Update README.md

Update frontend to show packet offsets

See merge request packmate/Packmate!21

README.md

@@ -22,10 +22,16 @@
 * Автоматически проводит urldecode
 * Разархивирует GZIP в HTTP на лету
 * Разархивирует сжатые WebSockets
-* Расшифровывает TLS на RSA при наличии приватного ключа
 
 ![Скриншот главного окна](screenshots/Screenshot.png)
-## Клонирование
+
+## Быстрый запуск
+Для быстрого запуска Packmate следует использовать [этот стартер](https://gitlab.com/packmate/starter/-/blob/master/README.md).
+
+## Полный запуск
+Ниже следует инструкция для тех, кто хочет собрать Packmate самостоятельно.
+
+### Клонирование
 Поскольку этот репозиторий содержит фронтенд как git submodule, его необходимо клонировать так:
 ```bash
 git clone --recurse-submodules https://gitlab.com/packmate/Packmate.git
@@ -40,102 +46,20 @@ git pull  # Забираем свежую версию мастер-репы и
 git submodule update --init --recursive
 ```
 
-## Подготовка
-В этом ПО используется Docker и docker-compose. В образ `packmate-app` пробрасывается 
-сетевой интерфейс хоста, его название указывается переменной окружения (об этом ниже).
-
-`packmate-db` настроен на прослушивание порта 65001 с локальным IP.  
-Файлы БД сохраняются в ./data, поэтому для обнуления базы нужно удалить эту папку.
-
 ### Настройка
-Программа берет основные настройки из переменных окружения, поэтому для удобства
+[Инструкция](docs/SETUP.md)
-можно создать env-файл.  
-Он должен называться `.env` и лежать в корневой директории проекта.
-
-В файле необходимо прописать:
-```dotenv
-# Локальный IP сервера на указанном интерфейсе или в pcap файле
-PACKMATE_LOCAL_IP=192.168.1.124
-# Имя пользователя для web-авторизации
-PACKMATE_WEB_LOGIN=SomeUser
-# Пароль для web-авторизации
-PACKMATE_WEB_PASSWORD=SomeSecurePassword
-```
-
-Если мы перехватываем трафик сервера (лучший вариант, если есть возможность):
-```dotenv
-# Режим работы - перехват
-PACKMATE_MODE=LIVE
-# Интерфейс, на котором производится перехват трафика
-PACKMATE_INTERFACE=wlan0
-```
-Если мы анализируем pcap дамп:
-```dotenv
-# Режим работы - анализ файла
-PACKMATE_MODE=FILE
-# Путь до файла от корня проекта
-PACKMATE_PCAP_FILE=dump.pcap
-```
-
-Или если мы хотим посмотреть уже обработанный трафик (например, для разбора после игры):
-```dotenv
-PACKMATE_MODE=VIEW
-```
-
-При захвате живого трафика рекомендуется включать удаление старых стримов, иначе ближе к концу
-соревнования анализатор будет медленнее работать.
-```dotenv
-PACKMATE_OLD_STREAMS_CLEANUP_ENABLED=true
-# Интервал удаления старых стримов (в минутах).
-# Лучше ставить маленькое число, чтобы стримы удалялись маленькими кусками, и это не нагружало систему
-PACKMATE_OLD_STREAMS_CLEANUP_INTERVAL=1
-# Насколько старым стрим должен быть для удаления (в минутах от текущего времени)
-PACKMATE_OLD_STREAMS_CLEANUP_THRESHOLD=240
-```
-
-Чтобы использовать расшифровку TLS, нужно положить соответствующий приватный ключ, который
-использовался для генерации сертификата, в папку `rsa_keys`.
 
 ### Запуск
 После указания нужных настроек в env-файле, можно запустить приложение:
 ```bash
-sudo docker-compose up --build -d
+sudo docker compose up --build -d
 ```
 
 При успешном запуске Packmate будет видно с любого хоста на порту `65000`.
-
+БД будет слушать на порту 65001, но будет разрешать подключения только с localhost.
-### Начало работы
-При попытке зайти в web-интерфейс впервые, браузер спросит логин и пароль,
-который указывался в env-файле.  
-При необходимости можно настроить дополнительные параметры по кнопке с шестеренками в верхнем 
-правом углу экрана.
-
-![Скриншот настроек](screenshots/Screenshot_Settings.png)
-
-Все настройки сохраняются в local storage и теряются только при смене IP-адреса или порта сервера.
 
 ## Использование
-Сначала нужно создать сервисы, находящиеся в игре.  
+[Инструкция](docs/USAGE.md)
-Для этого вызывается диалоговое окно по нажатию кнопки `+` в навбаре,
-где можно указать название и порт сервиса, а также дополнительные опции.
-
-Для удобного отлова флагов в приложении существует система паттернов.  
-Чтобы создать паттерн, нужно открыть выпадающее меню `Patterns` и нажать кнопку `+`,
-затем указать нужный тип поиска, сам паттерн, цвет подсветки в тексте и прочее.  
-Если выбрать тип паттерна IGNORE, то стримы, попадающие под шаблон, автоматически будут удаляться.
-Это может пригодиться, чтобы не засорять БД трафиком с эксплоитами, которые уже были запатчены.
-
-В режиме LIVE система начнет автоматически захватывать стримы и отображать их в сайдбаре.
-В режиме FILE для начала обработки файла нужно нажать соответствующую кнопку в сайдбаре. 
-При нажатии на стрим в главном контейнере выводится список пакетов;
-между бинарным и текстовым представлением можно переключиться по кнопке в сайдбаре.
-
-### Горячие клавиши
-Для быстрой навигации по стримам можно использовать следующие горячие клавиши:
-* `Ctrl+Up` -- переместиться на один стрим выше
-* `Ctrl+Down` -- переместиться на один стрим ниже
-* `Ctrl+Home` -- перейти на последний стрим
-* `Ctrl+End` -- перейти на первый стрим
 
 <div align="right">
 

README_EN.md

@@ -22,10 +22,16 @@ Advanced network traffic flow analyzer for A/D CTFs.
 * Can urldecode text automatically
 * Can automatically decompress GZIPed HTTP
 * Can automatically deflate WebSockets with permessages-deflate extension
-* Can automatically decrypt TLS with RSA using given private key (like Wireshark)
 
 ![Main window](screenshots/Screenshot.png)
-## Cloning
+
+## Quick Start
+To quickly start using Packmate, use [this starter](https://gitlab.com/packmate/starter/-/blob/master/README_EN.md).
+
+## Full Build
+Below are the instructions for those who want to build Packmate on their own.
+
+### Cloning
 As this repository contains frontend part as a git submodule, it has to be cloned like this:
 ```bash
 git clone --recurse-submodules https://gitlab.com/packmate/Packmate.git
@@ -40,54 +46,8 @@ git pull
 git submodule update --init --recursive
 ```
 
-## Preparation
+### Setup
-This program uses Docker and docker-compose.
+[Instructions](docs/SETUP_EN.md)
-
-`packmate-db` will listen to port 65001 at localhost.  
-Database files are saved in ./data, so in order to reset database you'll have to delete that directory.
-
-### Settings
-This program retrieves settings from environment variables, 
-so it would be convenient to create an env file;  
-It must be called `.env` and located at the root of the project.
-
-Contents of the file:
-```bash
-# Local IP on network interface or in pcap file to tell incoming packets from outgoing
-PACKMATE_LOCAL_IP=192.168.1.124
-# Username for the web interface
-PACKMATE_WEB_LOGIN=SomeUser
-# Password for the web interface
-PACKMATE_WEB_PASSWORD=SomeSecurePassword
-```
-
-If we are capturing live traffic (best option if possible):
-```bash
-# Mode: capturing
-PACKMATE_MODE=LIVE
-# Interface to capture on
-PACKMATE_INTERFACE=wlan0
-```
-If we are analyzing pcap dump:
-```bash
-# Mode: dump analyzing
-PACKMATE_MODE=FILE
-# Path to pcap file from project root
-PACKMATE_PCAP_FILE=dump.pcap
-```
-
-When capturing live traffic it's better to turn on old streams removal. Otherwise, after some time Packmate 
-will start working slower.
-```dotenv
-PACKMATE_OLD_STREAMS_CLEANUP_ENABLED=true
-# Old streams removal interval (in minutes).
-# It's better to use small numbers so the streams are removed in small chunks and don't overload the server.
-PACKMATE_OLD_STREAMS_CLEANUP_INTERVAL=1
-# How old the stream must be to be removed (in minutes before current time)
-PACKMATE_OLD_STREAMS_CLEANUP_THRESHOLD=240
-```
-
-To decrypt TLS, put the private key used to generate a certificate into the `rsa_keys` folder.
 
