private BigInteger calculateU(BigInteger clientPublic, BigInteger serverPublic, BigInteger modulus) { byte[] paddedClientPublic = calculatePadding(modulus, clientPublic); LOGGER.debug("ClientPublic Key:" + ArrayConverter.bytesToHexString(ArrayConverter.bigIntegerToByteArray(clientPublic))); LOGGER.debug("PaddedClientPublic. " + ArrayConverter.bytesToHexString(paddedClientPublic)); byte[] paddedServerPublic = calculatePadding(modulus, serverPublic); LOGGER.debug("ServerPublic Key:" + ArrayConverter.bytesToHexString(ArrayConverter.bigIntegerToByteArray(serverPublic))); LOGGER.debug("PaddedServerPublic. " + ArrayConverter.bytesToHexString(paddedServerPublic)); byte[] hashInput = ArrayConverter.concatenate(paddedClientPublic, paddedServerPublic); LOGGER.debug("HashInput for u: " + ArrayConverter.bytesToHexString(hashInput)); byte[] hashOutput = SHAsum(hashInput); LOGGER.debug("Hashvalue for u: " + ArrayConverter.bytesToHexString(hashOutput)); return new BigInteger(1, hashOutput); }
/** * Computes Chinese Reminder Theorem: x == congs[i] mod moduli[i] * * @param congs * A BigInteger[] of congestions * @param moduli * A BigInteger[] of moduli * @return Chinese Reminder Theorem: x == congs[i] mod moduli[i] */ public static BigInteger CRT(List<BigInteger> congs, List<BigInteger> moduli) { BigInteger[] cs = ArrayConverter.convertListToArray(congs); BigInteger[] ms = ArrayConverter.convertListToArray(moduli); return CRT(cs, ms); }
private void prepareCipherKind(SSL2ClientMasterKeyMessage message) { // by default we currently just try export RC4 message.setCipherKind(ArrayConverter.hexStringToByteArray("020080")); LOGGER.debug("CipherKind: " + ArrayConverter.bytesToHexString(message.getCipherKind().getValue())); }
/** * Computes the HKDF-Label as defined in TLS 1.3 */ private static byte[] labelEncoder(byte[] hashValue, String labelIn, int outLen) { String label = "tls13 " + labelIn; int labelLength = label.getBytes().length; int hashValueLength = hashValue.length; byte[] result = ArrayConverter.concatenate(ArrayConverter.intToBytes(outLen, 2), ArrayConverter.intToBytes(labelLength, 1), label.getBytes(), ArrayConverter.intToBytes(hashValueLength, 1), hashValue); return result; }
private byte[] calculatePadding(BigInteger modulus, BigInteger topad) { byte[] padding; int modulusByteLength = ArrayConverter.bigIntegerToByteArray(modulus).length; byte[] paddingArray = ArrayConverter.bigIntegerToByteArray(topad); if (modulusByteLength == paddingArray.length) { return paddingArray; } int paddingByteLength = modulusByteLength - paddingArray.length; if (paddingByteLength < 0) { LOGGER.warn("Padding ByteLength negative, Using Zero instead"); paddingByteLength = 0; } padding = new byte[paddingByteLength]; return ArrayConverter.concatenate(padding, paddingArray); }
public BigInteger calculateX(byte[] salt, byte[] identity, byte[] password) { byte[] hashInput1 = ArrayConverter.concatenate(identity, ArrayConverter.hexStringToByteArray("3A"), password); LOGGER.debug("HashInput for hashInput1: " + ArrayConverter.bytesToHexString(hashInput1)); byte[] hashOutput1 = SHAsum(hashInput1); LOGGER.debug("Hashvalue for hashInput1: " + ArrayConverter.bytesToHexString(hashOutput1)); byte[] hashInput2 = ArrayConverter.concatenate(salt, hashOutput1); LOGGER.debug("HashInput for hashInput2: " + ArrayConverter.bytesToHexString(hashInput2)); byte[] hashOutput2 = SHAsum(hashInput2); LOGGER.debug("Hashvalue for hashInput2: " + ArrayConverter.bytesToHexString(hashOutput2)); return new BigInteger(1, hashOutput2); }
protected void prepareClientServerRandom(T msg) { random = ArrayConverter.concatenate(chooser.getClientRandom(), chooser.getServerRandom()); msg.getComputations().setClientServerRandom(random); LOGGER.debug("ClientServerRandom: " + ArrayConverter.bytesToHexString(msg.getComputations().getClientServerRandom().getValue())); }
