public static Vector getDefaultSupportedSignatureAlgorithms() { short[] hashAlgorithms = new short[]{ HashAlgorithm.sha1, HashAlgorithm.sha224, HashAlgorithm.sha256, HashAlgorithm.sha384, HashAlgorithm.sha512 }; short[] signatureAlgorithms = new short[]{ SignatureAlgorithm.rsa, SignatureAlgorithm.dsa, SignatureAlgorithm.ecdsa }; Vector result = new Vector(); for (int i = 0; i < signatureAlgorithms.length; ++i) { for (int j = 0; j < hashAlgorithms.length; ++j) { result.addElement(new SignatureAndHashAlgorithm(hashAlgorithms[j], signatureAlgorithms[i])); } } return result; }
public int hashCode() { return (getHash() << 16) | getSignature(); }
public static void encodeSupportedSignatureAlgorithms(Vector supportedSignatureAlgorithms, boolean allowAnonymous, OutputStream output) throws IOException { if (supportedSignatureAlgorithms == null || supportedSignatureAlgorithms.size() < 1 || supportedSignatureAlgorithms.size() >= (1 << 15)) { throw new IllegalArgumentException( "'supportedSignatureAlgorithms' must have length from 1 to (2^15 - 1)"); } // supported_signature_algorithms int length = 2 * supportedSignatureAlgorithms.size(); checkUint16(length); writeUint16(length, output); for (int i = 0; i < supportedSignatureAlgorithms.size(); ++i) { SignatureAndHashAlgorithm entry = (SignatureAndHashAlgorithm)supportedSignatureAlgorithms.elementAt(i); if (!allowAnonymous && entry.getSignature() == SignatureAlgorithm.anonymous) { /* * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used * in Section 7.4.3. It MUST NOT appear in this extension. */ throw new IllegalArgumentException( "SignatureAlgorithm.anonymous MUST NOT appear in the signature_algorithms extension"); } entry.encode(output); } }
public static Vector parseSupportedSignatureAlgorithms(boolean allowAnonymous, InputStream input) throws IOException { // supported_signature_algorithms int length = readUint16(input); if (length < 2 || (length & 1) != 0) { throw new TlsFatalAlert(AlertDescription.decode_error); } int count = length / 2; Vector supportedSignatureAlgorithms = new Vector(count); for (int i = 0; i < count; ++i) { SignatureAndHashAlgorithm entry = SignatureAndHashAlgorithm.parse(input); if (!allowAnonymous && entry.getSignature() == SignatureAlgorithm.anonymous) { /* * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used * in Section 7.4.3. It MUST NOT appear in this extension. */ throw new TlsFatalAlert(AlertDescription.illegal_parameter); } supportedSignatureAlgorithms.addElement(entry); } return supportedSignatureAlgorithms; }
static void trackHashAlgorithms(TlsHandshakeHash handshakeHash, Vector supportedSignatureAlgorithms) { if (supportedSignatureAlgorithms != null) { for (int i = 0; i < supportedSignatureAlgorithms.size(); ++i) { SignatureAndHashAlgorithm signatureAndHashAlgorithm = (SignatureAndHashAlgorithm) supportedSignatureAlgorithms.elementAt(i); short hashAlgorithm = signatureAndHashAlgorithm.getHash(); handshakeHash.trackHashAlgorithm(hashAlgorithm); } } }
@SuppressWarnings("unchecked") protected TlsSignerCredentials getRSASignerCredentials() throws IOException { /* * TODO Note that this code fails to provide default value for the client supported * algorithms if it wasn't sent. */ SignatureAndHashAlgorithm signatureAndHashAlgorithm = null; Vector<SignatureAndHashAlgorithm> sigAlgs = supportedSignatureAlgorithms; if (sigAlgs != null) { for (int i = 0; i < sigAlgs.size(); ++i) { SignatureAndHashAlgorithm sigAlg = sigAlgs.elementAt(i); if (sigAlg.getSignature() == SignatureAlgorithm.rsa) { signatureAndHashAlgorithm = sigAlg; break; } } if (signatureAndHashAlgorithm == null) { return null; } } return TlsUtils.loadSignerCredentials(context, certificateResources, keyResource, signatureAndHashAlgorithm); }
/** * Encode this {@link DigitallySigned} to an {@link OutputStream}. * * @param output * the {@link OutputStream} to encode to. * @throws IOException */ public void encode(OutputStream output) throws IOException { if (algorithm != null) { algorithm.encode(output); } TlsUtils.writeOpaque16(signature, output); }
/** * Parse a {@link DigitallySigned} from an {@link InputStream}. * * @param context * the {@link TlsContext} of the current connection. * @param input * the {@link InputStream} to parse from. * @return a {@link DigitallySigned} object. * @throws IOException */ public static DigitallySigned parse(TlsContext context, InputStream input) throws IOException { SignatureAndHashAlgorithm algorithm = null; if (TlsUtils.isTLSv12(context)) { algorithm = SignatureAndHashAlgorithm.parse(input); } byte[] signature = TlsUtils.readOpaque16(input); return new DigitallySigned(algorithm, signature); } }
public static Vector parseSupportedSignatureAlgorithms(boolean allowAnonymous, InputStream input) throws IOException { // supported_signature_algorithms int length = readUint16(input); if (length < 2 || (length & 1) != 0) { throw new TlsFatalAlert(AlertDescription.decode_error); } int count = length / 2; Vector supportedSignatureAlgorithms = new Vector(count); for (int i = 0; i < count; ++i) { SignatureAndHashAlgorithm entry = SignatureAndHashAlgorithm.parse(input); if (!allowAnonymous && entry.getSignature() == SignatureAlgorithm.anonymous) { /* * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used * in Section 7.4.3. It MUST NOT appear in this extension. */ throw new TlsFatalAlert(AlertDescription.illegal_parameter); } supportedSignatureAlgorithms.addElement(entry); } return supportedSignatureAlgorithms; }
public static Digest createHash(SignatureAndHashAlgorithm signatureAndHashAlgorithm) { return signatureAndHashAlgorithm == null ? new CombinedHash() : createHash(signatureAndHashAlgorithm.getHash()); }
@SuppressWarnings("unchecked") protected TlsSignerCredentials getRSASignerCredentials() throws IOException { /* * TODO Note that this code fails to provide default value for the client supported * algorithms if it wasn't sent. */ SignatureAndHashAlgorithm signatureAndHashAlgorithm = null; Vector<SignatureAndHashAlgorithm> sigAlgs = supportedSignatureAlgorithms; if (sigAlgs != null) { for (int i = 0; i < sigAlgs.size(); ++i) { SignatureAndHashAlgorithm sigAlg = sigAlgs.elementAt(i); if (sigAlg.getSignature() == SignatureAlgorithm.rsa) { signatureAndHashAlgorithm = sigAlg; break; } } if (signatureAndHashAlgorithm == null) { return null; } } return TlsUtils.loadSignerCredentials(context, certificateResources, keyResource, signatureAndHashAlgorithm); }
/** * Encode this {@link DigitallySigned} to an {@link OutputStream}. * * @param output * the {@link OutputStream} to encode to. * @throws IOException */ public void encode(OutputStream output) throws IOException { if (algorithm != null) { algorithm.encode(output); } TlsUtils.writeOpaque16(signature, output); }
/** * Parse a {@link DigitallySigned} from an {@link InputStream}. * * @param context * the {@link TlsContext} of the current connection. * @param input * the {@link InputStream} to parse from. * @return a {@link DigitallySigned} object. * @throws IOException */ public static DigitallySigned parse(TlsContext context, InputStream input) throws IOException { SignatureAndHashAlgorithm algorithm = null; if (TlsUtils.isTLSv12(context)) { algorithm = SignatureAndHashAlgorithm.parse(input); } byte[] signature = TlsUtils.readOpaque16(input); return new DigitallySigned(algorithm, signature); } }
