Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

de.bb.minissl
Class Ssl3Server

java.lang.Object
  |
  +--de.bb.minissl.SslBase
        |
        +--de.bb.minissl.Ssl3
              |
              +--de.bb.minissl.Ssl3Server
public final class Ssl3Server
extends de.bb.minissl.Ssl3

Implements the server side handshake for SSL3. Supports an SSL2 client hello Contains all server specific function which are needed to establish an SSL3 connection.

Field Summary
protected  byte byte0
           
protected  java.util.Vector certs
           
protected  int cipherType
           
protected static byte[] client
           
protected  byte[] clientRandom
           
protected  boolean collect
           
protected  byte[] head
           
protected  MessageDigest hsMd5
           
protected  MessageDigest hsSha
           
protected  java.io.InputStream is
           
protected  byte[] masterSecret
           
protected  MessageDigest md5
           
protected static byte[] nullbytes
           
protected  byte[] onebyte
           
protected  java.io.OutputStream os
           
protected  byte[] readBuffer
           
protected  MessageDigest readHash
           
protected  int readHLen
           
protected  byte[] readkey
           
protected  long readnum
           
protected  byte[] readSecret
           
protected  byte[] rhashBuffer
           
protected  int rpos
           
protected static byte[] server
           
protected  byte[] serverRandom
           
protected  byte[] sessionId
           
protected  MessageDigest sha
           
protected  MessageDigest writeHash
           
protected  int writeHLen
           
protected  byte[] writekey
           
protected  long writenum
           
protected  byte[] writeSecret
           
 
Constructor Summary
Ssl3Server()
          Creates a new Ssl3Server object, which uses the given InputStream for reading and the given OutputStream for writing.
 
Method Summary
protected  int available()
          Returns the number of bytes that can be read from this input stream without blocking.
protected  byte[] calc_hs_hash(MessageDigest md, int len, byte[] sender)
          calculate a handshake MAC. hash(masterSecret + pad2 + hash(handshake + sender + mastersecret + pad1));
protected  byte[] calcMessageHash(MessageDigest md, int hlen, byte[] secret, long seqNum, int typ, byte[] b)
          calculate a message MAC. hash(secret + pad_2 + hash (secret + pad_1 + seq_num + typ + length + content)); this functions is synchronized since the same MessageDigest object is used for reading and writing.
protected  void close()
          close the input and output stream
protected  void createKeys(boolean isServer, int hlen)
          create the key and secret material
protected static byte[] doRSA(byte[] z, byte[] n, byte[] e)
          perform an RSA encrption
protected static boolean equals(byte[] a, int ai, byte[] b, int bi, int len)
          compare 2 bytearrays
protected  void flush()
          flush the output stream
 java.util.Vector getCertificates()
          return the vector of received certificates
 int getCipherType()
          Query the used ciphertype
protected  java.io.InputStream getInputStream()
          Returns an input stream for this Ssl connection.
protected  java.io.OutputStream getOutputStream()
          Returns an input stream for this Ssl connection.
protected  byte[] hs_read(int msgType)
          Reads an array for a handshake message from input stream with blocking.
protected  void hs_write(byte[] b, int msgType)
          Write the array to the output stream as an handshake packet.
 void listen(java.io.InputStream _is, java.io.OutputStream _os, byte[] cert, byte[] kn, byte[] kf)
           
protected  byte[] makeHashBytes(byte[] x, int n, byte[] ra, byte[] readBuffer)
          create some hash bytes md5(x + sha('A' + x + ra + readBuffer)) + md5(x + sha('BB' + x + ra + readBuffer)) + md5(x + sha('CCC' + x + ra + readBuffer)) + ...
protected static void prepare_key(byte[] key_data_ptr, byte[] key)
          perform the rc4 key expansion
protected  boolean rawread(byte[] b, int typ)
          Reads into the given byte array from input stream with blocking.
protected  void rawwrite(byte[] b, int typ)
          Write the array to the output stream using the given packet type.
protected static void rc4(byte[] buffer_ptr, byte[] key)
          perform an rc4 key encryption/decryption
protected  int read()
          Reads one byte from input stream with blocking.
protected  int read(byte[] b)
          Reads into the given byte array from input stream with blocking.
protected  int readahead()
          Reads the next SSL3 block into internal buffer.
protected  void setStreams(java.io.InputStream i, java.io.OutputStream o)
           
protected static void unzero(byte[] b)
          replace all zeros with a new random value !
protected  void write(byte[] b)
          Writes the given byte array to the output stream.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

