Code Review Request: TLS 1.3 Implementation

Xuelei Fan xuelei.fan at oracle.com
Fri Jun 8 04:20:33 UTC 2018 

Update: http://hg.openjdk.java.net/jdk/sandbox/rev/75527e40bdfd

This update fixed the session resumption and related issues.   The 
update code will be included in the next webrev for further review.

Xuelei

On 6/3/2018 12:58 PM, Xuelei Fan wrote:
>  > http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
> 
> PreSharedKeyExtension.java
> --------------------------
> A few lines exceed the 80-characters per line limit.
> 
>    68  static final class PskIdentity {
> This class can be private.
> 
> 
>    72  public PskIdentity(byte[] identity, int obfuscatedAge) {
>    77  public PskIdentity(ByteBuffer m)
> It is not necessary to use "public" scope.  Please check other public 
> methods as well if existing.
> 
> 
>   111  CHPreSharedKeySpec(ByteBuffer m)
>   112      throws IllegalParameterException, IOException {
> Implementation of this method does not check the boundary of the 
> PreSharedKeyExtension struct.
> 
> 
>   271  ServerHandshakeContext shc = (ServerHandshakeContext) 
> message.handshakeContext;
> It is more simple to use the context parameter rather than the message 
> context.
> 
> 
>   315   shc.isResumption = false;
>   316   shc.resumingSession = null;
>         ...
>   324       resumeSession(shc, s, idIndex);
> This resets of shc.isResumption and shc.resumingSession override the set 
> of other extensions.  It could lead to unexpected behaviors.
> 
> 
>   675   if (shPsk.selectedIdentity != 0) {
> If only the 1st id can be use, may be don't bother to cache and request 
> other ids.  I'm  not very sure of it yet, need more time to think about it.
> 
> Xuelei
> 
> On 5/25/2018 4:45 PM, Xuelei Fan wrote:
>> Hi,
>>
>> I'd like to invite you to review the TLS 1.3 implementation.  I 
>> appreciate it if I could have compatibility and specification feedback 
>> before May 31, 2018, and implementation feedback before June 7, 2018.
>>
>> Here is the webrev:
>>      http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
>>
>> The formal TLS 1.3 specification is not finalized yet, although it had 
>> been approved to be a standard.  The implementation is based on the 
>> draft version 28:
>>      https://tools.ietf.org/html/draft-ietf-tls-tls13-28
>>
>> For the overall description of this enhancement, please refer to JEP 332:
>>      http://openjdk.java.net/jeps/332
>>
>> For the compatibility and specification update, please refer to CSR 
>> 8202625:
>>      https://bugs.openjdk.java.net/browse/JDK-8202625
>>
>> Note that we are using the sandbox for the development right now.  For 
>> more information, please refer to Bradford's previous email:
>>
>> http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html
>>
>> Thanks & Regards,
>> Xuelei

More information about the security-dev mailing list