0xb00b5/0xb00b5-packmate
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove TLS support

Browse Source
This commit is contained in:
Sergey Shkurov
2023-08-03 02:46:30 +04:00
parent 938031f1de
commit 88e76c096d
41 changed files with 0 additions and 2802 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/ru/serega6531/packmate/model/CtfService.java
View File

@@ -23,8 +23,6 @@ public class CtfService {
@Column(nullable = false)
private String name;
private boolean decryptTls;
private boolean http;
private boolean urldecodeHttpRequests;

2
src/main/java/ru/serega6531/packmate/model/Packet.java
View File

@@ -53,8 +53,6 @@ public class Packet {
private boolean webSocketParsed = false;
private boolean tlsDecrypted = false;
private boolean hasHttpBody = false;
@Column(nullable = false)

1
src/main/java/ru/serega6531/packmate/model/pojo/PacketDto.java
View File

@@ -13,7 +13,6 @@ public class PacketDto {
private boolean incoming;
private boolean ungzipped;
private boolean webSocketParsed;
private boolean tlsDecrypted;
private boolean hasHttpBody;
private byte[] content;

2
src/main/java/ru/serega6531/packmate/service/optimization/PacketsMerger.java
View File

@@ -45,7 +45,6 @@ public class PacketsMerger {
final long timestamp = cut.get(0).getTimestamp();
final boolean httpProcessed = cut.stream().anyMatch(Packet::isHttpProcessed);
final boolean webSocketParsed = cut.stream().anyMatch(Packet::isWebSocketParsed);
final boolean tlsDecrypted = cut.get(0).isTlsDecrypted();
final boolean incoming = cut.get(0).isIncoming();
final byte[] content = PacketUtils.mergePackets(cut);
@@ -55,7 +54,6 @@ public class PacketsMerger {
.timestamp(timestamp)
.httpProcessed(httpProcessed)
.webSocketParsed(webSocketParsed)
.tlsDecrypted(tlsDecrypted)
.content(content)
.build());
}

18
src/main/java/ru/serega6531/packmate/service/optimization/StreamOptimizer.java
View File

@@ -24,15 +24,6 @@ public class StreamOptimizer {
* Вызвать для выполнения оптимизаций на переданном списке пакетов.
*/
public List<Packet> optimizeStream() {
if (service.isDecryptTls()) {
try {
decryptTls();
} catch (Exception e) {
log.warn("Error optimizing stream (tls)", e);
return packets;
}
}
if (service.isParseWebSockets()) {
try {
parseWebSockets();
@@ -72,15 +63,6 @@ public class StreamOptimizer {
return packets;
}
private void decryptTls() {
final TlsDecryptor tlsDecryptor = new TlsDecryptor(packets, keysHolder);
tlsDecryptor.decryptTls();
if (tlsDecryptor.isParsed()) {
packets = tlsDecryptor.getParsedPackets();
}
}
private void parseWebSockets() {
if (!packets.get(0).getContentString().contains("HTTP/")) {
return;

297
src/main/java/ru/serega6531/packmate/service/optimization/TlsDecryptor.java
View File

@@ -1,297 +0,0 @@
package ru.serega6531.packmate.service.optimization;
import com.google.common.collect.ArrayListMultimap;
import com.google.common.collect.ListMultimap;
import lombok.Getter;
import lombok.RequiredArgsConstructor;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.ArrayUtils;
import org.bouncycastle.tls.ExporterLabel;
import org.bouncycastle.tls.PRFAlgorithm;
import org.bouncycastle.tls.crypto.TlsSecret;
import org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto;
import org.bouncycastle.tls.crypto.impl.bc.BcTlsSecret;
import org.pcap4j.packet.IllegalRawDataException;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.model.Packet;
import ru.serega6531.packmate.service.optimization.tls.TlsPacket;
import ru.serega6531.packmate.service.optimization.tls.keys.TlsKeyUtils;
import ru.serega6531.packmate.service.optimization.tls.numbers.CipherSuite;
import ru.serega6531.packmate.service.optimization.tls.numbers.ContentType;
import ru.serega6531.packmate.service.optimization.tls.numbers.HandshakeType;
import ru.serega6531.packmate.service.optimization.tls.records.ApplicationDataRecord;
import ru.serega6531.packmate.service.optimization.tls.records.HandshakeRecord;
import ru.serega6531.packmate.service.optimization.tls.records.handshakes.*;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.ByteArrayInputStream;
import java.nio.ByteBuffer;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@Slf4j
@RequiredArgsConstructor
public class TlsDecryptor {
private static final Pattern cipherSuitePattern = Pattern.compile("TLS_RSA_WITH_([A-Z0-9_]+)_[A-Z0-9]+");
private final List<Packet> packets;
private final RsaKeysHolder keysHolder;
@Getter
private boolean parsed = false;
private List<Packet> result;
private ListMultimap<Packet, TlsPacket.TlsHeader> tlsPackets;
private byte[] clientRandom;
private byte[] serverRandom;
public void decryptTls() {
tlsPackets = ArrayListMultimap.create(packets.size(), 1);
try {
for (Packet p : packets) {
tlsPackets.putAll(p, createTlsHeaders(p));
}
} catch (IllegalRawDataException e) {
log.warn("Failed to parse TLS packets", e);
return;
}
var clientHelloOpt = getHandshake(HandshakeType.CLIENT_HELLO);
var serverHelloOpt = getHandshake(HandshakeType.SERVER_HELLO);
if (clientHelloOpt.isEmpty() || serverHelloOpt.isEmpty()) {
return;
}
var clientHello = (ClientHelloHandshakeRecordContent) clientHelloOpt.get();
var serverHello = (ServerHelloHandshakeRecordContent) serverHelloOpt.get();
CipherSuite cipherSuite = serverHello.getCipherSuite();
if (cipherSuite.name().startsWith("TLS_RSA_WITH_")) {
Matcher matcher = cipherSuitePattern.matcher(cipherSuite.name());
//noinspection ResultOfMethodCallIgnored
matcher.find();
String blockCipher = matcher.group(1);
clientRandom = clientHello.getRandom();
serverRandom = serverHello.getRandom();
decryptTlsRsa(blockCipher);
}
}
@SneakyThrows
private void decryptTlsRsa(String blockCipher) {
String[] blockCipherParts = blockCipher.split("_");
String blockCipherAlgo = blockCipherParts[0];
int blockCipherSize = Integer.parseInt(blockCipherParts[1]);
String blockCipherMode = blockCipherParts[2];
if (!blockCipherAlgo.equals("AES")) {
return;
}
int keyLength = blockCipherSize / 8;
Optional<RSAPublicKey> publicKeyOpt = getRsaPublicKey();
if (publicKeyOpt.isEmpty()) {
return;
}
RSAPublicKey publicKey = publicKeyOpt.get();
RSAPrivateKey privateKey = keysHolder.getKey(publicKey.getModulus());
if (privateKey == null) {
String n = publicKey.getModulus().toString();
log.warn("Key for modulus not found: {}...", n.substring(0, Math.min(n.length(), 8)));
return;
}
Optional<BcTlsSecret> preMasterOptional = getPreMaster(privateKey);
if (preMasterOptional.isEmpty()) {
return;
}
BcTlsSecret preMaster = preMasterOptional.get();
byte[] randomCS = ArrayUtils.addAll(clientRandom, serverRandom);
byte[] randomSC = ArrayUtils.addAll(serverRandom, clientRandom);
TlsSecret masterSecret = preMaster.deriveUsingPRF(
PRFAlgorithm.tls_prf_sha256, ExporterLabel.master_secret, randomCS, 48);
byte[] expanded = masterSecret.deriveUsingPRF(
PRFAlgorithm.tls_prf_sha256, ExporterLabel.key_expansion, randomSC, 72 + keyLength * 2).extract();
byte[] clientMacKey = new byte[20];
byte[] serverMacKey = new byte[20];
byte[] clientEncryptionKey = new byte[keyLength];
byte[] serverEncryptionKey = new byte[keyLength];
byte[] clientIV = new byte[16];
byte[] serverIV = new byte[16];
ByteBuffer bb = ByteBuffer.wrap(expanded);
bb.get(clientMacKey);
bb.get(serverMacKey);
bb.get(clientEncryptionKey);
bb.get(serverEncryptionKey);
bb.get(clientIV);
bb.get(serverIV);
Optional<Cipher> clientCipherOpt = createCipher(blockCipherMode, clientEncryptionKey, clientIV);
Optional<Cipher> serverCipherOpt = createCipher(blockCipherMode, serverEncryptionKey, serverIV);
if (clientCipherOpt.isEmpty() || serverCipherOpt.isEmpty()) {
return;
}
Cipher clientCipher = clientCipherOpt.get();
Cipher serverCipher = serverCipherOpt.get();
result = new ArrayList<>(packets.size());
for (Packet packet : packets) {
List<TlsPacket.TlsHeader> tlsData = tlsPackets.get(packet);
for (TlsPacket.TlsHeader tlsPacket : tlsData) {
if (tlsPacket.getContentType() == ContentType.APPLICATION_DATA) {
byte[] data = ((ApplicationDataRecord) tlsPacket.getRecord()).getData();
boolean client = packet.isIncoming();
Cipher cipher = client ? clientCipher : serverCipher;
byte[] decoded = cipher.doFinal(data);
decoded = clearDecodedData(decoded);
result.add(
packet.toBuilder()
.content(decoded)
.tlsDecrypted(true)
.build()
);
}
}
}
parsed = true;
}
@SneakyThrows(value = {NoSuchAlgorithmException.class, NoSuchPaddingException.class})
private Optional<BcTlsSecret> getPreMaster(RSAPrivateKey privateKey) {
Optional<HandshakeRecordContent> opt = getHandshake(HandshakeType.CLIENT_KEY_EXCHANGE);
if (opt.isEmpty()) {
return Optional.empty();
}
var clientKeyExchange = (BasicHandshakeRecordContent) opt.get();
try {
byte[] encryptedPreMaster = TlsKeyUtils.getClientRsaPreMaster(clientKeyExchange.getContent(), 0);
Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding");
rsa.init(Cipher.DECRYPT_MODE, privateKey);
byte[] preMaster = rsa.doFinal(encryptedPreMaster);
return Optional.of(new BcTlsSecret(new BcTlsCrypto(null), preMaster));
} catch (InvalidKeyException | IllegalBlockSizeException | BadPaddingException e) {
log.warn("Failed do get pre-master key", e);
return Optional.empty();
}
}
private Optional<RSAPublicKey> getRsaPublicKey() {
var certificateHandshakeOpt = getHandshake(HandshakeType.CERTIFICATE);
if (certificateHandshakeOpt.isEmpty()) {
return Optional.empty();
}
var certificateHandshake = (CertificateHandshakeRecordContent) certificateHandshakeOpt.get();
List<byte[]> chain = certificateHandshake.getRawCertificates();
byte[] rawCertificate = chain.get(0);
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate certificate = cf.generateCertificate(new ByteArrayInputStream(rawCertificate));
RSAPublicKey publicKey = (RSAPublicKey) certificate.getPublicKey();
return Optional.of(publicKey);
} catch (CertificateException e) {
log.warn("Error while getting certificate", e);
return Optional.empty();
}
}
@SneakyThrows(value = {NoSuchAlgorithmException.class, NoSuchPaddingException.class})
private Optional<Cipher> createCipher(String mode, byte[] key, byte[] iv) {
Cipher cipher = Cipher.getInstance("AES/" + mode + "/PKCS5Padding");
SecretKeySpec serverSkeySpec = new SecretKeySpec(key, "AES");
IvParameterSpec serverIvParameterSpec = new IvParameterSpec(iv);
try {
cipher.init(Cipher.DECRYPT_MODE, serverSkeySpec, serverIvParameterSpec);
return Optional.of(cipher);
} catch (InvalidKeyException | InvalidAlgorithmParameterException e) {
log.warn("Error decrypting TLS", e);
return Optional.empty();
}
}
private byte[] clearDecodedData(byte[] decoded) {
int start = 16;
int end = decoded.length - 21; // почему?)
decoded = ByteArrays.getSubArray(decoded, start, end - start);
return decoded;
}
private Optional<HandshakeRecordContent> getHandshake(HandshakeType handshakeType) {
return tlsPackets.values().stream()
.filter(p -> p.getContentType() == ContentType.HANDSHAKE)
.map(p -> ((HandshakeRecord) p.getRecord()))
.filter(r -> r.getHandshakeType() == handshakeType)
.map(HandshakeRecord::getContent)
.findFirst();
}
private List<TlsPacket.TlsHeader> createTlsHeaders(Packet p) throws IllegalRawDataException {
List<TlsPacket.TlsHeader> headers = new ArrayList<>();
TlsPacket tlsPacket = TlsPacket.newPacket(p.getContent(), 0, p.getContent().length);
headers.add(tlsPacket.getHeader());
while (tlsPacket.getPayload() != null) {
tlsPacket = (TlsPacket) tlsPacket.getPayload();
headers.add(tlsPacket.getHeader());
}
return headers;
}
public List<Packet> getParsedPackets() {
if (!parsed) {
throw new IllegalStateException("TLS is not parsed");
}
return result;
}
}

