Skip to content

Commit f4cfd75

Browse files
author
John Jiang
committed
8261510: Use RFC numbers and protocol titles in sun.security.ssl.SSLExtension comments
Reviewed-by: wetmore, xuelei
1 parent 75c8489 commit f4cfd75

File tree

1 file changed

+62
-65
lines changed

1 file changed

+62
-65
lines changed

src/java.base/share/classes/sun/security/ssl/SSLExtension.java

Lines changed: 62 additions & 65 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@
3535
import sun.security.util.HexDumpEncoder;
3636

3737
enum SSLExtension implements SSLStringizer {
38-
// Extensions defined in RFC 6066
38+
// Extensions defined in RFC 6066 (TLS Extensions: Extension Definitions)
3939
CH_SERVER_NAME (0x0000, "server_name",
4040
SSLHandshake.CLIENT_HELLO,
4141
ProtocolVersion.PROTOCOLS_TO_13,
@@ -63,6 +63,7 @@ enum SSLExtension implements SSLStringizer {
6363
null,
6464
null,
6565
ServerNameExtension.shStringizer),
66+
6667
CH_MAX_FRAGMENT_LENGTH (0x0001, "max_fragment_length",
6768
SSLHandshake.CLIENT_HELLO,
6869
ProtocolVersion.PROTOCOLS_TO_13,
@@ -90,6 +91,7 @@ enum SSLExtension implements SSLStringizer {
9091
MaxFragExtension.eeOnTradeConsumer,
9192
null,
9293
MaxFragExtension.maxFragLenStringizer),
94+
9395
CLIENT_CERTIFICATE_URL (0x0002, "client_certificate_url"),
9496
TRUSTED_CA_KEYS (0x0003, "trusted_ca_keys"),
9597
TRUNCATED_HMAC (0x0004, "truncated_hmac"),
@@ -123,17 +125,17 @@ enum SSLExtension implements SSLStringizer {
123125
null,
124126
CertStatusExtension.certStatusRespStringizer),
125127

126-
// extensions defined in RFC 4681
128+
// Extensions defined in RFC 4681 (TLS User Mapping Extension)
127129
USER_MAPPING (0x0006, "user_mapping"),
128130

129-
// extensions defined in RFC 5878
131+
// Extensions defined in RFC 5878 (TLS Authorization Extensions)
130132
CLIENT_AUTHZ (0x0007, "client_authz"),
131133
SERVER_AUTHZ (0x0008, "server_authz"),
132134

133-
// extensions defined in RFC 5081
135+
// Extensions defined in RFC 6091 (Using OpenPGP Keys for TLS Authentication)
134136
CERT_TYPE (0x0009, "cert_type"),
135137

136-
// extensions defined in RFC 4492 (ECC)
138+
// Extensions defined in RFC 8422 (ECC Cipher Suites for TLS Versions 1.2 and Earlier)
137139
CH_SUPPORTED_GROUPS (0x000A, "supported_groups",
138140
SSLHandshake.CLIENT_HELLO,
139141
ProtocolVersion.PROTOCOLS_TO_13,
@@ -172,55 +174,16 @@ enum SSLExtension implements SSLStringizer {
172174
null,
173175
ECPointFormatsExtension.epfStringizer),
174176

175-
// extensions defined in RFC 5054
177+
// Extensions defined in RFC 5054 (Using the SRP Protocol for TLS Authentication)
176178
SRP (0x000C, "srp"),
177179

