mirror of
https://github.com/openjdk/jdk.git
synced 2026-06-06 02:33:12 +00:00
8004019: Removes unused method HandshakeHash.setCertificateVerifyAlg()
Certification verification in HandshakeHash was abandoned during TLS 1.2 implementation Reviewed-by: xuelei, weijun
This commit is contained in:
Florian Weimer
Xue-Lei Andrew Fan
parent
ff1d49bc5b
commit
a1c151acd0
@ -557,10 +557,6 @@ final class ClientHandshaker extends Handshaker {
|
||||
}
|
||||
|
||||
if (resumingSession && session != null) {
|
||||
if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
|
||||
handshakeHash.setCertificateVerifyAlg(null);
|
||||
}
|
||||
|
||||
setHandshakeSessionSE(session);
|
||||
return;
|
||||
}
|
||||
@ -975,8 +971,6 @@ final class ClientHandshaker extends Handshaker {
|
||||
throw new SSLHandshakeException(
|
||||
"No supported hash algorithm");
|
||||
}
|
||||
|
||||
handshakeHash.setCertificateVerifyAlg(hashAlg);
|
||||
}
|
||||
|
||||
m3 = new CertificateVerify(protocolVersion, handshakeHash,
|
||||
@ -994,10 +988,6 @@ final class ClientHandshaker extends Handshaker {
|
||||
}
|
||||
m3.write(output);
|
||||
output.doHashes();
|
||||
} else {
|
||||
if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
|
||||
handshakeHash.setCertificateVerifyAlg(null);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
@ -29,7 +29,6 @@ package sun.security.ssl;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.security.*;
|
||||
import java.util.Locale;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* Abstraction for the SSL/TLS hash of all handshake messages that is
|
||||
@ -49,28 +48,23 @@ import java.util.Set;
|
||||
* 1. protocolDetermined(version) should be called when the negotiated
|
||||
* protocol version is determined.
|
||||
*
|
||||
* 2. Before protocolDetermined() is called, only update(), reset(),
|
||||
* restrictCertificateVerifyAlgs(), setFinishedAlg(), and
|
||||
* setCertificateVerifyAlg() can be called.
|
||||
* 2. Before protocolDetermined() is called, only update(), and reset()
|
||||
* and setFinishedAlg() can be called.
|
||||
*
|
||||
* 3. After protocolDetermined() is called, reset() cannot be called.
|
||||
*
|
||||
* 4. After protocolDetermined() is called, if the version is pre-TLS 1.2,
|
||||
* getFinishedHash() and getCertificateVerifyHash() cannot be called. Otherwise,
|
||||
* getFinishedHash() cannot be called. Otherwise,
|
||||
* getMD5Clone() and getSHAClone() cannot be called.
|
||||
*
|
||||
* 5. getMD5Clone() and getSHAClone() can only be called after
|
||||
* protocolDetermined() is called and version is pre-TLS 1.2.
|
||||
*
|
||||
* 6. getFinishedHash() and getCertificateVerifyHash() can only be called after
|
||||
* all protocolDetermined(), setCertificateVerifyAlg() and setFinishedAlg()
|
||||
* have been called and the version is TLS 1.2. If a CertificateVerify message
|
||||
* is to be used, call setCertificateVerifyAlg() with the hash algorithm as the
|
||||
* argument. Otherwise, you still must call setCertificateVerifyAlg(null) before
|
||||
* calculating any hash value.
|
||||
* 6. getFinishedHash() can only be called after protocolDetermined()
|
||||
* and setFinishedAlg() have been called and the version is TLS 1.2.
|
||||
*
|
||||
* Suggestions: Call protocolDetermined(), restrictCertificateVerifyAlgs(),
|
||||
* setFinishedAlg(), and setCertificateVerifyAlg() as early as possible.
|
||||
* Suggestion: Call protocolDetermined() and setFinishedAlg()
|
||||
* as early as possible.
|
||||
*
|
||||
* Example:
|
||||
* <pre>
|
||||
@ -80,21 +74,13 @@ import java.util.Set;
|
||||
* hh.setFinishedAlg("SHA-256");
|
||||
* hh.update(serverHelloBytes);
|
||||
* ...
|
||||
* hh.setCertificateVerifyAlg("SHA-384");
|
||||
* hh.update(CertificateVerifyBytes);
|
||||
* byte[] cvDigest = hh.getCertificateVerifyHash();
|
||||
* ...
|
||||
* hh.update(finished1);
|
||||
* byte[] finDigest1 = hh.getFinishedHash();
|
||||
* hh.update(finished2);
|
||||
* byte[] finDigest2 = hh.getFinishedHash();
|
||||
* </pre>
|
||||
* If no CertificateVerify message is to be used, call
|
||||
* <pre>
|
||||
* hh.setCertificateVerifyAlg(null);
|
||||
* </pre>
|
||||
* This call can be made once you are certain that this message
|
||||
* will never be used.