server

protected static final byte[] server

client

protected static final byte[] client

nullbytes

protected static final byte[] nullbytes

collect

protected boolean collect

hsMd5

protected MessageDigest hsMd5

hsSha

protected MessageDigest hsSha

readnum

protected long readnum

writenum

protected long writenum

certs

protected java.util.Vector certs

is

protected java.io.InputStream is

os

protected java.io.OutputStream os

cipherType

protected int cipherType

md5

protected MessageDigest md5

sha

protected MessageDigest sha

head

protected byte[] head

readBuffer

protected byte[] readBuffer

onebyte

protected byte[] onebyte

rpos

protected int rpos

masterSecret

protected byte[] masterSecret

clientRandom

protected byte[] clientRandom

serverRandom

protected byte[] serverRandom

sessionId

protected byte[] sessionId

readSecret

protected byte[] readSecret

writeSecret

protected byte[] writeSecret

readkey

protected byte[] readkey

writekey

protected byte[] writekey

readHash

protected MessageDigest readHash

writeHash

protected MessageDigest writeHash

readHLen

protected int readHLen

writeHLen

protected int writeHLen

rhashBuffer

protected byte[] rhashBuffer

byte0

protected byte byte0
Constructor Detail

Ssl3Server

public Ssl3Server()
           throws java.io.IOException
Creates a new Ssl3Server object, which uses the given InputStream for reading and the given OutputStream for writing.
Parameters:
_is - the InputStream, which is used for reading#
_os - the OutputStream, which is used for writing
cert - is the used certificate
kn - is the private key modulo
kf - is the private key exponent
Throws:
java.io.IOException - throws an IOException if any non recoverable error occurs.
Method Detail

listen

public void listen(java.io.InputStream _is,
                   java.io.OutputStream _os,
                   byte[] cert,
                   byte[] kn,
                   byte[] kf)
            throws java.io.IOException

read

protected final int read()
                  throws java.io.IOException
Reads one byte from input stream with blocking.
Overrides:
read in class de.bb.minissl.SslBase
Throws:
java.io.IOException - throws an IOException if an I/O Error occurs.

read

protected final int read(byte[] b)
                  throws java.io.IOException
Reads into the given byte array from input stream with blocking. This functions returns with an partial read too! Check the count of read bytes.
Overrides:
read in class de.bb.minissl.SslBase
Parameters:
b - the buffer into which the data is read.
Returns:
count of bytes read
Throws:
java.io.IOException - throws an IOException if an I/O Error occurs.

write

protected final void write(byte[] b)
                    throws java.io.IOException
Writes the given byte array to the output stream. If
Overrides:
write in class de.bb.minissl.SslBase
Parameters:
b - the buffer which is written.
Throws:
java.io.IOException - throws an IOException if an I/O Error occurs.

readahead

protected final int readahead()
                       throws java.io.IOException
Reads the next SSL3 block into internal buffer. This function blocks until the complete block is read. An hack allows to read also an SSL2 hello message header!
Overrides:
readahead in class de.bb.minissl.SslBase
Throws:
java.io.IOException - throws an IOException if an I/O Error occurs.

rawread

protected final boolean rawread(byte[] b,
                                int typ)
                         throws java.io.IOException
Reads into the given byte array from input stream with blocking.
Parameters:
b - the buffer into which the data is read.
typ - the type of the read packet
Returns:
false on end of file, either true
Throws:
java.io.IOException - throws an IOException if an I/O Error occurs, an alert is received or a type mismatch is detected.

hs_read

protected final byte[] hs_read(int msgType)
                        throws java.io.IOException
Reads an array for a handshake message from input stream with blocking.
Parameters:
msgType - the handshake message type of the read packet
Returns:
a new buffer into which the data was read.
Throws:
java.io.IOException - throws an IOException if an I/O Error occurs.

rawwrite

protected final void rawwrite(byte[] b,
                              int typ)
                       throws java.io.IOException
Write the array to the output stream using the given packet type.
Parameters:
b - the bytes to sent
typ - the packet type of the sent packet
Throws:
java.io.IOException - throws an IOException if an I/O Error occurs.

hs_write

protected final void hs_write(byte[] b,
                              int msgType)
                       throws java.io.IOException
Write the array to the output stream as an handshake packet.
Parameters:
b - the bytes to sent
msgType - the handshake message type of the sent packet
Throws:
java.io.IOException - throws an IOException if an I/O Error occurs.