 ### Launch
 After filling in env file you can launch the app:
@@ -95,42 +55,11 @@ After filling in env file you can launch the app:
 sudo docker-compose up --build -d
 ```
 
-If everything went fine, Packmate will be available on port `65000` from any host
+If everything went fine, Packmate will be available on port `65000` from any host.
-
+Database with listen on port 65001, but will only accept connections from localhost.
-### Accessing the web interface
-When you open a web interface for the first time, you will be asked for a login and password
-you specified in the env file.  
-After entering the credentials, open the settings by clicking the cogs 
-in the top right corner and modify additional parameters.
-
-![Settings](screenshots/Screenshot_Settings.png)
-
-All settings are saved in the local storage and will be 
-lost only upon changing server IP or port.
 
 ## Usage
-First of all, you should create game services.  
+[Instructions](docs/USAGE_EN.md)
-To do that, click `+` in the navbar, 
-then fill in the service name, port, and optimizations to perform on streams.
-
-For a simple monitoring of flags, there is a system of patterns.  
-To create a pattern, open `Patterns` dropdown menu, press `+`, then 
-specify the type of pattern, the pattern itself, highlight color and other things.  
-If you choose IGNORE as the type of a pattern, all matching streams will be automatically deleted.
-This can be useful to filter out exploits you have already patched against.
-
-In LIVE mode the system will automatically capture streams and show them in a sidebar.
-In FILE mode you'll have to press appropriate button in a sidebar to start processing a file. 
-Note that you should only do that after all services are created.  
-Click at a stream to view a list of packets;
-you can click a button in the sidebar to switch between binary and text views.
-
-### Shortcuts
-To quickly navigate streams you can use the following shortcuts:
-* `Ctrl+Up` -- go to the next stream
-* `Ctrl+Down` -- go to the previous stream
-* `Ctrl+Home` -- go to the latest stream
-* `Ctrl+End` -- go to the first stream
 
 <div align="right">
 

build.gradle

@@ -1,50 +0,0 @@
-plugins {
-    id 'org.springframework.boot' version '2.6.3'
-    id 'java'
-}
-
-apply plugin: 'io.spring.dependency-management'
-
-group = 'ru.serega6531'
-version = '1.0-SNAPSHOT'
-
-sourceCompatibility = JavaVersion.VERSION_17
-targetCompatibility = JavaVersion.VERSION_17
-
-configurations {
-    compileOnly {
-        extendsFrom annotationProcessor
-    }
-}
-
-repositories {
-    mavenCentral()
-}
-
-dependencies {
-    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
-    implementation 'org.springframework.boot:spring-boot-starter-web'
-    implementation "org.springframework.boot:spring-boot-starter-security"
-    implementation "org.springframework.boot:spring-boot-starter-websocket"
-    implementation 'org.springframework.session:spring-session-core'
-    implementation 'com.github.jmnarloch:modelmapper-spring-boot-starter:1.1.0'
-    implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.12.0'
-    implementation group: 'commons-io', name: 'commons-io', version: '2.11.0'
-    implementation 'org.pcap4j:pcap4j-core:1.8.2'
-    implementation 'org.pcap4j:pcap4j-packetfactory-static:1.8.2'
-    implementation group: 'com.google.guava', name: 'guava', version: '31.0.1-jre'
-    implementation group: 'org.java-websocket', name: 'Java-WebSocket', version: '1.5.1'
-    implementation group: 'org.bouncycastle', name: 'bcprov-jdk15on', version: '1.69'
-    implementation group: 'org.bouncycastle', name: 'bctls-jdk15on', version: '1.70'
-    implementation group: 'org.modelmapper', name: 'modelmapper', version: '2.4.5'
-    compileOnly 'org.jetbrains:annotations:22.0.0'
-    compileOnly 'org.projectlombok:lombok'
-    runtimeOnly 'org.springframework.boot:spring-boot-devtools'
-    runtimeOnly 'org.postgresql:postgresql'
-    annotationProcessor 'org.projectlombok:lombok'
-    testImplementation 'org.junit.jupiter:junit-jupiter:5.8.2'
-}
-
-test {
-    useJUnitPlatform()
-}

build.gradle.kts

@@ -0,0 +1,61 @@
+plugins {
+    id("org.springframework.boot") version "3.0.6"
+    id("java")
+    id("io.spring.dependency-management") version "1.1.0"
+}
+
+group = "ru.serega6531"
+version = "1.0-SNAPSHOT"
+
+java {
+    sourceCompatibility = JavaVersion.VERSION_17
+    targetCompatibility = JavaVersion.VERSION_17
+}
+
+configurations {
+    get("compileOnly").apply {
+        extendsFrom(configurations.annotationProcessor.get())
+    }
+}
+
+repositories {
+    mavenCentral()
+}
+
+dependencies {
+    implementation("org.springframework.boot:spring-boot-starter-data-jpa")
+    implementation("org.springframework.boot:spring-boot-starter-web")
+    implementation("org.springframework.boot:spring-boot-starter-security")
+    implementation("org.springframework.boot:spring-boot-starter-websocket")
+    implementation("org.springframework.session:spring-session-core")
+    implementation(group = "org.apache.commons", name = "commons-lang3", version = "3.12.0")
+    implementation(group = "commons-io", name = "commons-io", version = "2.11.0")
+
+    implementation("org.pcap4j:pcap4j-core:1.8.2")
+    implementation("org.pcap4j:pcap4j-packetfactory-static:1.8.2")
+
+    constraints {
+        implementation("net.java.dev.jna:jna:5.13.0") {
+            because("upgraded version required to run on MacOS")
+            // https://stackoverflow.com/questions/70368863/unsatisfiedlinkerror-for-m1-macs-while-running-play-server-locally
+        }
+    }
+
+    implementation(group = "com.google.guava", name = "guava", version = "31.1-jre")
+    implementation(group = "org.java-websocket", name = "Java-WebSocket", version = "1.5.3")
+    implementation(group = "org.bouncycastle", name = "bcprov-jdk15on", version = "1.70")
+    implementation(group = "org.bouncycastle", name = "bctls-jdk15on", version = "1.70")
+    implementation(group = "org.modelmapper", name = "modelmapper", version = "3.1.1")
+    implementation("com.athaydes.rawhttp:rawhttp-core:2.5.2")
+
+    compileOnly("org.jetbrains:annotations:24.0.1")
+    compileOnly("org.projectlombok:lombok")
+    runtimeOnly("org.springframework.boot:spring-boot-devtools")
+    runtimeOnly("org.postgresql:postgresql")
+    annotationProcessor("org.projectlombok:lombok")
+    testImplementation("org.junit.jupiter:junit-jupiter:5.9.2")
+}
+
+tasks.getByName<Test>("test") {
+    useJUnitPlatform()
+}

docker-compose.yml

@@ -2,7 +2,6 @@ services:
   packmate: # port = 65000
     environment:
       DB_PASSWORD: ${PACKMATE_DB_PASSWORD:-K604YnL3G1hp2RDkCZNjGpxbyNpNHTRb}
-      DB_NAME: ${PACKMATE_DB_NAME:-packmate}
       INTERFACE: ${PACKMATE_INTERFACE:-}
       LOCAL_IP: ${PACKMATE_LOCAL_IP}
       MODE: ${PACKMATE_MODE:-LIVE}
@@ -20,16 +19,8 @@ services:
       dockerfile: docker/Dockerfile_app
     network_mode: "host"
     image: registry.gitlab.com/packmate/packmate:${BUILD_TAG:-latest}
-    command: [
+    volumes:
-      "java", "-Djava.net.preferIPv4Stack=true", "-Djava.net.preferIPv4Addresses=true",
+      - "./pcaps/:/app/pcaps/:ro"
-      "-jar", "/app/app.jar", "--spring.datasource.url=jdbc:postgresql://127.0.0.1:65001/$${DB_NAME}",
-      "--spring.datasource.password=$${DB_PASSWORD}",
-      "--capture-mode=$${MODE}", "--pcap-file=$${PCAP_FILE}",
-      "--interface-name=$${INTERFACE}", "--local-ip=$${LOCAL_IP}", "--account-login=$${WEB_LOGIN}",
-      "--old-streams-cleanup-enabled=$${OLD_STREAMS_CLEANUP_ENABLED}", "--cleanup-interval=$${OLD_STREAMS_CLEANUP_INTERVAL}",
-      "--old-streams-threshold=$${OLD_STREAMS_CLEANUP_THRESHOLD}",
-      "--account-password=$${WEB_PASSWORD}", "--server.port=65000", "--server.address=0.0.0.0"
-    ]
     depends_on:
       db:
         condition: service_healthy
@@ -38,7 +29,7 @@ services:
     environment:
       POSTGRES_USER: packmate
       POSTGRES_PASSWORD: ${PACKMATE_DB_PASSWORD:-K604YnL3G1hp2RDkCZNjGpxbyNpNHTRb}
-      POSTGRES_DB: ${PACKMATE_DB_NAME:-packmate}
+      POSTGRES_DB: packmate
     env_file:
       - .env
     volumes:

docker/Dockerfile_app

@@ -13,4 +13,17 @@ FROM eclipse-temurin:17-jre
 WORKDIR /app
 RUN apt update && apt install -y libpcap0.8 && rm -rf /var/lib/apt/lists/*
 COPY --from=1 /tmp/compile/build/libs/packmate-*-SNAPSHOT.jar app.jar
+
+CMD [ "java", "-Djava.net.preferIPv4Stack=true", "-Djava.net.preferIPv4Addresses=true",  \
+      "-jar", "/app/app.jar", "--spring.datasource.url=jdbc:postgresql://127.0.0.1:65001/packmate", \
+      "--spring.datasource.password=${DB_PASSWORD}", \
+      "--packmate.capture-mode=${MODE}", "--packmate.pcap-file=${PCAP_FILE}", \
+      "--packmate.interface-name=${INTERFACE}", "--packmate.local-ip=${LOCAL_IP}", \
+      "--packmate.web.account-login=${WEB_LOGIN}", "--packmate.web.account-password=${WEB_PASSWORD}", \
+      "--packmate.cleanup.enabled=${OLD_STREAMS_CLEANUP_ENABLED}", \
+      "--packmate.cleanup.interval=${OLD_STREAMS_CLEANUP_INTERVAL}", \
+      "--packmate.cleanup.threshold=${OLD_STREAMS_CLEANUP_THRESHOLD}", \
+      "--server.port=65000", "--server.address=0.0.0.0" \
+]
+
 EXPOSE 65000

docs/SETUP.md

@@ -0,0 +1,89 @@
+## Настройка
+
+Packmate использует настройки из файла `.env` (в той же папке, что и `docker-compose.yml`)
+
+### Основные настройки
+```dotenv
+# Локальный IP сервера, на который приходит игровой трафик
+PACKMATE_LOCAL_IP=10.20.1.1
+# Имя пользователя для web-авторизации
+PACKMATE_WEB_LOGIN=SomeUser
+# Пароль для web-авторизации
+PACKMATE_WEB_PASSWORD=SomeSecurePassword
+```
+
+### Режим работы
+Packmate поддерживает три основных режима работы: `LIVE`, `FILE` и `VIEW`.
+1. `LIVE` - это основной режим работы во время CTF. Packmate обрабатывает живой трафик и сразу выводит результаты.
+2. `FILE` - обрабатывает трафик из pcap файлов. Полезен для анализа трафика с прошедших CTF, где не был запущен Packmate, или тех, где невозможно запустить его на вулнбоксе.
+3. `VIEW` - Packmate не обрабатывает трафик, а только показывает уже обработанные стримы. Полезен для разборов после завершения CTF.
+
+<details>
+  <summary>Настройка LIVE</summary>
+
+Необходимо указать интерфейс, через который проходит игровой трафик.
+На этом же интерфейсе должен располагаться ip, указанный в параметре `PACKMATE_LOCAL_IP`
+
+```dotenv
+# Режим работы - перехват
+PACKMATE_MODE=LIVE
+# Интерфейс, на котором производится перехват трафика
+PACKMATE_INTERFACE=game
+```
+
+</details>
+
+<details>
+  <summary>Настройка FILE</summary>
+
+Необходимо указать название pcap файла, лежащего в папке pcaps. 
+После запуска в веб-интерфейсе появится кнопка, активирующая чтение файла. 
+Важно, чтобы к этому моменту уже были созданы сервисы и паттерны (см. раздел Использование).
+
+```dotenv
+# Режим работы - анализ файла
+PACKMATE_MODE=FILE
+# Название файла в папке pcaps
+PACKMATE_PCAP_FILE=dump.pcap
+```
+
+</details>
+
+<details>
+  <summary>Настройка VIEW</summary>
+
+В этом режиме Packmate просто показывает уже имеющиеся данные. 
+
+```dotenv
+# Режим работы - просмотр
+PACKMATE_MODE=VIEW
+```
+
+</details>
+
+### Очистка БД
+На крупных CTF через какое-то время накапливается большое количество трафика. Это замедляет работу Packmate и занимает много места на диске.
+
+Для оптимизации работы, рекомендуется включить регулярную очистку БД от старых стримов. Это будет работать только в режиме `LIVE`.
+```dotenv
+PACKMATE_OLD_STREAMS_CLEANUP_ENABLED=true
+# Интервал удаления старых стримов (в минутах).
+# Лучше ставить маленькое число, чтобы стримы удалялись маленькими кусками, и это не нагружало систему
+PACKMATE_OLD_STREAMS_CLEANUP_INTERVAL=1
+# Насколько старым стрим должен быть для удаления (в минутах от текущего времени)
+PACKMATE_OLD_STREAMS_CLEANUP_THRESHOLD=240
+```
+
+### Дополнительные настройки
+
+```dotenv
+# Пароль от БД. Из-за того, что БД принимает подключения только с localhost, менять его необязательно, но можно, для дополнительной безопасности.
+PACKMATE_DB_PASSWORD=K604YnL3G1hp2RDkCZNjGpxbyNpNHTRb
+# Версия Packmate. Можно изменить, если нужно использовать другой образ из docker registry.
+BUILD_TAG=latest
+```
+
+Чтобы использовать расшифровку TLS (с RSA), нужно положить соответствующий приватный ключ, который
+использовался для генерации сертификата, в папку `rsa_keys`.
+
+Файлы БД сохраняются в ./data, поэтому для обнуления базы нужно удалить эту папку.

docs/SETUP_EN.md

@@ -0,0 +1,88 @@
+## Setup
+
+Packmate uses properties from the `.env` file (in the same directory as `docker-compose.yml`)
+
+### Primary settings
+```dotenv
+# Local IP of a server on which the traffic in directed. Used to tell incoming packets from outgoing.
+PACKMATE_LOCAL_IP=10.20.1.1
+# Username for the web interface
+PACKMATE_WEB_LOGIN=SomeUser
+# Password for the web interface
+PACKMATE_WEB_PASSWORD=SomeSecurePassword
+```
+
+### Modes of operation
+Packmate supports 3 modes of operation: `LIVE`, `FILE` и `VIEW`.
+1. `LIVE` - the usual mode during a CTF. Packmate processes live traffic and instantly displays the results.
+2. `FILE` - processes traffic from pcap files. Useful to analyze traffic from past CTFs where Packmate wasn't launched, or CTFs where it's impossible to use it on the vulnbox.
+3. `VIEW` - Packmate does not process any traffic, but simply shows already processed streams. Useful for post-game analyses.
+
+<details>
+  <summary>LIVE setup</summary>
+
+Set the interface through which the game traffic passes.
+IP address from `PACKMATE_LOCAL_IP` should be bound to the same interface.
+
+```dotenv
+# Mode: capturing
+PACKMATE_MODE=LIVE
+# Interface to capture on
+PACKMATE_INTERFACE=game
+```
+
+</details>
+
+<details>
+  <summary>FILE setup</summary>
+
+Set the name of the pcap file in the `pcaps` directory.
+After the startup, in the web interface, you will see the button that activates the file processing.
+It's important that by this moment all services and patterns are already created (see Usage).
+
+```dotenv
+# Mode: pcap file anysis
+PACKMATE_MODE=FILE
+# Path to pcap file in the pcaps directory
+PACKMATE_PCAP_FILE=dump.pcap
+```
+
+</details>
