public byte[] getByteValue() { return ArrayConverter.intToBytes(value, 2); }
public byte[] getByteValue() { return ArrayConverter.intToBytes(value, 2); }
/** * Computes the HKDF-Label as defined in TLS 1.3 */ private static byte[] labelEncoder(byte[] hashValue, String labelIn, int outLen) { String label = "tls13 " + labelIn; int labelLength = label.getBytes().length; int hashValueLength = hashValue.length; byte[] result = ArrayConverter.concatenate(ArrayConverter.intToBytes(outLen, 2), ArrayConverter.intToBytes(labelLength, 1), label.getBytes(), ArrayConverter.intToBytes(hashValueLength, 1), hashValue); return result; }
/** * Adds a byte[] representation of an int to the final byte[]. If the * Integer is greater than the specified length only the lower length bytes * are serialized. * * @param i * The Integer that should be appended * @param length * The number of bytes which should be reserved for this Integer */ protected final void appendInt(int i, int length) { byte[] bytes = ArrayConverter.intToBytes(i, length); int reconvertedInt = ArrayConverter.bytesToInt(bytes); if (reconvertedInt != i) { LOGGER.warn("Int \"" + i + "\" is too long to write in field of size " + length + ". Only using last " + length + " bytes."); } appendBytes(ArrayConverter.intToBytes(i, length)); }
@Override protected byte[] manipulatePremasterSecret(byte[] premasterSecret) { outputStream = new ByteArrayOutputStream(); try { outputStream.write(ArrayConverter.intToBytes(HandshakeByteLength.PREMASTER_SECRET, HandshakeByteLength.ENCRYPTED_PREMASTER_SECRET_LENGTH)); outputStream.write(premasterSecret); outputStream.write(ArrayConverter.intToBytes(chooser.getConfig().getDefaultPSKKey().length, HandshakeByteLength.PSK_LENGTH)); outputStream.write(chooser.getConfig().getDefaultPSKKey()); } catch (IOException ex) { LOGGER.warn("Encountered exception while writing to ByteArrayOutputStream."); LOGGER.debug(ex); } byte[] tempPremasterSecret = outputStream.toByteArray(); return tempPremasterSecret; } }
@Override protected byte[] computePremasterSecret(ECPublicKeyParameters publicKey, ECPrivateKeyParameters privateKey) { byte[] premasterSecret = super.computePremasterSecret(publicKey, privateKey); outputStream = new ByteArrayOutputStream(); try { outputStream.write(ArrayConverter.intToBytes(premasterSecret.length, HandshakeByteLength.PSK_LENGTH)); LOGGER.debug("PremasterSecret: dhValue Length: " + premasterSecret.length); outputStream.write(premasterSecret); LOGGER.debug("PremasterSecret: dhValue" + Arrays.toString(premasterSecret)); outputStream.write(ArrayConverter.intToBytes(chooser.getConfig().getDefaultPSKKey().length, HandshakeByteLength.PSK_LENGTH)); outputStream.write(chooser.getConfig().getDefaultPSKKey()); } catch (IOException ex) { LOGGER.warn("Encountered exception while writing to ByteArrayOutputStream."); LOGGER.debug(ex); } byte[] tempPremasterSecret = outputStream.toByteArray(); LOGGER.debug("PSK PremasterSecret: " + Arrays.toString(tempPremasterSecret)); return tempPremasterSecret; } }
public byte[] generatePremasterSecret() { outputStream = new ByteArrayOutputStream(); try { outputStream.write(ArrayConverter.intToBytes(chooser.getConfig().getDefaultPSKKey().length, HandshakeByteLength.PSK_LENGTH)); outputStream.write(ArrayConverter.intToBytes(HandshakeByteLength.PSK_ZERO, chooser.getConfig() .getDefaultPSKKey().length)); outputStream.write(ArrayConverter.intToBytes(chooser.getConfig().getDefaultPSKKey().length, HandshakeByteLength.PSK_LENGTH)); outputStream.write(chooser.getConfig().getDefaultPSKKey()); } catch (IOException ex) { LOGGER.warn("Encountered exception while writing to ByteArrayOutputStream."); LOGGER.debug(ex); } byte[] tempPremasterSecret = outputStream.toByteArray(); return tempPremasterSecret; }