private EncryptionResult encryptTLS12(EncryptionRequest request) throws CryptoException { byte[] nonce = ArrayConverter.longToBytes(context.getWriteSequenceNumber(), RecordByteLength.SEQUENCE_NUMBER); byte[] iv = ArrayConverter.concatenate( getKeySet().getWriteIv(context.getConnection().getLocalConnectionEndType()), nonce); LOGGER.debug("Encrypting GCM with the following IV: {}", ArrayConverter.bytesToHexString(iv)); LOGGER.debug("Encrypting GCM with the following AAD: {}", ArrayConverter.bytesToHexString(request.getAdditionalAuthenticatedData())); byte[] ciphertext = encryptCipher.encrypt(iv, GCM_TAG_LENGTH * 8, request.getAdditionalAuthenticatedData(), request.getPlainText()); return new EncryptionResult(iv, ArrayConverter.concatenate(nonce, ciphertext), false); }
private Certificate parseCertificate(int lengthBytes, byte[] bytesToParse) { LOGGER.debug("SSL2 lengthBytes:" + lengthBytes); LOGGER.debug("SSL2 bytesToParse:" + ArrayConverter.bytesToHexString(bytesToParse, false)); try { byte[] concatenated = ArrayConverter.concatenate(ArrayConverter.intToBytes(lengthBytes + HandshakeByteLength.CERTIFICATES_LENGTH, HandshakeByteLength.CERTIFICATES_LENGTH), ArrayConverter .intToBytes(lengthBytes, HandshakeByteLength.CERTIFICATES_LENGTH), bytesToParse); LOGGER.debug("SSL2 concatenated:" + ArrayConverter.bytesToHexString(concatenated, false)); ByteArrayInputStream stream = new ByteArrayInputStream(concatenated); return Certificate.parse(stream); } catch (IOException | IllegalArgumentException E) { LOGGER.warn("Could not parse Certificate bytes into Certificate object:\n" + ArrayConverter.bytesToHexString(bytesToParse, false)); LOGGER.debug(E); return null; } }
@Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("UnknownHandshakeMessage:"); sb.append("\n Data: "); if (data != null && data.getValue() != null) { sb.append(ArrayConverter.bytesToHexString(data.getValue())); } else { sb.append("null"); } return sb.toString(); }
private byte[] calculatePremasterSecretServer(BigInteger modulus, BigInteger generator, BigInteger serverPrivateKey, BigInteger serverPublicKey, BigInteger clientPublicKey, byte[] salt, byte[] identity, byte[] password) { // PremasterSecret: (ClientPublicKey * v^u) ^ServerPrivatKey % modulus BigInteger u = calculateU(clientPublicKey, serverPublicKey, modulus); LOGGER.debug("Intermediate Value U" + ArrayConverter.bytesToHexString(ArrayConverter.bigIntegerToByteArray(u))); BigInteger x = calculateX(salt, identity, password); LOGGER.debug("Intermediate Value X" + ArrayConverter.bytesToHexString(ArrayConverter.bigIntegerToByteArray(x))); BigInteger v = calculateV(x, generator, modulus); LOGGER.debug("Intermediate Value V" + ArrayConverter.bytesToHexString(ArrayConverter.bigIntegerToByteArray(v))); BigInteger helpValue1 = v.modPow(u, modulus); LOGGER.debug("v^u" + ArrayConverter.bytesToHexString(ArrayConverter.bigIntegerToByteArray(helpValue1))); BigInteger helpValue2 = clientPublicKey.multiply(helpValue1); BigInteger helpValue3 = helpValue2.mod(modulus); LOGGER.debug("A * v^u" + ArrayConverter.bytesToHexString(ArrayConverter.bigIntegerToByteArray(helpValue3))); helpValue1 = helpValue3.modPow(serverPrivateKey, modulus); LOGGER.debug("PremstSercret" + ArrayConverter.bytesToHexString(ArrayConverter.bigIntegerToByteArray(helpValue1))); return ArrayConverter.bigIntegerToByteArray(helpValue1); }
protected void prepareRandom() { byte[] random; if (chooser.getConfig().isUseFreshRandom()) { random = new byte[HandshakeByteLength.RANDOM - HandshakeByteLength.UNIX_TIME]; chooser.getContext().getRandom().nextBytes(random); msg.setUnixTime(ArrayConverter.longToUint32Bytes(TimeHelper.getTime())); random = ArrayConverter.concatenate(msg.getUnixTime().getValue(), random); } else { if (chooser.getTalkingConnectionEnd() == ConnectionEndType.CLIENT) { random = chooser.getClientRandom(); } else { random = chooser.getServerRandom(); } } msg.setRandom(random); LOGGER.debug("Random: " + ArrayConverter.bytesToHexString(msg.getRandom().getValue())); }