172
src/main/java/ru/serega6531/packmate/service/optimization/tls/TlsPacket.java
View File

@@ -1,172 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls;
import org.pcap4j.packet.AbstractPacket;
import org.pcap4j.packet.IllegalRawDataException;
import org.pcap4j.packet.Packet;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.service.optimization.tls.numbers.ContentType;
import ru.serega6531.packmate.service.optimization.tls.numbers.TlsVersion;
import ru.serega6531.packmate.service.optimization.tls.records.*;
import java.util.ArrayList;
import java.util.List;
import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
public class TlsPacket extends AbstractPacket {
private final TlsPacket.TlsHeader header;
private final Packet payload;
public static TlsPacket newPacket(byte[] rawData, int offset, int length) throws IllegalRawDataException {
ByteArrays.validateBounds(rawData, offset, length);
return new TlsPacket(rawData, offset, length);
}
private TlsPacket(byte[] rawData, int offset, int length) throws IllegalRawDataException {
this.header = new TlsPacket.TlsHeader(rawData, offset, length);
int payloadLength = length - header.length();
if (payloadLength > 0) {
this.payload = TlsPacket.newPacket(rawData, offset + header.length(), payloadLength);
} else {
this.payload = null;
}
}
private TlsPacket(TlsPacket.Builder builder) {
if (builder == null) {
throw new NullPointerException("builder: null");
}
this.payload = builder.payloadBuilder != null ? builder.payloadBuilder.build() : null;
this.header = new TlsPacket.TlsHeader(builder);
}
@Override
public TlsHeader getHeader() {
return header;
}
@Override
public Packet getPayload() {
return payload;
}
@Override
public Builder getBuilder() {
return new Builder(this);
}
@Override
protected String buildString() {
StringBuilder sb = new StringBuilder(getHeader().toString());
TlsPacket p = (TlsPacket) getPayload();
if (p != null) {
sb.append('\n');
sb.append(p.toString());
}
return sb.toString();
}
public static final class TlsHeader extends AbstractHeader {
/*
0x0 - Content Type
0x1 - Version
0x3 - Length
0x5 - Record content
*/
private static final int CONTENT_TYPE_OFFSET = 0;
private static final int VERSION_OFFSET = CONTENT_TYPE_OFFSET + BYTE_SIZE_IN_BYTES;
private static final int LENGTH_OFFSET = VERSION_OFFSET + SHORT_SIZE_IN_BYTES;
private static final int RECORD_OFFSET = LENGTH_OFFSET + SHORT_SIZE_IN_BYTES;
private ContentType contentType;
private TlsVersion version;
private short recordLength;
private TlsRecord record;
private TlsHeader(Builder builder) {
//TODO
}
private TlsHeader(byte[] rawData, int offset, int length) throws IllegalRawDataException {
ByteArrays.validateBounds(rawData, offset, RECORD_OFFSET);
this.contentType = ContentType.getInstance(ByteArrays.getByte(rawData, CONTENT_TYPE_OFFSET + offset));
this.version = TlsVersion.getInstance(ByteArrays.getShort(rawData, VERSION_OFFSET + offset));
this.recordLength = ByteArrays.getShort(rawData, LENGTH_OFFSET + offset);
if (contentType == ContentType.HANDSHAKE) {
this.record = HandshakeRecord.newInstance(rawData, offset + RECORD_OFFSET, recordLength);
} else if (contentType == ContentType.CHANGE_CIPHER_SPEC) {
this.record = ChangeCipherSpecRecord.newInstance(rawData, offset + RECORD_OFFSET, recordLength);
} else if (contentType == ContentType.APPLICATION_DATA) {
this.record = ApplicationDataRecord.newInstance(rawData, offset + RECORD_OFFSET, recordLength);
} else if (contentType == ContentType.ALERT) {
this.record = AlertRecord.newInstance(rawData, offset + RECORD_OFFSET, recordLength);
} else if (contentType == ContentType.HEARTBEAT) {
this.record = HeartbeatRecord.newInstance(rawData, offset + RECORD_OFFSET, recordLength);
} else {
throw new IllegalArgumentException("Unknown content type: " + contentType);
}
}
public ContentType getContentType() {
return contentType;
}
public TlsVersion getVersion() {
return version;
}
public TlsRecord getRecord() {
return record;
}
@Override
protected List<byte[]> getRawFields() {
List<byte[]> rawFields = new ArrayList<>();
rawFields.add(new byte[]{contentType.value()});
rawFields.add(ByteArrays.toByteArray(version.value()));
rawFields.add(ByteArrays.toByteArray(recordLength));
//TODO
return rawFields;
}
@Override
public int length() {
return RECORD_OFFSET + recordLength;
}
@Override
protected String buildString() {
return "TLS Header [" + length() + " bytes]\n" +
" Version: " + version + "\n" +
" Type: " + contentType + "\n" +
record.toString();
}
}
public static final class Builder extends AbstractBuilder {
private Packet.Builder payloadBuilder;
public Builder() {
}
public Builder(TlsPacket packet) {
this.payloadBuilder = packet.payload != null ? packet.payload.getBuilder() : null;
}
@Override
public Packet build() {
return new TlsPacket(this);
}
}
}

49
src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/TlsExtension.java
View File

@@ -1,49 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.extensions;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.service.optimization.tls.extensions.keyshare.KeyShareExtension;
import ru.serega6531.packmate.service.optimization.tls.numbers.ExtensionType;
public abstract class TlsExtension {
/*
0x0 - Type
0x2 - Length
0x4 - Content
0x4+length - End
*/
protected ExtensionType type;
protected short extensionLength;
public static TlsExtension newInstance(ExtensionType type, byte[] rawData, int offset,
short extensionLength, boolean client) {
if (extensionLength > 0) {
ByteArrays.validateBounds(rawData, offset, extensionLength);
}
if (type == ExtensionType.KEY_SHARE) {
return KeyShareExtension.newInstance(type, rawData, offset, extensionLength, client);
} else {
return new UnimplementedTlsExtension(type, rawData, offset, extensionLength);
}
}
public TlsExtension(ExtensionType type, short extensionLength) {
this.type = type;
this.extensionLength = extensionLength;
}
public ExtensionType getType() {
return type;
}
public short getLength() {
return extensionLength;
}
@Override
public String toString() {
return type.name();
}
}

24
src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/UnimplementedTlsExtension.java
View File

@@ -1,24 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.extensions;
import ru.serega6531.packmate.service.optimization.tls.numbers.ExtensionType;
public class UnimplementedTlsExtension extends TlsExtension {
private byte[] data;
public UnimplementedTlsExtension(ExtensionType type, byte[] rawData, int offset, short extensionLength) {
super(type, extensionLength);
data = new byte[extensionLength];
System.arraycopy(rawData, offset, data, 0, extensionLength);
}
@Override
public String toString() {
if(extensionLength > 0) {
return type.name() + " [" + extensionLength + " bytes]";
} else {
return type.name();
}
}
}

23
src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/keyshare/ClientKeyShareExtension.java
View File

@@ -1,23 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.extensions.keyshare;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.service.optimization.tls.numbers.ExtensionType;
import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
public class ClientKeyShareExtension extends KeyShareExtension {
private static final int KEY_SHARE_LENGTH_OFFSET = 0;
private static final int KEY_SHARE_ENTRY_OFFSET = KEY_SHARE_LENGTH_OFFSET + SHORT_SIZE_IN_BYTES;
private short keyShareLength;
public ClientKeyShareExtension(ExtensionType type, byte[] rawData, int offset, short extensionLength) {
super(type, extensionLength);
this.keyShareLength = ByteArrays.getShort(rawData, KEY_SHARE_LENGTH_OFFSET + offset); // the field is not always there
int cursor = KEY_SHARE_ENTRY_OFFSET + offset;
ByteArrays.validateBounds(rawData, cursor, keyShareLength);
readEntries(rawData, KEY_SHARE_ENTRY_OFFSET + offset, offset + keyShareLength);
}
}

33
src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/keyshare/KeyShareEntry.java
View File

@@ -1,33 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.extensions.keyshare;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.service.optimization.tls.numbers.KeyGroup;
import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
public class KeyShareEntry {
private static final int GROUP_OFFSET = 0;
private static final int KEY_EXHANGE_LENGTH_OFFSET = GROUP_OFFSET + SHORT_SIZE_IN_BYTES;
private static final int KEY_EXCHANGE_OFFSET = KEY_EXHANGE_LENGTH_OFFSET + SHORT_SIZE_IN_BYTES;
private KeyGroup group;
private short keyExhangeLength;
private byte[] keyExchange;
public KeyShareEntry(byte[] rawData, int offset) {
this.group = KeyGroup.getInstance(ByteArrays.getShort(rawData, GROUP_OFFSET + offset));
this.keyExhangeLength = ByteArrays.getShort(rawData, KEY_EXHANGE_LENGTH_OFFSET + offset);
keyExchange = new byte[keyExhangeLength];
System.arraycopy(rawData, KEY_EXCHANGE_OFFSET + offset, keyExchange, 0, keyExhangeLength);
}
public int size() {
return SHORT_SIZE_IN_BYTES + SHORT_SIZE_IN_BYTES + keyExhangeLength;
}
@Override
public String toString() {
return group.name();
}
}

46
src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/keyshare/KeyShareExtension.java
View File

@@ -1,46 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.extensions.keyshare;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.service.optimization.tls.extensions.TlsExtension;
import ru.serega6531.packmate.service.optimization.tls.numbers.ExtensionType;
import java.util.ArrayList;
import java.util.List;
public abstract class KeyShareExtension extends TlsExtension {
private final List<KeyShareEntry> entries = new ArrayList<>();
public static KeyShareExtension newInstance(ExtensionType type, byte[] rawData, int offset,
short extensionLength, boolean client) {
ByteArrays.validateBounds(rawData, offset, extensionLength);
if(client) {
return new ClientKeyShareExtension(type, rawData, offset, extensionLength);
} else {
return new ServerKeyShareExtension(type, rawData, offset, extensionLength);
}
}
protected KeyShareExtension(ExtensionType type, short extensionLength) {
super(type, extensionLength);
}
protected void readEntries(byte[] rawData, int cursor, int end) {
while (cursor < end) {
KeyShareEntry entry = readEntry(rawData, cursor);
cursor += entry.size();
}
}
protected KeyShareEntry readEntry(byte[] rawData, int cursor) {
KeyShareEntry entry = new KeyShareEntry(rawData, cursor);
entries.add(entry);
return entry;
}
@Override
public String toString() {
return type.name() + " " + entries.toString();
}
}

14
src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/keyshare/ServerKeyShareExtension.java
View File

@@ -1,14 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.extensions.keyshare;
import ru.serega6531.packmate.service.optimization.tls.numbers.ExtensionType;
public class ServerKeyShareExtension extends KeyShareExtension {
private static final int KEY_SHARE_ENTRY_OFFSET = 0;
public ServerKeyShareExtension(ExtensionType type, byte[] rawData, int offset, short extensionLength) {
super(type, extensionLength);
readEntry(rawData, KEY_SHARE_ENTRY_OFFSET + offset);
}
}

42
src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/DhClientParams.java
View File

@@ -1,42 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.keys;
import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureScheme;
public class DhClientParams {
private final byte[] p;
private final byte[] g;
private final byte[] pubkey;
private final SignatureScheme signatureScheme;
private final byte[] signature;
public DhClientParams(byte[] p, byte[] g, byte[] pubkey,
SignatureScheme signatureScheme,
byte[] signature) {
this.p = p;
this.g = g;
this.pubkey = pubkey;
this.signatureScheme = signatureScheme;
this.signature = signature;
}
public byte[] getP() {
return p;
}
public byte[] getG() {
return g;
}
public byte[] getPubkey() {
return pubkey;
}
public SignatureScheme getSignatureScheme() {
return signatureScheme;
}
public byte[] getSignature() {
return signature;
}
}

44
src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/EcdheServerParams.java
View File

@@ -1,44 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.keys;
import ru.serega6531.packmate.service.optimization.tls.keys.enums.CurveType;
import ru.serega6531.packmate.service.optimization.tls.keys.enums.NamedCurve;
import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureScheme;
public class EcdheServerParams {
private final CurveType curveType;
private final NamedCurve namedCurve;
private final byte[] pubkey;
private final SignatureScheme signatureScheme;
private final byte[] signature;
public EcdheServerParams(CurveType curveType, NamedCurve namedCurve, byte[] pubkey,
SignatureScheme signatureScheme,
byte[] signature) {
this.curveType = curveType;
this.namedCurve = namedCurve;
this.pubkey = pubkey;
this.signatureScheme = signatureScheme;
this.signature = signature;
}
public CurveType getCurveType() {
return curveType;
}
public NamedCurve getNamedCurve() {
return namedCurve;
}
public byte[] getPubkey() {
return pubkey;
}
public SignatureScheme getSignatureScheme() {
return signatureScheme;
}
public byte[] getSignature() {
return signature;
}
}

