xmlsessioncontext.java

linux下建立JAVA虚拟机的源码KAFFE

            cipher.reset();
            cipher.init(cipherAttr);
            mac.init(macAttr);
          }
        catch (Exception ex)
          {
            throw new Error(ex.toString());
          }
        for (int i = 0; i < session.masterSecret.length; i += 16)
          {
            cipher.update(session.masterSecret, i, encryptedSecret, i);
          }
        mac.update(encryptedSecret, 0, encryptedSecret.length);
        byte[] macValue = mac.digest();
        out.print("<secret salt=\"");
        out.print(Base64.encode(salt, 0));
        out.println("\">");
        out.print(Base64.encode(Util.concat(encryptedSecret, macValue), 70));
        out.println("</secret>");
        out.println("</session>");
      }
    out.println("</sessions>");
    out.close();
  }

  // Inner class.
  // -------------------------------------------------------------------------

  private class SAXHandler extends DefaultHandler
  {

    // Field.
    // -----------------------------------------------------------------------

    private SessionContext context;
    private Session current;
    private IRandom pbekdf;
    private StringBuffer buf;
    private String certType;
    private int state;
    private IMode cipher;
    private HashMap cipherAttr;
    private IMac mac;
    private HashMap macAttr;
    private byte[] key;
    private byte[] iv;
    private byte[] mackey;

    private static final int START      = 0;
    private static final int SESSIONS   = 1;
    private static final int SESSION    = 2;
    private static final int PEER       = 3;
    private static final int PEER_CERTS = 4;
    private static final int CERTS      = 5;
    private static final int SECRET     = 6;

    // Constructor.
    // -----------------------------------------------------------------------

    SAXHandler(SessionContext context, IRandom pbekdf)
    {
      this.context = context;
      this.pbekdf = pbekdf;
      buf = new StringBuffer();
      state = START;
      cipher = ModeFactory.getInstance("CBC", "AES", 16);
      cipherAttr = new HashMap();
      mac = MacFactory.getInstance("HMAC-SHA1");
      macAttr = new HashMap();
      key = new byte[32];
      iv = new byte[16];
      mackey = new byte[20];
      cipherAttr.put(IMode.KEY_MATERIAL, key);
      cipherAttr.put(IMode.IV, iv);
      cipherAttr.put(IMode.STATE, new Integer(IMode.DECRYPTION));
      macAttr.put(IMac.MAC_KEY_MATERIAL, mackey);
    }

    // Instance methods.
    // -----------------------------------------------------------------------

    public void startElement(String u, String n, String qname, Attributes attr)
      throws SAXException
    {
      qname = qname.toLowerCase();
      switch (state)
        {
        case START:
          if (qname.equals("sessions"))
            {
              try
                {
                  timeout = Integer.parseInt(attr.getValue("timeout"));
                  cacheSize = Integer.parseInt(attr.getValue("size"));
                  if (timeout <= 0 || cacheSize < 0)
                    throw new SAXException("timeout or cache size out of range");
                }
              catch (NumberFormatException nfe)
                {
                  throw new SAXException(nfe);
                }
              state = SESSIONS;
            }
          else
            throw new SAXException("expecting sessions");
          break;

        case SESSIONS:
          if (qname.equals("session"))
            {
              try
                {
                  current = new Session(Long.parseLong(attr.getValue("created")));
                  current.enabledSuites = new ArrayList(SSLSocket.supportedSuites);
                  current.enabledProtocols = new TreeSet(SSLSocket.supportedProtocols);
                  current.context = context;
                  current.sessionId = new Session.ID(Base64.decode(attr.getValue("id")));
                  current.setLastAccessedTime(Long.parseLong(attr.getValue("timestamp")));
                }
              catch (Exception ex)
                {
                  throw new SAXException(ex);
                }
              String prot = attr.getValue("protocol");
              if (prot.equals("SSLv3"))
                current.protocol = ProtocolVersion.SSL_3;
              else if (prot.equals("TLSv1"))
                current.protocol = ProtocolVersion.TLS_1;
              else if (prot.equals("TLSv1.1"))
                current.protocol = ProtocolVersion.TLS_1_1;
              else
                throw new SAXException("bad protocol: " + prot);
              current.cipherSuite = CipherSuite.forName(attr.getValue("suite"));
              state = SESSION;
            }
          else
            throw new SAXException("expecting session");
          break;

