@Override protected CertificateMessage createHandshakeMessage() { return new CertificateMessage(); }
private void prepareRequestContextLength(CertificateMessage msg) { msg.setRequestContextLength(msg.getRequestContext().getValue().length); LOGGER.debug("RequestContextLength: " + msg.getRequestContextLength().getValue()); byte[] encodedCert = CertificateByteChooser.getInstance().chooseCertificateKeyPair(chooser) .getCertificateBytes(); msg.setCertificatesListBytes(encodedCert); msg.setCertificatesListLength(msg.getCertificatesListBytes().getValue().length); } }
/** * Reads the next bytes as the CertificateBytes and writes them in the * message * * @param msg * Message to write in */ private void parseCertificateListBytes(CertificateMessage msg) { msg.setCertificatesListBytes(parseByteArrayField(msg.getCertificatesListLength().getValue())); LOGGER.debug("CertificatesListBytes: " + ArrayConverter.bytesToHexString(msg.getCertificatesListBytes())); }
/** * Reads the next bytes as the RequestContextLength and writes them in the * message * * @param msg * Message to write in */ private void parseRequestContextLength(CertificateMessage msg) { msg.setRequestContextLength(parseIntField(HandshakeByteLength.CERTIFICATE_REQUEST_CONTEXT_LENGTH)); LOGGER.debug("RequestContextLength: " + msg.getRequestContextLength()); }
/** * Reads the next bytes as the CertificateLength and writes them in the * message * * @param msg * Message to write in */ private void parseCertificatesListLength(CertificateMessage msg) { msg.setCertificatesListLength(parseIntField(HandshakeByteLength.CERTIFICATES_LENGTH)); LOGGER.debug("CertificatesListLength: " + msg.getCertificatesListLength()); }
private void prepareCertificateListBytes(CertificateMessage msg) { List<CertificatePair> pairList = msg.getCertificatesList(); if (pairList == null) { CertificateKeyPair selectedCertificateKeyPair; selectedCertificateKeyPair = chooser.getConfig().getDefaultExplicitCertificateKeyPair(); msg.setCertificateKeyPair(selectedCertificateKeyPair); byte[] certBytes = selectedCertificateKeyPair.getCertificateBytes(); if (certBytes.length >= 3 && selectedCertificateKeyPair.isCertificateParseable()) { pairList.add(new CertificatePair(subCert.getEncoded())); msg.setCertificatesList(pairList); prepareFromPairList(msg); } catch (IOException ex) { msg.setCertificatesListBytes(certBytes); msg.setCertificatesListLength(msg.getCertificatesListBytes().getValue().length); + ArrayConverter.bytesToHexString(msg.getCertificatesListBytes().getValue()));
int position = 0; List<CertificatePair> pairList = new LinkedList<>(); while (position < msg.getCertificatesListLength().getValue()) { CertificatePairParser parser = new CertificatePairParser(position, msg.getCertificatesListBytes() .getValue()); pairList.add(parser.parse()); msg.setCertificatesList(pairList); for (CertificatePair pair : msg.getCertificatesList()) { List<ExtensionMessage> extensionMessages = new LinkedList<>(); int pointer = 0; while (pointer < pair.getExtensionsLength().getValue()) { ExtensionParser parser = ExtensionParserFactory.getExtensionParser(pair.getExtensions().getValue(), pointer, msg.getHandshakeMessageType()); extensionMessages.add(parser.parse()); if (pointer == parser.getPointer()) { msg.setCertificatesListAsEntry(entryList);
int certificatesLength = 0; try { for (CertificatePair pair : message.getCertificatesList()) { stream.write(ArrayConverter.intToBytes(pair.getCertificateLength().getValue(), HandshakeByteLength.CERTIFICATE_LENGTH)); cert = parseCertificate(message.getCertificatesListLength().getValue(), message.getCertificatesListBytes() .getValue()); tlsContext.setServerCertificate(cert); if (message.getCertificateKeyPair() != null) { LOGGER.debug("Found a certificate key pair. Adjusting in context"); message.getCertificateKeyPair().adjustInContext(tlsContext, tlsContext.getTalkingConnectionEndType()); } else if (cert != null) { LOGGER.debug("No CertificatekeyPair found, creating new one"); CertificateKeyPair pair = new CertificateKeyPair(cert); message.setCertificateKeyPair(pair); message.getCertificateKeyPair().adjustInContext(tlsContext, tlsContext.getTalkingConnectionEndType());
private void prepareFromPairList(CertificateMessage msg) { ByteArrayOutputStream stream = new ByteArrayOutputStream(); for (CertificatePair pair : msg.getCertificatesList()) { CertificatePairPreparator preparator = new CertificatePairPreparator(chooser, pair); preparator.prepare(); CertificatePairSerializer serializer = new CertificatePairSerializer(pair, chooser.getSelectedProtocolVersion()); try { stream.write(serializer.serialize()); } catch (IOException ex) { throw new PreparationException("Could not write byte[] from CertificatePair", ex); } } msg.setCertificatesListBytes(stream.toByteArray()); msg.setCertificatesListLength(msg.getCertificatesListBytes().getValue().length); }
