001: /*
002: * Copyright 1996-2007 Sun Microsystems, Inc. All Rights Reserved.
003: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004: *
005: * This code is free software; you can redistribute it and/or modify it
006: * under the terms of the GNU General Public License version 2 only, as
007: * published by the Free Software Foundation. Sun designates this
008: * particular file as subject to the "Classpath" exception as provided
009: * by Sun in the LICENSE file that accompanied this code.
010: *
011: * This code is distributed in the hope that it will be useful, but WITHOUT
012: * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013: * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
014: * version 2 for more details (a copy is included in the LICENSE file that
015: * accompanied this code).
016: *
017: * You should have received a copy of the GNU General Public License version
018: * 2 along with this work; if not, write to the Free Software Foundation,
019: * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020: *
021: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022: * CA 95054 USA or visit www.sun.com if you need additional information or
023: * have any questions.
024: */
025:
026: package sun.security.ssl;
027:
028: import java.io.InputStream;
029: import java.io.IOException;
030: import java.security.MessageDigest;
031:
032: import javax.net.ssl.SSLException;
033:
034: /**
035: * InputStream for handshake data, used internally only. Contains the
036: * handshake message buffer and methods to parse them.
037: *
038: * Once a new handshake record arrives, it is buffered in this class until
039: * processed by the Handshaker. The buffer may also contain incomplete
040: * handshake messages in case the message is split across multiple records.
041: * Handshaker.process_record deals with all that. It may also contain
042: * handshake messages larger than the default buffer size (e.g. large
043: * certificate messages). The buffer is grown dynamically to handle that
044: * (see InputRecord.queueHandshake()).
045: *
046: * Note that the InputRecord used as a buffer here is separate from the
047: * AppInStream.r, which is where data from the socket is initially read
048: * into. This is because once the initial handshake has been completed,
049: * handshake and application data messages may be interleaved arbitrarily
050: * and must be processed independently.
051: *
052: * @version 1.28 05/05/07
053: * @author David Brownell
054: */
055: class HandshakeInStream extends InputStream {
056:
057: InputRecord r;
058:
059: /*
060: * Construct the stream; we'll be accumulating hashes of the
061: * input records using two sets of digests.
062: */
063: HandshakeInStream(HandshakeHash handshakeHash) {
064: r = new InputRecord();
065: r.setHandshakeHash(handshakeHash);
066: }
067:
068: // overridden InputStream methods
069:
070: /*
071: * Return the number of bytes available for read().
072: *
073: * Note that this returns the bytes remaining in the buffer, not
074: * the bytes remaining in the current handshake message.
075: */
076: public int available() {
077: return r.available();
078: }
079:
080: /*
081: * Get a byte of handshake data.
082: */
083: public int read() throws IOException {
084: int n = r.read();
085: if (n == -1) {
086: throw new SSLException("Unexpected end of handshake data");
087: }
088: return n;
089: }
090:
091: /*
092: * Get a bunch of bytes of handshake data.
093: */
094: public int read(byte b[], int off, int len) throws IOException {
095: // we read from a ByteArrayInputStream, it always returns the
096: // data in a single read if enough is available
097: int n = r.read(b, off, len);
098: if (n != len) {
099: throw new SSLException("Unexpected end of handshake data");
100: }
101: return n;
102: }
103:
104: /*
105: * Skip some handshake data.
106: */
107: public long skip(long n) throws IOException {
108: return r.skip(n);
109: }
110:
111: /*
112: * Mark/ reset code, implemented using InputRecord mark/ reset.
113: *
114: * Note that it currently provides only a limited mark functionality
115: * and should be used with care (once a new handshake record has been
116: * read, data that has already been consumed is lost even if marked).
117: */
118:
119: public void mark(int readlimit) {
120: r.mark(readlimit);
121: }
122:
123: public void reset() {
124: r.reset();
125: }
126:
127: public boolean markSupported() {
128: return true;
129: }
130:
131: // handshake management functions
132:
133: /*
134: * Here's an incoming record with handshake data. Queue the contents;
135: * it might be one or more entire messages, complete a message that's
136: * partly queued, or both.
137: */
138: void incomingRecord(InputRecord in) throws IOException {
139: r.queueHandshake(in);
140: }
141:
142: /*
143: * Hash any data we've consumed but not yet hashed. Useful mostly
144: * for processing client certificate messages (so we can check the
145: * immediately following cert verify message) and finished messages
146: * (so we can compute our own finished message).
147: */
148: void digestNow() {
149: r.doHashes();
150: }
151:
152: /*
153: * Do more than skip that handshake data ... totally ignore it.
154: * The difference is that the data does not get hashed.
155: */
156: void ignore(int n) {
157: r.ignore(n);
158: }
159:
160: // Message parsing methods
161:
162: /*
163: * Read 8, 16, 24, and 32 bit SSL integer data types, encoded
164: * in standard big-endian form.
165: */
166:
167: int getInt8() throws IOException {
168: return read();
169: }
170:
171: int getInt16() throws IOException {
172: return (getInt8() << 8) | getInt8();
173: }
174:
175: int getInt24() throws IOException {
176: return (getInt8() << 16) | (getInt8() << 8) | getInt8();
177: }
178:
179: int getInt32() throws IOException {
180: return (getInt8() << 24) | (getInt8() << 16) | (getInt8() << 8)
181: | getInt8();
182: }
183:
184: /*
185: * Read byte vectors with 8, 16, and 24 bit length encodings.
186: */
187:
188: byte[] getBytes8() throws IOException {
189: int len = getInt8();
190: byte b[] = new byte[len];
191:
192: read(b, 0, len);
193: return b;
194: }
195:
196: byte[] getBytes16() throws IOException {
197: int len = getInt16();
198: byte b[] = new byte[len];
199:
200: read(b, 0, len);
201: return b;
202: }
203:
204: byte[] getBytes24() throws IOException {
205: int len = getInt24();
206: byte b[] = new byte[len];
207:
208: read(b, 0, len);
209: return b;
210: }
211:
212: }
|