linkerlau/my-jdk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(jdk8): move files to new folder to avoid resources compiled.

Browse Source
This commit is contained in:
linkerlau
2025-09-07 15:25:52 +08:00
parent 3f0047bf6f
commit 8c35cfb1c0
17415 changed files with 217 additions and 213 deletions
Download Patch File Download Diff File Expand all files Collapse all files

71
jdkSrc/jdk8/sun/security/internal/interfaces/TlsMasterSecret.java Normal file
View File

@@ -0,0 +1,71 @@
/*
* Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.internal.interfaces;
import javax.crypto.SecretKey;
/**
* An SSL/TLS master secret key. It is a <code>SecretKey</code> that optionally
* contains protocol version information that is used to detect version
* rollback attacks during the SSL/TLS handshake.
*
* <p>Implementation of this interface are returned by the
* <code>generateKey()</code> method of KeyGenerators of the type
* "TlsMasterSecret".
*
* @since 1.6
* @author Andreas Sterbenz
* @deprecated Sun JDK internal use only --- WILL BE REMOVED in a future
* release.
*/
@Deprecated
public interface TlsMasterSecret extends SecretKey {
public static final long serialVersionUID = -461748105810469773L;
/**
* Returns the major version number encapsulated in the premaster secret
* this master secret was derived from, or -1 if it is not available.
*
* <p>This information will only usually only be available when RSA
* was used as the key exchange algorithm.
*
* @return the major version number, or -1 if it is not available
*/
public int getMajorVersion();
/**
* Returns the minor version number encapsulated in the premaster secret
* this master secret was derived from, or -1 if it is not available.
*
* <p>This information will only usually only be available when RSA
* was used as the key exchange algorithm.
*
* @return the major version number, or -1 if it is not available
*/
public int getMinorVersion();
}

253
jdkSrc/jdk8/sun/security/internal/spec/TlsKeyMaterialParameterSpec.java Normal file
View File