108
src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/TlsKeyUtils.java
View File

@@ -1,108 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.keys;
import ru.serega6531.packmate.service.optimization.tls.keys.enums.CurveType;
import ru.serega6531.packmate.service.optimization.tls.keys.enums.NamedCurve;
import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureScheme;
import java.nio.ByteBuffer;
/**
* It is impossible to determine key format just by KeyExchange record,
* so you can use this class when analyzing tls traffic.
*/
public final class TlsKeyUtils {
// https://wiki.osdev.org/TLS_Handshake
public static DhClientParams parseServerDH(byte[] rawData, int offset) {
ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
short pLength = bb.getShort();
byte[] p = new byte[pLength];
bb.get(p);
short gLength = bb.getShort();
byte[] g = new byte[gLength];
bb.get(g);
short pubKeyLength = bb.getShort();
byte[] pubKey = new byte[pubKeyLength]; // aka Ys
bb.get(pubKey);
SignatureScheme signatureScheme = SignatureScheme.findByValue(bb.getShort());
if (signatureScheme == null) {
throw new IllegalArgumentException("Unknown signature scheme");
}
short signatureLength = bb.getShort();
byte[] signature = new byte[signatureLength];
bb.get(signature);
return new DhClientParams(p, g, pubKey, signatureScheme, signature);
}
/**
* @param rawData Handshake record content
*/
public static EcdheServerParams parseServerECDHE(byte[] rawData, int offset) {
ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
byte curveTypeId = bb.get();
if(curveTypeId != 0x03) {
throw new IllegalArgumentException("Unsupported curve type");
}
CurveType curveType = CurveType.NAMED;
NamedCurve namedCurve = NamedCurve.findByValue(bb.getShort());
if (namedCurve == null) {
throw new IllegalArgumentException("Unsupported named curve");
}
byte pubkeyLength = bb.get();
byte[] pubkey = new byte[pubkeyLength];
bb.get(pubkey);
SignatureScheme signatureScheme = SignatureScheme.findByValue(bb.getShort());
if (signatureScheme == null) {
throw new IllegalArgumentException("Unknown signature scheme");
}
short signatureLength = bb.getShort();
byte[] signature = new byte[signatureLength];
bb.get(signature);
return new EcdheServerParams(curveType, namedCurve, pubkey, signatureScheme, signature);
}
// https://ldapwiki.com/wiki/ClientKeyExchange
/**
* Suitable for both DH and ECDHE
* @param rawData Handshake record content
*/
public static byte[] getClientDHPubkey(byte[] rawData, int offset) {
ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
byte length = bb.get();
byte[] pubkey = new byte[length];
bb.get(pubkey);
return pubkey;
}
public static byte[] getClientRsaPreMaster(byte[] rawData, int offset) {
ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
int length = bb.getShort();
byte[] encryptedPreMaster = new byte[length];
bb.get(encryptedPreMaster);
return encryptedPreMaster;
}
}

16
src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/CurveType.java
View File

@@ -1,16 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.keys.enums;
public enum CurveType {
NAMED((byte) 0x03);
private final byte value;
CurveType(byte value) {
this.value = value;
}
public byte getValue() {
return value;
}
}

57
src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/NamedCurve.java
View File

@@ -1,57 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.keys.enums;
import java.util.HashMap;
import java.util.Map;
public enum NamedCurve {
SECT163K1((short) 1),
SECT163R1((short) 2),
SECT163R2((short) 3),
SECT193R1((short) 4),
SECT193R2((short) 5),
SECT233K1((short) 6),
SECT233R1((short) 7),
SECT239K1((short) 8),
SECT283K1((short) 9),
SECT283R1((short) 10),
SECT409K1((short) 11),
SECT409R1((short) 12),
SECT571K1((short) 13),
SECT571R1((short) 14),
SECP160K1((short) 15),
SECP160R1((short) 16),
SECP160R2((short) 17),
SECP192K1((short) 18),
SECP192R1((short) 19),
SECP224K1((short) 20),
SECP224R1((short) 21),
SECP256K1((short) 22),
SECP256R1((short) 23),
SECP384R1((short) 24),
SECP521R1((short) 25),
X25519((short) 29),
X448((short) 30);
private final short value;
private static final Map<Short, NamedCurve> map = new HashMap<>();
NamedCurve(short value) {
this.value = value;
}
static {
for (NamedCurve curve : values()) {
map.put(curve.getValue(), curve);
}
}
public short getValue() {
return value;
}
public static NamedCurve findByValue(short value) {
return map.get(value);
}
}

58
src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureScheme.java
View File

@@ -1,58 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.keys.enums;
import java.util.HashMap;
import java.util.Map;
public enum SignatureScheme {
/* RSASSA-PKCS1-v1_5 algorithms */
RSA_PKCS1_SHA256((short) 0x0401),
RSA_PKCS1_SHA384((short) 0x0501),
RSA_PKCS1_SHA512((short) 0x0601),
/* ECDSA algorithms */
ECDSA_SECP256R1_SHA256((short) 0x0403),
ECDSA_SECP384R1_SHA384((short) 0x0503),
ECDSA_SECP521R1_SHA512((short) 0x0603),
/* RSASSA-PSS algorithms with public key OID RSAEncryption */
RSA_PSS_RSAE_SHA256((short) 0x0804),
RSA_PSS_RSAE_SHA384((short) 0x0805),
RSA_PSS_RSAE_SHA512((short) 0x0806),
/* EDDSA algorithms */
ED25519((short) 0x0807),
ED448((short) 0x0808),
/* RSASSA-PSS algorithms with public key OID RSASSA-PSS */
RSA_PSS_PSS_SHA256((short) 0x0809),
RSA_PSS_PSS_SHA384((short) 0x080a),
RSA_PSS_PSS_SHA512((short) 0x080b),
/* Legacy algorithms */
RSA_PKCS1_SHA1((short) 0x0201),
ECDSA_SHA1((short) 0x0203);
private final short value;
private static final Map<Short, SignatureScheme> map = new HashMap<>();
SignatureScheme(short value) {
this.value = value;
}
static {
for (SignatureScheme curve : values()) {
map.put(curve.getValue(), curve);
}
}
public short getValue() {
return value;
}
public static SignatureScheme findByValue(short value) {
return map.get(value);
}
}

65
src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/AlertDescription.java
View File

@@ -1,65 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.numbers;
import org.pcap4j.packet.namednumber.NamedNumber;
import java.util.HashMap;
import java.util.Map;
public class AlertDescription extends NamedNumber<Byte, AlertDescription> {
private static final Map<Byte, AlertDescription> registry = new HashMap<>();
public static AlertDescription close_notify = new AlertDescription((byte) 0, "close_notify");
public static AlertDescription unexpected_message = new AlertDescription((byte) 10, "unexpected_message");
public static AlertDescription bad_record_mac = new AlertDescription((byte) 20, "bad_record_mac");
public static AlertDescription decryption_failed_RESERVED = new AlertDescription((byte) 21, "decryption_failed_RESERVED");
public static AlertDescription record_overflow = new AlertDescription((byte) 22, "record_overflow");
public static AlertDescription decompression_failure_RESERVED = new AlertDescription((byte) 30, "decompression_failure_RESERVED");
public static AlertDescription handshake_failure = new AlertDescription((byte) 40, "handshake_failure");
public static AlertDescription no_certificate_RESERVED = new AlertDescription((byte) 41, "no_certificate_RESERVED");
public static AlertDescription bad_certificate = new AlertDescription((byte) 42, "bad_certificate");
public static AlertDescription unsupported_certificate = new AlertDescription((byte) 43, "unsupported_certificate");
public static AlertDescription certificate_revoked = new AlertDescription((byte) 44, "certificate_revoked");
public static AlertDescription certificate_expired = new AlertDescription((byte) 45, "certificate_expired");
public static AlertDescription certificate_unknown = new AlertDescription((byte) 46, "certificate_unknown");
public static AlertDescription illegal_parameter = new AlertDescription((byte) 47, "illegal_parameter");
public static AlertDescription unknown_ca = new AlertDescription((byte) 48, "unknown_ca");
public static AlertDescription access_denied = new AlertDescription((byte) 49, "access_denied");
public static AlertDescription decode_error = new AlertDescription((byte) 50, "decode_error");
public static AlertDescription decrypt_error = new AlertDescription((byte) 51, "decrypt_error");
public static AlertDescription export_restriction_RESERVED = new AlertDescription((byte) 60, "export_restriction_RESERVED");
public static AlertDescription protocol_version = new AlertDescription((byte) 70, "protocol_version");
public static AlertDescription insufficient_security = new AlertDescription((byte) 71, "insufficient_security");
public static AlertDescription internal_error = new AlertDescription((byte) 80, "internal_error");
public static AlertDescription inappropriate_fallback = new AlertDescription((byte) 86, "inappropriate_fallback");
public static AlertDescription user_canceled = new AlertDescription((byte) 90, "user_canceled");
public static AlertDescription no_renegotiation_RESERVED = new AlertDescription((byte) 100, "no_renegotiation_RESERVED");
public static AlertDescription missing_extension = new AlertDescription((byte) 109, "missing_extension");
public static AlertDescription unsupported_extension = new AlertDescription((byte) 110, "unsupported_extension");
public static AlertDescription certificate_unobtainable_RESERVED = new AlertDescription((byte) 111, "certificate_unobtainable_RESERVED");
public static AlertDescription unrecognized_name = new AlertDescription((byte) 112, "unrecognized_name");
public static AlertDescription bad_certificate_status_response = new AlertDescription((byte) 113, "bad_certificate_status_response");
public static AlertDescription bad_certificate_hash_value_RESERVED = new AlertDescription((byte) 114, "bad_certificate_hash_value_RESERVED");
public static AlertDescription unknown_psk_identity = new AlertDescription((byte) 115, "unknown_psk_identity");
public static AlertDescription certificate_required = new AlertDescription((byte) 116, "certificate_required");
public static AlertDescription no_application_protocol = new AlertDescription((byte) 120, "no_application_protocol");
public AlertDescription(Byte value, String name) {
super(value, name);
registry.put(value, this);
}
public static AlertDescription getInstance(Byte value) {
if (registry.containsKey(value)) {
return registry.get(value);
} else {
throw new IllegalArgumentException("Unknown alert description: " + value);
}
}
@Override
public int compareTo(AlertDescription o) {
return value().compareTo(o.value());
}
}

32
src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/AlertLevel.java
View File

@@ -1,32 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.numbers;
import org.pcap4j.packet.namednumber.NamedNumber;
import java.util.HashMap;
import java.util.Map;
@SuppressWarnings("unused")
public class AlertLevel extends NamedNumber<Byte, AlertLevel> {
private static final Map<Byte, AlertLevel> registry = new HashMap<>();
public static final AlertLevel WARNING = new AlertLevel((byte) 1, "warning");
public static final AlertLevel FATAL = new AlertLevel((byte) 2, "fatal");
public static final AlertLevel ENCRYPTED_ALERT = new AlertLevel((byte) 0, "encrypted alert");
public AlertLevel(Byte value, String name) {
super(value, name);
registry.put(value, this);
}
public static AlertLevel getInstance(Byte value) {
return registry.getOrDefault(value, ENCRYPTED_ALERT);
}
@Override
public int compareTo(AlertLevel o) {
return value().compareTo(o.value());
}
}

741
src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/CipherSuite.java
View File

