protected void adjustECParameter(ECDHEServerKeyExchangeMessage message) { tlsContext.setSelectedCurve(NamedCurve.getNamedCurve(message.getNamedCurve().getValue())); // TODO avoid BC tool byte[] ecParams = ArrayConverter.concatenate(new byte[] { message.getCurveType().getValue() }, message .getNamedCurve().getValue(), ArrayConverter.intToBytes(message.getPublicKeyLength().getValue(), 1), message.getPublicKey().getValue()); InputStream is = new ByteArrayInputStream(ecParams); ECPublicKeyParameters publicKeyParameters = null; try { publicKeyParameters = ECCUtilsBCWrapper.readECParametersWithPublicKey(is); } catch (TlsFatalAlert alert) { throw new AdjustmentException("Problematic EC parameters, we dont support these yet", alert); } catch (IOException ex) { throw new AdjustmentException("EC public key parsing failed", ex); } CustomECPoint publicKey = new CustomECPoint(publicKeyParameters.getQ().getRawXCoord().toBigInteger(), publicKeyParameters.getQ().getRawYCoord().toBigInteger()); tlsContext.setServerEcPublicKey(publicKey); }
public byte[] decodeCiphertext(byte[] receivedMAC, byte[] additionalData, byte[] ciphertext) throws IOException { KeyParameter macKey = initRecordMAC(decryptCipher); byte[] calculatedMAC = PolyKeyCreator.create(macKey, additionalData, ciphertext); if (!Arrays.constantTimeAreEqual(calculatedMAC, receivedMAC)) { throw new TlsFatalAlert(AlertDescription.bad_record_mac); } byte[] output = new byte[ciphertext.length]; decryptCipher.processBytes(ciphertext, 0, ciphertext.length, output, 0); return output; }
public void send(byte[] buf, int off, int len) throws IOException { if (len > getSendLimit()) { throw new TlsFatalAlert(AlertDescription.record_overflow); } DatagramPacket packet = new DatagramPacket(buf, off, len); socket.send(packet); }