Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
166451ee
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
166451ee
编写于
9月 29, 2011
作者:
X
xuelei
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
7064341: jsse/runtime security problem
Reviewed-by: wetmore
上级
5990cca2
变更
11
隐藏空白更改
内联
并排
Showing
11 changed file
with
197 addition
and
14 deletion
+197
-14
src/share/classes/javax/net/ssl/SSLEngine.java
src/share/classes/javax/net/ssl/SSLEngine.java
+2
-2
src/share/classes/sun/security/ssl/AppOutputStream.java
src/share/classes/sun/security/ssl/AppOutputStream.java
+28
-2
src/share/classes/sun/security/ssl/CipherBox.java
src/share/classes/sun/security/ssl/CipherBox.java
+16
-1
src/share/classes/sun/security/ssl/CipherSuite.java
src/share/classes/sun/security/ssl/CipherSuite.java
+11
-2
src/share/classes/sun/security/ssl/EngineOutputRecord.java
src/share/classes/sun/security/ssl/EngineOutputRecord.java
+44
-3
src/share/classes/sun/security/ssl/Record.java
src/share/classes/sun/security/ssl/Record.java
+18
-1
src/share/classes/sun/security/ssl/SSLEngineImpl.java
src/share/classes/sun/security/ssl/SSLEngineImpl.java
+34
-0
src/share/classes/sun/security/ssl/SSLSocketImpl.java
src/share/classes/sun/security/ssl/SSLSocketImpl.java
+35
-0
test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/CheckStatus.java
...rity/ssl/javax/net/ssl/NewAPIs/SSLEngine/CheckStatus.java
+3
-1
test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargeBufs.java
...curity/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargeBufs.java
+3
-1
test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargePacket.java
...rity/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargePacket.java
+3
-1
未找到文件。
src/share/classes/javax/net/ssl/SSLEngine.java
浏览文件 @
166451ee
/*
* Copyright (c) 2003, 201
0
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 201
1
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -538,7 +538,7 @@ public abstract class SSLEngine {
* If this <code>SSLEngine</code> has not yet started its initial
* handshake, this method will automatically start the handshake.
* <P>
* This method will attempt to produce
one SSL/TLS packet
, and will
* This method will attempt to produce
SSL/TLS records
, and will
* consume as much source data as possible, but will never consume
* more than the sum of the bytes remaining in each buffer. Each
* <code>ByteBuffer</code>'s position is updated to reflect the
...
...
src/share/classes/sun/security/ssl/AppOutputStream.java
浏览文件 @
166451ee
/*
* Copyright (c) 1996, 20
09
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 20
11
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -69,12 +69,38 @@ class AppOutputStream extends OutputStream {
// check if the Socket is invalid (error or closed)
c
.
checkWrite
();
/*
* By default, we counter chosen plaintext issues on CBC mode
* ciphersuites in SSLv3/TLS1.0 by sending one byte of application
* data in the first record of every payload, and the rest in
* subsequent record(s). Note that the issues have been solved in
* TLS 1.1 or later.
*
* It is not necessary to split the very first application record of
* a freshly negotiated TLS session, as there is no previous
* application data to guess. To improve compatibility, we will not
* split such records.
*
* This avoids issues in the outbound direction. For a full fix,
* the peer must have similar protections.
*/
boolean
isFirstRecordOfThePayload
=
true
;
// Always flush at the end of each application level record.
// This lets application synchronize read and write streams
// however they like; if we buffered here, they couldn't.
try
{
do
{
int
howmuch
=
Math
.
min
(
len
,
r
.
availableDataBytes
());
int
howmuch
;
if
(
isFirstRecordOfThePayload
&&
c
.
needToSplitPayload
())
{
howmuch
=
Math
.
min
(
0x01
,
r
.
availableDataBytes
());
}
else
{
howmuch
=
Math
.
min
(
len
,
r
.
availableDataBytes
());
}
if
(
isFirstRecordOfThePayload
&&
howmuch
!=
0
)
{
isFirstRecordOfThePayload
=
false
;
}
// NOTE: *must* call c.writeRecord() even for howmuch == 0
if
(
howmuch
>
0
)
{
...
