📄 sslsocket.java
字号:
throwHandshakeFailure(); } } msg = Handshake.read(din, suite, serverKey); } // See if the server wants us to send our certificates. certReq = null; if (msg.getType() == Handshake.Type.CERTIFICATE_REQUEST) { if (suite.getSignature() == "anon") { throwHandshakeFailure(); } if (DEBUG_HANDSHAKE_LAYER) logger.log (Component.SSL_HANDSHAKE, "{0}", msg); certReq = (CertificateRequest) msg.getBody(); msg = Handshake.read(din); } // Read ServerHelloDone. if (msg.getType() != Handshake.Type.SERVER_HELLO_DONE) { throwUnexpectedMessage(); } if (DEBUG_HANDSHAKE_LAYER) logger.log (Component.SSL_HANDSHAKE, "{0}", msg); // Send our certificate chain if the server asked for it. if (certReq != null) { String alias = session.keyManager.chooseClientAlias( certReq.getTypeStrings(), certReq.getAuthorities(), null); if (alias == null && version == ProtocolVersion.SSL_3) { Alert alert = new Alert(Alert.Level.WARNING, Alert.Description.NO_CERTIFICATE); sendAlert(alert); } else { X509Certificate[] chain = session.keyManager.getCertificateChain(alias); PrivateKey key = session.keyManager.getPrivateKey(alias); if (chain == null) { chain = new X509Certificate[0]; } Certificate cert = new Certificate(chain); msg = new Handshake(Handshake.Type.CERTIFICATE, cert); if (DEBUG_HANDSHAKE_LAYER) logger.log (Component.SSL_HANDSHAKE, "{0}", msg); msg.write(dout, version);// recordOutput.setHandshakeAvail(msg.write(dout, version));; dout.flush(); if (chain.length > 0) { session.localCerts = chain; clientKeys = new KeyPair(chain[0].getPublicKey(), key); } } } // Send our key exchange. byte[] preMasterSecret = null; ClientKeyExchange ckex = null; if (suite.getKeyExchange() == "RSA") { ProtocolVersion v = (ProtocolVersion) session.enabledProtocols.last(); byte[] b = new byte[46]; session.random.nextBytes (b); preMasterSecret = Util.concat(v.getEncoded(), b); EME_PKCS1_V1_5 pkcs1 = EME_PKCS1_V1_5.getInstance((RSAPublicKey) serverKex); BigInteger bi = new BigInteger(1, pkcs1.encode(preMasterSecret, session.random)); bi = RSA.encrypt((RSAPublicKey) serverKex, bi); ckex = new ClientKeyExchange(Util.trim(bi)); } else if (suite.getKeyExchange().startsWith("DH")) { if (clientKeys == null || !(clientKeys.getPublic() instanceof DHPublicKey)) { GnuDHPrivateKey tmpKey = new GnuDHPrivateKey(null, ((DHPublicKey) serverKex).getParams().getP(), ((DHPublicKey) serverKex).getParams().getG(), null); clientKA = KeyAgreementFactory.getPartyBInstance(Registry.DH_KA); Map attr = new HashMap(); attr.put(DiffieHellmanKeyAgreement.KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY, tmpKey); attr.put(DiffieHellmanKeyAgreement.SOURCE_OF_RANDOMNESS, session.random); try { clientKA.init(attr); out = new OutgoingMessage(); out.writeMPI(((DHPublicKey) serverKex).getY()); in = new IncomingMessage(out.toByteArray()); out = clientKA.processMessage(in); in = new IncomingMessage(out.toByteArray()); ckex = new ClientKeyExchange(in.readMPI()); } catch (KeyAgreementException kae) { if (DEBUG_KEY_EXCHANGE) { logger.log (Component.SSL_KEY_EXCHANGE, "DH exception", kae); } internalError(); RuntimeException re = new RuntimeException (kae.getMessage()); re.initCause (kae); throw re; } } else { clientKA = KeyAgreementFactory.getPartyBInstance(Registry.ELGAMAL_KA); Map attr = new HashMap(); attr.put(ElGamalKeyAgreement.KA_ELGAMAL_RECIPIENT_PRIVATE_KEY, clientKeys.getPrivate()); try { // The key exchange is already complete here; our public // value was sent with our certificate. clientKA.init(attr); } catch (KeyAgreementException kae) { if (DEBUG_KEY_EXCHANGE) logger.log (Component.SSL_KEY_EXCHANGE, "DH