@@ -1,741 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.numbers;
import org.pcap4j.packet.namednumber.NamedNumber;
import java.util.HashMap;
import java.util.Map;
@SuppressWarnings("unused")
public class CipherSuite extends NamedNumber<Short, CipherSuite> {
private static final Map<Short, CipherSuite> registry = new HashMap<>();
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
public static final CipherSuite TLS_NULL_WITH_NULL_NULL =
new CipherSuite((short) 0x0000, "TLS_NULL_WITH_NULL_NULL");
public static final CipherSuite TLS_RSA_WITH_NULL_MD5 =
new CipherSuite((short) 0x0001, "TLS_RSA_WITH_NULL_MD5");
public static final CipherSuite TLS_RSA_WITH_NULL_SHA =
new CipherSuite((short) 0x0002, "TLS_RSA_WITH_NULL_SHA");
public static final CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 =
new CipherSuite((short) 0x0003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5");
public static final CipherSuite TLS_RSA_WITH_RC4_128_MD5 =
new CipherSuite((short) 0x0004, "TLS_RSA_WITH_RC4_128_MD5");
public static final CipherSuite TLS_RSA_WITH_RC4_128_SHA =
new CipherSuite((short) 0x0005, "TLS_RSA_WITH_RC4_128_SHA");
public static final CipherSuite TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 =
new CipherSuite((short) 0x0006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5");
public static final CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA =
new CipherSuite((short) 0x0007, "TLS_RSA_WITH_IDEA_CBC_SHA");
public static final CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA =
new CipherSuite((short) 0x0008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA");
public static final CipherSuite TLS_RSA_WITH_DES_CBC_SHA =
new CipherSuite((short) 0x0009, "TLS_RSA_WITH_DES_CBC_SHA");
public static final CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0x000A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA =
new CipherSuite((short) 0x000B, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA");
public static final CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA =
new CipherSuite((short) 0x000C, "TLS_DH_DSS_WITH_DES_CBC_SHA");
public static final CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0x000D, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA =
new CipherSuite((short) 0x000E, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA");
public static final CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA =
new CipherSuite((short) 0x000F, "TLS_DH_RSA_WITH_DES_CBC_SHA");
public static final CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0x0010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA =
new CipherSuite((short) 0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
public static final CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA =
new CipherSuite((short) 0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA");
public static final CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA =
new CipherSuite((short) 0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA");
public static final CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA =
new CipherSuite((short) 0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA");
public static final CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 =
new CipherSuite((short) 0x0017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5");
public static final CipherSuite TLS_DH_anon_WITH_RC4_128_MD5 =
new CipherSuite((short) 0x0018, "TLS_DH_anon_WITH_RC4_128_MD5");
public static final CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA =
new CipherSuite((short) 0x0019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA");
public static final CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA =
new CipherSuite((short) 0x001A, "TLS_DH_anon_WITH_DES_CBC_SHA");
public static final CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0x001B, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_KRB5_WITH_DES_CBC_SHA =
new CipherSuite((short) 0x001E, "TLS_KRB5_WITH_DES_CBC_SHA");
public static final CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0x001F, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_KRB5_WITH_RC4_128_SHA =
new CipherSuite((short) 0x0020, "TLS_KRB5_WITH_RC4_128_SHA");
public static final CipherSuite TLS_KRB5_WITH_IDEA_CBC_SHA =
new CipherSuite((short) 0x0021, "TLS_KRB5_WITH_IDEA_CBC_SHA");
public static final CipherSuite TLS_KRB5_WITH_DES_CBC_MD5 =
new CipherSuite((short) 0x0022, "TLS_KRB5_WITH_DES_CBC_MD5");
public static final CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_MD5 =
new CipherSuite((short) 0x0023, "TLS_KRB5_WITH_3DES_EDE_CBC_MD5");
public static final CipherSuite TLS_KRB5_WITH_RC4_128_MD5 =
new CipherSuite((short) 0x0024, "TLS_KRB5_WITH_RC4_128_MD5");
public static final CipherSuite TLS_KRB5_WITH_IDEA_CBC_MD5 =
new CipherSuite((short) 0x0025, "TLS_KRB5_WITH_IDEA_CBC_MD5");
public static final CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA =
new CipherSuite((short) 0x0026, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA");
public static final CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA =
new CipherSuite((short) 0x0027, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA");
public static final CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_SHA =
new CipherSuite((short) 0x0028, "TLS_KRB5_EXPORT_WITH_RC4_40_SHA");
public static final CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 =
new CipherSuite((short) 0x0029, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5");
public static final CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 =
new CipherSuite((short) 0x002A, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5");
public static final CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_MD5 =
new CipherSuite((short) 0x002B, "TLS_KRB5_EXPORT_WITH_RC4_40_MD5");
public static final CipherSuite TLS_PSK_WITH_NULL_SHA =
new CipherSuite((short) 0x002C, "TLS_PSK_WITH_NULL_SHA");
public static final CipherSuite TLS_DHE_PSK_WITH_NULL_SHA =
new CipherSuite((short) 0x002D, "TLS_DHE_PSK_WITH_NULL_SHA");
public static final CipherSuite TLS_RSA_PSK_WITH_NULL_SHA =
new CipherSuite((short) 0x002E, "TLS_RSA_PSK_WITH_NULL_SHA");
public static final CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0x002F, "TLS_RSA_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_RSA_WITH_NULL_SHA256 =
new CipherSuite((short) 0x003B, "TLS_RSA_WITH_NULL_SHA256");
public static final CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0x003C, "TLS_RSA_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA256 =
new CipherSuite((short) 0x003D, "TLS_RSA_WITH_AES_256_CBC_SHA256");
public static final CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0x003E, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0x003F, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0x0040, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA =
new CipherSuite((short) 0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA");
public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA =
new CipherSuite((short) 0x0042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA");
public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA =
new CipherSuite((short) 0x0043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA");
public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA =
new CipherSuite((short) 0x0044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA");
public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA =
new CipherSuite((short) 0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA");
public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA =
new CipherSuite((short) 0x0046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA");
public static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0x0067, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA256 =
new CipherSuite((short) 0x0068, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256");
public static final CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA256 =
new CipherSuite((short) 0x0069, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256");
public static final CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 =
new CipherSuite((short) 0x006A, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256");
public static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 =
new CipherSuite((short) 0x006B, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256");
public static final CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0x006C, "TLS_DH_anon_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA256 =
new CipherSuite((short) 0x006D, "TLS_DH_anon_WITH_AES_256_CBC_SHA256");
public static final CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA =
new CipherSuite((short) 0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA");
public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA =
new CipherSuite((short) 0x0085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA");
public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA =
new CipherSuite((short) 0x0086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA");
public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA =
new CipherSuite((short) 0x0087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA");
public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA =
new CipherSuite((short) 0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA");
public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA =
new CipherSuite((short) 0x0089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA");
public static final CipherSuite TLS_PSK_WITH_RC4_128_SHA =
new CipherSuite((short) 0x008A, "TLS_PSK_WITH_RC4_128_SHA");
public static final CipherSuite TLS_PSK_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0x008B, "TLS_PSK_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0x008C, "TLS_PSK_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0x008D, "TLS_PSK_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_DHE_PSK_WITH_RC4_128_SHA =
new CipherSuite((short) 0x008E, "TLS_DHE_PSK_WITH_RC4_128_SHA");
public static final CipherSuite TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0x008F, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0x0090, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0x0091, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_RSA_PSK_WITH_RC4_128_SHA =
new CipherSuite((short) 0x0092, "TLS_RSA_PSK_WITH_RC4_128_SHA");
public static final CipherSuite TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0x0093, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0x0094, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0x0095, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_RSA_WITH_SEED_CBC_SHA =
new CipherSuite((short) 0x0096, "TLS_RSA_WITH_SEED_CBC_SHA");
public static final CipherSuite TLS_DH_DSS_WITH_SEED_CBC_SHA =
new CipherSuite((short) 0x0097, "TLS_DH_DSS_WITH_SEED_CBC_SHA");
public static final CipherSuite TLS_DH_RSA_WITH_SEED_CBC_SHA =
new CipherSuite((short) 0x0098, "TLS_DH_RSA_WITH_SEED_CBC_SHA");
public static final CipherSuite TLS_DHE_DSS_WITH_SEED_CBC_SHA =
new CipherSuite((short) 0x0099, "TLS_DHE_DSS_WITH_SEED_CBC_SHA");
public static final CipherSuite TLS_DHE_RSA_WITH_SEED_CBC_SHA =
new CipherSuite((short) 0x009A, "TLS_DHE_RSA_WITH_SEED_CBC_SHA");
public static final CipherSuite TLS_DH_anon_WITH_SEED_CBC_SHA =
new CipherSuite((short) 0x009B, "TLS_DH_anon_WITH_SEED_CBC_SHA");
public static final CipherSuite TLS_RSA_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0x009C, "TLS_RSA_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_RSA_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0x009D, "TLS_RSA_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0x009E, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0x009F, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_DH_RSA_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0x00A0, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_DH_RSA_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0x00A1, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0x00A2, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0x00A3, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_DH_DSS_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0x00A4, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_DH_DSS_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0x00A5, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_DH_anon_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0x00A6, "TLS_DH_anon_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_DH_anon_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0x00A7, "TLS_DH_anon_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_PSK_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0x00A8, "TLS_PSK_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_PSK_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0x00A9, "TLS_PSK_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0x00AA, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0x00AB, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0x00AC, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0x00AD, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0x00AE, "TLS_PSK_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA384 =
new CipherSuite((short) 0x00AF, "TLS_PSK_WITH_AES_256_CBC_SHA384");
public static final CipherSuite TLS_PSK_WITH_NULL_SHA256 =
new CipherSuite((short) 0x00B0, "TLS_PSK_WITH_NULL_SHA256");
public static final CipherSuite TLS_PSK_WITH_NULL_SHA384 =
new CipherSuite((short) 0x00B1, "TLS_PSK_WITH_NULL_SHA384");
public static final CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0x00B2, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 =
new CipherSuite((short) 0x00B3, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384");
public static final CipherSuite TLS_DHE_PSK_WITH_NULL_SHA256 =
new CipherSuite((short) 0x00B4, "TLS_DHE_PSK_WITH_NULL_SHA256");
public static final CipherSuite TLS_DHE_PSK_WITH_NULL_SHA384 =
new CipherSuite((short) 0x00B5, "TLS_DHE_PSK_WITH_NULL_SHA384");
public static final CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0x00B6, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 =
new CipherSuite((short) 0x00B7, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384");
public static final CipherSuite TLS_RSA_PSK_WITH_NULL_SHA256 =
new CipherSuite((short) 0x00B8, "TLS_RSA_PSK_WITH_NULL_SHA256");
public static final CipherSuite TLS_RSA_PSK_WITH_NULL_SHA384 =
new CipherSuite((short) 0x00B9, "TLS_RSA_PSK_WITH_NULL_SHA384");
public static final CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0x00BA, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0x00BB, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0x00BC, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0x00BD, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0x00BE, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0x00BF, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 =
new CipherSuite((short) 0x00C0, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256");
public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 =
new CipherSuite((short) 0x00C1, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256");
public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 =
new CipherSuite((short) 0x00C2, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256");
public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 =
new CipherSuite((short) 0x00C3, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256");
public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 =
new CipherSuite((short) 0x00C4, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256");
public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 =
new CipherSuite((short) 0x00C5, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256");
public static final CipherSuite TLS_EMPTY_RENEGOTIATION_INFO_SCSV =
new CipherSuite((short) 0x00FF, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV");
public static final CipherSuite RESERVED_GREASE_0x0A0A =
new CipherSuite((short) 0x0A0A, "Reserved (GREASE)");
public static final CipherSuite TLS_AES_128_GCM_SHA256 =
new CipherSuite((short) 0x1301, "TLS_AES_128_GCM_SHA256");
public static final CipherSuite TLS_AES_256_GCM_SHA384 =
new CipherSuite((short) 0x1302, "TLS_AES_256_GCM_SHA384");
public static final CipherSuite TLS_CHACHA20_POLY1305_SHA256 =
new CipherSuite((short) 0x1303, "TLS_CHACHA20_POLY1305_SHA256");
public static final CipherSuite TLS_AES_128_CCM_SHA256 =
new CipherSuite((short) 0x1304, "TLS_AES_128_CCM_SHA256");
public static final CipherSuite RESERVED_GREASE_0x1A1A =
new CipherSuite((short) 0x1A1A, "Reserved (GREASE)");
public static final CipherSuite RESERVED_GREASE_0x2A2A =
new CipherSuite((short) 0x2A2A, "Reserved (GREASE)");
public static final CipherSuite RESERVED_GREASE_0x3A3A =
new CipherSuite((short) 0x3A3A, "Reserved (GREASE)");
public static final CipherSuite RESERVED_GREASE_0x4A4A =
new CipherSuite((short) 0x4A4A, "Reserved (GREASE)");
public static final CipherSuite TLS_FALLBACK_SCSV =
new CipherSuite((short) 0x5600, "TLS_FALLBACK_SCSV");
public static final CipherSuite RESERVED_GREASE_0x5A5A =
new CipherSuite((short) 0x5A5A, "Reserved (GREASE)");
public static final CipherSuite RESERVED_GREASE_0x6A6A =
new CipherSuite((short) 0x6A6A, "Reserved (GREASE)");
public static final CipherSuite RESERVED_GREASE_0x7A7A =
new CipherSuite((short) 0x7A7A, "Reserved (GREASE)");
public static final CipherSuite RESERVED_GREASE_0x8A8A =
new CipherSuite((short) 0x8A8A, "Reserved (GREASE)");
public static final CipherSuite RESERVED_GREASE_0x9A9A =
new CipherSuite((short) 0x9A9A, "Reserved (GREASE)");
public static final CipherSuite RESERVED_GREASE_0xAAAA =
new CipherSuite((short) 0xAAAA, "Reserved (GREASE)");
public static final CipherSuite RESERVED_GREASE_0xBABA =
new CipherSuite((short) 0xBABA, "Reserved (GREASE)");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_NULL_SHA =
new CipherSuite((short) 0xC001, "TLS_ECDH_ECDSA_WITH_NULL_SHA");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA =
new CipherSuite((short) 0xC002, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0xC003, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0xC004, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0xC005, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_NULL_SHA =
new CipherSuite((short) 0xC006, "TLS_ECDHE_ECDSA_WITH_NULL_SHA");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_RC4_128_SHA =
new CipherSuite((short) 0xC007, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0xC008, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0xC009, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0xC00A, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_ECDH_RSA_WITH_NULL_SHA =
new CipherSuite((short) 0xC00B, "TLS_ECDH_RSA_WITH_NULL_SHA");
public static final CipherSuite TLS_ECDH_RSA_WITH_RC4_128_SHA =
new CipherSuite((short) 0xC00C, "TLS_ECDH_RSA_WITH_RC4_128_SHA");
public static final CipherSuite TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0xC00D, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0xC00E, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0xC00F, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_ECDHE_RSA_WITH_NULL_SHA =
new CipherSuite((short) 0xC010, "TLS_ECDHE_RSA_WITH_NULL_SHA");
public static final CipherSuite TLS_ECDHE_RSA_WITH_RC4_128_SHA =
new CipherSuite((short) 0xC011, "TLS_ECDHE_RSA_WITH_RC4_128_SHA");
public static final CipherSuite TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0xC012, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0xC013, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0xC014, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_ECDH_anon_WITH_NULL_SHA =
new CipherSuite((short) 0xC015, "TLS_ECDH_anon_WITH_NULL_SHA");
public static final CipherSuite TLS_ECDH_anon_WITH_RC4_128_SHA =
new CipherSuite((short) 0xC016, "TLS_ECDH_anon_WITH_RC4_128_SHA");
public static final CipherSuite TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0xC017, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_ECDH_anon_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0xC018, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_ECDH_anon_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0xC019, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0xC01A, "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0xC01B, "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0xC01C, "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_SRP_SHA_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0xC01D, "TLS_SRP_SHA_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0xC01E, "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0xC01F, "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_SRP_SHA_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0xC020, "TLS_SRP_SHA_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0xC021, "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0xC022, "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0xC023, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 =
new CipherSuite((short) 0xC024, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0xC025, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 =
new CipherSuite((short) 0xC026, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384");
public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0xC027, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 =
new CipherSuite((short) 0xC028, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384");
public static final CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0xC029, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 =
new CipherSuite((short) 0xC02A, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0xC02B, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0xC02C, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0xC02D, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0xC02E, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0xC02F, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0xC030, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0xC031, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0xC032, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_ECDHE_PSK_WITH_RC4_128_SHA =
new CipherSuite((short) 0xC033, "TLS_ECDHE_PSK_WITH_RC4_128_SHA");
public static final CipherSuite TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA =
new CipherSuite((short) 0xC034, "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA");
public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA =
new CipherSuite((short) 0xC035, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA");
public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA =
new CipherSuite((short) 0xC036, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA");
public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 =
new CipherSuite((short) 0xC037, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256");
public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 =
new CipherSuite((short) 0xC038, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384");
public static final CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA =
new CipherSuite((short) 0xC039, "TLS_ECDHE_PSK_WITH_NULL_SHA");
public static final CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA256 =
new CipherSuite((short) 0xC03A, "TLS_ECDHE_PSK_WITH_NULL_SHA256");
public static final CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA384 =
new CipherSuite((short) 0xC03B, "TLS_ECDHE_PSK_WITH_NULL_SHA384");
public static final CipherSuite TLS_RSA_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC03C, "TLS_RSA_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_RSA_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC03D, "TLS_RSA_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC03E, "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC03F, "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC040, "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC041, "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC042, "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC043, "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC044, "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC045, "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC046, "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC047, "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC048, "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC049, "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC04A, "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC04B, "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC04C, "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC04D, "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC04E, "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC04F, "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_RSA_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC050, "TLS_RSA_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_RSA_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC051, "TLS_RSA_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC052, "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC053, "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC054, "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC055, "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC056, "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC057, "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC058, "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC059, "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC05A, "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC05B, "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC05C, "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC05D, "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC05E, "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC05F, "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC060, "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC061, "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC062, "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC063, "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_PSK_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC064, "TLS_PSK_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_PSK_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC065, "TLS_PSK_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC066, "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC067, "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC068, "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC069, "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_PSK_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC06A, "TLS_PSK_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_PSK_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC06B, "TLS_PSK_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC06C, "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC06D, "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC06E, "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256");
public static final CipherSuite TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC06F, "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384");
public static final CipherSuite TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC070, "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256");
public static final CipherSuite TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC071, "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC072, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC073, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC074, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC075, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384");
public static final CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC076, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC077, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384");
public static final CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC078, "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC079, "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384");
public static final CipherSuite TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC07A, "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC07B, "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC07C, "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC07D, "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC07E, "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC07F, "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC080, "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC081, "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC082, "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC083, "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC084, "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC085, "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC086, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC087, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC088, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC089, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC08A, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC08B, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC08C, "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC08D, "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC08E, "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC08F, "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC090, "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC091, "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 =
new CipherSuite((short) 0xC092, "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256");
public static final CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 =
new CipherSuite((short) 0xC093, "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384");
public static final CipherSuite TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC094, "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC095, "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384");
public static final CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC096, "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC097, "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384");
public static final CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC098, "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC099, "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384");
public static final CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 =
new CipherSuite((short) 0xC09A, "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256");
public static final CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 =
new CipherSuite((short) 0xC09B, "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384");
public static final CipherSuite TLS_RSA_WITH_AES_128_CCM =
new CipherSuite((short) 0xC09C, "TLS_RSA_WITH_AES_128_CCM");
public static final CipherSuite TLS_RSA_WITH_AES_256_CCM =
new CipherSuite((short) 0xC09D, "TLS_RSA_WITH_AES_256_CCM");
public static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM =
new CipherSuite((short) 0xC09E, "TLS_DHE_RSA_WITH_AES_128_CCM");
public static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM =
new CipherSuite((short) 0xC09F, "TLS_DHE_RSA_WITH_AES_256_CCM");
public static final CipherSuite TLS_RSA_WITH_AES_128_CCM_8 =
new CipherSuite((short) 0xC0A0, "TLS_RSA_WITH_AES_128_CCM_8");
public static final CipherSuite TLS_RSA_WITH_AES_256_CCM_8 =
new CipherSuite((short) 0xC0A1, "TLS_RSA_WITH_AES_256_CCM_8");
public static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM_8 =
new CipherSuite((short) 0xC0A2, "TLS_DHE_RSA_WITH_AES_128_CCM_8");
public static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM_8 =
new CipherSuite((short) 0xC0A3, "TLS_DHE_RSA_WITH_AES_256_CCM_8");
public static final CipherSuite TLS_PSK_WITH_AES_128_CCM =
new CipherSuite((short) 0xC0A4, "TLS_PSK_WITH_AES_128_CCM");
public static final CipherSuite TLS_PSK_WITH_AES_256_CCM =
new CipherSuite((short) 0xC0A5, "TLS_PSK_WITH_AES_256_CCM");
public static final CipherSuite TLS_DHE_PSK_WITH_AES_128_CCM =
new CipherSuite((short) 0xC0A6, "TLS_DHE_PSK_WITH_AES_128_CCM");
public static final CipherSuite TLS_DHE_PSK_WITH_AES_256_CCM =
new CipherSuite((short) 0xC0A7, "TLS_DHE_PSK_WITH_AES_256_CCM");
public static final CipherSuite TLS_PSK_WITH_AES_128_CCM_8 =
new CipherSuite((short) 0xC0A8, "TLS_PSK_WITH_AES_128_CCM_8");
public static final CipherSuite TLS_PSK_WITH_AES_256_CCM_8 =
new CipherSuite((short) 0xC0A9, "TLS_PSK_WITH_AES_256_CCM_8");
public static final CipherSuite TLS_PSK_DHE_WITH_AES_128_CCM_8 =
new CipherSuite((short) 0xC0AA, "TLS_PSK_DHE_WITH_AES_128_CCM_8");
public static final CipherSuite TLS_PSK_DHE_WITH_AES_256_CCM_8 =
new CipherSuite((short) 0xC0AB, "TLS_PSK_DHE_WITH_AES_256_CCM_8");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM =
new CipherSuite((short) 0xC0AC, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM =
new CipherSuite((short) 0xC0AD, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 =
new CipherSuite((short) 0xC0AE, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 =
new CipherSuite((short) 0xC0AF, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8");
public static final CipherSuite TLS_ECCPWD_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0xC0B0, "TLS_ECCPWD_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_ECCPWD_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0xC0B1, "TLS_ECCPWD_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_ECCPWD_WITH_AES_128_CCM_SHA256 =
new CipherSuite((short) 0xC0B2, "TLS_ECCPWD_WITH_AES_128_CCM_SHA256");
public static final CipherSuite TLS_ECCPWD_WITH_AES_256_CCM_SHA384 =
new CipherSuite((short) 0xC0B3, "TLS_ECCPWD_WITH_AES_256_CCM_SHA384");
public static final CipherSuite RESERVED_GREASE_0xCACA =
new CipherSuite((short) 0xCACA, "Reserved (GREASE)");
public static final CipherSuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 =
new CipherSuite((short) 0xCCA8, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256");
public static final CipherSuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 =
new CipherSuite((short) 0xCCA9, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256");
public static final CipherSuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 =
new CipherSuite((short) 0xCCAA, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256");
public static final CipherSuite TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 =
new CipherSuite((short) 0xCCAB, "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256");
public static final CipherSuite TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 =
new CipherSuite((short) 0xCCAC, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256");
public static final CipherSuite TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 =
new CipherSuite((short) 0xCCAD, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256");
public static final CipherSuite TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 =
new CipherSuite((short) 0xCCAE, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256");
public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 =
new CipherSuite((short) 0xD001, "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256");
public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 =
new CipherSuite((short) 0xD002, "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384");
public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 =
new CipherSuite((short) 0xD003, "TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256");
public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 =
new CipherSuite((short) 0xD005, "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256");
public static final CipherSuite RESERVED_GREASE_0xDADA =
new CipherSuite((short) 0xDADA, "Reserved (GREASE)");
public static final CipherSuite RESERVED_GREASE_0xEAEA =
new CipherSuite((short) 0xEAEA, "Reserved (GREASE)");
public static final CipherSuite RESERVED_GREASE_0xFAFA =
new CipherSuite((short) 0xFAFA, "Reserved (GREASE)");
public CipherSuite(Short value, String name) {
super(value, name);
registry.put(value, this);
}
public static CipherSuite getInstance(Short value) {
if (registry.containsKey(value)) {
return registry.get(value);
} else {
throw new IllegalArgumentException("Unknown cipher suite: " + value);
}
}
@Override
public int compareTo(CipherSuite o) {
return value().compareTo(o.value());
}
}

