int macSize = writeMac.getSize(); ProtocolVersion version = context.getServerVersion(); if (encryptThenMAC || !context.getSecurityParameters().truncatedHMac) int actualExtraPadBlocks = chooseExtraPadBlocks(context.getSecureRandom(), maxExtraPadBlocks); padding_length += actualExtraPadBlocks * blockSize; context.getNonceRandomGenerator().nextBytes(explicitIV);
context.getSecureRandom().nextBytes(premasterSecret); TlsUtils.writeVersion(context.getClientVersion(), premasterSecret, 0); encoding.init(true, new ParametersWithRandom(rsaServerPublicKey, context.getSecureRandom()));
protected void sendFinishedMessage() throws IOException { byte[] verify_data = createVerifyData(getContext().isServer()); HandshakeMessage message = new HandshakeMessage(HandshakeType.finished, verify_data.length); message.write(verify_data); message.writeToRecordStream(); }
public static byte[] PRF(TlsContext context, byte[] secret, String asciiLabel, byte[] seed, int size) { ProtocolVersion version = context.getServerVersion(); if (version.isSSL()) { throw new IllegalStateException("No PRF available for SSLv3 session"); } byte[] label = Strings.toByteArray(asciiLabel); byte[] labelSeed = concat(label, seed); int prfAlgorithm = context.getSecurityParameters().getPrfAlgorithm(); if (prfAlgorithm == PRFAlgorithm.tls_prf_legacy) { return PRF_legacy(secret, label, labelSeed, size); } Digest prfDigest = createPRFHash(prfAlgorithm); byte[] buf = new byte[size]; hmac_hash(prfDigest, secret, labelSeed, buf); return buf; }
context.getSecurityParameters().pskIdentity = Arrays.clone(psk_identity); this.dhAgreePrivateKey = TlsDHUtils.generateEphemeralClientKeyExchange(context.getSecureRandom(), dhParameters, output); this.ecAgreePrivateKey = TlsECCUtils.generateEphemeralClientKeyExchange(context.getSecureRandom(), serverECPointFormats, ecAgreePublicKey.getParameters(), output);
public void generateClientKeyExchange(OutputStream output) throws IOException { BigInteger A = srpClient.generateClientCredentials(srpSalt, identity, password); TlsSRPUtils.writeSRPParameter(A, output); context.getSecurityParameters().srpIdentity = Arrays.clone(identity); }
context.getNonceRandomGenerator().nextBytes(randomData); this.encryptThenMAC = context.getSecurityParameters().encryptThenMAC; if (context.isServer())
int macSize = writeMac.getSize(); ProtocolVersion version = context.getServerVersion(); int actualExtraPadBlocks = chooseExtraPadBlocks(context.getSecureRandom(), maxExtraPadBlocks); padding_length += actualExtraPadBlocks * blockSize; context.getNonceRandomGenerator().nextBytes(explicitIV);
public void generateClientKeyExchange(OutputStream output) throws IOException { /* * RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman * key, then Yc is implicit and does not need to be sent again. In this case, the Client Key * Exchange message will be sent, but will be empty. */ if (agreementCredentials == null) { this.dhAgreePrivateKey = TlsDHUtils.generateEphemeralClientKeyExchange(context.getSecureRandom(), dhParameters, output); } }
public static boolean isTLSv11(TlsContext context) { return isTLSv11(context.getServerVersion()); }
protected void sendCertificateMessage(Certificate certificate) throws IOException { if (certificate == null) { certificate = Certificate.EMPTY_CHAIN; } if (certificate.isEmpty()) { TlsContext context = getContext(); if (!context.isServer()) { ProtocolVersion serverVersion = getContext().getServerVersion(); if (serverVersion.isSSL()) { String errorMessage = serverVersion.toString() + " client didn't provide credentials"; raiseAlertWarning(AlertDescription.no_certificate, errorMessage); return; } } } HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate); certificate.encode(message); message.writeToRecordStream(); }
if (!server_version.isEqualOrEarlierVersionOf(getContext().getClientVersion())) || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL || CipherSuite.isSCSV(selectedCipherSuite) || !TlsUtils.isValidCipherSuiteForVersion(selectedCipherSuite, getContext().getServerVersion()))
&& ctx.getSecurityParameters().getMasterSecret() != null) this.expected_verify_data = createVerifyData(!ctx.isServer());
ProtocolVersion clientVersion = context.getClientVersion();
if (tlsContext.getSecurityParameters().getMasterSecret() == null && tlsContext.getResumableSession() != null) { = tlsContext.getResumableSession().exportSessionParameters(); if (sessionParameters != null && sessionParameters.getMasterSecret() != null) = tlsContext.exportKeyingMaterial( ExporterLabel.dtls_srtp, null,
/** * Encode this {@link HeartbeatMessage} to an {@link OutputStream}. * * @param output * the {@link OutputStream} to encode to. * @throws IOException */ public void encode(TlsContext context, OutputStream output) throws IOException { TlsUtils.writeUint8(type, output); TlsUtils.checkUint16(payload.length); TlsUtils.writeUint16(payload.length, output); output.write(payload); byte[] padding = new byte[paddingLength]; context.getNonceRandomGenerator().nextBytes(padding); output.write(padding); }
context.getSecurityParameters().pskIdentity = Arrays.clone(psk_identity); this.dhAgreePrivateKey = TlsDHUtils.generateEphemeralClientKeyExchange(context.getSecureRandom(), dhParameters, output); this.ecAgreePrivateKey = TlsECCUtils.generateEphemeralClientKeyExchange(context.getSecureRandom(), serverECPointFormats, ecAgreePublicKey.getParameters(), output);
public void generateClientKeyExchange(OutputStream output) throws IOException { BigInteger A = srpClient.generateClientCredentials(srpSalt, identity, password); TlsSRPUtils.writeSRPParameter(A, output); context.getSecurityParameters().srpIdentity = Arrays.clone(identity); }
context.getNonceRandomGenerator().nextBytes(randomData); this.encryptThenMAC = context.getSecurityParameters().encryptThenMAC; if (context.isServer())
public void generateClientKeyExchange(OutputStream output) throws IOException { /* * RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman * key, then Yc is implicit and does not need to be sent again. In this case, the Client Key * Exchange message will be sent, but will be empty. */ if (agreementCredentials == null) { this.dhAgreePrivateKey = TlsDHUtils.generateEphemeralClientKeyExchange(context.getSecureRandom(), dhParameters, output); } }