diff --git a/src/java.base/share/classes/sun/security/ssl/ClientHandshakeContext.java b/src/java.base/share/classes/sun/security/ssl/ClientHandshakeContext.java index fac62ed1284..0ca4224c517 100644 --- a/src/java.base/share/classes/sun/security/ssl/ClientHandshakeContext.java +++ b/src/java.base/share/classes/sun/security/ssl/ClientHandshakeContext.java @@ -90,6 +90,9 @@ class ClientHandshakeContext extends HandshakeContext { ClientHelloMessage initialClientHelloMsg = null; + // PSK identity is selected in first Hello and used again after HRR + byte[] pskIdentity; + ClientHandshakeContext(SSLContextImpl sslContext, TransportContext conContext) throws IOException { super(sslContext, conContext); diff --git a/src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java b/src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java index 695dac547fb..413b934038a 100644 --- a/src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java +++ b/src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java @@ -656,7 +656,11 @@ final class PreSharedKeyExtension { return null; } SecretKey psk = pskOpt.get(); - Optional pskIdOpt = chc.resumingSession.consumePskIdentity(); + // The PSK ID can only be used in one connections, but this method + // may be called twice in a connection if the server sends HRR. + // ID is saved in the context so it can be used in the second call. + Optional pskIdOpt = Optional.ofNullable(chc.pskIdentity) + .or(chc.resumingSession::consumePskIdentity); if (!pskIdOpt.isPresent()) { if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { SSLLogger.fine( @@ -664,7 +668,7 @@ final class PreSharedKeyExtension { } return null; } - byte[] pskId = pskIdOpt.get(); + chc.pskIdentity = pskIdOpt.get(); //The session cannot be used again. Remove it from the cache. SSLSessionContextImpl sessionCache = (SSLSessionContextImpl) @@ -681,7 +685,7 @@ final class PreSharedKeyExtension { chc.resumingSession.getTicketCreationTime()); int obfuscatedAge = ageMillis + chc.resumingSession.getTicketAgeAdd(); - identities.add(new PskIdentity(pskId, obfuscatedAge)); + identities.add(new PskIdentity(chc.pskIdentity, obfuscatedAge)); SecretKey binderKey = deriveBinderKey(psk, chc.resumingSession); ClientHelloMessage clientHello = (ClientHelloMessage)message;