38
src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/CompressionMethod.java
View File

@@ -1,38 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.numbers;
import org.pcap4j.packet.namednumber.NamedNumber;
import java.util.HashMap;
import java.util.Map;
public class CompressionMethod extends NamedNumber<Byte, CompressionMethod> {
// https://www.iana.org/assignments/comp-meth-ids/comp-meth-ids.xhtml
public static final CompressionMethod NULL = new CompressionMethod((byte) 0, "null");
public static final CompressionMethod DEFLATE = new CompressionMethod((byte) 1, "Deflate");
public static final CompressionMethod LZS = new CompressionMethod((byte) 64, "LZS");
private static final Map<Byte, CompressionMethod> registry = new HashMap<>();
static {
registry.put(NULL.value(), NULL);
}
public CompressionMethod(Byte value, String name) {
super(value, name);
}
public static CompressionMethod getInstance(Byte value) {
if (registry.containsKey(value)) {
return registry.get(value);
} else {
return new CompressionMethod(value, "Unknown");
}
}
@Override
public int compareTo(CompressionMethod o) {
return value().compareTo(o.value());
}
}

44
src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/ContentType.java
View File

@@ -1,44 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.numbers;
import org.pcap4j.packet.namednumber.NamedNumber;
import java.util.HashMap;
import java.util.Map;
public class ContentType extends NamedNumber<Byte, ContentType> {
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
public static final ContentType CHANGE_CIPHER_SPEC = new ContentType((byte) 20, "Change Cipher Spec");
public static final ContentType ALERT = new ContentType((byte) 21, "Alert");
public static final ContentType HANDSHAKE = new ContentType((byte) 22, "Handshake");
public static final ContentType APPLICATION_DATA = new ContentType((byte) 23, "Application Data");
public static final ContentType HEARTBEAT = new ContentType((byte) 24, "Heartbeat");
private static final Map<Byte, ContentType> registry = new HashMap<>();
static {
registry.put(CHANGE_CIPHER_SPEC.value(), CHANGE_CIPHER_SPEC);
registry.put(ALERT.value(), ALERT);
registry.put(HANDSHAKE.value(), HANDSHAKE);
registry.put(APPLICATION_DATA.value(), APPLICATION_DATA);
registry.put(HEARTBEAT.value(), HEARTBEAT);
}
public ContentType(Byte value, String name) {
super(value, name);
}
public static ContentType getInstance(Byte value) {
if (registry.containsKey(value)) {
return registry.get(value);
} else {
throw new IllegalArgumentException("Unknown record type " + value);
}
}
@Override
public int compareTo(ContentType o) {
return value().compareTo(o.value());
}
}

98
src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/ExtensionType.java
View File

