Request for review: 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension

Simone Bordet simone.bordet at gmail.com
Tue Dec 1 09:53:47 UTC 2015 

Hi,

On Mon, Nov 30, 2015 at 1:08 AM, Vincent Ryan <vincent.x.ryan at oracle.com> wrote:
> Hello,
>
> Following on from Brad’s recent email, here is the full webrev of the API
> and the implementation classes for ALPN:
>   http://cr.openjdk.java.net/~vinnie/8144093/webrev.00/
>
> In adds the implementation classes (sun/security/ssl) to the public API
> classes (javax/net/ssl) which have already been agreed.
> Some basic tests (test/javax/net/ssl) are also included.

I just would like to remind that session resumption is a very
important use case to support for ALPN.

I have not seen anything related to this review for session resumption.
Has it been tested ?

It is still not clear to me what a client and a server have to do to
support ALPN.

>From my understanding a server has to:

* read encrypted bytes into a ByteBuffer
* parse the TLS ClientHello frame on its own
* extract from the ClientHello the TLS Protocol version, the ALPN
extension, and the ciphers
* run some logic to determine the AP
** if no AP can be chosen, generate a TLS Alert frame on its own to
close the connection and bail out
* otherwise, an AP/cipher combo has been chosen
* sslParameters.setApplicationProtocols(AP) // just one protocol
* sslParameters.setCipherSuites(cipher) // just one cipher
* sslEngine.setSSLParameters(sslParameters)
* reset the ByteBuffer position to the beginning
* pass the ByteBuffer to sslEngine.unwrap()
* JDK implementation will re-parse the ClientHello, and use the
sslParameters data during handshake and when generating the
ServerHello


A client has to:

* read encrypted bytes into a ByteBuffer
* parse a ServerHello frame on its own
* extract the ALPN extension and the cipher
* run some logic to verify that the AP and the cipher can be used together
** if AP and cipher don't match, generate a TLS Alert frame on its own
to close the connection and bail out
* otherwise the AP/cipher combo is ok
* reset the ByteBuffer position to the beginning
* pass the ByteBuffer to sslEngine.unwrap()
* JDK implementation will re-parse the ServerHello and complete the
TLS handshake

Is that right ?

In that scenario, what is the use of
SSLEngine.getHandshakeApplicationProtocol() ?

Also, I don't understand how the above could work for SSLSocket ?
Can someone write down the steps a client and a server should do to
actually use ALPN with SSLSocket ?

Thanks !

-- 
Simone Bordet
http://bordet.blogspot.com
---
Finally, no matter how good the architecture and design are,
to deliver bug-free software with optimal performance and reliability,
the implementation technique must be flawless.   Victoria Livschitz

More information about the security-dev mailing list