Menu
▾
▴
jnode-svn-commits
|
From: <ls...@us...> - 2006-12-30 19:27:43
|
Revision: 2971
http://jnode.svn.sourceforge.net/jnode/?rev=2971&view=rev
Author: lsantha
Date: 2006-12-30 11:27:41 -0800 (Sat, 30 Dec 2006)
Log Message:
-----------
Removed java.sql dependency.
Modified Paths:
--------------
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Context.java
Removed Paths:
-------------
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/JDBCSessionContext.java
Modified: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Context.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Context.java 2006-12-30 18:00:47 UTC (rev 2970)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Context.java 2006-12-30 19:27:41 UTC (rev 2971)
@@ -38,8 +38,6 @@
package gnu.javax.net.ssl.provider;
-import java.io.File;
-import java.io.InputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStoreException;
@@ -47,9 +45,7 @@
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
-import java.security.Security;
import java.security.UnrecoverableKeyException;
-import java.sql.SQLException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
Deleted: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/JDBCSessionContext.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/JDBCSessionContext.java 2006-12-30 18:00:47 UTC (rev 2970)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/JDBCSessionContext.java 2006-12-30 19:27:41 UTC (rev 2971)
@@ -1,356 +0,0 @@
-/* JDBCSessionContext.java -- database persistent sessions.
- Copyright (C) 2006 Free Software Foundation, Inc.
-
-This file is a part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or (at
-your option) any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; if not, write to the Free Software
-Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
-USA
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library. Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module. An independent module is a module which is not derived from
-or based on this library. If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so. If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package gnu.javax.net.ssl.provider;
-
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-
-import java.security.SecureRandom;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
-
-import java.sql.Connection;
-import java.sql.DriverManager;
-import java.sql.PreparedStatement;
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.sql.Statement;
-import java.sql.Timestamp;
-import java.sql.Types;
-
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.Enumeration;
-import java.util.TreeSet;
-import java.util.Vector;
-
-import javax.net.ssl.SSLSession;
-
-/**
- * The SQL table this class stores sessions in, called <tt>SESSIONS</tt>,
- * looks like this:
- *
- * <blockquote><pre>
- * TABLE SESSIONS (
- * ID VARBINARY(32) PRIMARY KEY UNIQUE NOT NULL,
- * CREATED TIMESTAMP NOT NULL,
- * LAST_ACCESSED TIMESTAMP NOT NULL,
- * PROTOCOL VARCHAR(7) NOT NULL,
- * SUITE VARCHAR(255) NOT NULL,
- * PEER_HOST TEXT NOT NULL,
- * PEER_CERT_TYPE VARCHAR(32),
- * PEER_CERTS BLOB,
- * CERT_TYPE VARCHAR(32),
- * CERTS BLOB,
- * SECRET VARBINARY(48) NOT NULL
- * )
- * </pre></blockquote>
- *
- * <p>Note that the master secret for sessions is not protected before
- * being inserted into the database; it is up to the system to protect
- * the stored data from unauthorized access.
- */
-class JDBCSessionContext extends SessionContext
-{
-
- // Fields.
- // -------------------------------------------------------------------------
-
- protected Connection connection;
- protected PreparedStatement selectById;
- protected PreparedStatement insert;
- protected PreparedStatement selectTimestamp;
- protected PreparedStatement updateTimestamp;
- protected PreparedStatement deleteSession;
-
- // Constructor.
- // -------------------------------------------------------------------------
-
- JDBCSessionContext() throws SQLException
- {
- String url = Util.getSecurityProperty("jessie.SessionContext.jdbc.url");
- String user = Util.getSecurityProperty("jessie.SessionContext.jdbc.user");
- String passwd = Util.getSecurityProperty("jessie.SessionContext.jdbc.password");
- if (url == null)
- {
- throw new IllegalArgumentException("no JDBC URL");
- }
- if (user == null || passwd == null)
- {
- connection = DriverManager.getConnection(url);
- }
- else
- {
- connection = DriverManager.getConnection(url, user, passwd);
- }
- selectById =
- connection.prepareStatement("SELECT * FROM SESSIONS WHERE ID = ?");
- insert = connection.prepareStatement("INSERT INTO SESSIONS VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
- selectTimestamp =
- connection.prepareStatement("SELECT CREATED FROM SESSIONS WHERE ID = ?");
- updateTimestamp =
- connection.prepareStatement("UPDATE SESSIONS SET LAST_ACCESSED = ? WHERE ID = ?");
- deleteSession =
- connection.prepareStatement("DELETE FROM SESSIONS WHERE ID = ?");
- }
-
- // Instance methods.
- // -------------------------------------------------------------------------
-
- public synchronized Enumeration getIds()
- {
- Vector ids = new Vector();
- try
- {
- Statement stmt = connection.createStatement();
- ResultSet rs = stmt.executeQuery("SELECT ID FROM SESSIONS");
- while (rs.next())
- {
- byte[] id = rs.getBytes("ID");
- ids.add(id);
- }
- }
- catch (SQLException sqle)
- {
- }
- return ids.elements();
- }
-
- public synchronized SSLSession getSession(byte[] sessionId)
- {
- Session session = (Session) super.getSession(sessionId);
- if (session == null)
- {
- try
- {
- selectById.setBytes(1, sessionId);
- ResultSet rs = selectById.executeQuery();
- if (rs.next())
- {
- session = new Session(rs.getTimestamp("CREATED").getTime());
- session.enabledSuites = new ArrayList(SSLSocket.supportedSuites);
- session.enabledProtocols = new TreeSet(SSLSocket.supportedProtocols);
- session.random = new SecureRandom();
- session.context = this;
- session.sessionId = new Session.ID(rs.getBytes("ID"));
- session.setLastAccessedTime(rs.getTimestamp("LAST_ACCESSED").getTime());
- long elapsed = System.currentTimeMillis() - session.getLastAccessedTime();
- if ((int) (elapsed / 1000L) > timeout)
- {
- removeSession(session.sessionId);
- return null;
- }
- session.peerHost = rs.getString("PEER_HOST");
- String protocol = rs.getString("PROTOCOL");
- if (protocol.equals("SSLv3"))
- {
- session.protocol = ProtocolVersion.SSL_3;
- }
- else if (protocol.equals("TLSv1"))
- {
- session.protocol = ProtocolVersion.TLS_1;
- }
- else if (protocol.equals("TLSv1.1"))
- {
- session.protocol = ProtocolVersion.TLS_1_1;
- }
- else
- {
- return null;
- }
- session.cipherSuite = CipherSuite.forName(rs.getString("SUITE"));
- String type = rs.getString("PEER_CERT_TYPE");
- boolean wasNull = rs.wasNull();
- InputStream certs = null;
- if (!wasNull)
- {
- certs = rs.getBinaryStream("PEER_CERTS");
- wasNull = rs.wasNull();
- }
- if (!wasNull)
- {
- CertificateFactory cf = CertificateFactory.getInstance(type);
- session.peerCerts = (Certificate[])
- cf.generateCertificates(certs).toArray(new Certificate[0]);
- session.peerVerified = true;
- }
- type = rs.getString("CERT_TYPE");
- wasNull = rs.wasNull();
- if (!wasNull)
- {
- certs = rs.getBinaryStream("CERTS");
- wasNull = rs.wasNull();
- }
- if (!wasNull)
- {
- CertificateFactory cf = CertificateFactory.getInstance(type);
- session.localCerts = (Certificate[])
- cf.generateCertificates(certs).toArray(new Certificate[0]);
- }
- session.masterSecret = rs.getBytes("SECRET");
- if (cacheSize == 0 || sessions.size() < cacheSize)
- {
- sessions.put(session.sessionId, session);
- }
- }
- }
- catch (Exception ex)
- {
- }
- }
- return session;
- }
-
- synchronized boolean addSession(Session.ID id, Session s)
- {
- if (containsSessionID(id))
- {
- return false;
- }
- try
- {
- insert.setBytes(1, id.getId());
- insert.setTimestamp(2, new Timestamp(s.getCreationTime()));
- insert.setTimestamp(3, new Timestamp(s.getLastAccessedTime()));
- insert.setString(4, s.getProtocol());
- insert.setString(5, s.getCipherSuite());
- insert.setString(6, s.peerHost);
- if (s.peerCerts != null && s.peerCerts.length > 0)
- {
- insert.setString(7, s.peerCerts[0].getType());
- insert.setBytes(8, certs(s.peerCerts));
- }
- else
- {
- insert.setNull(7, Types.VARCHAR);
- insert.setNull(8, Types.LONGVARBINARY);
- }
- if (s.localCerts != null && s.localCerts.length > 0)
- {
- insert.setString(9, s.localCerts[0].getType());
- insert.setBytes(10, certs(s.localCerts));
- }
- else
- {
- insert.setNull(9, Types.VARCHAR);
- insert.setNull(10, Types.LONGVARBINARY);
- }
- insert.setBytes(11, s.masterSecret);
- insert.executeUpdate();
- super.addSession(id, s);
- }
- catch (SQLException sqle)
- {
- return false;
- }
- return true;
- }
-
- synchronized boolean containsSessionID(Session.ID sessionId)
- {
- try
- {
- selectTimestamp.setBytes(1, sessionId.getId());
- ResultSet rs = selectTimestamp.executeQuery();
- if (!rs.next())
- {
- return false;
- }
- Timestamp ts = rs.getTimestamp("CREATED");
- if (rs.wasNull())
- {
- return false;
- }
- long elapsed = System.currentTimeMillis() - ts.getTime();
- if ((int) (elapsed / 1000) > timeout)
- {
- removeSession(sessionId);
- return false;
- }
- return true;
- }
- catch (SQLException sqle)
- {
- return false;
- }
- }
-
- protected boolean removeSession(Session.ID sessionId)
- {
- super.removeSession(sessionId);
- try
- {
- deleteSession.setBytes(1, sessionId.getId());
- return deleteSession.executeUpdate() > 0;
- }
- catch (SQLException sqle)
- {
- }
- return false;
- }
-
- synchronized void notifyAccess(Session session)
- {
- try
- {
- updateTimestamp.setTimestamp(1, new Timestamp(session.getLastAccessedTime()));
- updateTimestamp.setBytes(2, session.getId());
- updateTimestamp.executeUpdate();
- }
- catch (SQLException sqle)
- {
- }
- }
-
- private byte[] certs(Certificate[] certs)
- {
- ByteArrayOutputStream out = new ByteArrayOutputStream(2048);
- for (int i = 0; i < certs.length; i++)
- {
- try
- {
- out.write(certs[i].getEncoded());
- }
- catch (Exception x)
- {
- }
- }
- return out.toByteArray();
- }
-}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ls...@us...> - 2007-01-07 12:47:50
|
Revision: 3018
http://jnode.svn.sourceforge.net/jnode/?rev=3018&view=rev
Author: lsantha
Date: 2007-01-07 04:47:49 -0800 (Sun, 07 Jan 2007)
Log Message:
-----------
Classpath patches.
