BCJSSE: Log ClientHello and ServerHello extension types (FINEST)

peterdettman · peterdettman · commit 0411027dd0eb · 2025-10-27T14:52:35.000+07:00
diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/JsseUtils.java b/tls/src/main/java/org/bouncycastle/jsse/provider/JsseUtils.java
@@ -45,6 +45,7 @@
 import org.bouncycastle.tls.CertificateStatus;
 import org.bouncycastle.tls.CertificateStatusType;
 import org.bouncycastle.tls.ClientCertificateType;
+import org.bouncycastle.tls.ExtensionType;
 import org.bouncycastle.tls.IdentifierType;
 import org.bouncycastle.tls.KeyExchangeAlgorithm;
 import org.bouncycastle.tls.NamedGroup;
@@ -158,6 +159,24 @@ static String[] getArray(Collection<String> c)
         return c.toArray(new String[c.size()]);
     }
 
+    static String getExtensionsReport(String title, Hashtable extensions)
+    {
+        StringBuilder sb = new StringBuilder(title);
+        sb.append(':');
+        if (extensions != null)
+        {
+            Enumeration e = extensions.keys();
+            while (e.hasMoreElements())
+            {
+                Integer extType = (Integer)e.nextElement();
+
+                sb.append(' ');
+                sb.append(ExtensionType.getText(extType.intValue()));
+            }
+        }
+        return sb.toString();
+    }
+
     static String[] getKeysArray(Map<String, ?> m)
     {
         return getArray(m.keySet());
diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/ProvTlsClientProtocol.java b/tls/src/main/java/org/bouncycastle/jsse/provider/ProvTlsClientProtocol.java
@@ -1,15 +1,21 @@
 package org.bouncycastle.jsse.provider;
 
+import java.io.ByteArrayInputStream;
 import java.io.Closeable;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 
 import org.bouncycastle.tls.RenegotiationPolicy;
+import org.bouncycastle.tls.ServerHello;
 import org.bouncycastle.tls.TlsClientProtocol;
 
 class ProvTlsClientProtocol extends TlsClientProtocol
 {
+    private static final Logger LOG = Logger.getLogger(ProvTlsClientProtocol.class.getName());
+
     private static final boolean provAcceptRenegotiation = PropertyUtils.getBooleanSystemProperty(
         "org.bouncycastle.jsse.client.acceptRenegotiation", false);
 
@@ -33,4 +39,35 @@ protected int getRenegotiationPolicy()
     {
         return provAcceptRenegotiation ? RenegotiationPolicy.ACCEPT : RenegotiationPolicy.DENY;
     }
+
+    @Override
+    protected ServerHello receiveServerHelloMessage(ByteArrayInputStream buf) throws IOException
+    {
+        ServerHello serverHello = super.receiveServerHelloMessage(buf);
+
+        if (LOG.isLoggable(Level.FINEST))
+        {
+            String title = getClientID() + " ServerHello extensions";
+            LOG.finest(JsseUtils.getExtensionsReport(title, serverHello.getExtensions()));
+        }
+
+        return serverHello;
+    }
+
+    @Override
+    protected void sendClientHelloMessage() throws IOException
+    {
+        if (LOG.isLoggable(Level.FINEST))
+        {
+            String title = getClientID() + " ClientHello extensions";
+            LOG.finest(JsseUtils.getExtensionsReport(title, clientHello.getExtensions()));
+        }
+
+        super.sendClientHelloMessage();
+    }
+
+    private String getClientID()
+    {
+        return ((ProvTlsClient)tlsClient).getID();
+    }
 }