...
src/share/classes/sun/security/ssl/CipherBox.java
浏览文件 @
166451ee
/*
* Copyright (c) 1996, 201
0
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 201
1
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -112,6 +112,11 @@ final class CipherBox {
*/
private
SecureRandom
random
;
/**
* Is the cipher of CBC mode?
*/
private
final
boolean
isCBCMode
;
/**
* Fixed masks of various block size, as the initial decryption IVs
* for TLS 1.1 or later.
...
...
@@ -128,6 +133,7 @@ final class CipherBox {
private
CipherBox
()
{
this
.
protocolVersion
=
ProtocolVersion
.
DEFAULT
;
this
.
cipher
=
null
;
this
.
isCBCMode
=
false
;
}
/**
...
...
@@ -148,6 +154,7 @@ final class CipherBox {
random
=
JsseJce
.
getSecureRandom
();
}
this
.
random
=
random
;
this
.
isCBCMode
=
bulkCipher
.
isCBCMode
;
/*
* RFC 4346 recommends two algorithms used to generated the
...
...
@@ -691,4 +698,12 @@ final class CipherBox {
}
}
/*
* Does the cipher use CBC mode?
*
* @return true if the cipher use CBC mode, false otherwise.
*/
boolean
isCBCMode
()
{
return
isCBCMode
;
}
}
src/share/classes/sun/security/ssl/CipherSuite.java
浏览文件 @
166451ee
...
...
@@ -420,10 +420,16 @@ final class CipherSuite implements Comparable {
// exportable under 512/40 bit rules
final
boolean
exportable
;
// Is the cipher algorithm of Cipher Block Chaining (CBC) mode?
final
boolean
isCBCMode
;
BulkCipher
(
String
transformation
,
int
keySize
,
int
expandedKeySize
,
int
ivSize
,
boolean
allowed
)
{
this
.
transformation
=
transformation
;
this
.
algorithm
=
transformation
.
split
(
"/"
)[
0
];
String
[]
splits
=
transformation
.
split
(
"/"
);
this
.
algorithm
=
splits
[
0
];
this
.
isCBCMode
=
splits
.
length
<=
1
?
false
:
"CBC"
.
equalsIgnoreCase
(
splits
[
1
]);
this
.
description
=
this
.
algorithm
+
"/"
+
(
keySize
<<
3
);
this
.
keySize
=
keySize
;
this
.
ivSize
=
ivSize
;
...
...
@@ -436,7 +442,10 @@ final class CipherSuite implements Comparable {
BulkCipher
(
String
transformation
,
int
keySize
,
int
ivSize
,
boolean
allowed
)
{
this
.
transformation
=
transformation
;
this
.
algorithm
=
transformation
.
split
(
"/"
)[
0
];
String
[]
splits
=
transformation
.
split
(
"/"
);
this
.
algorithm
=
splits
[
0
];
this
.
isCBCMode
=
splits
.
length
<=
1
?
false
:
"CBC"
.
equalsIgnoreCase
(
splits
[
1
]);
this
.
description
=
this
.
algorithm
+
"/"
+
(
keySize
<<
3
);
this
.
keySize
=
keySize
;
this
.
ivSize
=
ivSize
;
...
...
src/share/classes/sun/security/ssl/EngineOutputRecord.java
浏览文件 @
166451ee
/*
* Copyright (c) 2003, 20
07
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 20
11
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -46,6 +46,7 @@ import sun.misc.HexDumpEncoder;
*/
final
class
EngineOutputRecord
extends
OutputRecord
{
private
SSLEngineImpl
engine
;
private
EngineWriter
writer
;
private
boolean
finishedMsg
=
false
;
...
...
