1 /* |
1 /* |
2 * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
88 } |
88 } |
89 if (cipherAlgorithm == null) { |
89 if (cipherAlgorithm == null) { |
90 throw new NullPointerException(); |
90 throw new NullPointerException(); |
91 } |
91 } |
92 this.masterSecret = masterSecret; |
92 this.masterSecret = masterSecret; |
93 this.majorVersion = TlsMasterSecretParameterSpec.checkVersion(majorVersion); |
93 this.majorVersion = |
94 this.minorVersion = TlsMasterSecretParameterSpec.checkVersion(minorVersion); |
94 TlsMasterSecretParameterSpec.checkVersion(majorVersion); |
|
95 this.minorVersion = |
|
96 TlsMasterSecretParameterSpec.checkVersion(minorVersion); |
95 this.clientRandom = clientRandom.clone(); |
97 this.clientRandom = clientRandom.clone(); |
96 this.serverRandom = serverRandom.clone(); |
98 this.serverRandom = serverRandom.clone(); |
97 this.cipherAlgorithm = cipherAlgorithm; |
99 this.cipherAlgorithm = cipherAlgorithm; |
98 this.cipherKeyLength = checkSign(cipherKeyLength); |
100 this.cipherKeyLength = checkSign(cipherKeyLength); |
99 this.expandedCipherKeyLength = checkSign(expandedCipherKeyLength); |
101 this.expandedCipherKeyLength = checkSign(expandedCipherKeyLength); |
170 public int getCipherKeyLength() { |
172 public int getCipherKeyLength() { |
171 return cipherKeyLength; |
173 return cipherKeyLength; |
172 } |
174 } |
173 |
175 |
174 /** |
176 /** |
175 * Returns the length in bytes of the expanded encryption key to be generated. |
177 * Returns the length in bytes of the expanded encryption key to be |
176 * |
178 * generated. Returns zero if the expanded encryption key is not |
177 * @return the length in bytes of the expanded encryption key to be generated. |
179 * supposed to be generated. |
|
180 * |
|
181 * @return the length in bytes of the expanded encryption key to be |
|
182 * generated. |
178 */ |
183 */ |
179 public int getExpandedCipherKeyLength() { |
184 public int getExpandedCipherKeyLength() { |
|
185 // TLS v1.1 disables the exportable weak cipher suites. |
|
186 if (majorVersion >= 0x03 && minorVersion >= 0x02) { |
|
187 return 0; |
|
188 } |
180 return expandedCipherKeyLength; |
189 return expandedCipherKeyLength; |
181 } |
190 } |
182 |
191 |
183 /** |
192 /** |
184 * Returns the length in bytes of the initialization vector to be generated. |
193 * Returns the length in bytes of the initialization vector to be |
185 * |
194 * generated. Returns zero if the initialization vector is not |
186 * @return the length in bytes of the initialization vector to be generated. |
195 * supposed to be generated. |
|
196 * |
|
197 * @return the length in bytes of the initialization vector to be |
|
198 * generated. |
187 */ |
199 */ |
188 public int getIvLength() { |
200 public int getIvLength() { |
|
201 // TLS v1.1 or later uses an explicit IV to protect against |
|
202 // the CBC attacks. |
|
203 if (majorVersion >= 0x03 && minorVersion >= 0x02) { |
|
204 return 0; |
|
205 } |
|
206 |
189 return ivLength; |
207 return ivLength; |
190 } |
208 } |
191 |
209 |
192 /** |
210 /** |
193 * Returns the length in bytes of the MAC key to be generated. |
211 * Returns the length in bytes of the MAC key to be generated. |