Modified Paths:
--------------
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Alert.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/AlertException.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Certificate.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CertificateRequest.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CertificateType.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CertificateVerify.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CipherSuite.java
Added Paths:
-----------
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/AbstractHandshake.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Builder.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CertificateBuilder.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CertificateRequestBuilder.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CertificateStatusRequest.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CertificateStatusType.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CertificateURL.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CipherAlgorithm.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CipherSuiteList.java
Added: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/AbstractHandshake.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/AbstractHandshake.java (rev 0)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/AbstractHandshake.java 2007-01-07 12:47:49 UTC (rev 3018)
@@ -0,0 +1,1205 @@
+/* AbstractHandshake.java -- abstract handshake handler.
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.net.ssl.provider;
+
+import gnu.classpath.debug.Component;
+import gnu.classpath.debug.SystemLogger;
+import gnu.java.security.action.GetSecurityPropertyAction;
+import gnu.java.security.prng.IRandom;
+import gnu.java.security.prng.LimitReachedException;
+import gnu.java.security.util.ByteArray;
+import gnu.javax.security.auth.callback.CertificateCallback;
+import gnu.javax.security.auth.callback.DefaultCallbackHandler;
+
+import java.nio.ByteBuffer;
+import java.security.AccessController;
+import java.security.DigestException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.KeyManagementException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivilegedExceptionAction;
+import java.security.SecureRandom;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.zip.Deflater;
+import java.util.zip.Inflater;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyAgreement;
+import javax.crypto.Mac;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.interfaces.DHPrivateKey;
+import javax.crypto.interfaces.DHPublicKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import javax.net.ssl.SSLEngineResult;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.X509TrustManager;
+import javax.net.ssl.SSLEngineResult.HandshakeStatus;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.ConfirmationCallback;
+
+/**
+ * The base interface for handshake implementations. Concrete
+ * subclasses of this class (one for the server, one for the client)
+ * handle the HANDSHAKE content-type in communications.
+ */
+public abstract class AbstractHandshake
+{
+ protected static final SystemLogger logger = SystemLogger.SYSTEM;
+
+ /**
+ * "server finished" -- TLS 1.0 and later
+ */
+ protected static final byte[] SERVER_FINISHED
+ = new byte[] {
+ 115, 101, 114, 118, 101, 114, 32, 102, 105, 110, 105, 115,
+ 104, 101, 100
+ };
+
+ /**
+ * "client finished" -- TLS 1.0 and later
+ */
+ protected static final byte[] CLIENT_FINISHED
+ = new byte[] {
+ 99, 108, 105, 101, 110, 116, 32, 102, 105, 110, 105, 115,
+ 104, 101, 100
+ };
+
+ /**
+ * "key expansion" -- TLS 1.0 and later
+ */
+ private static final byte[] KEY_EXPANSION =
+ new byte[] { 107, 101, 121, 32, 101, 120, 112,
+ 97, 110, 115, 105, 111, 110 };
+
+ /**
+ * "master secret" -- TLS 1.0 and later
+ */
+ private static final byte[] MASTER_SECRET
+ = new byte[] {
+ 109, 97, 115, 116, 101, 114, 32, 115, 101, 99, 114, 101, 116
+ };
+
+ /**
+ * "client write key" -- TLS 1.0 exportable whitener.
+ */
+ private static final byte[] CLIENT_WRITE_KEY
+ = new byte[] {
+ 99, 108, 105, 101, 110, 116, 32, 119, 114, 105, 116, 101, 32, 107,
+ 101, 121
+ };
+
+ /**
+ * "server write key" -- TLS 1.0 exportable whitener.
+ */
+ private static final byte[] SERVER_WRITE_KEY
+ = new byte[] {
+ 115, 101, 114, 118, 101, 114, 32, 119, 114, 105, 116, 101, 32, 107,
+ 101, 121
+ };
+
+ private static final byte[] IV_BLOCK
+ = new byte[] {
+ 73, 86, 32, 98, 108, 111, 99, 107
+ };
+
+ /**
+ * SSL 3.0; the string "CLNT"
+ */
+ private static final byte[] SENDER_CLIENT
+ = new byte[] { 0x43, 0x4C, 0x4E, 0x54 };
+
+ /**
+ * SSL 3.0; the string "SRVR"
+ */
+ private static final byte[] SENDER_SERVER
+ = new byte[] { 0x53, 0x52, 0x56, 0x52 };
+
+ /**
+ * SSL 3.0; the value 0x36 40 (for SHA-1 hashes) or 48 (for MD5 hashes)
+ * times.
+ */
+ protected static final byte[] PAD1 = new byte[48];
+
+ /**
+ * SSL 3.0; the value 0x5c 40 (for SHA-1 hashes) or 48 (for MD5 hashes)
+ * times.
+ */
+ protected static final byte[] PAD2 = new byte[48];
+
+ static
+ {
+ Arrays.fill(PAD1, SSLHMac.PAD1);
+ Arrays.fill(PAD2, SSLHMac.PAD2);
+ }
+
+ /**
+ * The currently-read handshake messages. There may be zero, or
+ * multiple, handshake messages in this buffer.
+ */
+ protected ByteBuffer handshakeBuffer;
+
+ /**
+ * The offset into `handshakeBuffer' where the first unread
+ * handshake message resides.
+ */
+ protected int handshakeOffset;
+
+ protected MessageDigest sha;
+ protected MessageDigest md5;
+
+ protected final SSLEngineImpl engine;
+ protected KeyAgreement keyAgreement;
+ protected byte[] preMasterSecret;
+ protected InputSecurityParameters inParams;
+ protected OutputSecurityParameters outParams;
+ protected LinkedList<DelegatedTask> tasks;
+ protected Random serverRandom;
+ protected Random clientRandom;
+ protected CompressionMethod compression;
+
+ protected AbstractHandshake(SSLEngineImpl engine)
+ throws NoSuchAlgorithmException
+ {
+ this.engine = engine;
+ sha = MessageDigest.getInstance("SHA-1");
+ md5 = MessageDigest.getInstance("MD5");
+ tasks = new LinkedList<DelegatedTask>();
+ }
+
+ /**
+ * Handles the next input message in the handshake. This is called
+ * in response to a call to {@link javax.net.ssl.SSLEngine#unwrap}
+ * for a message with content-type HANDSHAKE.
+ *
+ * @param record The input record. The callee should not assume that
+ * the record's buffer is writable, and should not try to use it for
+ * output or temporary storage.
+ * @return An {@link SSLEngineResult} describing the result.
+ */
+ public final HandshakeStatus handleInput (ByteBuffer fragment)
+ throws SSLException
+ {
+ if (!tasks.isEmpty())
+ return HandshakeStatus.NEED_TASK;
+
+ HandshakeStatus status = status();
+ if (status != HandshakeStatus.NEED_UNWRAP)
+ return status;
+
+ // Try to read another...
+ if (!pollHandshake(fragment))
+ return HandshakeStatus.NEED_UNWRAP;
+
+ while (hasMessage() && status != HandshakeStatus.NEED_WRAP)
+ {
+ int pos = handshakeOffset;
+ status = implHandleInput();
+ int len = handshakeOffset - pos;
+ if (len == 0)
+ {
+ // Don't bother; the impl is just telling us to go around
+ // again.
+ continue;
+ }
+ if (doHash())
+ {
+ if (Debug.DEBUG)
+ logger.logv(Component.SSL_HANDSHAKE, "hashing output\n{0}",
+ Util.hexDump((ByteBuffer) handshakeBuffer
+ .duplicate().position(pos)
+ .limit(pos+len), " >> "));
+ sha.update((ByteBuffer) handshakeBuffer.duplicate()
+ .position(pos).limit(pos+len));
+ md5.update((ByteBuffer) handshakeBuffer.duplicate()
+ .position(pos).limit(pos+len));
+ }
+ }
+ return status;
+ }
+
+ /**
+ * Called to process more handshake data. This method will be called
+ * repeatedly while there is remaining handshake data, and while the
+ * status is
+ * @return
+ * @throws SSLException
+ */
+ protected abstract HandshakeStatus implHandleInput()
+ throws SSLException;
+
+ /**
+ * Produce more handshake output. This is called in response to a
+ * call to {@link javax.net.ssl.SSLEngine#wrap}, when the handshake
+ * is still in progress.