private Certificate parseCertificate(int lengthBytes, byte[] bytesToParse) { try { ByteArrayInputStream stream = new ByteArrayInputStream(ArrayConverter.concatenate( ArrayConverter.intToBytes(lengthBytes, HandshakeByteLength.CERTIFICATES_LENGTH), bytesToParse)); return Certificate.parse(stream); } catch (Exception E) { // This could really be anything. From classCast exception to // Arrayindexoutofbounds LOGGER.warn( "Could not parse Certificate bytes into Certificate object:" + ArrayConverter.bytesToHexString(bytesToParse, false), E); LOGGER.debug(E); return null; } }
private Certificate parseCertificate(int lengthBytes, byte[] bytesToParse) { LOGGER.debug("SSL2 lengthBytes:" + lengthBytes); LOGGER.debug("SSL2 bytesToParse:" + ArrayConverter.bytesToHexString(bytesToParse, false)); try { byte[] concatenated = ArrayConverter.concatenate(ArrayConverter.intToBytes(lengthBytes + HandshakeByteLength.CERTIFICATES_LENGTH, HandshakeByteLength.CERTIFICATES_LENGTH), ArrayConverter .intToBytes(lengthBytes, HandshakeByteLength.CERTIFICATES_LENGTH), bytesToParse); LOGGER.debug("SSL2 concatenated:" + ArrayConverter.bytesToHexString(concatenated, false)); ByteArrayInputStream stream = new ByteArrayInputStream(concatenated); return Certificate.parse(stream); } catch (IOException | IllegalArgumentException E) { LOGGER.warn("Could not parse Certificate bytes into Certificate object:\n" + ArrayConverter.bytesToHexString(bytesToParse, false)); LOGGER.debug(E); return null; } }
@Override protected byte[] calculatePremasterSecret(BigInteger modulus, BigInteger privateKey, BigInteger publicKey) { byte[] otherSecret = super.calculatePremasterSecret(modulus, privateKey, publicKey); outputStream = new ByteArrayOutputStream(); try { outputStream.write(ArrayConverter.intToBytes(otherSecret.length, HandshakeByteLength.PSK_LENGTH)); LOGGER.debug("OtherSecret Length: " + otherSecret.length); outputStream.write(otherSecret); LOGGER.debug("OtherSecret: " + ArrayConverter.bytesToHexString(otherSecret)); outputStream.write(ArrayConverter.intToBytes(chooser.getConfig().getDefaultPSKKey().length, HandshakeByteLength.PSK_LENGTH)); outputStream.write(chooser.getConfig().getDefaultPSKKey()); } catch (IOException ex) { LOGGER.warn("Encountered exception while writing to ByteArrayOutputStream."); LOGGER.debug(ex); } byte[] tempPremasterSecret = outputStream.toByteArray(); LOGGER.debug("PSK PremasterSecret: " + ArrayConverter.bytesToHexString(tempPremasterSecret)); return tempPremasterSecret; } }
private void writeTicketLength(NewSessionTicketMessage msg) { appendBytes(ArrayConverter.intToBytes(msg.getTicketLength().getValue(), HandshakeByteLength.NEWSESSIONTICKET_TICKET_LENGTH)); LOGGER.debug("TicketLength: " + ArrayConverter.bytesToHexString(ArrayConverter.intToBytes(msg.getTicketLength().getValue(), HandshakeByteLength.NEWSESSIONTICKET_TICKET_LENGTH))); }
private void writeTicketNonceLength(NewSessionTicketMessage msg) { appendBytes(ArrayConverter.intToBytes(msg.getTicket().getTicketNonceLength().getValue(), HandshakeByteLength.TICKET_NONCE_LENGTH)); LOGGER.debug("TicketNonceLength: " + msg.getTicket().getTicketNonceLength().getValue()); }
private void writeTicketIdentityLength(NewSessionTicketMessage msg) { appendBytes(ArrayConverter.intToBytes(msg.getTicket().getIdentityLength().getValue(), ExtensionByteLength.PSK_IDENTITY_LENGTH)); LOGGER.debug("TicketIdentityLength: " + msg.getTicket().getIdentityLength().getValue()); }
private byte[] generateToBeSigned() { byte[] srpParams = ArrayConverter.concatenate(ArrayConverter.intToBytes(msg.getModulusLength().getValue(), HandshakeByteLength.SRP_MODULUS_LENGTH), msg.getModulus().getValue(), ArrayConverter.intToBytes(msg .getGeneratorLength().getValue(), HandshakeByteLength.SRP_GENERATOR_LENGTH), msg.getGenerator() .getValue(), ArrayConverter.intToBytes(msg.getSaltLength().getValue(), HandshakeByteLength.SRP_SALT_LENGTH), msg.getSalt().getValue(), ArrayConverter.intToBytes(msg .getPublicKeyLength().getValue(), HandshakeByteLength.SRP_PUBLICKEY_LENGTH), msg.getPublicKey() .getValue()); return ArrayConverter.concatenate(msg.getComputations().getClientServerRandom().getValue(), srpParams); }