@@ -0,0 +1,253 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.internal.spec;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.SecretKey;
/**
* Parameters for SSL/TLS key material generation.
* This class is used to initialize KeyGenerator of the type
* "TlsKeyMaterial". The keys returned by such KeyGenerators will be
* instances of {@link TlsKeyMaterialSpec}.
*
* <p>Instances of this class are immutable.
*
* @since 1.6
* @author Andreas Sterbenz
* @deprecated Sun JDK internal use only --- WILL BE REMOVED in a future
* release.
*/
@Deprecated
public class TlsKeyMaterialParameterSpec implements AlgorithmParameterSpec {
private final SecretKey masterSecret;
private final int majorVersion, minorVersion;
private final byte[] clientRandom, serverRandom;
private final String cipherAlgorithm;
private final int cipherKeyLength, ivLength, macKeyLength;
private final int expandedCipherKeyLength; // == 0 for domestic ciphersuites
private final String prfHashAlg;
private final int prfHashLength;
private final int prfBlockSize;
/**
* Constructs a new TlsKeyMaterialParameterSpec.
*
* @param masterSecret the master secret
* @param majorVersion the major number of the protocol version
* @param minorVersion the minor number of the protocol version
* @param clientRandom the client's random value
* @param serverRandom the server's random value
* @param cipherAlgorithm the algorithm name of the cipher keys to
* be generated
* @param cipherKeyLength if 0, no cipher keys will be generated;
* otherwise, the length in bytes of cipher keys to be
* generated for domestic cipher suites; for cipher suites defined as
* exportable, the number of key material bytes to be generated;
* @param expandedCipherKeyLength 0 for domestic cipher suites; for
* exportable cipher suites the length in bytes of the key to be
* generated.
* @param ivLength the length in bytes of the initialization vector
* to be generated, or 0 if no initialization vector is required
* @param macKeyLength the length in bytes of the MAC key to be generated
* @param prfHashAlg the name of the TLS PRF hash algorithm to use.
* Used only for TLS 1.2+. TLS1.1 and earlier use a fixed PRF.
* @param prfHashLength the output length of the TLS PRF hash algorithm.
* Used only for TLS 1.2+.
* @param prfBlockSize the input block size of the TLS PRF hash algorithm.
* Used only for TLS 1.2+.
*
* @throws NullPointerException if masterSecret, clientRandom,
* serverRandom, or cipherAlgorithm are null
* @throws IllegalArgumentException if the algorithm of masterSecret is
* not TlsMasterSecret, or if majorVersion or minorVersion are
* negative or larger than 255; or if cipherKeyLength, expandedKeyLength,
* ivLength, or macKeyLength are negative
*/
public TlsKeyMaterialParameterSpec(SecretKey masterSecret,
int majorVersion, int minorVersion, byte[] clientRandom,
byte[] serverRandom, String cipherAlgorithm, int cipherKeyLength,
int expandedCipherKeyLength, int ivLength, int macKeyLength,
String prfHashAlg, int prfHashLength, int prfBlockSize) {
if (masterSecret.getAlgorithm().equals("TlsMasterSecret") == false) {
throw new IllegalArgumentException("Not a TLS master secret");
}
if (cipherAlgorithm == null) {
throw new NullPointerException();
}
this.masterSecret = masterSecret;
this.majorVersion =
TlsMasterSecretParameterSpec.checkVersion(majorVersion);
this.minorVersion =
TlsMasterSecretParameterSpec.checkVersion(minorVersion);
this.clientRandom = clientRandom.clone();
this.serverRandom = serverRandom.clone();
this.cipherAlgorithm = cipherAlgorithm;
this.cipherKeyLength = checkSign(cipherKeyLength);
this.expandedCipherKeyLength = checkSign(expandedCipherKeyLength);
this.ivLength = checkSign(ivLength);
this.macKeyLength = checkSign(macKeyLength);
this.prfHashAlg = prfHashAlg;
this.prfHashLength = prfHashLength;
this.prfBlockSize = prfBlockSize;
}
private static int checkSign(int k) {
if (k < 0) {
throw new IllegalArgumentException("Value must not be negative");
}
return k;
}
/**
* Returns the master secret.
*
* @return the master secret.
*/
public SecretKey getMasterSecret() {
return masterSecret;
}
/**
* Returns the major version number.
*
* @return the major version number.
*/
public int getMajorVersion() {
return majorVersion;
}
/**
* Returns the minor version number.
*
* @return the minor version number.
*/
public int getMinorVersion() {
return minorVersion;
}
/**
* Returns a copy of the client's random value.
*
* @return a copy of the client's random value.
*/
public byte[] getClientRandom() {
return clientRandom.clone();
}
/**
* Returns a copy of the server's random value.
*
* @return a copy of the server's random value.
*/
public byte[] getServerRandom() {
return serverRandom.clone();
}
/**
* Returns the cipher algorithm.
*
* @return the cipher algorithm.
*/
public String getCipherAlgorithm() {
return cipherAlgorithm;
}
/**
* Returns the length in bytes of the encryption key to be generated.
*
* @return the length in bytes of the encryption key to be generated.
*/
public int getCipherKeyLength() {
return cipherKeyLength;
}
/**
* Returns the length in bytes of the expanded encryption key to be
* generated. Returns zero if the expanded encryption key is not
* supposed to be generated.
*
* @return the length in bytes of the expanded encryption key to be
* generated.
*/
public int getExpandedCipherKeyLength() {
// TLS v1.1 disables the exportable weak cipher suites.
if (majorVersion >= 0x03 && minorVersion >= 0x02) {
return 0;
}
return expandedCipherKeyLength;
}
/**
* Returns the length in bytes of the initialization vector to be
* generated. Returns zero if the initialization vector is not
* supposed to be generated.
*
* @return the length in bytes of the initialization vector to be
* generated.
*/
public int getIvLength() {
return ivLength;
}
/**
* Returns the length in bytes of the MAC key to be generated.
*
* @return the length in bytes of the MAC key to be generated.
*/
public int getMacKeyLength() {
return macKeyLength;
}
/**
* Obtains the PRF hash algorithm to use in the PRF calculation.
*
* @return the hash algorithm.
*/
public String getPRFHashAlg() {
return prfHashAlg;
}
/**
* Obtains the length of the PRF hash algorithm.
*
* @return the hash algorithm length.
*/
public int getPRFHashLength() {
return prfHashLength;
}
/**
* Obtains the block size of the PRF hash algorithm.
*
* @return the hash algorithm block size
*/
public int getPRFBlockSize() {
return prfBlockSize;
}
}