+
+<details>
+  <summary>VIEW setup</summary>
+
+In that mode, Packmate simply shows already existing data.
+
+```dotenv
+# Mode: viewing the data
+PACKMATE_MODE=VIEW
+```
+
+</details>
+
+### Database cleanup
+On large CTFsб after some time a lot of traffic will pile up. This can slow Packmate down and take a lot of drive space.
+
+To optimize the workflow, it is recommended to enable periodical database cleanup of old streams. It will only work in the `LIVE` mode.
+```dotenv
+PACKMATE_OLD_STREAMS_CLEANUP_ENABLED=true
+# Old streams removal interval (in minutes).
+# It's better to use small numbers so the streams are removed in small chunks and don't overload the server.
+PACKMATE_OLD_STREAMS_CLEANUP_INTERVAL=1
+# How old the stream must be to be removed (in minutes before current time)
+PACKMATE_OLD_STREAMS_CLEANUP_THRESHOLD=240
+```
+
+### Additional settings
+
+```dotenv
+# Database password. Considering it only listens on localhost, it's not mandatory to change it, but you can do it for additional security.
+PACKMATE_DB_PASSWORD=K604YnL3G1hp2RDkCZNjGpxbyNpNHTRb
+# Packmate version. Change it if you want to use a different version from the docker registry.
+BUILD_TAG=latest
+```
+
+To use the TLS decryption, you have to put the matching private key in the `rsa_keys` directory.
+
+Database files are being saved in `./data`, so to reset the database, you need to delete this directory.

docs/USAGE.md

@@ -0,0 +1,117 @@
+## Использование
+### Настройки
+При попытке зайти в web-интерфейс впервые, браузер спросит логин и пароль,
+который указывался в env-файле.  
+При необходимости можно настроить дополнительные параметры по кнопке с шестеренками в верхнем
+правом углу экрана.
+
+<img alt="Скриншот настроек" width="400" src="../screenshots/Screenshot_Settings.png"/>
+
+### Создание сервисов
+Сначала нужно создать сервисы, находящиеся в игре. Если не сделать этого, то никакие стримы не будут сохраняться! 
+Для этого вызывается диалоговое окно по нажатию кнопки `+` в навбаре,
+где можно указать название и порт сервиса, а также дополнительные опции.
+
+<img alt="Скриншот окна создания сервиса" src="../screenshots/Screenshot_Service.png" width="600"/>
+
+#### Параметры сервиса:
+1. Имя
+2. Порт (если сервис использует несколько портов, нужно создать по сервису на каждый порт)
+3. Chunked transfer encoding: автоматически раскодировать [подобные](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Transfer-Encoding#chunked_encoding) http пакеты
+4. Urldecode: автоматически проводить urldecode пакетов. Стоит включать по умолчанию в http сервисах.
+5. Merge adjacent packets: автоматически склеивать соседние пакеты в одном направлении. Стоит включать по умолчанию в небинарных сервисах.
+6. Inflate WebSockets: автоматически разархивировать [сжатые](https://www.rfc-editor.org/rfc/rfc7692) websocket-пакеты.
+7. Decrypt TLS: автоматически расшифровывать TLS-трафик (HTTPS).
+Работает только с типами шифрования TLS_RSA_WITH_AES_*, и при наличии приватного ключа, который использовался в сертификате сервера (как Wireshark).
+
+### Создание паттернов
+Для удобного отлова эксплоитов в приложении существует система паттернов.  
+Чтобы создать паттерн, нужно открыть выпадающее меню `Patterns` и нажать кнопку `+`,
+затем указать параметры паттерна и сохранить.
+
+Важно: паттерн начнет действовать только на стримы, захваченные после его создания. Но можно использовать Lookback, чтобы проанализировать и стримы в прошлом.
+
+<img alt="Скриншот окна создания паттерна" src="../screenshots/Screenshot_Pattern.png" width="400"/>
+
+#### Параметры паттерна:
+1. Имя: оно отображается в списке на стримах, которые содержат этот паттерн.
+2. Паттерн: само содержимое паттерна. Может быть строкой, регулярным выражением или hex-строкой в зависимости от типа паттерна.
+3. Действие паттерна
+   1. Highlight подсветит найденный паттерн. Пример: поиск флагов.
+   2. Ignore удалит стрим, содержащий этот паттерн. 
+   Пример: вы запатчили сервис от определенной уязвимости и больше не хотите видеть определенный эксплоит в трафике. Можно добавить этот эксплоит как паттерн с типом IGNORE, и он больше не будет сохраняться.
+4. Цвет: этим цветом будут подсвечиваться паттерны с типом Highlight
+5. Метод поиска: подстрока, регулярное выражение, бинарная подстрока
+6. Направление поиска: везде, только в запросах, только в ответах
+7. Сервис: искать в трафике всех сервисов или в каком-то конкретном
+
+### Начало игры
+В режиме LIVE система начнет автоматически захватывать стримы и отображать их в сайдбаре.
+В режиме FILE для начала обработки файла нужно нажать соответствующую кнопку в сайдбаре.
+При нажатии на стрим в главном окне выводится список пакетов;
+между бинарным и текстовым представлением можно переключиться по кнопке в сайдбаре.
+
+### Обзор навбара
+![Скриншот навбара](../screenshots/Screenshot_Navbar.png)
+
+1. Заголовок
+2. Счетчик SPM - Streams Per Minute, стримов в минуту
+3. Счетчик PPS - Packets Per Stream, среднее количество пакетов в стриме
+4. Кнопка открытия списка паттернов
+5. Список сервисов. В каждом сервисе:
+   1. Название
+   2. Порт
+   3. Счетчик SPM сервиса - позволяет определить наиболее популярные сервисы
+   4. Кнопка редактирования сервиса
+6. Кнопка добавления нового сервиса
+7. Кнопка открытия настроек
+
+
+### Обзор сайдбара
+![Скриншот сайдбара](../screenshots/Screenshot_Sidebar.png)
+
+В левой панели Packmate находятся стримы выбранного сервиса. 
+Отображается номер стрима, протокол, TTL, сервис, время, хэш User-Agent (для http сервисов) и найденные паттерны.
+
+Совет: иногда на CTF забывают перезаписать TTL пакетов внутри сети. В таком случае по TTL можно отличить запросы от чекеров и от других команд.
+
+Совет #&#8203;2: по User-Agent можно отличать запросы из разных источников. К примеру, можно предположить, что на скриншоте выше запросы 4 и 5 пришли из разных источников.
+
+Совет #&#8203;3: нажимайте на звездочку, чтобы добавить интересный стрим в избранное. Этот стрим будет выделен в списке, и появится в списке избранных стримов.
+
+#### Управление просмотром
+
+<img alt="Панель управления" src="../screenshots/Screenshot_Sidebar_header.png" width="400"/>
+
+1. Пауза: Остановить/возобновить показ новых стримов на экране. Не останавливает перехват стримов и показ другим пользователям! Полезно, если стримы летят слишком быстро.
+2. Избранные: показать только стримы, отмеченные как избранные
+3. Переключить текстовый/hexdump вид
+4. Начать анализ: появляется только при запуске в режиме `FILE`
+5. Промотать список стримов до самого нового
+
+### Обзор меню паттернов
+![Список паттернов](../screenshots/Screenshot_Patterns.png)
+
+1. Кнопка добавления паттерна
+2. Выбор всех стримов (убрать фильтрацию по паттерну)
+3. Список паттернов. В каждой строчке:
+   1. Описание паттерна
+   2. Кнопка Lookback - позволяет применить паттерн к стримам, обработанным до создания паттерна.
+   3. Пауза - паттерн нельзя удалить, но можно поставить на паузу. После этого он не будет применяться к новым стримам.
+
+Совет: создавайте отдельные паттерны для входящих и исходящих флагов. Так легче отличать чекер, кладущий флаги, от эксплоитов.
+
+Совет #&#8203;2: используйте Lookback для исследования найденных эксплоитов.
+
+Пример: вы обнаружили, что сервис только что отдал флаг пользователю `abc123` без видимых причин.
+Можно предположить, что атакующая команда создала этого пользователя и подготовила эксплоит в другом стриме.
+Но в игре слишком много трафика, чтобы найти этот стрим вручную.
+Тогда можно создать `SUBSTRING` паттерн со значением `abc123` и активировать Lookback на несколько минут назад. 
+После этого со включенным фильтром по паттерну будут отображаться только стримы, где упоминался этот пользователь.
+
+### Горячие клавиши
+Для быстрой навигации по стримам можно использовать следующие горячие клавиши:
+* `Ctrl+Up` -- переместиться на один стрим выше
+* `Ctrl+Down` -- переместиться на один стрим ниже
+* `Ctrl+Home` -- перейти на последний стрим
+* `Ctrl+End` -- перейти на первый стрим

docs/USAGE_EN.md

@@ -0,0 +1,110 @@
+## Usage
+### Settings
+When attempting to access the web interface for the first time, your browser will prompt for a login and password, which were specified in the env file.  
+If necessary, additional parameters can be configured via the gear icon in the top right corner of the screen.
+
+<img alt="Screenshot of settings" src="../screenshots/Screenshot_Settings.png" width="400"/>
+
+### Creating Services
+First, you need to create services that are present in the game. If you don't do this, no streams will be saved!
+To do this, a dialog box is called by clicking the `+` button in the navbar,
+where you can specify the name and port of the service, as well as additional options.
+
+<img alt="Screenshot of service creation window" src="../screenshots/Screenshot_Service.png" width="600"/>
+
+#### Service Parameters:
+1. Name
+2. Port (if the service uses multiple ports, you need to create a Packmate service for each port)
+3. Chunked transfer encoding: automatically decode [chunked](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Transfer-Encoding#chunked_encoding) HTTP packets
+4. Urldecode: automatically perform URL decoding of packets. Should be enabled by default for HTTP services.
+5. Merge adjacent packets: automatically merge adjacent packets in the same direction. Should be enabled by default for non-binary services.
+6. Inflate WebSockets: automatically decompress [compressed](https://www.rfc-editor.org/rfc/rfc7692) WebSocket packets.
+7. Decrypt TLS: automatically decrypt TLS traffic (HTTPS). Only works with TLS_RSA_WITH_AES_* cipher suites and requires the private key used in the server's certificate (just like Wireshark).
+
+### Creating Patterns
+To conveniently capture exploits in the application, a pattern system exists.
+To create a pattern, open the dropdown menu `Patterns` and click the `+` button,
+then specify the pattern parameters and save.
+
+Important: the pattern will only apply to streams captured after its creation. But you can use Lookback to analyze past streams.
+
+<img alt="Screenshot of pattern creation window" src="../screenshots/Screenshot_Pattern.png" width="400"/>
+
+#### Pattern Parameters:
+1. Name: it will be displayed in the list on streams that contain this pattern.
+2. Pattern: the content of the pattern itself. It can be a string, a regular expression, or a hex string depending on the pattern type.
+3. Pattern ation:
+   1. Highlight will highlight the found pattern. Example: searching for flags.
+   2. Ignore will delete the stream containing this pattern.
+      Example: you patched a service from a certain vulnerability and no longer want to see a specific exploit in the traffic. You can add this exploit as a pattern with IGNORE type, and it will no longer be saved.
+4. Color: the color with which patterns of Highlight type will be highlighted.
+5. Search method: substring, regular expression, binary substring
+6. Search type: everywhere, only in requests, only in responses
+7. Service: search in the traffic of all services or in a specific one.
+
+### Game Start
+In LIVE mode, the system will automatically capture streams and display them in the sidebar.
+In FILE mode, click the corresponding button in the sidebar to start processing a file.
+When you click on a stream in the main window, a list of packets is displayed;
+you can switch between binary and text representation using the button in the sidebar.
+
+### Navbar Overview
+![Navbar screenshot](../screenshots/Screenshot_Navbar.png)
+
+1. Title
+2. SPM counter - Streams Per Minute
+3. PPS counter - (average number of) Packets Per Stream
+4. Button to open the list of patterns
+5. List of services. In each service:
+   1. Name
+   2. Port
+   3. SPM counter for the service - allows you to determine the most popular services
+   4. Service edit button
+6. Button to add a new service
+7. Button to open settings
+
+### Sidebar Overview
+![Sidebar screenshot](../screenshots/Screenshot_Sidebar.png)
+
+Tip: Sometimes during CTFs, admins forget to overwrite the TTL of packets inside the network. In such cases, you can differentiate requests from checkers and other teams based on TTL.
+
+Tip #&#8203;2: User-Agent can be used to differentiate requests from different sources. For example, in the screenshot above, requests 4 and 5 may have come from different sources.
+
+Tip #&#8203;3: Click on the star icon to add an interesting stream to your favorites. This stream will be highlighted in the list and will appear in the list of favorite streams.
+
+#### Control Panel
+
+<img alt="Control Panel" src="../screenshots/Screenshot_Sidebar_header.png" width="400"/>
+
+1. Pause: Stop/resume displaying new streams on the screen. It does not stop intercepting streams or showing them to other users! Useful if streams are flying by too quickly.
+2. Favorites: Show only streams marked as favorites.
+3. Switch text/hexdump view.
+4. Start analysis: Only appears when running in `FILE` mode.
+5. Scroll stream list to the newest.
+
+### Pattern Menu Overview
+![Pattern List](../screenshots/Screenshot_Patterns.png)
+
+1. Add Pattern Button
+2. Select All Streams (do not filter by pattern)
+3. Pattern List. Each line contains:
+   1. Pattern Description
+   2. Lookback Button - applies the pattern to streams processed before the pattern creation.
+   3. Pause - pattern cannot be deleted, but can be paused. It will not be applied to new streams after pausing.
+
+Tip: Create separate patterns for incoming and outgoing flags to easily distinguish between flag checkers and exploits.
+
+Tip #&#8203;2: Use Lookback to investigate discovered exploits.
+
+Example: You found that the service just handed out a flag to user `abc123` without an apparent reason.
+You can assume that the attacking team created this user and prepared an exploit in another stream.
+But there is too much traffic in the game to manually find this stream.
+Then you can create a `SUBSTRING` pattern with the value `abc123` and activate Lookback for a few minutes back.
