Produced by Araxis Merge on 9/25/2018 2:13:28 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\sun\security\util | KeyUtil.java | Mon Jan 22 14:46:54 2018 UTC |
2 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\sun\security\util | KeyUtil.java | Wed Sep 12 17:55:47 2018 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 6 | 728 |
Changed | 5 | 10 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | /* | |
2 | * Copyrig ht (c) 201 2, 2016, O racle and/ or its aff iliates. A ll rights reserved. | |
3 | * DO NOT ALTER OR R EMOVE COPY RIGHT NOTI CES OR THI S FILE HEA DER. | |
4 | * | |
5 | * This co de is free software; you can r edistribut e it and/o r modify i t | |
6 | * under t he terms o f the GNU General Pu blic Licen se version 2 only, a s | |
7 | * publish ed by the Free Softw are Founda tion. Ora cle design ates this | |
8 | * particu lar file a s subject to the "Cl asspath" e xception a s provided | |
9 | * by Orac le in the LICENSE fi le that ac companied this code. | |
10 | * | |
11 | * This co de is dist ributed in the hope that it wi ll be usef ul, but WI THOUT | |
12 | * ANY WAR RANTY; wit hout even the implie d warranty of MERCHA NTABILITY or | |
13 | * FITNESS FOR A PAR TICULAR PU RPOSE. Se e the GNU General Pu blic Licen se | |
14 | * version 2 for mor e details (a copy is included in the LIC ENSE file that | |
15 | * accompa nied this code). | |
16 | * | |
17 | * You sho uld have r eceived a copy of th e GNU Gene ral Public License v ersion | |
18 | * 2 along with this work; if not, write to the Fr ee Softwar e Foundati on, | |
19 | * Inc., 5 1 Franklin St, Fifth Floor, Bo ston, MA 0 2110-1301 USA. | |
20 | * | |
21 | * Please contact Or acle, 500 Oracle Par kway, Redw ood Shores , CA 94065 USA | |
22 | * or visi t www.orac le.com if you need a dditional informatio n or have any | |
23 | * questio ns. | |
24 | */ | |
25 | ||
26 | package su n.security .util; | |
27 | ||
28 | import jav a.security .Algorithm Parameters ; | |
29 | import jav a.security .Key; | |
30 | import jav a.security .Privilege dAction; | |
31 | import jav a.security .AccessCon troller; | |
32 | import jav a.security .InvalidKe yException ; | |
33 | import jav a.security .interface s.ECKey; | |
34 | import jav a.security .interface s.RSAKey; | |
35 | import jav a.security .interface s.DSAKey; | |
36 | import jav a.security .interface s.DSAParam s; | |
37 | import jav a.security .SecureRan dom; | |
38 | import jav a.security .spec.KeyS pec; | |
39 | import jav a.security .spec.ECPa rameterSpe c; | |
40 | import jav a.security .spec.Inva lidParamet erSpecExce ption; | |
41 | import jav ax.crypto. SecretKey; | |
42 | import jav ax.crypto. interfaces .DHKey; | |
43 | import jav ax.crypto. interfaces .DHPublicK ey; | |
44 | import jav ax.crypto. spec.DHPar ameterSpec ; | |
45 | import jav ax.crypto. spec.DHPub licKeySpec ; | |
46 | import jav a.math.Big Integer; | |
47 | ||
48 | import sun .security. jca.JCAUti l; | |
49 | ||
50 | /** | |
51 | * A utili ty class t o get key length, va liate keys , etc. | |
52 | */ | |
53 | public fin al class K eyUtil { | |
54 | ||
55 | /** | |
56 | * Ret urns the k ey size of the given key objec t in bits. | |
57 | * | |
58 | * @pa ram key th e key obje ct, cannot be null | |
59 | * @re turn the k ey size of the given key objec t in bits, or -1 if the | |
60 | * key siz e is not a ccessible | |
61 | */ | |
62 | public static fi nal int ge tKeySize(K ey key) { | |
63 | in t size = - 1; | |
64 | ||
65 | if (key inst anceof Len gth) { | |
66 | try { | |
67 | Leng th ruler = (Length)k ey; | |
68 | size = ruler.l ength(); | |
69 | } catch (Unsupport edOperatio nException usoe) { | |
70 | // i gnore the exception | |
71 | } | |
72 | ||
73 | if (size >= 0) { | |
74 | retu rn size; | |
75 | } | |
76 | } | |
77 | ||
78 | // try to pa rse the le ngth from key specif ication | |