191
jdkSrc/jdk8/sun/security/internal/spec/TlsKeyMaterialSpec.java Normal file
View File

@@ -0,0 +1,191 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.internal.spec;
import java.security.spec.KeySpec;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
/**
* KeySpec class for SSL/TLS key material.
*
* <p>Instances of this class are returned by the <code>generateKey()</code>
* method of KeyGenerators of the type "TlsKeyMaterial".
* Instances of this class are immutable.
*
* @since 1.6
* @author Andreas Sterbenz
* @deprecated Sun JDK internal use only --- WILL BE REMOVED in a future
* release.
*/
@Deprecated
public class TlsKeyMaterialSpec implements KeySpec, SecretKey {
static final long serialVersionUID = 812912859129525028L;
private final SecretKey clientMacKey, serverMacKey;
private final SecretKey clientCipherKey, serverCipherKey;
private final IvParameterSpec clientIv, serverIv;
/**
* Constructs a new TlsKeymaterialSpec from the client and server MAC
* keys.
* This call is equivalent to
* <code>new TlsKeymaterialSpec(clientMacKey, serverMacKey,
* null, null, null, null)</code>.
*
* @param clientMacKey the client MAC key (or null)
* @param serverMacKey the server MAC key (or null)
*/
public TlsKeyMaterialSpec(SecretKey clientMacKey, SecretKey serverMacKey) {
this(clientMacKey, serverMacKey, null, null, null, null);
}
/**
* Constructs a new TlsKeymaterialSpec from the client and server MAC
* keys and client and server cipher keys.
* This call is equivalent to
* <code>new TlsKeymaterialSpec(clientMacKey, serverMacKey,
* clientCipherKey, serverCipherKey, null, null)</code>.
*
* @param clientMacKey the client MAC key (or null)
* @param serverMacKey the server MAC key (or null)
* @param clientCipherKey the client cipher key (or null)
* @param serverCipherKey the server cipher key (or null)
*/
public TlsKeyMaterialSpec(SecretKey clientMacKey, SecretKey serverMacKey,
SecretKey clientCipherKey, SecretKey serverCipherKey) {
this(clientMacKey, serverMacKey, clientCipherKey, null,
serverCipherKey, null);
}
/**
* Constructs a new TlsKeymaterialSpec from the client and server MAC
* keys, client and server cipher keys, and client and server
* initialization vectors.
*
* @param clientMacKey the client MAC key (or null)
* @param serverMacKey the server MAC key (or null)
* @param clientCipherKey the client cipher key (or null)
* @param clientIv the client initialization vector (or null)
* @param serverCipherKey the server cipher key (or null)
* @param serverIv the server initialization vector (or null)
*/
public TlsKeyMaterialSpec(SecretKey clientMacKey, SecretKey serverMacKey,
SecretKey clientCipherKey, IvParameterSpec clientIv,
SecretKey serverCipherKey, IvParameterSpec serverIv) {
this.clientMacKey = clientMacKey;
this.serverMacKey = serverMacKey;
this.clientCipherKey = clientCipherKey;
this.serverCipherKey = serverCipherKey;
this.clientIv = clientIv;
this.serverIv = serverIv;
}
/**
* Returns <code>TlsKeyMaterial</code>.
*
* @return <code>TlsKeyMaterial</code>.
*/
public String getAlgorithm() {
return "TlsKeyMaterial";
}
/**
* Returns <code>null</code> because keys of this type have no encoding.
*
* @return <code>null</code> because keys of this type have no encoding.
*/
public String getFormat() {
return null;
}
/**
* Returns <code>null</code> because keys of this type have no encoding.
*
* @return <code>null</code> because keys of this type have no encoding.
*/
public byte[] getEncoded() {
return null;
}
/**
* Returns the client MAC key.
*
* @return the client MAC key (or null).
*/
public SecretKey getClientMacKey() {
return clientMacKey;
}
/**
* Return the server MAC key.
*
* @return the server MAC key (or null).
*/
public SecretKey getServerMacKey() {
return serverMacKey;
}
/**
* Return the client cipher key (or null).
*
* @return the client cipher key (or null).
*/
public SecretKey getClientCipherKey() {
return clientCipherKey;
}
/**
* Return the client initialization vector (or null).
*
* @return the client initialization vector (or null).
*/
public IvParameterSpec getClientIv() {
return clientIv;
}
/**
* Return the server cipher key (or null).
*
* @return the server cipher key (or null).
*/
public SecretKey getServerCipherKey() {
return serverCipherKey;
}
/**
* Return the server initialization vector (or null).
*
* @return the server initialization vector (or null).
*/
public IvParameterSpec getServerIv() {
return serverIv;
}
}

