Produced by Araxis Merge on 9/25/2018 2:13:02 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\com\sun\crypto\provider | TlsKeyMaterialGenerator.java | Mon Jan 22 14:46:50 2018 UTC |
2 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\com\sun\crypto\provider | TlsKeyMaterialGenerator.java | Wed Sep 12 16:22:46 2018 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 3 | 552 |
Changed | 2 | 4 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | /* | |
2 | * Copyrig ht (c) 200 5, 2013, O racle and/ or its aff iliates. A ll rights reserved. | |
3 | * DO NOT ALTER OR R EMOVE COPY RIGHT NOTI CES OR THI S FILE HEA DER. | |
4 | * | |
5 | * This co de is free software; you can r edistribut e it and/o r modify i t | |
6 | * under t he terms o f the GNU General Pu blic Licen se version 2 only, a s | |
7 | * publish ed by the Free Softw are Founda tion. Ora cle design ates this | |
8 | * particu lar file a s subject to the "Cl asspath" e xception a s provided | |
9 | * by Orac le in the LICENSE fi le that ac companied this code. | |
10 | * | |
11 | * This co de is dist ributed in the hope that it wi ll be usef ul, but WI THOUT | |
12 | * ANY WAR RANTY; wit hout even the implie d warranty of MERCHA NTABILITY or | |
13 | * FITNESS FOR A PAR TICULAR PU RPOSE. Se e the GNU General Pu blic Licen se | |
14 | * version 2 for mor e details (a copy is included in the LIC ENSE file that | |
15 | * accompa nied this code). | |
16 | * | |
17 | * You sho uld have r eceived a copy of th e GNU Gene ral Public License v ersion | |
18 | * 2 along with this work; if not, write to the Fr ee Softwar e Foundati on, | |
19 | * Inc., 5 1 Franklin St, Fifth Floor, Bo ston, MA 0 2110-1301 USA. | |
20 | * | |
21 | * Please contact Or acle, 500 Oracle Par kway, Redw ood Shores , CA 94065 USA | |
22 | * or visi t www.orac le.com if you need a dditional informatio n or have any | |
23 | * questio ns. | |
24 | */ | |
25 | ||
26 | package co m.sun.cryp to.provide r; | |
27 | ||
28 | import jav a.security .*; | |
29 | import jav a.security .spec.Algo rithmParam eterSpec; | |
30 | ||
31 | import jav ax.crypto. *; | |
32 | import jav ax.crypto. spec.*; | |
33 | ||
34 | import sun .security. internal.s pec.*; | |
35 | ||
36 | import sta tic com.su n.crypto.p rovider.Tl sPrfGenera tor.*; | |
37 | ||
38 | /** | |
39 | * KeyGene rator impl ementation for the S SL/TLS mas ter PW derivation . | |
40 | * | |
41 | * @author Andreas Sterbenz | |
42 | * @since 1.6 | |
43 | */ | |
44 | public fin al class T lsKeyMater ialGenerat or extends KeyGenera torSpi { | |
45 | ||
46 | privat e final st atic Strin g MSG = "T lsKeyMater ialGenerat or must be " | |
47 | + "initializ ed using a TlsKeyMat erialParam eterSpec"; | |
48 | ||
49 | privat e TlsKeyMa terialPara meterSpec spec; | |
50 | ||
51 | privat e int prot ocolVersio n; | |
52 | ||
53 | public TlsKeyMat erialGener ator() { | |
54 | } | |
55 | ||
56 | protec ted void e ngineInit( SecureRand om random) { | |
