author | valeriep |
Tue, 08 May 2012 17:57:48 -0700 | |
changeset 12685 | 8a448b5b9006 |
parent 10336 | 0bb1999251f8 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
7043
diff
changeset
|
2 |
* Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
5506 | 7 |
* published by the Free Software Foundation. Oracle designates this |
2 | 8 |
* particular file as subject to the "Classpath" exception as provided |
5506 | 9 |
* by Oracle in the LICENSE file that accompanied this code. |
2 | 10 |
* |
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
5506 | 21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
2 | 24 |
*/ |
25 |
||
26 |
package com.sun.crypto.provider; |
|
27 |
||
28 |
import java.security.*; |
|
29 |
import java.security.spec.AlgorithmParameterSpec; |
|
30 |
||
31 |
import javax.crypto.*; |
|
32 |
||
33 |
import sun.security.internal.interfaces.TlsMasterSecret; |
|
34 |
import sun.security.internal.spec.TlsMasterSecretParameterSpec; |
|
35 |
||
36 |
import static com.sun.crypto.provider.TlsPrfGenerator.*; |
|
37 |
||
38 |
/** |
|
39 |
* KeyGenerator implementation for the SSL/TLS master secret derivation. |
|
40 |
* |
|
41 |
* @author Andreas Sterbenz |
|
42 |
* @since 1.6 |
|
43 |
*/ |
|
44 |
public final class TlsMasterSecretGenerator extends KeyGeneratorSpi { |
|
45 |
||
46 |
private final static String MSG = "TlsMasterSecretGenerator must be " |
|
47 |
+ "initialized using a TlsMasterSecretParameterSpec"; |
|
48 |
||
49 |
private TlsMasterSecretParameterSpec spec; |
|
50 |
||
51 |
private int protocolVersion; |
|
52 |
||
53 |
public TlsMasterSecretGenerator() { |
|
54 |
} |
|
55 |
||
56 |
protected void engineInit(SecureRandom random) { |
|
57 |
throw new InvalidParameterException(MSG); |
|
58 |
} |
|
59 |
||
60 |
protected void engineInit(AlgorithmParameterSpec params, |
|
61 |
SecureRandom random) throws InvalidAlgorithmParameterException { |
|
62 |
if (params instanceof TlsMasterSecretParameterSpec == false) { |
|
63 |
throw new InvalidAlgorithmParameterException(MSG); |
|
64 |
} |
|
65 |
this.spec = (TlsMasterSecretParameterSpec)params; |
|
66 |
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) { |
|
7043 | 67 |
throw new InvalidAlgorithmParameterException( |
68 |
"Key format must be RAW"); |
|
2 | 69 |
} |
7043 | 70 |
protocolVersion = (spec.getMajorVersion() << 8) |
71 |
| spec.getMinorVersion(); |
|
72 |
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) { |
|
73 |
throw new InvalidAlgorithmParameterException( |
|
74 |
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported"); |
|
2 | 75 |
} |
76 |
} |
|
77 |
||
78 |
protected void engineInit(int keysize, SecureRandom random) { |
|
79 |
throw new InvalidParameterException(MSG); |
|
80 |
} |
|
81 |
||
82 |
protected SecretKey engineGenerateKey() { |
|
83 |
if (spec == null) { |
|
7043 | 84 |
throw new IllegalStateException( |
85 |
"TlsMasterSecretGenerator must be initialized"); |
|
2 | 86 |
} |
87 |
SecretKey premasterKey = spec.getPremasterSecret(); |
|
88 |
byte[] premaster = premasterKey.getEncoded(); |
|
89 |
||
90 |
int premasterMajor, premasterMinor; |
|
91 |
if (premasterKey.getAlgorithm().equals("TlsRsaPremasterSecret")) { |
|
92 |
// RSA |
|
93 |
premasterMajor = premaster[0] & 0xff; |
|
94 |
premasterMinor = premaster[1] & 0xff; |
|
95 |
} else { |
|
96 |
// DH, KRB5, others |
|
97 |
premasterMajor = -1; |
|
98 |
premasterMinor = -1; |
|
99 |
} |
|
100 |
||
101 |
try { |
|
102 |
byte[] master; |
|
103 |
byte[] clientRandom = spec.getClientRandom(); |
|
104 |
byte[] serverRandom = spec.getServerRandom(); |
|
105 |
||
106 |
if (protocolVersion >= 0x0301) { |
|
107 |
byte[] seed = concat(clientRandom, serverRandom); |
|
7043 | 108 |
master = ((protocolVersion >= 0x0303) ? |
109 |
doTLS12PRF(premaster, LABEL_MASTER_SECRET, seed, 48, |
|
110 |
spec.getPRFHashAlg(), spec.getPRFHashLength(), |
|
111 |
spec.getPRFBlockSize()) : |
|
112 |
doTLS10PRF(premaster, LABEL_MASTER_SECRET, seed, 48)); |
|
2 | 113 |
} else { |
114 |
master = new byte[48]; |
|
115 |
MessageDigest md5 = MessageDigest.getInstance("MD5"); |
|
116 |
MessageDigest sha = MessageDigest.getInstance("SHA"); |
|
117 |
||
118 |
byte[] tmp = new byte[20]; |
|
119 |
for (int i = 0; i < 3; i++) { |
|
120 |
sha.update(SSL3_CONST[i]); |
|
121 |
sha.update(premaster); |
|
122 |
sha.update(clientRandom); |
|
123 |
sha.update(serverRandom); |
|
124 |
sha.digest(tmp, 0, 20); |
|
125 |
||
126 |
md5.update(premaster); |
|
127 |
md5.update(tmp); |
|
128 |
md5.digest(master, i << 4, 16); |
|
129 |
} |
|
130 |
||
131 |
} |
|
132 |
||
7043 | 133 |
return new TlsMasterSecretKey(master, premasterMajor, |
134 |
premasterMinor); |
|
2 | 135 |
} catch (NoSuchAlgorithmException e) { |
136 |
throw new ProviderException(e); |
|
137 |
} catch (DigestException e) { |
|
138 |
throw new ProviderException(e); |
|
139 |
} |
|
140 |
} |
|
141 |
||
142 |
private static final class TlsMasterSecretKey implements TlsMasterSecret { |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
7043
diff
changeset
|
143 |
private static final long serialVersionUID = 1019571680375368880L; |
2 | 144 |
|
145 |
private byte[] key; |
|
146 |
private final int majorVersion, minorVersion; |
|
147 |
||
148 |
TlsMasterSecretKey(byte[] key, int majorVersion, int minorVersion) { |
|
149 |
this.key = key; |
|
150 |
this.majorVersion = majorVersion; |
|
151 |
this.minorVersion = minorVersion; |
|
152 |
} |
|
153 |
||
154 |
public int getMajorVersion() { |
|
155 |
return majorVersion; |
|
156 |
} |
|
157 |
||
158 |
public int getMinorVersion() { |
|
159 |
return minorVersion; |
|
160 |
} |
|
161 |
||
162 |
public String getAlgorithm() { |
|
163 |
return "TlsMasterSecret"; |
|
164 |
} |
|
165 |
||
166 |
public String getFormat() { |
|
167 |
return "RAW"; |
|
168 |
} |
|
169 |
||
170 |
public byte[] getEncoded() { |
|
171 |
return key.clone(); |
|
172 |
} |
|
173 |
||
174 |
} |
|
175 |
||
176 |
} |