javax.net.ssl.SSLProtocolException Java Examples
The following examples show how to use
javax.net.ssl.SSLProtocolException.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SignatureAlgorithmsExtension.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
SignatureAlgorithmsExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_SIGNATURE_ALGORITHMS);
algorithmsLen = s.getInt16();
if (algorithmsLen == 0 || algorithmsLen + 2 != len) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
algorithms = new ArrayList<SignatureAndHashAlgorithm>();
int remains = algorithmsLen;
int sequence = 0;
while (remains > 1) { // needs at least two bytes
int hash = s.getInt8(); // hash algorithm
int signature = s.getInt8(); // signature algorithm
SignatureAndHashAlgorithm algorithm =
SignatureAndHashAlgorithm.valueOf(hash, signature, ++sequence);
algorithms.add(algorithm);
remains -= 2; // one byte for hash, one byte for signature
}
if (remains != 0) {
throw new SSLProtocolException("Invalid server_name extension");
}
}
Example #2
| Source File: CertStatusExtension.java From Bytecoder with Apache License 2.0 | 6 votes |
|
private CertStatusResponseSpec(ByteBuffer buffer) throws IOException {
if (buffer.remaining() < 2) {
throw new SSLProtocolException(
"Invalid status_request extension: insufficient data");
}
// Get the status type (1 byte) and response data (vector)
byte type = (byte)Record.getInt8(buffer);
byte[] respData = Record.getBytes24(buffer);
// Create the CertStatusResponse based on the type
if (type == CertStatusRequestType.OCSP.id) {
this.statusResponse = new OCSPStatusResponse(type, respData);
} else {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.info(
"Unknown certificate status response " +
"(status type: " + type + ")");
}
this.statusResponse = new CertStatusResponse(type, respData);
}
}
Example #3
| Source File: RenegotiationInfoExtension.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
RenegotiationInfoExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_RENEGOTIATION_INFO);
// check the extension length
if (len < 1) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
int renegoInfoDataLen = s.getInt8();
if (renegoInfoDataLen + 1 != len) { // + 1 = the byte we just read
throw new SSLProtocolException("Invalid " + type + " extension");
}
renegotiated_connection = new byte[renegoInfoDataLen];
if (renegoInfoDataLen != 0) {
s.read(renegotiated_connection, 0, renegoInfoDataLen);
}
}
Example #4
| Source File: KeyShareExtension.java From openjsse with GNU General Public License v2.0 | 6 votes |
|
private SHKeyShareSpec(ByteBuffer buffer) throws IOException {
// struct {
// KeyShareEntry server_share;
// } KeyShareServerHello;
if (buffer.remaining() < 5) { // 5: minimal server_share
throw new SSLProtocolException(
"Invalid key_share extension: " +
"insufficient data (length=" + buffer.remaining() + ")");
}
int namedGroupId = Record.getInt16(buffer);
byte[] keyExchange = Record.getBytes16(buffer);
if (buffer.hasRemaining()) {
throw new SSLProtocolException(
"Invalid key_share extension: unknown extra data");
}
this.serverShare = new KeyShareEntry(namedGroupId, keyExchange);
}
Example #5
| Source File: KeyShareExtension.java From Bytecoder with Apache License 2.0 | 6 votes |
|
private SHKeyShareSpec(ByteBuffer buffer) throws IOException {
// struct {
// KeyShareEntry server_share;
// } KeyShareServerHello;
if (buffer.remaining() < 5) { // 5: minimal server_share
throw new SSLProtocolException(
"Invalid key_share extension: " +
"insufficient data (length=" + buffer.remaining() + ")");
}
int namedGroupId = Record.getInt16(buffer);
byte[] keyExchange = Record.getBytes16(buffer);
if (buffer.hasRemaining()) {
throw new SSLProtocolException(
"Invalid key_share extension: unknown extra data");
}
this.serverShare = new KeyShareEntry(namedGroupId, keyExchange);
}
Example #6
| Source File: EllipticPointFormatsExtension.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
EllipticPointFormatsExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_EC_POINT_FORMATS);
formats = s.getBytes8();
// RFC 4492 says uncompressed points must always be supported.
