android-platform-libcore/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/PRF.java - nest-cam/4320010/android-platform-libcore - Git at Google

 /*
  *  Licensed to the Apache Software Foundation (ASF) under one or more
  *  contributor license agreements.  See the NOTICE file distributed with
  *  this work for additional information regarding copyright ownership.
  *  The ASF licenses this file to You under the Apache License, Version 2.0
  *  (the "License"); you may not use this file except in compliance with
  *  the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing, software
  *  distributed under the License is distributed on an "AS IS" BASIS,
  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */

 package org.apache.harmony.xnet.provider.jsse;

 import java.security.GeneralSecurityException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
 import javax.crypto.Mac;
 import javax.crypto.spec.SecretKeySpec;
 import javax.net.ssl.SSLException;

 /**
  * This class provides functionality for computation
  * of PRF values for TLS (http://www.ietf.org/rfc/rfc2246.txt)
  * and SSL v3 (http://wp.netscape.com/eng/ssl3) protocols.
  */
 public class PRF {
     private static Logger.Stream logger = Logger.getStream("prf");

     private static Mac md5_mac;
     private static Mac sha_mac;
     protected static MessageDigest md5;
     protected static MessageDigest sha;
     private static int md5_mac_length;
     private static int sha_mac_length;

     static private void init() {
         try {
             md5_mac = Mac.getInstance("HmacMD5");
             sha_mac = Mac.getInstance("HmacSHA1");
         } catch (NoSuchAlgorithmException e) {
             throw new AlertException(AlertProtocol.INTERNAL_ERROR,
                     new SSLException(
                 "There is no provider of HmacSHA1 or HmacMD5 "
                 + "algorithms installed in the system"));
         }
         md5_mac_length = md5_mac.getMacLength();
         sha_mac_length = sha_mac.getMacLength();
         try {
             md5 = MessageDigest.getInstance("MD5");
             sha = MessageDigest.getInstance("SHA-1");
         } catch (Exception e) {
             throw new AlertException(AlertProtocol.INTERNAL_ERROR,
                     new SSLException(
                     "Could not initialize the Digest Algorithms."));
         }
     }

     /**
      * Computes the value of SSLv3 pseudo random function.
      * @param   out:    the buffer to fill up with the value of the function.
      * @param   secret: the buffer containing the secret value to generate prf.
      * @param   seed:   the seed to be used.
      */
     static synchronized void computePRF_SSLv3(byte[] out, byte[] secret, byte[] seed) {
         if (sha == null) {
             init();
         }
         int pos = 0;
         int iteration = 1;
         byte[] digest;
         while (pos < out.length) {
             byte[] pref = new byte[iteration];
             Arrays.fill(pref, (byte) (64 + iteration++));
             sha.update(pref);
             sha.update(secret);
             sha.update(seed);
             md5.update(secret);
             md5.update(sha.digest());
             digest = md5.digest(); // length == 16
             if (pos + 16 > out.length) {
                 System.arraycopy(digest, 0, out, pos, out.length - pos);
                 pos = out.length;
             } else {
                 System.arraycopy(digest, 0, out, pos, 16);
                 pos += 16;
             }
         }
     }

     /**
      * Computes the value of TLS pseudo random function.
      * @param   out:    the buffer to fill up with the value of the function.
      * @param   secret: the buffer containing the secret value to generate prf.
      * @param   str_bytes:  the label bytes to be used.
      * @param   seed:   the seed to be used.
      */
     synchronized static void computePRF(byte[] out, byte[] secret,
             byte[] str_byts, byte[] seed) throws GeneralSecurityException {
         if (sha_mac == null) {
             init();
         }
         // Do concatenation of the label with the seed:
         // (metterings show that is is faster to concatenate the arrays
         // and to call HMAC.update on cancatenation, than twice call for
         // each of the part, i.e.:
         // time(HMAC.update(label+seed))
         //          < time(HMAC.update(label)) + time(HMAC.update(seed))
         // but it takes more memmory (approximaty on 4%)
         /*
         byte[] tmp_seed = new byte[seed.length + str_byts.length];
         System.arraycopy(str_byts, 0, tmp_seed, 0, str_byts.length);
         System.arraycopy(seed, 0, tmp_seed, str_byts.length, seed.length);
         seed = tmp_seed;
         */
         SecretKeySpec keyMd5;
         SecretKeySpec keySha1;
         if ((secret == null) || (secret.length == 0)) {
             secret = new byte[8];
             keyMd5 = new SecretKeySpec(secret, "HmacMD5");
             keySha1 = new SecretKeySpec(secret, "HmacSHA1");
         } else {
             int length = secret.length >> 1; // division by 2
             int offset = secret.length & 1;  // remainder
             keyMd5 = new SecretKeySpec(secret, 0, length + offset,
                     "HmacMD5");
             keySha1 = new SecretKeySpec(secret, length, length
                     + offset, "HmacSHA1");
         }

