Example 16 with HexDumpEncoder
use of sun.security.util.HexDumpEncoder in project Bytecoder by mirkosertic.
the class Handshaker method calculateMasterSecret.
/*
* Calculate the master secret from its various components. This is
* used for key exchange by all cipher suites.
*
* The master secret is the catenation of three MD5 hashes, each
* consisting of the pre-master secret and a SHA1 hash. Those three
* SHA1 hashes are of (different) constant strings, the pre-master
* secret, and the nonces provided by the client and the server.
*/
private SecretKey calculateMasterSecret(SecretKey preMasterSecret, ProtocolVersion requestedVersion) {
if (debug != null && Debug.isOn("keygen")) {
HexDumpEncoder dump = new HexDumpEncoder();
System.out.println("SESSION KEYGEN:");
System.out.println("PreMaster Secret:");
printHex(dump, preMasterSecret.getEncoded());
// Nonces are dumped with connection keygen, no
// benefit to doing it twice
}
// What algs/params do we need to use?
String masterAlg;
PRF prf;
byte majorVersion = protocolVersion.major;
byte minorVersion = protocolVersion.minor;
if (protocolVersion.isDTLSProtocol()) {
// Use TLS version number for DTLS key calculation
if (protocolVersion.v == ProtocolVersion.DTLS10.v) {
majorVersion = ProtocolVersion.TLS11.major;
minorVersion = ProtocolVersion.TLS11.minor;
masterAlg = "SunTlsMasterSecret";
prf = P_NONE;
} else {
// DTLS 1.2
majorVersion = ProtocolVersion.TLS12.major;
minorVersion = ProtocolVersion.TLS12.minor;
masterAlg = "SunTls12MasterSecret";
prf = cipherSuite.prfAlg;
}
} else {
if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
masterAlg = "SunTls12MasterSecret";
prf = cipherSuite.prfAlg;
} else {
masterAlg = "SunTlsMasterSecret";
prf = P_NONE;
}
}
String prfHashAlg = prf.getPRFHashAlg();
int prfHashLength = prf.getPRFHashLength();
int prfBlockSize = prf.getPRFBlockSize();
@SuppressWarnings("deprecation") TlsMasterSecretParameterSpec spec = new TlsMasterSecretParameterSpec(preMasterSecret, (majorVersion & 0xFF), (minorVersion & 0xFF), clnt_random.random_bytes, svr_random.random_bytes, prfHashAlg, prfHashLength, prfBlockSize);
try {
KeyGenerator kg = JsseJce.getKeyGenerator(masterAlg);
kg.init(spec);
return kg.generateKey();
} catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException iae) {
// due to the Bleichenbacher attack. See comments further down.
if (debug != null && Debug.isOn("handshake")) {
System.out.println("RSA master secret generation error:");
iae.printStackTrace(System.out);
}
throw new ProviderException(iae);
}
}
Also used :
HexDumpEncoder(sun.security.util.HexDumpEncoder)
PRF(sun.security.ssl.CipherSuite.PRF)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Example 17 with HexDumpEncoder
use of sun.security.util.HexDumpEncoder in project Bytecoder by mirkosertic.
the class Handshaker method calculateConnectionKeys.
/*
* Calculate the keys needed for this connection, once the session's
* master secret has been calculated. Uses the master key and nonces;
* the amount of keying material generated is a function of the cipher
* suite that's been negotiated.
*
* This gets called both on the "full handshake" (where we exchanged
* a premaster secret and started a new session) as well as on the
* "fast handshake" (where we just resumed a pre-existing session).
*/
@SuppressWarnings("deprecation")
void calculateConnectionKeys(SecretKey masterKey) {
/*
* For both the read and write sides of the protocol, we use the
* master to generate MAC secrets and cipher keying material. Block
* ciphers need initialization vectors, which we also generate.
*
* First we figure out how much keying material is needed.