178-
// extensions defined in RFC 5246
179-
CH_SIGNATURE_ALGORITHMS (0x000D, "signature_algorithms",
180-
SSLHandshake.CLIENT_HELLO,
181-
ProtocolVersion.PROTOCOLS_12_13,
182-
SignatureAlgorithmsExtension.chNetworkProducer,
183-
SignatureAlgorithmsExtension.chOnLoadConsumer,
184-
SignatureAlgorithmsExtension.chOnLoadAbsence,
185-
SignatureAlgorithmsExtension.chOnTradeConsumer,
186-
SignatureAlgorithmsExtension.chOnTradeAbsence,
187-
SignatureAlgorithmsExtension.ssStringizer),
188-
CR_SIGNATURE_ALGORITHMS (0x000D, "signature_algorithms",
189-
SSLHandshake.CERTIFICATE_REQUEST,
190-
ProtocolVersion.PROTOCOLS_OF_13,
191-
SignatureAlgorithmsExtension.crNetworkProducer,
192-
SignatureAlgorithmsExtension.crOnLoadConsumer,
193-
SignatureAlgorithmsExtension.crOnLoadAbsence,
194-
SignatureAlgorithmsExtension.crOnTradeConsumer,
195-
null,
196-
SignatureAlgorithmsExtension.ssStringizer),
197-
198-
CH_SIGNATURE_ALGORITHMS_CERT (0x0032, "signature_algorithms_cert",
199-
SSLHandshake.CLIENT_HELLO,
200-
ProtocolVersion.PROTOCOLS_12_13,
201-
CertSignAlgsExtension.chNetworkProducer,
202-
CertSignAlgsExtension.chOnLoadConsumer,
203-
null,
204-
CertSignAlgsExtension.chOnTradeConsumer,
205-
null,
206-
CertSignAlgsExtension.ssStringizer),
207-
CR_SIGNATURE_ALGORITHMS_CERT (0x0032, "signature_algorithms_cert",
208-
SSLHandshake.CERTIFICATE_REQUEST,
209-
ProtocolVersion.PROTOCOLS_OF_13,
210-
CertSignAlgsExtension.crNetworkProducer,
211-
CertSignAlgsExtension.crOnLoadConsumer,
212-
null,
213-
CertSignAlgsExtension.crOnTradeConsumer,
214-
null,
215-
CertSignAlgsExtension.ssStringizer),
216-
217-
// extensions defined in RFC 5764
180+
// Extensions defined in RFC 5764 (DTLS Extension to Establish Keys for the SRTP)
218181
USE_SRTP (0x000E, "use_srtp"),
219182

220-
// extensions defined in RFC 6520
183+
// Extensions defined in RFC 6520 (TLS and DTLS Heartbeat Extension)
221184
HEARTBEAT (0x000E, "heartbeat"),
222185

223-
// extension defined in RFC 7301 (ALPN)
186+
// Extensions defined in RFC 7301 (TLS Application-Layer Protocol Negotiation Extension)
224187
CH_ALPN (0x0010, "application_layer_protocol_negotiation",
225188
SSLHandshake.CLIENT_HELLO,
226189
ProtocolVersion.PROTOCOLS_TO_13,
@@ -249,7 +212,7 @@ enum SSLExtension implements SSLStringizer {
249212
null,
250213
AlpnExtension.alpnStringizer),
251214

252-
// extensions defined in RFC 6961
215+
// Extensions defined in RFC 6961 (TLS Multiple Certificate Status Request Extension)
253216
CH_STATUS_REQUEST_V2 (0x0011, "status_request_v2",
254217
SSLHandshake.CLIENT_HELLO,
255218
ProtocolVersion.PROTOCOLS_TO_12,
@@ -269,20 +232,20 @@ enum SSLExtension implements SSLStringizer {
269232
null,
270233
CertStatusExtension.certStatusReqV2Stringizer),
271234

272-
// extensions defined in RFC 6962
235+
// Extensions defined in RFC 6962 (Certificate Transparency)
273236
SIGNED_CERT_TIMESTAMP (0x0012, "signed_certificate_timestamp"),
274237

275-
// extensions defined in RFC 7250
238+
// Extensions defined in RFC 7250 (Using Raw Public Keys in TLS and DTLS)
276239
CLIENT_CERT_TYPE (0x0013, "client_certificate_type"),
277240
SERVER_CERT_TYPE (0x0014, "server_certificate_type"),
278241

