private static byte[] readBytes(final DatagramReader reader, final int lengthBits) { int length = reader.read(lengthBits); return reader.readBytes(length); }
private static ECDHServerKeyExchange readNamedCurve(final DatagramReader reader, final InetSocketAddress peerAddress) throws HandshakeException { int curveId = reader.read(NAMED_CURVE_BITS); int length = reader.read(PUBLIC_LENGTH_BITS); byte[] pointEncoded = reader.readBytes(length); byte[] bytesLeft = reader.readBytesLeft(); // default is SHA256withECDSA SignatureAndHashAlgorithm signAndHash = new SignatureAndHashAlgorithm(SignatureAndHashAlgorithm.HashAlgorithm.SHA256, SignatureAndHashAlgorithm.SignatureAlgorithm.ECDSA); byte[] signatureEncoded = null; if (bytesLeft.length > 0) { DatagramReader remainder = new DatagramReader(bytesLeft); int hashAlgorithm = remainder.read(HASH_ALGORITHM_BITS); int signatureAlgorithm = remainder.read(SIGNATURE_ALGORITHM_BITS); signAndHash = new SignatureAndHashAlgorithm(hashAlgorithm, signatureAlgorithm); length = remainder.read(SIGNATURE_LENGTH_BITS); signatureEncoded = remainder.readBytes(length); } return new ECDHServerKeyExchange(signAndHash, curveId, pointEncoded, signatureEncoded, peerAddress); }
public static HelloExtension fromExtensionData(byte[] extensionData) { DatagramReader reader = new DatagramReader(extensionData); int listLength = reader.read(LIST_LENGTH_BITS); List<Integer> groupIds = new ArrayList<Integer>(); while (listLength > 0) { int id = reader.read(CURVE_BITS); groupIds.add(id); listLength -= 2; } return new SupportedEllipticCurvesExtension(groupIds); }
@Override public MessageHeader parseHeader(final DatagramReader reader) { int len = reader.read(LENGTH_NIBBLE_BITS); int tokenLength = reader.read(TOKEN_LENGTH_BITS); assertValidTokenLength(tokenLength); reader.readBytes(DatagramFramer.getLengthFieldSize(len)); int code = reader.read(CODE_BITS); byte token[] = reader.readBytes(tokenLength); // No MID/Type/VERSION in TCP message. Use defaults. return new MessageHeader(CoAP.VERSION, CoAP.Type.CON, token, code, Message.NONE, 0); } }
public static HelloExtension fromExtensionData(byte[] extensionData) { DatagramReader reader = new DatagramReader(extensionData); int listLength = reader.read(LIST_LENGTH_BITS); List<ECPointFormat> ecPointFormatList = new ArrayList<ECPointFormat>(); while (listLength > 0) { ECPointFormat format = ECPointFormat.getECPointFormatById(reader.read(POINT_FORMAT_BITS)); ecPointFormatList.add(format); // one point format uses 1 byte listLength -= 1; } return new SupportedPointFormatsExtension(ecPointFormatList); }
@Override protected MessageHeader parseHeader(final DatagramReader reader) { int version = reader.read(VERSION_BITS); assertCorrectVersion(version); int type = reader.read(TYPE_BITS); int tokenLength = reader.read(TOKEN_LENGTH_BITS); assertValidTokenLength(tokenLength); int code = reader.read(CODE_BITS); int mid = reader.read(MESSAGE_ID_BITS); byte token[] = reader.readBytes(tokenLength); return new MessageHeader(version, CoAP.Type.valueOf(type), token, code, mid, 0); }
public static List<CipherSuite> listFromByteArray(byte[] byteArray, int numElements) { List<CipherSuite> cipherSuites = new ArrayList<CipherSuite>(); DatagramReader reader = new DatagramReader(byteArray); for (int i = 0; i < numElements; i++) { int code = reader.read(CIPHER_SUITE_BITS); CipherSuite cipher = CipherSuite.getTypeByCode(code); // simply ignore unknown cipher suites as mandated by // RFC 5246, Section 7.4.1.2 Client Hello if (cipher != null) { cipherSuites.add(cipher); } } return cipherSuites; }
public static HandshakeMessage fromByteArray(byte[] byteArray, InetSocketAddress peerAddress) { DatagramReader reader = new DatagramReader(byteArray); // according to http://tools.ietf.org/html/rfc5246#section-4.7 the // signature algorithm must also be included int hashAlgorithm = reader.read(HASH_ALGORITHM_BITS); int signatureAlgorithm = reader.read(SIGNATURE_ALGORITHM_BITS); SignatureAndHashAlgorithm signAndHash = new SignatureAndHashAlgorithm(hashAlgorithm, signatureAlgorithm); int length = reader.read(SIGNATURE_LENGTH_BITS); byte[] signature = reader.readBytes(length); return new CertificateVerify(signAndHash, signature, peerAddress); }
/** * Takes a byte array and creates the representing list of compression * methods. * * @param byteArray * the encoded compression methods as byte array * @param numElements * the number of compression methods represented in the byte * array * @return corresponding list of compression methods */ public static List<CompressionMethod> listFromByteArray(byte[] byteArray, int numElements) { List<CompressionMethod> compressionMethods = new ArrayList<CompressionMethod>(); DatagramReader reader = new DatagramReader(byteArray); for (int i = 0; i < numElements; i++) { int code = reader.read(COMPRESSION_METHOD_BITS); CompressionMethod method = CompressionMethod.getMethodByCode(code); if (method != null) { compressionMethods.add(method); } } return compressionMethods; } }
