/** * Retrieves received application data. Use {@link #getAvailableInputBytes()} to check * how much application data is currently available. This method functions similarly to * {@link InputStream#read(byte[], int, int)}, except that it never blocks. If no data * is available, nothing will be copied and zero will be returned.<br> * <br> * Only allowed in non-blocking mode. * @param buffer The buffer to hold the application data * @param offset The start offset in the buffer at which the data is written * @param length The maximum number of bytes to read * @return The total number of bytes copied to the buffer. May be less than the * length specified if the length was greater than the amount of available data. */ public int readInput(byte[] buffer, int offset, int length) { if (blocking) { throw new IllegalStateException("Cannot use readInput() in blocking mode! Use getInputStream() instead."); } try { return readApplicationData(buffer, offset, Math.min(length, applicationDataAvailable())); } catch (IOException e) { // readApplicationData() only throws if there is no data available, so this should never happen throw new RuntimeException(e.toString()); // early JDK fix. } }
public static byte[] readSRPExtension(byte[] extensionData) throws IOException { if (extensionData == null) { throw new IllegalArgumentException("'extensionData' cannot be null"); } ByteArrayInputStream buf = new ByteArrayInputStream(extensionData); byte[] identity = TlsUtils.readOpaque8(buf); TlsProtocol.assertEmpty(buf); return identity; }
protected void handleFailure() { this.closed = true; this.failedWithError = true; /* * RFC 2246 7.2.1. The session becomes unresumable if any connection is terminated * without proper close_notify messages with level equal to warning. */ // TODO This isn't quite in the right place. Also, as of TLS 1.1 the above is obsolete. invalidateSession(); recordStream.safeClose(); if (!appDataReady) { cleanupHandshake(); } }
protected void handleClose(boolean user_canceled) throws IOException { if (!closed) { this.closed = true; if (user_canceled && !appDataReady) { raiseAlertWarning(AlertDescription.user_canceled, "User canceled handshake"); } raiseAlertWarning(AlertDescription.close_notify, "Connection closed"); recordStream.safeClose(); if (!appDataReady) { cleanupHandshake(); } } }
protected void refuseRenegotiation() throws IOException { /* * RFC 5746 4.5 SSLv3 clients that refuse renegotiation SHOULD use a fatal * handshake_failure alert. */ if (TlsUtils.isSSL(getContext())) { throw new TlsFatalAlert(AlertDescription.handshake_failure); } raiseAlertWarning(AlertDescription.no_renegotiation, "Renegotiation not supported"); }
safeReadRecord(); this.splitApplicationDataRecords = !TlsUtils.isTLSv11(getContext()); getContextAdmin().setResumableSession(this.tlsSession); getPeer().notifyHandshakeComplete(); cleanupHandshake();
checkReceivedChangeCipherSpec(true); TlsContext ctx = getContext(); if (this.expected_verify_data == null && ctx.getSecurityParameters().getMasterSecret() != null) this.expected_verify_data = createVerifyData(!ctx.isServer()); checkReceivedChangeCipherSpec(connection_state == CS_END); handleHandshakeMessage(type, buf);
securityParameters.prfAlgorithm = TlsProtocol.getPRFAlgorithm(state.serverContext, state.selectedCipherSuite); securityParameters.sessionHash = TlsProtocol.getCurrentPRFHash(state.serverContext, prepareFinishHash, null); TlsProtocol.establishMasterSecret(state.serverContext, state.keyExchange); recordLayer.initPendingEpoch(state.server.getCipher()); TlsProtocol.getCurrentPRFHash(state.serverContext, handshake.getHandshakeHash(), null)); processFinished(handshake.receiveMessageBody(HandshakeType.finished), expectedClientVerifyData); TlsProtocol.getCurrentPRFHash(state.serverContext, handshake.getHandshakeHash(), null)); handshake.sendMessage(HandshakeType.finished, serverVerifyData);
Hashtable serverExtensions = TlsProtocol.readExtensions(buf); TlsProtocol.createRenegotiationInfo(TlsUtils.EMPTY_BYTES)))
this.expected_verify_data = createVerifyData(!getContext().isServer()); handleHandshakeMessage(type, buf); read = true;
TlsProtocol.createRenegotiationInfo(TlsUtils.EMPTY_BYTES)); AlertDescription.internal_error); TlsProtocol.writeExtensions(buf, state.serverExtensions); securityParameters.prfAlgorithm = TlsProtocol.getPRFAlgorithm(state.serverContext, securityParameters.getCipherSuite());
state.serverExtensions = TlsProtocol.readExtensions(buf); TlsProtocol.createRenegotiationInfo(TlsUtils.EMPTY_BYTES))) securityParameters.prfAlgorithm = TlsProtocol.getPRFAlgorithm(state.clientContext, securityParameters.getCipherSuite());
protected void sendFinishedMessage() throws IOException { byte[] verify_data = createVerifyData(getContext().isServer()); HandshakeMessage message = new HandshakeMessage(HandshakeType.finished, verify_data.length); message.write(verify_data); message.writeToRecordStream(); }
protected byte[] createVerifyData(boolean isServer) { TlsContext context = getContext(); String asciiLabel = isServer ? ExporterLabel.server_finished : ExporterLabel.client_finished; byte[] sslSender = isServer ? TlsUtils.SSL_SERVER : TlsUtils.SSL_CLIENT; byte[] hash = getCurrentPRFHash(context, recordStream.getHandshakeHash(), sslSender); return TlsUtils.calculateVerifyData(context, asciiLabel, hash); }
securityParameters.sessionHash = TlsProtocol.getCurrentPRFHash(state.serverContext, prepareFinishHash, null); TlsProtocol.establishMasterSecret(state.serverContext, state.keyExchange); recordLayer.initPendingEpoch(state.server.getCipher()); TlsProtocol.getCurrentPRFHash(state.serverContext, handshake.getHandshakeHash(), null)); processFinished(handshake.receiveMessageBody(HandshakeType.finished), expectedClientVerifyData); TlsProtocol.getCurrentPRFHash(state.serverContext, handshake.getHandshakeHash(), null)); handshake.sendMessage(HandshakeType.finished, serverVerifyData);
TlsProtocol.createRenegotiationInfo(TlsUtils.EMPTY_BYTES)); TlsProtocol.EXT_SessionTicket, AlertDescription.internal_error); TlsProtocol.writeExtensions(buf, state.serverExtensions);
public void close() throws IOException { handler.close(); }
protected void cleanupHandshake() { super.cleanupHandshake(); this.selectedSessionID = null; this.keyExchange = null; this.authentication = null; this.certificateStatus = null; this.certificateRequest = null; }
state.serverContext = new TlsServerContextImpl(secureRandom, securityParameters); securityParameters.serverRandom = TlsProtocol.createRandomBlock(server.shouldUseGMTUnixTime(), state.serverContext.getNonceRandomGenerator());
public int available() throws IOException { return this.handler.applicationDataAvailable(); }