1 /* 2 * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 27 package sun.security.ssl; 28 29 import java.io.*; 30 import java.security.SecureRandom; 31 32 /* 33 * RandomCookie ... SSL hands standard format random cookies (nonces) 34 * around. These know how to encode/decode themselves on SSL streams, 35 * and can be created and printed. 36 * 37 * @author David Brownell 38 */ 39 final class RandomCookie { 40 41 byte[] random_bytes; // exactly 32 bytes 42 43 RandomCookie(SecureRandom generator) { 44 random_bytes = new byte[32]; 45 generator.nextBytes(random_bytes); 46 } 47 48 RandomCookie(HandshakeInStream m) throws IOException { 49 random_bytes = new byte[32]; 50 m.read(random_bytes, 0, 32); 51 } 52 53 void send(HandshakeOutStream out) throws IOException { 54 out.write(random_bytes, 0, 32); 55 } 56 57 void print(PrintStream s) { 58 s.print("random_bytes = {"); 59 for (int i = 0; i < 32; i++) { 60 int k = random_bytes[i] & 0xFF; 61 if (i != 0) { 62 s.print(' '); 63 } 64 s.print(Utilities.hexDigits[k >>> 4]); 65 s.print(Utilities.hexDigits[k & 0xf]); 66 } 67 s.println("}"); 68 } 69 } | 1 /* 2 * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.ssl; 27 28 import java.io.*; 29 import java.nio.ByteBuffer; 30 import java.security.SecureRandom; 31 import java.util.Arrays; 32 33 /* 34 * RandomCookie ... SSL hands standard format random cookies (nonces) 35 * around. These know how to encode/decode themselves on SSL streams, 36 * and can be created and printed. 37 * 38 * @author David Brownell 39 */ 40 final class RandomCookie { 41 final byte[] randomBytes = new byte[32]; // exactly 32 bytes 42 43 private static final byte[] hrrRandomBytes = new byte[] { 44 (byte)0xCF, (byte)0x21, (byte)0xAD, (byte)0x74, 45 (byte)0xE5, (byte)0x9A, (byte)0x61, (byte)0x11, 46 (byte)0xBE, (byte)0x1D, (byte)0x8C, (byte)0x02, 47 (byte)0x1E, (byte)0x65, (byte)0xB8, (byte)0x91, 48 (byte)0xC2, (byte)0xA2, (byte)0x11, (byte)0x16, 49 (byte)0x7A, (byte)0xBB, (byte)0x8C, (byte)0x5E, 50 (byte)0x07, (byte)0x9E, (byte)0x09, (byte)0xE2, 51 (byte)0xC8, (byte)0xA8, (byte)0x33, (byte)0x9C 52 }; 53 54 private static final byte[] t12Protection = new byte[] { 55 (byte)0x44, (byte)0x4F, (byte)0x57, (byte)0x4E, 56 (byte)0x47, (byte)0x52, (byte)0x44, (byte)0x01 57 }; 58 59 private static final byte[] t11Protection = new byte[] { 60 (byte)0x44, (byte)0x4F, (byte)0x57, (byte)0x4E, 61 (byte)0x47, (byte)0x52, (byte)0x44, (byte)0x01 62 }; 63 64 static final RandomCookie hrrRandom = new RandomCookie(hrrRandomBytes); 65 66 RandomCookie(SecureRandom generator) { 67 generator.nextBytes(randomBytes); 68 } 69 70 RandomCookie(ByteBuffer m) throws IOException { 71 m.get(randomBytes); 72 } 73 74 private RandomCookie(byte[] randomBytes) { 75 System.arraycopy(randomBytes, 0, this.randomBytes, 0, 32); 76 } 77 78 @Override 79 public String toString() { 80 return "random_bytes = {" + Utilities.toHexString(randomBytes) + "}"; 81 } 82 83 boolean isHelloRetryRequest() { 84 return Arrays.equals(hrrRandomBytes, randomBytes); 85 } 86 87 boolean isT12Downgrade() { 88 return Arrays.equals(hrrRandomBytes, 24, 31, t12Protection, 0, 7); 89 } 90 91 boolean isT11Downgrade() { 92 return Arrays.equals(hrrRandomBytes, 24, 31, t11Protection, 0, 7); 93 } 94 } |