1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
package org.spongycastle.crypto.tls;
import java.security.SecureRandom;
import org.spongycastle.crypto.prng.DigestRandomGenerator;
import org.spongycastle.crypto.prng.RandomGenerator;
import org.spongycastle.util.Times;
abstract class AbstractTlsContext
implements TlsContext
{
private static long counter = Times.nanoTime();
private synchronized static long nextCounterValue()
{
return ++counter;
}
private RandomGenerator nonceRandom;
private SecureRandom secureRandom;
private SecurityParameters securityParameters;
private ProtocolVersion clientVersion = null;
private ProtocolVersion serverVersion = null;
private TlsSession session = null;
private Object userObject = null;
AbstractTlsContext(SecureRandom secureRandom, SecurityParameters securityParameters)
{
secureRandom.setSeed(nextCounterValue());
secureRandom.setSeed(Times.nanoTime());
this.nonceRandom = new DigestRandomGenerator(TlsUtils.createHash(HashAlgorithm.sha256));
this.nonceRandom.addSeedMaterial(secureRandom.generateSeed(32));
this.secureRandom = secureRandom;
this.securityParameters = securityParameters;
}
public RandomGenerator getNonceRandomGenerator()
{
return nonceRandom;
}
public SecureRandom getSecureRandom()
{
return secureRandom;
}
public SecurityParameters getSecurityParameters()
{
return securityParameters;
}
public ProtocolVersion getClientVersion()
{
return clientVersion;
}
void setClientVersion(ProtocolVersion clientVersion)
{
this.clientVersion = clientVersion;
}
public ProtocolVersion getServerVersion()
{
return serverVersion;
}
void setServerVersion(ProtocolVersion serverVersion)
{
this.serverVersion = serverVersion;
}
public TlsSession getResumableSession()
{
return session;
}
void setResumableSession(TlsSession session)
{
this.session = session;
}
public Object getUserObject()
{
return userObject;
}
public void setUserObject(Object userObject)
{
this.userObject = userObject;
}
public byte[] exportKeyingMaterial(String asciiLabel, byte[] context_value, int length)
{
if (context_value != null && !TlsUtils.isValidUint16(context_value.length))
{
throw new IllegalArgumentException("'context_value' must have length less than 2^16 (or be null)");
}
SecurityParameters sp = getSecurityParameters();
byte[] cr = sp.getClientRandom(), sr = sp.getServerRandom();
int seedLength = cr.length + sr.length;
if (context_value != null)
{
seedLength += (2 + context_value.length);
}
byte[] seed = new byte[seedLength];
int seedPos = 0;
System.arraycopy(cr, 0, seed, seedPos, cr.length);
seedPos += cr.length;
System.arraycopy(sr, 0, seed, seedPos, sr.length);
seedPos += sr.length;
if (context_value != null)
{
TlsUtils.writeUint16(context_value.length, seed, seedPos);
seedPos += 2;
System.arraycopy(context_value, 0, seed, seedPos, context_value.length);
seedPos += context_value.length;
}
if (seedPos != seedLength)
{
throw new IllegalStateException("error in calculation of seed for export");
}
return TlsUtils.PRF(this, sp.getMasterSecret(), asciiLabel, seed, length);
}
}
|