@@ -1,98 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.numbers;
import org.pcap4j.packet.namednumber.NamedNumber;
import java.util.HashMap;
import java.util.Map;
@SuppressWarnings("unused")
public class ExtensionType extends NamedNumber<Short, ExtensionType> {
private static final Map<Short, ExtensionType> registry = new HashMap<>();
public static final ExtensionType SERVER_NAME = new ExtensionType((short) 0, "server_name");
public static final ExtensionType MAX_FRAGMENT_LENGTH = new ExtensionType((short) 1, "max_fragment_length");
public static final ExtensionType CLIENT_CERTIFICATE_URL = new ExtensionType((short) 2, "client_certificate_url");
public static final ExtensionType TRUSTED_CA_KEYS = new ExtensionType((short) 3, "trusted_ca_keys");
public static final ExtensionType TRUNCATED_HMAC = new ExtensionType((short) 4, "truncated_hmac");
public static final ExtensionType STATUS_REQUEST = new ExtensionType((short) 5, "status_request");
public static final ExtensionType USER_MAPPING = new ExtensionType((short) 6, "user_mapping");
public static final ExtensionType CLIENT_AUTHZ = new ExtensionType((short) 7, "client_authz");
public static final ExtensionType SERVER_AUTHZ = new ExtensionType((short) 8, "server_authz");
public static final ExtensionType CERT_TYPE = new ExtensionType((short) 9, "cert_type");
public static final ExtensionType SUPPORTED_GROUPS = new ExtensionType((short) 10, "supported_groups");
public static final ExtensionType EC_POINT_FORMATS = new ExtensionType((short) 11, "ec_point_formats");
public static final ExtensionType SRP = new ExtensionType((short) 12, "srp");
public static final ExtensionType SIGNATURE_ALGORITHMS = new ExtensionType((short) 13, "signature_algorithms");
public static final ExtensionType USE_SRTP = new ExtensionType((short) 14, "use_srtp");
public static final ExtensionType HEARTBEAT = new ExtensionType((short) 15, "heartbeat");
public static final ExtensionType APPLICATION_LAYER_PROTOCOL_NEGOTIATION = new ExtensionType((short) 16, "application_layer_protocol_negotiation");
public static final ExtensionType STATUS_REQUEST_V2 = new ExtensionType((short) 17, "status_request_v2");
public static final ExtensionType SIGNED_CERTIFICATE_TIMESTAMP = new ExtensionType((short) 18, "signed_certificate_timestamp");
public static final ExtensionType CLIENT_CERTIFICATE_TYPE = new ExtensionType((short) 19, "client_certificate_type");
public static final ExtensionType SERVER_CERTIFICATE_TYPE = new ExtensionType((short) 20, "server_certificate_type");
public static final ExtensionType PADDING = new ExtensionType((short) 21, "padding");
public static final ExtensionType ENCRYPT_THEN_MAC = new ExtensionType((short) 22, "encrypt_then_mac");
public static final ExtensionType EXTENDED_MASTER_SECRET = new ExtensionType((short) 23, "extended_master_secret");
public static final ExtensionType TOKEN_BINDING = new ExtensionType((short) 24, "token_binding");
public static final ExtensionType CACHED_INFO = new ExtensionType((short) 25, "cached_info");
public static final ExtensionType TLS_LTS = new ExtensionType((short) 26, "tls_lts");
public static final ExtensionType COMPRESS_CERTIFICATE = new ExtensionType((short) 27, "compress_certificate");
public static final ExtensionType RECORD_SIZE_LIMIT = new ExtensionType((short) 28, "record_size_limit");
public static final ExtensionType PWD_PROTECT = new ExtensionType((short) 29, "pwd_protect");
public static final ExtensionType PWD_CLEAR = new ExtensionType((short) 30, "pwd_clear");
public static final ExtensionType PASSWORD_SALT = new ExtensionType((short) 31, "password_salt");
public static final ExtensionType TICKET_PINNING = new ExtensionType((short) 32, "ticket_pinning");
public static final ExtensionType TLS_CERT_WITH_EXTERN_PSK = new ExtensionType((short) 33, "tls_cert_with_extern_psk");
public static final ExtensionType DELEGATED_CREDENTIALS = new ExtensionType((short) 34, "delegated_credentials");
public static final ExtensionType SESSION_TICKET = new ExtensionType((short) 35, "session_ticket");
public static final ExtensionType PRE_SHARED_KEY = new ExtensionType((short) 41, "pre_shared_key");
public static final ExtensionType EARLY_DATA = new ExtensionType((short) 42, "early_data");
public static final ExtensionType SUPPORTED_VERSIONS = new ExtensionType((short) 43, "supported_versions");
public static final ExtensionType COOKIE = new ExtensionType((short) 44, "cookie");
public static final ExtensionType PSK_KEY_EXCHANGE_MODES = new ExtensionType((short) 45, "psk_key_exchange_modes");
public static final ExtensionType CERTIFICATE_AUTHORITIES = new ExtensionType((short) 47, "certificate_authorities");
public static final ExtensionType OID_FILTERS = new ExtensionType((short) 48, "oid_filters");
public static final ExtensionType POST_HANDSHAKE_AUTH = new ExtensionType((short) 49, "post_handshake_auth");
public static final ExtensionType SIGNATURE_ALGORITHMS_CERT = new ExtensionType((short) 50, "signature_algorithms_cert");
public static final ExtensionType KEY_SHARE = new ExtensionType((short) 51, "key_share");
public static final ExtensionType TRANSPARENCY_INFO = new ExtensionType((short) 52, "transparency_info");
public static final ExtensionType CONNECTION_ID = new ExtensionType((short) 53, "connection_id");
public static final ExtensionType EXTERNAL_ID_HASH = new ExtensionType((short) 55, "external_id_hash");
public static final ExtensionType EXTERNAL_SESSION_ID = new ExtensionType((short) 56, "external_session_id");
public static final ExtensionType RESERVED_GREASE_2570 = new ExtensionType((short) 2570, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_6682 = new ExtensionType((short) 6682, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_10794 = new ExtensionType((short) 10794, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_14906 = new ExtensionType((short) 14906, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_19018 = new ExtensionType((short) 19018, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_23130 = new ExtensionType((short) 23130, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_27242 = new ExtensionType((short) 27242, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_31354 = new ExtensionType((short) 31354, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_35466 = new ExtensionType((short) 35466, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_39578 = new ExtensionType((short) 39578, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_43690 = new ExtensionType((short) 43690, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_47802 = new ExtensionType((short) 47802, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_51914 = new ExtensionType((short) 51914, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_56026 = new ExtensionType((short) 56026, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_60138 = new ExtensionType((short) 60138, "Reserved (GREASE)");
public static final ExtensionType RESERVED_GREASE_64250 = new ExtensionType((short) 64250, "Reserved (GREASE)");
public static final ExtensionType RENEGOTIATION_INFO = new ExtensionType((short) 65281, "renegotiation_info");
public ExtensionType(Short value, String name) {
super(value, name);
registry.put(value, this);
}
public static ExtensionType getInstance(Short value) {
if (registry.containsKey(value)) {
return registry.get(value);
} else {
return new ExtensionType(value, "Unknown");
}
}
@Override
public int compareTo(ExtensionType o) {
return value().compareTo(o.value());
}
}

52
src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/HandshakeType.java
View File

@@ -1,52 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.numbers;
import org.pcap4j.packet.namednumber.NamedNumber;
import java.util.HashMap;
import java.util.Map;
@SuppressWarnings("unused")
public class HandshakeType extends NamedNumber<Byte, HandshakeType> {
private static final Map<Byte, HandshakeType> registry = new HashMap<>();
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
public static final HandshakeType HELLO_REQUEST = new HandshakeType((byte) 0, "Hello Request");
public static final HandshakeType CLIENT_HELLO = new HandshakeType((byte) 1, "Client Hello");
public static final HandshakeType SERVER_HELLO = new HandshakeType((byte) 2, "Server Hello");
public static final HandshakeType HELLO_VERIFY_REQUEST = new HandshakeType((byte) 3, "Hello Verify Request");
public static final HandshakeType NEW_SESSION_TICKET = new HandshakeType((byte) 4, "New Session Ticket");
public static final HandshakeType END_OF_EARLY_DATA = new HandshakeType((byte) 5, "End Of Early Data");
public static final HandshakeType HELLO_RETRY_REQUEST = new HandshakeType((byte) 6, "Hello Retry Request");
public static final HandshakeType ENCRYPTED_EXTENSIONS = new HandshakeType((byte) 8, "Encrypted Extensions");
public static final HandshakeType CERTIFICATE = new HandshakeType((byte) 11, "Certificate");
public static final HandshakeType SERVER_KEY_EXCHANGE = new HandshakeType((byte) 12, "Server Key Excange");
public static final HandshakeType CERTIFICATE_REQUEST = new HandshakeType((byte) 13, "Certificate Request");
public static final HandshakeType SERVER_HELLO_DONE = new HandshakeType((byte) 14, "Server Hello Done");
public static final HandshakeType CERTIFICATE_VERIFY = new HandshakeType((byte) 15, "Certificate Verify");
public static final HandshakeType CLIENT_KEY_EXCHANGE = new HandshakeType((byte) 16, "Client Key Exchange");
public static final HandshakeType FINISHED = new HandshakeType((byte) 20, "Finished");
public static final HandshakeType CERTIFICATE_URL = new HandshakeType((byte) 21, "Certificate URL");
public static final HandshakeType CERTIFICATE_STATUS = new HandshakeType((byte) 22, "Certificate Status");
public static final HandshakeType SUPPLEMENTAL_DATA = new HandshakeType((byte) 23, "Supplemental Data");
public static final HandshakeType KEY_UPDATE = new HandshakeType((byte) 24, "Key Update");
public static final HandshakeType COMPRESSED_CERTIFICATE = new HandshakeType((byte) 25, "Compressed Certificate");
public static final HandshakeType MESSAGE_HASH = new HandshakeType((byte) 254, "Message Hash");
public static final HandshakeType ENCRYPTED_HANDSHAKE_MESSAGE = new HandshakeType((byte) 255, "Encrypted Handshake Message");
public HandshakeType(Byte value, String name) {
super(value, name);
registry.put(value, this);
}
public static HandshakeType getInstance(Byte value) {
return registry.getOrDefault(value, ENCRYPTED_HANDSHAKE_MESSAGE);
}
@Override
public int compareTo(HandshakeType o) {
return value().compareTo(o.value());
}
}

33
src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/HeartbeatMessageType.java
View File

@@ -1,33 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.numbers;
import org.pcap4j.packet.namednumber.NamedNumber;
import java.util.HashMap;
import java.util.Map;
public class HeartbeatMessageType extends NamedNumber<Byte, HeartbeatMessageType> {
private static final Map<Byte, HeartbeatMessageType> registry = new HashMap<>();
public static final HeartbeatMessageType HEARTBEAT_REQUEST = new HeartbeatMessageType((byte) 1, "heartbeat_request");
public static final HeartbeatMessageType HEARTBEAT_RESPONSE = new HeartbeatMessageType((byte) 2, "heartbeat_response");
public HeartbeatMessageType(Byte value, String name) {
super(value, name);
registry.put(value, this);
}
public static HeartbeatMessageType getInstance(Byte value) {
if (registry.containsKey(value)) {
return registry.get(value);
} else {
throw new IllegalArgumentException("Unknown heartbeat message type: " + value);
}
}
@Override
public int compareTo(HeartbeatMessageType o) {
return value().compareTo(o.value());
}
}

98
src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/KeyGroup.java
View File

