.
- Copyright (C) 2006 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -68,7 +68,7 @@ public class StaticTrustAnchors implements ManagerFactoryParameters
public StaticTrustAnchors(X509Certificate[] certs)
{
- this.certs = (X509Certificate[]) certs.clone();
+ this.certs = certs.clone();
}
// Class method.
@@ -94,7 +94,7 @@ public class StaticTrustAnchors implements ManagerFactoryParameters
public X509Certificate[] getCertificates()
{
- return (X509Certificate[]) certs.clone();
+ return certs.clone();
}
// Constant.
@@ -112,7 +112,7 @@ public class StaticTrustAnchors implements ManagerFactoryParameters
static
{
- LinkedList certs = new LinkedList();
+ LinkedList<X509Certificate> certs = new LinkedList<X509Certificate>();
CertificateFactory factory = null;
try
@@ -1935,6 +1935,6 @@ public class StaticTrustAnchors implements ManagerFactoryParameters
"mmFei74pnykkiFY5LKjSq5YDWtRIn7lAhAuYaPsBQ9Yb4gmxlxw=\n" +
"-----END CERTIFICATE-----\n");
- CA_CERTS = new StaticTrustAnchors((X509Certificate[]) certs.toArray(new X509Certificate[0]));
+ CA_CERTS = new StaticTrustAnchors(certs.toArray(new X509Certificate[certs.size()]));
}
}
diff --git a/gnu/javax/net/ssl/provider/ClientHandshake.java b/gnu/javax/net/ssl/provider/ClientHandshake.java
index c938e284a..fc13b9be9 100644
--- a/gnu/javax/net/ssl/provider/ClientHandshake.java
+++ b/gnu/javax/net/ssl/provider/ClientHandshake.java
@@ -1,5 +1,5 @@
/* ClientHandshake.java --
- Copyright (C) 2006 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
diff --git a/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java b/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java
index 5ef84ca1c..b33efc629 100644
--- a/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java
+++ b/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java
@@ -1,5 +1,5 @@
/* SSLv3HMacMD5.java --
- Copyright (C) 2006 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -38,6 +38,8 @@ exception statement from your version. */
package gnu.javax.net.ssl.provider;
+import gnu.javax.crypto.mac.IMac;
+
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
@@ -86,7 +88,7 @@ public class SSLv3HMacMD5Impl extends MacSpi
|| !key.getAlgorithm().equalsIgnoreCase("SSLv3HMac-MD5"))
throw new InvalidKeyException("expecting secret key with algorithm \"SSLv3HMac-MD5\"");
Map<String,byte[]> attr =
- Collections.singletonMap(SSLHMac.MAC_KEY_MATERIAL, key.getEncoded());
+ Collections.singletonMap(IMac.MAC_KEY_MATERIAL, key.getEncoded());
adaptee.init(attr);
}
diff --git a/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java b/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java
index 6b9c9e9cc..d1e7ed768 100644
--- a/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java
+++ b/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java
@@ -1,5 +1,5 @@
/* SSLv3HMacSHA.java --
- Copyright (C) 2006 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -38,6 +38,8 @@ exception statement from your version. */
package gnu.javax.net.ssl.provider;
+import gnu.javax.crypto.mac.IMac;
+
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
@@ -86,7 +88,7 @@ public class SSLv3HMacSHAImpl extends MacSpi
|| !key.getAlgorithm().equalsIgnoreCase("SSLv3HMac-SHA"))
throw new InvalidKeyException("expecting secret key with algorithm \"SSLv3HMac-SHA\"");
Map<String,byte[]> attr =
- Collections.singletonMap(SSLHMac.MAC_KEY_MATERIAL, key.getEncoded());
+ Collections.singletonMap(IMac.MAC_KEY_MATERIAL, key.getEncoded());
adaptee.init(attr);
}
diff --git a/gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java b/gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java
index 1de3f8124..6c53ed66a 100644
