/*
 * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package sun.security.ssl;

SSL/TLS record
Author:David Brownell
/** * SSL/TLS record * * @author David Brownell */
interface SSLRecord extends Record { static final int headerSize = 5; // SSLv3 record header static final int handshakeHeaderSize = 4; // SSLv3 handshake header /* * The size of the header plus the max IV length */ static final int headerPlusMaxIVSize = headerSize // header + maxIVLength; // iv /* * The maximum size that may be increased when translating plaintext to * ciphertext fragment. */ static final int maxPlaintextPlusSize = headerSize // header + maxIVLength // iv + maxMacSize // MAC or AEAD tag + maxPadding; // block cipher padding /* * SSL has a maximum record size. It's header, (compressed) data, * padding, and a trailer for the message authentication information (MAC * for block and stream ciphers, and message authentication tag for AEAD * ciphers). * * Some compression algorithms have rare cases where they expand the data. * As we don't support compression at this time, leave that out. */ static final int maxRecordSize = headerPlusMaxIVSize // header + iv + maxDataSize // data + maxPadding // padding + maxMacSize; // MAC or AEAD tag /* * The maximum large record size. * * Some SSL/TLS implementations support large fragment upto 2^15 bytes, * such as Microsoft. We support large incoming fragments. * * The maximum large record size is defined as maxRecordSize plus 2^14, * this is the amount OpenSSL is using. */ static final int maxLargeRecordSize = maxRecordSize // Max size with a conforming implementation + maxDataSize; // extra 2^14 bytes for large data packets. /* * We may need to send this SSL v2 "No Cipher" message back, if we * are faced with an SSLv2 "hello" that's not saying "I talk v3". * It's the only one documented in the V2 spec as a fatal error. */ static final byte[] v2NoCipher = { (byte)0x80, (byte)0x03, // unpadded 3 byte record (byte)0x00, // ... error message (byte)0x00, (byte)0x01 // ... NO_CIPHER error }; }