Добавлен разбор ECDHE ключей

2020-04-20 22:47:18 +03:00
parent aeec2c0d59
commit f177c0281d
6 changed files with 228 additions and 0 deletions
--- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/EcdheServerParams.java
+++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/EcdheServerParams.java
@@ -0,0 +1,52 @@
+package ru.serega6531.packmate.service.optimization.tls.keys;
+
+import ru.serega6531.packmate.service.optimization.tls.keys.enums.CurveType;
+import ru.serega6531.packmate.service.optimization.tls.keys.enums.NamedCurve;
+import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmHash;
+import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmSignature;
+
+public class EcdheServerParams {
+
+    private CurveType curveType;
+    private NamedCurve namedCurve;
+    private byte[] pubkey;
+    private SignatureHashAlgorithmHash signatureHashAlgorithmHash;
+    private SignatureHashAlgorithmSignature signatureHashAlgorithmSignature;
+    private byte[] signature;
+
+    public EcdheServerParams(CurveType curveType, NamedCurve namedCurve, byte[] pubkey,
+                             SignatureHashAlgorithmHash signatureHashAlgorithmHash,
+                             SignatureHashAlgorithmSignature signatureHashAlgorithmSignature,
+                             byte[] signature) {
+        this.curveType = curveType;
+        this.namedCurve = namedCurve;
+        this.pubkey = pubkey;
+        this.signatureHashAlgorithmHash = signatureHashAlgorithmHash;
+        this.signatureHashAlgorithmSignature = signatureHashAlgorithmSignature;
+        this.signature = signature;
+    }
+
+    public CurveType getCurveType() {
+        return curveType;
+    }
+
+    public NamedCurve getNamedCurve() {
+        return namedCurve;
+    }
+
+    public byte[] getPubkey() {
+        return pubkey;
+    }
+
+    public SignatureHashAlgorithmHash getSignatureHashAlgorithmHash() {
+        return signatureHashAlgorithmHash;
+    }
+
+    public SignatureHashAlgorithmSignature getSignatureHashAlgorithmSignature() {
+        return signatureHashAlgorithmSignature;
+    }
+
+    public byte[] getSignature() {
+        return signature;
+    }
+}
--- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/TlsKeyUtils.java
+++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/TlsKeyUtils.java
@@ -0,0 +1,65 @@
+package ru.serega6531.packmate.service.optimization.tls.keys;
+
+import ru.serega6531.packmate.service.optimization.tls.keys.enums.CurveType;
+import ru.serega6531.packmate.service.optimization.tls.keys.enums.NamedCurve;
+import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmHash;
+import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureHashAlgorithmSignature;
+
+import java.nio.ByteBuffer;
+
+public final class TlsKeyUtils {
+
+    /**
+     * @param rawData Handshake record content
+     */
+    public static EcdheServerParams parseServerECDHE(byte[] rawData, int offset) {
+        ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
+
+        byte curveTypeId = bb.get();
+        if(curveTypeId != 0x03) {
+            throw new IllegalArgumentException("Unsupported curve type");
+        }
+
+        CurveType curveType = CurveType.NAMED;
+        NamedCurve namedCurve = NamedCurve.findByValue(bb.getShort());
+
+        if (namedCurve == null) {
+            throw new IllegalArgumentException("Unsupported named curve");
+        }
+
+        byte pubkeyLength = bb.get();
+        byte[] pubkey = new byte[pubkeyLength];
+        bb.get(pubkey);
+
+        SignatureHashAlgorithmHash signatureHashAlgorithmHash =
+                SignatureHashAlgorithmHash.findByValue(bb.getShort());
+        SignatureHashAlgorithmSignature signatureHashAlgorithmSignature =
+                SignatureHashAlgorithmSignature.findByValue(bb.getShort());
+
+        if (signatureHashAlgorithmHash == null || signatureHashAlgorithmSignature == null) {
+            throw new IllegalArgumentException("Unknown signature data");
+        }
+
+        short signatureLength = bb.getShort();
+        byte[] signature = new byte[signatureLength];
+
+        bb.get(signature);
+
+        return new EcdheServerParams(curveType, namedCurve, pubkey,
+                signatureHashAlgorithmHash, signatureHashAlgorithmSignature, signature);
+    }
+
+    /**
+     * @param rawData Handshake record content
+     */
+    public static byte[] getServerECDHEPubkey(byte[] rawData, int offset) {
+        ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
+
+        byte length = bb.get();
+        byte[] pubkey = new byte[length];
+        bb.get(pubkey);
+
+        return pubkey;
+    }
+
+}
--- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/CurveType.java
+++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/CurveType.java
@@ -0,0 +1,16 @@
+package ru.serega6531.packmate.service.optimization.tls.keys.enums;
+
+public enum CurveType {
+
+    NAMED((byte) 0x03);
+
+    private byte value;
+
+    CurveType(byte value) {
+        this.value = value;
+    }
+
+    public byte getValue() {
+        return value;
+    }
+}
--- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/NamedCurve.java
+++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/NamedCurve.java
@@ -0,0 +1,31 @@
+package ru.serega6531.packmate.service.optimization.tls.keys.enums;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public enum NamedCurve {
+
+    SECP256R1((short) 0x0017);
+
+    private final short value;
+
+    private static final Map<Short, NamedCurve> map = new HashMap<>();
+
+    NamedCurve(short value) {
+        this.value = value;
+    }
+
+    static {
+        for (NamedCurve curve : values()) {
+            map.put(curve.getValue(), curve);
+        }
+    }
+
+    public short getValue() {
+        return value;
+    }
+
+    public static NamedCurve findByValue(short value) {
+        return map.get(value);
+    }
+}
--- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmHash.java
+++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmHash.java
@@ -0,0 +1,32 @@
+package ru.serega6531.packmate.service.optimization.tls.keys.enums;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public enum SignatureHashAlgorithmHash {
+
+    SHA256((byte) 4);
+
+    private final byte value;
+
+    private static final Map<Byte, SignatureHashAlgorithmHash> map = new HashMap<>();
+
+    SignatureHashAlgorithmHash(byte value) {
+        this.value = value;
+    }
+
+    static {
+        for (SignatureHashAlgorithmHash curve : values()) {
+            map.put(curve.getValue(), curve);
+        }
+    }
+
+    public byte getValue() {
+        return value;
+    }
+
+    public static SignatureHashAlgorithmHash findByValue(short value) {
+        return map.get(value);
+    }
+
+}
--- a/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmSignature.java
+++ b/src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureHashAlgorithmSignature.java
@@ -0,0 +1,32 @@
+package ru.serega6531.packmate.service.optimization.tls.keys.enums;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public enum  SignatureHashAlgorithmSignature {
+
+    RSA((byte) 1);
+
+    private final byte value;
+
+    private static final Map<Byte, SignatureHashAlgorithmSignature> map = new HashMap<>();
+
+    SignatureHashAlgorithmSignature(byte value) {
+        this.value = value;
+    }
+
+    static {
+        for (SignatureHashAlgorithmSignature curve : values()) {
+            map.put(curve.getValue(), curve);
+        }
+    }
+
+    public byte getValue() {
+        return value;
+    }
+
+    public static SignatureHashAlgorithmSignature findByValue(short value) {
+        return map.get(value);
+    }
+
+}