gnu.javax.net.ssl.provider

Class AbstractHandshake

Known Direct Subclasses:
ClientHandshake

public abstract class AbstractHandshake
extends Object

The base interface for handshake implementations. Concrete subclasses of this class (one for the server, one for the client) handle the HANDSHAKE content-type in communications.

Nested Class Summary

protected class
AbstractHandshake.CertVerifier
protected class
AbstractHandshake.DHE_PSKGen
protected class
AbstractHandshake.DHPhase

Field Summary

protected static byte[]
CLIENT_FINISHED
"client finished" -- TLS 1.0 and later
protected static byte[]
PAD1
SSL 3.0; the value 0x36 40 (for SHA-1 hashes) or 48 (for MD5 hashes) times.
protected static byte[]
PAD2
SSL 3.0; the value 0x5c 40 (for SHA-1 hashes) or 48 (for MD5 hashes) times.
protected static byte[]
SERVER_FINISHED
"server finished" -- TLS 1.0 and later
protected Random
clientRandom
protected CompressionMethod
compression
protected SSLEngineImpl
engine
protected ByteBuffer
handshakeBuffer
The currently-read handshake messages.
protected int
handshakeOffset
The offset into `handshakeBuffer' where the first unread handshake message resides.
protected InputSecurityParameters
inParams
protected KeyAgreement
keyAgreement
protected static SystemLogger
logger
protected MessageDigest
md5
protected OutputSecurityParameters
outParams
protected byte[]
preMasterSecret
protected Random
serverRandom
protected MessageDigest
sha
protected LinkedList
tasks

Constructor Summary

AbstractHandshake(SSLEngineImpl engine)

Method Summary

protected boolean
doHash()
protected byte[]
genV3CertificateVerify(MessageDigest md5, MessageDigest sha, SessionImpl session)
Generate a certificate verify message for SSLv3.
protected ByteBuffer
generateFinished(MessageDigest md5, MessageDigest sha, boolean isClient, SessionImpl session)
Generate a "finished" message.
protected byte[][]
generateKeys(Random clientRandom, Random serverRandom, SessionImpl session)
Generate the session keys from the computed master secret.
protected void
generateMasterSecret(Random clientRandom, Random serverRandom, SessionImpl session)
protected void
generatePSKSecret(String identity, byte[] otherkey, boolean isClient)
SSLEngineResult.HandshakeStatus
handleInput(ByteBuffer fragment)
Handles the next input message in the handshake.
SSLEngineResult.HandshakeStatus
handleOutput(ByteBuffer fragment)
Produce more handshake output.
protected boolean
hasMessage()
Tell if the handshake buffer currently has a full handshake message.
protected abstract SSLEngineResult.HandshakeStatus
implHandleInput()
Called to process more handshake data.
protected abstract SSLEngineResult.HandshakeStatus
implHandleOutput(ByteBuffer fragment)
Called to implement the underlying output handling.
protected void
initDiffieHellman(DHPrivateKey dhKey, SecureRandom random)
protected boolean
pollHandshake(ByteBuffer fragment)
Attempt to read the next handshake message from the given record.
protected void
setupSecurityParameters(byte[][] keys, boolean isClient, SSLEngineImpl engine, CompressionMethod compression)

Methods inherited from class java.lang.Object

clone, equals, extends Object> getClass, finalize, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

CLIENT_FINISHED

protected static final byte[] CLIENT_FINISHED
"client finished" -- TLS 1.0 and later

PAD1

protected static final byte[] PAD1
SSL 3.0; the value 0x36 40 (for SHA-1 hashes) or 48 (for MD5 hashes) times.

PAD2

protected static final byte[] PAD2
SSL 3.0; the value 0x5c 40 (for SHA-1 hashes) or 48 (for MD5 hashes) times.

SERVER_FINISHED

protected static final byte[] SERVER_FINISHED
"server finished" -- TLS 1.0 and later

clientRandom

protected Random clientRandom

compression

protected CompressionMethod compression

engine

protected final SSLEngineImpl engine

handshakeBuffer

protected ByteBuffer handshakeBuffer
The currently-read handshake messages. There may be zero, or multiple, handshake messages in this buffer.

handshakeOffset

protected int handshakeOffset
The offset into `handshakeBuffer' where the first unread handshake message resides.

inParams

protected InputSecurityParameters inParams

keyAgreement

protected KeyAgreement keyAgreement

logger

protected static final SystemLogger logger

md5

protected MessageDigest md5

outParams

protected OutputSecurityParameters outParams

preMasterSecret

protected byte[] preMasterSecret

serverRandom

protected Random serverRandom

sha

protected MessageDigest sha

tasks

protected LinkedList tasks

Constructor Details

AbstractHandshake

protected AbstractHandshake(SSLEngineImpl engine)
            throws NoSuchAlgorithmException

Method Details

doHash

protected boolean doHash()

genV3CertificateVerify

protected byte[] genV3CertificateVerify(MessageDigest md5,
                                        MessageDigest sha,
                                        SessionImpl session)
Generate a certificate verify message for SSLv3. In SSLv3, a different algorithm was used to generate this value was subtly different than that used in TLSv1.0 and later. In TLSv1.0 and later, this value is just the digest over the handshake messages.