exception", kae); internalError(); RuntimeException re = new RuntimeException (kae.getMessage()); re.initCause (kae); throw re; } ckex = new ClientKeyExchange(new byte[0]); } } else if (suite.getKeyExchange() == "SRP") { // at this point, out --the outgoing message-- already contains // what we want. so... BigInteger A = null; try { in = new IncomingMessage(out.toByteArray()); A = in.readMPI(); if (DEBUG_KEY_EXCHANGE) { logger.log (Component.SSL_KEY_EXCHANGE, "client A:{0}", A); } } catch (KeyAgreementException x) { if (DEBUG_KEY_EXCHANGE) { logger.log (Component.SSL_KEY_EXCHANGE, "SRP exception", x); } throwHandshakeFailure(); } ckex = new ClientKeyExchange(A); } msg = new Handshake(Handshake.Type.CLIENT_KEY_EXCHANGE, ckex); if (DEBUG_HANDSHAKE_LAYER) logger.log (Component.SSL_HANDSHAKE, "{0}", msg); msg.write (dout, version);// recordOutput.setHandshakeAvail(msg.write(dout, version));; // Generate the master secret. if (suite.getKeyExchange().startsWith("DH")) { try { preMasterSecret = clientKA.getSharedSecret(); } catch (KeyAgreementException kae) { if (DEBUG_KEY_EXCHANGE) { logger.log (Component.SSL_KEY_EXCHANGE, "DH exception", kae); } internalError(); RuntimeException re = new RuntimeException (kae.getMessage()); re.initCause (kae); throw re; } } else if (suite.getKeyExchange() == "SRP") { try { preMasterSecret = clientKA.getSharedSecret(); } catch (KeyAgreementException x) { if (DEBUG_KEY_EXCHANGE) { logger.log (Component.SSL_KEY_EXCHANGE, "SRP exception", x); } throwHandshakeFailure(); } finally { clientKA = null; } } if (DEBUG_KEY_EXCHANGE) { logger.log (Component.SSL_KEY_EXCHANGE, "preMasterSecret:\n{0}", Util.toHexString (preMasterSecret, ':')); logger.log (Component.SSL_KEY_EXCHANGE, "client.random:\n{0}", Util.toHexString(clientRandom.getEncoded(), ':')); logger.log (Component.SSL_KEY_EXCHANGE, "server.random:\n{0}", Util.toHexString(serverRandom.getEncoded(), ':')); } IRandom genSecret = null; if (version == ProtocolVersion.SSL_3) { genSecret = new SSLRandom(); HashMap attr = new HashMap(); attr.put(SSLRandom.SECRET, preMasterSecret); attr.put(SSLRandom.SEED, Util.concat(clientRandom.getEncoded(), serverRandom.getEncoded())); genSecret.init(attr); } else { genSecret = new TLSRandom(); HashMap attr = new HashMap(); attr.put(TLSRandom.SECRET, preMasterSecret); attr.put(TLSRandom.SEED, Util.concat(("master secret").getBytes("UTF-8"), Util.concat(clientRandom.getEncoded(), serverRandom.getEncoded()))); genSecret.init(attr); } session.masterSecret = new byte[48]; try { genSecret.nextBytes(session.masterSecret, 0, 48); for (int i = 0; i < preMasterSecret.length; i++) { preMasterSecret[i] = 0; } } catch (LimitReachedException shouldNotHappen) { internalError(); RuntimeException re = new RuntimeException (shouldNotHappen.getMessage()); re.initCause (shouldNotHappen); throw re; } if (DEBUG_KEY_EXCHANGE) { logger.log (Component.SSL_KEY_EXCHANGE, "masterSecret: {0}", Util.toHexString(session.masterSecret, ':')); } // Send our certificate verify message. if (certReq != null && clientKeys != null) { IMessageDigest vMD5 = (IMessageDigest) md5.clone(); IMessageDigest vSHA = (IMessageDigest) sha.clone(); PrivateKey key = clientKeys.getPrivate(); Object sig = null; String sigAlg = null; try { if (key instanceof DSAPrivateKey) { sig = DSSSignature.sign((DSAPrivateKey) key, vSHA.digest(), session.random); sigAlg = "DSS"; } else if (key instanceof RSAPrivateKey) { SSLRSASignature rsa = new SSLRSASignature(vMD5, vSHA); rsa.setupSign(Collections.singletonMap(ISignature.SIGNER_KEY, key)); sig = rsa.sign(); sigAlg = "RSA"; } else { throw new