public boolean equals(Object obj) { if (!(obj instanceof SignatureAndHashAlgorithm)) { return false; } SignatureAndHashAlgorithm other = (SignatureAndHashAlgorithm)obj; return other.getHash() == getHash() && other.getSignature() == getSignature(); }
public static Vector getDefaultSupportedSignatureAlgorithms() { short[] hashAlgorithms = new short[]{ HashAlgorithm.sha1, HashAlgorithm.sha224, HashAlgorithm.sha256, HashAlgorithm.sha384, HashAlgorithm.sha512 }; short[] signatureAlgorithms = new short[]{ SignatureAlgorithm.rsa, SignatureAlgorithm.dsa, SignatureAlgorithm.ecdsa }; Vector result = new Vector(); for (int i = 0; i < signatureAlgorithms.length; ++i) { for (int j = 0; j < hashAlgorithms.length; ++j) { result.addElement(new SignatureAndHashAlgorithm(hashAlgorithms[j], signatureAlgorithms[i])); } } return result; }
public static void encodeSupportedSignatureAlgorithms(Vector supportedSignatureAlgorithms, boolean allowAnonymous, OutputStream output) throws IOException { if (supportedSignatureAlgorithms == null || supportedSignatureAlgorithms.size() < 1 || supportedSignatureAlgorithms.size() >= (1 << 15)) { throw new IllegalArgumentException( "'supportedSignatureAlgorithms' must have length from 1 to (2^15 - 1)"); } // supported_signature_algorithms int length = 2 * supportedSignatureAlgorithms.size(); checkUint16(length); writeUint16(length, output); for (int i = 0; i < supportedSignatureAlgorithms.size(); ++i) { SignatureAndHashAlgorithm entry = (SignatureAndHashAlgorithm)supportedSignatureAlgorithms.elementAt(i); if (!allowAnonymous && entry.getSignature() == SignatureAlgorithm.anonymous) { /* * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used * in Section 7.4.3. It MUST NOT appear in this extension. */ throw new IllegalArgumentException( "SignatureAlgorithm.anonymous MUST NOT appear in the signature_algorithms extension"); } entry.encode(output); } }
public static Digest createHash(SignatureAndHashAlgorithm signatureAndHashAlgorithm) { return signatureAndHashAlgorithm == null ? new CombinedHash() : createHash(signatureAndHashAlgorithm.getHash()); }
protected TlsSignerCredentials getRSASignerCredentials() throws IOException { /* * TODO Note that this code fails to provide default value for the client supported algorithms if it wasn't * sent. */ SignatureAndHashAlgorithm signatureAndHashAlgorithm = null; Vector<?> sigAlgs = supportedSignatureAlgorithms; if (sigAlgs != null) { for (int i = 0; i < sigAlgs.size(); ++i) { SignatureAndHashAlgorithm sigAlg = (SignatureAndHashAlgorithm) sigAlgs.elementAt(i); if (sigAlg.getSignature() == SignatureAlgorithm.rsa) { signatureAndHashAlgorithm = sigAlg; break; } } if (signatureAndHashAlgorithm == null) { return null; } } return DtlsUtils.loadSignerCredentials(context, new String[] { cert.getAbsolutePath(), root.getAbsolutePath() }, key.getAbsolutePath(), signatureAndHashAlgorithm); } }
public boolean equals(Object obj) { if (!(obj instanceof SignatureAndHashAlgorithm)) { return false; } SignatureAndHashAlgorithm other = (SignatureAndHashAlgorithm)obj; return other.getHash() == getHash() && other.getSignature() == getSignature(); }
public static Vector getDefaultECDSASignatureAlgorithms() { return vectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa)); }