SSLv3 uses the algorithm:

CertificateVerify.signature.md5_hash
MD5(master_secret + pad_2 +
MD5(handshake_messages + master_secret + pad_1));
Certificate.signature.sha_hash
SHA(master_secret + pad_2 +
SHA(handshake_messages + master_secret + pad_1));
Parameters:
md5 - The running MD5 hash of the handshake.
sha - The running SHA-1 hash of the handshake.
session - The current session being negotiated.
Returns:
The computed to-be-signed value.

generateFinished

protected ByteBuffer generateFinished(MessageDigest md5,
                                      MessageDigest sha,
                                      boolean isClient,
                                      SessionImpl session)
Generate a "finished" message. The hashes passed in are modified by this function, so they should be clone copies of the digest if the hash function needs to be used more.
Parameters:
md5 - The MD5 computation.
sha - The SHA-1 computation.
isClient - Whether or not the client-side finished message is being computed.
session - The current session.
Returns:
A byte buffer containing the computed finished message.

generateKeys

protected byte[][] generateKeys(Random clientRandom,
                                Random serverRandom,
                                SessionImpl session)
Generate the session keys from the computed master secret.
Parameters:
clientRandom - The client's nonce.
serverRandom - The server's nonce.
session - The session being established.
Returns:
The derived keys.

generateMasterSecret

protected void generateMasterSecret(Random clientRandom,
                                    Random serverRandom,
                                    SessionImpl session)
            throws SSLException

generatePSKSecret

protected void generatePSKSecret(String identity,
                                 byte[] otherkey,
                                 boolean isClient)
            throws SSLException

handleInput

public final SSLEngineResult.HandshakeStatus handleInput(ByteBuffer fragment)
            throws SSLException
Handles the next input message in the handshake. This is called in response to a call to javax.net.ssl.SSLEngine.unwrap for a message with content-type HANDSHAKE.
Parameters:
Returns:
An SSLEngineResult describing the result.

handleOutput

public final SSLEngineResult.HandshakeStatus handleOutput(ByteBuffer fragment)
            throws SSLException
Produce more handshake output. This is called in response to a call to javax.net.ssl.SSLEngine.wrap, when the handshake is still in progress.
Parameters:
Returns:
An SSLEngineResult describing the result.

hasMessage

protected boolean hasMessage()
Tell if the handshake buffer currently has a full handshake message.

implHandleInput

protected abstract SSLEngineResult.HandshakeStatus implHandleInput()
            throws SSLException
Called to process more handshake data. This method will be called repeatedly while there is remaining handshake data, and while the status is
Returns:
Throws:
SSLException -

implHandleOutput

protected abstract SSLEngineResult.HandshakeStatus implHandleOutput(ByteBuffer fragment)
            throws SSLException
Called to implement the underlying output handling. The callee should attempt to fill the given buffer as much as it can; this can include multiple, and even partial, handshake messages.
Parameters:
fragment - The buffer the callee should write handshake messages to.
Returns:
The new status of the handshake.
Throws:
SSLException - If an error occurs processing the output message.

initDiffieHellman

protected void initDiffieHellman(DHPrivateKey dhKey,
                                 SecureRandom random)
            throws SSLException

pollHandshake

protected boolean pollHandshake(ByteBuffer fragment)
Attempt to read the next handshake message from the given record. If only a partial handshake message is available, then this method saves the incoming bytes and returns false. If a complete handshake is read, or if there was one buffered in the handshake buffer, this method returns true, and `handshakeBuffer' can be used to read the handshake.
Parameters:
Returns:
True if a complete handshake is present in the buffer; false if only a partial one.

setupSecurityParameters

protected void setupSecurityParameters(byte[][] keys,
                                       boolean isClient,
                                       SSLEngineImpl engine,
                                       CompressionMethod compression)
            throws SSLException

AbstractHandshake.java -- abstract handshake handler. Copyright (C) 2006 Free Software Foundation, Inc. This file is a part of GNU Classpath. GNU Classpath is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. GNU Classpath is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GNU Classpath; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Linking this library statically or dynamically with other modules is making a combined work based on this library. Thus, the terms and conditions of the GNU General Public License cover the whole combination. As a special exception, the copyright holders of this library give you permission to link this library with independent modules to produce an executable, regardless of the license terms of these independent modules, and to copy and distribute the resulting executable under terms of your choice, provided that you also meet, for each linked independent module, the terms and conditions of the license of that module. An independent module is a module which is not derived from or based on this library. If you modify this library, you may extend this exception to your version of the library, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version.