InvalidKeyException("no appropriate key"); } } catch (Exception x) { throwHandshakeFailure(); } CertificateVerify verify = new CertificateVerify(sig, sigAlg); msg = new Handshake(Handshake.Type.CERTIFICATE_VERIFY, verify); if (DEBUG_HANDSHAKE_LAYER) logger.log (Component.SSL_HANDSHAKE, "{0}", msg); msg.write(dout, version);// recordOutput.setHandshakeAvail(msg.write(dout, version));; } dout.flush(); } byte[][] keys = null; try { keys = generateKeys(serverRandom.getEncoded(), clientRandom.getEncoded(), version); } catch (Exception x) { internalError(); RuntimeException re = new RuntimeException (x.getMessage()); re.initCause (x); throw re; } session.params.setVersion (version); // Initialize the algorithms with the derived keys. Object readMac = null, writeMac = null; Object readCipher = null, writeCipher = null; try { if (session.params instanceof GNUSecurityParameters) { HashMap attr = new HashMap(); writeMac = CipherSuite.getMac(suite.getMac()); readMac = CipherSuite.getMac(suite.getMac()); attr.put(IMac.MAC_KEY_MATERIAL, keys[0]); ((IMac) writeMac).init(attr); attr.put(IMac.MAC_KEY_MATERIAL, keys[1]); ((IMac) readMac).init(attr); if (suite.getCipher() == "RC4") { writeCipher = new ARCFour(); readCipher = new ARCFour(); attr.clear(); attr.put(ARCFour.ARCFOUR_KEY_MATERIAL, keys[2]); ((ARCFour) writeCipher).init(attr); attr.put(ARCFour.ARCFOUR_KEY_MATERIAL, keys[3]); ((ARCFour) readCipher).init(attr); } else if (!suite.isStreamCipher()) { writeCipher = CipherSuite.getCipher(suite.getCipher()); readCipher = CipherSuite.getCipher(suite.getCipher()); attr.clear(); attr.put(IMode.KEY_MATERIAL, keys[2]); attr.put(IMode.IV, keys[4]); attr.put(IMode.STATE, new Integer(IMode.ENCRYPTION)); ((IMode) writeCipher).init(attr); attr.put(IMode.KEY_MATERIAL, keys[3]); attr.put(IMode.IV, keys[5]); attr.put(IMode.STATE, new Integer(IMode.DECRYPTION)); ((IMode) readCipher).init(attr); } } else // JCESecurityParameters { writeMac = CipherSuite.getJCEMac (suite.getMac()); readMac = CipherSuite.getJCEMac (suite.getMac()); writeCipher = CipherSuite.getJCECipher (suite.getCipher()); readCipher = CipherSuite.getJCECipher (suite.getCipher()); ((Mac) writeMac).init (new SecretKeySpec (keys[0], suite.getMac())); ((Mac) readMac).init (new SecretKeySpec (keys[1], suite.getMac())); if (!suite.isStreamCipher()) { ((Cipher) writeCipher).init (Cipher.ENCRYPT_MODE, new SecretKeySpec (keys[2], suite.getCipher()), new IvParameterSpec (keys[4])); ((Cipher) readCipher).init (Cipher.DECRYPT_MODE, new SecretKeySpec (keys[3], suite.getCipher()), new IvParameterSpec (keys[5])); } else { ((Cipher) writeCipher).init (Cipher.ENCRYPT_MODE, new SecretKeySpec (keys[2], suite.getCipher())); ((Cipher) readCipher).init (Cipher.DECRYPT_MODE, new SecretKeySpec (keys[3], suite.getCipher())); } } } // These should technically never happen, if our key generation is not // broken. catch (InvalidKeyException ike) { internalError(); RuntimeException re = new RuntimeException (ike.getMessage()); re.initCause(ike); throw re; } catch (InvalidAlgorithmParameterException iape) { internalError(); RuntimeException re = new RuntimeException (iape.getMessage()); re.initCause (iape); throw re; } // These indicate a configuration error with the JCA. catch (NoSuchAlgorithmException nsae) { session.enabledSuites.remove (suite); internalError(); SSLException x = new SSLException ("suite " + suite + " not available in this configuration"); x.initCause (nsae); throw x; } catch (NoSuchPaddingException nspe) { session.enabledSuites.remove (suite); internalE⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -