1 /* 2 * Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.ssl; 27 28 /** 29 * Type safe enum for an SSL/TLS protocol version. Instances are obtained 30 * using the static factory methods or by referencing the static members 31 * in this class. Member variables are final and can be accessed without 32 * accessor methods. 33 * 34 * There is only ever one instance per supported protocol version, this 35 * means == can be used for comparision instead of equals() if desired. 36 * 37 * Checks for a particular version number should generally take this form: 38 * 39 * if (protocolVersion.v >= ProtocolVersion.TLS10) { 40 * // TLS 1.0 code goes here 41 * } else { 42 * // SSL 3.0 code here 43 * } 44 * 45 * @author Andreas Sterbenz 46 * @since 1.4.1 47 */ 48 public final class ProtocolVersion implements Comparable<ProtocolVersion> { 49 50 // The limit of maximum protocol version 51 final static int LIMIT_MAX_VALUE = 0xFFFF; 52 53 // The limit of minimum protocol version 54 final static int LIMIT_MIN_VALUE = 0x0000; 55 56 // Dummy protocol version value for invalid SSLSession 57 final static ProtocolVersion NONE = new ProtocolVersion(-1, "NONE"); 58 59 // If enabled, send/ accept SSLv2 hello messages 60 final static ProtocolVersion SSL20Hello = new ProtocolVersion(0x0002, 61 "SSLv2Hello"); 62 63 // SSL 3.0 64 final static ProtocolVersion SSL30 = new ProtocolVersion(0x0300, "SSLv3"); 65 66 // TLS 1.0 67 final static ProtocolVersion TLS10 = new ProtocolVersion(0x0301, "TLSv1"); 68 69 // TLS 1.1 70 final static ProtocolVersion TLS11 = new ProtocolVersion(0x0302, "TLSv1.1"); 71 72 // TLS 1.2 73 final static ProtocolVersion TLS12 = new ProtocolVersion(0x0303, "TLSv1.2"); 74 75 private static final boolean FIPS = SunJSSE.isFIPS(); 76 77 // minimum version we implement (SSL 3.0) 78 final static ProtocolVersion MIN = FIPS ? TLS10 : SSL30; 79 80 // maximum version we implement (TLS 1.2) 81 final static ProtocolVersion MAX = TLS12; 82 83 // ProtocolVersion to use by default (TLS 1.0) 84 final static ProtocolVersion DEFAULT = TLS10; 85 86 // Default version for hello messages (SSLv2Hello) 87 final static ProtocolVersion DEFAULT_HELLO = FIPS ? TLS10 : SSL30; 88 89 // version in 16 bit MSB format as it appears in records and 90 // messages, i.e. 0x0301 for TLS 1.0 91 public final int v; 92 93 // major and minor version 94 public final byte major, minor; 95 96 // name used in JSSE (e.g. TLSv1 for TLS 1.0) 97 final String name; 98 99 // private ProtocolVersion(int v, String name)100 private ProtocolVersion(int v, String name) { 101 this.v = v; 102 this.name = name; 103 major = (byte)(v >>> 8); 104 minor = (byte)(v & 0xff); 105 } 106 107 // private valueOf(int v)108 private static ProtocolVersion valueOf(int v) { 109 if (v == SSL30.v) { 110 return SSL30; 111 } else if (v == TLS10.v) { 112 return TLS10; 113 } else if (v == TLS11.v) { 114 return TLS11; 115 } else if (v == TLS12.v) { 116 return TLS12; 117 } else if (v == SSL20Hello.v) { 118 return SSL20Hello; 119 } else { 120 int major = (v >>> 8) & 0xff; 121 int minor = v & 0xff; 122 return new ProtocolVersion(v, "Unknown-" + major + "." + minor); 123 } 124 } 125 126 /** 127 * Return a ProtocolVersion with the specified major and minor version 128 * numbers. Never throws exceptions. 129 */ valueOf(int major, int minor)130 public static ProtocolVersion valueOf(int major, int minor) { 131 major &= 0xff; 132 minor &= 0xff; 133 int v = (major << 8) | minor; 134 return valueOf(v); 135 } 136 137 /** 138 * Return a ProtocolVersion for the given name. 139 * 140 * @exception IllegalArgumentException if name is null or does not 141 * identify a supported protocol 142 */ valueOf(String name)143 static ProtocolVersion valueOf(String name) { 144 if (name == null) { 145 throw new IllegalArgumentException("Protocol cannot be null"); 146 } 147 148 if (FIPS && (name.equals(SSL30.name) || name.equals(SSL20Hello.name))) { 149 throw new IllegalArgumentException 150 ("Only TLS 1.0 or later allowed in FIPS mode"); 151 } 152 153 if (name.equals(SSL30.name)) { 154 return SSL30; 155 } else if (name.equals(TLS10.name)) { 156 return TLS10; 157 } else if (name.equals(TLS11.name)) { 158 return TLS11; 159 } else if (name.equals(TLS12.name)) { 160 return TLS12; 161 } else if (name.equals(SSL20Hello.name)) { 162 return SSL20Hello; 163 } else { 164 throw new IllegalArgumentException(name); 165 } 166 } 167 toString()168 public String toString() { 169 return name; 170 } 171 172 /** 173 * Compares this object with the specified object for order. 174 */ compareTo(ProtocolVersion protocolVersion)175 public int compareTo(ProtocolVersion protocolVersion) { 176 return this.v - protocolVersion.v; 177 } 178 } 179