234
jdkSrc/jdk8/sun/security/internal/spec/TlsMasterSecretParameterSpec.java Normal file
View File

@@ -0,0 +1,234 @@
/*
* Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.internal.spec;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.SecretKey;
/**
* Parameters for SSL/TLS master secret generation.
* This class encapsulates the information necessary to calculate a SSL/TLS
* master secret from the premaster secret and other parameters.
* It is used to initialize KeyGenerators of the type "TlsMasterSecret".
*
* <p>Instances of this class are immutable.
*
* @since 1.6
* @author Andreas Sterbenz
* @deprecated Sun JDK internal use only --- WILL BE REMOVED in a future
* release.
*/
@Deprecated
public class TlsMasterSecretParameterSpec implements AlgorithmParameterSpec {
private final SecretKey premasterSecret;
private final int majorVersion, minorVersion;
private final byte[] clientRandom, serverRandom;
private final byte[] extendedMasterSecretSessionHash;
private final String prfHashAlg;
private final int prfHashLength;
private final int prfBlockSize;
/**
* Constructs a new TlsMasterSecretParameterSpec.
*
* <p>The <code>getAlgorithm()</code> method of <code>premasterSecret</code>
* should return <code>"TlsRsaPremasterSecret"</code> if the key exchange
* algorithm was RSA and <code>"TlsPremasterSecret"</code> otherwise.
*
* @param premasterSecret the premaster secret
* @param majorVersion the major number of the protocol version
* @param minorVersion the minor number of the protocol version
* @param clientRandom the client's random value
* @param serverRandom the server's random value
* @param prfHashAlg the name of the TLS PRF hash algorithm to use.
* Used only for TLS 1.2+. TLS1.1 and earlier use a fixed PRF.
* @param prfHashLength the output length of the TLS PRF hash algorithm.
* Used only for TLS 1.2+.
* @param prfBlockSize the input block size of the TLS PRF hash algorithm.
* Used only for TLS 1.2+.
*
* @throws NullPointerException if premasterSecret, clientRandom,
* or serverRandom are null
* @throws IllegalArgumentException if minorVersion or majorVersion are
* negative or larger than 255
*/
public TlsMasterSecretParameterSpec(SecretKey premasterSecret,
int majorVersion, int minorVersion,
byte[] clientRandom, byte[] serverRandom,
String prfHashAlg, int prfHashLength, int prfBlockSize) {
this(premasterSecret, majorVersion, minorVersion,
clientRandom, serverRandom,
new byte[0],
prfHashAlg, prfHashLength, prfBlockSize);
}
/**
* Constructs a new TlsMasterSecretParameterSpec.
*
* <p>The <code>getAlgorithm()</code> method of <code>premasterSecret</code>
* should return <code>"TlsRsaPremasterSecret"</code> if the key exchange
* algorithm was RSA and <code>"TlsPremasterSecret"</code> otherwise.
*
* @param premasterSecret the premaster secret
* @param majorVersion the major number of the protocol version
* @param minorVersion the minor number of the protocol version
* @param extendedMasterSecretSessionHash the session hash for
* Extended Master Secret
* @param prfHashAlg the name of the TLS PRF hash algorithm to use.
* Used only for TLS 1.2+. TLS1.1 and earlier use a fixed PRF.
* @param prfHashLength the output length of the TLS PRF hash algorithm.
* Used only for TLS 1.2+.