// Check just to make sure.
boolean uncompressed = false;
for (int format : formats) {
if (format == FMT_UNCOMPRESSED) {
uncompressed = true;
break;
}
}
if (uncompressed == false) {
throw new SSLProtocolException
("Peer does not support uncompressed points");
}
}
Example #7
| Source File: SupportedGroupsExtension.java From openjsse with GNU General Public License v2.0 | 6 votes |
|
private SupportedGroupsSpec(ByteBuffer m) throws IOException {
if (m.remaining() < 2) { // 2: the length of the list
throw new SSLProtocolException(
"Invalid supported_groups extension: insufficient data");
}
byte[] ngs = Record.getBytes16(m);
if (m.hasRemaining()) {
throw new SSLProtocolException(
"Invalid supported_groups extension: unknown extra data");
}
if ((ngs == null) || (ngs.length == 0) || (ngs.length % 2 != 0)) {
throw new SSLProtocolException(
"Invalid supported_groups extension: incomplete data");
}
int[] ids = new int[ngs.length / 2];
for (int i = 0, j = 0; i < ngs.length;) {
ids[j++] = ((ngs[i++] & 0xFF) << 8) | (ngs[i++] & 0xFF);
}
this.namedGroupsIds = ids;
}
Example #8
| Source File: SignatureAlgorithmsExtension.java From openjsse with GNU General Public License v2.0 | 6 votes |
|
SignatureSchemesSpec(ByteBuffer buffer) throws IOException {
if (buffer.remaining() < 2) { // 2: the length of the list
throw new SSLProtocolException(
"Invalid signature_algorithms: insufficient data");
}
byte[] algs = Record.getBytes16(buffer);
if (buffer.hasRemaining()) {
throw new SSLProtocolException(
"Invalid signature_algorithms: unknown extra data");
}
if (algs == null || algs.length == 0 || (algs.length & 0x01) != 0) {
throw new SSLProtocolException(
"Invalid signature_algorithms: incomplete data");
}
int[] schemes = new int[algs.length / 2];
for (int i = 0, j = 0; i < algs.length;) {
byte hash = algs[i++];
byte sign = algs[i++];
schemes[j++] = ((hash & 0xFF) << 8) | (sign & 0xFF);
}
this.signatureSchemes = schemes;
}
Example #9
| Source File: SupportedGroupsExtension.java From Bytecoder with Apache License 2.0 | 6 votes |
|
private SupportedGroupsSpec(ByteBuffer m) throws IOException {
if (m.remaining() < 2) { // 2: the length of the list
throw new SSLProtocolException(
"Invalid supported_groups extension: insufficient data");
}
byte[] ngs = Record.getBytes16(m);
if (m.hasRemaining()) {
throw new SSLProtocolException(
"Invalid supported_groups extension: unknown extra data");
}
if ((ngs == null) || (ngs.length == 0) || (ngs.length % 2 != 0)) {
throw new SSLProtocolException(
"Invalid supported_groups extension: incomplete data");
}
int[] ids = new int[ngs.length / 2];
for (int i = 0, j = 0; i < ngs.length;) {
ids[j++] = ((ngs[i++] & 0xFF) << 8) | (ngs[i++] & 0xFF);
}
this.namedGroupsIds = ids;
}
Example #10
| Source File: SignatureAlgorithmsExtension.java From Bytecoder with Apache License 2.0 | 6 votes |
|
SignatureSchemesSpec(ByteBuffer buffer) throws IOException {
if (buffer.remaining() < 2) { // 2: the length of the list
throw new SSLProtocolException(
"Invalid signature_algorithms: insufficient data");
}
byte[] algs = Record.getBytes16(buffer);
if (buffer.hasRemaining()) {
throw new SSLProtocolException(
"Invalid signature_algorithms: unknown extra data");
}
if (algs == null || algs.length == 0 || (algs.length & 0x01) != 0) {
throw new SSLProtocolException(
"Invalid signature_algorithms: incomplete data");
}
int[] schemes = new int[algs.length / 2];
for (int i = 0, j = 0; i < algs.length;) {
byte hash = algs[i++];
byte sign = algs[i++];
schemes[j++] = ((hash & 0xFF) << 8) | (sign & 0xFF);
}
this.signatureSchemes = schemes;
}
Example #11
| Source File: CertificateAuthorityExtension.java From openjsse with GNU General Public License v2.0 | 6 votes |
|
CertificateAuthoritiesSpec(ByteBuffer buffer) throws IOException {
if (buffer.remaining() < 2) { // 2: the length of the list
throw new SSLProtocolException(
"Invalid signature_algorithms: insufficient data");
}