*/
int hashSize = cipherSuite.macAlg.size;
boolean is_exportable = cipherSuite.exportable;
BulkCipher cipher = cipherSuite.cipher;
int expandedKeySize = is_exportable ? cipher.expandedKeySize : 0;
// Which algs/params do we need to use?
String keyMaterialAlg;
PRF prf;
byte majorVersion = protocolVersion.major;
byte minorVersion = protocolVersion.minor;
if (protocolVersion.isDTLSProtocol()) {
// Use TLS version number for DTLS key calculation
if (protocolVersion.v == ProtocolVersion.DTLS10.v) {
majorVersion = ProtocolVersion.TLS11.major;
minorVersion = ProtocolVersion.TLS11.minor;
keyMaterialAlg = "SunTlsKeyMaterial";
prf = P_NONE;
} else {
// DTLS 1.2+
majorVersion = ProtocolVersion.TLS12.major;
minorVersion = ProtocolVersion.TLS12.minor;
keyMaterialAlg = "SunTls12KeyMaterial";
prf = cipherSuite.prfAlg;
}
} else {
if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
keyMaterialAlg = "SunTls12KeyMaterial";
prf = cipherSuite.prfAlg;
} else {
keyMaterialAlg = "SunTlsKeyMaterial";
prf = P_NONE;
}
}
String prfHashAlg = prf.getPRFHashAlg();
int prfHashLength = prf.getPRFHashLength();
int prfBlockSize = prf.getPRFBlockSize();
// TLS v1.1+ and DTLS use an explicit IV in CBC cipher suites to
// protect against the CBC attacks. AEAD/GCM cipher suites in TLS
// v1.2 or later use a fixed IV as the implicit part of the partially
// implicit nonce technique described in RFC 5116.
int ivSize = cipher.ivSize;
if (cipher.cipherType == AEAD_CIPHER) {
ivSize = cipher.fixedIvSize;
} else if ((cipher.cipherType == BLOCK_CIPHER) && protocolVersion.useTLS11PlusSpec()) {
ivSize = 0;
}
TlsKeyMaterialParameterSpec spec = new TlsKeyMaterialParameterSpec(masterKey, (majorVersion & 0xFF), (minorVersion & 0xFF), clnt_random.random_bytes, svr_random.random_bytes, cipher.algorithm, cipher.keySize, expandedKeySize, ivSize, hashSize, prfHashAlg, prfHashLength, prfBlockSize);
try {
KeyGenerator kg = JsseJce.getKeyGenerator(keyMaterialAlg);
kg.init(spec);
TlsKeyMaterialSpec keySpec = (TlsKeyMaterialSpec) kg.generateKey();
// Return null if cipher keys are not supposed to be generated.
clntWriteKey = keySpec.getClientCipherKey();
svrWriteKey = keySpec.getServerCipherKey();
// Return null if IVs are not supposed to be generated.
clntWriteIV = keySpec.getClientIv();
svrWriteIV = keySpec.getServerIv();
// Return null if MAC keys are not supposed to be generated.
clntMacSecret = keySpec.getClientMacKey();
svrMacSecret = keySpec.getServerMacKey();
} catch (GeneralSecurityException e) {
throw new ProviderException(e);
}
//
if (debug != null && Debug.isOn("keygen")) {
synchronized (System.out) {
HexDumpEncoder dump = new HexDumpEncoder();
System.out.println("CONNECTION KEYGEN:");
// Inputs:
System.out.println("Client Nonce:");
printHex(dump, clnt_random.random_bytes);
System.out.println("Server Nonce:");
printHex(dump, svr_random.random_bytes);
System.out.println("Master Secret:");
printHex(dump, masterKey.getEncoded());
// Outputs:
if (clntMacSecret != null) {
System.out.println("Client MAC write Secret:");
printHex(dump, clntMacSecret.getEncoded());
System.out.println("Server MAC write Secret:");
printHex(dump, svrMacSecret.getEncoded());
} else {
System.out.println("... no MAC keys used for this cipher");
}
if (clntWriteKey != null) {
System.out.println("Client write key:");
printHex(dump, clntWriteKey.getEncoded());
System.out.println("Server write key:");
printHex(dump, svrWriteKey.getEncoded());
} else {
System.out.println("... no encryption keys used");
}
if (clntWriteIV != null) {
System.out.println("Client write IV:");
printHex(dump, clntWriteIV.getIV());
System.out.println("Server write IV:");
printHex(dump, svrWriteIV.getIV());
} else {
if (protocolVersion.useTLS11PlusSpec()) {
System.out.println("... no IV derived for this protocol");
} else {
System.out.println("... no IV used for this cipher");
}
}
System.out.flush();
}
}
}
Also used :
PRF(sun.security.ssl.CipherSuite.PRF)
HexDumpEncoder(sun.security.util.HexDumpEncoder)
Example 18 with HexDumpEncoder
use of sun.security.util.HexDumpEncoder in project Bytecoder by mirkosertic.