@@ -62,6 +63,7 @@ final class EngineOutputRecord extends OutputRecord {
*/
EngineOutputRecord
(
byte
type
,
SSLEngineImpl
engine
)
{
super
(
type
,
recordSize
(
type
));
this
.
engine
=
engine
;
writer
=
engine
.
writer
;
}
...
...
@@ -227,11 +229,50 @@ final class EngineOutputRecord extends OutputRecord {
* implementations are fragile and don't like to see empty
* records, so this increases robustness.
*/
int
length
=
Math
.
min
(
ea
.
getAppRemaining
(),
maxDataSize
);
if
(
length
==
0
)
{
if
(
ea
.
getAppRemaining
()
==
0
)
{
return
;
}
/*
* By default, we counter chosen plaintext issues on CBC mode
* ciphersuites in SSLv3/TLS1.0 by sending one byte of application
* data in the first record of every payload, and the rest in
* subsequent record(s). Note that the issues have been solved in
* TLS 1.1 or later.
*
* It is not necessary to split the very first application record of
* a freshly negotiated TLS session, as there is no previous
* application data to guess. To improve compatibility, we will not
* split such records.
*
* Because of the compatibility, we'd better produce no more than
* SSLSession.getPacketBufferSize() net data for each wrap. As we
* need a one-byte record at first, the 2nd record size should be
* equal to or less than Record.maxDataSizeMinusOneByteRecord.
*
* This avoids issues in the outbound direction. For a full fix,
* the peer must have similar protections.
*/
int
length
;
if
(
engine
.
needToSplitPayload
(
writeCipher
,
protocolVersion
))
{
write
(
ea
,
writeMAC
,
writeCipher
,
0x01
);
ea
.
resetLim
();
// reset application data buffer limit
length
=
Math
.
min
(
ea
.
getAppRemaining
(),
maxDataSizeMinusOneByteRecord
);
}
else
{
length
=
Math
.
min
(
ea
.
getAppRemaining
(),
maxDataSize
);
}
// Don't bother to really write empty records.
if
(
length
>
0
)
{
write
(
ea
,
writeMAC
,
writeCipher
,
length
);
}
return
;
}
void
write
(
EngineArgs
ea
,
MAC
writeMAC
,
CipherBox
writeCipher
,
int
length
)
throws
IOException
{
/*
* Copy out existing buffer values.
*/
...
...
src/share/classes/sun/security/ssl/Record.java
浏览文件 @
166451ee
/*
* Copyright (c) 1996, 201
0
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 201
1
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -67,6 +67,23 @@ interface Record {
+
maxPadding
// padding
+
trailerSize
;
// MAC
static
final
boolean
enableCBCProtection
=
Debug
.
getBooleanProperty
(
"jsse.enableCBCProtection"
,
true
);
/*
* For CBC protection in SSL3/TLS1, we break some plaintext into two
* packets. Max application data size for the second packet.
*/
static
final
int
maxDataSizeMinusOneByteRecord
=
maxDataSize
// max data size
-
(
// max one byte record size
headerSize
// header
+
maxIVLength
// iv
+
1
// one byte data
+
maxPadding
// padding
+
trailerSize
// MAC
);
/*
* The maximum large record size.
*
...
...
src/share/classes/sun/security/ssl/SSLEngineImpl.java
浏览文件 @
166451ee
...
...
@@ -311,6 +311,11 @@ final public class SSLEngineImpl extends SSLEngine {
private
Object
unwrapLock
;
Object
writeLock
;
/*
* Is it the first application record to write?
*/
private
boolean
isFirstAppOutputRecord
=
true
;
/*
* Class and subclass dynamic debugging support
*/
...
...
@@ -617,6 +622,9 @@ final public class SSLEngineImpl extends SSLEngine {
// See comment above.
oldCipher
.
dispose
();
// reset the flag of the first application record
isFirstAppOutputRecord
=
true
;
}
/*
...
...
@@ -1295,9 +1303,35 @@ final public class SSLEngineImpl extends SSLEngine {
}
}
/*
* turn off the flag of the first application record if we really
* consumed at least byte.