// read number of certificate authorities
int caLength = Record.getInt16(buffer);
if (buffer.remaining() != caLength) {
throw new SSLProtocolException(
"Invalid certificate_authorities: incorrect data size");
}
ArrayList<X500Principal> dnList = new ArrayList<X500Principal>();
while(buffer.remaining()>0) {
byte dn[] = Record.getBytes16(buffer);
X500Principal ca = new X500Principal(dn);
dnList.add(ca);
}
this.authorities = dnList.toArray(new X500Principal[dnList.size()]);
}
Example #12
| Source File: CertStatusExtension.java From openjsse with GNU General Public License v2.0 | 6 votes |
|
private CertStatusResponseSpec(ByteBuffer buffer) throws IOException {
if (buffer.remaining() < 2) {
throw new SSLProtocolException(
"Invalid status_request extension: insufficient data");
}
// Get the status type (1 byte) and response data (vector)
byte type = (byte)Record.getInt8(buffer);
byte[] respData = Record.getBytes24(buffer);
// Create the CertStatusResponse based on the type
if (type == CertStatusRequestType.OCSP.id) {
this.statusResponse = new OCSPStatusResponse(type, respData);
} else {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.info(
"Unknown certificate status response " +
"(status type: " + type + ")");
}
this.statusResponse = new CertStatusResponse(type, respData);
}
}
Example #13
| Source File: SignatureAlgorithmsExtension.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
|
SignatureAlgorithmsExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_SIGNATURE_ALGORITHMS);
algorithmsLen = s.getInt16();
if (algorithmsLen == 0 || algorithmsLen + 2 != len) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
algorithms = new ArrayList<SignatureAndHashAlgorithm>();
int remains = algorithmsLen;
int sequence = 0;
while (remains > 1) { // needs at least two bytes
int hash = s.getInt8(); // hash algorithm
int signature = s.getInt8(); // signature algorithm
SignatureAndHashAlgorithm algorithm =
SignatureAndHashAlgorithm.valueOf(hash, signature, ++sequence);
algorithms.add(algorithm);
remains -= 2; // one byte for hash, one byte for signature
}
if (remains != 0) {
throw new SSLProtocolException("Invalid server_name extension");
}
}
Example #14
| Source File: RenegotiationInfoExtension.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
RenegotiationInfoExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_RENEGOTIATION_INFO);
// check the extension length
if (len < 1) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
int renegoInfoDataLen = s.getInt8();
if (renegoInfoDataLen + 1 != len) { // + 1 = the byte we just read
throw new SSLProtocolException("Invalid " + type + " extension");
}
renegotiated_connection = new byte[renegoInfoDataLen];
if (renegoInfoDataLen != 0) {
s.read(renegotiated_connection, 0, renegoInfoDataLen);
}
}
Example #15
| Source File: SignatureAlgorithmsExtension.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
SignatureAlgorithmsExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_SIGNATURE_ALGORITHMS);
algorithmsLen = s.getInt16();
if (algorithmsLen == 0 || algorithmsLen + 2 != len) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
algorithms = new ArrayList<SignatureAndHashAlgorithm>();
int remains = algorithmsLen;
int sequence = 0;
while (remains > 1) { // needs at least two bytes
int hash = s.getInt8(); // hash algorithm
int signature = s.getInt8(); // signature algorithm
SignatureAndHashAlgorithm algorithm =
SignatureAndHashAlgorithm.valueOf(hash, signature, ++sequence);
algorithms.add(algorithm);
remains -= 2; // one byte for hash, one byte for signature
}
if (remains != 0) {
throw new SSLProtocolException("Invalid server_name extension");
}
}
Example #16
| Source File: EllipticPointFormatsExtension.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
EllipticPointFormatsExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_EC_POINT_FORMATS);
formats = s.getBytes8();
// RFC 4492 says uncompressed points must always be supported.