+After that, with the pattern filter enabled, only streams mentioning this user will be displayed.
+
+### Hotkeys
+Use the following hotkeys for quick navigation through streams:
+* `Ctrl+Up` -- Move one stream up.
+* `Ctrl+Down` -- Move one stream down.
+* `Ctrl+Home` -- Go to the last stream.
+* `Ctrl+End` -- Go to the first stream.

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.3.3-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.1-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

rsa_keys/example.key

@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDWJO65om/5LMA0
-8w9Uk36h4ukQ7Qt8nbpbeHzxorl4lGwWBASEAEmDYNUcGO0CxglOE93F9BPNGn6q
-Vj8Ypp3kcTGOzsXcFrd0wRpXbSwbynnmqTCYigiLzIidasfUrGul4s1fVZFdkQZS
-p2Y5pEUxq1GKcAgCVwjMyWC1dhGqvTcA5ps0JoSRoA+Nzs/BeTHlTm8UvT9eD9ER
-8RmYVOi1edcJ/eztj1CVydq5X27QNmwLuqsAwq38I27nlq1NU5ShqDQ16bg8IY/c
-Ll4QJB7SVbrLf3dJ7KY5i7DNEoYUiJGRwDJZt+wcZLtFSzj0cn0BuEU6M0PYglUI
-uQTeosUZAgMBAAECggEAehq7CJyHzoPm4QpLDoW/qh1RmfYgG6FwVqHgVIPdz9SJ
-wQ/vZzkmscPwIEJSOsejHKMVTL983vGhkgz1k1/GHjEw+eYLShCl8Ov+0iUNBpew
-ZIbKj9/9OYGZ0HDHmwvpocAuLJME/V4pRc3v6yQw1D6EkzSITJVGDkcxXqcBMeIA
-uNVr+pwLH9vO7ybva+e3T4ROWxlecHrcB94THops4fy5+SGVILwvKaP4cRhjLfD4
-2XV4O5N0imdPAYsNNHyHbAzjvZPoCOsuH3B/tWmRHq3oOa4ZcFUNTDmO9GgfbtY/
-PHEFV34XxMjy3bK0vLxHqS9CEj1cvfq8e1NqkDTugQKBgQD6CEezGf9OFb3byBui
-X3OzXWdWQ5jnodOTPb/P+y9DrORJPy1/0BcXh/cHF58kNDZvzVwTFcAjfx6bxS41
-JAddFRZjNuHXEOtFRkD3Wp4W7Atrv/yeKbpE9PCaNYtUDasL8RKcdJiHNFpN4xRl
-jpQtIiQ9pikrjUXLgW0S88zzyQKBgQDbQV+DMxGS2Cee6nfMmUcGjgQd8D0cXLjk
-OZSmEnk4FCvV8ZdysjirqmuitFTE+PYmOJzhlQl8lubEs4Kc7L9CfEwbK9mNN0ZG
-BNdT21nFuJp7YoZzZDTHuwF0nBjQFYcdaWDW+qFqrqs9mKbmCQ5vSzql6al+pzdX
-X/YS0QTO0QKBgDUMprHQdUPLByJnnb1gxTqsOa2q3/ldc3eNJXJqWAfi2fjUh8HT
-k+KxPW9qyqAy1832429FMSQW55ajSn+J6moMfFiGn3ozI8fp9QTGXD5+zJmK/X1N
-WzEgSyBc9ffago0hFBLQBkDBkdtur7gwfS3qTYgrBhcwfTuFdXAM/FJJAoGABIQ2
-OXel1waI2mcuDJLjuajXQN6gA6ONU3Y0L6+Vu6f+tyuA2SX+sNqT2Qgp7tzKBUOJ
-R8RQK7bYDhk8iYr+7Zmt36lpk9Udp3eWD+4mzUHePMhsyJe51pttjj9g63hmDh8L
-laIYDSCH+n7YgUiSeYxtKtnDWg6Lv0sEwKJ5nOECgYBsF5PoHRE4Q/Vs18qbI4t/
-zPwWWNP0sb3PYRlWLTKMBowQdDOxnXAF12txoLNhpOn9DjZdNEb2EMsqlzdNjphN
-uUWZq89d5kDwKfj4ji087elcjsW79R5oqwrN8a0NimftZ4eBPbcn8Y0r5psPcSzE
-36iKGM2euQYD8Ub+aDOSLQ==
------END PRIVATE KEY-----

settings.gradle.kts

@@ -3,4 +3,4 @@ pluginManagement {
         gradlePluginPortal()
     }
 }
-rootProject.name = 'packmate'
+rootProject.name = "packmate"

src/main/java/ru/serega6531/packmate/configuration/ApplicationConfiguration.java

@@ -1,28 +1,35 @@
 package ru.serega6531.packmate.configuration;
 
+import org.modelmapper.Converter;
+import org.modelmapper.ModelMapper;
+import org.modelmapper.TypeMap;
 import org.pcap4j.core.PcapNativeException;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.context.properties.ConfigurationPropertiesScan;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.scheduling.annotation.EnableAsync;
 import org.springframework.scheduling.annotation.EnableScheduling;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import ru.serega6531.packmate.model.Pattern;
-import org.springframework.security.crypto.password.PasswordEncoder;
+import ru.serega6531.packmate.model.Stream;
-import ru.serega6531.packmate.model.enums.CaptureMode;
+import ru.serega6531.packmate.model.pojo.StreamDto;
 import ru.serega6531.packmate.pcap.FilePcapWorker;
 import ru.serega6531.packmate.pcap.LivePcapWorker;
 import ru.serega6531.packmate.pcap.NoOpPcapWorker;
 import ru.serega6531.packmate.pcap.PcapWorker;
+import ru.serega6531.packmate.properties.PackmateProperties;
 import ru.serega6531.packmate.service.ServicesService;
 import ru.serega6531.packmate.service.StreamService;
 import ru.serega6531.packmate.service.SubscriptionService;
 
 import java.net.UnknownHostException;
+import java.util.Set;
+import java.util.stream.Collectors;
 
 @Configuration
 @EnableScheduling
 @EnableAsync
+@ConfigurationPropertiesScan("ru.serega6531.packmate.properties")
 public class ApplicationConfiguration {
 
     @Bean(destroyMethod = "stop")
@@ -30,20 +37,37 @@ public class ApplicationConfiguration {
     public PcapWorker pcapWorker(ServicesService servicesService,
                                  StreamService streamService,
                                  SubscriptionService subscriptionService,
-                                 @Value("${local-ip}") String localIpString,
+                                 PackmateProperties properties
-                                 @Value("${interface-name}") String interfaceName,
+    ) throws PcapNativeException, UnknownHostException {
-                                 @Value("${pcap-file}") String filename,
+        return switch (properties.captureMode()) {
-                                 @Value("${capture-mode}") CaptureMode captureMode) throws PcapNativeException, UnknownHostException {
+            case LIVE -> new LivePcapWorker(servicesService, streamService, properties.localIp(), properties.interfaceName());
-        return switch (captureMode) {
+            case FILE ->
-            case LIVE -> new LivePcapWorker(servicesService, streamService, localIpString, interfaceName);
+                    new FilePcapWorker(servicesService, streamService, subscriptionService, properties.localIp(), properties.pcapFile());
-            case FILE -> new FilePcapWorker(servicesService, streamService, subscriptionService, localIpString, filename);
             case VIEW -> new NoOpPcapWorker();
         };
     }
 
     @Bean
-    public PasswordEncoder passwordEncoder() {
+    public ModelMapper modelMapper() {
-        return new BCryptPasswordEncoder();
+        ModelMapper modelMapper = new ModelMapper();
+
+        addStreamMapper(modelMapper);
+
+        return modelMapper;
+    }
+
+    private void addStreamMapper(ModelMapper modelMapper) {
+        TypeMap<Stream, StreamDto> streamMapper = modelMapper.createTypeMap(Stream.class, StreamDto.class);
+
+        Converter<Set<Pattern>, Set<Integer>> patternSetToIdSet = ctx -> ctx.getSource()
+                .stream()
+                .map(Pattern::getId)
+                .collect(Collectors.toSet());
+
+        streamMapper.addMappings(mapping ->
+                mapping.using(patternSetToIdSet)
+                        .map(Stream::getFoundPatterns, StreamDto::setFoundPatternsIds)
+        );
     }
 
 }

src/main/java/ru/serega6531/packmate/configuration/SecurityConfiguration.java

@@ -1,57 +1,58 @@
 package ru.serega6531.packmate.configuration;
 
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.event.EventListener;
 import org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
+import ru.serega6531.packmate.properties.PackmateProperties;
 
 @Configuration
 @EnableWebSecurity
 @Slf4j
-public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+public class SecurityConfiguration {
 
-    @Value("${account-login}")
+    @Bean
-    private String login;
+    public InMemoryUserDetailsManager userDetailsService(PackmateProperties properties, PasswordEncoder passwordEncoder) {
+        UserDetails user = User.builder()
+                .username(properties.web().accountLogin())
+                .password(passwordEncoder.encode(properties.web().accountPassword()))
+                .roles("USER")
+                .build();
 
-    @Value("${account-password}")
+        return new InMemoryUserDetailsManager(user);
-    private String password;
-
-    private final PasswordEncoder passwordEncoder;
-
-    @Autowired
-    public SecurityConfiguration(PasswordEncoder passwordEncoder) {
-        this.passwordEncoder = passwordEncoder;
     }
 
-    @Autowired
+    @Bean
-    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        auth.inMemoryAuthentication()
+        return http.csrf()
-                .withUser(login)
-                .password(passwordEncoder.encode(password))
-                .authorities("ROLE_USER");
-    }
-
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http.csrf()
                 .disable()
-                .authorizeRequests()
+                .authorizeHttpRequests((auth) ->
-                .antMatchers("/site.webmanifest")
+                        auth.requestMatchers("/site.webmanifest")
                                 .permitAll()
-                .anyRequest().authenticated()
+                                .anyRequest()
-                .and()
+                                .authenticated()
+                )
                 .httpBasic()
                 .and()
                 .headers()
                 .frameOptions()
-                .sameOrigin();
+                .sameOrigin()
+                .and()
+                .build();
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
     }
 
     @EventListener

src/main/java/ru/serega6531/packmate/controller/PacketController.java

@@ -1,14 +1,16 @@
 package ru.serega6531.packmate.controller;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.PathVariable;
-import ru.serega6531.packmate.model.Packet;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
 import ru.serega6531.packmate.model.pojo.PacketDto;
 import ru.serega6531.packmate.model.pojo.PacketPagination;
 import ru.serega6531.packmate.service.StreamService;
 
 import java.util.List;
-import java.util.stream.Collectors;
 
 @RestController
 @RequestMapping("/api/packet/")
@@ -23,10 +25,7 @@ public class PacketController {
 
     @PostMapping("/{streamId}")
     public List<PacketDto> getPacketsForStream(@PathVariable long streamId, @RequestBody PacketPagination pagination) {
-        List<Packet> packets = streamService.getPackets(streamId, pagination.getStartingFrom(), pagination.getPageSize());
+        return streamService.getPackets(streamId, pagination.getStartingFrom(), pagination.getPageSize());
-        return packets.stream()
-                .map(streamService::packetToDto)
-                .collect(Collectors.toList());
     }
 
 }

src/main/java/ru/serega6531/packmate/controller/PatternController.java

@@ -1,13 +1,20 @@
 package ru.serega6531.packmate.controller;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.DeleteMapping;
-import ru.serega6531.packmate.model.Pattern;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+import ru.serega6531.packmate.model.pojo.PatternCreateDto;
 import ru.serega6531.packmate.model.pojo.PatternDto;
+import ru.serega6531.packmate.model.pojo.PatternUpdateDto;
 import ru.serega6531.packmate.service.PatternService;
 
 import java.util.List;
-import java.util.stream.Collectors;
 
 @RestController
 @RequestMapping("/api/pattern/")
@@ -24,14 +31,19 @@ public class PatternController {
     public List<PatternDto> getPatterns() {
         return service.findAll()
                 .stream().map(service::toDto)
-                .collect(Collectors.toList());
+                .toList();
     }
 
-    @PostMapping("/{id}")
+    @PostMapping("/{id}/enable")
     public void enable(@PathVariable int id, @RequestParam boolean enabled) {
         service.enable(id, enabled);
     }
 
+    @DeleteMapping("/{id}")
+    public void delete(@PathVariable int id) {
+        service.delete(id);
+    }
+
     @PostMapping("/{id}/lookback")
     public void lookBack(@PathVariable int id, @RequestBody int minutes) {
         if (minutes < 1) {
@@ -42,11 +54,13 @@ public class PatternController {
     }
 
     @PostMapping
-    public PatternDto addPattern(@RequestBody PatternDto dto) {
+    public PatternDto addPattern(@RequestBody PatternCreateDto dto) {
-        dto.setEnabled(true);
+        return service.create(dto);
-        Pattern pattern = service.fromDto(dto);
+    }
-        Pattern saved = service.save(pattern);
+
-        return service.toDto(saved);
+    @PostMapping("/{id}")
+    public PatternDto updatePattern(@PathVariable int id, @RequestBody PatternUpdateDto dto) {
+        return service.update(id, dto);
     }
 
 }

src/main/java/ru/serega6531/packmate/controller/ServiceController.java

@@ -1,13 +1,19 @@
 package ru.serega6531.packmate.controller;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.DeleteMapping;
-import ru.serega6531.packmate.model.CtfService;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import ru.serega6531.packmate.model.pojo.ServiceCreateDto;
 import ru.serega6531.packmate.model.pojo.ServiceDto;
+import ru.serega6531.packmate.model.pojo.ServiceUpdateDto;
 import ru.serega6531.packmate.service.ServicesService;
 
 import java.util.List;
-import java.util.stream.Collectors;
 
 @RestController
 @RequestMapping("/api/service/")
@@ -22,9 +28,7 @@ public class ServiceController {
 
     @GetMapping
     public List<ServiceDto> getServices() {
-        return service.findAll().stream()
+        return service.findAll();
-                .map(service::toDto)
-                .collect(Collectors.toList());
     }
 
     @DeleteMapping("/{port}")
@@ -33,9 +37,13 @@ public class ServiceController {
     }
 
     @PostMapping
-    public CtfService addService(@RequestBody ServiceDto dto) {
+    public ServiceDto addService(@RequestBody ServiceCreateDto dto) {
-        CtfService newService = this.service.fromDto(dto);
+        return this.service.create(dto);
-        return this.service.save(newService);
+    }
+
+    @PostMapping("/{port}")
+    public ServiceDto updateService(@PathVariable int port, @RequestBody ServiceUpdateDto dto) {
+        return this.service.update(port, dto);
     }
 
 }

src/main/java/ru/serega6531/packmate/controller/StreamController.java

@@ -1,14 +1,17 @@
 package ru.serega6531.packmate.controller;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.PathVariable;
-import ru.serega6531.packmate.model.pojo.StreamPagination;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
 import ru.serega6531.packmate.model.pojo.StreamDto;
+import ru.serega6531.packmate.model.pojo.StreamPagination;
 import ru.serega6531.packmate.service.StreamService;
 
 import java.util.List;
 import java.util.Optional;
-import java.util.stream.Collectors;
 
 @RestController
 @RequestMapping("/api/stream/")
@@ -23,16 +26,12 @@ public class StreamController {
 
     @PostMapping("/all")
     public List<StreamDto> getStreams(@RequestBody StreamPagination pagination) {