+ *
+ * @param record The output record; the callee should put its output
+ * handshake message (or a part of it) in the argument's
+ * <code>fragment</code>, and should set the record length
+ * appropriately.
+ * @return An {@link SSLEngineResult} describing the result.
+ */
+ public final HandshakeStatus handleOutput (ByteBuffer fragment)
+ throws SSLException
+ {
+ if (!tasks.isEmpty())
+ return HandshakeStatus.NEED_TASK;
+
+ int orig = fragment.position();
+ SSLEngineResult.HandshakeStatus status = implHandleOutput(fragment);
+ if (doHash())
+ {
+ if (Debug.DEBUG)
+ logger.logv(Component.SSL_HANDSHAKE, "hashing output:\n{0}",
+ Util.hexDump((ByteBuffer) fragment.duplicate().flip().position(orig), " >> "));
+ sha.update((ByteBuffer) fragment.duplicate().flip().position(orig));
+ md5.update((ByteBuffer) fragment.duplicate().flip().position(orig));
+ }
+ return status;
+ }
+
+ /**
+ * Called to implement the underlying output handling. The callee should
+ * attempt to fill the given buffer as much as it can; this can include
+ * multiple, and even partial, handshake messages.
+ *
+ * @param fragment The buffer the callee should write handshake messages to.
+ * @return The new status of the handshake.
+ * @throws SSLException If an error occurs processing the output message.
+ */
+ protected abstract SSLEngineResult.HandshakeStatus implHandleOutput (ByteBuffer fragment)
+ throws SSLException;
+
+ /**
+ * Return a new instance of input security parameters, initialized with
+ * the session key. It is, of course, only valid to invoke this method
+ * once the handshake is complete, and the session keys established.
+ *
+ * <p>In the presence of a well-behaving peer, this should be called once
+ * the <code>ChangeCipherSpec</code> message is recieved.
+ *
+ * @return The input parameters for the newly established session.
+ * @throws SSLException If the handshake is not complete.
+ */
+ final InputSecurityParameters getInputParams() throws SSLException
+ {
+ checkKeyExchange();
+ return inParams;
+ }
+
+ /**
+ * Return a new instance of output security parameters, initialized with
+ * the session key. This should be called after the
+ * <code>ChangeCipherSpec</code> message is sent to the peer.
+ *
+ * @return The output parameters for the newly established session.
+ * @throws SSLException If the handshake is not complete.
+ */
+ final OutputSecurityParameters getOutputParams() throws SSLException
+ {
+ checkKeyExchange();
+ return outParams;
+ }
+
+ /**
+ * Fetch a delegated task waiting to run, if any.
+ *
+ * @return The task.
+ */
+ final Runnable getTask()
+ {
+ if (tasks.isEmpty())
+ return null;
+ return tasks.removeFirst();
+ }
+
+ /**
+ * Used by the skeletal code to query the current status of the handshake.
+ * This <em>should</em> be the same value as returned by the previous call
+ * to {@link #implHandleOutput(ByteBuffer)} or {@link
+ * #implHandleInput(ByteBuffer)}.
+ *
+ * @return The current handshake status.
+ */
+ abstract HandshakeStatus status();
+
+ /**
+ * Check if the key exchange completed successfully, throwing an exception
+ * if not.
+ *
+ * <p>Note that we assume that the caller of our SSLEngine is correct, and
+ * that they did run the delegated tasks that encapsulate the key exchange.
+ * What we are primarily checking, therefore, is that no error occurred in the
+ * key exchange operation itself.
+ *
+ * @throws SSLException If the key exchange did not complete successfully.
+ */
+ abstract void checkKeyExchange() throws SSLException;
+
+ /**
+ * Handle an SSLv2 client hello. This is only used by SSL servers.
+ *
+ * @param hello The hello message.
+ */
+ abstract void handleV2Hello(ByteBuffer hello) throws SSLException;
+
+ /**
+ * Attempt to read the next handshake message from the given
+ * record. If only a partial handshake message is available, then
+ * this method saves the incoming bytes and returns false. If a
+ * complete handshake is read, or if there was one buffered in the
+ * handshake buffer, this method returns true, and `handshakeBuffer'
+ * can be used to read the handshake.
+ *
+ * @param record The input record.
+ * @return True if a complete handshake is present in the buffer;
+ * false if only a partial one.
+ */
+ protected boolean pollHandshake (final ByteBuffer fragment)
+ {
+ // Allocate space for the new fragment.
+ if (handshakeBuffer == null
+ || handshakeBuffer.remaining() < fragment.remaining())
+ {
+ // We need space for anything still unread in the handshake
+ // buffer...
+ int len = ((handshakeBuffer == null) ? 0
+ : handshakeBuffer.position() - handshakeOffset);
+
+ // Plus room for the incoming record.
+ len += fragment.remaining();
+ reallocateBuffer(len);
+ }
+
+ if (Debug.DEBUG)
+ logger.logv(Component.SSL_HANDSHAKE, "inserting {0} into {1}",
+ fragment, handshakeBuffer);
+
+ // Put the fragment into the buffer.
+ handshakeBuffer.put(fragment);
+
+ return hasMessage();
+ }
+
+ protected boolean doHash()
+ {
+ return true;
+ }
+
+ /**
+ * Tell if the handshake buffer currently has a full handshake
+ * message.
+ */
+ protected boolean hasMessage()
+ {
+ if (handshakeBuffer == null)
+ return false;
+ ByteBuffer tmp = handshakeBuffer.duplicate();
+ tmp.flip();
+ tmp.position(handshakeOffset);
+ if (Debug.DEBUG)
+ logger.logv(Component.SSL_HANDSHAKE, "current buffer: {0}; test buffer {1}",
+ handshakeBuffer, tmp);
+ if (tmp.remaining() < 4)
+ return false;
+ Handshake handshake = new Handshake(tmp.slice());
+ if (Debug.DEBUG)
+ logger.logv(Component.SSL_HANDSHAKE, "handshake len:{0} remaining:{1}",
+ handshake.length(), tmp.remaining());
+ return (handshake.length() <= tmp.remaining() - 4);
+ }
+
+ /**
+ * Reallocate the handshake buffer so it can hold `totalLen'
+ * bytes. The smallest buffer allocated is 1024 bytes, and the size
+ * doubles from there until the buffer is sufficiently large.
+ */
+ private void reallocateBuffer (final int totalLen)
+ {
+ int len = handshakeBuffer == null ? -1
+ : handshakeBuffer.capacity() - (handshakeBuffer.limit() - handshakeOffset);
+ if (len >= totalLen)
+ {
+ // Big enough; no need to reallocate; but maybe shift the contents
+ // down.
+ if (handshakeOffset > 0)
+ {
+ handshakeBuffer.flip().position(handshakeOffset);
+ handshakeBuffer.compact();
+ handshakeOffset = 0;
+ }
+ return;
+ }
+
+ // Start at 1K (probably the system's page size). Double the size
+ // from there.
+ len = 1024;
+ while (len < totalLen)
+ len = len << 1;
+ ByteBuffer newBuf = ByteBuffer.allocate (len);
+
+ // Copy the unread bytes from the old buffer.
+ if (handshakeBuffer != null)
+ {
+ handshakeBuffer.flip ();
+ handshakeBuffer.position(handshakeOffset);
+ newBuf.put(handshakeBuffer);
+ }
+ handshakeBuffer = newBuf;
+
+ // We just put only unread handshake messages in the new buffer;
+ // the offset of the next one is now zero.
+ handshakeOffset = 0;
+ }
+
+ /**
+ * Generate a certificate verify message for SSLv3. In SSLv3, a different
+ * algorithm was used to generate this value was subtly different than
+ * that used in TLSv1.0 and later. In TLSv1.0 and later, this value is
+ * just the digest over the handshake messages.
+ *
+ * <p>SSLv3 uses the algorithm:
+ *
+ * <pre>
+CertificateVerify.signature.md5_hash
+ MD5(master_secret + pad_2 +
+ MD5(handshake_messages + master_secret + pad_1));
+Certificate.signature.sha_hash
+ SHA(master_secret + pad_2 +
+ SHA(handshake_messages + master_secret + pad_1));</pre>
+ *
+ * @param md5 The running MD5 hash of the handshake.
+ * @param sha The running SHA-1 hash of the handshake.
+ * @param session The current session being negotiated.
+ * @return The computed to-be-signed value.
+ */
+ protected byte[] genV3CertificateVerify(MessageDigest md5,
+ MessageDigest sha,
+ SessionImpl session)
+ {
+ byte[] md5value = null;
+ if (session.suite.signatureAlgorithm() == SignatureAlgorithm.RSA)
+ {
+ md5.update(session.privateData.masterSecret);
+ md5.update(PAD1, 0, 48);
+ byte[] tmp = md5.digest();
+ md5.reset();
+ md5.update(session.privateData.masterSecret);
+ md5.update(PAD2, 0, 48);
+ md5.update(tmp);
+ md5value = md5.digest();
+ }
+
+ sha.update(session.privateData.masterSecret);
+ sha.update(PAD1, 0, 40);
+ byte[] tmp = sha.digest();
+ sha.reset();
+ sha.update(session.privateData.masterSecret);
+ sha.update(PAD2, 0, 40);
+ sha.update(tmp);
+ byte[] shavalue = sha.digest();
+
+ if (md5value != null)
+ return Util.concat(md5value, shavalue);
+
+ return shavalue;
+ }
+
+ /**
+ * Generate the session keys from the computed master secret.
