/* |
|
* Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved. |
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
* |
|
* This code is free software; you can redistribute it and/or modify it |
|
* under the terms of the GNU General Public License version 2 only, as |
|
* published by the Free Software Foundation. Oracle designates this |
|
* particular file as subject to the "Classpath" exception as provided |
|
* by Oracle in the LICENSE file that accompanied this code. |
|
* |
|
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
* version 2 for more details (a copy is included in the LICENSE file that |
|
* accompanied this code). |
|
* |
|
* You should have received a copy of the GNU General Public License version |
|
* 2 along with this work; if not, write to the Free Software Foundation, |
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
* |
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
* or visit www.oracle.com if you need additional information or have any |
|
* questions. |
|
*/ |
|
package sun.security.ssl; |
|
/** |
|
* SSL/TLS record |
|
* |
|
* @author David Brownell |
|
*/ |
|
interface SSLRecord extends Record { |
|
static final int headerSize = 5; // SSLv3 record header |
|
static final int handshakeHeaderSize = 4; // SSLv3 handshake header |
|
/* |
|
* The size of the header plus the max IV length |
|
*/ |
|
static final int headerPlusMaxIVSize = |
|
headerSize // header |
|
+ maxIVLength; // iv |
|
/* |
|
* The maximum size that may be increased when translating plaintext to |
|
* ciphertext fragment. |
|
*/ |
|
static final int maxPlaintextPlusSize = |
|
headerSize // header |
|
+ maxIVLength // iv |
|
+ maxMacSize // MAC or AEAD tag |
|
+ maxPadding; // block cipher padding |
|
/* |
|
* SSL has a maximum record size. It's header, (compressed) data, |
|
* padding, and a trailer for the message authentication information (MAC |
|
* for block and stream ciphers, and message authentication tag for AEAD |
|
* ciphers). |
|
* |
|
* Some compression algorithms have rare cases where they expand the data. |
|
* As we don't support compression at this time, leave that out. |
|
*/ |
|
static final int maxRecordSize = |
|
headerPlusMaxIVSize // header + iv |
|
+ maxDataSize // data |
|
+ maxPadding // padding |
|
+ maxMacSize; // MAC or AEAD tag |
|
/* |
|
* The maximum large record size. |
|
* |
|
* Some SSL/TLS implementations support large fragment upto 2^15 bytes, |
|
* such as Microsoft. We support large incoming fragments. |
|
* |
|
* The maximum large record size is defined as maxRecordSize plus 2^14, |
|
* this is the amount OpenSSL is using. |
|
*/ |
|
static final int maxLargeRecordSize = |
|
maxRecordSize // Max size with a conforming implementation |
|
+ maxDataSize; // extra 2^14 bytes for large data packets. |
|
/* |
|
* We may need to send this SSL v2 "No Cipher" message back, if we |
|
* are faced with an SSLv2 "hello" that's not saying "I talk v3". |
|
* It's the only one documented in the V2 spec as a fatal error. |
|
*/ |
|
static final byte[] v2NoCipher = { |
|
(byte)0x80, (byte)0x03, // unpadded 3 byte record |
|
(byte)0x00, // ... error message |
|
(byte)0x00, (byte)0x01 // ... NO_CIPHER error |
|
}; |
|
} |