* @param prfBlockSize the input block size of the TLS PRF hash algorithm.
* Used only for TLS 1.2+.
*
* @throws NullPointerException if premasterSecret is null
* @throws IllegalArgumentException if minorVersion or majorVersion are
* negative or larger than 255
*/
public TlsMasterSecretParameterSpec(SecretKey premasterSecret,
int majorVersion, int minorVersion,
byte[] extendedMasterSecretSessionHash,
String prfHashAlg, int prfHashLength, int prfBlockSize) {
this(premasterSecret, majorVersion, minorVersion,
new byte[0], new byte[0],
extendedMasterSecretSessionHash,
prfHashAlg, prfHashLength, prfBlockSize);
}
private TlsMasterSecretParameterSpec(SecretKey premasterSecret,
int majorVersion, int minorVersion,
byte[] clientRandom, byte[] serverRandom,
byte[] extendedMasterSecretSessionHash,
String prfHashAlg, int prfHashLength, int prfBlockSize) {
if (premasterSecret == null) {
throw new NullPointerException("premasterSecret must not be null");
}
this.premasterSecret = premasterSecret;
this.majorVersion = checkVersion(majorVersion);
this.minorVersion = checkVersion(minorVersion);
this.clientRandom = clientRandom.clone();
this.serverRandom = serverRandom.clone();
this.extendedMasterSecretSessionHash =
(extendedMasterSecretSessionHash != null ?
extendedMasterSecretSessionHash.clone() : new byte[0]);
this.prfHashAlg = prfHashAlg;
this.prfHashLength = prfHashLength;
this.prfBlockSize = prfBlockSize;
}
static int checkVersion(int version) {
if ((version < 0) || (version > 255)) {
throw new IllegalArgumentException(
"Version must be between 0 and 255");
}
return version;
}
/**
* Returns the premaster secret.
*
* @return the premaster secret.
*/
public SecretKey getPremasterSecret() {
return premasterSecret;
}
/**
* Returns the major version number.
*
* @return the major version number.
*/
public int getMajorVersion() {
return majorVersion;
}
/**
* Returns the minor version number.
*
* @return the minor version number.
*/
public int getMinorVersion() {
return minorVersion;
}
/**
* Returns a copy of the client's random value.
*
* @return a copy of the client's random value.
*/
public byte[] getClientRandom() {
return clientRandom.clone();
}
/**
* Returns a copy of the server's random value.
*
* @return a copy of the server's random value.
*/
public byte[] getServerRandom() {
return serverRandom.clone();
}
/**
* Returns a copy of the Extended Master Secret session hash.
*
* @return a copy of the Extended Master Secret session hash, or an empty
* array if no extended master secret session hash was provided
* at instantiation time
*/
public byte[] getExtendedMasterSecretSessionHash() {
return extendedMasterSecretSessionHash.clone();
}
/**
* Obtains the PRF hash algorithm to use in the PRF calculation.
*
* @return the hash algorithm.
*/
public String getPRFHashAlg() {
return prfHashAlg;
}
/**
* Obtains the length of the PRF hash algorithm.
*
* @return the hash algorithm length.
*/
public int getPRFHashLength() {
return prfHashLength;
}
/**
* Obtains the block size of the PRF hash algorithm.
*
* @return the hash algorithm block size.
*/
public int getPRFBlockSize() {
return prfBlockSize;
}
}

157
jdkSrc/jdk8/sun/security/internal/spec/TlsPrfParameterSpec.java Normal file
View File