         //byte[] str_byts = label.getBytes();

         if (logger != null) {
             logger.println("secret["+secret.length+"]: ");
             logger.printAsHex(16, "", " ", secret);
             logger.println("label["+str_byts.length+"]: ");
             logger.printAsHex(16, "", " ", str_byts);
             logger.println("seed["+seed.length+"]: ");
             logger.printAsHex(16, "", " ", seed);
             logger.println("MD5 key:");
             logger.printAsHex(16, "", " ", keyMd5.getEncoded());
             logger.println("SHA1 key:");
             logger.printAsHex(16, "", " ", keySha1.getEncoded());
         }

         md5_mac.init(keyMd5);
         sha_mac.init(keySha1);

         int pos = 0;
         md5_mac.update(str_byts);
         byte[] hash = md5_mac.doFinal(seed); // A(1)
         while (pos < out.length) {
             md5_mac.update(hash);
             md5_mac.update(str_byts);
             md5_mac.update(seed);
             if (pos + md5_mac_length < out.length) {
                 md5_mac.doFinal(out, pos);
                 pos += md5_mac_length;
             } else {
                 System.arraycopy(md5_mac.doFinal(), 0, out,
                         pos, out.length - pos);
                 break;
             }
             // make A(i)
             hash = md5_mac.doFinal(hash);
         }
         if (logger != null) {
             logger.println("P_MD5:");
             logger.printAsHex(md5_mac_length, "", " ", out);
         }

         pos = 0;
         sha_mac.update(str_byts);
         hash = sha_mac.doFinal(seed); // A(1)
         byte[] sha1hash;
         while (pos < out.length) {
             sha_mac.update(hash);
             sha_mac.update(str_byts);
             sha1hash = sha_mac.doFinal(seed);
             for (int i = 0; (i < sha_mac_length) & (pos < out.length); i++) {
                 out[pos++] ^= sha1hash[i];
             }
             // make A(i)
             hash = sha_mac.doFinal(hash);
         }

         if (logger != null) {
             logger.println("PRF:");
             logger.printAsHex(sha_mac_length, "", " ", out);
         }
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package org.apache.harmony.xnet.provider.jsse;

	import java.security.GeneralSecurityException;
	import java.security.MessageDigest;
	import java.security.NoSuchAlgorithmException;
	import java.util.Arrays;
	import javax.crypto.Mac;
	import javax.crypto.spec.SecretKeySpec;
	import javax.net.ssl.SSLException;

	/**
	* This class provides functionality for computation
	* of PRF values for TLS (http://www.ietf.org/rfc/rfc2246.txt)
	* and SSL v3 (http://wp.netscape.com/eng/ssl3) protocols.
	*/
	public class PRF {
	private static Logger.Stream logger = Logger.getStream("prf");

	private static Mac md5_mac;
	private static Mac sha_mac;
	protected static MessageDigest md5;
	protected static MessageDigest sha;
	private static int md5_mac_length;
	private static int sha_mac_length;

	static private void init() {
	try {
	md5_mac = Mac.getInstance("HmacMD5");
	sha_mac = Mac.getInstance("HmacSHA1");
	} catch (NoSuchAlgorithmException e) {
	throw new AlertException(AlertProtocol.INTERNAL_ERROR,
	new SSLException(
	"There is no provider of HmacSHA1 or HmacMD5 "
	+ "algorithms installed in the system"));
	}
	md5_mac_length = md5_mac.getMacLength();
	sha_mac_length = sha_mac.getMacLength();
	try {
	md5 = MessageDigest.getInstance("MD5");
	sha = MessageDigest.getInstance("SHA-1");
	} catch (Exception e) {
	throw new AlertException(AlertProtocol.INTERNAL_ERROR,
	new SSLException(
	"Could not initialize the Digest Algorithms."));
	}
	}

