From 0bded3922d085eca40ecfb46c80f8c34e53679b9 Mon Sep 17 00:00:00 2001 From: John Jiang Date: Mon, 5 Feb 2024 11:27:33 +0800 Subject: [PATCH] TKSS-666: Remove TLCPHandshakeHash --- .../kona/sun/security/ssl/CipherSuite.java | 8 +- .../kona/sun/security/ssl/HandshakeHash.java | 7 +- .../sun/security/ssl/TLCPHandshakeHash.java | 81 ------------------- 3 files changed, 7 insertions(+), 89 deletions(-) delete mode 100644 kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/TLCPHandshakeHash.java diff --git a/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/CipherSuite.java b/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/CipherSuite.java index 4c5fcbac..818e6498 100644 --- a/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/CipherSuite.java +++ b/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/CipherSuite.java @@ -69,19 +69,19 @@ enum CipherSuite { TLCP_ECC_SM4_GCM_SM3( 0xE053, true, "TLCP_ECC_SM4_GCM_SM3", "ECC_SM4_GCM_SM3", ProtocolVersion.PROTOCOLS_OF_TLCP, - K_SM2, SSLCipher.B_SM4_GCM, M_NULL, H_NONE), + K_SM2, SSLCipher.B_SM4_GCM, M_NULL, H_SM3), TLCP_ECC_SM4_CBC_SM3( 0xE013, true, "TLCP_ECC_SM4_CBC_SM3", "ECC_SM4_CBC_SM3", ProtocolVersion.PROTOCOLS_OF_TLCP, - K_SM2, SSLCipher.B_SM4, M_SM3, H_NONE), + K_SM2, SSLCipher.B_SM4, M_SM3, H_SM3), TLCP_ECDHE_SM4_GCM_SM3( 0xE051, true, "TLCP_ECDHE_SM4_GCM_SM3", "ECDHE_SM4_GCM_SM3", ProtocolVersion.PROTOCOLS_OF_TLCP, - K_SM2E, SSLCipher.B_SM4_GCM, M_NULL, H_NONE), + K_SM2E, SSLCipher.B_SM4_GCM, M_NULL, H_SM3), TLCP_ECDHE_SM4_CBC_SM3( 0xE011, true, "TLCP_ECDHE_SM4_CBC_SM3", "ECDHE_SM4_CBC_SM3", ProtocolVersion.PROTOCOLS_OF_TLCP, - K_SM2E, SSLCipher.B_SM4, M_SM3, H_NONE), + K_SM2E, SSLCipher.B_SM4, M_SM3, H_SM3), // TLS 1.3 cipher suites. TLS_AES_256_GCM_SHA384( diff --git a/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/HandshakeHash.java b/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/HandshakeHash.java index 3dec27a0..56fc7c09 100644 --- a/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/HandshakeHash.java +++ b/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/HandshakeHash.java @@ -57,11 +57,10 @@ void determine(ProtocolVersion protocolVersion, } CacheOnlyHash coh = (CacheOnlyHash)transcriptHash; - if (protocolVersion.isTLCP11()) { - transcriptHash = new TLCPHandshakeHash(); - } else if (protocolVersion.useTLS13PlusSpec()) { + if (protocolVersion.useTLS13PlusSpec()) { transcriptHash = new T13HandshakeHash(cipherSuite); - } else if (protocolVersion.useTLS12PlusSpec()) { + } else if (protocolVersion.useTLS12PlusSpec() + || protocolVersion.isTLCP11()) { transcriptHash = new T12HandshakeHash(cipherSuite); } else if (protocolVersion.useTLS10PlusSpec()) { transcriptHash = new T10HandshakeHash(cipherSuite); diff --git a/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/TLCPHandshakeHash.java b/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/TLCPHandshakeHash.java deleted file mode 100644 index 3070cae6..00000000 --- a/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/TLCPHandshakeHash.java +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -package com.tencent.kona.sun.security.ssl; - -import com.tencent.kona.crypto.CryptoInsts; - -import java.io.ByteArrayOutputStream; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -import com.tencent.kona.sun.security.ssl.HandshakeHash.CloneableHash; -import com.tencent.kona.sun.security.ssl.HandshakeHash.NonCloneableHash; -import com.tencent.kona.sun.security.ssl.HandshakeHash.TranscriptHash; - -final class TLCPHandshakeHash implements TranscriptHash { - - private final TranscriptHash transcriptHash; - private final ByteArrayOutputStream baos; - - TLCPHandshakeHash() { - MessageDigest md = null; - try { - md = CryptoInsts.getMessageDigest("SM3"); - } catch (NoSuchAlgorithmException e) { - throw new IllegalStateException("SM3 is not supported", e); - } - - if (md instanceof Cloneable) { - transcriptHash = new CloneableHash(md); - this.baos = new ByteArrayOutputStream(); - } else { - transcriptHash = new NonCloneableHash(md); - this.baos = null; - } - } - - @Override - public void update(byte[] input, int offset, int length) { - transcriptHash.update(input, offset, length); - if (baos != null) { - baos.write(input, offset, length); - } - } - - @Override - public byte[] digest() { - return transcriptHash.digest(); - } - - @Override - public byte[] archived() { - if (baos != null) { - return baos.toByteArray(); - } else { - return transcriptHash.archived(); - } - } -}