8317547: Enhance TLS connection support

Reviewed-by: ahgross, rhalade, weijun, valeriep
2025-08-28 15:24:43 +02:00 · 2023-11-14 17:00:30 +00:00 · 2023-11-14 17:00:30 +00:00 · bf7bd9a16c
commit bf7bd9a16c
parent c1a568c9c4
4 changed files with 142 additions and 90 deletions
--- a/src/java.base/share/classes/sun/security/util/KeyUtil.java
+++ b/src/java.base/share/classes/sun/security/util/KeyUtil.java
@ -291,13 +291,14 @@ public final class KeyUtil {
     *         contains the lower of that suggested by the client in the client
     *         hello and the highest supported by the server.
     * @param  encoded the encoded key in its "RAW" encoding format
-     * @param  isFailOver whether the previous decryption of the
-     *         encrypted PreMasterSecret message run into problem
+     * @param  failure true if encoded is incorrect according to previous checks
     * @return the polished PreMasterSecret key in its "RAW" encoding format
     */
    public static byte[] checkTlsPreMasterSecretKey(
            int clientVersion, int serverVersion, SecureRandom random,
-            byte[] encoded, boolean isFailOver) {
+            byte[] encoded, boolean failure) {
+
+        byte[] tmp;

        if (random == null) {
            random = JCAUtil.getSecureRandom();
@ -305,30 +306,38 @@ public final class KeyUtil {
        byte[] replacer = new byte[48];
        random.nextBytes(replacer);

-        if (!isFailOver && (encoded != null)) {
-            // check the length
-            if (encoded.length != 48) {
-                // private, don't need to clone the byte array.
-                return replacer;
-            }
-
-            int encodedVersion =
-                    ((encoded[0] & 0xFF) << 8) | (encoded[1] & 0xFF);
-            if (clientVersion != encodedVersion) {
-                if (clientVersion > 0x0301 ||               // 0x0301: TLSv1
-                       serverVersion != encodedVersion) {
-                    encoded = replacer;
-                }   // Otherwise, For compatibility, we maintain the behavior
-                    // that the version in pre_master_secret can be the
-                    // negotiated version for TLS v1.0 and SSL v3.0.
-            }
-
-            // private, don't need to clone the byte array.
-            return encoded;
+        if (failure) {
+            tmp = replacer;
+        } else {
+            tmp = encoded;
        }

-        // private, don't need to clone the byte array.
-        return replacer;
+        if (tmp == null) {
+            encoded = replacer;
+        } else {
+            encoded = tmp;
+        }
+        // check the length
+        if (encoded.length != 48) {
+            // private, don't need to clone the byte array.
+            tmp = replacer;
+        } else {
+            tmp = encoded;
+        }
+
+        int encodedVersion =
+                ((tmp[0] & 0xFF) << 8) | (tmp[1] & 0xFF);
+        int check1 = 0;
+        int check2 = 0;
+        int check3 = 0;
+        if (clientVersion != encodedVersion) check1 = 1;
+        if (clientVersion > 0x0301) check2 = 1;
+        if (serverVersion != encodedVersion) check3 = 1;
+        if ((check1 & (check2 | check3)) == 1) {
+            return replacer;
+        } else {
+            return tmp;
+        }
    }

    /**