--- a/gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java
+++ b/gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java
@@ -1,5 +1,5 @@
/* ServerDHE_PSKParameters.java --
- Copyright (C) 2006 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -57,7 +57,7 @@ import java.nio.charset.Charset;
*
* @author Casey Marshall (csm@gnu.org)
*/
-public class ServerDHE_PSKParameters implements Constructed, Builder, ServerKeyExchangeParams
+public class ServerDHE_PSKParameters implements Builder, ServerKeyExchangeParams
{
private ByteBuffer buffer;
@@ -81,6 +81,7 @@ public class ServerDHE_PSKParameters implements Constructed, Builder, ServerKeyE
buffer.put(dhParams);
}
+ @Override
public KeyExchangeAlgorithm algorithm()
{
return KeyExchangeAlgorithm.DHE_PSK;
@@ -89,6 +90,7 @@ public class ServerDHE_PSKParameters implements Constructed, Builder, ServerKeyE
/* (non-Javadoc)
* @see gnu.javax.net.ssl.provider.Constructed#length()
*/
+ @Override
public int length()
{
return (buffer.getShort(0) & 0xFFFF) + 2 + params().length();
@@ -115,6 +117,7 @@ public class ServerDHE_PSKParameters implements Constructed, Builder, ServerKeyE
/* (non-Javadoc)
* @see gnu.javax.net.ssl.provider.Builder#buffer()
*/
+ @Override
public ByteBuffer buffer()
{
return (ByteBuffer) buffer.duplicate().rewind().limit(length());
@@ -128,6 +131,7 @@ public class ServerDHE_PSKParameters implements Constructed, Builder, ServerKeyE
/* (non-Javadoc)
* @see gnu.javax.net.ssl.provider.Constructed#toString(java.lang.String)
*/
+ @Override
public String toString(String prefix)
{
StringWriter str = new StringWriter();
diff --git a/gnu/javax/net/ssl/provider/ServerDHParams.java b/gnu/javax/net/ssl/provider/ServerDHParams.java
index 0e2c34881..225956e15 100644
--- a/gnu/javax/net/ssl/provider/ServerDHParams.java
+++ b/gnu/javax/net/ssl/provider/ServerDHParams.java
@@ -1,5 +1,5 @@
/* ServerDHParams.java -- The server's Diffie-Hellman parameters.
- Copyright (C) 2006 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -104,11 +104,13 @@ public class ServerDHParams implements Builder, ServerKeyExchangeParams
buffer.put(y_bytes, y_off, y_len);
}
- @Deprecated public KeyExchangeAlgorithm algorithm ()
+ @Deprecated @Override
+ public KeyExchangeAlgorithm algorithm ()
{
return null; // XXX can't support this.
}
+ @Override
public int length ()
{
int offset1 = buffer.getShort (0) & 0xFFFF;
@@ -117,6 +119,7 @@ public class ServerDHParams implements Builder, ServerKeyExchangeParams
+ offset1 + offset2 + 6);
}
+ @Override
public ByteBuffer buffer()
{
return (ByteBuffer) buffer.duplicate().position(0).limit(length());
@@ -221,11 +224,13 @@ public class ServerDHParams implements Builder, ServerKeyExchangeParams
buffer.put (buf, offset, length);
}
+ @Override
public String toString ()
{
return toString (null);
}
+ @Override
public String toString (final String prefix)
{
StringWriter str = new StringWriter ();
diff --git a/gnu/javax/net/ssl/provider/ServerHandshake.java b/gnu/javax/net/ssl/provider/ServerHandshake.java
index d69fa120d..bfc7a28ef 100644
--- a/gnu/javax/net/ssl/provider/ServerHandshake.java
+++ b/gnu/javax/net/ssl/provider/ServerHandshake.java
@@ -1,5 +1,5 @@
/* ServerHandshake.java -- the server-side handshake.
- Copyright (C) 2006 Free Software Foundation, Inc.
+ Copyright (C) 2006, 2015 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -194,8 +194,7 @@ class ServerHandshake extends AbstractHandshake
* we have enabled.
*/
private CipherSuite chooseSuite (final CipherSuiteList clientSuites,
- final String[] enabledSuites,
- final ProtocolVersion version)
+ final String[] enabledSuites)
throws SSLException
{
// Figure out which SignatureAlgorithms we can support.