public byte[] getCompleteEncryptedCipherText() { if (explicitIv) { return ArrayConverter.concatenate(initialisationVector, encryptedCipherText); } else { return encryptedCipherText; } } }
Sender(String hex) { value = ArrayConverter.hexStringToByteArray(hex); }
private byte[] getObfuscatedTicketAge(byte[] ticketAgeAdd, String ticketAge) { DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss.SSS"); LocalDateTime ticketDate = LocalDateTime.parse(ticketAge, dateTimeFormatter); BigInteger difference = BigInteger.valueOf(Duration.between(ticketDate, LocalDateTime.now()).toMillis()); BigInteger addValue = BigInteger.valueOf(ArrayConverter.bytesToLong(ticketAgeAdd)); BigInteger mod = BigInteger.valueOf(2).pow(32); difference = difference.add(addValue); difference = difference.mod(mod); byte[] obfTicketAge = ArrayConverter.longToBytes(difference.longValue(), ExtensionByteLength.TICKET_AGE_LENGTH); LOGGER.debug("Calculated ObfuscatedTicketAge: " + ArrayConverter.bytesToHexString(obfTicketAge)); return obfTicketAge; }
padding = new byte[randomByteLength]; chooser.getContext().getRandom().nextBytes(padding); ArrayConverter.makeArrayNonZero(padding); preparePadding(msg); premasterSecret = generatePremasterSecret(); BigInteger biEncrypted = biPaddedPremasterSecret.modPow(chooser.getServerRSAPublicKey(), chooser.getServerRsaModulus()); encrypted = ArrayConverter.bigIntegerToByteArray(biEncrypted, chooser.getServerRsaModulus().bitLength() / 8, true); prepareSerializedPublicKey(msg); LOGGER.debug("PaddedPremaster:" + ArrayConverter.bytesToHexString(paddedPremasterSecret)); if (randomByteLength < paddedPremasterSecret.length && randomByteLength > 0) { premasterSecret = Arrays.copyOfRange(paddedPremasterSecret, randomByteLength,
private void writeTicketLength(NewSessionTicketMessage msg) { appendBytes(ArrayConverter.intToBytes(msg.getTicketLength().getValue(), HandshakeByteLength.NEWSESSIONTICKET_TICKET_LENGTH)); LOGGER.debug("TicketLength: " + ArrayConverter.bytesToHexString(ArrayConverter.intToBytes(msg.getTicketLength().getValue(), HandshakeByteLength.NEWSESSIONTICKET_TICKET_LENGTH))); }
public byte[] getByteValue() { return ArrayConverter.intToBytes(value, 2); }
private byte[] createSignature() throws CryptoException { byte[] toBeSigned = chooser.getContext().getDigest().getRawBytes(); if (chooser.getSelectedProtocolVersion().isTLS13()) { if (chooser.getConnectionEndType() == ConnectionEndType.CLIENT) { toBeSigned = ArrayConverter .concatenate( ArrayConverter .hexStringToByteArray("20202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020"), CertificateVerifiyConstants.CLIENT_CERTIFICATE_VERIFY.getBytes(), new byte[] { (byte) 0x00 }, chooser.getContext().getDigest() .digest(chooser.getSelectedProtocolVersion(), chooser.getSelectedCipherSuite())); } else { toBeSigned = ArrayConverter .concatenate( ArrayConverter .hexStringToByteArray("20202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020"), CertificateVerifiyConstants.SERVER_CERTIFICATE_VERIFY.getBytes(), new byte[] { (byte) 0x00 }, chooser.getContext().getDigest() .digest(chooser.getSelectedProtocolVersion(), chooser.getSelectedCipherSuite())); } } else if (chooser.getSelectedProtocolVersion().isSSL()) { final byte[] handshakeMessageContent = chooser.getContext().getDigest().getRawBytes(); final byte[] masterSecret = chooser.getMasterSecret(); return SSLUtils.calculateSSLCertificateVerifySignature(handshakeMessageContent, masterSecret); } algorithm = chooser.getSelectedSigHashAlgorithm(); return SignatureCalculator.generateSignature(algorithm, chooser, toBeSigned); }
@Override public byte[] getDecryptionIV() { byte[] nonce = ArrayConverter.longToBytes(context.getReadSequenceNumber(), SEQUENCE_NUMBER_LENGTH); return ArrayConverter.concatenate(getKeySet().getReadIv(context.getConnection().getLocalConnectionEndType()), nonce); } }