+ *
+ * @param clientRandom The client's nonce.
+ * @param serverRandom The server's nonce.
+ * @param session The session being established.
+ * @return The derived keys.
+ */
+ protected byte[][] generateKeys(Random clientRandom, Random serverRandom,
+ SessionImpl session)
+ {
+ int maclen = 20; // SHA-1.
+ if (session.suite.macAlgorithm() == MacAlgorithm.MD5)
+ maclen = 16;
+ int ivlen = 0;
+ if (session.suite.cipherAlgorithm() == CipherAlgorithm.DES
+ || session.suite.cipherAlgorithm() == CipherAlgorithm.DESede)
+ ivlen = 8;
+ if (session.suite.cipherAlgorithm() == CipherAlgorithm.AES)
+ ivlen = 16;
+ int keylen = session.suite.keyLength();
+
+ byte[][] keys = new byte[6][];
+ keys[0] = new byte[maclen]; // client_write_MAC_secret
+ keys[1] = new byte[maclen]; // server_write_MAC_secret
+ keys[2] = new byte[keylen]; // client_write_key
+ keys[3] = new byte[keylen]; // server_write_key
+ keys[4] = new byte[ivlen]; // client_write_iv
+ keys[5] = new byte[ivlen]; // server_write_iv
+
+ IRandom prf = null;
+ if (session.version == ProtocolVersion.SSL_3)
+ {
+ byte[] seed = new byte[clientRandom.length()
+ + serverRandom.length()];
+ serverRandom.buffer().get(seed, 0, serverRandom.length());
+ clientRandom.buffer().get(seed, serverRandom.length(),
+ clientRandom.length());
+ prf = new SSLRandom();
+ HashMap<String,byte[]> attr = new HashMap<String,byte[]>(2);
+ attr.put(SSLRandom.SECRET, session.privateData.masterSecret);
+ attr.put(SSLRandom.SEED, seed);
+ prf.init(attr);
+ }
+ else
+ {
+ byte[] seed = new byte[KEY_EXPANSION.length
+ + clientRandom.length()
+ + serverRandom.length()];
+ System.arraycopy(KEY_EXPANSION, 0, seed, 0, KEY_EXPANSION.length);
+ serverRandom.buffer().get(seed, KEY_EXPANSION.length,
+ serverRandom.length());
+ clientRandom.buffer().get(seed, (KEY_EXPANSION.length
+ + serverRandom.length()),
+ clientRandom.length());
+
+ prf = new TLSRandom();
+ HashMap<String,byte[]> attr = new HashMap<String,byte[]>(2);
+ attr.put(TLSRandom.SECRET, session.privateData.masterSecret);
+ attr.put(TLSRandom.SEED, seed);
+ prf.init(attr);
+ }
+
+ try
+ {
+ prf.nextBytes(keys[0], 0, keys[0].length);
+ prf.nextBytes(keys[1], 0, keys[1].length);
+ prf.nextBytes(keys[2], 0, keys[2].length);
+ prf.nextBytes(keys[3], 0, keys[3].length);
+
+ if (session.suite.isExportable())
+ {
+ if (session.version == ProtocolVersion.SSL_3)
+ {
+ MessageDigest md5 = MessageDigest.getInstance("MD5");
+ md5.update(clientRandom.buffer());
+ md5.update(serverRandom.buffer());
+ byte[] d = md5.digest();
+ System.arraycopy(d, 0, keys[4], 0, keys[4].length);
+
+ md5.reset();
+ md5.update(serverRandom.buffer());
+ md5.update(clientRandom.buffer());
+ d = md5.digest();
+ System.arraycopy(d, 0, keys[5], 0, keys[5].length);
+
+ md5.reset();
+ md5.update(keys[2]);
+ md5.update(clientRandom.buffer());
+ md5.update(serverRandom.buffer());
+ keys[2] = Util.trim(md5.digest(), 8);
+
+ md5.reset();
+ md5.update(keys[3]);
+ md5.update(serverRandom.buffer());
+ md5.update(clientRandom.buffer());
+ keys[3] = Util.trim(md5.digest(), 8);
+ }
+ else
+ {
+ TLSRandom prf2 = new TLSRandom();
+ HashMap<String,byte[]> attr = new HashMap<String,byte[]>(2);
+ attr.put(TLSRandom.SECRET, keys[2]);
+ byte[] seed = new byte[CLIENT_WRITE_KEY.length +
+ clientRandom.length() +
+ serverRandom.length()];
+ System.arraycopy(CLIENT_WRITE_KEY, 0, seed, 0,
+ CLIENT_WRITE_KEY.length);
+ clientRandom.buffer().get(seed, CLIENT_WRITE_KEY.length,
+ clientRandom.length());
+ serverRandom.buffer().get(seed, CLIENT_WRITE_KEY.length
+ + clientRandom.length(),
+ serverRandom.length());
+ attr.put(TLSRandom.SEED, seed);
+ prf2.init(attr);
+ keys[2] = new byte[8];
+ prf2.nextBytes(keys[2], 0, keys[2].length);
+
+ attr.put(TLSRandom.SECRET, keys[3]);
+ seed = new byte[SERVER_WRITE_KEY.length +
+ serverRandom.length() +
+ clientRandom.length()];
+ System.arraycopy(SERVER_WRITE_KEY, 0, seed, 0,
+ SERVER_WRITE_KEY.length);
+ serverRandom.buffer().get(seed, SERVER_WRITE_KEY.length,
+ serverRandom.length());
+ clientRandom.buffer().get(seed, SERVER_WRITE_KEY.length
+ + serverRandom.length(),
+ + clientRandom.length());
+ attr.put(TLSRandom.SEED, seed);
+ prf2.init(attr);
+ keys[3] = new byte[8];
+ prf2.nextBytes(keys[3], 0, keys[3].length);
+
+ attr.put(TLSRandom.SECRET, new byte[0]);
+ seed = new byte[IV_BLOCK.length +
+ clientRandom.length() +
+ serverRandom.length()];
+ System.arraycopy(IV_BLOCK, 0, seed, 0, IV_BLOCK.length);
+ clientRandom.buffer().get(seed, IV_BLOCK.length,
+ clientRandom.length());
+ serverRandom.buffer().get(seed, IV_BLOCK.length
+ + clientRandom.length(),
+ serverRandom.length());
+ attr.put(TLSRandom.SEED, seed);
+ prf2.init(attr);
+ prf2.nextBytes(keys[4], 0, keys[4].length);
+ prf2.nextBytes(keys[5], 0, keys[5].length);
+ }
+ }
+ else
+ {
+ prf.nextBytes(keys[4], 0, keys[4].length);
+ prf.nextBytes(keys[5], 0, keys[5].length);
+ }
+ }
+ catch (LimitReachedException lre)
+ {
+ // Won't happen with our implementation.
+ throw new Error(lre);
+ }
+ catch (NoSuchAlgorithmException nsae)
+ {
+ throw new Error(nsae);
+ }
+
+ if (Debug.DEBUG_KEY_EXCHANGE)
+ logger.logv(Component.SSL_KEY_EXCHANGE,
+ "keys generated;\n [0]: {0}\n [1]: {1}\n [2]: {2}\n" +
+ " [3]: {3}\n [4]: {4}\n [5]: {5}",
+ Util.toHexString(keys[0], ':'),
+ Util.toHexString(keys[1], ':'),
+ Util.toHexString(keys[2], ':'),
+ Util.toHexString(keys[3], ':'),
+ Util.toHexString(keys[4], ':'),
+ Util.toHexString(keys[5], ':'));
+ return keys;
+ }
+
+ /**
+ * Generate a "finished" message. The hashes passed in are modified
+ * by this function, so they should be clone copies of the digest if
+ * the hash function needs to be used more.
+ *
+ * @param md5 The MD5 computation.
+ * @param sha The SHA-1 computation.
+ * @param isClient Whether or not the client-side finished message is
+ * being computed.
+ * @param session The current session.
+ * @return A byte buffer containing the computed finished message.
+ */
+ protected ByteBuffer generateFinished(MessageDigest md5,
+ MessageDigest sha,
+ boolean isClient,
+ SessionImpl session)
+ {
+ ByteBuffer finishedBuffer = null;
+ if (session.version.compareTo(ProtocolVersion.TLS_1) >= 0)
+ {
+ finishedBuffer = ByteBuffer.allocate(12);
+ TLSRandom prf = new TLSRandom();
+ byte[] md5val = md5.digest();
+ byte[] shaval = sha.digest();
+ if (Debug.DEBUG)
+ logger.logv(Component.SSL_HANDSHAKE, "finished md5:{0} sha:{1}",
+ Util.toHexString(md5val, ':'),
+ Util.toHexString(shaval, ':'));
+ byte[] seed = new byte[CLIENT_FINISHED.length
+ + md5val.length
+ + shaval.length];
+ if (isClient)
+ System.arraycopy(CLIENT_FINISHED, 0, seed, 0, CLIENT_FINISHED.length);
+ else
+ System.arraycopy(SERVER_FINISHED, 0, seed, 0, SERVER_FINISHED.length);
+ System.arraycopy(md5val, 0,
+ seed, CLIENT_FINISHED.length,
+ md5val....