/** * Reads the next bytes as the requestContextBytes and writes them in the * message * * @param msg * Message to write in */ private void parseRequestContextBytes(CertificateMessage msg) { msg.setRequestContext(parseByteArrayField(msg.getRequestContextLength().getValue())); LOGGER.debug("RequestContextBytes: " + ArrayConverter.bytesToHexString(msg.getRequestContext())); }
private void prepareRequestContext(CertificateMessage msg) { if (chooser.getConnectionEndType() == ConnectionEndType.CLIENT) { msg.setRequestContext(chooser.getCertificateRequestContext()); } else { msg.setRequestContext(new byte[0]); } LOGGER.debug("RequestContext: " + ArrayConverter.bytesToHexString(msg.getRequestContext().getValue())); }
/** * Writes the RequestContextLength of the CertificateMessage into the final * byte[] */ private void writeRequestContextLength(CertificateMessage msg) { appendInt(msg.getRequestContextLength().getValue(), HandshakeByteLength.CERTIFICATE_REQUEST_CONTEXT_LENGTH); LOGGER.debug("RequestContextLength: " + msg.getRequestContextLength().getValue()); }
/** * Writes the CertificateLength of the CertificateMessage into the final * byte[] */ private void writeCertificatesListLength(CertificateMessage msg) { appendInt(msg.getCertificatesListLength().getValue(), HandshakeByteLength.CERTIFICATES_LENGTH); LOGGER.debug("certificatesListLength: " + msg.getCertificatesListLength().getValue()); }
/** * Writes the RequestContext of the CertificateMessage into the final byte[] */ private void writeRequestContext(CertificateMessage msg) { appendBytes(msg.getRequestContext().getValue()); LOGGER.debug("RequestContext: " + ArrayConverter.bytesToHexString(msg.getRequestContext().getValue())); }
/** * Writes the Certificate of the CertificateMessage into the final byte[] */ private void wirteCertificatesListBytes(CertificateMessage msg) { appendBytes(msg.getCertificatesListBytes().getValue()); LOGGER.debug("certificatesListBytes: " + ArrayConverter.bytesToHexString(msg.getCertificatesListBytes().getValue())); }
private void adjustExtensions(CertificateMessage message) { if (message.getCertificatesListAsEntry() != null) { for (CertificateEntry entry : message.getCertificatesListAsEntry()) { if (entry.getExtensions() != null) { for (ExtensionMessage extension : entry.getExtensions()) { HandshakeMessageType handshakeMessageType = HandshakeMessageType.CERTIFICATE; if (extension instanceof HRRKeyShareExtensionMessage) { // TODO // fix // design // flaw handshakeMessageType = HandshakeMessageType.HELLO_RETRY_REQUEST; } ExtensionHandler handler = HandlerFactory.getExtensionHandler(tlsContext, extension.getExtensionTypeConstant(), handshakeMessageType); handler.adjustTLSContext(extension); } } } } } }
if (config.getHighestProtocolVersion().isTLS13()) { if (config.isClientAuthentication()) { messages.add(new CertificateMessage(config)); messages.add(new CertificateVerifyMessage(config)); messages.add(new CertificateMessage(config)); addClientKeyExchangeMessage(messages); messages.add(new CertificateVerifyMessage(config));
public static Certificate fetchServerCertificate(Config config) { WorkflowTrace trace = new WorkflowTrace(); trace.addTlsAction(new SendAction(new ClientHelloMessage(config))); trace.addTlsAction(new ReceiveTillAction(new CertificateMessage(config))); State state = new State(config, trace); WorkflowExecutor workflowExecutor = WorkflowExecutorFactory.createWorkflowExecutor( WorkflowExecutorType.DEFAULT, state); try { workflowExecutor.executeWorkflow(); if (!state.getTlsContext().getTransportHandler().isClosed()) { state.getTlsContext().getTransportHandler().closeConnection(); } } catch (IOException | WorkflowExecutionException E) { LOGGER.warn("Could not fetch ServerCertificate"); LOGGER.debug(E); } return state.getTlsContext().getServerCertificate(); }
messages.add(new CertificateMessage()); } else { messages.add(new CertificateMessage(config)); if (!selectedCipherSuite.isSrpSha() && !selectedCipherSuite.isPskOrDhPsk() && !selectedCipherSuite.isAnon()) { if (connection.getLocalConnectionEndType() == ConnectionEndType.CLIENT) { messages.add(new CertificateMessage()); } else { messages.add(new CertificateMessage(config));
messageList.add(new CertificateMessage(tlsConfig)); messageList.add(new ServerHelloDoneMessage(tlsConfig)); workflowTrace.addTlsAction(new ReceiveAction(messageList));