@@ -1,98 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.numbers;
import org.pcap4j.packet.namednumber.NamedNumber;
import java.util.HashMap;
import java.util.Map;
@SuppressWarnings("unused")
public class KeyGroup extends NamedNumber<Short, KeyGroup> {
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
private static final Map<Short, KeyGroup> registry = new HashMap<>();
public static final KeyGroup RESERVED_GREASE_0 = new KeyGroup((short) 0, "Reserved (GREASE)");
public static final KeyGroup SECT163K1 = new KeyGroup((short) 1, "sect163k1");
public static final KeyGroup SECT163R1 = new KeyGroup((short) 2, "sect163r1");
public static final KeyGroup SECT163R2 = new KeyGroup((short) 3, "sect163r2");
public static final KeyGroup SECT193R1 = new KeyGroup((short) 4, "sect193r1");
public static final KeyGroup SECT193R2 = new KeyGroup((short) 5, "sect193r2");
public static final KeyGroup SECT233K1 = new KeyGroup((short) 6, "sect233k1");
public static final KeyGroup SECT233R1 = new KeyGroup((short) 7, "sect233r1");
public static final KeyGroup SECT239K1 = new KeyGroup((short) 8, "sect239k1");
public static final KeyGroup SECT283K1 = new KeyGroup((short) 9, "sect283k1");
public static final KeyGroup SECT283R1 = new KeyGroup((short) 10, "sect283r1");
public static final KeyGroup SECT409K1 = new KeyGroup((short) 11, "sect409k1");
public static final KeyGroup SECT409R1 = new KeyGroup((short) 12, "sect409r1");
public static final KeyGroup SECT571K1 = new KeyGroup((short) 13, "sect571k1");
public static final KeyGroup SECT571R1 = new KeyGroup((short) 14, "sect571r1");
public static final KeyGroup SECP160K1 = new KeyGroup((short) 15, "secp160k1");
public static final KeyGroup SECP160R1 = new KeyGroup((short) 16, "secp160r1");
public static final KeyGroup SECP160R2 = new KeyGroup((short) 17, "secp160r2");
public static final KeyGroup SECP192K1 = new KeyGroup((short) 18, "secp192k1");
public static final KeyGroup SECP192R1 = new KeyGroup((short) 19, "secp192r1");
public static final KeyGroup SECP224K1 = new KeyGroup((short) 20, "secp224k1");
public static final KeyGroup SECP224R1 = new KeyGroup((short) 21, "secp224r1");
public static final KeyGroup SECP256K1 = new KeyGroup((short) 22, "secp256k1");
public static final KeyGroup SECP256R1 = new KeyGroup((short) 23, "secp256r1");
public static final KeyGroup SECP384R1 = new KeyGroup((short) 24, "secp384r1");
public static final KeyGroup SECP521R1 = new KeyGroup((short) 25, "secp521r1");
public static final KeyGroup BRAINPOOLP256R1 = new KeyGroup((short) 26, "brainpoolP256r1");
public static final KeyGroup BRAINPOOLP384R1 = new KeyGroup((short) 27, "brainpoolP384r1");
public static final KeyGroup BRAINPOOLP512R1 = new KeyGroup((short) 28, "brainpoolP512r1");
public static final KeyGroup X25519 = new KeyGroup((short) 29, "x25519");
public static final KeyGroup X448 = new KeyGroup((short) 30, "x448");
public static final KeyGroup BRAINPOOLP256R1TLS13 = new KeyGroup((short) 31, "brainpoolP256r1tls13");
public static final KeyGroup BRAINPOOLP384R1TLS13 = new KeyGroup((short) 32, "brainpoolP384r1tls13");
public static final KeyGroup BRAINPOOLP512R1TLS13 = new KeyGroup((short) 33, "brainpoolP512r1tls13");
public static final KeyGroup GC256A = new KeyGroup((short) 34, "GC256A");
public static final KeyGroup GC256B = new KeyGroup((short) 35, "GC256B");
public static final KeyGroup GC256C = new KeyGroup((short) 36, "GC256C");
public static final KeyGroup GC256D = new KeyGroup((short) 37, "GC256D");
public static final KeyGroup GC512A = new KeyGroup((short) 38, "GC512A");
public static final KeyGroup GC512B = new KeyGroup((short) 39, "GC512B");
public static final KeyGroup GC512C = new KeyGroup((short) 40, "GC512C");
public static final KeyGroup CURVESM2 = new KeyGroup((short) 41, "curveSM2");
public static final KeyGroup FFDHE2048 = new KeyGroup((short) 256, "ffdhe2048");
public static final KeyGroup FFDHE3072 = new KeyGroup((short) 257, "ffdhe3072");
public static final KeyGroup FFDHE4096 = new KeyGroup((short) 258, "ffdhe4096");
public static final KeyGroup FFDHE6144 = new KeyGroup((short) 259, "ffdhe6144");
public static final KeyGroup FFDHE8192 = new KeyGroup((short) 260, "ffdhe8192");
public static final KeyGroup RESERVED_GREASE_2570 = new KeyGroup((short) 2570, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_6682 = new KeyGroup((short) 6682, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_10794 = new KeyGroup((short) 10794, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_14906 = new KeyGroup((short) 14906, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_19018 = new KeyGroup((short) 19018, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_23130 = new KeyGroup((short) 23130, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_27242 = new KeyGroup((short) 27242, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_31354 = new KeyGroup((short) 31354, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_35466 = new KeyGroup((short) 35466, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_39578 = new KeyGroup((short) 39578, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_43690 = new KeyGroup((short) 43690, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_47802 = new KeyGroup((short) 47802, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_51914 = new KeyGroup((short) 51914, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_56026 = new KeyGroup((short) 56026, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_60138 = new KeyGroup((short) 60138, "Reserved (GREASE)");
public static final KeyGroup RESERVED_GREASE_64250 = new KeyGroup((short) 64250, "Reserved (GREASE)");
public static final KeyGroup ARBITRARY_EXPLICIT_PRIME_CURVES = new KeyGroup((short) 65281, "arbitrary_explicit_prime_curves");
public static final KeyGroup ARBITRARY_EXPLICIT_CHAR2_CURVES = new KeyGroup((short) 65282, "arbitrary_explicit_char2_curves");
public KeyGroup(Short value, String name) {
super(value, name);
registry.put(value, this);
}
public static KeyGroup getInstance(Short value) {
if (registry.containsKey(value)) {
return registry.get(value);
} else {
return new KeyGroup(value, "Unknown");
}
}
@Override
public int compareTo(KeyGroup o) {
return value().compareTo(o.value());
}
}

41
src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/TlsVersion.java
View File

@@ -1,41 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.numbers;
import org.pcap4j.packet.namednumber.NamedNumber;
import java.util.HashMap;
import java.util.Map;
public class TlsVersion extends NamedNumber<Short, TlsVersion> {
public static final TlsVersion TLS_1_0 = new TlsVersion((short) 0x0301, "TLS 1.0");
public static final TlsVersion TLS_1_1 = new TlsVersion((short) 0x0302, "TLS 1.1");
public static final TlsVersion TLS_1_2 = new TlsVersion((short) 0x0303, "TLS 1.2");
public static final TlsVersion TLS_1_3 = new TlsVersion((short) 0x0304, "TLS 1.3");
private static final Map<Short, TlsVersion> registry = new HashMap<>();
static {
registry.put(TLS_1_0.value(), TLS_1_0);
registry.put(TLS_1_1.value(), TLS_1_1);
registry.put(TLS_1_2.value(), TLS_1_2);
registry.put(TLS_1_3.value(), TLS_1_3);
}
public TlsVersion(Short value, String name) {
super(value, name);
}
public static TlsVersion getInstance(Short value) {
if (registry.containsKey(value)) {
return registry.get(value);
} else {
return new TlsVersion(value, "unknown");
}
}
@Override
public int compareTo(TlsVersion o) {
return value().compareTo(o.value());
}
}

40
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/AlertRecord.java
View File

@@ -1,40 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.service.optimization.tls.numbers.AlertDescription;
import ru.serega6531.packmate.service.optimization.tls.numbers.AlertLevel;
import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
public class AlertRecord implements TlsRecord {
private static final int LEVEL_OFFSET = 0;
private static final int DESCRIPTION_OFFSET = LEVEL_OFFSET + BYTE_SIZE_IN_BYTES;
private int length;
private AlertLevel level;
private AlertDescription description;
public static AlertRecord newInstance(byte[] rawData, int offset, int length) {
ByteArrays.validateBounds(rawData, offset, length);
return new AlertRecord(rawData, offset, length);
}
public AlertRecord(byte[] rawData, int offset, int length) {
this.length = length;
this.level = AlertLevel.getInstance(ByteArrays.getByte(rawData, LEVEL_OFFSET + offset));
if (level != AlertLevel.ENCRYPTED_ALERT) {
this.description = AlertDescription.getInstance(ByteArrays.getByte(rawData, DESCRIPTION_OFFSET + offset));
}
}
@Override
public String toString() {
if (level != AlertLevel.ENCRYPTED_ALERT) {
return " Alert [level: " + level.name() + ", description: " + description.name() + "]";
} else {
return " Encrypted Alert [" + length + " bytes]";
}
}
}

33
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/ApplicationDataRecord.java
View File

@@ -1,33 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records;
import org.pcap4j.util.ByteArrays;
public class ApplicationDataRecord implements TlsRecord {
/**
* 0x0 - Encrypted Application Data
* 0x0 + length - End
*/
private byte[] data;
public static ApplicationDataRecord newInstance(byte[] rawData, int offset, int length) {
ByteArrays.validateBounds(rawData, offset, length);
return new ApplicationDataRecord(rawData, offset, length);
}
public ApplicationDataRecord(byte[] rawData, int offset, int length) {
data = new byte[length];
System.arraycopy(rawData, offset, data, 0, length);
}
public byte[] getData() {
return data;
}
@Override
public String toString() {
return " Encrypted data: [" + data.length + " bytes]";
}
}

27
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/ChangeCipherSpecRecord.java
View File

@@ -1,27 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records;
import org.pcap4j.util.ByteArrays;
public class ChangeCipherSpecRecord implements TlsRecord {
/**
0x0 - Change Cipher Spec Message
0x1 - End
*/
private byte changeCipherSpecMessage;
public static ChangeCipherSpecRecord newInstance(byte[] rawData, int offset, int length) {
ByteArrays.validateBounds(rawData, offset, length);
return new ChangeCipherSpecRecord(rawData, offset);
}
private ChangeCipherSpecRecord(byte[] rawData, int offset) {
this.changeCipherSpecMessage = ByteArrays.getByte(rawData, offset);
}
@Override
public String toString() {
return " Change Cipher Spec Message: " + changeCipherSpecMessage;
}
}

73
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/HandshakeRecord.java
View File

@@ -1,73 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.service.optimization.tls.numbers.HandshakeType;
import ru.serega6531.packmate.service.optimization.tls.records.handshakes.*;
import ru.serega6531.packmate.utils.BytesUtils;
import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
public class HandshakeRecord implements TlsRecord {
/*
0x0 - Handshake type
0x1 - Handshake length
0x4 - Handshake version
0x6 - Handshake content
*/
private static final int HANDSHAKE_TYPE_OFFSET = 0;
private static final int LENGTH_OFFSET = HANDSHAKE_TYPE_OFFSET + BYTE_SIZE_IN_BYTES;
private static final int CONTENT_OFFSET = LENGTH_OFFSET + 3;
private HandshakeType handshakeType;
private int handshakeLength; // 3 bytes
private HandshakeRecordContent content;
public static HandshakeRecord newInstance(byte[] rawData, int offset, int length) {
ByteArrays.validateBounds(rawData, offset, length);
return new HandshakeRecord(rawData, offset, length);
}
private HandshakeRecord(byte[] rawData, int offset, int length) {
this.handshakeType = HandshakeType.getInstance(ByteArrays.getByte(rawData, HANDSHAKE_TYPE_OFFSET + offset));
if (handshakeType == HandshakeType.ENCRYPTED_HANDSHAKE_MESSAGE) {
this.handshakeLength = length;
this.content = BasicHandshakeRecordContent.newInstance(
rawData, offset, handshakeLength);
return;
}
this.handshakeLength = BytesUtils.getThreeBytesInt(rawData, LENGTH_OFFSET + offset);
if (handshakeType == HandshakeType.CLIENT_HELLO) {
this.content = ClientHelloHandshakeRecordContent.newInstance(
rawData, offset + CONTENT_OFFSET, handshakeLength);
} else if (handshakeType == HandshakeType.SERVER_HELLO) {
this.content = ServerHelloHandshakeRecordContent.newInstance(
rawData, offset + CONTENT_OFFSET, handshakeLength);
} else if (handshakeType == HandshakeType.CERTIFICATE) {
this.content = CertificateHandshakeRecordContent.newInstance(
rawData, offset + CONTENT_OFFSET, handshakeLength);
} else {
this.content = BasicHandshakeRecordContent.newInstance(
rawData, offset + CONTENT_OFFSET, handshakeLength);
}
}
public HandshakeType getHandshakeType() {
return handshakeType;
}
public HandshakeRecordContent getContent() {
return content;
}
@Override
public String toString() {
return " Handshake length: " + handshakeLength + "\n" +
" Handshake type: " + handshakeType + "\n" +
content.toString();
}
}

53
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/HeartbeatRecord.java
View File

@@ -1,53 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.service.optimization.tls.numbers.HeartbeatMessageType;
import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
public class HeartbeatRecord implements TlsRecord {
//https://tools.ietf.org/html/rfc6520
private static final int TYPE_OFFSET = 0;
private static final int PAYLOAD_LENGTH_OFFSET = TYPE_OFFSET + BYTE_SIZE_IN_BYTES;
private static final int PAYLOAD_OFFSET = PAYLOAD_LENGTH_OFFSET + SHORT_SIZE_IN_BYTES;
private HeartbeatMessageType type;
private short payloadLength;
private byte[] payload;
private byte[] padding;
public static HeartbeatRecord newInstance(byte[] rawData, int offset, int length) {
ByteArrays.validateBounds(rawData, offset, length);
return new HeartbeatRecord(rawData, offset, length);
}
public HeartbeatRecord(byte[] rawData, int offset, int length) {
this.type = HeartbeatMessageType.getInstance(ByteArrays.getByte(rawData, TYPE_OFFSET + offset));
this.payloadLength = ByteArrays.getShort(rawData, PAYLOAD_LENGTH_OFFSET + offset);
this.payload = ByteArrays.getSubArray(rawData, PAYLOAD_OFFSET + offset, payloadLength);
this.padding = ByteArrays.getSubArray(rawData, PAYLOAD_OFFSET + payloadLength + offset);
}
public HeartbeatMessageType getType() {
return type;
}
public byte[] getPayload() {
return payload;
}
public byte[] getPadding() {
return padding;
}
@Override
public String toString() {
return " Heartbeat (" + type.name() +
") [" + payloadLength + " bytes payload, " +
padding.length + " bytes padding]";
}
}

