@Override protected GOSTClientKeyExchangeMessage createHandshakeMessage() { return new GOSTClientKeyExchangeMessage(); }
private byte[] getProxyKeyBlobs() { if (msg.getComputations().getProxyKeyBlobs() != null) { return msg.getComputations().getProxyKeyBlobs().getValue(); } else { return null; } }
@Override protected void parseHandshakeMessageContent(GOSTClientKeyExchangeMessage msg) { LOGGER.debug("Parsing GOSTClientKeyExchangeMessage"); msg.setKeyTransportBlob(parseByteArrayField(msg.getLength().getValue())); }
LOGGER.debug("Preparing GOST EC VKO. Client mode: " + clientMode); msg.prepareComputations(); prepareClientServerRandom(); prepareUkm(); if (chooser.getContext().getClientCertificate() != null && areParamSpecsEqual()) { LOGGER.debug("Using private key belonging to the used client certificate."); msg.getComputations().setPrivateKey(chooser.getClientEcPrivateKey()); } else { prepareEphemeralKey(); prepareKek(msg.getComputations().getPrivateKey().getValue(), generatePublicKey(chooser.getServerEcPublicKey())); prepareEncryptionParams(); prepareKeyBlob(); } else { TLSGostKeyTransportBlob transportBlob = TLSGostKeyTransportBlob.getInstance(msg.getKeyTransportBlob() .getValue()); LOGGER.debug("Received GOST key blob: " + ASN1Dump.dumpAsString(transportBlob, true)); .equals(keyBlob.getTransportParameters().getUkm(), msg.getComputations().getUkm().getValue())) { LOGGER.warn("Client UKM != Server UKM"); msg.getComputations().setPremasterSecret(pms);
private void prepareKeyBlob() throws IOException { SubjectPublicKeyInfo ephemeralKey = null; CustomECPoint ecPoint = msg.getComputations().getClientPublicKey(); if (ecPoint != null) { ephemeralKey = SubjectPublicKeyInfo.getInstance(generatePublicKey(ecPoint).getEncoded()); } Gost2814789EncryptedKey encryptedKey = new Gost2814789EncryptedKey(msg.getComputations().getEncryptedKey() .getValue(), getMaskKey(), msg.getComputations().getMacKey().getValue()); ASN1ObjectIdentifier paramSet = new ASN1ObjectIdentifier(msg.getComputations().getEncryptionParamSet() .getValue()); GostR3410TransportParameters params = new GostR3410TransportParameters(paramSet, ephemeralKey, msg .getComputations().getUkm().getValue()); GostR3410KeyTransport transport = new GostR3410KeyTransport(encryptedKey, params); DERSequence proxyKeyBlobs = (DERSequence) DERSequence.getInstance(getProxyKeyBlobs()); TLSGostKeyTransportBlob blob = new TLSGostKeyTransportBlob(transport, proxyKeyBlobs); msg.setKeyTransportBlob(blob.getEncoded()); LOGGER.debug("GOST key blob: " + ASN1Dump.dumpAsString(blob, true)); }
@Override public byte[] serializeHandshakeMessageContent() { LOGGER.debug("Serializing GOSTClientKeyExchangeMessage"); appendBytes(message.getKeyTransportBlob().getValue()); return getAlreadySerialized(); }
private byte[] getMaskKey() { if (msg.getComputations().getMaskKey() != null) { return msg.getComputations().getMaskKey().getValue(); } else { return null; } }
case VKO_GOST01: case VKO_GOST12: return new GOSTClientKeyExchangeMessage(config); default: LOGGER.warn("Unsupported key exchange algorithm: " + algorithm
private void prepareCek() { ASN1ObjectIdentifier param = new ASN1ObjectIdentifier(msg.getComputations().getEncryptionParamSet().getValue()); String sBoxName = oidMappings.get(param); byte[] wrapped = wrap(true, msg.getComputations().getPremasterSecret().getValue(), sBoxName); byte[] cek = new byte[32]; System.arraycopy(wrapped, 0, cek, 0, cek.length); msg.getComputations().setEncryptedKey(cek); byte[] mac = new byte[wrapped.length - cek.length]; System.arraycopy(wrapped, cek.length, mac, 0, mac.length); msg.getComputations().setMacKey(mac); }
private void prepareUkm() throws NoSuchAlgorithmException { DigestAlgorithm digestAlgorithm = AlgorithmResolver.getDigestAlgorithm(chooser.getSelectedProtocolVersion(), chooser.getSelectedCipherSuite()); MessageDigest digest = MessageDigest.getInstance(digestAlgorithm.getJavaName()); byte[] hash = digest.digest(msg.getComputations().getClientServerRandom().getValue()); byte[] ukm = new byte[8]; System.arraycopy(hash, 0, ukm, 0, ukm.length); msg.getComputations().setUkm(ukm); LOGGER.debug("UKM: " + ArrayConverter.bytesToHexString(msg.getComputations().getUkm())); }
private void prepareEncryptionParams() { msg.getComputations().setEncryptionParamSet(getEncryptionParameters()); }
private void preparePms() { byte[] pms = chooser.getContext().getPreMasterSecret(); if (pms != null) { LOGGER.debug("Using preset PreMasterSecret from context."); } else { LOGGER.debug("Generating random PreMasterSecret."); pms = new byte[32]; chooser.getContext().getRandom().nextBytes(pms); } msg.getComputations().setPremasterSecret(pms); }
private void prepareClientServerRandom() { byte[] random = ArrayConverter.concatenate(chooser.getClientRandom(), chooser.getServerRandom()); msg.getComputations().setClientServerRandom(random); LOGGER.debug("ClientServerRandom: " + ArrayConverter.bytesToHexString(msg.getComputations().getClientServerRandom().getValue())); }
private void prepareEphemeralKey() throws GeneralSecurityException { if (areParamSpecsEqual()) { LOGGER.debug("Using key from context."); msg.getComputations().setPrivateKey(chooser.getClientEcPrivateKey()); msg.getComputations().setClientPublicKey(chooser.getClientEcPublicKey()); } else { KeyPairGenerator keyGenerator = KeyPairGenerator.getInstance(getKeyPairGeneratorAlgorithm()); ECNamedCurveSpec params = GOSTUtils.getEcParameterSpec(getServerCurve()); LOGGER.debug("Generating key using curve " + params.getName()); keyGenerator.initialize(params, chooser.getContext().getBadSecureRandom()); KeyPair pair = keyGenerator.generateKeyPair(); msg.getComputations().setPrivateKey(((ECPrivateKey) pair.getPrivate()).getS()); msg.getComputations().setClientPublicKey(toCustomECPoint(((ECPublicKey) pair.getPublic()))); } }
private void prepareKek(BigInteger priv, PublicKey pub) throws GeneralSecurityException { KeyAgreement keyAgreement = KeyAgreement.getInstance(getKeyAgreementAlgorithm()); PrivateKey privateKey = generatePrivateKey(priv); keyAgreement.init(privateKey, new UserKeyingMaterialSpec(msg.getComputations().getUkm().getValue())); keyAgreement.doPhase(pub, true); byte[] kek = keyAgreement.generateSecret(); msg.getComputations().setKeyEncryptionKey(kek); LOGGER.debug("KEK: " + ArrayConverter.bytesToHexString(msg.getComputations().getKeyEncryptionKey())); }
private byte[] wrap(boolean wrap, byte[] bytes, String sBoxName) { byte[] sBox = GOST28147Engine.getSBox(sBoxName); KeyParameter keySpec = new KeyParameter(msg.getComputations().getKeyEncryptionKey().getValue()); ParametersWithSBox withSBox = new ParametersWithSBox(keySpec, sBox); ParametersWithUKM withIV = new ParametersWithUKM(withSBox, msg.getComputations().getUkm().getValue()); GOST28147WrapEngine cipher = new GOST28147WrapEngine(); cipher.init(wrap, withIV); byte[] result; if (wrap) { LOGGER.debug("Wrapping GOST pms: " + ArrayConverter.bytesToHexString(bytes)); result = cipher.wrap(bytes, 0, bytes.length); } else { LOGGER.debug("Unwrapping GOST pms: " + ArrayConverter.bytesToHexString(bytes)); result = cipher.unwrap(bytes, 0, bytes.length); } LOGGER.debug("Wrap result: " + ArrayConverter.bytesToHexString(result)); return result; }