@@ -336,8 +335,7 @@ class ServerHandshake extends AbstractHandshake
engine.getEnabledProtocols ());
engine.session().suite =
chooseSuite (hello.cipherSuites (),
- engine.getEnabledCipherSuites (),
- engine.session().version);
+ engine.getEnabledCipherSuites ());
compression = chooseCompression (hello.compressionMethods ());
if (Debug.DEBUG)
logger.logv(Component.SSL_HANDSHAKE,
@@ -513,10 +511,10 @@ class ServerHandshake extends AbstractHandshake
{
ClientDHE_PSKParameters params = (ClientDHE_PSKParameters)
kex.exchangeKeys();
- DHPublicKey serverKey = (DHPublicKey) dhPair.getPublic();
+ DHPublicKey srvKey = (DHPublicKey) dhPair.getPublic();
DHPublicKey clientKey =
- new GnuDHPublicKey(null, serverKey.getParams().getP(),
- serverKey.getParams().getG(),
+ new GnuDHPublicKey(null, srvKey.getParams().getP(),
+ srvKey.getParams().getG(),
params.params().publicValue());
SecretKey psk = null;
try
@@ -573,6 +571,12 @@ class ServerHandshake extends AbstractHandshake
engine.session().privateData.masterSecret = new byte[0];
}
break;
+ case DH_DSS:
+ case DH_RSA:
+ // Message contains no data in this case (RFC2246, 7.4.7)
+ break;
+ default:
+ throw new SSLException("Unsupported algorithm: " + alg);
}
// XXX SRP
@@ -690,6 +694,9 @@ class ServerHandshake extends AbstractHandshake
}
}
break;
+
+ default:
+ throw new IllegalStateException("Invalid state: " + state);
}
handshakeOffset += handshake.length() + 4;
@@ -724,8 +731,7 @@ class ServerHandshake extends AbstractHandshake
{
if (state.isWriteState() || outBuffer.hasRemaining())
return HandshakeStatus.NEED_WRAP;
- else
- return HandshakeStatus.NEED_UNWRAP;
+ return HandshakeStatus.NEED_UNWRAP;
}
// XXX what we need to do here is generate a "stream" of handshake
@@ -1143,6 +1149,8 @@ output_loop:
state = DONE;
}
break;
+ default:
+ throw new IllegalStateException("Invalid state: " + state);
}
}
if (!tasks.isEmpty())
@@ -1194,7 +1202,7 @@ output_loop:
helloV2 = true;
}
- private ByteBuffer signParams(ByteBuffer serverParams)
+ ByteBuffer signParams(ByteBuffer serverParams)
throws NoSuchAlgorithmException, InvalidKeyException, SignatureException
{
SignatureAlgorithm alg = engine.session().suite.signatureAlgorithm();
@@ -1254,6 +1262,43 @@ output_loop:
}
}
+ // Accessors and mutators for delegated tasks.
+
+ void setKeyAlias(final String ka)
+ {
+ keyAlias = ka;
+ }
+
+ String getKeyAlias()
+ {
+ return keyAlias;
+ }
+
+ void setLocalCert(final X509Certificate lc)
+ {
+ localCert = lc;
+ }
+
+ X509Certificate getLocalCert()
+ {
+ return localCert;
+ }
+
+ void setServerKey(final PrivateKey sk)
+ {
+ serverKey = sk;
+ }
+
+ PrivateKey getServerKey()
+ {
+ return serverKey;
+ }
+
+ void setDHPair(KeyPair dh)
+ {
+ dhPair = dh;
+ }
+
// Delegated tasks.
class CertLoader extends DelegatedTask
@@ -1262,21 +1307,24 @@ output_loop:
{
}
+ @Override
public void implRun() throws SSLException
{
KeyExchangeAlgorithm kexalg = engine.session().suite.keyExchangeAlgorithm();
X509ExtendedKeyManager km = engine.contextImpl.keyManager;
Principal[] issuers = null; // XXX use TrustedAuthorities extension.