*/
if
(
isFirstAppOutputRecord
&&
ea
.
deltaApp
()
>
0
)
{
isFirstAppOutputRecord
=
false
;
}
return
hsStatus
;
}
/*
* Need to split the payload except the following cases:
*
* 1. protocol version is TLS 1.1 or later;
* 2. bulk cipher does not use CBC mode, including null bulk cipher suites.
* 3. the payload is the first application record of a freshly
* negotiated TLS session.
* 4. the CBC protection is disabled;
*
* More details, please refer to
* EngineOutputRecord.write(EngineArgs, MAC, CipherBox).
*/
boolean
needToSplitPayload
(
CipherBox
cipher
,
ProtocolVersion
protocol
)
{
return
(
protocol
.
v
<=
ProtocolVersion
.
TLS10
.
v
)
&&
cipher
.
isCBCMode
()
&&
!
isFirstAppOutputRecord
&&
Record
.
enableCBCProtection
;
}
/*
* Non-application OutputRecords go through here.
*/
...
...
src/share/classes/sun/security/ssl/SSLSocketImpl.java
浏览文件 @
166451ee
...
...
@@ -371,6 +371,11 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
/* Class and subclass dynamic debugging support */
private
static
final
Debug
debug
=
Debug
.
getInstance
(
"ssl"
);
/*
* Is it the first application record to write?
*/
private
boolean
isFirstAppOutputRecord
=
true
;
//
// CONSTRUCTORS AND INITIALIZATION CODE
//
...
...
@@ -804,8 +809,35 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
if
(
connectionState
<
cs_ERROR
)
{
checkSequenceNumber
(
writeMAC
,
r
.
contentType
());
}
// turn off the flag of the first application record
if
(
isFirstAppOutputRecord
&&
r
.
contentType
()
==
Record
.
ct_application_data
)
{
isFirstAppOutputRecord
=
false
;
}
}
/*
* Need to split the payload except the following cases:
*
* 1. protocol version is TLS 1.1 or later;
* 2. bulk cipher does not use CBC mode, including null bulk cipher suites.
* 3. the payload is the first application record of a freshly
* negotiated TLS session.
* 4. the CBC protection is disabled;
*
* More details, please refer to AppOutputStream.write(byte[], int, int).
*/
boolean
needToSplitPayload
()
{
writeLock
.
lock
();
try
{
return
(
protocolVersion
.
v
<=
ProtocolVersion
.
TLS10
.
v
)
&&
writeCipher
.
isCBCMode
()
&&
!
isFirstAppOutputRecord
&&
Record
.
enableCBCProtection
;
}
finally
{
writeLock
.
unlock
();
}
}
/*
* Read an application data record. Alerts and handshake
...
...
@@ -2034,6 +2066,9 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
// See comment above.
oldCipher
.
dispose
();
// reset the flag of the first application record
isFirstAppOutputRecord
=
true
;
}
/*
...
...
test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/CheckStatus.java
浏览文件 @
166451ee
/*
* Copyright (c) 2003, 201
0
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 201
1
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -29,6 +29,8 @@
* This is a simple hack to test a bunch of conditions and check
* their return codes.
*
* @run main/othervm -Djsse.enableCBCProtection=false CheckStatus
*
* @author Brad Wetmore
*/
...
...
test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargeBufs.java
浏览文件 @
166451ee
/*
* Copyright (c) 2004, 20
06
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2004, 20
11
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -30,6 +30,8 @@
* This is to test larger buffer arrays, and make sure the maximum
* is being passed.
*
* @run main/othervm -Djsse.enableCBCProtection=false LargeBufs
*
* @author Brad R. Wetmore
*/
...
...
test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargePacket.java
浏览文件 @
166451ee
/*
* Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006,
2011,
Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -28,6 +28,8 @@
* @summary Need adjustable TLS max record size for interoperability
* with non-compliant
*
* @run main/othervm -Djsse.enableCBCProtection=false LargePacket
*
* @author Xuelei Fan
*/
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录