public BadRandom getBadSecureRandom() { return new BadRandom(getRandom(), null); }
public static KeyStore createKeyStore(KeyPair keyPair, BadRandom random) throws CertificateException, IOException, InvalidKeyException, KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, OperatorCreationException { PublicKey publicKey = keyPair.getPublic(); PrivateKey privateKey = keyPair.getPrivate(); X500Name issuerName = new X500Name("CN=127.0.0.1, O=TLS-Attacker, L=RUB, ST=NRW, C=DE"); X500Name subjectName = issuerName; BigInteger serial = BigInteger.valueOf(random.nextInt()); Date before = new Date(System.currentTimeMillis() - 5000); Date after = new Date(System.currentTimeMillis() + 600000); X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, before, after, subjectName, publicKey); builder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true)); KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment); builder.addExtension(Extension.keyUsage, false, usage); ASN1EncodableVector purposes = new ASN1EncodableVector(); purposes.add(KeyPurposeId.id_kp_serverAuth); purposes.add(KeyPurposeId.id_kp_clientAuth); purposes.add(KeyPurposeId.anyExtendedKeyUsage); builder.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes)); String algorithm = createSigningAlgorithm(keyPair); X509Certificate cert = signCertificate(algorithm, builder, privateKey); cert.checkValidity(new Date()); cert.verify(publicKey); KeyStore keyStore = KeyStore.getInstance("JKS"); keyStore.load(null, null); keyStore.setKeyEntry(ALIAS, privateKey, PASSWORD.toCharArray(), new java.security.cert.Certificate[] { cert }); return keyStore; }
public BasicTlsServer(KeyStore keyStore, String password, String protocol, int port) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException { this.port = port; KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509"); keyManagerFactory.init(keyStore, password.toCharArray()); KeyManager[] keyManagers = keyManagerFactory.getKeyManagers(); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509"); trustManagerFactory.init(keyStore); TrustManager[] trustManagers = trustManagerFactory.getTrustManagers(); sslContext = SSLContext.getInstance(protocol); sslContext.init(keyManagers, trustManagers, new BadRandom()); cipherSuites = sslContext.getServerSocketFactory().getSupportedCipherSuites(); if (LOGGER.isDebugEnabled()) { LOGGER.debug("Provider: " + sslContext.getProvider()); LOGGER.debug("Supported cipher suites (" + sslContext.getServerSocketFactory().getSupportedCipherSuites().length + ")"); for (String c : sslContext.getServerSocketFactory().getSupportedCipherSuites()) { LOGGER.debug(" " + c); } } }
protected SSLContext getAllowAllContext() { SSLContext allowAllContext = null; try { allowAllContext = SSLContext.getInstance("TLS"); allowAllContext.getClientSessionContext().setSessionCacheSize(1); // Trust everything allowAllContext.init(null, new TrustManager[] { new X509TrustManager() { @Override public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws CertificateException { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } } }, new BadRandom()); } catch (NoSuchAlgorithmException | KeyManagementException E) { LOGGER.warn(E); } return allowAllContext; }
private static BigInteger calculatePrivate(DHParameters dhParams) { int limit = dhParams.getL(); if (limit != 0) { int minWeight = limit >>> 2; for (;;) { BigInteger x = new BigInteger(limit, new BadRandom()).setBit(limit - 1); if (WNafUtil.getNafWeight(x) >= minWeight) { return x; } } } BigInteger min = TWO; int m = dhParams.getM(); if (m != 0) { min = ONE.shiftLeft(m - 1); } BigInteger q = dhParams.getQ(); if (q == null) { q = dhParams.getP(); } BigInteger max = q.subtract(TWO); int minWeight = max.bitLength() >>> 2; for (;;) { BigInteger x = BigIntegers.createRandomInRange(min, max, new BadRandom()); if (WNafUtil.getNafWeight(x) >= minWeight) { return x; } } }
message.setPointLength(message.getPoint().getValue().length); ParametersWithRandom params = new ParametersWithRandom(new ECPrivateKeyParameters( tokenBindingECPrivateKey.getS(), generateEcParameters), new BadRandom(new Random(0), new byte[0])); ECDSASigner signer = new ECDSASigner(); signer.init(true, params);