public static HandshakeMessage fromByteArray(byte[] byteArray, InetSocketAddress peerAddress) { DatagramReader reader = new DatagramReader(byteArray); int major = reader.read(VERSION_BITS); int minor = reader.read(VERSION_BITS); ProtocolVersion version = new ProtocolVersion(major, minor); int cookieLength = reader.read(COOKIE_LENGTH_BITS); byte[] cookie = reader.readBytes(cookieLength); return new HelloVerifyRequest(version, cookie, peerAddress); }
private static int determineValueFromNibble(final DatagramReader reader, final int delta, final Message message) { if (delta <= 12) { return delta; } else if (delta == 13) { return reader.read(8) + 13; } else if (delta == 14) { return reader.read(16) + 269; } else { throw new CoAPMessageFormatException( "Message contains illegal option delta/length: " + delta, message.getMID(), message.getRawCode(), message.isConfirmable()); } } }
public static HandshakeMessage fromByteArray(byte[] byteArray, InetSocketAddress peerAddress) { DatagramReader reader = new DatagramReader(byteArray); int length = reader.read(LENGTH_BITS); byte[] pointEncoded = reader.readBytes(length); return new ECDHClientKeyExchange(pointEncoded, peerAddress); }
public static HandshakeMessage fromByteArray(byte[] byteArray, InetSocketAddress peerAddress) throws HandshakeException { DatagramReader reader = new DatagramReader(byteArray); int curveType = reader.read(CURVE_TYPE_BITS); switch (curveType) { // TODO right now only named curve supported case NAMED_CURVE: return readNamedCurve(reader, peerAddress); default: throw new HandshakeException( String.format( "Curve type [%s] received in ServerKeyExchange message from peer [%s] is unsupported", curveType, peerAddress), new AlertMessage(AlertLevel.FATAL, AlertDescription.HANDSHAKE_FAILURE, peerAddress)); } }
public static HandshakeMessage fromByteArray(byte[] byteArray, InetSocketAddress peerAddress) { DatagramReader reader = new DatagramReader(byteArray); int length = reader.read(IDENTITY_LENGTH_BITS); byte[] identityEncoded = reader.readBytes(length); return new PSKClientKeyExchange(identityEncoded, peerAddress); }
public static DTLSMessage fromByteArray(byte[] byteArray, InetSocketAddress peerAddress) throws HandshakeException { DatagramReader reader = new DatagramReader(byteArray); int code = reader.read(CCS_BITS); if (code == CCSType.CHANGE_CIPHER_SPEC.getCode()) { return new ChangeCipherSpecMessage(peerAddress); } else { String message = "Unknown Change Cipher Spec code received: " + code; AlertMessage alert = new AlertMessage(AlertLevel.FATAL, AlertDescription.HANDSHAKE_FAILURE, peerAddress); throw new HandshakeException(message, alert); } }
public static HandshakeMessage fromByteArray(byte[] byteArray, InetSocketAddress peerAddress) { DatagramReader reader = new DatagramReader(byteArray); int length = reader.read(IDENTITY_HINT_LENGTH_BITS); byte[] hintEncoded = reader.readBytes(length); return new PSKServerKeyExchange(hintEncoded, peerAddress); }
private static byte[] readHostName(final DatagramReader reader, final InetSocketAddress peerAddress) throws HandshakeException { if (reader.bitsLeft() >= LENGTH_BITS) { int length = reader.read(LENGTH_BITS); if (reader.bytesAvailable(length)) { return reader.readBytes(length); } } throw newDecodeError(peerAddress); }
private static CertificateMessage readX509CertificateMessage(final DatagramReader reader, final InetSocketAddress peerAddress) throws HandshakeException { LOGGER.log(Level.FINER, "Parsing X.509 CERTIFICATE message"); int certificateChainLength = reader.read(CERTIFICATE_LIST_LENGTH); List<Certificate> certs = new ArrayList<>(); try { CertificateFactory factory = CertificateFactory.getInstance(CERTIFICATE_TYPE_X509); while (certificateChainLength > 0) { int certificateLength = reader.read(CERTIFICATE_LENGTH_BITS); byte[] certificate = reader.readBytes(certificateLength); // the size of the length and the actual length of the encoded certificate certificateChainLength -= (CERTIFICATE_LENGTH_BITS/8) + certificateLength; certs.add(factory.generateCertificate(new ByteArrayInputStream(certificate))); } return new CertificateMessage(factory.generateCertPath(certs), peerAddress); } catch (CertificateException e) { throw new HandshakeException( "Cannot parse X.509 certificate chain provided by peer", new AlertMessage(AlertLevel.FATAL, AlertDescription.BAD_CERTIFICATE, peerAddress), e); } }
/** * Creates a certificate message from its binary encoding. * * @param byteArray The binary encoding of the message. * @param useRawPublicKey {@code true} if the certificate message contains a RawPublicKey instead * of an X.509 certificate chain. * @param peerAddress The IP address and port of the peer that sent the message. * @return The certificate message. * @throws HandshakeException if the binary encoding could not be parsed. */ public static CertificateMessage fromByteArray( final byte[] byteArray, boolean useRawPublicKey, InetSocketAddress peerAddress) throws HandshakeException { DatagramReader reader = new DatagramReader(byteArray); if (useRawPublicKey) { LOGGER.log(Level.FINER, "Parsing RawPublicKey CERTIFICATE message"); int certificateLength = reader.read(CERTIFICATE_LENGTH_BITS); byte[] rawPublicKey = reader.readBytes(certificateLength); return new CertificateMessage(rawPublicKey, peerAddress); } else { return readX509CertificateMessage(reader, peerAddress); } }