279-
// extensions defined in RFC 7685
242+
// Extensions defined in RFC 7685 (TLS ClientHello Padding Extension)
280243
PADDING (0x0015, "padding"),
281244

282-
// extensions defined in RFC 7366
245+
// Extensions defined in RFC 7366 (Encrypt-then-MAC for TLS and DTLS)
283246
ENCRYPT_THEN_MAC (0x0016, "encrypt_then_mac"),
284247

285-
// extensions defined in RFC 7627
248+
// Extensions defined in RFC 7627 (TLS Session Hash and Extended Master Secret Extension)
286249
CH_EXTENDED_MASTER_SECRET (0x0017, "extended_master_secret",
287250
SSLHandshake.CLIENT_HELLO,
288251
ProtocolVersion.PROTOCOLS_TO_12,
@@ -302,13 +265,13 @@ enum SSLExtension implements SSLStringizer {
302265
null,
303266
ExtendedMasterSecretExtension.emsStringizer),
304267

305-
// extensions defined in RFC draft-ietf-tokbind-negotiation
306-
TOKEN_BINDING (0x0018, "token_binding "),
268+
// Extensions defined in RFC 8472 (TLS Extension for Token Binding Protocol Negotiation)
269+
TOKEN_BINDING (0x0018, "token_binding"),
307270

308-
// extensions defined in RFC 7924
271+
// Extensions defined in RFC 7924 (TLS Cached Information Extension)
309272
CACHED_INFO (0x0019, "cached_info"),
310273

311-
// extensions defined in RFC 5077
274+
// Extensions defined in RFC 5077 (TLS Session Resumption without Server-Side State)
312275
CH_SESSION_TICKET (0x0023, "session_ticket",
313276
SSLHandshake.CLIENT_HELLO,
314277
ProtocolVersion.PROTOCOLS_10_12,
@@ -319,7 +282,6 @@ enum SSLExtension implements SSLStringizer {
319282
null,
320283
SessionTicketExtension.steStringizer),
321284
//null),
322-
323285
SH_SESSION_TICKET (0x0023, "session_ticket",
324286
SSLHandshake.SERVER_HELLO,
325287
ProtocolVersion.PROTOCOLS_10_12,
@@ -331,7 +293,26 @@ enum SSLExtension implements SSLStringizer {
331293
SessionTicketExtension.steStringizer),
332294
//null),
333295

334-
// extensions defined in TLS 1.3
296+
// Extensions defined in RFC 8446 (TLS Protocol Version 1.3)
297+
CH_SIGNATURE_ALGORITHMS (0x000D, "signature_algorithms",
298+
SSLHandshake.CLIENT_HELLO,
299+
ProtocolVersion.PROTOCOLS_12_13,
300+
SignatureAlgorithmsExtension.chNetworkProducer,
301+
SignatureAlgorithmsExtension.chOnLoadConsumer,
302+
SignatureAlgorithmsExtension.chOnLoadAbsence,
303+
SignatureAlgorithmsExtension.chOnTradeConsumer,
304+
SignatureAlgorithmsExtension.chOnTradeAbsence,
305+
SignatureAlgorithmsExtension.ssStringizer),
306+
CR_SIGNATURE_ALGORITHMS (0x000D, "signature_algorithms",
307+
SSLHandshake.CERTIFICATE_REQUEST,
308+
ProtocolVersion.PROTOCOLS_OF_13,
309+
SignatureAlgorithmsExtension.crNetworkProducer,
310+
SignatureAlgorithmsExtension.crOnLoadConsumer,
311+
SignatureAlgorithmsExtension.crOnLoadAbsence,
312+
SignatureAlgorithmsExtension.crOnTradeConsumer,
313+
null,
314+
SignatureAlgorithmsExtension.ssStringizer),
315+
335316
CH_EARLY_DATA (0x002A, "early_data"),
336317
EE_EARLY_DATA (0x002A, "early_data"),
337318
NST_EARLY_DATA (0x002A, "early_data"),
@@ -347,7 +328,6 @@ enum SSLExtension implements SSLStringizer {
347328
SupportedVersionsExtension.chStringizer),
348329
SH_SUPPORTED_VERSIONS (0x002B, "supported_versions",
349330
SSLHandshake.SERVER_HELLO,
350-
// and HelloRetryRequest
351331
ProtocolVersion.PROTOCOLS_OF_13,
352332
SupportedVersionsExtension.shNetworkProducer,
353333
SupportedVersionsExtension.shOnLoadConsumer,
@@ -406,7 +386,6 @@ enum SSLExtension implements SSLStringizer {
406386
null,
407387
PskKeyExchangeModesExtension.chOnTradeAbsence,
408388
PskKeyExchangeModesExtension.pkemStringizer),
409-
410389
CH_CERTIFICATE_AUTHORITIES (0x002F, "certificate_authorities",
411390
SSLHandshake.CLIENT_HELLO,
412391
ProtocolVersion.PROTOCOLS_OF_13,
@@ -416,7 +395,6 @@ enum SSLExtension implements SSLStringizer {
416395
null,
417396
null,
418397
CertificateAuthoritiesExtension.ssStringizer),
419-
420398
CR_CERTIFICATE_AUTHORITIES (0x002F, "certificate_authorities",
421399
SSLHandshake.CERTIFICATE_REQUEST,
422400
ProtocolVersion.PROTOCOLS_OF_13,
@@ -430,6 +408,25 @@ enum SSLExtension implements SSLStringizer {
430408
OID_FILTERS (0x0030, "oid_filters"),
431409
POST_HANDSHAKE_AUTH (0x0030, "post_handshake_auth"),
432410