- keyAlias = km.chooseEngineServerAlias(kexalg.name(), issuers, engine);
- if (keyAlias == null)
+ String kAlias = km.chooseEngineServerAlias(kexalg.name(), issuers, engine);
+ setKeyAlias(kAlias);
+ if (kAlias == null)
throw new SSLException("no certificates available");
- X509Certificate[] chain = km.getCertificateChain(keyAlias);
+ X509Certificate[] chain = km.getCertificateChain(kAlias);
engine.session().setLocalCertificates(chain);
- localCert = chain[0];
- serverKey = km.getPrivateKey(keyAlias);
+ X509Certificate lCert = chain[0];
+ setLocalCert(lCert);
+ setServerKey(km.getPrivateKey(kAlias));
if (kexalg == DH_DSS || kexalg == DH_RSA)
- dhPair = new KeyPair(localCert.getPublicKey(),
- km.getPrivateKey(keyAlias));
+ setDHPair(new KeyPair(lCert.getPublicKey(),
+ km.getPrivateKey(keyAlias)));
}
}
@@ -1288,6 +1336,15 @@ output_loop:
ByteBuffer paramsBuffer;
ByteBuffer sigBuffer;
+ /**
+ * Public constructor to avoid synthetic accessor.
+ */
+ public GenDH()
+ {
+ super();
+ }
+
+ @Override
protected void implRun()
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException,
InvalidKeyException, SignatureException
@@ -1295,8 +1352,9 @@ output_loop:
KeyPairGenerator dhGen = KeyPairGenerator.getInstance("DH");
DHParameterSpec dhparams = DiffieHellman.getParams().getParams();
dhGen.initialize(dhparams, engine.session().random());
- dhPair = dhGen.generateKeyPair();
- DHPublicKey pub = (DHPublicKey) dhPair.getPublic();
+ KeyPair pair = dhGen.generateKeyPair();
+ setDHPair(pair);
+ DHPublicKey pub = (DHPublicKey) pair.getPublic();
// Generate the parameters message.
ServerDHParams params = new ServerDHParams(pub.getParams().getP(),
@@ -1313,7 +1371,7 @@ output_loop:
if (Debug.DEBUG_KEY_EXCHANGE)
logger.logv(Component.SSL_KEY_EXCHANGE,
"Diffie-Hellman public:{0} private:{1}",
- dhPair.getPublic(), dhPair.getPrivate());
+ pair.getPublic(), pair.getPrivate());
}
}
@@ -1326,13 +1384,14 @@ output_loop:
this.encryptedPreMasterSecret = encryptedPreMasterSecret;
}
+ @Override
public void implRun()
throws BadPaddingException, IllegalBlockSizeException, InvalidKeyException,
NoSuchAlgorithmException, NoSuchPaddingException, SSLException
{
Cipher rsa = Cipher.getInstance("RSA");
- rsa.init(Cipher.DECRYPT_MODE, serverKey);
- rsa.init(Cipher.DECRYPT_MODE, localCert);
+ rsa.init(Cipher.DECRYPT_MODE, getServerKey());
+ rsa.init(Cipher.DECRYPT_MODE, getLocalCert());
preMasterSecret = rsa.doFinal(encryptedPreMasterSecret);
generateMasterSecret(clientRandom, serverRandom, engine.session());
byte[][] keys = generateKeys(clientRandom, serverRandom, engine.session());
@@ -1356,8 +1415,8 @@ output_loop:
NoSuchAlgorithmException, NoSuchPaddingException, SSLException
{
Cipher rsa = Cipher.getInstance("RSA");
- rsa.init(Cipher.DECRYPT_MODE, serverKey);
- rsa.init(Cipher.DECRYPT_MODE, localCert);
+ rsa.init(Cipher.DECRYPT_MODE, getServerKey());
+ rsa.init(Cipher.DECRYPT_MODE, getLocalCert());
byte[] rsaSecret = rsa.doFinal(encryptedPreMasterSecret);
byte[] psSecret = psKey.getEncoded();
preMasterSecret = new byte[rsaSecret.length + psSecret.length + 4];
View Lorry Controller Status