        case SESSION:
          if (qname.equals("peer"))
            {
              current.peerHost = attr.getValue("host");
              state = PEER;
            }
          else if (qname.equals("certificates"))
            {
              certType = attr.getValue("type");
              state = CERTS;
            }
          else if (qname.equals("secret"))
            {
              byte[] salt = null;
              try
                {
                  salt = Base64.decode(attr.getValue("salt"));
                }
              catch (IOException ioe)
                {
                  throw new SAXException(ioe);
                }
              pbekdf.init(Collections.singletonMap(IPBE.SALT, salt));
              state = SECRET;
            }
          else
            throw new SAXException("bad element: " + qname);
          break;

        case PEER:
          if (qname.equals("certificates"))
            {
              certType = attr.getValue("type");
              state = PEER_CERTS;
            }
          else
            throw new SAXException("bad element: " + qname);
          break;

        default:
          throw new SAXException("bad element: " + qname);
        }
    }

    public void endElement(String uri, String name, String qname)
      throws SAXException
    {
      qname = qname.toLowerCase();
      switch (state)
        {
        case SESSIONS:
          if (qname.equals("sessions"))
            state = START;
          else
            throw new SAXException("expecting sessions");
          break;

        case SESSION:
          if (qname.equals("session"))
            {
              current.valid = true;
              context.addSession(current.sessionId, current);
              state = SESSIONS;
            }
          else
            throw new SAXException("expecting session");
          break;

        case PEER:
          if (qname.equals("peer"))
            state = SESSION;
          else
            throw new SAXException("unexpected element: " + qname);
          break;

        case PEER_CERTS:
          if (qname.equals("certificates"))
            {
              try
                {
                  CertificateFactory fact = CertificateFactory.getInstance(certType);
                  current.peerCerts = (Certificate[])
                    fact.generateCertificates(new ByteArrayInputStream(
                      buf.toString().getBytes())).toArray(new Certificate[0]);
                }
              catch (Exception ex)
                {
                  throw new SAXException(ex);
                }
              current.peerVerified = true;
              state = PEER;
            }
          else
            throw new SAXException("unexpected element: " + qname);
          break;

        case CERTS:
          if (qname.equals("certificates"))
            {
              try
                {
                  CertificateFactory fact = CertificateFactory.getInstance(certType);
                  current.localCerts = (Certificate[])
                    fact.generateCertificates(new ByteArrayInputStream(
                      buf.toString().getBytes())).toArray(new Certificate[0]);
                }
              catch (Exception ex)
                {
                  throw new SAXException(ex);
                }
              state = SESSION;
            }
          else
            throw new SAXException("unexpected element: " + qname);
          break;

        case SECRET:
          if (qname.equals("secret"))
            {
              byte[] encrypted = null;
              try
                {
                  encrypted = Base64.decode(buf.toString());
                  if (encrypted.length != 68)
                    throw new IOException("encrypted secret not 68 bytes long");
                  pbekdf.nextBytes(key, 0, key.length);
                  pbekdf.nextBytes(iv, 0, iv.length);
                  pbekdf.nextBytes(mackey, 0, mackey.length);
                  cipher.reset();
                  cipher.init(cipherAttr);
                  mac.init(macAttr);
                }
              catch (Exception ex)
                {
                  throw new SAXException(ex);
                }
              mac.update(encrypted, 0, 48);
              byte[] macValue = mac.digest();
              for (int i = 0; i < macValue.length; i++)
                {
                  if (macValue[i] != encrypted[48+i])
                    throw new SAXException("MAC mismatch");
                }
              current.masterSecret = new byte[48];
              for (int i = 0; i < current.masterSecret.length; i += 16)
                {
                  cipher.update(encrypted, i, current.masterSecret, i);
                }
              state = SESSION;
            }
          else
            throw new SAXException("unexpected element: " + qname);
          break;

        default:
          throw new SAXException("unexpected element: " + qname);
        }
      buf.setLength(0);
    }

    public void characters(char[] ch, int off, int len) throws SAXException
    {
      if (state != CERTS && state != PEER_CERTS && state != SECRET)
        {
          throw new SAXException("illegal character data");
        }
      buf.append(ch, off, len);
    }
  }
}