79 | if (key inst anceof Sec retKey) { | |
80 | SecretKe y sk = (Se cretKey)ke y; | |
81 | String f ormat = sk .getFormat (); | |
82 | if ("RAW ".equals(f ormat) && sk.getEnco ded() != n ull) { | |
83 | size = (sk.get Encoded(). length * 8 ); | |
84 | } // O therwise, it may be a unextrac table key of PKCS#11 , or | |
85 | // a key we ar e not able to handle . | |
86 | } else if (k ey instanc eof RSAKey ) { | |
87 | RSAKey p ubk = (RSA Key)key; | |
88 | size = p ubk.getMod ulus().bit Length(); | |
89 | } else if (k ey instanc eof ECKey) { | |
90 | ECKey pu bk = (ECKe y)key; | |
91 | size = p ubk.getPar ams().getO rder().bit Length(); | |
92 | } else if (k ey instanc eof DSAKey ) { | |
93 | DSAKey p ubk = (DSA Key)key; | |
94 | DSAParam s params = pubk.getP arams(); // param s can be n ull | |
95 | size = ( params != null) ? pa rams.getP( ).bitLengt h() : -1; | |
96 | } else if (k ey instanc eof DHKey) { | |
97 | DHKey pu bk = (DHKe y)key; | |
98 | size = p ubk.getPar ams().getP ().bitLeng th(); | |
99 | } // Other wise, it m ay be a un extractabl e key of P KCS#11, or | |
100 | // a key we are no t able to handle. | |
101 | ||
102 | re turn size; | |
103 | } | |
104 | ||
105 | /** | |
106 | * Ret urns the k ey size of the given cryptogra phic param eters in b its. | |
107 | * | |
108 | * @pa ram parame ters the c ryptograph ic paramet ers, canno t be null | |
109 | * @re turn the k ey size of the given cryptogra phic param eters in b its, | |
110 | * or -1 i f the key size is no t accessib le | |
111 | */ | |
112 | public static fi nal int ge tKeySize(A lgorithmPa rameters p arameters) { | |
113 | ||
114 | St ring algor ithm = par ameters.ge tAlgorithm (); | |
115 | sw itch (algo rithm) { | |
116 | case "EC ": | |
117 | try { | |
118 | ECKeySizeP arameterSp ec ps = pa rameters.g etParamete rSpec( | |
119 | EC KeySizePar ameterSpec .class); | |
120 | if (ps != null) { | |
121 | return ps.getKey Size(); | |
122 | } | |
123 | } ca tch (Inval idParamete rSpecExcep tion ipse) { | |
124 | // ignore | |
125 | } | |
126 | ||
127 | try { | |
128 | ECParamete rSpec ps = parameter s.getParam eterSpec( | |
129 | EC ParameterS pec.class) ; | |
130 | if (ps != null) { | |
131 | return ps.getOrd er().bitLe ngth(); | |
132 | } | |
133 | } ca tch (Inval idParamete rSpecExcep tion ipse) { | |
134 | // ignore | |
135 | } | |
136 | ||
137 | // N ote: the E CGenParame terSpec ca se should be covered by the | |
138 | // E CParameter Spec case above. | |
139 | // S ee ECUtil. getECParam eterSpec(P rovider, S tring). | |
140 | ||
141 | brea k; | |
142 | case "Di ffieHellma n": | |
143 | try { | |
144 | DHParamete rSpec ps = parameter s.getParam eterSpec( | |
145 | DH ParameterS pec.class) ; | |
146 | if (ps != null) { | |
147 | return ps.getP() .bitLength (); | |
148 | } | |
149 | } ca tch (Inval idParamete rSpecExcep tion ipse) { | |
150 | // ignore | |
151 | } | |
152 | brea k; | |
153 | ||
154 | // May s upport mor e Algorith mParameter s algorith ms in the future. | |
155 | } | |
156 | ||
157 | re turn -1; | |
158 | } | |
159 | ||
160 | /** | |
161 | * Ret urns wheth er the key is valid or not. | |
162 | * <P> | |
163 | * Not e that thi s method i s only app ly to DHPu blicKey at present. | |
164 | * | |
165 | * @pa ram publi cKey | |
166 | * the k ey object, cannot be null | |
167 | * | |
168 | * @th rows NullP ointerExce ption if { @code publ icKey} is null | |
169 | * @th rows Inval idKeyExcep tion if {@ code publi cKey} is i nvalid | |
170 | */ | |
171 | public static fi nal void v alidate(Ke y key) | |
172 | throws I nvalidKeyE xception { | |
173 | if (key == n ull) { | |
174 | throw ne w NullPoin terExcepti on( | |
175 | "The key to be validated cannot be null"); | |
176 | } | |
177 | ||
178 | if (key inst anceof DHP ublicKey) { | |
179 | validate DHPublicKe y((DHPubli cKey)key); | |
180 | } | |
181 | } | |