[truncated message content] |
|
From: <ls...@us...> - 2007-01-07 12:48:36
|
Revision: 3019
http://jnode.svn.sourceforge.net/jnode/?rev=3019&view=rev
Author: lsantha
Date: 2007-01-07 04:48:35 -0800 (Sun, 07 Jan 2007)
Log Message:
-----------
Classpath patches.
Modified Paths:
--------------
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientHello.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientKeyExchange.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CompressionMethod.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Constructed.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ContentType.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/DiffieHellman.java
Added Paths:
-----------
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientCertificateTypeList.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientDHE_PSKParameters.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientDiffieHellmanPublic.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientHandshake.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientHelloBuilder.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientHelloV2.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientKeyExchangeBuilder.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientPSKParameters.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientRSA_PSKParameters.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/CompressionMethodList.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Debug.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/DelegatedTask.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/EmptyExchangeKeys.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/EncryptedPreMasterSecret.java
Added: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientCertificateTypeList.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientCertificateTypeList.java (rev 0)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientCertificateTypeList.java 2007-01-07 12:48:35 UTC (rev 3019)
@@ -0,0 +1,227 @@
+/* ClientCertificateTypeList.java -- A list of certificate types.
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.net.ssl.provider;
+
+import gnu.javax.net.ssl.provider.CertificateRequest.ClientCertificateType;
+
+import java.io.PrintWriter;
+import java.io.StringWriter;
+
+import java.nio.ByteBuffer;
+
+import java.util.ConcurrentModificationException;
+import java.util.ListIterator;
+import java.util.NoSuchElementException;
+
+public class ClientCertificateTypeList implements Iterable<ClientCertificateType>
+{
+ private final ByteBuffer buffer;
+ private int modCount;
+
+ public ClientCertificateTypeList (final ByteBuffer buffer)
+ {
+ this.buffer = buffer;
+ modCount = 0;
+ }
+
+ public int size ()
+ {
+ return (buffer.get (0) & 0xFF);
+ }
+
+ public CertificateRequest.ClientCertificateType get (final int index)
+ {
+ int size = size ();
+ if (index < 0 || index >= size)
+ throw new IndexOutOfBoundsException ("limit: " + size
+ + "; requested: " + index);
+ return CertificateRequest.ClientCertificateType.forValue
+ (buffer.get (index + 1) & 0xFF);
+ }
+
+ public java.util.Iterator<ClientCertificateType> iterator()
+ {
+ return new Iterator();
+ }
+
+ public void put (final int index, final CertificateRequest.ClientCertificateType type)
+ {
+ int size = size ();
+ if (index < 0 || index >= size)
+ throw new IndexOutOfBoundsException ("limit: " + size
+ + "; requested: " + index);
+ buffer.put (index + 1, (byte) type.getValue ());
+ modCount++;
+ }
+
+ public void setSize (final int newSize)
+ {
+ if (newSize < 0 || newSize > 255)
+ throw new IllegalArgumentException ("size must be between 0 and 255");
+ if (newSize + 1 > buffer.capacity ())
+ throw new IllegalArgumentException ("limit: " + (buffer.capacity () - 1)
+ + "; requested: " + newSize);
+ buffer.put (0, (byte) newSize);
+ modCount++;
+ }
+
+ public String toString ()
+ {
+ return toString (null);
+ }
+
+ public String toString (final String prefix)
+ {
+ StringWriter str = new StringWriter ();
+ PrintWriter out = new PrintWriter (str);
+ if (prefix != null) out.print (prefix);
+ out.print ("[");
+ out.print (size ());
+ out.println ("] {");
+ for (Iterator it = new Iterator (); it.hasNext (); )
+ {
+ if (prefix != null) out.print (prefix);
+ out.print (" ");
+ out.print (it.next ());
+ if (it.hasNext ())
+ out.print (",");
+ out.println ();
+ }
+ if (prefix != null) out.print (prefix);
+ out.println ("};");
+ return str.toString ();
+ }
+
+ public boolean equals (Object o)
+ {
+ if (!(o instanceof ClientCertificateTypeList))
+ return false;
+ ClientCertificateTypeList that = (ClientCertificateTypeList) o;
+
+ if (size () != that.size ())
+ return false;
+
+ for (Iterator it1 = new Iterator (), it2 = that.new Iterator ();
+ it1.hasNext () && it2.hasNext (); )
+ {
+ if (!it1.next ().equals (it2.next ()))
+ return false;
+ }
+ return true;
+ }
+
+ public class Iterator implements ListIterator<CertificateRequest.ClientCertificateType>
+ {
+ private int index;
+ private final int modCount;
+
+ Iterator ()
+ {
+ index = 0;
+ modCount = ClientCertificateTypeList.this.modCount;
+ }
+
+ public void add (CertificateRequest.ClientCertificateType type)
+ {
+ throw new UnsupportedOperationException ();
+ }
+
+ public boolean hasNext ()
+ {
+ return (index < size ());
+ }
+
+ public boolean hasPrevious ()
+ {
+ return (index > 0);
+ }
+
+ public CertificateRequest.ClientCertificateType next () throws NoSuchElementException
+ {
+ if (modCount != ClientCertificateTypeList.this.modCount)
+ throw new ConcurrentModificationException ();
+ try
+ {
+ return get (index++);
+ }
+ catch (IndexOutOfBoundsException ioobe)
+ {
+ throw new NoSuchElementException ();
+ }
+ }
+
+ public int nextIndex ()
+ {
+ if (hasNext ())
+ return (index + 1);
+ return -1;
+ }
+
+ public CertificateRequest.ClientCertificateType previous () throws NoSuchElementException
+ {
+ if (index == 0)
+ throw new NoSuchElementException ();
+ if (modCount != ClientCertificateTypeList.this.modCount)
+ throw new ConcurrentModificationException ();
+ try
+ {
+ return get (--index);
+ }
+ catch (IndexOutOfBoundsException ioobe)
+ {
+ throw new NoSuchElementException ();
+ }
+ }
+
+ public int previousIndex ()
+ {
+ return (index - 1);
+ }
+
+ public void remove ()
+ {
+ throw new UnsupportedOperationException ();
+ }
+
+ public void set (final CertificateRequest.ClientCertificateType type)
+ {
+ put (index, type);
+ }
+ }
+}
\ No newline at end of file
Added: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientDHE_PSKParameters.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientDHE_PSKParameters.java (rev 0)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientDHE_PSKParameters.java 2007-01-07 12:48:35 UTC (rev 3019)
@@ -0,0 +1,122 @@
+/* ClientDHE_PSKParameters.java --
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.net.ssl.provider;
+
+import java.nio.ByteBuffer;
+import java.nio.charset.Charset;
+
+/**
+ * <pre>
+ struct {
+ select (KeyExchangeAlgorithm) {
+ /* other cases for rsa, diffie_hellman, etc. */
+ case diffie_hellman_psk: /* NEW */
+ opaque psk_identity<0..2^16-1>;
+ ClientDiffieHellmanPublic public;
+ } exchange_keys;
+ } ClientKeyExchange;</pre>
+ *
+ * @author Casey Marshall (cs...@gn...)
+ */
+public class ClientDHE_PSKParameters extends ExchangeKeys implements Builder, Constructed
+{
+ public ClientDHE_PSKParameters(ByteBuffer buffer)
+ {
+ super(buffer);
+ }
+
+ public ClientDHE_PSKParameters(String identity, ClientDiffieHellmanPublic dh)
+ {
+ super(null);
+ Charset utf8 = Charset.forName("UTF-8");
+ ByteBuffer idBuf = utf8.encode(identity);
+ buffer = ByteBuffer.allocate(2 + idBuf.remaining() + dh.length());
+ buffer.putShort((short) idBuf.remaining());
+ buffer.put(idBuf);
+ buffer.put(dh.buffer());
+ buffer.rewind();
+ }
+
+ /* (non-Javadoc)
+ * @see gnu.javax.net.ssl.provider.Builder#buffer()
+ */
+ public ByteBuffer buffer()
+ {
+ return (ByteBuffer) buffer.duplicate().rewind().limit(length());
+ }
+
+ private int identityLength()
+ {
+ return (buffer.getShort(0) & 0xFFFF) + 2;
+ }
+
+ public String identity()
+ {
+ Charset utf8 = Charset.forName("UTF-8");
+ return utf8.decode((ByteBuffer) buffer.duplicate().position(2).limit
+ (identityLength())).toString();
+ }
+
+ /* (non-Javadoc)
+ * @see gnu.javax.net.ssl.provider.Constructed#length()
+ */
+ public int length()
+ {
+ int length = (buffer.getShort(0) & 0xFFFF) + 2;
+ // XXX always explicit?
+ length += (buffer.getShort(length) & 0xFFFF) + 2;
+ return length;
+ }
+
+ public ClientDiffieHellmanPublic params()
+ {
+ return new ClientDiffieHellmanPublic(((ByteBuffer) buffer.duplicate()
+ .position(identityLength()).limit(length())).slice());
+ }
+
+ /* (non-Javadoc)
+ * @see gnu.javax.net.ssl.provider.Constructed#toString(java.lang.String)
+ */
+ public String toString(String prefix)
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+}
Added: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientDiffieHellmanPublic.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientDiffieHellmanPublic.java (rev 0)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientDiffieHellmanPublic.java 2007-01-07 12:48:35 UTC (rev 3019)
@@ -0,0 +1,129 @@
+/* ClientDiffieHellmanPublic.java -- Client Diffie-Hellman value.
