21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 * or visit www.oracle.com if you need additional information or have any |
22 * or visit www.oracle.com if you need additional information or have any |
23 * questions. |
23 * questions. |
24 */ |
24 */ |
25 |
25 |
26 |
|
27 package sun.security.ssl; |
26 package sun.security.ssl; |
28 |
27 |
29 import java.io.*; |
28 import java.io.*; |
|
29 import java.nio.ByteBuffer; |
30 import java.security.SecureRandom; |
30 import java.security.SecureRandom; |
|
31 import java.util.Arrays; |
31 |
32 |
32 /* |
33 /* |
33 * RandomCookie ... SSL hands standard format random cookies (nonces) |
34 * RandomCookie ... SSL hands standard format random cookies (nonces) |
34 * around. These know how to encode/decode themselves on SSL streams, |
35 * around. These know how to encode/decode themselves on SSL streams, |
35 * and can be created and printed. |
36 * and can be created and printed. |
36 * |
37 * |
37 * @author David Brownell |
38 * @author David Brownell |
38 */ |
39 */ |
39 final class RandomCookie { |
40 final class RandomCookie { |
|
41 final byte[] randomBytes = new byte[32]; // exactly 32 bytes |
40 |
42 |
41 byte[] random_bytes; // exactly 32 bytes |
43 private static final byte[] hrrRandomBytes = new byte[] { |
|
44 (byte)0xCF, (byte)0x21, (byte)0xAD, (byte)0x74, |
|
45 (byte)0xE5, (byte)0x9A, (byte)0x61, (byte)0x11, |
|
46 (byte)0xBE, (byte)0x1D, (byte)0x8C, (byte)0x02, |
|
47 (byte)0x1E, (byte)0x65, (byte)0xB8, (byte)0x91, |
|
48 (byte)0xC2, (byte)0xA2, (byte)0x11, (byte)0x16, |
|
49 (byte)0x7A, (byte)0xBB, (byte)0x8C, (byte)0x5E, |
|
50 (byte)0x07, (byte)0x9E, (byte)0x09, (byte)0xE2, |
|
51 (byte)0xC8, (byte)0xA8, (byte)0x33, (byte)0x9C |
|
52 }; |
|
53 |
|
54 private static final byte[] t12Protection = new byte[] { |
|
55 (byte)0x44, (byte)0x4F, (byte)0x57, (byte)0x4E, |
|
56 (byte)0x47, (byte)0x52, (byte)0x44, (byte)0x01 |
|
57 }; |
|
58 |
|
59 private static final byte[] t11Protection = new byte[] { |
|
60 (byte)0x44, (byte)0x4F, (byte)0x57, (byte)0x4E, |
|
61 (byte)0x47, (byte)0x52, (byte)0x44, (byte)0x01 |
|
62 }; |
|
63 |
|
64 static final RandomCookie hrrRandom = new RandomCookie(hrrRandomBytes); |
42 |
65 |
43 RandomCookie(SecureRandom generator) { |
66 RandomCookie(SecureRandom generator) { |
44 random_bytes = new byte[32]; |
67 generator.nextBytes(randomBytes); |
45 generator.nextBytes(random_bytes); |
|
46 } |
68 } |
47 |
69 |
48 RandomCookie(HandshakeInStream m) throws IOException { |
70 RandomCookie(ByteBuffer m) throws IOException { |
49 random_bytes = new byte[32]; |
71 m.get(randomBytes); |
50 m.read(random_bytes, 0, 32); |
|
51 } |
72 } |
52 |
73 |
53 void send(HandshakeOutStream out) throws IOException { |
74 private RandomCookie(byte[] randomBytes) { |
54 out.write(random_bytes, 0, 32); |
75 System.arraycopy(randomBytes, 0, this.randomBytes, 0, 32); |
55 } |
76 } |
56 |
77 |
57 void print(PrintStream s) { |
78 @Override |
58 s.print("random_bytes = {"); |
79 public String toString() { |
59 for (int i = 0; i < 32; i++) { |
80 return "random_bytes = {" + Utilities.toHexString(randomBytes) + "}"; |
60 int k = random_bytes[i] & 0xFF; |
81 } |
61 if (i != 0) { |
82 |
62 s.print(' '); |
83 boolean isHelloRetryRequest() { |
63 } |
84 return Arrays.equals(hrrRandomBytes, randomBytes); |
64 s.print(Utilities.hexDigits[k >>> 4]); |
85 } |
65 s.print(Utilities.hexDigits[k & 0xf]); |
86 |
66 } |
87 boolean isT12Downgrade() { |
67 s.println("}"); |
88 return Arrays.equals(hrrRandomBytes, 24, 31, t12Protection, 0, 7); |
|
89 } |
|
90 |
|
91 boolean isT11Downgrade() { |
|
92 return Arrays.equals(hrrRandomBytes, 24, 31, t11Protection, 0, 7); |
68 } |
93 } |
69 } |
94 } |