57 | th row new In validParam eterExcept ion(MSG); | |
58 | } | |
59 | ||
60 | protec ted void e ngineInit( AlgorithmP arameterSp ec params, | |
61 | SecureRa ndom rando m) throws InvalidAlg orithmPara meterExcep tion { | |
62 | if (params i nstanceof TlsKeyMate rialParame terSpec == false) { | |
63 | throw ne w InvalidA lgorithmPa rameterExc eption(MSG ); | |
64 | } | |
65 | th is.spec = (TlsKeyMat erialParam eterSpec)p arams; | |
66 | if ("RAW".eq uals(spec. getMasterS ecret().ge tFormat()) == false) { | |
67 | throw ne w InvalidA lgorithmPa rameterExc eption( | |
68 | "Key format mu st be RAW" ); | |
69 | } | |
70 | pr otocolVers ion = (spe c.getMajor Version() << 8) | |
71 | | spec.g etMinorVer sion(); | |
72 | if ((protoco lVersion < 0x0300) | | (protoco lVersion > 0x0303)) { | |
73 | throw ne w InvalidA lgorithmPa rameterExc eption( | |
74 | "Onl y SSL 3.0, TLS 1.0/1 .1/1.2 sup ported"); | |
75 | } | |
76 | } | |
77 | ||
78 | protec ted void e ngineInit( int keysiz e, SecureR andom rand om) { | |
79 | th row new In validParam eterExcept ion(MSG); | |
80 | } | |
81 | ||
82 | protec ted Secret Key engine GenerateKe y() { | |
83 | if (spec == null) { | |
84 | throw ne w IllegalS tateExcept ion( | |
85 | "Tls KeyMateria lGenerator must be i nitialized "); | |
86 | } | |
87 | tr y { | |
88 | return e ngineGener ateKey0(); | |
89 | } catch (Gen eralSecuri tyExceptio n e) { | |
90 | throw ne w Provider Exception( e); | |
91 | } | |
92 | } | |
93 | ||
94 | privat e SecretKe y engineGe nerateKey0 () throws GeneralSec urityExcep tion { | |
95 | by te[] maste rSecret = spec.getMa sterSecret ().getEnco ded(); | |
96 | ||
97 | by te[] clien tRandom = spec.getCl ientRandom (); | |
98 | by te[] serve rRandom = spec.getSe rverRandom (); | |
99 | ||
100 | Se cretKey cl ientMacKey = null; | |
101 | Se cretKey se rverMacKey = null; | |
102 | Se cretKey cl ientCipher Key = null ; | |
103 | Se cretKey se rverCipher Key = null ; | |
104 | Iv ParameterS pec client Iv = null; | |
105 | Iv ParameterS pec server Iv = null; | |
106 | ||
107 | in t macLengt h = spec.g etMacKeyLe ngth(); | |
108 | in t expanded KeyLength = spec.get ExpandedCi pherKeyLen gth(); | |
109 | bo olean isEx portable = (expanded KeyLength != 0); | |
110 | in t keyLengt h = spec.g etCipherKe yLength(); | |
111 | in t ivLength = spec.ge tIvLength( ); | |
112 | ||
113 | in t keyBlock Len = macL ength + ke yLength | |
114 | + (isExp ortable ? 0 : ivLeng th); | |
115 | ke yBlockLen <<= 1; | |
116 | by te[] keyBl ock = new byte[keyBl ockLen]; | |
117 | ||
118 | // These may be used a gain later for expor table suit e calculat ions. | |
119 | Me ssageDiges t md5 = nu ll; | |
120 | Me ssageDiges t sha = nu ll; | |
121 | ||
122 | // generate key block | |
123 | if (protocol Version >= 0x0303) { | |
124 | // TLS 1 .2 | |
125 | byte[] s eed = conc at(serverR andom, cli entRandom) ; | |
126 | keyBlock = doTLS12 PRF(master Secret, LA BEL_KEY_EX PANSION, s eed, | |