the class RC2Parameters method engineToString.
/*
* Returns a formatted string describing the parameters.
*/
protected String engineToString() {
String LINE_SEP = System.getProperty("line.separator");
HexDumpEncoder encoder = new HexDumpEncoder();
StringBuilder sb = new StringBuilder(LINE_SEP + " iv:" + LINE_SEP + "[" + encoder.encodeBuffer(iv) + "]");
if (version != 0) {
sb.append(LINE_SEP + "version:" + LINE_SEP + version + LINE_SEP);
}
return sb.toString();
}
Also used :
HexDumpEncoder(sun.security.util.HexDumpEncoder)
Example 19 with HexDumpEncoder
use of sun.security.util.HexDumpEncoder in project Bytecoder by mirkosertic.
the class AbstractHashDrbg method reseedAlgorithm.
@Override
protected void reseedAlgorithm(byte[] ei, byte[] additionalInput) {
if (debug != null) {
debug.println(this, "reseedAlgorithm\n" + new HexDumpEncoder().encodeBuffer(ei) + "\n" + ((additionalInput == null) ? "" : new HexDumpEncoder().encodeBuffer(additionalInput)));
}
// 800-90Ar1 10.1.1.3: Hash_DRBG Reseed Process.
// 800-90Ar1 10.1.2.4: Hmac_DRBG Reseed Process.
// Step 1: entropy_input || additional_input.
List<byte[]> inputs = new ArrayList<>(2);
inputs.add(ei);
if (additionalInput != null) {
inputs.add(additionalInput);
}
hashReseedInternal(inputs);
}
Also used :
HexDumpEncoder(sun.security.util.HexDumpEncoder)
ArrayList(java.util.ArrayList)
Example 20 with HexDumpEncoder
use of sun.security.util.HexDumpEncoder in project Bytecoder by mirkosertic.
the class ESSCertId method toString.
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("[\n\tCertificate hash (SHA-1):\n");
if (hexDumper == null) {
hexDumper = new HexDumpEncoder();
}
sb.append(hexDumper.encode(certHash));
if (issuer != null && serialNumber != null) {
sb.append("\n\tIssuer: " + issuer + "\n");
sb.append("\t" + serialNumber);
}
sb.append("\n]");
return sb.toString();
}
Also used :
HexDumpEncoder(sun.security.util.HexDumpEncoder)
Aggregations
HexDumpEncoder (sun.security.util.HexDumpEncoder)27
IOException (java.io.IOException)8
ByteArrayInputStream (java.io.ByteArrayInputStream)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
CRLException (java.security.cert.CRLException)2
PRF (sun.security.ssl.CipherSuite.PRF)2
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
ByteBuffer (java.nio.ByteBuffer)1
InvalidKeyException (java.security.InvalidKeyException)1
NoSuchProviderException (java.security.NoSuchProviderException)1
SignatureException (java.security.SignatureException)1
CertificateException (java.security.cert.CertificateException)1
Extension (java.security.cert.Extension)1
X509CRLEntry (java.security.cert.X509CRLEntry)1
ArrayList (java.util.ArrayList)1
