Code Review Request: TLS 1.3 Implementation

Fri Jun 22 22:45:06 UTC 2018

Update: http://hg.openjdk.java.net/jdk/sandbox/rev/63ab0dfe3dbb

Except the issues in this thread, this update also include changes to 
set signature parameters after key initialization, so that the provider 
of Signature instance is the same as its key provider if needed.

We have fixed the SunMSCAPI RSASSA-PSS signature issue, and the test 
sun/security/mscapi/ShortRSAKeyWithinTLS.java passed now.  The test is 
removed from the ProblemList.txt.

I don't think it is really necessary, but just in case there is a 
compatibility impact, I updated the RSA size limit from 512 to 511.  The 
sun/security/pkcs11/KeyStore/ClientAuth.sh,  which uses 511 RSA key, is 
removed from the ProblemList.txt.

Thanks,
Xuelei

On 6/22/2018 1:12 PM, Xuelei Fan wrote:
> All good catches!  I will push the changeset soon after the testing.
> 
> On 6/22/2018 11:18 AM, Jamil Nimeh wrote:
>>   * DHKeyExchange.java
>>       o 177-192: Am I missing something or does isRecovering get defined
>>         as false and never gets set to true within the lifetime of the
>>         variable?  Do we still need this?
> Yes, it is used in case the generated DH key does not meet the quality. 
> I missed the code to set isRecovering to true.
> 
> Thanks,
> Xuelei
> 
>>       o 178: Nit/typo: "recove" --> "recover"
>>       o 207-210: Catching Exception seems really broad.  Can you cover
>>         all your checked exception cases with GeneralSecurityException
>>         and just let the unchecked exceptions throw as-is without
>>         wrapping them inside RuntimeException?
>>   * DHServerKeyExchange.java
>>       o 69-71: Can the p/g/y fields be final?
>>
>> More on the way.
>>
>> --Jamil
>>>
>>> On 6/8/2018 10:21 AM, Xuelei Fan wrote:
>>>> Here is the 3rd full webrev:
>>>> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.02
>>>>
>>>> and the delta update to the 1st webrev:
>>>> http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.01
>>>>
>>>> Xuelei
>>>>
>>>> On 6/3/2018 9:43 PM, Xuelei Fan wrote:
>>>>> Hi,
>>>>>
>>>>> Here it the 2nd full webrev:
>>>>> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.01
>>>>>
>>>>> and the delta update to the 1st webrev:
>>>>> http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.00/
>>>>>
>>>>> Xuelei
>>>>>
>>>>> On 5/25/2018 4:45 PM, Xuelei Fan wrote:
>>>>>> Hi,
>>>>>>
>>>>>> I'd like to invite you to review the TLS 1.3 implementation.  I 
>>>>>> appreciate it if I could have compatibility and specification 
>>>>>> feedback before May 31, 2018, and implementation feedback before 
>>>>>> June 7, 2018.
>>>>>>
>>>>>> Here is the webrev:
>>>>>> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
>>>>>>
>>>>>> The formal TLS 1.3 specification is not finalized yet, although it 
>>>>>> had been approved to be a standard.  The implementation is based 
>>>>>> on the draft version 28:
>>>>>> https://tools.ietf.org/html/draft-ietf-tls-tls13-28
>>>>>>
>>>>>> For the overall description of this enhancement, please refer to 
>>>>>> JEP 332:
>>>>>> http://openjdk.java.net/jeps/332
>>>>>>
>>>>>> For the compatibility and specification update, please refer to 
>>>>>> CSR 8202625:
>>>>>> https://bugs.openjdk.java.net/browse/JDK-8202625
>>>>>>
>>>>>> Note that we are using the sandbox for the development right now. 
>>>>>> For more information, please refer to Bradford's previous email:
>>>>>>
>>>>>> http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html 
>>>>>>
>>>>>>
>>>>>> Thanks & Regards,
>>>>>> Xuelei
>>