Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
07f9fe14
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
07f9fe14
编写于
8月 31, 2015
作者:
A
asaha
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
8134774: Need to backout partial fix for 8081297 from 9, 8u65, 8u66, 7u91
Summary: Backing out changeset fe1c420a8982 Reviewed-by: igerasim
上级
a050ebd2
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
14 addition
and
112 deletion
+14
-112
src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java
...m/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java
+4
-7
src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java
...ity/internal/spec/TlsRsaPremasterSecretParameterSpec.java
+0
-38
src/share/classes/sun/security/ssl/RSAClientKeyExchange.java
src/share/classes/sun/security/ssl/RSAClientKeyExchange.java
+6
-62
src/share/classes/sun/security/util/KeyUtil.java
src/share/classes/sun/security/util/KeyUtil.java
+4
-5
未找到文件。
src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java
浏览文件 @
07f9fe14
...
...
@@ -74,14 +74,11 @@ public final class TlsRsaPremasterSecretGenerator extends KeyGeneratorSpi {
"TlsRsaPremasterSecretGenerator must be initialized"
);
}
byte
[]
b
=
spec
.
getEncodedSecret
();
if
(
b
==
null
)
{
if
(
random
==
null
)
{
random
=
new
SecureRandom
();
}
b
=
new
byte
[
48
];
random
.
nextBytes
(
b
);
if
(
random
==
null
)
{
random
=
new
SecureRandom
();
}
byte
[]
b
=
new
byte
[
48
];
random
.
nextBytes
(
b
);
b
[
0
]
=
(
byte
)
spec
.
getMajorVersion
();
b
[
1
]
=
(
byte
)
spec
.
getMinorVersion
();
...
...
src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java
浏览文件 @
07f9fe14
...
...
@@ -43,8 +43,6 @@ import java.security.PrivilegedAction;
public
class
TlsRsaPremasterSecretParameterSpec
implements
AlgorithmParameterSpec
{
private
final
byte
[]
encodedSecret
;
/*
* The TLS spec says that the version in the RSA premaster secret must
* be the maximum version supported by the client (i.e. the version it
...
...
@@ -91,33 +89,6 @@ public class TlsRsaPremasterSecretParameterSpec
this
.
clientVersion
=
checkVersion
(
clientVersion
);
this
.
serverVersion
=
checkVersion
(
serverVersion
);
this
.
encodedSecret
=
null
;
}
/**
* Constructs a new TlsRsaPremasterSecretParameterSpec.
*
* @param clientVersion the version of the TLS protocol by which the
* client wishes to communicate during this session
* @param serverVersion the negotiated version of the TLS protocol which
* contains the lower of that suggested by the client in the client
* hello and the highest supported by the server.
* @param encodedSecret the encoded secret key
*
* @throws IllegalArgumentException if clientVersion or serverVersion are
* negative or larger than (2^16 - 1) or if encodedSecret is not
* exactly 48 bytes
*/
public
TlsRsaPremasterSecretParameterSpec
(
int
clientVersion
,
int
serverVersion
,
byte
[]
encodedSecret
)
{
this
.
clientVersion
=
checkVersion
(
clientVersion
);
this
.
serverVersion
=
checkVersion
(
serverVersion
);
if
(
encodedSecret
==
null
||
encodedSecret
.
length
!=
48
)
{
throw
new
IllegalArgumentException
(
"Encoded secret is not exactly 48 bytes"
);
}
this
.
encodedSecret
=
encodedSecret
.
clone
();
}
/**
...
...
@@ -176,13 +147,4 @@ public class TlsRsaPremasterSecretParameterSpec
}
return
version
;
}
/**
* Returns the encoded secret.
*
* @return the encoded secret, may be null if no encoded secret.
*/
public
byte
[]
getEncodedSecret
()
{
return
encodedSecret
==
null
?
null
:
encodedSecret
.
clone
();
}
}
src/share/classes/sun/security/ssl/RSAClientKeyExchange.java
浏览文件 @
07f9fe14
...
...
@@ -111,41 +111,14 @@ final class RSAClientKeyExchange extends HandshakeMessage {
}
}
boolean
needFailover
=
false
;
byte
[]
encoded
=
null
;
try
{
Cipher
cipher
=
JsseJce
.
getCipher
(
JsseJce
.
CIPHER_RSA_PKCS1
);
needFailover
=
!
KeyUtil
.
isOracleJCEProvider
(
cipher
.
getProvider
().
getName
());
if
(
needFailover
)
{
cipher
.
init
(
Cipher
.