-        return service.findAll(pagination, Optional.empty(), pagination.isFavorites()).stream()
+        return service.findAll(pagination, Optional.empty(), pagination.isFavorites());
-                .map(service::streamToDto)
-                .collect(Collectors.toList());
     }
 
     @PostMapping("/{port}")
     public List<StreamDto> getStreams(@PathVariable int port, @RequestBody StreamPagination pagination) {
-        return service.findAll(pagination, Optional.of(port), pagination.isFavorites()).stream()
+        return service.findAll(pagination, Optional.of(port), pagination.isFavorites());
-                .map(service::streamToDto)
-                .collect(Collectors.toList());
     }
 
     @PostMapping("/{id}/favorite")

src/main/java/ru/serega6531/packmate/exception/PcapFileNotFoundException.java

@@ -0,0 +1,15 @@
+package ru.serega6531.packmate.exception;
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+import java.io.File;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class PcapFileNotFoundException extends RuntimeException {
+
+    private final File file;
+    private final File directory;
+
+}

src/main/java/ru/serega6531/packmate/exception/PcapInterfaceNotFoundException.java

@@ -0,0 +1,15 @@
+package ru.serega6531.packmate.exception;
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+import java.util.List;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class PcapInterfaceNotFoundException extends RuntimeException {
+
+    private final String requestedInterface;
+    private final List<String> existingInterfaces;
+
+}

src/main/java/ru/serega6531/packmate/exception/analyzer/PcapFileNotFoundFailureAnalyzer.java

@@ -0,0 +1,42 @@
+package ru.serega6531.packmate.exception.analyzer;
+
+import org.springframework.boot.diagnostics.AbstractFailureAnalyzer;
+import org.springframework.boot.diagnostics.FailureAnalysis;
+import ru.serega6531.packmate.exception.PcapFileNotFoundException;
+
+import java.io.File;
+import java.util.Arrays;
+import java.util.List;
+
+public class PcapFileNotFoundFailureAnalyzer extends AbstractFailureAnalyzer<PcapFileNotFoundException> {
+    @Override
+    protected FailureAnalysis analyze(Throwable rootFailure, PcapFileNotFoundException cause) {
+        String description = "The file " + cause.getFile().getAbsolutePath() + " was not found";
+        String existingFilesMessage;
+
+        File[] existingFiles = cause.getDirectory().listFiles();
+
+        if (existingFiles == null) {
+            return new FailureAnalysis(
+                    description,
+                    "Make sure you've put the pcap file to the ./pcaps directory, not the root directory. " +
+                            "The directory currently does not exist",
+                    cause
+            );
+        }
+
+        if (existingFiles.length == 0) {
+            existingFilesMessage = "The pcaps directory is currently empty";
+        } else {
+            List<String> existingFilesNames = Arrays.stream(existingFiles).map(File::getName).toList();
+            existingFilesMessage = "The files present in " + cause.getDirectory().getAbsolutePath() + " are: " + existingFilesNames;
+        }
+
+        return new FailureAnalysis(
+                description,
+                "Please verify the file name. Make sure you've put the pcap file to the ./pcaps directory, not the root directory.\n" +
+                        existingFilesMessage,
+                cause
+        );
+    }
+}

src/main/java/ru/serega6531/packmate/exception/analyzer/PcapInterfaceNotFoundFailureAnalyzer.java

@@ -0,0 +1,16 @@
+package ru.serega6531.packmate.exception.analyzer;
+
+import org.springframework.boot.diagnostics.AbstractFailureAnalyzer;
+import org.springframework.boot.diagnostics.FailureAnalysis;
+import ru.serega6531.packmate.exception.PcapInterfaceNotFoundException;
+
+public class PcapInterfaceNotFoundFailureAnalyzer extends AbstractFailureAnalyzer<PcapInterfaceNotFoundException> {
+    @Override
+    protected FailureAnalysis analyze(Throwable rootFailure, PcapInterfaceNotFoundException cause) {
+        return new FailureAnalysis(
+                "The interface \"" + cause.getRequestedInterface() + "\" was not found",
+                "Check the interface name in the config. Existing interfaces are: " + cause.getExistingInterfaces(),
+                cause
+        );
+    }
+}

src/main/java/ru/serega6531/packmate/model/CtfService.java

@@ -3,10 +3,10 @@ package ru.serega6531.packmate.model;
 import lombok.*;
 import org.hibernate.Hibernate;
 
-import javax.persistence.Column;
+import jakarta.persistence.Column;
-import javax.persistence.Entity;
+import jakarta.persistence.Entity;
-import javax.persistence.Id;
+import jakarta.persistence.Id;
-import javax.persistence.Table;
+import jakarta.persistence.Table;
 import java.util.Objects;
 
 @Getter
@@ -23,11 +23,7 @@ public class CtfService {
     @Column(nullable = false)
     private String name;
 
-    private boolean decryptTls;
+    private boolean http;
-
-    private boolean processChunkedEncoding;
-
-    private boolean ungzipHttp;
 
     private boolean urldecodeHttpRequests;
 

src/main/java/ru/serega6531/packmate/model/FoundPattern.java

@@ -5,7 +5,7 @@ import org.hibernate.Hibernate;
 import org.hibernate.annotations.GenericGenerator;
 import org.hibernate.annotations.Parameter;
 
-import javax.persistence.*;
+import jakarta.persistence.*;
 import java.util.Objects;
 
 @Entity

src/main/java/ru/serega6531/packmate/model/Packet.java

@@ -5,7 +5,7 @@ import org.hibernate.Hibernate;
 import org.hibernate.annotations.GenericGenerator;
 import org.hibernate.annotations.Parameter;
 
-import javax.persistence.*;
+import jakarta.persistence.*;
 import java.util.Objects;
 import java.util.Set;
 
@@ -24,7 +24,7 @@ import java.util.Set;
         }
 )
 @AllArgsConstructor
-@Builder
+@Builder(toBuilder = true)
 @Table(indexes = { @Index(name = "stream_id_index", columnList = "stream_id") })
 public class Packet {
 
@@ -49,11 +49,11 @@ public class Packet {
 
     private boolean incoming; // true если от клиента к серверу, иначе false
 
-    private boolean ungzipped;
+    private boolean httpProcessed = false;
 
-    private boolean webSocketParsed;
+    private boolean webSocketParsed = false;
 
-    private boolean tlsDecrypted;
+    private boolean hasHttpBody = false;
 
     @Column(nullable = false)
     private byte[] content;

src/main/java/ru/serega6531/packmate/model/Pattern.java

@@ -1,5 +1,10 @@
 package ru.serega6531.packmate.model;
 
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Enumerated;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.Id;
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
 import lombok.Setter;
@@ -11,14 +16,13 @@ import ru.serega6531.packmate.model.enums.PatternActionType;
 import ru.serega6531.packmate.model.enums.PatternDirectionType;
 import ru.serega6531.packmate.model.enums.PatternSearchType;
 
-import javax.persistence.*;
 import java.util.Objects;
 
 @Getter
 @Setter
 @RequiredArgsConstructor
 @ToString
-@Entity
+@Entity(name = "pattern")
 @GenericGenerator(
         name = "pattern_generator",
         strategy = "org.hibernate.id.enhanced.SequenceStyleGenerator",
@@ -34,8 +38,12 @@ public class Pattern {
     @GeneratedValue(generator = "pattern_generator")
     private Integer id;
 
+    @Column(nullable = false)
     private boolean enabled;
 
+    @Column(nullable = false)
+    private boolean deleted = false;
+
     @Column(nullable = false)
     private String name;
 

src/main/java/ru/serega6531/packmate/model/Stream.java

@@ -9,7 +9,7 @@ import org.hibernate.annotations.GenericGenerator;
 import org.hibernate.annotations.Parameter;
 import ru.serega6531.packmate.model.enums.Protocol;
 
-import javax.persistence.*;
+import jakarta.persistence.*;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Objects;
@@ -53,7 +53,7 @@ public class Stream {
 
     private long endTimestamp;
 
-    @ManyToMany(fetch = FetchType.EAGER)
+    @ManyToMany
     @JoinTable(
             name = "stream_found_patterns",
             joinColumns = @JoinColumn(name = "stream_id"),
@@ -70,6 +70,12 @@ public class Stream {
     @Column(columnDefinition = "char(3)")
     private String userAgentHash;
 
+    @Column(name = "size_bytes", nullable = false)
+    private Integer sizeBytes;
+
+    @Column(name = "packets_count", nullable = false)
+    private Integer packetsCount;
+
     @Override
     public boolean equals(Object o) {
         if (this == o) return true;

src/main/java/ru/serega6531/packmate/model/enums/SubscriptionMessageType.java

@@ -2,7 +2,7 @@ package ru.serega6531.packmate.model.enums;
 
 public enum SubscriptionMessageType {
     SAVE_SERVICE, SAVE_PATTERN,
-    DELETE_SERVICE, DELETE_PATTERN,
+    DELETE_SERVICE,
     NEW_STREAM,
     FINISH_LOOKBACK,
     COUNTERS_UPDATE,

src/main/java/ru/serega6531/packmate/model/pojo/CountersHolder.java

@@ -1,23 +1,8 @@
 package ru.serega6531.packmate.model.pojo;
 
-import lombok.Getter;
-
 import java.util.Map;
 
-@Getter
+public record CountersHolder(Map<Integer, Integer> servicesPackets, Map<Integer, Integer> servicesStreams,
-public class CountersHolder {
-
-    private final Map<Integer, Integer> servicesPackets;
-    private final Map<Integer, Integer> servicesStreams;
-
-    private final int totalPackets;
-    private final int totalStreams;
-
-    public CountersHolder(Map<Integer, Integer> servicesPackets, Map<Integer, Integer> servicesStreams,
                              int totalPackets, int totalStreams) {
-        this.servicesPackets = servicesPackets;
+
-        this.servicesStreams = servicesStreams;
-        this.totalPackets = totalPackets;
-        this.totalStreams = totalStreams;
-    }
 }

src/main/java/ru/serega6531/packmate/model/pojo/PacketDto.java

@@ -13,7 +13,7 @@ public class PacketDto {
     private boolean incoming;
     private boolean ungzipped;
     private boolean webSocketParsed;
-    private boolean tlsDecrypted;
+    private boolean hasHttpBody;
     private byte[] content;
 
 }

src/main/java/ru/serega6531/packmate/model/pojo/PatternCreateDto.java

@@ -0,0 +1,19 @@
+package ru.serega6531.packmate.model.pojo;
+
+import lombok.Data;
+import ru.serega6531.packmate.model.enums.PatternActionType;
+import ru.serega6531.packmate.model.enums.PatternDirectionType;
+import ru.serega6531.packmate.model.enums.PatternSearchType;
+
+@Data
+public class PatternCreateDto {
+
+    private String name;
+    private String value;
+    private String color;
+    private PatternSearchType searchType;
+    private PatternDirectionType directionType;
+    private PatternActionType actionType;
+    private Integer serviceId;
+
+}

src/main/java/ru/serega6531/packmate/model/pojo/PatternDto.java

@@ -10,6 +10,7 @@ public class PatternDto {
 
     private int id;
     private boolean enabled;
+    private boolean deleted;
     private String name;
     private String value;
     private String color;

src/main/java/ru/serega6531/packmate/model/pojo/PatternUpdateDto.java

@@ -0,0 +1,11 @@
+package ru.serega6531.packmate.model.pojo;
+
+import lombok.Data;
+
+@Data
+public class PatternUpdateDto {
+
+    private String name;
+    private String color;
+
+}

src/main/java/ru/serega6531/packmate/model/pojo/ServiceCreateDto.java

@@ -0,0 +1,15 @@
+package ru.serega6531.packmate.model.pojo;
+
+import lombok.Data;
+
+@Data
+public class ServiceCreateDto {
+
+    private int port;
+    private String name;
+    private boolean http;
+    private boolean urldecodeHttpRequests;
+    private boolean mergeAdjacentPackets;
+    private boolean parseWebSockets;
+
+}

src/main/java/ru/serega6531/packmate/model/pojo/ServiceDto.java

@@ -7,9 +7,7 @@ public class ServiceDto {
 
     private int port;
     private String name;
-    private boolean decryptTls;
+    private boolean http;
-    private boolean processChunkedEncoding;
-    private boolean ungzipHttp;
     private boolean urldecodeHttpRequests;
     private boolean mergeAdjacentPackets;
     private boolean parseWebSockets;

src/main/java/ru/serega6531/packmate/model/pojo/ServiceUpdateDto.java

@@ -0,0 +1,15 @@
+package ru.serega6531.packmate.model.pojo;
+
+import lombok.Data;
+
+@Data
+public class ServiceUpdateDto {
+
+    private int port;
+    private String name;
+    private boolean http;
+    private boolean urldecodeHttpRequests;
+    private boolean mergeAdjacentPackets;
+    private boolean parseWebSockets;
+
+}

src/main/java/ru/serega6531/packmate/model/pojo/StreamDto.java

@@ -13,9 +13,11 @@ public class StreamDto {
     private Protocol protocol;
     private long startTimestamp;
     private long endTimestamp;
-    private Set<PatternDto> foundPatterns;
+    private Set<Integer> foundPatternsIds;
     private boolean favorite;
     private int ttl;
     private String userAgentHash;
+    private int sizeBytes;
+    private int packetsCount;
 
 }

src/main/java/ru/serega6531/packmate/model/pojo/UnfinishedStream.java

@@ -1,29 +1,18 @@
 package ru.serega6531.packmate.model.pojo;
 
-import lombok.AllArgsConstructor;
-import lombok.Getter;
 import ru.serega6531.packmate.model.enums.Protocol;
 
 import java.net.InetAddress;
 
-@AllArgsConstructor
+public record UnfinishedStream(InetAddress firstIp, InetAddress secondIp, int firstPort, int secondPort,
-@Getter
+                               Protocol protocol) {
-public class UnfinishedStream {
-
-    private final InetAddress firstIp;
-    private final InetAddress secondIp;
-    private final int firstPort;
-    private final int secondPort;
-    private final Protocol protocol;
 
     @Override
     public boolean equals(Object obj) {
-        if (!(obj instanceof UnfinishedStream)) {
+        if (!(obj instanceof UnfinishedStream o)) {
             return false;
         }
 
-        UnfinishedStream o = (UnfinishedStream) obj;
-
         boolean ipEq1 = firstIp.equals(o.firstIp) && secondIp.equals(o.secondIp);
         boolean ipEq2 = firstIp.equals(o.secondIp) && secondIp.equals(o.firstIp);
         boolean portEq1 = firstPort == o.firstPort && secondPort == o.secondPort;