// Check just to make sure.
boolean uncompressed = false;
for (int format : formats) {
if (format == FMT_UNCOMPRESSED) {
uncompressed = true;
break;
}
}
if (uncompressed == false) {
throw new SSLProtocolException
("Peer does not support uncompressed points");
}
}
Example #17
| Source File: RenegotiationInfoExtension.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
|
RenegotiationInfoExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_RENEGOTIATION_INFO);
// check the extension length
if (len < 1) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
int renegoInfoDataLen = s.getInt8();
if (renegoInfoDataLen + 1 != len) { // + 1 = the byte we just read
throw new SSLProtocolException("Invalid " + type + " extension");
}
renegotiated_connection = new byte[renegoInfoDataLen];
if (renegoInfoDataLen != 0) {
s.read(renegotiated_connection, 0, renegoInfoDataLen);
}
}
Example #18
| Source File: SupportedEllipticPointFormatsExtension.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
|
SupportedEllipticPointFormatsExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_EC_POINT_FORMATS);
formats = s.getBytes8();
// RFC 4492 says uncompressed points must always be supported.
// Check just to make sure.
boolean uncompressed = false;
for (int format : formats) {
if (format == FMT_UNCOMPRESSED) {
uncompressed = true;
break;
}
}
if (uncompressed == false) {
throw new SSLProtocolException
("Peer does not support uncompressed points");
}
}
Example #19
| Source File: RenegotiationInfoExtension.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
RenegotiationInfoExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_RENEGOTIATION_INFO);
// check the extension length
if (len < 1) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
int renegoInfoDataLen = s.getInt8();
if (renegoInfoDataLen + 1 != len) { // + 1 = the byte we just read
throw new SSLProtocolException("Invalid " + type + " extension");
}
renegotiated_connection = new byte[renegoInfoDataLen];
if (renegoInfoDataLen != 0) {
s.read(renegotiated_connection, 0, renegoInfoDataLen);
}
}
Example #20
| Source File: SignatureAlgorithmsExtension.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
SignatureAlgorithmsExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_SIGNATURE_ALGORITHMS);
algorithmsLen = s.getInt16();
if (algorithmsLen == 0 || algorithmsLen + 2 != len) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
algorithms = new ArrayList<SignatureAndHashAlgorithm>();
int remains = algorithmsLen;
int sequence = 0;
while (remains > 1) { // needs at least two bytes
int hash = s.getInt8(); // hash algorithm
int signature = s.getInt8(); // signature algorithm
SignatureAndHashAlgorithm algorithm =
SignatureAndHashAlgorithm.valueOf(hash, signature, ++sequence);
algorithms.add(algorithm);
remains -= 2; // one byte for hash, one byte for signature
}
if (remains != 0) {
throw new SSLProtocolException("Invalid server_name extension");
}
}
Example #21
| Source File: SignatureAlgorithmsExtension.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
SignatureAlgorithmsExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_SIGNATURE_ALGORITHMS);
algorithmsLen = s.getInt16();
if (algorithmsLen == 0 || algorithmsLen + 2 != len) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
algorithms = new ArrayList<SignatureAndHashAlgorithm>();
int remains = algorithmsLen;
int sequence = 0;
while (remains > 1) { // needs at least two bytes
int hash = s.getInt8(); // hash algorithm
int signature = s.getInt8(); // signature algorithm
SignatureAndHashAlgorithm algorithm =
SignatureAndHashAlgorithm.valueOf(hash, signature, ++sequence);
algorithms.add(algorithm);
remains -= 2; // one byte for hash, one byte for signature
}
if (remains != 0) {
throw new SSLProtocolException("Invalid server_name extension");
}
}
Example #22
| Source File: SignatureAlgorithmsExtension.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
SignatureAlgorithmsExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_SIGNATURE_ALGORITHMS);
algorithmsLen = s.getInt16();
if (algorithmsLen == 0 || algorithmsLen + 2 != len) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
algorithms = new ArrayList<SignatureAndHashAlgorithm>();
int remains = algorithmsLen;
int sequence = 0;
while (remains > 1) { // needs at least two bytes
int hash = s.getInt8(); // hash algorithm
int signature = s.getInt8(); // signature algorithm
SignatureAndHashAlgorithm algorithm =
SignatureAndHashAlgorithm.valueOf(hash, signature, ++sequence);
algorithms.add(algorithm);
remains -= 2; // one byte for hash, one byte for signature
}
if (remains != 0) {
throw new SSLProtocolException("Invalid server_name extension");
}
}
Example #23
| Source File: EllipticPointFormatsExtension.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
EllipticPointFormatsExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_EC_POINT_FORMATS);
formats = s.getBytes8();
// RFC 4492 says uncompressed points must always be supported.