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.net.ssl.provider;
+
+import java.io.PrintWriter;
+import java.io.StringWriter;
+
+import java.math.BigInteger;
+
+import java.nio.ByteBuffer;
+
+/**
+ * The client's explicit Diffie Hellman value.
+ *
+ * <pre>
+struct {
+ select (PublicValueEncoding) {
+ case implicit: struct { };
+ case explicit: opaque dh_Yc<1..2^16-1>;
+ } dh_public;
+} ClientDiffieHellmanPublic;</pre>
+ */
+public class ClientDiffieHellmanPublic extends ExchangeKeys implements Builder
+{
+ public ClientDiffieHellmanPublic(final ByteBuffer buffer)
+ {
+ super(buffer);
+ }
+
+ public ClientDiffieHellmanPublic(final BigInteger Yc)
+ {
+ super(wrap(Yc));
+ }
+
+ private static ByteBuffer wrap(BigInteger Yc)
+ {
+ byte[] b = Util.trim(Yc);
+ ByteBuffer ret = ByteBuffer.allocate(b.length + 2);
+ ret.putShort((short) b.length);
+ ret.put(b);
+ return (ByteBuffer) ret.rewind();
+ }
+
+ public ByteBuffer buffer()
+ {
+ return (ByteBuffer) buffer.duplicate().rewind().limit(length());
+ }
+
+ public BigInteger publicValue()
+ {
+ int len = length() - 2;
+ byte[] b = new byte[len];
+ buffer.position(2);
+ buffer.get(b);
+ buffer.rewind();
+ return new BigInteger(1, b);
+ }
+
+ public void setPublicValue(final BigInteger Yc)
+ {
+ byte[] buf = Util.trim(Yc);
+ if (buffer.capacity() < buf.length + 2)
+ buffer = ByteBuffer.allocate(buf.length + 2);
+ buffer.putShort((short) buf.length);
+ buffer.put(buf);
+ buffer.rewind();
+ }
+
+ public int length ()
+ {
+ return (buffer.getShort(0) & 0xFFFF) + 2;
+ }
+
+ public String toString ()
+ {
+ return toString (null);
+ }
+
+ public String toString (final String prefix)
+ {
+ StringWriter str = new StringWriter ();
+ PrintWriter out = new PrintWriter (str);
+ if (prefix != null) out.print (prefix);
+ out.println ("struct {");
+ if (prefix != null) out.print (prefix);
+ out.print (" dh_Yc = ");
+ out.print (publicValue ().toString (16));
+ out.println (';');
+ if (prefix != null) out.print (prefix);
+ out.print ("} ClientDiffieHellmanPublic;");
+ return str.toString ();
+ }
+}
Added: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientHandshake.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientHandshake.java (rev 0)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ClientHandshake.java 2007-01-07 12:48:35 UTC (rev 3019)
@@ -0,0 +1,1150 @@
+/* ClientHandshake.java --
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.net.ssl.provider;
+
+import static gnu.javax.net.ssl.provider.ClientHandshake.State.*;
+import static gnu.javax.net.ssl.provider.KeyExchangeAlgorithm.*;
+
+import gnu.classpath.debug.Component;
+import gnu.java.security.action.GetSecurityPropertyAction;
+import gnu.javax.crypto.key.dh.GnuDHPublicKey;
+import gnu.javax.net.ssl.AbstractSessionContext;
+import gnu.javax.net.ssl.Session;
+import gnu.javax.net.ssl.provider.Alert.Description;
+import gnu.javax.net.ssl.provider.Alert.Level;
+import gnu.javax.net.ssl.provider.CertificateRequest.ClientCertificateType;
+import gnu.javax.net.ssl.provider.ServerNameList.NameType;
+import gnu.javax.net.ssl.provider.ServerNameList.ServerName;
+
+import java.nio.ByteBuffer;
+import java.security.AccessController;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.KeyManagementException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.SignatureException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.security.interfaces.RSAPublicKey;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.zip.Deflater;
+import java.util.zip.Inflater;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.interfaces.DHPrivateKey;
+import javax.crypto.interfaces.DHPublicKey;
+import javax.crypto.spec.DHParameterSpec;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.X509ExtendedKeyManager;
+import javax.net.ssl.SSLEngineResult.HandshakeStatus;
+import javax.security.auth.x500.X500Principal;
+
+/**
+ * @author Casey Marshall (cs...@gn...)
+ */
+public class ClientHandshake extends AbstractHandshake
+{
+ static enum State
+ {
+ WRITE_CLIENT_HELLO (false, true),
+ READ_SERVER_HELLO (true, false),
+ READ_CERTIFICATE (true, false),
+ READ_SERVER_KEY_EXCHANGE (true, false),
+ READ_CERTIFICATE_REQUEST (true, false),
+ READ_SERVER_HELLO_DONE (true, false),
+ WRITE_CERTIFICATE (false, true),
+ WRITE_CLIENT_KEY_EXCHANGE (false, true),
+ WRITE_CERTIFICATE_VERIFY (false, true),
+ WRITE_FINISHED (false, true),
+ READ_FINISHED (true, false),
+ DONE (false, false);
+
+ private final boolean isWriteState;
+ private final boolean isReadState;
+
+ private State(boolean isReadState, boolean isWriteState)
+ {
+ this.isReadState = isReadState;
+ this.isWriteState = isWriteState;
+ }
+
+ boolean isReadState()
+ {
+ return isReadState;
+ }
+
+ boolean isWriteState()
+ {
+ return isWriteState;
+ }
+ }
+
+ private State state;
+ private ByteBuffer outBuffer;
+ private boolean continuedSession;
+ private SessionImpl continued;
+ private KeyPair dhPair;
+ private String keyAlias;
+ private PrivateKey privateKey;
+ private MaxFragmentLength maxFragmentLengthSent;
+ private boolean truncatedHMacSent;
+ private ProtocolVersion sentVersion;
+
+ // Delegated tasks.
+ private CertVerifier certVerifier;
+ private ParamsVerifier paramsVerifier;
+ private DelegatedTask keyExchange;
+ private CertLoader certLoader;
+ private GenCertVerify genCertVerify;
+
+ public ClientHandshake(SSLEngineImpl engine) throws NoSuchAlgorithmException
+ {
+ super(engine);
+ state = WRITE_CLIENT_HELLO;
+ continuedSession = false;
+ }
+
+ /* (non-Javadoc)
+ * @see gnu.javax.net.ssl.provider.AbstractHandshake#implHandleInput()
+ */
+ @Override protected HandshakeStatus implHandleInput() throws SSLException
+ {
+ if (state == DONE)
+ return HandshakeStatus.FINISHED;
+
+ if (state.isWriteState()
+ || (outBuffer != null && outBuffer.hasRemaining()))
+ return HandshakeStatus.NEED_WRAP;
+
+ // Copy the current buffer, and prepare it for reading.
+ ByteBuffer buffer = handshakeBuffer.duplicate ();
+ buffer.flip();
+ buffer.position(handshakeOffset);
+
+ Handshake handshake = new Handshake(buffer.slice(),
+ engine.session().suite,
+ engine.session().version);
+
+ if (Debug.DEBUG)
+ logger.logv(Component.SSL_HANDSHAKE, "processing in state {0}:\n{1}",
+ state, handshake);
+
+ switch (state)
+ {
+ // Server Hello.
+ case READ_SERVER_HELLO:
+ {
+ if (handshake.type() != Handshake.Type.SERVER_HELLO)
+ throw new AlertException(new Alert(Alert.Level.FATAL,
+ Alert.Description.UNEXPECTED_MESSAGE));
+ ServerHello hello = (ServerHello) handshake.body();
+ serverRandom = hello.random().copy();
+ engine.session().suite = hello.cipherSuite();
+ engine.session().version = hello.version();
+ compression = hello.compressionMethod();
+ Session.ID serverId = new Session.ID(hello.sessionId());
+ if (continued != null
+ && continued.id().equals(serverId))
+ {
+ continuedSession = true;
+ engine.setSession(continued);
+ }
+ else if (engine.getEnableSessionCreation())
+ {
+ ((AbstractSessionContext) engine.contextImpl
+ .engineGetClientSessionContext()).put(engine.session());
+ }
+ ExtensionList extensions = hello.extensions();
+ if (extensions != null)
+ {
+ for (Extension extension : extensions)
+ {
+ Extension.Type type = extension.type();
+ if (type == null)
+ continue;
+ switch (type)
+ {
+ case MAX_FRAGMENT_LENGTH:
+ MaxFragmentLength mfl
+ = (MaxFragmentLength) extension.value();
+ if (maxFragmentLengthSent == mfl)
+ engine.session().setApplicationBufferSize(mfl.maxLength());
+ break;
+
+ case TRUNCATED_HMAC:
+ if (truncatedHMacSent)
+ engine.session().setTruncatedMac(true);
+ break;
+ }
+ }
+ }
+
+ KeyExchangeAlgorithm kex = engine.session().suite.keyExchangeAlgorithm();
+ if (continuedSession)
+ {
+ byte[][] keys = generateKeys(clientRandom, serverRandom,
+ engine.session());
+ setupSecurityParameters(keys, true, engine, compression);
+ state = READ_FINISHED;
+ }
+ else if (kex == RSA || kex == DH_DSS || kex == DH_RSA
+ || kex == DHE_DSS || kex == DHE_RSA || kex == RSA_PSK)
+ state = READ_CERTIFICATE;
+ else if (kex == DH_anon || kex == PSK || kex == DHE_PSK)
+ state = READ_SERVER_KEY_EXCHANGE;
+ else
+ state = READ_CERTIFICATE_REQUEST;
+ }
+ break;
+
+ // Server Certificate.