src/main/java/ru/serega6531/packmate/pcap/AbstractPcapWorker.java

@@ -52,11 +52,11 @@ public abstract class AbstractPcapWorker implements PcapWorker, PacketListener {
 
     protected AbstractPcapWorker(ServicesService servicesService,
                               StreamService streamService,
-                              String localIpString) throws UnknownHostException {
+                              InetAddress localIp) throws UnknownHostException {
         this.servicesService = servicesService;
         this.streamService = streamService;
 
-        this.localIp = InetAddress.getByName(localIpString);
+        this.localIp = localIp;
 
         BasicThreadFactory factory = new BasicThreadFactory.Builder()
                 .namingPattern("pcap-loop").build();

src/main/java/ru/serega6531/packmate/pcap/FilePcapWorker.java

@@ -6,6 +6,7 @@ import org.apache.tomcat.util.threads.InlineExecutorService;
 import org.pcap4j.core.PcapNativeException;
 import org.pcap4j.core.Pcaps;
 import org.pcap4j.packet.Packet;
+import ru.serega6531.packmate.exception.PcapFileNotFoundException;
 import ru.serega6531.packmate.model.enums.Protocol;
 import ru.serega6531.packmate.model.enums.SubscriptionMessageType;
 import ru.serega6531.packmate.model.pojo.SubscriptionMessage;
@@ -15,26 +16,27 @@ import ru.serega6531.packmate.service.SubscriptionService;
 
 import java.io.EOFException;
 import java.io.File;
+import java.net.InetAddress;
 import java.net.UnknownHostException;
 
 @Slf4j
 public class FilePcapWorker extends AbstractPcapWorker {
 
+    private final File directory = new File("pcaps");
+
     private final SubscriptionService subscriptionService;
     private final File file;
 
     public FilePcapWorker(ServicesService servicesService,
                           StreamService streamService,
                           SubscriptionService subscriptionService,
-                          String localIpString,
+                          InetAddress localIp,
                           String filename) throws UnknownHostException {
-        super(servicesService, streamService, localIpString);
+        super(servicesService, streamService, localIp);
         this.subscriptionService = subscriptionService;
 
-        file = new File(filename);
+        file = new File(directory, filename);
-        if (!file.exists()) {
+        validateFileExists();
-            throw new IllegalArgumentException("File " + file.getAbsolutePath() + " does not exist");
-        }
 
         processorExecutorService = new InlineExecutorService();
     }
@@ -84,4 +86,10 @@ public class FilePcapWorker extends AbstractPcapWorker {
     public String getExecutorState() {
         return "inline";
     }
+
+    private void validateFileExists() {
+        if (!file.exists()) {
+            throw new PcapFileNotFoundException(file, directory);
+        }
+    }
 }

src/main/java/ru/serega6531/packmate/pcap/LivePcapWorker.java

@@ -6,10 +6,13 @@ import org.apache.commons.lang3.concurrent.BasicThreadFactory;
 import org.pcap4j.core.PcapNativeException;
 import org.pcap4j.core.PcapNetworkInterface;
 import org.pcap4j.core.Pcaps;
+import ru.serega6531.packmate.exception.PcapInterfaceNotFoundException;
 import ru.serega6531.packmate.service.ServicesService;
 import ru.serega6531.packmate.service.StreamService;
 
+import java.net.InetAddress;
 import java.net.UnknownHostException;
+import java.util.List;
 import java.util.concurrent.LinkedBlockingQueue;
 import java.util.concurrent.ThreadPoolExecutor;
 import java.util.concurrent.TimeUnit;
@@ -21,14 +24,14 @@ public class LivePcapWorker extends AbstractPcapWorker {
 
     public LivePcapWorker(ServicesService servicesService,
                           StreamService streamService,
-                          String localIpString,
+                          InetAddress localIp,
                           String interfaceName) throws PcapNativeException, UnknownHostException {
-        super(servicesService, streamService, localIpString);
+        super(servicesService, streamService, localIp);
         device = Pcaps.getDevByName(interfaceName);
 
-        if(device == null) {
+        if (device == null) {
-            log.info("Existing devices: {}", Pcaps.findAllDevs().stream().map(PcapNetworkInterface::getName).toList());
+            List<String> existingInterfaces = Pcaps.findAllDevs().stream().map(PcapNetworkInterface::getName).toList();
-            throw new IllegalArgumentException("Device " + interfaceName + " does not exist");
+            throw new PcapInterfaceNotFoundException(interfaceName, existingInterfaces);
         }
 
         BasicThreadFactory factory = new BasicThreadFactory.Builder()

src/main/java/ru/serega6531/packmate/pcap/NoOpPcapWorker.java

@@ -1,11 +1,10 @@
 package ru.serega6531.packmate.pcap;
 
-import org.pcap4j.core.PcapNativeException;
 import ru.serega6531.packmate.model.enums.Protocol;
 
 public class NoOpPcapWorker implements PcapWorker {
     @Override
-    public void start() throws PcapNativeException {
+    public void start() {
     }
 
     @Override

src/main/java/ru/serega6531/packmate/properties/PackmateProperties.java

@@ -0,0 +1,38 @@
+package ru.serega6531.packmate.properties;
+
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import ru.serega6531.packmate.model.enums.CaptureMode;
+
+import java.net.InetAddress;
+
+@ConfigurationProperties("packmate")
+public record PackmateProperties(
+    CaptureMode captureMode,
+    String interfaceName,
+    String pcapFile,
+    InetAddress localIp,
+    WebProperties web,
+    TimeoutProperties timeout,
+    CleanupProperties cleanup,
+    boolean ignoreEmptyPackets
+) {
+
+    public record WebProperties(
+            String accountLogin,
+            String accountPassword
+    ) {}
+
+    public record TimeoutProperties(
+            int udpStreamTimeout,
+            int tcpStreamTimeout,
+            int checkInterval
+    ){}
+
+    public record CleanupProperties(
+            boolean enabled,
+            int threshold,
+            int interval
+    ){}
+
+}

src/main/java/ru/serega6531/packmate/repository/StreamRepository.java

@@ -1,11 +1,13 @@
 package ru.serega6531.packmate.repository;
 
 import org.springframework.data.domain.Pageable;
-import org.springframework.data.jpa.repository.*;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
+import org.springframework.data.jpa.repository.Modifying;
+import org.springframework.data.jpa.repository.Query;
 import ru.serega6531.packmate.model.Packet;
 import ru.serega6531.packmate.model.Stream;
 
-import javax.persistence.QueryHint;
 import java.util.List;
 
 public interface StreamRepository extends JpaRepository<Stream, Long>, JpaSpecificationExecutor<Stream> {
@@ -16,13 +18,12 @@ public interface StreamRepository extends JpaRepository<Stream, Long>, JpaSpecif
 
     long deleteByEndTimestampBeforeAndFavoriteIsFalse(long threshold);
 
-    @Query("SELECT DISTINCT p FROM Packet p " +
+    @Query("SELECT p FROM Packet p " +
             "LEFT JOIN FETCH p.matches " +
             "WHERE p.stream.id = :streamId " +
             "AND (:startingFrom IS NULL OR p.id > :startingFrom) " +
             "ORDER BY p.id"
     )
-    @QueryHints(@QueryHint(name = org.hibernate.jpa.QueryHints.HINT_PASS_DISTINCT_THROUGH, value = "false"))
     List<Packet> getPackets(long streamId, Long startingFrom, Pageable pageable);
 
 }

src/main/java/ru/serega6531/packmate/service/PatternService.java

@@ -1,25 +1,31 @@
 package ru.serega6531.packmate.service;
 
+import jakarta.annotation.PostConstruct;
 import lombok.extern.slf4j.Slf4j;
 import org.modelmapper.ModelMapper;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
 import ru.serega6531.packmate.model.CtfService;
 import ru.serega6531.packmate.model.FoundPattern;
 import ru.serega6531.packmate.model.Pattern;
 import ru.serega6531.packmate.model.enums.PatternActionType;
 import ru.serega6531.packmate.model.enums.PatternDirectionType;
 import ru.serega6531.packmate.model.enums.SubscriptionMessageType;
+import ru.serega6531.packmate.model.pojo.PatternCreateDto;
 import ru.serega6531.packmate.model.pojo.PatternDto;
+import ru.serega6531.packmate.model.pojo.PatternUpdateDto;
 import ru.serega6531.packmate.model.pojo.SubscriptionMessage;
 import ru.serega6531.packmate.repository.PatternRepository;
 
-import javax.annotation.PostConstruct;
 import java.time.Instant;
-import java.util.*;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
 import java.util.concurrent.TimeUnit;
-import java.util.stream.Collectors;
 
 @Service
 @Slf4j
@@ -59,11 +65,11 @@ public class PatternService {
 
     public Set<FoundPattern> findMatches(byte[] bytes, CtfService service, PatternDirectionType directionType, PatternActionType actionType) {
         final List<Pattern> list = patterns.values().stream()
-                .filter(Pattern::isEnabled)
+                .filter(pattern -> pattern.isEnabled() && !pattern.isDeleted())
-                .filter(p -> p.getServiceId() == null || p.getServiceId() == service.getPort())
+                .filter(p -> p.getServiceId() == null || p.getServiceId().equals(service.getPort()))
                 .filter(p -> p.getActionType() == actionType)
                 .filter(p -> p.getDirectionType() == directionType || p.getDirectionType() == PatternDirectionType.BOTH)
-                .collect(Collectors.toList());
+                .toList();
         return new PatternMatcher(bytes, list).findMatches();
     }
 
@@ -88,15 +94,47 @@ public class PatternService {
         }
     }
 
-    public Pattern save(Pattern pattern) {
+    public void delete(int id) {
+        final Pattern pattern = find(id);
+        if (pattern != null) {
+            pattern.setDeleted(true);
+            final Pattern saved = repository.save(pattern);
+            patterns.put(id, saved);
+
+            log.info("Deleted pattern '{}' with value '{}'", pattern.getName(), pattern.getValue());
+            subscriptionService.broadcast(new SubscriptionMessage(SubscriptionMessageType.SAVE_PATTERN, toDto(saved)));
+        }
+    }
+
+    @Transactional
+    public PatternDto create(PatternCreateDto dto) {
+        Pattern pattern = fromDto(dto);
+
+        pattern.setEnabled(true);
+        pattern.setDeleted(false);
+        pattern.setSearchStartTimestamp(System.currentTimeMillis());
+
+        Pattern saved = save(pattern);
+        return toDto(saved);
+    }
+
+    @Transactional
+    public PatternDto update(int id, PatternUpdateDto dto) {
+        Pattern pattern = repository.findById(id).orElseThrow();
+
+        modelMapper.map(dto, pattern);
+
+        Pattern saved = save(pattern);
+        return toDto(saved);
+    }
+
+    private Pattern save(Pattern pattern) {
         try {
             PatternMatcher.compilePattern(pattern);
         } catch (Exception e) {
             throw new IllegalArgumentException(e.getMessage());
         }
 
-        pattern.setSearchStartTimestamp(System.currentTimeMillis());
-
         final Pattern saved = repository.save(pattern);
         patterns.put(saved.getId(), saved);
 
@@ -121,12 +159,11 @@ public class PatternService {
         }
     }
 
-    public Pattern fromDto(PatternDto dto) {
+    public Pattern fromDto(PatternCreateDto dto) {
         return modelMapper.map(dto, Pattern.class);
     }
 
     public PatternDto toDto(Pattern pattern) {
         return modelMapper.map(pattern, PatternDto.class);
     }
-
 }

src/main/java/ru/serega6531/packmate/service/PcapService.java

@@ -4,8 +4,8 @@ import lombok.extern.slf4j.Slf4j;
 import org.pcap4j.core.PcapNativeException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
-import ru.serega6531.packmate.model.CtfService;
 import ru.serega6531.packmate.model.enums.SubscriptionMessageType;
+import ru.serega6531.packmate.model.pojo.ServiceDto;
 import ru.serega6531.packmate.model.pojo.SubscriptionMessage;
 import ru.serega6531.packmate.pcap.NoOpPcapWorker;
 import ru.serega6531.packmate.pcap.PcapWorker;
@@ -40,14 +40,14 @@ public class PcapService {
         }
     }
 
-    public void updateFilter(Collection<CtfService> services) {
+    public void updateFilter(Collection<ServiceDto> services) {
         String filter;
 
         if (services.isEmpty()) {
             filter = "tcp or udp";
         } else {
             final String ports = services.stream()
-                    .map(CtfService::getPort)
+                    .map(ServiceDto::getPort)
                     .map(p -> "port " + p)
                     .collect(Collectors.joining(" or "));
 

src/main/java/ru/serega6531/packmate/service/ServicesService.java

@@ -1,21 +1,26 @@
 package ru.serega6531.packmate.service;
 
+import jakarta.annotation.PostConstruct;
 import lombok.extern.slf4j.Slf4j;
 import org.modelmapper.ModelMapper;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import ru.serega6531.packmate.properties.PackmateProperties;
 import ru.serega6531.packmate.model.CtfService;
 import ru.serega6531.packmate.model.enums.SubscriptionMessageType;
+import ru.serega6531.packmate.model.pojo.ServiceCreateDto;
 import ru.serega6531.packmate.model.pojo.ServiceDto;
+import ru.serega6531.packmate.model.pojo.ServiceUpdateDto;
 import ru.serega6531.packmate.model.pojo.SubscriptionMessage;
 import ru.serega6531.packmate.repository.ServiceRepository;
 
-import javax.annotation.PostConstruct;
 import java.net.InetAddress;
-import java.net.UnknownHostException;
+import java.util.HashMap;
-import java.util.*;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
 
 @Service
 @Slf4j
@@ -35,12 +40,12 @@ public class ServicesService {
                            SubscriptionService subscriptionService,
                            @Lazy PcapService pcapService,
                            ModelMapper modelMapper,
-                           @Value("${local-ip}") String localIpString) throws UnknownHostException {
+                           PackmateProperties properties) {
         this.repository = repository;
         this.subscriptionService = subscriptionService;
         this.pcapService = pcapService;
         this.modelMapper = modelMapper;
-        this.localIp = InetAddress.getByName(localIpString);
+        this.localIp = properties.localIp();
     }
 
     @PostConstruct
@@ -67,8 +72,11 @@ public class ServicesService {
         return Optional.ofNullable(services.get(port));
     }
 
-    public Collection<CtfService> findAll() {
+    public List<ServiceDto> findAll() {
-        return services.values();
+        return services.values()
+                .stream()
+                .map(this::toDto)
+                .toList();
     }
 
     public void deleteByPort(int port) {
@@ -82,9 +90,31 @@ public class ServicesService {
         updateFilter();
     }
 
-    public CtfService save(CtfService service) {
+    @Transactional
-        log.info("Added or edited service '{}' at port {}", service.getName(), service.getPort());
+    public ServiceDto create(ServiceCreateDto dto) {
+        if (repository.existsById(dto.getPort())) {
+            throw new IllegalArgumentException("Service already exists");
+        }
 
+        CtfService service = fromDto(dto);
+
+        log.info("Added service '{}' at port {}", service.getName(), service.getPort());
+
+        return save(service);
+    }
+
+    @Transactional
+    public ServiceDto update(int port, ServiceUpdateDto dto) {
+        CtfService service = repository.findById(port).orElseThrow();
+
+        log.info("Edited service '{}' at port {}", service.getName(), service.getPort());
+
+        modelMapper.map(dto, service);
+        service.setPort(port);
+        return save(service);
+    }
+
+    private ServiceDto save(CtfService service) {
         final CtfService saved = repository.save(service);
         services.put(saved.getPort(), saved);
 
@@ -92,18 +122,18 @@ public class ServicesService {
 
         updateFilter();
 
-        return saved;
+        return toDto(saved);
     }
 
     public void updateFilter() {
         pcapService.updateFilter(findAll());
     }
 
-    public ServiceDto toDto(CtfService service) {
+    private ServiceDto toDto(CtfService service) {
         return modelMapper.map(service, ServiceDto.class);
     }
 
-    public CtfService fromDto(ServiceDto dto) {
+    private CtfService fromDto(ServiceCreateDto dto) {
         return modelMapper.map(dto, CtfService.class);
     }
 

src/main/java/ru/serega6531/packmate/service/StreamService.java

@@ -4,7 +4,6 @@ import lombok.extern.slf4j.Slf4j;
 import org.jetbrains.annotations.Nullable;
 import org.modelmapper.ModelMapper;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.data.domain.PageRequest;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.domain.Sort;
@@ -13,13 +12,21 @@ import org.springframework.scheduling.annotation.Async;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;
-import ru.serega6531.packmate.model.*;
+import ru.serega6531.packmate.model.CtfService;
+import ru.serega6531.packmate.model.FoundPattern;
+import ru.serega6531.packmate.model.Packet;
+import ru.serega6531.packmate.model.Pattern;
+import ru.serega6531.packmate.model.Stream;
 import ru.serega6531.packmate.model.enums.PatternActionType;
 import ru.serega6531.packmate.model.enums.PatternDirectionType;
 import ru.serega6531.packmate.model.enums.SubscriptionMessageType;
-import ru.serega6531.packmate.model.pojo.*;
+import ru.serega6531.packmate.model.pojo.PacketDto;
+import ru.serega6531.packmate.model.pojo.StreamDto;
+import ru.serega6531.packmate.model.pojo.StreamPagination;
+import ru.serega6531.packmate.model.pojo.SubscriptionMessage;
+import ru.serega6531.packmate.model.pojo.UnfinishedStream;
+import ru.serega6531.packmate.properties.PackmateProperties;
 import ru.serega6531.packmate.repository.StreamRepository;
-import ru.serega6531.packmate.service.optimization.RsaKeysHolder;
 import ru.serega6531.packmate.service.optimization.StreamOptimizer;
 
 import java.time.ZonedDateTime;
@@ -28,7 +35,6 @@ import java.util.List;
 import java.util.Optional;
 import java.util.Set;
 import java.util.regex.Matcher;
-import java.util.stream.Collectors;
 
 @Service
 @Slf4j
@@ -39,9 +45,7 @@ public class StreamService {
     private final ServicesService servicesService;
     private final CountingService countingService;
     private final SubscriptionService subscriptionService;
-    private final RsaKeysHolder keysHolder;
     private final ModelMapper modelMapper;
-
     private final boolean ignoreEmptyPackets;
 
     private final java.util.regex.Pattern userAgentPattern = java.util.regex.Pattern.compile("User-Agent: (.+)\\r\\n");
@@ -52,17 +56,15 @@ public class StreamService {
                          ServicesService servicesService,
                          CountingService countingService,
                          SubscriptionService subscriptionService,
-                         RsaKeysHolder keysHolder,
                          ModelMapper modelMapper,
-                         @Value("${ignore-empty-packets}") boolean ignoreEmptyPackets) {
+                         PackmateProperties properties) {
         this.repository = repository;
         this.patternService = patternService;
         this.servicesService = servicesService;
         this.countingService = countingService;
         this.subscriptionService = subscriptionService;
-        this.keysHolder = keysHolder;
         this.modelMapper = modelMapper;
-        this.ignoreEmptyPackets = ignoreEmptyPackets;
+        this.ignoreEmptyPackets = properties.ignoreEmptyPackets();
     }
 
     /**
@@ -71,15 +73,15 @@ public class StreamService {
     @Transactional(propagation = Propagation.NEVER)
     public boolean saveNewStream(UnfinishedStream unfinishedStream, List<Packet> packets) {
         final var serviceOptional = servicesService.findService(
-                unfinishedStream.getFirstIp(),
+                unfinishedStream.firstIp(),
-                unfinishedStream.getFirstPort(),
+                unfinishedStream.firstPort(),
-                unfinishedStream.getSecondIp(),
+                unfinishedStream.secondIp(),
-                unfinishedStream.getSecondPort()
+                unfinishedStream.secondPort()
         );
 
         if (serviceOptional.isEmpty()) {
             log.warn("Failed to save the stream: service at port {} or {} does not exist",
-                    unfinishedStream.getFirstPort(), unfinishedStream.getSecondPort());
+                    unfinishedStream.firstPort(), unfinishedStream.secondPort());
             return false;
         }
         CtfService service = serviceOptional.get();
@@ -95,7 +97,10 @@ public class StreamService {
 
         countingService.countStream(service.getPort(), packets.size());
 
-        List<Packet> optimizedPackets = new StreamOptimizer(keysHolder, service, packets).optimizeStream();
+        int packetsSize = packets.stream().mapToInt(p -> p.getContent().length).sum();
+        int packetsCount = packets.size();
+
+        List<Packet> optimizedPackets = new StreamOptimizer(service, packets).optimizeStream();
 
         if (isStreamIgnored(optimizedPackets, service)) {
             log.debug("New stream is ignored");
@@ -107,7 +112,7 @@ public class StreamService {
                 .findFirst();
 
         final Stream stream = new Stream();
-        stream.setProtocol(unfinishedStream.getProtocol());
+        stream.setProtocol(unfinishedStream.protocol());
         stream.setTtl(firstIncoming.map(Packet::getTtl).orElse(0));
         stream.setStartTimestamp(packets.get(0).getTimestamp());
         stream.setEndTimestamp(packets.get(packets.size() - 1).getTimestamp());
@@ -116,6 +121,9 @@ public class StreamService {
         String userAgentHash = getUserAgentHash(optimizedPackets);
         stream.setUserAgentHash(userAgentHash);
 
+        stream.setSizeBytes(packetsSize);
+        stream.setPacketsCount(packetsCount);
+
         Set<Pattern> foundPatterns = matchPatterns(optimizedPackets, service);
         stream.setFoundPatterns(foundPatterns);
         stream.setPackets(optimizedPackets);
@@ -190,7 +198,7 @@ public class StreamService {
             foundPatterns.addAll(matches.stream()
                     .map(FoundPattern::getPatternId)
                     .map(patternService::find)
-                    .collect(Collectors.toList()));
+                    .toList());
         }
 
         return foundPatterns;
@@ -244,9 +252,12 @@ public class StreamService {
         return saved;
     }
 
-    public List<Packet> getPackets(long streamId, @Nullable Long startingFrom, int pageSize) {
+    @Transactional
-//        long safeStartingFrom = startingFrom != null ? startingFrom : 0;
+    public List<PacketDto> getPackets(long streamId, @Nullable Long startingFrom, int pageSize) {
-        return repository.getPackets(streamId, startingFrom, Pageable.ofSize(pageSize));
+        return repository.getPackets(streamId, startingFrom, Pageable.ofSize(pageSize))
+                .stream()
+                .map(this::packetToDto)
+                .toList();
     }
 
     /**
@@ -262,7 +273,8 @@ public class StreamService {
         repository.setFavorite(id, favorite);
     }
 
-    public List<Stream> findAll(StreamPagination pagination, Optional<Integer> service, boolean onlyFavorites) {
+    @Transactional
+    public List<StreamDto> findAll(StreamPagination pagination, Optional<Integer> service, boolean onlyFavorites) {
         PageRequest page = PageRequest.of(0, pagination.getPageSize(), Sort.Direction.DESC, "id");
 
         Specification<Stream> spec = Specification.where(null);
@@ -283,7 +295,11 @@ public class StreamService {
             spec = spec.and(streamPatternsContains(pagination.getPattern()));
         }
 
-        return repository.findAll(spec, page).getContent();
+        return repository.findAll(spec, page)
+                .getContent()
+                .stream()
+                .map(this::streamToDto)
+                .toList();
     }
 
      public List<Stream> findAllBetweenTimestamps(long start, long end) {

src/main/java/ru/serega6531/packmate/service/optimization/HttpChunksProcessor.java

@@ -1,180 +0,0 @@
-package ru.serega6531.packmate.service.optimization;
-
-import com.google.common.primitives.Bytes;
-import lombok.RequiredArgsConstructor;
-import lombok.SneakyThrows;
-import lombok.extern.slf4j.Slf4j;
-import ru.serega6531.packmate.model.Packet;
-import ru.serega6531.packmate.utils.BytesUtils;
-import ru.serega6531.packmate.utils.PacketUtils;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.nio.ByteBuffer;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-
-@Slf4j
-@RequiredArgsConstructor
-public class HttpChunksProcessor {
-
-    private static final String CHUNKED_HTTP_HEADER = "transfer-encoding: chunked\r\n";
-    private final List<Packet> packets;
-
-    private int position;
-    private boolean chunkStarted = false;
-    private final List<Packet> chunkPackets = new ArrayList<>();
-
-    public void processChunkedEncoding() {
-        int start = -1;
-
-        for (position = 0; position < packets.size(); position++) {
-            Packet packet = packets.get(position);
-            if (!packet.isIncoming()) {
-                String content = packet.getContentString();
-
-                boolean http = content.startsWith("HTTP/");
-                int contentPos = content.indexOf("\r\n\r\n");
-
-                if (http && contentPos != -1) {   // начало body
-                    String headers = content.substring(0, contentPos + 2);  // захватываем первые \r\n
-                    boolean chunked = headers.toLowerCase().contains(CHUNKED_HTTP_HEADER);
-                    if (chunked) {
-                        chunkStarted = true;
-                        start = position;
-                        chunkPackets.add(packet);
-
-                        checkCompleteChunk(chunkPackets, start);
-                    } else {
-                        chunkStarted = false;
-                        chunkPackets.clear();
-                    }
-                } else if (chunkStarted) {
-                    chunkPackets.add(packet);
-                    checkCompleteChunk(chunkPackets, start);
-                }
-            }
-        }
-    }
-
-    private void checkCompleteChunk(List<Packet> packets, int start) {
-        boolean end = Arrays.equals(packets.get(packets.size() - 1).getContent(), "0\r\n\r\n".getBytes()) ||
-                BytesUtils.endsWith(packets.get(packets.size() - 1).getContent(), "\r\n0\r\n\r\n".getBytes());
-
-        if (end) {
-            processChunk(packets, start);
-        }
-    }
-
-    @SneakyThrows
-    private void processChunk(List<Packet> packets, int start) {
-        //noinspection OptionalGetWithoutIsPresent
-        final byte[] content = PacketUtils.mergePackets(packets).get();
-
-        ByteArrayOutputStream output = new ByteArrayOutputStream(content.length);
-
-        final int contentStart = Bytes.indexOf(content, "\r\n\r\n".getBytes()) + 4;
-        output.write(content, 0, contentStart);
-
-        ByteBuffer buf = ByteBuffer.wrap(Arrays.copyOfRange(content, contentStart, content.length));
-
-        while (true) {
-            final int chunkSize = readChunkSize(buf);
-
-            switch (chunkSize) {
-                case -1 -> {
-                    log.warn("Failed to merge chunks, next chunk size not found");
-                    resetChunk();
-                    return;
-                }
-                case 0 -> {
-                    buildWholePacket(packets, start, output);
-                    return;
-                }
-                default -> {
-                    if (!readChunk(buf, chunkSize, output)) return;
-                    if (!readTrailer(buf)) return;
-                }
-            }
-        }
-    }
-
-    private boolean readChunk(ByteBuffer buf, int chunkSize, ByteArrayOutputStream output) throws IOException {
-        if (chunkSize > buf.remaining()) {
-            log.warn("Failed to merge chunks, chunk size too big: {} + {} > {}",
-                    buf.position(), chunkSize, buf.capacity());