@@ -0,0 +1,157 @@
/*
* Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.internal.spec;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.SecretKey;
/**
* Parameters for the TLS PRF (pseudo-random function). The PRF function
* is defined in RFC 2246.
* This class is used to initialize KeyGenerators of the type "TlsPrf".
*
* <p>Instances of this class are immutable.
*
* @since 1.6
* @author Andreas Sterbenz
* @deprecated Sun JDK internal use only --- WILL BE REMOVED in a future
* release.
*/
@Deprecated
public class TlsPrfParameterSpec implements AlgorithmParameterSpec {
private final SecretKey secret;
private final String label;
private final byte[] seed;
private final int outputLength;
private final String prfHashAlg;
private final int prfHashLength;
private final int prfBlockSize;
/**
* Constructs a new TlsPrfParameterSpec.
*
* @param secret the secret to use in the calculation (or null)
* @param label the label to use in the calculation
* @param seed the random seed to use in the calculation
* @param outputLength the length in bytes of the output key to be produced
* @param prfHashAlg the name of the TLS PRF hash algorithm to use.
* Used only for TLS 1.2+. TLS1.1 and earlier use a fixed PRF.
* @param prfHashLength the output length of the TLS PRF hash algorithm.
* Used only for TLS 1.2+.
* @param prfBlockSize the input block size of the TLS PRF hash algorithm.
* Used only for TLS 1.2+.
*
* @throws NullPointerException if label or seed is null
* @throws IllegalArgumentException if outputLength is negative
*/
public TlsPrfParameterSpec(SecretKey secret, String label,
byte[] seed, int outputLength,
String prfHashAlg, int prfHashLength, int prfBlockSize) {
if ((label == null) || (seed == null)) {
throw new NullPointerException("label and seed must not be null");
}
if (outputLength <= 0) {
throw new IllegalArgumentException("outputLength must be positive");
}
this.secret = secret;
this.label = label;
this.seed = seed.clone();
this.outputLength = outputLength;
this.prfHashAlg = prfHashAlg;
this.prfHashLength = prfHashLength;
this.prfBlockSize = prfBlockSize;
}
/**
* Returns the secret to use in the PRF calculation, or null if there is no
* secret.
*
* @return the secret to use in the PRF calculation, or null if there is no
* secret.
*/
public SecretKey getSecret() {
return secret;
}
/**
* Returns the label to use in the PRF calcuation.
*
* @return the label to use in the PRF calcuation.
*/
public String getLabel() {
return label;
}
/**
* Returns a copy of the seed to use in the PRF calcuation.
*
* @return a copy of the seed to use in the PRF calcuation.
*/
public byte[] getSeed() {
return seed.clone();
}
/**
* Returns the length in bytes of the output key to be produced.
*
* @return the length in bytes of the output key to be produced.
*/
public int getOutputLength() {
return outputLength;
}
/**
* Obtains the PRF hash algorithm to use in the PRF calculation.
*
* @return the hash algorithm, or null if no algorithm was specified.
*/
public String getPRFHashAlg() {
return prfHashAlg;
}
/**
* Obtains the length of PRF hash algorithm.
*
* It would have been preferred to use MessageDigest.getDigestLength(),
* but the API does not require implementations to support the method.
*
* @return the hash algorithm length.
*/
public int getPRFHashLength() {
return prfHashLength;
}
/**
* Obtains the length of PRF hash algorithm.
*
* @return the hash algorithm length.
*/
public int getPRFBlockSize() {
return prfBlockSize;
}
}

188
jdkSrc/jdk8/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java Normal file
View File