+ case READ_CERTIFICATE:
+ {
+ if (handshake.type() != Handshake.Type.CERTIFICATE)
+ {
+ // We need a certificate for non-anonymous suites.
+ if (engine.session().suite.signatureAlgorithm() != SignatureAlgorithm.ANONYMOUS)
+ throw new AlertException(new Alert(Level.FATAL,
+ Description.UNEXPECTED_MESSAGE));
+ state = READ_SERVER_KEY_EXCHANGE;
+ }
+ Certificate cert = (Certificate) handshake.body();
+ X509Certificate[] chain = null;
+ try
+ {
+ chain = cert.certificates().toArray(new X509Certificate[0]);
+ }
+ catch (CertificateException ce)
+ {
+ throw new AlertException(new Alert(Level.FATAL,
+ Description.BAD_CERTIFICATE),
+ ce);
+ }
+ catch (NoSuchAlgorithmException nsae)
+ {
+ throw new AlertException(new Alert(Level.FATAL,
+ Description.UNSUPPORTED_CERTIFICATE),
+ nsae);
+ }
+ engine.session().setPeerCertificates(chain);
+ certVerifier = new CertVerifier(true, chain);
+ tasks.add(certVerifier);
+
+ // If we are doing an RSA key exchange, generate our parameters.
+ KeyExchangeAlgorithm kea = engine.session().suite.keyExchangeAlgorithm();
+ if (kea == RSA || kea == RSA_PSK)
+ {
+ keyExchange = new RSAGen(kea == RSA);
+ tasks.add(keyExchange);
+ if (kea == RSA)
+ state = READ_CERTIFICATE_REQUEST;
+ else
+ state = READ_SERVER_KEY_EXCHANGE;
+ }
+ else
+ state = READ_SERVER_KEY_EXCHANGE;
+ }
+ break;
+
+ // Server Key Exchange.
+ case READ_SERVER_KEY_EXCHANGE:
+ {
+ CipherSuite s = engine.session().suite;
+ KeyExchangeAlgorithm kexalg = s.keyExchangeAlgorithm();
+ // XXX also SRP.
+ if (kexalg != DHE_DSS && kexalg != DHE_RSA && kexalg != DH_anon
+ && kexalg != DHE_PSK && kexalg != PSK && kexalg != RSA_PSK)
+ throw new AlertException(new Alert(Level.FATAL,
+ Descrip...
[truncated message content] |
|
From: <ls...@us...> - 2007-01-07 12:50:41
|
Revision: 3020
http://jnode.svn.sourceforge.net/jnode/?rev=3020&view=rev
Author: lsantha
Date: 2007-01-07 04:50:40 -0800 (Sun, 07 Jan 2007)
Log Message:
-----------
Classpath patches.
Modified Paths:
--------------
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Extension.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Finished.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Handshake.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Jessie.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ProtocolVersion.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Random.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerHello.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerKeyExchange.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Signature.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Util.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/X509KeyManagerFactory.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/X509TrustManagerFactory.java
Added Paths:
-----------
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ExchangeKeys.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ExtensionList.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/HelloRequest.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/InputSecurityParameters.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/KeyExchangeAlgorithm.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/MacAlgorithm.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/MaxFragmentLength.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/OutputSecurityParameters.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/PreSharedKeyManagerFactoryImpl.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Record.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLContextImpl.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLEngineImpl.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLRSASignatureImpl.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLServerSocketFactoryImpl.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLServerSocketImpl.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLSocketFactoryImpl.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLSocketImpl.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerDHParams.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerHandshake.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerHelloBuilder.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerHelloDone.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerKeyExchangeBuilder.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerKeyExchangeParams.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerNameList.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerPSKParameters.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerRSAParams.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ServerRSA_PSKParameters.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SessionImpl.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SignatureAlgorithm.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SimpleSessionContext.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/TruncatedHMAC.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/TrustedAuthorities.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/UnresolvedExtensionValue.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/X500PrincipalList.java
Removed Paths:
-------------
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Context.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/DigestInputStream.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/DigestOutputStream.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Enumerated.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Extensions.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/GNUSecurityParameters.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/JCESecurityParameters.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/JessieDHPrivateKey.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/JessieDHPublicKey.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/JessieRSAPrivateKey.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/JessieRSAPublicKey.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/KeyPool.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/OverflowException.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/RecordInput.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/RecordInputStream.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/RecordOutputStream.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/RecordingInputStream.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLRSASignature.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLServerSocket.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLServerSocketFactory.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLSocket.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLSocketFactory.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLSocketInputStream.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SSLSocketOutputStream.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SecurityParameters.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Session.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SessionContext.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/SynchronizedRandom.java
trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/XMLSessionContext.java
Deleted: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Context.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Context.java 2007-01-07 12:48:35 UTC (rev 3019)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Context.java 2007-01-07 12:50:40 UTC (rev 3020)
@@ -1,330 +0,0 @@
-/* Context.java -- SSLContext implementation.
- Copyright (C) 2006 Free Software Foundation, Inc.
-
-This file is a part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or (at
-your option) any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; if not, write to the Free Software
-Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
-USA
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library. Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module. An independent module is a module which is not derived from
-or based on this library. If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so. If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package gnu.javax.net.ssl.provider;
-
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyStoreException;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.SecureRandom;
-import java.security.UnrecoverableKeyException;
-
-import javax.net.ssl.KeyManager;
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLContextSpi;
-import javax.net.ssl.SSLSessionContext;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-import javax.net.ssl.X509KeyManager;
-import javax.net.ssl.X509TrustManager;
-
-import gnu.javax.net.ssl.NullManagerParameters;
-import gnu.javax.net.ssl.SRPTrustManager;
-import gnu.javax.net.ssl.StaticTrustAnchors;
-
-/**
- * This is Jessie's implementation of a {@link javax.net.ssl.SSLContext}
- * engine, and is available under the algorithm names ``SSLv3'', ``SSL'',
- * ``TLSv1'', and ``TLS''.
- */
-public final class Context extends SSLContextSpi
-{
-
- // Fields.
- // -------------------------------------------------------------------------
-
- private SessionContext clientSessions;
- private SessionContext serverSessions;
- private X509KeyManager keyManager;
- private X509TrustManager trustManager;
- private SRPTrustManager srpTrustManager;
- private SecureRandom random;
-
- // Constructor.
- // -------------------------------------------------------------------------
-
- public Context()
- {
- String codec = Util.getSecurityProperty("jessie.clientSessionContext.codec");
- String codecClass = null;
- if (codec == null)
- {
- codec = "null";
- }
- if (codec.equalsIgnoreCase("xml"))
- {
- codecClass = "gnu.javax.net.ssl.provider.XMLSessionContext";
- }
- else if (codec.equalsIgnoreCase("jdbc"))
- {
- codecClass = "gnu.javax.net.ssl.provider.JDBCSessionContext";
- }
- else if (codec.equalsIgnoreCase("null"))
- {
- codecClass = "gnu.javax.net.ssl.provider.SessionContext";
- }
- else
- {
- throw new IllegalArgumentException("no such codec: " + codec);
- }
- try
- {
- ClassLoader cl = Context.class.getClassLoader();
- if (cl == null)
- {
- cl = ClassLoader.getSystemClassLoader();
- }
- clientSessions = (SessionContext) cl.loadClass(codecClass).newInstance();
- }
- catch (Exception ex)
- {
- ex.printStackTrace();
- throw new IllegalArgumentException(ex.toString());
- }
-
- codec = Util.getSecurityProperty("jessie.serverSessionContext.codec");
- if (codec == null)
- {
- codec = "null";
- }
- if (codec.equalsIgnoreCase("xml"))
- {
- codecClass = "gnu.javax.net.ssl.provider.XMLSessionContext";
- }
- else if (codec.equalsIgnoreCase("jdbc"))
- {
- codecClass = "gnu.javax.net.ssl.provider.JDBCSessionContext";
- }
- else if (codec.equalsIgnoreCase("null"))
- {
- codecClass = "gnu.javax.net.ssl.provider.SessionContext";
- }
- else
- {
- throw new IllegalArgumentException("no such codec: " + codec);
- }
- try
- {
- ClassLoader cl = Context.class.getClassLoader();
- if (cl == null)
- {
- cl = ClassLoader.getSystemClassLoader();
- }
- serverSessions = (SessionContext) cl.loadClass(codecClass).newInstance();
- }
- catch (Exception ex)
- {
- ex.printStackTrace();
- throw new IllegalArgumentException(ex.toString());
- }
- }
-
- // Engine methods.
