sun.security.internal.spec.TlsMasterSecretParameterSpec Java Examples
The following examples show how to use
sun.security.internal.spec.TlsMasterSecretParameterSpec.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: P11TlsMasterSecretGenerator.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) || (version > 0x0302)) {
throw new InvalidAlgorithmParameterException
("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #2
| Source File: TlsMasterSecretGenerator.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #3
| Source File: P11TlsMasterSecretGenerator.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) || (version > 0x0302)) {
throw new InvalidAlgorithmParameterException
("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #4
| Source File: TlsMasterSecretGenerator.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #5
| Source File: P11TlsMasterSecretGenerator.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) || (version > 0x0302)) {
throw new InvalidAlgorithmParameterException
("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #6
| Source File: TlsMasterSecretGenerator.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #7
| Source File: P11TlsMasterSecretGenerator.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) && (version > 0x0303)) {
throw new InvalidAlgorithmParameterException("Only SSL 3.0," +
" TLS 1.0, TLS 1.1, and TLS 1.2 are supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #8
| Source File: TlsMasterSecretGenerator.java From openjdk-8 with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #9
| Source File: P11TlsMasterSecretGenerator.java From openjdk-8 with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) || (version > 0x0302)) {
throw new InvalidAlgorithmParameterException
("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #10
| Source File: TlsMasterSecretGenerator.java From openjdk-8-source with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #11
| Source File: P11TlsMasterSecretGenerator.java From openjdk-8-source with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) || (version > 0x0302)) {
throw new InvalidAlgorithmParameterException
("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #12
| Source File: TlsMasterSecretGenerator.java From hottub with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #13
| Source File: P11TlsMasterSecretGenerator.java From hottub with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) || (version > 0x0302)) {
throw new InvalidAlgorithmParameterException
("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #14
| Source File: TlsMasterSecretGenerator.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #15
| Source File: P11TlsMasterSecretGenerator.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) && (version > 0x0303)) {
throw new InvalidAlgorithmParameterException("Only SSL 3.0," +
" TLS 1.0, TLS 1.1, and TLS 1.2 are supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #16
| Source File: TlsMasterSecretGenerator.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
@SuppressWarnings("deprecation")
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #17
| Source File: TlsMasterSecretGenerator.java From Bytecoder with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("deprecation")
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #18
| Source File: TlsMasterSecretGenerator.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #19
| Source File: P11TlsMasterSecretGenerator.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) || (version > 0x0302)) {
throw new InvalidAlgorithmParameterException
("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #20
| Source File: TlsMasterSecretGenerator.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #21
| Source File: P11TlsMasterSecretGenerator.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) && (version > 0x0303)) {
throw new InvalidAlgorithmParameterException("Only SSL 3.0," +
" TLS 1.0, TLS 1.1, and TLS 1.2 are supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #22
| Source File: TlsMasterSecretGenerator.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #23
| Source File: P11TlsMasterSecretGenerator.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) || (version > 0x0302)) {
throw new InvalidAlgorithmParameterException
("Only SSL 3.0, TLS 1.0, and TLS 1.1 supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #24
| Source File: TlsMasterSecretGenerator.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #25
| Source File: P11TlsMasterSecretGenerator.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version < 0x0300) && (version > 0x0303)) {
throw new InvalidAlgorithmParameterException("Only SSL 3.0," +
" TLS 1.0, TLS 1.1, and TLS 1.2 are supported");
}
// We assume the token supports the required mechanism. If it does not,
// generateKey() will fail and the failover should take care of us.