// Check just to make sure.
boolean uncompressed = false;
for (int format : formats) {
if (format == FMT_UNCOMPRESSED) {
uncompressed = true;
break;
}
}
if (uncompressed == false) {
throw new SSLProtocolException
("Peer does not support uncompressed points");
}
}
Example #24
| Source File: RenegotiationInfoExtension.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
RenegotiationInfoExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_RENEGOTIATION_INFO);
// check the extension length
if (len < 1) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
int renegoInfoDataLen = s.getInt8();
if (renegoInfoDataLen + 1 != len) { // + 1 = the byte we just read
throw new SSLProtocolException("Invalid " + type + " extension");
}
renegotiated_connection = new byte[renegoInfoDataLen];
if (renegoInfoDataLen != 0) {
s.read(renegotiated_connection, 0, renegoInfoDataLen);
}
}
Example #25
| Source File: SessionId.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
/**
* Checks the length of the session ID to make sure it sits within
* the range called out in the specification
*/
void checkLength(ProtocolVersion pv) throws SSLProtocolException {
// As of today all versions of TLS have a 32-byte maximum length.
// In the future we can do more here to support protocol versions
// that may have longer max lengths.
if (sessionId.length > MAX_LENGTH) {
throw new SSLProtocolException("Invalid session ID length (" +
sessionId.length + " bytes)");
}
}
Example #26
| Source File: MaxFragExtension.java From Bytecoder with Apache License 2.0 | 5 votes |
|
private MaxFragLenSpec(ByteBuffer buffer) throws IOException {
if (buffer.remaining() != 1) {
throw new SSLProtocolException(
"Invalid max_fragment_length extension data");
}
this.id = buffer.get();
}
Example #27
| Source File: SupportedEllipticCurvesExtension.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
SupportedEllipticCurvesExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_ELLIPTIC_CURVES);
int k = s.getInt16();
if (((len & 1) != 0) || (k + 2 != len)) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
// Note: unknown curves will be ignored later.
curveIds = new int[k >> 1];
for (int i = 0; i < curveIds.length; i++) {
curveIds[i] = s.getInt16();
}
}
Example #28
| Source File: SupportedEllipticCurvesExtension.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
|
SupportedEllipticCurvesExtension(HandshakeInStream s, int len)
throws IOException {
super(ExtensionType.EXT_ELLIPTIC_CURVES);
int k = s.getInt16();
if (((len & 1) != 0) || (k + 2 != len)) {
throw new SSLProtocolException("Invalid " + type + " extension");
}
curveIds = new int[k >> 1];
for (int i = 0; i < curveIds.length; i++) {
curveIds[i] = s.getInt16();
}
}
Example #29
| Source File: ConnectionSpecSelector.java From styT with Apache License 2.0 | 5 votes |
|
/**
* Reports a failure to complete a connection. Determines the next {@link ConnectionSpec} to try,
* if any.
*
* @return {@code true} if the connection should be retried using {@link
* #configureSecureSocket(SSLSocket)} or {@code false} if not
*/
public boolean connectionFailed(IOException e) {
// Any future attempt to connect using this strategy will be a fallback attempt.
isFallback = true;
if (!isFallbackPossible) {
return false;
}
// If there was a protocol problem, don't recover.
if (e instanceof ProtocolException) {
return false;
}
// If there was an interruption or timeout (SocketTimeoutException), don't recover.
// For the socket connect timeout case we do not try the same host with a different
// ConnectionSpec: we assume it is unreachable.
if (e instanceof InterruptedIOException) {
return false;
}
// Look for known client-side or negotiation errors that are unlikely to be fixed by trying
// again with a different connection spec.
if (e instanceof SSLHandshakeException) {
// If the problem was a CertificateException from the X509TrustManager,
// do not retry.
if (e.getCause() instanceof CertificateException) {
return false;
}
}
if (e instanceof SSLPeerUnverifiedException) {
// e.g. a certificate pinning error.
return false;
}
// On Android, SSLProtocolExceptions can be caused by TLS_FALLBACK_SCSV failures, which means we
// retry those when we probably should not.
return (e instanceof SSLHandshakeException || e instanceof SSLProtocolException);
}
Example #30
| Source File: ECPointFormatsExtension.java From Bytecoder with Apache License 2.0 | 5 votes |
|
private ECPointFormatsSpec(ByteBuffer m) throws IOException {
if (!m.hasRemaining()) {
throw new SSLProtocolException(
"Invalid ec_point_formats extension: " +
"insufficient data");
}
this.formats = Record.getBytes8(m);
}