- // -------------------------------------------------------------------------
-
- protected SSLSessionContext engineGetClientSessionContext()
- {
- return clientSessions;
- }
-
- protected SSLSessionContext engineGetServerSessionContext()
- {
- return serverSessions;
- }
-
- protected javax.net.ssl.SSLServerSocketFactory engineGetServerSocketFactory()
- {
- if (keyManager == null || (trustManager == null && srpTrustManager == null)
- || random == null)
- {
- throw new IllegalStateException();
- }
- return new SSLServerSocketFactory(trustManager, srpTrustManager, keyManager,
- random, serverSessions);
- }
-
- protected javax.net.ssl.SSLSocketFactory engineGetSocketFactory()
- {
- if (keyManager == null || trustManager == null || random == null)
- {
- throw new IllegalStateException();
- }
- return new SSLSocketFactory(trustManager, keyManager, random, clientSessions);
- }
-
- protected void engineInit(KeyManager[] keyManagers,
- TrustManager[] trustManagers, SecureRandom random)
- throws KeyManagementException
- {
- keyManager = null;
- trustManager = null;
- srpTrustManager = null;
- if (keyManagers != null)
- {
- for (int i = 0; i < keyManagers.length; i++)
- {
- if (keyManagers[i] instanceof X509KeyManager)
- {
- keyManager = (X509KeyManager) keyManagers[i];
- break;
- }
- }
- }
- if (keyManager == null)
- {
- keyManager = defaultKeyManager();
- }
- if (trustManagers != null)
- {
- for (int i = 0; i < trustManagers.length; i++)
- {
- if (trustManagers[i] instanceof X509TrustManager)
- {
- if (trustManager == null)
- {
- trustManager = (X509TrustManager) trustManagers[i];
- }
- }
- else if (trustManagers[i] instanceof SRPTrustManager)
- {
- if (srpTrustManager == null)
- {
- srpTrustManager = (SRPTrustManager) trustManagers[i];
- }
- }
- }
- }
- if (trustManager == null && srpTrustManager == null)
- {
- trustManager = defaultTrustManager();
- }
- if (random != null)
- {
- this.random = random;
- }
- else
- {
- this.random = defaultRandom();
- }
- }
-
- // Own methods.
- // -------------------------------------------------------------------------
-
- private X509KeyManager defaultKeyManager() throws KeyManagementException
- {
- KeyManagerFactory fact = null;
- try
- {
- fact = KeyManagerFactory.getInstance("JessieX509", "Jessie");
- }
- catch (NoSuchAlgorithmException nsae)
- {
- throw new KeyManagementException();
- }
- catch (NoSuchProviderException nspe)
- {
- throw new KeyManagementException();
- }
- try
- {
- fact.init(null, null);
- return (X509KeyManager) fact.getKeyManagers()[0];
- }
- catch (NoSuchAlgorithmException nsae) { }
- catch (KeyStoreException kse) { }
- catch (UnrecoverableKeyException uke) { }
- catch (IllegalStateException ise) { }
-
- try
- {
- fact.init(new NullManagerParameters());
- return (X509KeyManager) fact.getKeyManagers()[0];
- }
- catch (Exception shouldNotHappen)
- {
- throw new Error(shouldNotHappen.toString());
- }
- }
-
- private X509TrustManager defaultTrustManager() throws KeyManagementException
- {
- try
- {
- TrustManagerFactory fact =
- TrustManagerFactory.getInstance("JessieX509", "Jessie");
- fact.init(StaticTrustAnchors.CA_CERTS);
- return (X509TrustManager) fact.getTrustManagers()[0];
- }
- catch (NoSuchAlgorithmException nsae)
- {
- throw new KeyManagementException(nsae.toString());
- }
- catch (NoSuchProviderException nspe)
- {
- throw new KeyManagementException(nspe.toString());
- }
- catch (InvalidAlgorithmParameterException kse)
- {
- throw new KeyManagementException(kse.toString());
- }
- }
-
- private SecureRandom defaultRandom() throws KeyManagementException
- {
- String alg = Util.getSecurityProperty("jessie.secure.random");
- if (alg == null)
- {
- alg = "Fortuna";
- }
- SecureRandom rand = null;
- try
- {
- rand = SecureRandom.getInstance(alg);
- }
- catch (NoSuchAlgorithmException nsae)
- {
- throw new KeyManagementException(nsae.toString());
- }
-
- return rand;
- }
-}
Deleted: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/DigestInputStream.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/DigestInputStream.java 2007-01-07 12:48:35 UTC (rev 3019)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/DigestInputStream.java 2007-01-07 12:50:40 UTC (rev 3020)
@@ -1,103 +0,0 @@
-/* DigestInputStream.java -- digesting input stream.
- Copyright (C) 2006 Free Software Foundation, Inc.
-
-This file is a part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or (at
-your option) any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; if not, write to the Free Software
-Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
-USA
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library. Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module. An independent module is a module which is not derived from
-or based on this library. If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so. If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package gnu.javax.net.ssl.provider;
-
-import java.io.FilterInputStream;
-import java.io.InputStream;
-import java.io.IOException;
-
-import gnu.java.security.hash.IMessageDigest;
-
-final class DigestInputStream extends FilterInputStream
-{
-
- // Fields.
- // -------------------------------------------------------------------------
-
- private IMessageDigest md5, sha;
- private boolean digesting;
-
- // Constructor.
- // -------------------------------------------------------------------------
-
- DigestInputStream(InputStream in, IMessageDigest md5, IMessageDigest sha)
- {
- super(in);
- if (md5 == null || sha == null)
- throw new NullPointerException();
- this.md5 = md5;
- this.sha = sha;
- digesting = true;
- }
-
- // Instance methods.
- // -------------------------------------------------------------------------
-
- void setDigesting(boolean digesting)
- {
- this.digesting = digesting;
- }
-
- public int read() throws IOException
- {
- int i = in.read();
- if (digesting && i != -1)
- {
- md5.update((byte) i);
- sha.update((byte) i);
- }
- return i;
- }
-
- public int read(byte[] buf) throws IOException
- {
- return read(buf, 0, buf.length);
- }
-
- public int read(byte[] buf, int off, int len) throws IOException
- {
- int ret = in.read(buf, off, len);
- if (digesting && ret != -1)
- {
- md5.update(buf, off, ret);
- sha.update(buf, off, ret);
- }
- return ret;
- }
-}
Deleted: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/DigestOutputStream.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/DigestOutputStream.java 2007-01-07 12:48:35 UTC (rev 3019)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/DigestOutputStream.java 2007-01-07 12:50:40 UTC (rev 3020)
@@ -1,107 +0,0 @@
-/* DigestOutputStream.java -- digesting output stream.
- Copyright (C) 2006 Free Software Foundation, Inc.
-
-This file is a part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or (at
-your option) any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; if not, write to the Free Software
-Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
-USA
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library. Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module. An independent module is a module which is not derived from
-or based on this library. If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so. If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package gnu.javax.net.ssl.provider;
-
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-import gnu.java.security.hash.IMessageDigest;
-
-final class DigestOutputStream extends FilterOutputStream
-{
-
- // Fields.
- // -------------------------------------------------------------------------
-
- private IMessageDigest md5, sha;
- private boolean digesting;
-
- // Constructor.
- // -------------------------------------------------------------------------
-
- DigestOutputStream(OutputStream out, IMessageDigest md5, IMessageDigest sha)
- {
- super(out);
- this.md5 = md5;
- this.sha = sha;
- digesting = true;
- }
-
- // Instance methods.
- // -------------------------------------------------------------------------
-
- void setDigesting(boolean digesting)
- {
- this.digesting = digesting;
- }
-
- public void write(int b) throws IOException
- {
- if (digesting)
- {
- md5.update((byte) b);
- sha.update((byte) b);
- }
- out.write(b);
- }
-
- public void write(byte[] buf) throws IOException
- {
- write(buf, 0, buf.length);
- }
-
- public void write(byte[] buf, int off, int len) throws IOException
- {
- if (buf == null)
- {
- throw new NullPointerException();
- }
- if (off < 0 || len < 0 || off+len > buf.length)
- {
- throw new ArrayIndexOutOfBoundsException();
- }
- if (digesting)
- {
- md5.update(buf, off, len);
- sha.update(buf, off, len);
- }
- out.write(buf, off, len);
- }
-}
Deleted: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Enumerated.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Enumerated.java 2007-01-07 12:48:35 UTC (rev 3019)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/Enumerated.java 2007-01-07 12:50:40 UTC (rev 3020)
@@ -1,79 +0,0 @@
-/* Enumerated.java -- Interface to enumerated types.
- Copyright (C) 2006 Free Software Foundation, Inc.
-
-This file is a part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or (at
-your option) any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; if not, write to the Free Software
-Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
-USA
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library. Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module. An independent module is a module which is not derived from
-or based on this library. If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so. If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package gnu.javax.net.ssl.provider;
-
-/**
- * An enumerated type in the SSL protocols. Enumerated values take on
- * one of a set of possible numeric values, which are not specifically
- * ordered, and may be extensible to a maximum value.
- *
- * <pre>enum { e1(v1), e2(v2), ... [[, (n) ]] }</pre>
- *
- * <p>Enumerated types are encoded as big-endian multibyte integers,
- * which take up the least possible number of bytes. Thus, an
- * enumeration with up to 255 values will be encoded in a single byte,
- * and so on.
- *
- * @author Casey Marshall (rs...@me...)
- */
-interface Enumerated
-{
-
- /**
- * Returns the encoded value of this enumerated value, which is
- * appropriate to send over-the-wire.
- *
- * @return The encoded value.
- */
- byte[] getEncoded();
-
- /**
- * Returns the numeric value of this enumerated value.
- *
- * @return The numeric value.
- */
- int getValue();
-
- /**
- * Returns a string representation of this enumerated value.
- *
- * @return The string.
- */
- String toString();
-}
Added: trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ExchangeKeys.java
===================================================================
--- trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ExchangeKeys.java (rev 0)
+++ trunk/core/src/classpath/gnu/gnu/javax/net/ssl/provider/ExchangeKeys.java 2007-01-07 12:50:40 UTC (rev 3020)
@@ -0,0 +1,54 @@
+/* ExchangeKeys.java -- key exchange values.
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.net.ssl.provider;
+
+import java.nio.ByteBuffer;
+import java....
[truncated message content] |
Thanks for helping keep SourceForge clean.
X