Добавлен разбор DH и RSA ключей

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/DhClientParams.java

@@ -0,0 +1,50 @@
+package ru.serega6531.packmate.service.optimization.tls.keys;
+
+import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmHash;
+import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmSignature;
+
+public class DhClientParams {
+
+    private final byte[] p;
+    private final byte[] g;
+    private final byte[] pubkey;
+    private final SignatureHashAlgorithmHash signatureHashAlgorithmHash;
+    private final SignatureHashAlgorithmSignature signatureHashAlgorithmSignature;
+    private final byte[] signature;
+
+    public DhClientParams(byte[] p, byte[] g, byte[] pubkey,
+                          SignatureHashAlgorithmHash signatureHashAlgorithmHash,
+                          SignatureHashAlgorithmSignature signatureHashAlgorithmSignature,
+                          byte[] signature) {
+        this.p = p;
+        this.g = g;
+        this.pubkey = pubkey;
+        this.signatureHashAlgorithmHash = signatureHashAlgorithmHash;
+        this.signatureHashAlgorithmSignature = signatureHashAlgorithmSignature;
+        this.signature = signature;
+    }
+
+    public byte[] getP() {
+        return p;
+    }
+
+    public byte[] getG() {
+        return g;
+    }
+
+    public byte[] getPubkey() {
+        return pubkey;
+    }
+
+    public SignatureHashAlgorithmHash getSignatureHashAlgorithmHash() {
+        return signatureHashAlgorithmHash;
+    }
+
+    public SignatureHashAlgorithmSignature getSignatureHashAlgorithmSignature() {
+        return signatureHashAlgorithmSignature;
+    }
+
+    public byte[] getSignature() {
+        return signature;
+    }
+}

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/EcdheServerParams.java

@@ -7,12 +7,12 @@ import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashA
 
 public class EcdheServerParams {
 
-    private CurveType curveType;
-    private NamedCurve namedCurve;
-    private byte[] pubkey;
-    private SignatureHashAlgorithmHash signatureHashAlgorithmHash;
-    private SignatureHashAlgorithmSignature signatureHashAlgorithmSignature;
-    private byte[] signature;
+    private final CurveType curveType;
+    private final NamedCurve namedCurve;
+    private final byte[] pubkey;
+    private final SignatureHashAlgorithmHash signatureHashAlgorithmHash;
+    private final SignatureHashAlgorithmSignature signatureHashAlgorithmSignature;
+    private final byte[] signature;
 
     public EcdheServerParams(CurveType curveType, NamedCurve namedCurve, byte[] pubkey,
                              SignatureHashAlgorithmHash signatureHashAlgorithmHash,

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/RsaServerParams.java

@@ -0,0 +1,22 @@
+package ru.serega6531.packmate.service.optimization.tls.keys;
+
+import ru.serega6531.packmate.service.optimization.tls.numbers.TlsVersion;
+
+public class RsaServerParams {
+
+    private final TlsVersion version;
+    private final byte[] encryptedPreMasterSecret;
+
+    public RsaServerParams(TlsVersion version, byte[] encryptedPreMasterSecret) {
+        this.version = version;
+        this.encryptedPreMasterSecret = encryptedPreMasterSecret;
+    }
+
+    public TlsVersion getVersion() {
+        return version;
+    }
+
+    public byte[] getEncryptedPreMasterSecret() {
+        return encryptedPreMasterSecret;
+    }
+}

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/TlsKeyUtils.java

@@ -4,11 +4,50 @@ import ru.serega6531.packmate.service.optimization.tls.keys.enums.CurveType;
 import ru.serega6531.packmate.service.optimization.tls.keys.enums.NamedCurve;
 import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmHash;
 import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmSignature;
+import ru.serega6531.packmate.service.optimization.tls.numbers.TlsVersion;
 
 import java.nio.ByteBuffer;
 
+/**
+ * It is impossible to determine key format just by KeyExchange record,
+ * so you can use this class when analyzing tls traffic.
+ */
 public final class TlsKeyUtils {
 
+    // https://wiki.osdev.org/TLS_Handshake
+
+    public static DhClientParams parseServerDH(byte[] rawData, int offset) {
+        ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
+
+        short pLength = bb.getShort();
+        byte[] p = new byte[pLength];
+        bb.get(p);
+
+        short gLength = bb.getShort();
+        byte[] g = new byte[gLength];
+        bb.get(g);
+
+        short pubKeyLength = bb.getShort();
+        byte[] pubKey = new byte[pubKeyLength];  // aka Ys
+        bb.get(pubKey);
+
+        SignatureHashAlgorithmHash signatureHashAlgorithmHash =
+                SignatureHashAlgorithmHash.findByValue(bb.getShort());
+        SignatureHashAlgorithmSignature signatureHashAlgorithmSignature =
+                SignatureHashAlgorithmSignature.findByValue(bb.getShort());
+
+        if (signatureHashAlgorithmHash == null || signatureHashAlgorithmSignature == null) {
+            throw new IllegalArgumentException("Unknown signature data");
+        }
+
+        short signatureLength = bb.getShort();
+        byte[] signature = new byte[signatureLength];
+
+        bb.get(signature);
+
+        return new DhClientParams(p, g, pubKey, signatureHashAlgorithmHash, signatureHashAlgorithmSignature, signature);
+    }
+
     /**
      * @param rawData Handshake record content
      */
@@ -49,10 +88,13 @@ public final class TlsKeyUtils {
                 signatureHashAlgorithmHash, signatureHashAlgorithmSignature, signature);
     }
 
+    // https://ldapwiki.com/wiki/ClientKeyExchange
+
     /**
+     * Suitable for both DH and ECDHE
      * @param rawData Handshake record content
      */
-    public static byte[] getServerECDHEPubkey(byte[] rawData, int offset) {
+    public static byte[] getClientDHPubkey(byte[] rawData, int offset) {
         ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
 
         byte length = bb.get();
@@ -62,4 +104,14 @@ public final class TlsKeyUtils {
         return pubkey;
     }
 
+    public static RsaServerParams parseClientRsa(byte[] rawData, int offset) {
+        ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
+
+        TlsVersion version = TlsVersion.getInstance(bb.getShort());
+        byte[] encryptedPreMasterSecret = new byte[46];
+        bb.get(encryptedPreMasterSecret);
+
+        return new RsaServerParams(version, encryptedPreMasterSecret);
+    }
+
 }

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/CurveType.java

@@ -4,7 +4,7 @@ public enum CurveType {
 
     NAMED((byte) 0x03);
 
-    private byte value;
+    private final byte value;
 
     CurveType(byte value) {
         this.value = value;

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmHash.java

@@ -5,7 +5,8 @@ import java.util.Map;
 
 public enum SignatureHashAlgorithmHash {
 
-    SHA256((byte) 4);
+    SHA256((byte) 4),
+    SHA512((byte) 6);
 
     private final byte value;
 

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmSignature.java

@@ -5,7 +5,8 @@ import java.util.Map;
 
 public enum  SignatureHashAlgorithmSignature {
 
-    RSA((byte) 1);
+    RSA((byte) 1),
+    ECDSA((byte) 3);
 
     private final byte value;