@Override protected T createHandshakeMessage() { return (T) new ECDHClientKeyExchangeMessage(); }
protected void setComputationPrivateKey(T msg, boolean clientMode) { if (clientMode) { msg.getComputations().setPrivateKey(chooser.getClientEcPrivateKey()); } else { msg.getComputations().setPrivateKey(chooser.getServerEcPrivateKey()); } LOGGER.debug("Computation PrivateKey: " + msg.getComputations().getPrivateKey().getValue().toString()); }
protected void prepareSerializedPublicKey(T msg) { msg.setPublicKey(ArrayConverter.concatenate(new byte[] { msg.getEcPointFormat().getValue() }, msg .getEcPointEncoded().getValue())); LOGGER.debug("SerializedPublicKey: " + ArrayConverter.bytesToHexString(msg.getPublicKey().getValue())); }
protected void prepareEcPointFormat(T msg) { msg.setEcPointFormat(serializedPoint[0]); LOGGER.debug("EcPointFormat: " + msg.getEcPointFormat().getValue()); }
protected void prepareSerializedPublicKeyLength(T msg) { msg.setPublicKeyLength(msg.getPublicKey().getValue().length); LOGGER.debug("SerializedPublicKeyLength: " + msg.getPublicKeyLength().getValue()); }
/** * Reads the next bytes as the SerializedPublicKeyLength and writes them in * the message * * @param msg * Message to write in */ private void parseSerializedPublicKeyLength(ECDHClientKeyExchangeMessage msg) { msg.setPublicKeyLength(parseIntField(HandshakeByteLength.ECDH_PARAM_LENGTH)); LOGGER.debug("SerializedPublicKeyLength: " + msg.getPublicKeyLength().getValue()); }
private WorkflowTrace executeProtocolFlow() { Config tlsConfig = getTlsConfig(); WorkflowTrace trace = new WorkflowConfigurationFactory(tlsConfig).createWorkflowTrace(WorkflowTraceType.HELLO, RunningModeType.CLIENT); trace.addTlsAction(new SendAction(new ECDHClientKeyExchangeMessage(tlsConfig), new ChangeCipherSpecMessage( tlsConfig), new FinishedMessage(tlsConfig))); trace.addTlsAction(new ReceiveAction(new ChangeCipherSpecMessage(), new FinishedMessage())); State state = new State(tlsConfig, trace); WorkflowExecutor workflowExecutor = WorkflowExecutorFactory.createWorkflowExecutor( tlsConfig.getWorkflowExecutorType(), state); ECDHClientKeyExchangeMessage message = (ECDHClientKeyExchangeMessage) WorkflowTraceUtil.getFirstSendMessage( HandshakeMessageType.CLIENT_KEY_EXCHANGE, trace); ModifiableByteArray serializedPublicKey = ModifiableVariableFactory.createByteArrayModifiableVariable(); byte[] points = ArrayConverter.concatenate(ArrayConverter.bigIntegerToByteArray(config.getPublicPointBaseX()), ArrayConverter.bigIntegerToByteArray(config.getPublicPointBaseY())); byte[] serialized = ArrayConverter.concatenate(new byte[] { 4 }, points); serializedPublicKey.setModification(ByteArrayModificationFactory.explicitValue(serialized)); message.setPublicKey(serializedPublicKey); ModifiableByteArray pms = ModifiableVariableFactory.createByteArrayModifiableVariable(); byte[] explicitPMS = BigIntegers.asUnsignedByteArray(config.getCurveFieldSize(), premasterSecret); pms.setModification(ByteArrayModificationFactory.explicitValue(explicitPMS)); message.prepareComputations(); message.getComputations().setPremasterSecret(pms); LOGGER.info("working with the follwoing premaster secret: " + ArrayConverter.bytesToHexString(explicitPMS)); workflowExecutor.executeWorkflow(); return trace; } }