	/**
	* Computes the value of SSLv3 pseudo random function.
	* @param out: the buffer to fill up with the value of the function.
	* @param secret: the buffer containing the secret value to generate prf.
	* @param seed: the seed to be used.
	*/
	static synchronized void computePRF_SSLv3(byte[] out, byte[] secret, byte[] seed) {
	if (sha == null) {
	init();
	}
	int pos = 0;
	int iteration = 1;
	byte[] digest;
	while (pos < out.length) {
	byte[] pref = new byte[iteration];
	Arrays.fill(pref, (byte) (64 + iteration++));
	sha.update(pref);
	sha.update(secret);
	sha.update(seed);
	md5.update(secret);
	md5.update(sha.digest());
	digest = md5.digest(); // length == 16
	if (pos + 16 > out.length) {
	System.arraycopy(digest, 0, out, pos, out.length - pos);
	pos = out.length;
	} else {
	System.arraycopy(digest, 0, out, pos, 16);
	pos += 16;
	}
	}
	}

	/**
	* Computes the value of TLS pseudo random function.
	* @param out: the buffer to fill up with the value of the function.
	* @param secret: the buffer containing the secret value to generate prf.
	* @param str_bytes: the label bytes to be used.
	* @param seed: the seed to be used.
	*/
	synchronized static void computePRF(byte[] out, byte[] secret,
	byte[] str_byts, byte[] seed) throws GeneralSecurityException {
	if (sha_mac == null) {
	init();
	}
	// Do concatenation of the label with the seed:
	// (metterings show that is is faster to concatenate the arrays
	// and to call HMAC.update on cancatenation, than twice call for
	// each of the part, i.e.:
	// time(HMAC.update(label+seed))
	// < time(HMAC.update(label)) + time(HMAC.update(seed))
	// but it takes more memmory (approximaty on 4%)
	/*
	byte[] tmp_seed = new byte[seed.length + str_byts.length];
	System.arraycopy(str_byts, 0, tmp_seed, 0, str_byts.length);
	System.arraycopy(seed, 0, tmp_seed, str_byts.length, seed.length);
	seed = tmp_seed;
	*/
	SecretKeySpec keyMd5;
	SecretKeySpec keySha1;
	if ((secret == null) \|\| (secret.length == 0)) {
	secret = new byte[8];
	keyMd5 = new SecretKeySpec(secret, "HmacMD5");
	keySha1 = new SecretKeySpec(secret, "HmacSHA1");
	} else {
	int length = secret.length >> 1; // division by 2
	int offset = secret.length & 1; // remainder
	keyMd5 = new SecretKeySpec(secret, 0, length + offset,
	"HmacMD5");
	keySha1 = new SecretKeySpec(secret, length, length
	+ offset, "HmacSHA1");
	}

	//byte[] str_byts = label.getBytes();

	if (logger != null) {
	logger.println("secret["+secret.length+"]: ");
	logger.printAsHex(16, "", " ", secret);
	logger.println("label["+str_byts.length+"]: ");
	logger.printAsHex(16, "", " ", str_byts);
	logger.println("seed["+seed.length+"]: ");
	logger.printAsHex(16, "", " ", seed);
	logger.println("MD5 key:");
	logger.printAsHex(16, "", " ", keyMd5.getEncoded());
	logger.println("SHA1 key:");
	logger.printAsHex(16, "", " ", keySha1.getEncoded());
	}

	md5_mac.init(keyMd5);
	sha_mac.init(keySha1);

	int pos = 0;
	md5_mac.update(str_byts);
	byte[] hash = md5_mac.doFinal(seed); // A(1)
	while (pos < out.length) {
	md5_mac.update(hash);
	md5_mac.update(str_byts);
	md5_mac.update(seed);
	if (pos + md5_mac_length < out.length) {
	md5_mac.doFinal(out, pos);
	pos += md5_mac_length;
	} else {
	System.arraycopy(md5_mac.doFinal(), 0, out,
	pos, out.length - pos);
	break;
	}
	// make A(i)
	hash = md5_mac.doFinal(hash);
	}
	if (logger != null) {
	logger.println("P_MD5:");
	logger.printAsHex(md5_mac_length, "", " ", out);
	}

	pos = 0;
	sha_mac.update(str_byts);
	hash = sha_mac.doFinal(seed); // A(1)
	byte[] sha1hash;
	while (pos < out.length) {
	sha_mac.update(hash);
	sha_mac.update(str_byts);
	sha1hash = sha_mac.doFinal(seed);
	for (int i = 0; (i < sha_mac_length) & (pos < out.length); i++) {
	out[pos++] ^= sha1hash[i];
	}
	// make A(i)
	hash = sha_mac.doFinal(hash);
	}

	if (logger != null) {
	logger.println("PRF:");
	logger.printAsHex(sha_mac_length, "", " ", out);
	}
	}
	}