182 | ||
183 | ||
184 | /** | |
185 | * Ret urns wheth er the key spec is v alid or no t. | |
186 | * <P> | |
187 | * Not e that thi s method i s only app ly to DHPu blicKeySpe c at prese nt. | |
188 | * | |
189 | * @pa ram keySp ec | |
190 | * the k ey spec ob ject, cann ot be null | |
191 | * | |
192 | * @th rows NullP ointerExce ption if { @code keyS pec} is nu ll | |
193 | * @th rows Inval idKeyExcep tion if {@ code keySp ec} is inv alid | |
194 | */ | |
195 | public static fi nal void v alidate(Ke ySpec keyS pec) | |
196 | throws I nvalidKeyE xception { | |
197 | if (keySpec == null) { | |
198 | throw ne w NullPoin terExcepti on( | |
199 | "The key spec to be vali dated cann ot be null "); | |
200 | } | |
201 | ||
202 | if (keySpec instanceof DHPublicK eySpec) { | |
203 | validate DHPublicKe y((DHPubli cKeySpec)k eySpec); | |
204 | } | |
205 | } | |
206 | ||
207 | /** | |
208 | * Ret urns wheth er the spe cified pro vider is O racle prov ider or no t. | |
209 | * | |
210 | * @pa ram provi derName | |
211 | * the p rovider na me | |
212 | * @re turn true if, and on ly if, the provider of the spe cified | |
213 | * {@cod e provider Name} is O racle prov ider | |
214 | */ | |
215 | public static fi nal boolea n isOracle JCEProvide r(String p roviderNam e) { | |
216 | re turn provi derName != null && | |
217 | (pro viderName. equals("Su nJCE") || | |
218 | providerNa me.equals( "SunMSCAPI ") || | |
219 | providerNa me.equals( "OracleUcr ypto") || | |
220 | providerNa me.startsW ith("SunPK CS11")); | |
221 | } | |
222 | ||
223 | /** | |
224 | * Che ck the for mat of TLS PreMaster Secret. | |
225 | * <P> | |
226 | * To avoid vuln erabilitie s describe d by secti on 7.4.7.1 , RFC 5246 , | |
227 | * tre ating inco rrectly fo rmatted me ssage bloc ks and/or mismatched | |
228 | * ver sion numbe rs in a ma nner indis tinguishab le from co rrectly | |
229 | * for matted RSA blocks. | |
230 | * | |
231 | * RFC 5246 desc ribes the approach a s : | |
232 | * | |
233 | * 1. Generate a string R of 48 ran dom bytes | |
234 | * | |
235 | * 2. Decrypt t he message to recove r the plai ntext M | |
236 | * | |
237 | * 3. If the PK CS#1 paddi ng is not correct, o r the leng th of mess age | |
238 | * M is not exactly 48 bytes: | |
239 | * pre_master _ PW = R | |
240 | * else If C lientHello .client_ve rsion <= T LS 1.0, an d version | |
241 | * number ch eck is exp licitly di sabled: | |
242 | * premaster PW = M | |
243 | * else If M [0..1] != ClientHell o.client_v ersion: | |
244 | * premaster PW = R | |
245 | * else: | |
246 | * premaster PW = M | |
247 | * | |
248 | * Not e that #2 should hav e complete d before t he call to this meth od. | |
249 | * | |
250 | * @pa ram clien tVersion t he version of the TL S protocol by which the | |
251 | * clien t wishes t o communic ate during this sess ion | |
252 | * @pa ram serve rVersion t he negotia ted versio n of the T LS protoco l which | |
253 | * conta ins the lo wer of tha t suggeste d by the c lient in t he client | |
254 | * hello and the h ighest sup ported by the server . | |
255 | * @pa ram encod ed the enc oded key i n its "RAW " encoding format | |
256 | * @pa ram isFai lover whet her or not the previ ous decryp tion of th e | |
257 | * encry pted PreMa sterSecret message r un into pr oblem | |
258 | * @re turn the p olished Pr eMasterSec ret key in its "RAW" encoding format | |
259 | */ | |
260 | public static by te[] check TlsPreMast erSecretKe y( | |
261 | int clie ntVersion, int serve rVersion, SecureRand om random, | |
262 | byte[] e ncoded, bo olean isFa ilOver) { | |
263 | ||
264 | if (random = = null) { | |
265 | random = JCAUtil.g etSecureRa ndom(); | |
266 | } | |
267 | by te[] repla cer = new byte[48]; | |
268 | ra ndom.nextB ytes(repla cer); | |
269 | ||
270 | if (!isFailO ver && (en coded != n ull)) { | |
271 | // check the lengt h | |
