Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/src/main/java/org/bouncycastle/crypto/tls/TlsMac.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/bouncycastle/crypto/tls/TlsMac.java')
-rw-r--r--src/main/java/org/bouncycastle/crypto/tls/TlsMac.java82
1 files changed, 46 insertions, 36 deletions
diff --git a/src/main/java/org/bouncycastle/crypto/tls/TlsMac.java b/src/main/java/org/bouncycastle/crypto/tls/TlsMac.java
index 3de0be1f..adfaff4d 100644
--- a/src/main/java/org/bouncycastle/crypto/tls/TlsMac.java
+++ b/src/main/java/org/bouncycastle/crypto/tls/TlsMac.java
@@ -13,7 +13,8 @@ import org.bouncycastle.util.Arrays;
/**
* A generic TLS MAC implementation, acting as an HMAC based on some underlying Digest.
*/
-public class TlsMac {
+public class TlsMac
+{
protected TlsContext context;
protected byte[] secret;
@@ -23,19 +24,15 @@ public class TlsMac {
/**
* Generate a new instance of an TlsMac.
- *
- * @param context
- * the TLS client context
- * @param digest
- * The digest to use.
- * @param key
- * A byte-array where the key for this mac is located.
- * @param keyOff
- * The number of bytes to skip, before the key starts in the buffer.
- * @param len
- * The length of the key.
+ *
+ * @param context the TLS client context
+ * @param digest The digest to use.
+ * @param key A byte-array where the key for this mac is located.
+ * @param keyOff The number of bytes to skip, before the key starts in the buffer.
+ * @param len The length of the key.
*/
- public TlsMac(TlsContext context, Digest digest, byte[] key, int keyOff, int keyLen) {
+ public TlsMac(TlsContext context, Digest digest, byte[] key, int keyOff, int keyLen)
+ {
this.context = context;
KeyParameter keyParameter = new KeyParameter(key, keyOff, keyLen);
@@ -43,26 +40,33 @@ public class TlsMac {
this.secret = Arrays.clone(keyParameter.getKey());
// TODO This should check the actual algorithm, not rely on the engine type
- if (digest instanceof LongDigest) {
+ if (digest instanceof LongDigest)
+ {
this.digestBlockSize = 128;
this.digestOverhead = 16;
- } else {
+ }
+ else
+ {
this.digestBlockSize = 64;
this.digestOverhead = 8;
}
- if (context.getServerVersion().isSSL()) {
+ if (context.getServerVersion().isSSL())
+ {
this.mac = new SSL3Mac(digest);
// TODO This should check the actual algorithm, not assume based on the digest size
- if (digest.getDigestSize() == 20) {
+ if (digest.getDigestSize() == 20)
+ {
/*
* NOTE: When SHA-1 is used with the SSL 3.0 MAC, the secret + input pad is not
* digest block-aligned.
*/
this.digestOverhead = 4;
}
- } else {
+ }
+ else
+ {
this.mac = new HMac(digest);
// NOTE: The input pad for HMAC is always a full digest block
@@ -74,46 +78,49 @@ public class TlsMac {
/**
* @return the MAC write secret
*/
- public byte[] getMACSecret() {
+ public byte[] getMACSecret()
+ {
return this.secret;
}
/**
* @return The Keysize of the mac.
*/
- public int getSize() {
+ public int getSize()
+ {
return mac.getMacSize();
}
/**
* Calculate the MAC for some given data.
- *
- * @param type
- * The message type of the message.
- * @param message
- * A byte-buffer containing the message.
- * @param offset
- * The number of bytes to skip, before the message starts.
- * @param length
- * The length of the message.
+ *
+ * @param type The message type of the message.
+ * @param message A byte-buffer containing the message.
+ * @param offset The number of bytes to skip, before the message starts.
+ * @param length The length of the message.
* @return A new byte-buffer containing the MAC value.
*/
- public byte[] calculateMac(long seqNo, short type, byte[] message, int offset, int length) {
+ public byte[] calculateMac(long seqNo, short type, byte[] message, int offset, int length)
+ {
ProtocolVersion serverVersion = context.getServerVersion();
boolean isSSL = serverVersion.isSSL();
ByteArrayOutputStream bosMac = new ByteArrayOutputStream(isSSL ? 11 : 13);
- try {
+ try
+ {
TlsUtils.writeUint64(seqNo, bosMac);
TlsUtils.writeUint8(type, bosMac);
- if (!isSSL) {
+ if (!isSSL)
+ {
TlsUtils.writeVersion(serverVersion, bosMac);
}
TlsUtils.writeUint16(length, bosMac);
- } catch (IOException e) {
+ }
+ catch (IOException e)
+ {
// This should never happen
throw new IllegalStateException("Internal error during mac calculation");
}
@@ -128,7 +135,8 @@ public class TlsMac {
}
public byte[] calculateMacConstantTime(long seqNo, short type, byte[] message, int offset, int length,
- int fullLength, byte[] dummyData) {
+ int fullLength, byte[] dummyData)
+ {
/*
* Actual MAC only calculated on 'length' bytes...
@@ -144,7 +152,8 @@ public class TlsMac {
// How many extra full blocks do we need to calculate?
int extra = getDigestBlockCount(headerLength + fullLength) - getDigestBlockCount(headerLength + length);
- while (--extra >= 0) {
+ while (--extra >= 0)
+ {
mac.update(dummyData, 0, digestBlockSize);
}
@@ -155,7 +164,8 @@ public class TlsMac {
return result;
}
- private int getDigestBlockCount(int inputLength) {
+ private int getDigestBlockCount(int inputLength)
+ {
// NOTE: This calculation assumes a minimum of 1 pad byte
return (inputLength + digestOverhead) / digestBlockSize;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-31 11:09:52 +0300