@@ -0,0 +1,188 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.internal.spec;
import java.security.spec.AlgorithmParameterSpec;
import java.security.AccessController;
import java.security.PrivilegedAction;
/**
* Parameters for SSL/TLS RSA premaster secret.
*
* <p>Instances of this class are immutable.
*
* @since 1.6
* @author Andreas Sterbenz
* @deprecated Sun JDK internal use only --- WILL BE REMOVED in a future
* release.
*/
@Deprecated
public class TlsRsaPremasterSecretParameterSpec
implements AlgorithmParameterSpec {
private final byte[] encodedSecret;
/*
* The TLS spec says that the version in the RSA premaster secret must
* be the maximum version supported by the client (i.e. the version it
* requested in its client hello version). However, we (and other
* implementations) used to send the active negotiated version. The
* system property below allows to toggle the behavior.
*/
private final static String PROP_NAME =
"com.sun.net.ssl.rsaPreMasterSecretFix";
/*
* Default is "false" (old behavior) for compatibility reasons in
* SSLv3/TLSv1. Later protocols (TLSv1.1+) do not use this property.
*/
private final static boolean rsaPreMasterSecretFix =
AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
public Boolean run() {
String value = System.getProperty(PROP_NAME);
if (value != null && value.equalsIgnoreCase("true")) {
return Boolean.TRUE;
}
return Boolean.FALSE;
}
});
private final int clientVersion;
private final int serverVersion;
/**
* Constructs a new TlsRsaPremasterSecretParameterSpec.
*
* @param clientVersion the version of the TLS protocol by which the
* client wishes to communicate during this session
* @param serverVersion the negotiated version of the TLS protocol which
* contains the lower of that suggested by the client in the client
* hello and the highest supported by the server.
*
* @throws IllegalArgumentException if clientVersion or serverVersion are
* negative or larger than (2^16 - 1)
*/
public TlsRsaPremasterSecretParameterSpec(
int clientVersion, int serverVersion) {
this.clientVersion = checkVersion(clientVersion);
this.serverVersion = checkVersion(serverVersion);
this.encodedSecret = null;
}
/**
* Constructs a new TlsRsaPremasterSecretParameterSpec.
*
* @param clientVersion the version of the TLS protocol by which the
* client wishes to communicate during this session
* @param serverVersion the negotiated version of the TLS protocol which
* contains the lower of that suggested by the client in the client
* hello and the highest supported by the server.
* @param encodedSecret the encoded secret key
*
* @throws IllegalArgumentException if clientVersion or serverVersion are
* negative or larger than (2^16 - 1) or if encodedSecret is not
* exactly 48 bytes
*/
public TlsRsaPremasterSecretParameterSpec(
int clientVersion, int serverVersion, byte[] encodedSecret) {
this.clientVersion = checkVersion(clientVersion);
this.serverVersion = checkVersion(serverVersion);
if (encodedSecret == null || encodedSecret.length != 48) {
throw new IllegalArgumentException(
"Encoded secret is not exactly 48 bytes");
}
this.encodedSecret = encodedSecret.clone();
}
/**
* Returns the version of the TLS protocol by which the client wishes to
* communicate during this session.
*
* @return the version of the TLS protocol in ClientHello message
*/
public int getClientVersion() {
return clientVersion;
}
/**
* Returns the negotiated version of the TLS protocol which contains the
* lower of that suggested by the client in the client hello and the
* highest supported by the server.
*
* @return the negotiated version of the TLS protocol in ServerHello message
*/
public int getServerVersion() {
return serverVersion;
}
/**
* Returns the major version used in RSA premaster secret.
*
* @return the major version used in RSA premaster secret.
*/
public int getMajorVersion() {
if (rsaPreMasterSecretFix || clientVersion >= 0x0302) {
// 0x0302: TLSv1.1
return (clientVersion >>> 8) & 0xFF;
}
return (serverVersion >>> 8) & 0xFF;
}
/**
* Returns the minor version used in RSA premaster secret.
*
* @return the minor version used in RSA premaster secret.
*/
public int getMinorVersion() {
if (rsaPreMasterSecretFix || clientVersion >= 0x0302) {
// 0x0302: TLSv1.1
return clientVersion & 0xFF;
}
return serverVersion & 0xFF;
}
private int checkVersion(int version) {
if ((version < 0) || (version > 0xFFFF)) {
throw new IllegalArgumentException(
"Version must be between 0 and 65,535");
}
return version;
}
/**
* Returns the encoded secret.
*
* @return the encoded secret, may be null if no encoded secret.
*/
public byte[] getEncodedSecret() {
return encodedSecret == null ? null : encodedSecret.clone();
}
}