127 | keyBlo ckLen, spe c.getPRFHa shAlg(), | |
128 | spec.g etPRFHashL ength(), s pec.getPRF BlockSize( )); | |
129 | } else if (p rotocolVer sion >= 0x 0301) { | |
130 | // TLS 1 .0/1.1 | |
131 | md5 = Me ssageDiges t.getInsta nce("MD5") ; | |
132 | sha = Me ssageDiges t.getInsta nce("SHA1" ); | |
133 | byte[] s eed = conc at(serverR andom, cli entRandom) ; | |
134 | keyBlock = doTLS10 PRF(master Secret, LA BEL_KEY_EX PANSION, s eed, | |
135 | keyBlo ckLen, md5 , sha); | |
136 | } else { | |
137 | // SSL | |
138 | md5 = Me ssageDiges t.getInsta nce("MD5") ; | |
139 | sha = Me ssageDiges t.getInsta nce("SHA1" ); | |
140 | keyBlock = new byt e[keyBlock Len]; | |
141 | ||
142 | byte[] t mp = new b yte[20]; | |
143 | for (int i = 0, re maining = keyBlockLe n; | |
144 | rem aining > 0 ; | |
145 | i++ , remainin g -= 16) { | |
146 | ||
147 | sha. update(SSL 3_CONST[i] ); | |
148 | sha. update(mas terSecret) ; | |
149 | sha. update(ser verRandom) ; | |
150 | sha. update(cli entRandom) ; | |
151 | sha. digest(tmp , 0, 20); | |
152 | ||
153 | md5. update(mas terSecret) ; | |
154 | md5. update(tmp ); | |
155 | ||
156 | if ( remaining >= 16) { | |
157 | md5.digest (keyBlock, i << 4, 1 6); | |
158 | } el se { | |
159 | md5.digest (tmp, 0, 1 6); | |
160 | System.arr aycopy(tmp , 0, keyBl ock, i << 4, remaini ng); | |
161 | } | |
162 | } | |
163 | } | |
164 | ||
165 | // partiti on keybloc k into ind ividual PW s | |
166 | ||
167 | in t ofs = 0; | |
168 | if (macLengt h != 0) { | |
169 | byte[] t mp = new b yte[macLen gth]; | |
170 | ||
171 | // mac k eys | |
172 | System.a rraycopy(k eyBlock, o fs, tmp, 0 , macLengt h); | |
173 | ofs += m acLength; | |
174 | clientMa cKey = new SecretKey Spec(tmp, "Mac"); | |
175 | ||
176 | System.a rraycopy(k eyBlock, o fs, tmp, 0 , macLengt h); | |
177 | ofs += m acLength; | |
178 | serverMa cKey = new SecretKey Spec(tmp, "Mac"); | |
179 | } | |
180 | ||
181 | if (keyLengt h == 0) { // SSL_RSA _WITH_NULL _* ciphers uites | |
182 | return n ew TlsKeyM aterialSpe c(clientMa cKey, serv erMacKey); | |
183 | } | |
184 | ||
185 | St ring alg = spec.getC ipherAlgor ithm(); | |
186 | ||
187 | // cipher ke ys | |
188 | by te[] clien tKeyBytes = new byte [keyLength ]; | |
189 | Sy stem.array copy(keyBl ock, ofs, clientKeyB ytes, 0, k eyLength); | |
190 | of s += keyLe ngth; | |
191 | ||
192 | by te[] serve rKeyBytes = new byte [keyLength ]; | |
193 | Sy stem.array copy(keyBl ock, ofs, serverKeyB ytes, 0, k eyLength); | |
194 | of s += keyLe ngth; | |
195 | ||
196 | if (isExport able == fa lse) { | |
197 | // ciphe r keys | |
198 | clientCi pherKey = new Secret KeySpec(cl ientKeyByt es, alg); | |
199 | serverCi pherKey = new Secret KeySpec(se rverKeyByt es, alg); | |
200 | ||
201 | // IV ke ys if need ed. | |
202 | if (ivLe ngth != 0) { | |
203 | byte [] tmp = n ew byte[iv Length]; | |
204 | ||
205 | Syst em.arrayco py(keyBloc k, ofs, tm p, 0, ivLe ngth); | |