411+
CH_SIGNATURE_ALGORITHMS_CERT (0x0032, "signature_algorithms_cert",
412+
SSLHandshake.CLIENT_HELLO,
413+
ProtocolVersion.PROTOCOLS_12_13,
414+
CertSignAlgsExtension.chNetworkProducer,
415+
CertSignAlgsExtension.chOnLoadConsumer,
416+
null,
417+
CertSignAlgsExtension.chOnTradeConsumer,
418+
null,
419+
CertSignAlgsExtension.ssStringizer),
420+
CR_SIGNATURE_ALGORITHMS_CERT (0x0032, "signature_algorithms_cert",
421+
SSLHandshake.CERTIFICATE_REQUEST,
422+
ProtocolVersion.PROTOCOLS_OF_13,
423+
CertSignAlgsExtension.crNetworkProducer,
424+
CertSignAlgsExtension.crOnLoadConsumer,
425+
null,
426+
CertSignAlgsExtension.crOnTradeConsumer,
427+
null,
428+
CertSignAlgsExtension.ssStringizer),
429+
433430
CH_KEY_SHARE (0x0033, "key_share",
434431
SSLHandshake.CLIENT_HELLO,
435432
ProtocolVersion.PROTOCOLS_OF_13,
@@ -462,7 +459,7 @@ enum SSLExtension implements SSLStringizer {
462459
null, null, null, null,
463460
KeyShareExtension.hrrStringizer),
464461

465-
// Extensions defined in RFC 5746
462+
// Extensions defined in RFC 5746 (TLS Renegotiation Indication Extension)
466463
CH_RENEGOTIATION_INFO (0xff01, "renegotiation_info",
467464
SSLHandshake.CLIENT_HELLO,
468465
ProtocolVersion.PROTOCOLS_TO_12,
@@ -482,7 +479,7 @@ enum SSLExtension implements SSLStringizer {
482479
null,
483480
RenegoInfoExtension.rniStringizer),
484481

485-
// TLS 1.3 PSK extension must be last
482+
// RFC 8446 (TLS Protocol Version 1.3) PSK extension must be last
486483
CH_PRE_SHARED_KEY (0x0029, "pre_shared_key",
487484
SSLHandshake.CLIENT_HELLO,
488485
ProtocolVersion.PROTOCOLS_OF_13,

0 commit comments

Comments
 (0)