calcMessageHash

protected final byte[] calcMessageHash(MessageDigest md,
                                       int hlen,
                                       byte[] secret,
                                       long seqNum,
                                       int typ,
                                       byte[] b)
calculate a message MAC. hash(secret + pad_2 + hash (secret + pad_1 + seq_num + typ + length + content)); this functions is synchronized since the same MessageDigest object is used for reading and writing.
Parameters:
md - the MessageDigest which is used to caclulate the MAC
hlen - length for the given hash
secret - the secret for this MAC (see formula)
seqNum - the sequence Number for this MAC (see formula)
typ - the packet type for this MAC (see formula)
b - the message content for this MAC (see formula)
Returns:
a new allocated byte array containing the MAC

makeHashBytes

protected final byte[] makeHashBytes(byte[] x,
                                     int n,
                                     byte[] ra,
                                     byte[] readBuffer)
create some hash bytes md5(x + sha('A' + x + ra + readBuffer)) + md5(x + sha('BB' + x + ra + readBuffer)) + md5(x + sha('CCC' + x + ra + readBuffer)) + ...
Parameters:
n - the number of needed hash bytes
x - an input parameter(see formula)
ra - an input parameter(see formula)
readBuffer - an input parameter(see formula)
Returns:
a new allocated byte array containing the hash bytes

calc_hs_hash

protected final byte[] calc_hs_hash(MessageDigest md,
                                    int len,
                                    byte[] sender)
calculate a handshake MAC. hash(masterSecret + pad2 + hash(handshake + sender + mastersecret + pad1));
Parameters:
md - the MessageDigest which is used to caclulate the MAC
len - the count of pad_x bytes (see formula)
sender - the sender of this message (see formula)
Returns:
a new allocated byte array containing the MAC

createKeys

protected final void createKeys(boolean isServer,
                                int hlen)
create the key and secret material
Parameters:
isServer - indicates whether they are generated for a server or a client
hlen - length for the new hash

close

protected void close()
              throws java.io.IOException
Description copied from class: de.bb.minissl.SslBase
close the input and output stream
Overrides:
close in class de.bb.minissl.SslBase

setStreams

protected void setStreams(java.io.InputStream i,
                          java.io.OutputStream o)

getCipherType

public final int getCipherType()
Query the used ciphertype
Returns:
the used ciphertype 3 = SSL_RSA_WITH_RC4_40_MD5 4 = SSL_RSA_WITH_RC4_128_MD5 5 = SSL_RSA_WITH_RC4_128_SHA

getInputStream

protected final java.io.InputStream getInputStream()
Returns an input stream for this Ssl connection.
Returns:
a stream for reading from this Ssl connection.

getOutputStream

protected final java.io.OutputStream getOutputStream()
Returns an input stream for this Ssl connection.
Returns:
a stream for reading from this Ssl connection.

getCertificates

public final java.util.Vector getCertificates()
return the vector of received certificates
Returns:
a vector with all received certificates

flush

protected final void flush()
                    throws java.io.IOException
flush the output stream

available

protected final int available()
                       throws java.io.IOException
Returns the number of bytes that can be read from this input stream without blocking.
Throws:
java.io.IOException - throws an IOException if an I/O Error occurs.

unzero

protected static final void unzero(byte[] b)
replace all zeros with a new random value != 0
Parameters:
b - a byte array wherein all zeros are replaced by non zero random values

equals

protected static final boolean equals(byte[] a,
                                      int ai,
                                      byte[] b,
                                      int bi,
                                      int len)
compare 2 bytearrays
Parameters:
a - first byte array
ai - offset into first byte array
b - second byte array
bi - offset into second byte array
len - the count of bytes to compare
Returns:
true if the compared data are equal. false if not

rc4

protected static final void rc4(byte[] buffer_ptr,
                                byte[] key)
perform an rc4 key encryption/decryption
Parameters:
buffer_ptr - the input/output data
key - the byte array for the key (key.length == 258)

prepare_key

protected static final void prepare_key(byte[] key_data_ptr,
                                        byte[] key)
perform the rc4 key expansion
Parameters:
key_data_ptr - the input data for the key
key - the byte array for the key (key.length == 258)

doRSA

protected static final byte[] doRSA(byte[] z,
                                    byte[] n,
                                    byte[] e)
perform an RSA encrption
Parameters:
z - the data to encrypt/decrypt
n - the modulo
e - the exponent
Returns:
a new allocated byte array with the result of (z**e)mod n
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD