sun.security.internal.spec.TlsMasterSecretParameterSpec Java Examples

The following examples show how to use sun.security.internal.spec.TlsMasterSecretParameterSpec. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: P11TlsMasterSecretGenerator.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) || (version > 0x0302)) {
        throw new InvalidAlgorithmParameterException
            ("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #2
Source File: TlsMasterSecretGenerator.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #3
Source File: P11TlsMasterSecretGenerator.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) || (version > 0x0302)) {
        throw new InvalidAlgorithmParameterException
            ("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #4
Source File: TlsMasterSecretGenerator.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #5
Source File: P11TlsMasterSecretGenerator.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) || (version > 0x0302)) {
        throw new InvalidAlgorithmParameterException
            ("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #6
Source File: TlsMasterSecretGenerator.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #7
Source File: P11TlsMasterSecretGenerator.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) && (version > 0x0303)) {
        throw new InvalidAlgorithmParameterException("Only SSL 3.0," +
                " TLS 1.0, TLS 1.1, and TLS 1.2 are supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #8
Source File: TlsMasterSecretGenerator.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #9
Source File: P11TlsMasterSecretGenerator.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) || (version > 0x0302)) {
        throw new InvalidAlgorithmParameterException
            ("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #10
Source File: TlsMasterSecretGenerator.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #11
Source File: P11TlsMasterSecretGenerator.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) || (version > 0x0302)) {
        throw new InvalidAlgorithmParameterException
            ("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #12
Source File: TlsMasterSecretGenerator.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #13
Source File: P11TlsMasterSecretGenerator.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) || (version > 0x0302)) {
        throw new InvalidAlgorithmParameterException
            ("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #14
Source File: TlsMasterSecretGenerator.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #15
Source File: P11TlsMasterSecretGenerator.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) && (version > 0x0303)) {
        throw new InvalidAlgorithmParameterException("Only SSL 3.0," +
                " TLS 1.0, TLS 1.1, and TLS 1.2 are supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #16
Source File: TlsMasterSecretGenerator.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
@SuppressWarnings("deprecation")
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #17
Source File: TlsMasterSecretGenerator.java    From Bytecoder with Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("deprecation")
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #18
Source File: TlsMasterSecretGenerator.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #19
Source File: P11TlsMasterSecretGenerator.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) || (version > 0x0302)) {
        throw new InvalidAlgorithmParameterException
            ("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #20
Source File: TlsMasterSecretGenerator.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #21
Source File: P11TlsMasterSecretGenerator.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) && (version > 0x0303)) {
        throw new InvalidAlgorithmParameterException("Only SSL 3.0," +
                " TLS 1.0, TLS 1.1, and TLS 1.2 are supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #22
Source File: TlsMasterSecretGenerator.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #23
Source File: P11TlsMasterSecretGenerator.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) || (version > 0x0302)) {
        throw new InvalidAlgorithmParameterException
            ("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #24
Source File: TlsMasterSecretGenerator.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #25
Source File: P11TlsMasterSecretGenerator.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version < 0x0300) && (version > 0x0303)) {
        throw new InvalidAlgorithmParameterException("Only SSL 3.0," +
                " TLS 1.0, TLS 1.1, and TLS 1.2 are supported");
    }
    // We assume the token supports the required mechanism. If it does not,
    // generateKey() will fail and the failover should take care of us.
}
 
Example #26
Source File: TlsMasterSecretGenerator.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }
    this.spec = (TlsMasterSecretParameterSpec)params;
    if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
        throw new InvalidAlgorithmParameterException(
            "Key format must be RAW");
    }
    protocolVersion = (spec.getMajorVersion() << 8)
        | spec.getMinorVersion();
    if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
        throw new InvalidAlgorithmParameterException(
            "Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
    }
}
 
Example #27
Source File: TestMasterSecret.java    From openjdk-jdk9 with GNU General Public License v2.0 4 votes vote down vote up
@Override
public void main(Provider provider) throws Exception {
    if (provider.getService("KeyGenerator", "SunTlsMasterSecret") == null) {
        System.out.println("Not supported by provider, skipping");
        return;
    }

    try (BufferedReader reader = Files.newBufferedReader(
            Paths.get(BASE, "masterdata.txt"))) {

        int n = 0;
        int lineNumber = 0;

        String algorithm = null;
        byte[] premaster = null;
        byte[] clientRandom = null;
        byte[] serverRandom = null;
        int protoMajor = 0;
        int protoMinor = 0;
        int preMajor = 0;
        int preMinor = 0;
        byte[] master = null;

        while (true) {
            String line = reader.readLine();
            lineNumber++;
            if (line == null) {
                break;
            }
            if (line.startsWith("m-") == false) {
                continue;
            }
            String data = line.substring(PREFIX_LENGTH);
            if (line.startsWith("m-algorithm:")) {
                algorithm = data;
            } else if (line.startsWith("m-premaster:")) {
                premaster = parse(data);
            } else if (line.startsWith("m-crandom:")) {
                clientRandom = parse(data);
            } else if (line.startsWith("m-srandom:")) {
                serverRandom = parse(data);
            } else if (line.startsWith("m-protomajor:")) {
                protoMajor = Integer.parseInt(data);
            } else if (line.startsWith("m-protominor:")) {
                protoMinor = Integer.parseInt(data);
            } else if (line.startsWith("m-premajor:")) {
                preMajor = Integer.parseInt(data);
            } else if (line.startsWith("m-preminor:")) {
                preMinor = Integer.parseInt(data);
            } else if (line.startsWith("m-master:")) {
                master = parse(data);

                System.out.print(".");
                n++;

                KeyGenerator kg =
                    KeyGenerator.getInstance("SunTlsMasterSecret", provider);
                SecretKey premasterKey =
                    new SecretKeySpec(premaster, algorithm);
                TlsMasterSecretParameterSpec spec =
                    new TlsMasterSecretParameterSpec(premasterKey,
                        protoMajor, protoMinor, clientRandom, serverRandom,
                        null, -1, -1);

                try {
                    kg.init(spec);
                    TlsMasterSecret key = (TlsMasterSecret)kg.generateKey();
                    byte[] enc = key.getEncoded();
                    if (Arrays.equals(master, enc) == false) {
                        throw new Exception("mismatch line: " + lineNumber);
                    }
                    if ((preMajor != key.getMajorVersion()) ||
                            (preMinor != key.getMinorVersion())) {
                       throw new Exception("version mismatch line: " + lineNumber);
                    }
                } catch (InvalidAlgorithmParameterException iape) {
                    // SSLv3 support is removed in S12
                    if (preMajor == 3 && preMinor == 0) {
                        System.out.println("Skip testing SSLv3");
                        continue;
                    }
                }
            } else {
                throw new Exception("Unknown line: " + line);
            }
        }
        if (n == 0) {
            throw new Exception("no tests");
        }
        System.out.println();
        System.out.println("OK: " + n + " tests");
    }
}
 
Example #28
Source File: P11TlsMasterSecretGenerator.java    From openjdk-jdk9 with GNU General Public License v2.0 4 votes vote down vote up
@SuppressWarnings("deprecation")
protected void engineInit(AlgorithmParameterSpec params,
        SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof TlsMasterSecretParameterSpec == false) {
        throw new InvalidAlgorithmParameterException(MSG);
    }

    TlsMasterSecretParameterSpec spec = (TlsMasterSecretParameterSpec)params;
    int version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
    if ((version == 0x0300 && !supportSSLv3) || (version < 0x0300) ||
        (version > 0x0302)) {
         throw new InvalidAlgorithmParameterException
                ("Only" + (supportSSLv3? " SSL 3.0,": "") +
                 " TLS 1.0, and TLS 1.1 are supported (0x" +
                 Integer.toHexString(version) + ")");
    }

    SecretKey key = spec.getPremasterSecret();
    // algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
    // but we omit the check
    try {
        p11Key = P11SecretKeyFactory.convertKey(token, key, null);
    } catch (InvalidKeyException e) {
        throw new InvalidAlgorithmParameterException("init() failed", e);
    }
    this.spec = spec;
    if (p11Key.getAlgorithm().equals("TlsRsaPremasterSecret")) {
        mechanism = (version == 0x0300) ? CKM_SSL3_MASTER_KEY_DERIVE
                                         : CKM_TLS_MASTER_KEY_DERIVE;
        ckVersion = new CK_VERSION(0, 0);
    } else {
        // Note: we use DH for all non-RSA premaster secrets. That includes
        // Kerberos. That should not be a problem because master secret
        // calculation is always a straightforward application of the
        // TLS PRF (or the SSL equivalent).
        // The only thing special about RSA master secret calculation is
        // that it extracts the version numbers from the premaster secret.
        mechanism = (version == 0x0300) ? CKM_SSL3_MASTER_KEY_DERIVE_DH
                                         : CKM_TLS_MASTER_KEY_DERIVE_DH;
        ckVersion = null;
    }
}