206 | ofs += ivLengt h; | |
207 | clie ntIv = new IvParamet erSpec(tmp ); | |
208 | ||
209 | Syst em.arrayco py(keyBloc k, ofs, tm p, 0, ivLe ngth); | |
210 | ofs += ivLengt h; | |
211 | serv erIv = new IvParamet erSpec(tmp ); | |
212 | } | |
213 | } else { | |
214 | // if ex portable s uites, cal culate the alternate | |
215 | // ciphe r key expa nsion and IV generat ion | |
216 | if (prot ocolVersio n >= 0x030 2) { | |
217 | // T LS 1.1+ | |
218 | thro w new Runt imeExcepti on( | |
219 | "Internal Error: TL S 1.1+ sho uld not be negotiati ng" + | |
220 | "exportabl e ciphersu ites"); | |
221 | } else i f (protoco lVersion = = 0x0301) { | |
222 | // T LS 1.0 | |
223 | byte [] seed = concat(cli entRandom, serverRan dom); | |
224 | ||
225 | byte [] tmp = d oTLS10PRF( clientKeyB ytes, | |
226 | LABEL_CLIE NT_WRITE_K EY, seed, expandedKe yLength, m d5, sha); | |
227 | clie ntCipherKe y = new Se cretKeySpe c(tmp, alg ); | |
228 | ||
229 | tmp = doTLS10P RF(serverK eyBytes, L ABEL_SERVE R_WRITE_KE Y, seed, | |
230 | ex pandedKeyL ength, md5 , sha); | |
231 | serv erCipherKe y = new Se cretKeySpe c(tmp, alg ); | |
232 | ||
233 | if ( ivLength ! = 0) { | |
234 | tmp = new byte[ivLen gth]; | |
235 | byte[] blo ck = doTLS 10PRF(null , LABEL_IV _BLOCK, se ed, | |
236 | ivLength << 1, md5 , sha); | |
237 | System.arr aycopy(blo ck, 0, tmp , 0, ivLen gth); | |
238 | clientIv = new IvPar ameterSpec (tmp); | |
239 | System.arr aycopy(blo ck, ivLeng th, tmp, 0 , ivLength ); | |
240 | serverIv = new IvPar ameterSpec (tmp); | |
241 | } | |
242 | } else { | |
243 | // S SLv3 | |
244 | byte [] tmp = n ew byte[ex pandedKeyL ength]; | |
245 | ||
246 | md5. update(cli entKeyByte s); | |
247 | md5. update(cli entRandom) ; | |
248 | md5. update(ser verRandom) ; | |
249 | Syst em.arrayco py(md5.dig est(), 0, tmp, 0, ex pandedKeyL ength); | |
250 | clie ntCipherKe y = new Se cretKeySpe c(tmp, alg ); | |
251 | ||
252 | md5. update(ser verKeyByte s); | |
253 | md5. update(ser verRandom) ; | |
254 | md5. update(cli entRandom) ; | |
255 | Syst em.arrayco py(md5.dig est(), 0, tmp, 0, ex pandedKeyL ength); | |
256 | serv erCipherKe y = new Se cretKeySpe c(tmp, alg ); | |
257 | ||
258 | if ( ivLength ! = 0) { | |
259 | tmp = new byte[ivLen gth]; | |
260 | ||
261 | md5.update (clientRan dom); | |
262 | md5.update (serverRan dom); | |
263 | System.arr aycopy(md5 .digest(), 0, tmp, 0 , ivLength ); | |
264 | clientIv = new IvPar ameterSpec (tmp); | |
265 | ||
266 | md5.update (serverRan dom); | |
267 | md5.update (clientRan dom); | |
268 | System.arr aycopy(md5 .digest(), 0, tmp, 0 , ivLength ); | |
269 | serverIv = new IvPar ameterSpec (tmp); | |
270 | } | |
271 | } | |
272 | } | |
273 | ||
274 | re turn new T lsKeyMater ialSpec(cl ientMacKey , serverMa cKey, | |
275 | clientCi pherKey, c lientIv, s erverCiphe rKey, serv erIv); | |
276 | } | |
277 | ||
278 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.