DECRYPT_MODE
,
privateKey
);
encoded
=
cipher
.
doFinal
(
encrypted
);
encoded
=
KeyUtil
.
checkTlsPreMasterSecretKey
(
maxVersion
.
v
,
currentVersion
.
v
,
generator
,
encoded
,
false
);
preMaster
=
generatePreMasterSecret
(
maxVersion
.
v
,
currentVersion
.
v
,
encoded
,
generator
);
}
else
{
cipher
.
init
(
Cipher
.
UNWRAP_MODE
,
privateKey
,
new
TlsRsaPremasterSecretParameterSpec
(
maxVersion
.
v
,
currentVersion
.
v
),
generator
);
preMaster
=
(
SecretKey
)
cipher
.
unwrap
(
encrypted
,
"TlsRsaPremasterSecret"
,
Cipher
.
SECRET_KEY
);
}
}
catch
(
BadPaddingException
bpe
)
{
if
(
needFailover
)
{
encoded
=
KeyUtil
.
checkTlsPreMasterSecretKey
(
maxVersion
.
v
,
currentVersion
.
v
,
generator
,
null
,
false
);
preMaster
=
generatePreMasterSecret
(
maxVersion
.
v
,
currentVersion
.
v
,
encoded
,
generator
);
}
else
{
// Otherwise, unlikely to happen
throw
new
RuntimeException
(
"Unexpected exception"
,
bpe
);
}
cipher
.
init
(
Cipher
.
UNWRAP_MODE
,
privateKey
,
new
TlsRsaPremasterSecretParameterSpec
(
maxVersion
.
v
,
currentVersion
.
v
),
generator
);
preMaster
=
(
SecretKey
)
cipher
.
unwrap
(
encrypted
,
"TlsRsaPremasterSecret"
,
Cipher
.
SECRET_KEY
);
}
catch
(
InvalidKeyException
ibk
)
{
// the message is too big to process with RSA
throw
new
SSLProtocolException
(
...
...
@@ -160,35 +133,6 @@ final class RSAClientKeyExchange extends HandshakeMessage {
}
}
// generate a premaster secret with the specified version number
@SuppressWarnings
(
"deprecation"
)
private
static
SecretKey
generatePreMasterSecret
(
int
clientVersion
,
int
serverVersion
,
byte
[]
encodedSecret
,
SecureRandom
generator
)
{
if
(
debug
!=
null
&&
Debug
.
isOn
(
"handshake"
))
{
System
.
out
.
println
(
"Generating a premaster secret"
);
}
try
{
String
s
=
((
clientVersion
>=
ProtocolVersion
.
TLS12
.
v
)
?
"SunTls12RsaPremasterSecret"
:
"SunTlsRsaPremasterSecret"
);
KeyGenerator
kg
=
JsseJce
.
getKeyGenerator
(
s
);
kg
.
init
(
new
TlsRsaPremasterSecretParameterSpec
(
clientVersion
,
serverVersion
,
encodedSecret
),
generator
);
return
kg
.
generateKey
();
}
catch
(
InvalidAlgorithmParameterException
|
NoSuchAlgorithmException
iae
)
{
// unlikely to happen, otherwise, must be a provider exception
if
(
debug
!=
null
&&
Debug
.
isOn
(
"handshake"
))
{
System
.
out
.
println
(
"RSA premaster secret generation error:"
);
iae
.
printStackTrace
(
System
.
out
);
}
throw
new
RuntimeException
(
"Could not generate premaster secret"
,
iae
);
}
}
@Override
int
messageType
()
{
return
ht_client_key_exchange
;
...
...
src/share/classes/sun/security/util/KeyUtil.java
浏览文件 @
07f9fe14
...
...
@@ -144,6 +144,8 @@ public final class KeyUtil {
/**
* Returns whether the specified provider is Oracle provider or not.
* <P>
* Note that this method is only apply to SunJCE and SunPKCS11 at present.
*
* @param providerName
* the provider name
...
...
@@ -151,11 +153,8 @@ public final class KeyUtil {
* {@code providerName} is Oracle provider
*/
public
static
final
boolean
isOracleJCEProvider
(
String
providerName
)
{
return
providerName
!=
null
&&
(
providerName
.
equals
(
"SunJCE"
)
||
providerName
.
equals
(
"SunMSCAPI"
)
||
providerName
.
equals
(
"OracleUcrypto"
)
||
providerName
.
startsWith
(
"SunPKCS11"
));
return
providerName
!=
null
&&
(
providerName
.
equals
(
"SunJCE"
)
||
providerName
.
startsWith
(
"SunPKCS11"
));
}
/**
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录