@Override public byte[] serializeExtensionContent() { appendBytes(intToBytes(message.getCertificateStatusRequestType().getValue(), ExtensionByteLength.CERTIFICATE_STATUS_REQUEST_STATUS_TYPE)); appendBytes(intToBytes(message.getResponderIDListLength().getValue(), ExtensionByteLength.CERTIFICATE_STATUS_REQUEST_RESPONDER_ID_LIST_LENGTH)); appendBytes(message.getResponderIDList().getValue()); appendBytes(intToBytes(message.getRequestExtensionLength().getValue(), ExtensionByteLength.CERTIFICATE_STATUS_REQUEST_REQUEST_EXTENSION_LENGTH)); appendBytes(message.getRequestExtension().getValue()); return getAlreadySerialized(); }
protected byte[] generateToBeSigned() { byte[] dhParams = ArrayConverter .concatenate(ArrayConverter.intToBytes(msg.getModulusLength().getValue(), HandshakeByteLength.DH_MODULUS_LENGTH), msg.getModulus().getValue(), ArrayConverter.intToBytes( msg.getGeneratorLength().getValue(), HandshakeByteLength.DH_GENERATOR_LENGTH), msg .getGenerator().getValue(), ArrayConverter.intToBytes(msg.getPublicKeyLength().getValue(), HandshakeByteLength.DH_PUBLICKEY_LENGTH), msg.getPublicKey().getValue()); return ArrayConverter.concatenate(msg.getComputations().getClientServerRandom().getValue(), dhParams); }
try { for (CertificatePair pair : message.getCertificatesList()) { stream.write(ArrayConverter.intToBytes(pair.getCertificateLength().getValue(), HandshakeByteLength.CERTIFICATE_LENGTH)); stream.write(pair.getCertificate().getValue());
ArrayConverter.intToBytes(encryptedState.length, HandshakeByteLength.ENCRYPTED_STATE_LENGTH), encryptedState); byte[] hmac;
protected void adjustECParameter(ECDHEServerKeyExchangeMessage message) { tlsContext.setSelectedGroup(NamedGroup.getNamedGroup(message.getNamedGroup().getValue())); // TODO avoid BC tool byte[] ecParams = ArrayConverter.concatenate(new byte[] { message.getGroupType().getValue() }, message .getNamedGroup().getValue(), ArrayConverter.intToBytes(message.getPublicKeyLength().getValue(), 1), message.getPublicKey().getValue()); InputStream is = new ByteArrayInputStream(ecParams); ECPublicKeyParameters publicKeyParameters = null; try { publicKeyParameters = ECCUtilsBCWrapper.readECParametersWithPublicKey(is); } catch (TlsFatalAlert alert) { throw new AdjustmentException("Problematic EC parameters, we dont support these yet", alert); } catch (IOException ex) { throw new AdjustmentException("EC public key parsing failed", ex); } CustomECPoint publicKey = new CustomECPoint(publicKeyParameters.getQ().getRawXCoord().toBigInteger(), publicKeyParameters.getQ().getRawYCoord().toBigInteger()); tlsContext.setServerEcPublicKey(publicKey); } }
private byte[] computeControlValue(WorkflowTrace trace, TlsContext tlsContext) throws CryptoException { tlsContext.getDigest().reset(); for (MessageAction messageAction : trace.getMessageActions()) { for (ProtocolMessage message : messageAction.getMessages()) { if (message instanceof ChangeCipherSpecMessage) { break; } if (message.isHandshakeMessage()) { HandshakeMessage handshakeMessage = (HandshakeMessage) message; if (handshakeMessage.getIncludeInDigest()) { tlsContext.getDigest().append(message.getCompleteResultingMessage().getValue()); } } } } byte[] handshakeMessageHash = tlsContext.getDigest().digest(tlsContext.getSelectedProtocolVersion(), tlsContext.getSelectedCipherSuite()); PRFAlgorithm prfAlgorithm = tlsContext.getChooser().getPRFAlgorithm(); byte[] control = PseudoRandomFunction.compute(prfAlgorithm, tlsContext.getMasterSecret(), PseudoRandomFunction.CLIENT_FINISHED_LABEL, handshakeMessageHash, HandshakeByteLength.VERIFY_DATA); byte[] compare = ArrayConverter.concatenate(HandshakeMessageType.FINISHED.getArrayValue(), ArrayConverter.intToBytes(control.length, HandshakeByteLength.MESSAGE_LENGTH_FIELD), control); return compare; } }