@Override public void prepareAfterParse(boolean clientMode) { msg.prepareComputations(); prepareClientServerRandom(msg); NamedGroup usedGroup = chooser.getSelectedNamedGroup(); LOGGER.debug("Used Group: " + usedGroup.name()); setComputationPrivateKey(msg, clientMode); ECDomainParameters ecParams = getDomainParameters(chooser.getEcCurveType(), usedGroup); if (clientMode) { ECPoint clientPublicKey = ecParams.getG().multiply(msg.getComputations().getPrivateKey().getValue()); clientPublicKey = clientPublicKey.normalize(); if (clientPublicKey.getRawXCoord() != null && clientPublicKey.getRawYCoord() != null) { msg.getComputations().setComputedPublicKeyX(clientPublicKey.getRawXCoord().toBigInteger()); msg.getComputations().setComputedPublicKeyY(clientPublicKey.getRawYCoord().toBigInteger()); } else { LOGGER.warn("Could not compute correct public key. Using empty one instead"); msg.getComputations().setComputedPublicKeyX(BigInteger.ZERO); msg.getComputations().setComputedPublicKeyY(BigInteger.ZERO); } } setComputationPublicKey(msg, clientMode); LOGGER.debug("PublicKey used:" + msg.getComputations().getPublicKey().toString()); LOGGER.debug("PrivateKey used:" + msg.getComputations().getPrivateKey().getValue()); ECPoint publicKey = ecParams.getCurve().createPoint(msg.getComputations().getPublicKey().getX(), msg.getComputations().getPublicKey().getY()); publicKey = publicKey.normalize(); premasterSecret = computePremasterSecret(new ECPublicKeyParameters(publicKey, ecParams), new ECPrivateKeyParameters(msg.getComputations().getPrivateKey().getValue(), ecParams)); preparePremasterSecret(msg); }
/** * Reads the next bytes as the SerializedPublicKey and writes them in the * message * * @param msg * Message to write in */ private void parseSerializedPublicKey(ECDHClientKeyExchangeMessage msg) { msg.setPublicKey(parseByteArrayField(msg.getPublicKeyLength().getValue())); LOGGER.debug("SerializedPublicKey: " + ArrayConverter.bytesToHexString(msg.getPublicKey().getValue())); }
protected void setComputationPublicKey(T msg, boolean clientMode) { if (clientMode) { msg.getComputations().setPublicKey(chooser.getServerEcPublicKey().getX(), chooser.getServerEcPublicKey().getY()); } else { serializedPoint = msg.getPublicKey().getValue(); List<ECPointFormat> pointFormatList = chooser.getServerSupportedPointFormats(); ECPointFormat[] formatArray = pointFormatList.toArray(new ECPointFormat[pointFormatList.size()]); NamedGroup usedGroup = chooser.getSelectedNamedGroup(); ECDomainParameters ecParams = getDomainParameters(chooser.getEcCurveType(), usedGroup); short[] pointFormats = ECCUtilsBCWrapper.convertPointFormats(formatArray); try { ECPublicKeyParameters clientPublicKey = TlsECCUtils.deserializeECPublicKey(pointFormats, ecParams, serializedPoint); ECPoint q = clientPublicKey.getQ(); q = q.normalize(); msg.getComputations().setPublicKey(q.getRawXCoord().toBigInteger(), q.getRawYCoord().toBigInteger()); } catch (IOException ex) { throw new PreparationException("Could not deserialize EC Point: " + ArrayConverter.bytesToHexString(serializedPoint), ex); } } LOGGER.debug("Computation PublicKey: " + msg.getComputations().getPublicKey().toString()); }
protected void prepareEcPointEncoded(T msg) { msg.setEcPointEncoded(Arrays.copyOfRange(serializedPoint, 1, serializedPoint.length)); LOGGER.debug("EcPointEncoded: " + ArrayConverter.bytesToHexString(msg.getEcPointEncoded().getValue())); }
/** * Writes the SerializedPublicKey of the ECDHCLientKeyExchangeMessage into * the final byte[] */ private void writeSerializedPublicKey(T msg) { appendBytes(msg.getPublicKey().getValue()); LOGGER.debug("SerializedPublicKey: " + ArrayConverter.bytesToHexString(msg.getPublicKey().getValue())); }
/** * Writes the SerializedPublicKeyLength of the ECDHCLientKeyExchangeMessage * into the final byte[] */ private void writeSerializedPublicKeyLength(T msg) { appendInt(msg.getPublicKeyLength().getValue(), HandshakeByteLength.ECDH_PARAM_LENGTH); LOGGER.debug("SerializedPublicKeyLength: " + msg.getPublicKeyLength().getValue()); }
message.getComputations().setComputedPublicKeyX(x); message.getComputations().setComputedPublicKeyY(y); byte[] explicitePMS = BigIntegers.asUnsignedByteArray(curve.getKeyBits() / 8, secret); pms.setModification(ByteArrayModificationFactory.explicitValue(explicitePMS)); message.prepareComputations(); message.getComputations().setPremasterSecret(pms);