272 | if (enco ded.length != 48) { | |
273 | // p rivate, do n't need t o clone th e byte arr ay. | |
274 | retu rn replace r; | |
275 | } | |
276 | ||
277 | int enco dedVersion = | |
278 | ((encoded[ 0] & 0xFF) << 8) | ( encoded[1] & 0xFF); | |
279 | if (clie ntVersion != encoded Version) { | |
280 | if ( clientVers ion > 0x03 01 || // 0x0301: TLSv1 | |
281 | serverV ersion != encodedVer sion) { | |
282 | encoded = replacer; | |
283 | } // Otherwi se, For co mpatibilit y, we main tain the b ehavior | |
284 | // that th e version in pre_mas ter_ PW can be the | |
285 | // negotia ted versio n for TLS v1.0 and S SL v3.0. | |
286 | } | |
287 | ||
288 | // priva te, don't need to cl one the by te array. | |
289 | return e ncoded; | |
290 | } | |
291 | ||
292 | // private, don't need to clone the byte a rray. | |
293 | re turn repla cer; | |
294 | } | |
295 | ||
296 | /** | |
297 | * Ret urns wheth er the Dif fie-Hellma n public k ey is vali d or not. | |
298 | * | |
299 | * Per RFC 2631 and NIST S P800-56A, the follow ing algori thm is use d to | |
300 | * val idate Diff ie-Hellman public ke ys: | |
301 | * 1. Verify tha t y lies w ithin the interval [ 2,p-1]. If it does n ot, | |
302 | * the key is invalid. | |
303 | * 2. Compute y^ q mod p. I f the resu lt == 1, t he key is valid. | |
304 | * Otherwise the key is invalid. | |
305 | */ | |
306 | privat e static v oid valida teDHPublic Key(DHPubl icKey publ icKey) | |
307 | throws I nvalidKeyE xception { | |
308 | DH ParameterS pec paramS pec = publ icKey.getP arams(); | |
309 | ||
310 | Bi gInteger p = paramSp ec.getP(); | |
311 | Bi gInteger g = paramSp ec.getG(); | |
312 | Bi gInteger y = publicK ey.getY(); | |
313 | ||
314 | va lidateDHPu blicKey(p, g, y); | |
315 | } | |
316 | ||
317 | privat e static v oid valida teDHPublic Key(DHPubl icKeySpec publicKeyS pec) | |
318 | throws I nvalidKeyE xception { | |
319 | va lidateDHPu blicKey(pu blicKeySpe c.getP(), | |
320 | publicKe ySpec.getG (), public KeySpec.ge tY()); | |
321 | } | |
322 | ||
323 | privat e static v oid valida teDHPublic Key(BigInt eger p, | |
324 | BigInteg er g, BigI nteger y) throws Inv alidKeyExc eption { | |
325 | ||
326 | // For bette r interope rability, the interv al is limi ted to [2, p-2]. | |
327 | Bi gInteger l eftOpen = BigInteger .ONE; | |
328 | Bi gInteger r ightOpen = p.subtrac t(BigInteg er.ONE); | |
329 | if (y.compar eTo(leftOp en) <= 0) { | |
330 | throw ne w InvalidK eyExceptio n( | |
331 | "Diffie-He llman publ ic key is too small" ); | |
332 | } | |
333 | if (y.compar eTo(rightO pen) >= 0) { | |
334 | throw ne w InvalidK eyExceptio n( | |
335 | "Diffie-He llman publ ic key is too large" ); | |
336 | } | |
337 | ||
338 | // y^q mod p == 1? | |
339 | // Unable to perform t his check as q is un known in t his circum stance. | |
340 | ||
341 | // p is expe cted to be prime. H owever, it is too ex pensive to check | |
342 | // that p is prime. I nstead, in order to mitigate t he impact of | |
343 | // non-prime values, w e check th at y is no t a factor of p. | |
344 | Bi gInteger r = p.remai nder(y); | |
345 | if (r.equals (BigIntege r.ZERO)) { | |
346 | throw ne w InvalidK eyExceptio n("Invalid Diffie-He llman para meters"); | |
347 | } | |
348 | } | |
349 | ||
350 | /** | |
351 | * Tri m leading (most sign ificant) z eroes from the resul t. | |
352 | * | |
353 | * @th rows NullP ointerExce ption if { @code b} i s null | |
354 | */ | |
355 | public static by te[] trimZ eroes(byte [] b) { | |
356 | in t i = 0; | |
357 | wh ile ((i < b.length - 1) && (b[ i] == 0)) { | |
358 | i++; | |
359 | } | |
360 | if (i == 0) { | |
361 | return b ; | |
362 | } | |
363 | by te[] t = n ew byte[b. length - i ]; | |
364 | Sy stem.array copy(b, i, t, 0, t.l ength); | |
365 | re turn t; | |
366 | } | |
367 | ||
368 | } | |
369 |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.