7
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/TlsRecord.java
View File

@@ -1,7 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records;
import java.io.Serializable;
public interface TlsRecord extends Serializable {
}

36
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/BasicHandshakeRecordContent.java
View File

@@ -1,36 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records.handshakes;
import org.pcap4j.util.ByteArrays;
public class BasicHandshakeRecordContent implements HandshakeRecordContent {
/**
* 0x0 - Content
* 0x0 + length - End
*/
private byte[] content;
public static BasicHandshakeRecordContent newInstance(byte[] rawData, int offset, int length) {
if(length > 0) {
ByteArrays.validateBounds(rawData, offset, length);
}
return new BasicHandshakeRecordContent(rawData, offset, length);
}
public BasicHandshakeRecordContent(byte[] rawData, int offset, int length) {
content = new byte[length];
if (length > 0) {
System.arraycopy(rawData, offset, content, 0, length);
}
}
public byte[] getContent() {
return content;
}
@Override
public String toString() {
return " [" + content.length + " bytes]";
}
}

52
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/CertificateHandshakeRecordContent.java
View File

@@ -1,52 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records.handshakes;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.utils.BytesUtils;
import java.util.ArrayList;
import java.util.List;
public class CertificateHandshakeRecordContent implements HandshakeRecordContent {
private static final int CERTIFICATES_LENGTH_OFFSET = 0;
private static final int CERTIFICATES_OFFSET = 3;
private int certificatesLength;
private List<byte[]> rawCertificates = new ArrayList<>();
public static CertificateHandshakeRecordContent newInstance(byte[] rawData, int offset, int length) {
return new CertificateHandshakeRecordContent(rawData, offset, length);
}
public CertificateHandshakeRecordContent(byte[] rawData, int offset, int length) {
this.certificatesLength = BytesUtils.getThreeBytesInt(rawData, CERTIFICATES_LENGTH_OFFSET + offset);
int cursor = CERTIFICATES_OFFSET + offset;
while (cursor < offset + length) {
int certificateLength = BytesUtils.getThreeBytesInt(rawData, cursor);
cursor += 3;
ByteArrays.validateBounds(rawData, cursor, certificateLength);
byte[] certData = ByteArrays.getSubArray(rawData, cursor, certificateLength);
rawCertificates.add(certData);
cursor += certificateLength;
}
}
public List<byte[]> getRawCertificates() {
return rawCertificates;
}
@Override
public String toString() {
StringBuilder sb = new StringBuilder(" Chain length: " + rawCertificates.size());
for (byte[] cert : rawCertificates) {
sb.append('\n');
sb.append(" [").append(cert.length).append(" bytes]");
}
return sb.toString();
}
}

82
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/ClientHelloHandshakeRecordContent.java
View File

@@ -1,82 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records.handshakes;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.service.optimization.tls.numbers.CipherSuite;
import ru.serega6531.packmate.service.optimization.tls.numbers.CompressionMethod;
import java.util.ArrayList;
import java.util.List;
import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
public class ClientHelloHandshakeRecordContent extends HelloHandshakeRecordContent {
/*
0x0 - Client random
0x20 - Session id length (sidl)
0x21 - Session id
0x21+sidl - Cipher suites length (csl)
0x23+sidl - Cipher suite 1..(csl/2)
0x23+sidl+csl - Compression methods length (cml)
0x24+sidl+csl - Compression method 1..cml
0x24+sidl+csl+cml - Extensions Length (el)
0x26+sidl+csl+cml - Extension 1..N
0x26+sidl+csl+cml+el - End
*/
private static final int CIPHER_SUITES_LENGTH_OFFSET = HelloHandshakeRecordContent.SESSION_ID_OFFSET; // + sessionIdLength
private static final int CIPHER_SUITE_OFFSET =
CIPHER_SUITES_LENGTH_OFFSET + SHORT_SIZE_IN_BYTES; // + sessionIdLength + SHORT_SIZE_IN_BYTES*i
private static final int COMPRESSION_METHODS_LENGTH_OFFSET = CIPHER_SUITE_OFFSET; // + sessionIdLength + cipherSuitesLength
private static final int COMPRESSION_METHOD_OFFSET =
COMPRESSION_METHODS_LENGTH_OFFSET + BYTE_SIZE_IN_BYTES; // + sessionIdLength + cipherSuitesLength + BYTE_SIZE_IN_BYTES*i
private static final int EXTENSIONS_LENGTH_OFFSET =
COMPRESSION_METHOD_OFFSET; // + sessionIdLength + cipherSuitesLength + compressionMethodsLength
private static final int EXTENSIONS_OFFSET = COMPRESSION_METHOD_OFFSET + SHORT_SIZE_IN_BYTES;
private short cipherSuitesLength;
private List<CipherSuite> cipherSuites;
private byte compressionMethodsLength;
private List<CompressionMethod> compressionMethods;
public static ClientHelloHandshakeRecordContent newInstance(byte[] rawData, int offset, int length) {
ByteArrays.validateBounds(rawData, offset, length);
return new ClientHelloHandshakeRecordContent(rawData, offset);
}
private ClientHelloHandshakeRecordContent(byte[] rawData, int offset) {
readCommonPart(rawData, offset);
this.cipherSuitesLength = ByteArrays.getShort(rawData, CIPHER_SUITES_LENGTH_OFFSET + sessionIdLength + offset);
int cipherSuitesAmount = cipherSuitesLength / SHORT_SIZE_IN_BYTES;
this.cipherSuites = new ArrayList<>(cipherSuitesAmount);
for (int i = 0; i < cipherSuitesAmount; i++) {
this.cipherSuites.add(CipherSuite.getInstance(ByteArrays.getShort(rawData,
CIPHER_SUITE_OFFSET + SHORT_SIZE_IN_BYTES * i + sessionIdLength + offset)));
}
this.compressionMethodsLength = ByteArrays.getByte(rawData,
COMPRESSION_METHODS_LENGTH_OFFSET + cipherSuitesLength + sessionIdLength + offset);
this.compressionMethods = new ArrayList<>(compressionMethodsLength);
for (byte i = 0; i < compressionMethodsLength; i++) {
this.compressionMethods.add(CompressionMethod.getInstance(ByteArrays.getByte(rawData,
COMPRESSION_METHOD_OFFSET + BYTE_SIZE_IN_BYTES * i + sessionIdLength + cipherSuitesLength + offset)));
}
this.extensionsLength = ByteArrays.getShort(rawData,
EXTENSIONS_LENGTH_OFFSET + compressionMethodsLength + sessionIdLength + cipherSuitesLength + offset);
readExtensions(rawData, EXTENSIONS_OFFSET + compressionMethodsLength +
sessionIdLength + cipherSuitesLength + offset, true);
}
@Override
public String toString() {
return super.toString() + "\n" +
" Cipher suites: " + cipherSuites.toString() + "\n" +
" Compression methods: " + compressionMethods.toString();
}
}

4
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/HandshakeRecordContent.java
View File

@@ -1,4 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records.handshakes;
public interface HandshakeRecordContent {
}

81
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/HelloHandshakeRecordContent.java
View File

@@ -1,81 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records.handshakes;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.service.optimization.tls.extensions.TlsExtension;
import ru.serega6531.packmate.service.optimization.tls.numbers.ExtensionType;
import ru.serega6531.packmate.service.optimization.tls.numbers.TlsVersion;
import java.util.ArrayList;
import java.util.List;
import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
public abstract class HelloHandshakeRecordContent implements HandshakeRecordContent {
private static final int VERSION_OFFSET = 0;
private static final int RANDOM_OFFSET = VERSION_OFFSET + SHORT_SIZE_IN_BYTES;
private static final int SESSION_ID_LENGTH_OFFSET = RANDOM_OFFSET + 32;
protected static final int SESSION_ID_OFFSET = SESSION_ID_LENGTH_OFFSET + BYTE_SIZE_IN_BYTES;
protected TlsVersion version;
protected byte[] random = new byte[32];
protected byte sessionIdLength;
protected byte[] sessionId;
protected short extensionsLength;
private List<TlsExtension> extensions;
protected void readCommonPart(byte[] rawData, int offset) {
this.version = TlsVersion.getInstance(ByteArrays.getShort(rawData, VERSION_OFFSET + offset));
System.arraycopy(rawData, RANDOM_OFFSET + offset, random, 0, 32);
this.sessionIdLength = ByteArrays.getByte(rawData, SESSION_ID_LENGTH_OFFSET + offset);
this.sessionId = new byte[sessionIdLength];
if (sessionIdLength != 0) {
System.arraycopy(rawData, SESSION_ID_OFFSET + offset, sessionId, 0, sessionIdLength);
}
}
protected void readExtensions(byte[] rawData, int offset, boolean client) {
extensions = new ArrayList<>(extensionsLength);
int cursor = offset;
int extensionsEnd = cursor + extensionsLength;
while (cursor < extensionsEnd) {
ExtensionType extensionType = ExtensionType.getInstance(ByteArrays.getShort(rawData, cursor));
cursor += SHORT_SIZE_IN_BYTES;
short extensionLength = ByteArrays.getShort(rawData, cursor);
cursor += SHORT_SIZE_IN_BYTES;
extensions.add(TlsExtension.newInstance(extensionType, rawData, cursor, extensionLength, client));
cursor += extensionLength;
}
}
public TlsVersion getVersion() {
return version;
}
public byte[] getRandom() {
return random;
}
public byte[] getSessionId() {
return sessionId;
}
public List<TlsExtension> getExtensions() {
return extensions;
}
@Override
public String toString() {
return " TLS version: " + version + "\n" +
" Random: " + ByteArrays.toHexString(random, "") + "\n" +
" Session id: " + (sessionIdLength > 0 ? ByteArrays.toHexString(sessionId, "") : "null") + "\n" +
" Extensions: " + extensions.toString();
}
}

64
src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/ServerHelloHandshakeRecordContent.java
View File

@@ -1,64 +0,0 @@
package ru.serega6531.packmate.service.optimization.tls.records.handshakes;
import org.pcap4j.util.ByteArrays;
import ru.serega6531.packmate.service.optimization.tls.numbers.CipherSuite;
import ru.serega6531.packmate.service.optimization.tls.numbers.CompressionMethod;
import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
public class ServerHelloHandshakeRecordContent extends HelloHandshakeRecordContent {
/*
0x0 - Server random
0x20 - Session id length (sidl)
0x21 - Session id
0x21+si - Cipher suite
0x23+sidl - Compression method
0x24+sidl - Extensions Length (el)
0x26+sidl - Extension 1..N
0x26+sidl+el - End
*/
private static final int CIPHER_SUITE_OFFSET = HelloHandshakeRecordContent.SESSION_ID_OFFSET; // + sessionIdLength
private static final int COMPRESSION_METHOD_OFFSET = CIPHER_SUITE_OFFSET + SHORT_SIZE_IN_BYTES; // + sessionIdLength
private static final int EXTENSIONS_LENGTH_OFFSET = COMPRESSION_METHOD_OFFSET + BYTE_SIZE_IN_BYTES; // + sessionIdLength
private static final int EXTENSIONS_OFFSET = EXTENSIONS_LENGTH_OFFSET + SHORT_SIZE_IN_BYTES; // + sessionIdLength
private CipherSuite cipherSuite;
private CompressionMethod compressionMethod;
public static ServerHelloHandshakeRecordContent newInstance(byte[] rawData, int offset, int length) {
ByteArrays.validateBounds(rawData, offset, length);
return new ServerHelloHandshakeRecordContent(rawData, offset);
}
public ServerHelloHandshakeRecordContent(byte[] rawData, int offset) {
readCommonPart(rawData, offset);
this.cipherSuite = CipherSuite.getInstance(ByteArrays.getShort(rawData,
CIPHER_SUITE_OFFSET + sessionIdLength + offset));
this.compressionMethod = CompressionMethod.getInstance(ByteArrays.getByte(rawData,
COMPRESSION_METHOD_OFFSET + sessionIdLength + offset));
this.extensionsLength = ByteArrays.getShort(rawData,
EXTENSIONS_LENGTH_OFFSET + sessionIdLength + offset);
readExtensions(rawData, EXTENSIONS_OFFSET + sessionIdLength + offset, false);
}
public CipherSuite getCipherSuite() {
return cipherSuite;
}
public CompressionMethod getCompressionMethod() {
return compressionMethod;
}
@Override
public String toString() {
return super.toString() + "\n" +
" Cipher suite: " + cipherSuite.toString() + "\n" +
" Compression method: " + compressionMethod.toString();
}
}