private void adjustClientPublicKey(ECDHClientKeyExchangeMessage message) { byte[] serializedPoint = message.getPublicKey().getValue(); List<ECPointFormat> pointFormatList = tlsContext.getChooser().getServerSupportedPointFormats(); ECPointFormat[] formatArray = pointFormatList.toArray(new ECPointFormat[pointFormatList.size()]); NamedGroup usedGroup = tlsContext.getChooser().getSelectedNamedGroup(); ECDomainParameters ecParams = getDomainParameters(tlsContext.getChooser().getEcCurveType(), usedGroup); short[] pointFormats = ECCUtilsBCWrapper.convertPointFormats(formatArray); try { ECPublicKeyParameters clientPublicKey = TlsECCUtils.deserializeECPublicKey(pointFormats, ecParams, serializedPoint); tlsContext.setClientEcPublicKey(new CustomECPoint(clientPublicKey.getQ().getRawXCoord().toBigInteger(), clientPublicKey.getQ().getRawYCoord().toBigInteger())); } catch (IOException ex) { LOGGER.info("Could not deserialize EC point (it is possible that some of your modifications made " + "the EC point invalid)"); LOGGER.debug( "EC point that was attempted to be deserialized: " + ArrayConverter.bytesToHexString(serializedPoint), ex); } }
protected void preparePremasterSecret(T msg) { msg.getComputations().setPremasterSecret(premasterSecret); LOGGER.debug("PremasterSecret: " + ArrayConverter.bytesToHexString(msg.getComputations().getPremasterSecret().getValue())); }
case ECDHE_RSA: case ECDH_ANON: return new ECDHClientKeyExchangeMessage(config); case DHE_DSS: case DHE_RSA:
protected void prepareClientServerRandom(T msg) { random = ArrayConverter.concatenate(chooser.getClientRandom(), chooser.getServerRandom()); msg.getComputations().setClientServerRandom(random); LOGGER.debug("ClientServerRandom: " + ArrayConverter.bytesToHexString(msg.getComputations().getClientServerRandom().getValue())); }
/** * Executes a valid workflow with valid points etc. and saves the values for * further validation purposes. */ private void executeValidWorkflowAndExtractCheckValues() { State state = new State(config); WorkflowExecutor workflowExecutor = WorkflowExecutorFactory.createWorkflowExecutor( config.getWorkflowExecutorType(), state); WorkflowTrace trace = state.getWorkflowTrace(); workflowExecutor.executeWorkflow(); ECDHClientKeyExchangeMessage message = (ECDHClientKeyExchangeMessage) WorkflowTraceUtil.getFirstSendMessage( HandshakeMessageType.CLIENT_KEY_EXCHANGE, trace); // TODO Those values can be retrieved from the context // get public point base X and Y coordinates BigInteger x = message.getComputations().getComputedPublicKeyX().getValue(); BigInteger y = message.getComputations().getComputedPublicKeyY().getValue(); checkPoint = new Point(x, y); checkPMS = message.getComputations().getPremasterSecret().getValue(); } }
private void prepareEcdhParams() { // Encode the public key in the computations List<ECPointFormat> pointFormatList = chooser.getServerSupportedPointFormats(); ECPointFormat[] formatArray = pointFormatList.toArray(new ECPointFormat[pointFormatList.size()]); NamedGroup usedGroup = chooser.getSelectedNamedGroup(); ECDomainParameters ecParams = getDomainParameters(chooser.getEcCurveType(), usedGroup); ECPoint publicKey = ecParams.getCurve().createPoint(msg.getComputations().getComputedPublicKeyX().getValue(), msg.getComputations().getComputedPublicKeyY().getValue()); try { serializedPoint = ECCUtilsBCWrapper.serializeECPoint(formatArray, publicKey); } catch (IOException ex) { throw new PreparationException("Could not serialize clientPublicKey", ex); } prepareEcPointFormat(msg); prepareEcPointEncoded(msg); prepareSerializedPublicKey(msg); prepareSerializedPublicKeyLength(msg); }