}
Example #26
| Source File: TlsMasterSecretGenerator.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsMasterSecretParameterSpec)params;
if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) {
throw new InvalidAlgorithmParameterException(
"Key format must be RAW");
}
protocolVersion = (spec.getMajorVersion() << 8)
| spec.getMinorVersion();
if ((protocolVersion < 0x0300) || (protocolVersion > 0x0303)) {
throw new InvalidAlgorithmParameterException(
"Only SSL 3.0, TLS 1.0/1.1/1.2 supported");
}
}
Example #27
| Source File: TestMasterSecret.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
@Override
public void main(Provider provider) throws Exception {
if (provider.getService("KeyGenerator", "SunTlsMasterSecret") == null) {
System.out.println("Not supported by provider, skipping");
return;
}
try (BufferedReader reader = Files.newBufferedReader(
Paths.get(BASE, "masterdata.txt"))) {
int n = 0;
int lineNumber = 0;
String algorithm = null;
byte[] premaster = null;
byte[] clientRandom = null;
byte[] serverRandom = null;
int protoMajor = 0;
int protoMinor = 0;
int preMajor = 0;
int preMinor = 0;
byte[] master = null;
while (true) {
String line = reader.readLine();
lineNumber++;
if (line == null) {
break;
}
if (line.startsWith("m-") == false) {
continue;
}
String data = line.substring(PREFIX_LENGTH);
if (line.startsWith("m-algorithm:")) {
algorithm = data;
} else if (line.startsWith("m-premaster:")) {
premaster = parse(data);
} else if (line.startsWith("m-crandom:")) {
clientRandom = parse(data);
} else if (line.startsWith("m-srandom:")) {
serverRandom = parse(data);
} else if (line.startsWith("m-protomajor:")) {
protoMajor = Integer.parseInt(data);
} else if (line.startsWith("m-protominor:")) {
protoMinor = Integer.parseInt(data);
} else if (line.startsWith("m-premajor:")) {
preMajor = Integer.parseInt(data);
} else if (line.startsWith("m-preminor:")) {
preMinor = Integer.parseInt(data);
} else if (line.startsWith("m-master:")) {
master = parse(data);
System.out.print(".");
n++;
KeyGenerator kg =
KeyGenerator.getInstance("SunTlsMasterSecret", provider);
SecretKey premasterKey =
new SecretKeySpec(premaster, algorithm);
TlsMasterSecretParameterSpec spec =
new TlsMasterSecretParameterSpec(premasterKey,
protoMajor, protoMinor, clientRandom, serverRandom,
null, -1, -1);
try {
kg.init(spec);
TlsMasterSecret key = (TlsMasterSecret)kg.generateKey();
byte[] enc = key.getEncoded();
if (Arrays.equals(master, enc) == false) {
throw new Exception("mismatch line: " + lineNumber);
}
if ((preMajor != key.getMajorVersion()) ||
(preMinor != key.getMinorVersion())) {
throw new Exception("version mismatch line: " + lineNumber);
}
} catch (InvalidAlgorithmParameterException iape) {
// SSLv3 support is removed in S12
if (preMajor == 3 && preMinor == 0) {
System.out.println("Skip testing SSLv3");
continue;
}
}
} else {
throw new Exception("Unknown line: " + line);
}
}
if (n == 0) {
throw new Exception("no tests");
}
System.out.println();
System.out.println("OK: " + n + " tests");
}
}
Example #28
| Source File: P11TlsMasterSecretGenerator.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
@SuppressWarnings("deprecation")
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof TlsMasterSecretParameterSpec == false) {
throw new InvalidAlgorithmParameterException(MSG);
}
TlsMasterSecretParameterSpec spec = (TlsMasterSecretParameterSpec)params;
int version = (spec.getMajorVersion() << 8) | spec.getMinorVersion();
if ((version == 0x0300 && !supportSSLv3) || (version < 0x0300) ||
(version > 0x0302)) {
throw new InvalidAlgorithmParameterException
("Only" + (supportSSLv3? " SSL 3.0,": "") +
" TLS 1.0, and TLS 1.1 are supported (0x" +
Integer.toHexString(version) + ")");
}
SecretKey key = spec.getPremasterSecret();
// algorithm should be either TlsRsaPremasterSecret or TlsPremasterSecret,
// but we omit the check
try {
p11Key = P11SecretKeyFactory.convertKey(token, key, null);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("init() failed", e);
}
this.spec = spec;
if (p11Key.getAlgorithm().equals("TlsRsaPremasterSecret")) {
mechanism = (version == 0x0300) ? CKM_SSL3_MASTER_KEY_DERIVE
: CKM_TLS_MASTER_KEY_DERIVE;
ckVersion = new CK_VERSION(0, 0);
} else {
// Note: we use DH for all non-RSA premaster secrets. That includes
// Kerberos. That should not be a problem because master secret
// calculation is always a straightforward application of the
// TLS PRF (or the SSL equivalent).
// The only thing special about RSA master secret calculation is
// that it extracts the version numbers from the premaster secret.
mechanism = (version == 0x0300) ? CKM_SSL3_MASTER_KEY_DERIVE_DH
: CKM_TLS_MASTER_KEY_DERIVE_DH;
ckVersion = null;
}
}
