Refactoring TLS code

Xuelei Fan xuelei.fan at oracle.com
Wed May 27 14:57:50 UTC 2020 

Hi Ben,

The tutorial is impressive to me.

Thanks for the reporting, I filed a RFE for the tracking:
    https://bugs.openjdk.java.net/browse/JDK-8245983

Xuelei

On 5/27/2020 7:23 AM, Ben Smyth wrote:
> I have written a TLS 1.3 tutorial 
> (https://bensmyth.com/publications/2019-TLS-tutorial/) which includes 
> source code from JDK 11. Whilst explaining the code, I noticed some 
> possible refactoring that would simplify the (JDK 11 & current) code base:
> 
> - createHkdfInfo is defined three times: 
> SSLBasicKeyDerivation.createHkdfInfo could perhaps be dropped in favour 
> of SSLSecretDerivation.createHkdfInfo (noting a slight difference 
> regarding runtime exceptions), as can 
> SSLTrafficKeyDerivation.T13TrafficKeyDerivation.createHkdfInfo (noting 
> the need to supply 0x00 as the context).
> 
> - ServerHello.T13ServerHelloProducer.produce and 
> ServerHello.T13ServerHelloConsumer.consume each define code to 
> changeclient/server handshake traffic secrets. The code is identical up 
> to contexts, labels s_hs_traffic and c_hs_traffic, treatment of null in 
> tricks to make the compiler happy (cf. return null; and return; in 
> catch-branches), alpha-renaming of one variable, and whitespace (and 
> some obsolete, commented-out code).
> 
> - Similarly to the previous point, 
> Finished.T13FinishedProducer.onProduceFinished and 
> Finished.T13FinishedConsumer.onConsumeFinished define code to derive 
> traffic secrets and corresponding traffic keys, (unsurprisingly) 
> computations are similar. (The same is true for other secrets and 
> traffic keys.)
> 
> - CertificateVerify.onProduceCertificateVerify is defined for 
> ServerHandshakeContext and ClientHandshakeContext, both instances are 
> identical up to variables shc and chc (with the former using string 
> "server" and the latter using "client" for logging).
> 
> - Not really refactoring, but comment on ClientHello:1172 says extension 
> key_share is ignored, when it isn't (extension psk_key_exchange_modes, 
> pre_shared_key, and protocol_version are).
> 
> My apologises if this mail is considered noise (or is simply wrong)---I 
> figured suggestions for simplifying JDK's code base might be useful.
> 
> 
> Best regards,
> 
> Ben

More information about the security-dev mailing list