29 import java.security.spec.AlgorithmParameterSpec;
30
31 import javax.crypto.*;
32
33 import sun.security.internal.interfaces.TlsMasterSecret;
34 import sun.security.internal.spec.TlsMasterSecretParameterSpec;
35
36 import static com.sun.crypto.provider.TlsPrfGenerator.*;
37
38 /**
39 * KeyGenerator implementation for the SSL/TLS master secret derivation.
40 *
41 * @author Andreas Sterbenz
42 * @since 1.6
43 */
44 public final class TlsMasterSecretGenerator extends KeyGeneratorSpi {
45
46 private final static String MSG = "TlsMasterSecretGenerator must be "
47 + "initialized using a TlsMasterSecretParameterSpec";
48
49 private TlsMasterSecretParameterSpec spec;
50
51 private int protocolVersion;
52
53 public TlsMasterSecretGenerator() {
54 }
55
56 protected void engineInit(SecureRandom random) {
57 throw new InvalidParameterException(MSG);
58 }
59
60 protected void engineInit(AlgorithmParameterSpec params,
61 SecureRandom random) throws InvalidAlgorithmParameterException {
62 if (params instanceof TlsMasterSecretParameterSpec == false) {
63 throw new InvalidAlgorithmParameterException(MSG);
64 }
65 this.spec = (TlsMasterSecretParameterSpec)params;
66 if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
67 throw new InvalidAlgorithmParameterException(
68 "Key format must be RAW");
69 }
70 protocolVersion = (spec.getMajorVersion() << 8)
71 | spec.getMinorVersion();
72 if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
73 throw new InvalidAlgorithmParameterException(
74 "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
75 }
76 }
77
78 protected void engineInit(int keysize, SecureRandom random) {
79 throw new InvalidParameterException(MSG);
122 sha.update(clientRandom);
123 sha.update(serverRandom);
124 sha.digest(tmp, 0, 20);
125
126 md5.update(premaster);
127 md5.update(tmp);
128 md5.digest(master, i << 4, 16);
129 }
130
131 }
132
133 return new TlsMasterSecretKey(master, premasterMajor,
134 premasterMinor);
135 } catch (NoSuchAlgorithmException e) {
136 throw new ProviderException(e);
137 } catch (DigestException e) {
138 throw new ProviderException(e);
139 }
140 }
141
142 private static final class TlsMasterSecretKey implements TlsMasterSecret {
143 private static final long serialVersionUID = 1019571680375368880L;
144
145 private byte[] key;
146 private final int majorVersion, minorVersion;
147
148 TlsMasterSecretKey(byte[] key, int majorVersion, int minorVersion) {
149 this.key = key;
150 this.majorVersion = majorVersion;
151 this.minorVersion = minorVersion;
152 }
153
154 public int getMajorVersion() {
155 return majorVersion;
156 }
157
158 public int getMinorVersion() {
159 return minorVersion;
160 }
161
|
29 import java.security.spec.AlgorithmParameterSpec;
30
31 import javax.crypto.*;
32
33 import sun.security.internal.interfaces.TlsMasterSecret;
34 import sun.security.internal.spec.TlsMasterSecretParameterSpec;
35
36 import static com.sun.crypto.provider.TlsPrfGenerator.*;
37
38 /**
39 * KeyGenerator implementation for the SSL/TLS master secret derivation.
40 *
41 * @author Andreas Sterbenz
42 * @since 1.6
43 */
44 public final class TlsMasterSecretGenerator extends KeyGeneratorSpi {
45
46 private final static String MSG = "TlsMasterSecretGenerator must be "
47 + "initialized using a TlsMasterSecretParameterSpec";
48
49 @SuppressWarnings("deprecation")
50 private TlsMasterSecretParameterSpec spec;
51
52 private int protocolVersion;
53
54 public TlsMasterSecretGenerator() {
55 }
56
57 protected void engineInit(SecureRandom random) {
58 throw new InvalidParameterException(MSG);
59 }
60
61 @SuppressWarnings("deprecation")
62 protected void engineInit(AlgorithmParameterSpec params,
63 SecureRandom random) throws InvalidAlgorithmParameterException {
64 if (params instanceof TlsMasterSecretParameterSpec == false) {
65 throw new InvalidAlgorithmParameterException(MSG);
66 }
67 this.spec = (TlsMasterSecretParameterSpec)params;
68 if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
69 throw new InvalidAlgorithmParameterException(
70 "Key format must be RAW");
71 }
72 protocolVersion = (spec.getMajorVersion() << 8)
73 | spec.getMinorVersion();
74 if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
75 throw new InvalidAlgorithmParameterException(
76 "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
77 }
78 }
79
80 protected void engineInit(int keysize, SecureRandom random) {
81 throw new InvalidParameterException(MSG);
124 sha.update(clientRandom);
125 sha.update(serverRandom);
126 sha.digest(tmp, 0, 20);
127
128 md5.update(premaster);
129 md5.update(tmp);
130 md5.digest(master, i << 4, 16);
131 }
132
133 }
134
135 return new TlsMasterSecretKey(master, premasterMajor,
136 premasterMinor);
137 } catch (NoSuchAlgorithmException e) {
138 throw new ProviderException(e);
139 } catch (DigestException e) {
140 throw new ProviderException(e);
141 }
142 }
143
144 @SuppressWarnings("deprecation")
145 private static final class TlsMasterSecretKey implements TlsMasterSecret {
146 private static final long serialVersionUID = 1019571680375368880L;
147
148 private byte[] key;
149 private final int majorVersion, minorVersion;
150
151 TlsMasterSecretKey(byte[] key, int majorVersion, int minorVersion) {
152 this.key = key;
153 this.majorVersion = majorVersion;
154 this.minorVersion = minorVersion;
155 }
156
157 public int getMajorVersion() {
158 return majorVersion;
159 }
160
161 public int getMinorVersion() {
162 return minorVersion;
163 }
164
|