|
||||
*/
|
||||
final class HandshakeHash {
|
||||
|
||||
@ -105,28 +91,19 @@ final class HandshakeHash {
|
||||
// 2: TLS 1.2
|
||||
private int version = -1;
|
||||
private ByteArrayOutputStream data = new ByteArrayOutputStream();
|
||||
private final boolean isServer;
|
||||
|
||||
// For TLS 1.1
|
||||
private MessageDigest md5, sha;
|
||||
private final int clonesNeeded; // needs to be saved for later use
|
||||
|
||||
// For TLS 1.2
|
||||
// cvAlgDetermined == true means setCertificateVerifyAlg() is called
|
||||
private boolean cvAlgDetermined = false;
|
||||
private String cvAlg;
|
||||
private MessageDigest finMD;
|
||||
|
||||
/**
|
||||
* Create a new HandshakeHash. needCertificateVerify indicates whether
|
||||
* a hash for the certificate verify message is required. The argument
|
||||
* algs is a set of all possible hash algorithms that might be used in
|
||||
* TLS 1.2. If the caller is sure that TLS 1.2 won't be used or no
|
||||
* CertificateVerify message will be used, leave it null or empty.
|
||||
* a hash for the certificate verify message is required.
|
||||
*/
|
||||
HandshakeHash(boolean isServer, boolean needCertificateVerify,
|
||||
Set<String> algs) {
|
||||
this.isServer = isServer;
|
||||
HandshakeHash(boolean needCertificateVerify) {
|
||||
clonesNeeded = needCertificateVerify ? 3 : 2;
|
||||
}
|
||||
|
||||
@ -256,46 +233,10 @@ final class HandshakeHash {
|
||||
finMD.update(data.toByteArray());
|
||||
}
|
||||
|
||||
/**
|
||||
* Restricts the possible algorithms for the CertificateVerify. Called by
|
||||
* the server based on info in CertRequest. The argument must be a subset
|
||||
* of the argument with the same name in the constructor. The method can be
|
||||
* called multiple times. If the caller is sure that no CertificateVerify
|
||||
* message will be used, leave this argument null or empty.
|
||||
*/
|
||||
void restrictCertificateVerifyAlgs(Set<String> algs) {
|
||||
if (version == 1) {
|
||||
throw new RuntimeException(
|
||||
"setCertificateVerifyAlg() cannot be called for TLS 1.1");
|
||||
}
|
||||
// Not used yet
|
||||
}
|
||||
|
||||
/**
|
||||
* Specifies the hash algorithm used in CertificateVerify.
|
||||
* Can be called multiple times.
|
||||
*/
|
||||
void setCertificateVerifyAlg(String s) {
|
||||
|
||||
// Can be called multiple times, but only set once
|
||||
if (cvAlgDetermined) return;
|
||||
|
||||
cvAlg = s == null ? null : normalizeAlgName(s);
|
||||
cvAlgDetermined = true;
|
||||
}
|
||||
|
||||
byte[] getAllHandshakeMessages() {
|
||||
return data.toByteArray();
|
||||
}
|
||||
|
||||
/**
|
||||
* Calculates the hash in the CertificateVerify. Must be called right
|
||||
* after setCertificateVerifyAlg()
|
||||
*/
|
||||
/*byte[] getCertificateVerifyHash() {
|
||||
throw new Error("Do not call getCertificateVerifyHash()");
|
||||
}*/
|
||||
|
||||
/**
|
||||
* Calculates the hash in Finished. Must be called after setFinishedAlg().
|
||||
* This method can be called twice, for Finished messages of the server
|
||||
|
||||
@ -489,11 +489,7 @@ abstract class Handshaker {
|
||||
// We accumulate digests of the handshake messages so that
|
||||
// we can read/write CertificateVerify and Finished messages,
|
||||
// getting assurance against some particular active attacks.
|
||||
Set<String> localSupportedHashAlgorithms =
|
||||
SignatureAndHashAlgorithm.getHashAlgorithmNames(
|
||||
getLocalSupportedSignAlgs());
|
||||
handshakeHash = new HandshakeHash(!isClient, needCertVerify,
|
||||
localSupportedHashAlgorithms);
|
||||
handshakeHash = new HandshakeHash(needCertVerify);
|
||||
|
||||
// Generate handshake input/output stream.
