1 /* 2 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.internal.spec; 27 28 import java.security.spec.AlgorithmParameterSpec; 29 30 import javax.crypto.SecretKey; 31 32 /** 33 * Parameters for SSL/TLS key material generation. 34 * This class is used to initialize KeyGenerator of the type 35 * "TlsKeyMaterial". The keys returned by such KeyGenerators will be 36 * instances of {@link TlsKeyMaterialSpec}. 37 * 38 * <p>Instances of this class are immutable. 39 * 40 * @since 1.6 41 * @author Andreas Sterbenz 42 * @deprecated Sun JDK internal use only --- WILL BE REMOVED in a future 43 * release. 44 */ 45 @Deprecated 46 public class TlsKeyMaterialParameterSpec implements AlgorithmParameterSpec { 47 48 private final SecretKey masterSecret; 49 private final int majorVersion, minorVersion; 50 private final byte[] clientRandom, serverRandom; 51 private final String cipherAlgorithm; 52 private final int cipherKeyLength, ivLength, macKeyLength; 53 private final int expandedCipherKeyLength; // == 0 for domestic ciphersuites 54 private final String prfHashAlg; 55 private final int prfHashLength; 56 private final int prfBlockSize; 57 58 /** 59 * Constructs a new TlsKeyMaterialParameterSpec. 60 * 61 * @param masterSecret the master secret 62 * @param majorVersion the major number of the protocol version 63 * @param minorVersion the minor number of the protocol version 64 * @param clientRandom the client's random value 65 * @param serverRandom the server's random value 66 * @param cipherAlgorithm the algorithm name of the cipher keys to 67 * be generated 68 * @param cipherKeyLength if 0, no cipher keys will be generated; 69 * otherwise, the length in bytes of cipher keys to be 70 * generated for domestic cipher suites; for cipher suites defined as 71 * exportable, the number of key material bytes to be generated; 72 * @param expandedCipherKeyLength 0 for domestic cipher suites; for 73 * exportable cipher suites the length in bytes of the key to be 74 * generated. 75 * @param ivLength the length in bytes of the initialization vector 76 * to be generated, or 0 if no initialization vector is required 77 * @param macKeyLength the length in bytes of the MAC key to be generated 78 * @param prfHashAlg the name of the TLS PRF hash algorithm to use. 79 * Used only for TLS 1.2+. TLS1.1 and earlier use a fixed PRF. 80 * @param prfHashLength the output length of the TLS PRF hash algorithm. 81 * Used only for TLS 1.2+. 82 * @param prfBlockSize the input block size of the TLS PRF hash algorithm. 83 * Used only for TLS 1.2+. 84 * 85 * @throws NullPointerException if masterSecret, clientRandom, 86 * serverRandom, or cipherAlgorithm are null 87 * @throws IllegalArgumentException if the algorithm of masterSecret is 88 * not TlsMasterSecret, or if majorVersion or minorVersion are 89 * negative or larger than 255; or if cipherKeyLength, expandedKeyLength, 90 * ivLength, or macKeyLength are negative 91 */ TlsKeyMaterialParameterSpec(SecretKey masterSecret, int majorVersion, int minorVersion, byte[] clientRandom, byte[] serverRandom, String cipherAlgorithm, int cipherKeyLength, int expandedCipherKeyLength, int ivLength, int macKeyLength, String prfHashAlg, int prfHashLength, int prfBlockSize)92 public TlsKeyMaterialParameterSpec(SecretKey masterSecret, 93 int majorVersion, int minorVersion, byte[] clientRandom, 94 byte[] serverRandom, String cipherAlgorithm, int cipherKeyLength, 95 int expandedCipherKeyLength, int ivLength, int macKeyLength, 96 String prfHashAlg, int prfHashLength, int prfBlockSize) { 97 if (masterSecret.getAlgorithm().equals("TlsMasterSecret") == false) { 98 throw new IllegalArgumentException("Not a TLS master secret"); 99 } 100 if (cipherAlgorithm == null) { 101 throw new NullPointerException(); 102 } 103 this.masterSecret = masterSecret; 104 this.majorVersion = 105 TlsMasterSecretParameterSpec.checkVersion(majorVersion); 106 this.minorVersion = 107 TlsMasterSecretParameterSpec.checkVersion(minorVersion); 108 this.clientRandom = clientRandom.clone(); 109 this.serverRandom = serverRandom.clone(); 110 this.cipherAlgorithm = cipherAlgorithm; 111 this.cipherKeyLength = checkSign(cipherKeyLength); 112 this.expandedCipherKeyLength = checkSign(expandedCipherKeyLength); 113 this.ivLength = checkSign(ivLength); 114 this.macKeyLength = checkSign(macKeyLength); 115 this.prfHashAlg = prfHashAlg; 116 this.prfHashLength = prfHashLength; 117 this.prfBlockSize = prfBlockSize; 118 } 119 checkSign(int k)120 private static int checkSign(int k) { 121 if (k < 0) { 122 throw new IllegalArgumentException("Value must not be negative"); 123 } 124 return k; 125 } 126 127 /** 128 * Returns the master secret. 129 * 130 * @return the master secret. 131 */ getMasterSecret()132 public SecretKey getMasterSecret() { 133 return masterSecret; 134 } 135 136 /** 137 * Returns the major version number. 138 * 139 * @return the major version number. 140 */ getMajorVersion()141 public int getMajorVersion() { 142 return majorVersion; 143 } 144 145 /** 146 * Returns the minor version number. 147 * 148 * @return the minor version number. 149 */ getMinorVersion()150 public int getMinorVersion() { 151 return minorVersion; 152 } 153 154 /** 155 * Returns a copy of the client's random value. 156 * 157 * @return a copy of the client's random value. 158 */ getClientRandom()159 public byte[] getClientRandom() { 160 return clientRandom.clone(); 161 } 162 163 /** 164 * Returns a copy of the server's random value. 165 * 166 * @return a copy of the server's random value. 167 */ getServerRandom()168 public byte[] getServerRandom() { 169 return serverRandom.clone(); 170 } 171 172 /** 173 * Returns the cipher algorithm. 174 * 175 * @return the cipher algorithm. 176 */ getCipherAlgorithm()177 public String getCipherAlgorithm() { 178 return cipherAlgorithm; 179 } 180 181 /** 182 * Returns the length in bytes of the encryption key to be generated. 183 * 184 * @return the length in bytes of the encryption key to be generated. 185 */ getCipherKeyLength()186 public int getCipherKeyLength() { 187 return cipherKeyLength; 188 } 189 190 /** 191 * Returns the length in bytes of the expanded encryption key to be 192 * generated. Returns zero if the expanded encryption key is not 193 * supposed to be generated. 194 * 195 * @return the length in bytes of the expanded encryption key to be 196 * generated. 197 */ getExpandedCipherKeyLength()198 public int getExpandedCipherKeyLength() { 199 // TLS v1.1 disables the exportable weak cipher suites. 200 if (majorVersion >= 0x03 && minorVersion >= 0x02) { 201 return 0; 202 } 203 return expandedCipherKeyLength; 204 } 205 206 /** 207 * Returns the length in bytes of the initialization vector to be 208 * generated. Returns zero if the initialization vector is not 209 * supposed to be generated. 210 * 211 * @return the length in bytes of the initialization vector to be 212 * generated. 213 */ getIvLength()214 public int getIvLength() { 215 // TLS v1.1 or later uses an explicit IV to protect against 216 // the CBC attacks. 217 if (majorVersion >= 0x03 && minorVersion >= 0x02) { 218 return 0; 219 } 220 221 return ivLength; 222 } 223 224 /** 225 * Returns the length in bytes of the MAC key to be generated. 226 * 227 * @return the length in bytes of the MAC key to be generated. 228 */ getMacKeyLength()229 public int getMacKeyLength() { 230 return macKeyLength; 231 } 232 233 /** 234 * Obtains the PRF hash algorithm to use in the PRF calculation. 235 * 236 * @return the hash algorithm. 237 */ getPRFHashAlg()238 public String getPRFHashAlg() { 239 return prfHashAlg; 240 } 241 242 /** 243 * Obtains the length of the PRF hash algorithm. 244 * 245 * @return the hash algorithm length. 246 */ getPRFHashLength()247 public int getPRFHashLength() { 248 return prfHashLength; 249 } 250 251 /** 252 * Obtains the block size of the PRF hash algorithm. 253 * 254 * @return the hash algorithm block size 255 */ getPRFBlockSize()256 public int getPRFBlockSize() { 257 return prfBlockSize; 258 } 259 } 260