|
||||
input = new HandshakeInStream(handshakeHash);
|
||||
|
||||
@ -58,9 +58,6 @@ final class MAC {
|
||||
// Value of the null MAC is fixed
|
||||
private static final byte nullMAC[] = new byte[0];
|
||||
|
||||
// internal identifier for the MAC algorithm
|
||||
private final MacAlg macAlg;
|
||||
|
||||
// stuff defined by the kind of MAC algorithm
|
||||
private final int macSize;
|
||||
|
||||
@ -85,7 +82,6 @@ final class MAC {
|
||||
|
||||
private MAC() {
|
||||
macSize = 0;
|
||||
macAlg = M_NULL;
|
||||
mac = null;
|
||||
block = null;
|
||||
}
|
||||
@ -95,7 +91,6 @@ final class MAC {
|
||||
*/
|
||||
MAC(MacAlg macAlg, ProtocolVersion protocolVersion, SecretKey key)
|
||||
throws NoSuchAlgorithmException, InvalidKeyException {
|
||||
this.macAlg = macAlg;
|
||||
this.macSize = macAlg.size;
|
||||
|
||||
String algorithm;
|
||||
|
||||
@ -670,9 +670,6 @@ final class ServerHandshaker extends Handshaker {
|
||||
}
|
||||
|
||||
if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
|
||||
if (resumingSession) {
|
||||
handshakeHash.setCertificateVerifyAlg(null);
|
||||
}
|
||||
handshakeHash.setFinishedAlg(cipherSuite.prfAlg.getPRFHashAlg());
|
||||
}
|
||||
|
||||
@ -882,7 +879,6 @@ final class ServerHandshaker extends Handshaker {
|
||||
throw new SSLHandshakeException(
|
||||
"No supported signature algorithm");
|
||||
}
|
||||
handshakeHash.restrictCertificateVerifyAlgs(localHashAlgs);
|
||||
}
|
||||
|
||||
caCerts = sslContext.getX509TrustManager().getAcceptedIssuers();
|
||||
@ -893,10 +889,6 @@ final class ServerHandshaker extends Handshaker {
|
||||
m4.print(System.out);
|
||||
}
|
||||
m4.write(output);
|
||||
} else {
|
||||
if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
|
||||
handshakeHash.setCertificateVerifyAlg(null);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
@ -1456,8 +1448,6 @@ final class ServerHandshaker extends Handshaker {
|
||||
throw new SSLHandshakeException(
|
||||
"No supported hash algorithm");
|
||||
}
|
||||
|
||||
handshakeHash.setCertificateVerifyAlg(hashAlg);
|
||||
}
|
||||
|
||||
try {
|
||||
@ -1672,11 +1662,6 @@ final class ServerHandshaker extends Handshaker {
|
||||
* not *REQUIRED*, this is an acceptable condition.)
|
||||
*/
|
||||
if (doClientAuth == SSLEngineImpl.clauth_requested) {
|
||||
// Smart (aka stupid) to forecast that no CertificateVerify
|
||||
// message will be received.
|
||||
if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
|
||||
handshakeHash.setCertificateVerifyAlg(null);
|
||||
}
|
||||
return;
|
||||
} else {
|
||||
fatalSE(Alerts.alert_bad_certificate,
|
||||
|
||||
@ -77,9 +77,6 @@ final class SignatureAndHashAlgorithm {
|
||||
// the hash algorithm
|
||||
private HashAlgorithm hash;
|
||||
|
||||
// the signature algorithm
|
||||
private SignatureAlgorithm signature;
|
||||
|
||||
// id in 16 bit MSB format, i.e. 0x0603 for SHA512withECDSA
|
||||
private int id;
|
||||
|
||||
@ -96,7 +93,6 @@ final class SignatureAndHashAlgorithm {
|
||||
private SignatureAndHashAlgorithm(HashAlgorithm hash,
|
||||
SignatureAlgorithm signature, String algorithm, int priority) {
|
||||
this.hash = hash;
|
||||
this.signature = signature;
|
||||
this.algorithm = algorithm;
|
||||
this.id = ((hash.value & 0xFF) << 8) | (signature.value & 0xFF);
|
||||
this.priority = priority;
|
||||
@ -105,11 +101,10 @@ final class SignatureAndHashAlgorithm {
|
||||
// constructor for unsupported algorithm
|
||||
private SignatureAndHashAlgorithm(String algorithm, int id, int sequence) {
|
||||
this.hash = HashAlgorithm.valueOf((id >> 8) & 0xFF);
|
||||
this.signature = SignatureAlgorithm.valueOf(id & 0xFF);
|
||||
this.algorithm = algorithm;
|
||||
this.id = id;
|
||||
|
||||
// add one more to the sequece number, in case that the number is zero
|
||||
// add one more to the sequence number, in case that the number is zero
|
||||
this.priority = SUPPORTED_ALG_PRIORITY_MAX_NUM + sequence + 1;
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user