-            resetChunk();
-            return false;
-        }
-
-        byte[] chunk = new byte[chunkSize];
-        buf.get(chunk);
-        output.write(chunk);
-        return true;
-    }
-
-    private boolean readTrailer(ByteBuffer buf) {
-        if (buf.remaining() < 2) {
-            log.warn("Failed to merge chunks, chunk doesn't end with \\r\\n");
-            resetChunk();
-            return false;
-        }
-
-        int c1 = buf.get();
-        int c2 = buf.get();
-
-        if (c1 != '\r' || c2 != '\n') {
-            log.warn("Failed to merge chunks, chunk trailer is not equal to \\r\\n");
-            resetChunk();
-            return false;
-        }
-
-        return true;
-    }
-
-    private void buildWholePacket(List<Packet> packets, int start, ByteArrayOutputStream output) {
-        Packet result = Packet.builder()
-                .incoming(false)
-                .timestamp(packets.get(0).getTimestamp())
-                .ungzipped(false)
-                .webSocketParsed(false)
-                .tlsDecrypted(packets.get(0).isTlsDecrypted())
-                .content(output.toByteArray())
-                .build();
-
-        this.packets.removeAll(packets);
-        this.packets.add(start, result);
-
-        resetChunk();
-        position = start + 1;
-    }
-
-    private void resetChunk() {
-        chunkStarted = false;
-        chunkPackets.clear();
-    }
-
-    private int readChunkSize(ByteBuffer buf) {
-        StringBuilder sb = new StringBuilder();
-
-        while (buf.remaining() > 2) {
-            byte b = buf.get();
-
-            if ((b >= '0' && b <= '9') || (b >= 'a' && b <= 'f')) {
-                sb.append((char) b);
-            } else if (b == '\r') {
-                if (buf.get() == '\n') {
-                    return Integer.parseInt(sb.toString(), 16);
-                } else {
-                    return -1; // после \r не идет \n
-                }
-            } else {
-                return -1;
-            }
-        }
-
-        return -1;
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/HttpGzipProcessor.java

@@ -1,121 +0,0 @@
-package ru.serega6531.packmate.service.optimization;
-
-import com.google.common.primitives.Bytes;
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang3.ArrayUtils;
-import ru.serega6531.packmate.model.Packet;
-import ru.serega6531.packmate.utils.PacketUtils;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.util.Arrays;
-import java.util.List;
-import java.util.zip.GZIPInputStream;
-import java.util.zip.ZipException;
-
-@Slf4j
-@RequiredArgsConstructor
-public class HttpGzipProcessor {
-
-    private static final String GZIP_HTTP_HEADER = "content-encoding: gzip\r\n";
-    private static final byte[] GZIP_HEADER = {0x1f, (byte) 0x8b, 0x08};
-
-    private final List<Packet> packets;
-
-    boolean gzipStarted = false;
-    private int position;
-
-    /**
-     * Попытаться распаковать GZIP из исходящих http пакетов. <br>
-     * GZIP поток начинается на найденном HTTP пакете с заголовком Content-Encoding: gzip
-     * (при этом заголовок HTTP может быть в другом пакете)<br>
-     * Поток заканчивается при обнаружении нового HTTP заголовка,
-     * при смене стороны передачи или при окончании всего стрима
-     */
-    public void unpackGzip() {
-        int gzipStartPacket = 0;
-
-        for (position = 0; position < packets.size(); position++) {
-            Packet packet = packets.get(position);
-
-            if (packet.isIncoming() && gzipStarted) {   // поток gzip закончился
-                extractGzip(gzipStartPacket, position - 1);
-            } else if (!packet.isIncoming()) {
-                String content = packet.getContentString();
-
-                int contentPos = content.indexOf("\r\n\r\n");
-                boolean http = content.startsWith("HTTP/");
-
-                if (http && gzipStarted) {  // начался новый http пакет, заканчиваем старый gzip поток
-                    extractGzip(gzipStartPacket, position - 1);
-                }
-
-                if (contentPos != -1) {   // начало body
-                    String headers = content.substring(0, contentPos + 2);  // захватываем первые \r\n
-                    boolean gziped = headers.toLowerCase().contains(GZIP_HTTP_HEADER);
-                    if (gziped) {
-                        gzipStarted = true;
-                        gzipStartPacket = position;
-                    }
-                }
-            }
-        }
-
-        if (gzipStarted) {  // стрим закончился gzip пакетом
-            extractGzip(gzipStartPacket, packets.size() - 1);
-        }
-    }
-
-    /**
-     * Попытаться распаковать кусок пакетов с gzip body и вставить результат на их место
-     */
-    private void extractGzip(int gzipStartPacket, int gzipEndPacket) {
-        List<Packet> cut = packets.subList(gzipStartPacket, gzipEndPacket + 1);
-
-        Packet decompressed = decompressGzipPackets(cut);
-        if (decompressed != null) {
-            packets.removeAll(cut);
-            packets.add(gzipStartPacket, decompressed);
-
-            gzipStarted = false;
-            position = gzipStartPacket + 1;  // продвигаем указатель на следующий после склеенного блок
-        }
-    }
-
-    private Packet decompressGzipPackets(List<Packet> cut) {
-        //noinspection OptionalGetWithoutIsPresent
-        final byte[] content = PacketUtils.mergePackets(cut).get();
-
-        final int gzipStart = Bytes.indexOf(content, GZIP_HEADER);
-        byte[] httpHeader = Arrays.copyOfRange(content, 0, gzipStart);
-        byte[] gzipBytes = Arrays.copyOfRange(content, gzipStart, content.length);
-
-        try {
-            final GZIPInputStream gzipStream = new GZIPInputStream(new ByteArrayInputStream(gzipBytes));
-            ByteArrayOutputStream out = new ByteArrayOutputStream();
-            IOUtils.copy(gzipStream, out);
-            byte[] newContent = ArrayUtils.addAll(httpHeader, out.toByteArray());
-
-            log.debug("GZIP decompressed: {} -> {} bytes", gzipBytes.length, out.size());
-
-            return Packet.builder()
-                    .incoming(false)
-                    .timestamp(cut.get(0).getTimestamp())
-                    .ungzipped(true)
-                    .webSocketParsed(false)
-                    .tlsDecrypted(cut.get(0).isTlsDecrypted())
-                    .content(newContent)
-                    .build();
-        } catch (ZipException e) {
-            log.warn("Failed to decompress gzip, leaving as it is: {}", e.getMessage());
-        } catch (IOException e) {
-            log.error("decompress gzip", e);
-        }
-
-        return null;
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/HttpProcessor.java

@@ -0,0 +1,65 @@
+package ru.serega6531.packmate.service.optimization;
+
+import lombok.extern.slf4j.Slf4j;
+import rawhttp.core.HttpMessage;
+import rawhttp.core.RawHttp;
+import rawhttp.core.RawHttpOptions;
+import rawhttp.core.body.BodyReader;
+import rawhttp.core.errors.InvalidHttpHeader;
+import rawhttp.core.errors.InvalidHttpRequest;
+import rawhttp.core.errors.InvalidHttpResponse;
+import rawhttp.core.errors.InvalidMessageFrame;
+import rawhttp.core.errors.UnknownEncodingException;
+import ru.serega6531.packmate.model.Packet;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.util.List;
+import java.util.Optional;
+
+@Slf4j
+public class HttpProcessor {
+
+    private static final RawHttp rawHttp = new RawHttp(RawHttpOptions.strict());
+
+    public void process(List<Packet> packets) {
+        packets.stream()
+                .filter(p -> !p.isWebSocketParsed())
+                .forEach(this::processPacket);
+    }
+
+    private void processPacket(Packet packet) {
+        try {
+            ByteArrayInputStream contentStream = new ByteArrayInputStream(packet.getContent());
+            HttpMessage message;
+
+            if (packet.isIncoming()) {
+                message = rawHttp.parseRequest(contentStream).eagerly();
+            } else {
+                message = rawHttp.parseResponse(contentStream).eagerly();
+            }
+
+            packet.setContent(getDecodedMessage(message));
+            packet.setHasHttpBody(message.getBody().isPresent());
+        } catch (IOException | InvalidHttpRequest | InvalidHttpResponse | InvalidHttpHeader | InvalidMessageFrame |
+                 UnknownEncodingException e) {
+            log.warn("Could not parse http packet", e);
+        }
+    }
+
+    private byte[] getDecodedMessage(HttpMessage message) throws IOException {
+        ByteArrayOutputStream os = new ByteArrayOutputStream(256);
+
+        message.getStartLine().writeTo(os);
+        message.getHeaders().writeTo(os);
+
+        Optional<? extends BodyReader> body = message.getBody();
+        if (body.isPresent()) {
+            body.get().writeDecodedTo(os, 256);
+        }
+
+        return os.toByteArray();
+    }
+
+}

src/main/java/ru/serega6531/packmate/service/optimization/HttpUrldecodeProcessor.java

@@ -1,6 +1,5 @@
 package ru.serega6531.packmate.service.optimization;
 
-import lombok.AllArgsConstructor;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import ru.serega6531.packmate.model.Packet;
@@ -9,17 +8,14 @@ import java.net.URLDecoder;
 import java.nio.charset.StandardCharsets;
 import java.util.List;
 
-@AllArgsConstructor
 @Slf4j
 public class HttpUrldecodeProcessor {
 
-    private final List<Packet> packets;
-
     /**
      * Декодирование urlencode с http пакета до смены стороны или окончания стрима
      */
     @SneakyThrows
-    public void urldecodeRequests() {
+    public void urldecodeRequests(List<Packet> packets) {
         boolean httpStarted = false;
 
         for (Packet packet : packets) {

src/main/java/ru/serega6531/packmate/service/optimization/PacketsMerger.java

@@ -1,30 +1,25 @@
 package ru.serega6531.packmate.service.optimization;
 
-import lombok.AllArgsConstructor;
 import ru.serega6531.packmate.model.Packet;
 import ru.serega6531.packmate.utils.PacketUtils;
 
 import java.util.List;
 
-@AllArgsConstructor
 public class PacketsMerger {
 
-    private final List<Packet> packets;
-
     /**
-     * Сжать соседние пакеты в одном направлении в один.
+     * Сжать соседние пакеты в одном направлении в один. Не склеивает WS и не-WS пакеты.
-     * Выполняется после других оптимизаций чтобы правильно определять границы пакетов.
      */
-    public void mergeAdjacentPackets() {
+    public void mergeAdjacentPackets(List<Packet> packets) {
         int start = 0;
         int packetsInRow = 0;
-        boolean incoming = true;
+        Packet previous = null;
 
         for (int i = 0; i < packets.size(); i++) {
             Packet packet = packets.get(i);
-            if (packet.isIncoming() != incoming) {
+            if (previous == null || !shouldBeInSameBatch(packet, previous)) {
                 if (packetsInRow > 1) {
-                    compress(start, i);
+                    compress(packets, start, i);
 
                     i = start + 1;  // продвигаем указатель на следующий после склеенного блок
                 }
@@ -34,36 +29,38 @@ public class PacketsMerger {
                 packetsInRow++;
             }
 
-            incoming = packet.isIncoming();
+            previous = packet;
         }
 
         if (packetsInRow > 1) {
-            compress(start, packets.size());
+            compress(packets, start, packets.size());
         }
     }
 
     /**
      * Сжать кусок со start по end в один пакет
      */
-    private void compress(int start, int end) {
+    private void compress(List<Packet> packets, int start, int end) {
         final List<Packet> cut = packets.subList(start, end);
         final long timestamp = cut.get(0).getTimestamp();
-        final boolean ungzipped = cut.stream().anyMatch(Packet::isUngzipped);
+        final boolean httpProcessed = cut.stream().anyMatch(Packet::isHttpProcessed);
         final boolean webSocketParsed = cut.stream().anyMatch(Packet::isWebSocketParsed);
-        final boolean tlsDecrypted = cut.get(0).isTlsDecrypted();
         final boolean incoming = cut.get(0).isIncoming();
-        //noinspection OptionalGetWithoutIsPresent
+        final byte[] content = PacketUtils.mergePackets(cut);
-        final byte[] content = PacketUtils.mergePackets(cut).get();
 
         packets.removeAll(cut);
         packets.add(start, Packet.builder()
                 .incoming(incoming)
                 .timestamp(timestamp)
-                .ungzipped(ungzipped)
+                .httpProcessed(httpProcessed)
                 .webSocketParsed(webSocketParsed)
-                .tlsDecrypted(tlsDecrypted)
                 .content(content)
                 .build());
     }
 
+    private boolean shouldBeInSameBatch(Packet p1, Packet p2) {
+        return p1.isIncoming() == p2.isIncoming() &&
+                p1.isWebSocketParsed() == p2.isWebSocketParsed();
+    }
+
 }

src/main/java/ru/serega6531/packmate/service/optimization/RsaKeysHolder.java

@@ -1,75 +0,0 @@
-package ru.serega6531.packmate.service.optimization;
-
-import lombok.SneakyThrows;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.boot.context.event.ApplicationReadyEvent;
-import org.springframework.context.event.EventListener;
-import org.springframework.stereotype.Service;
-
-import java.io.File;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.nio.file.Files;
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.util.Base64;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Objects;
-
-@Service
-@Slf4j
-public class RsaKeysHolder {
-
-    // Key: N from RSA public key
-    private final Map<BigInteger, RSAPrivateKey> keys = new HashMap<>();
-
-    public RSAPrivateKey getKey(BigInteger modulus) {
-        return keys.get(modulus);
-    }
-
-    @EventListener(ApplicationReadyEvent.class)
-    public void afterStartup(ApplicationReadyEvent event) {
-        log.info("Loading RSA keys...");
-        File dir = new File("rsa_keys");
-        if (dir.exists() && dir.isDirectory()) {
-            for (File keyFile : Objects.requireNonNull(dir.listFiles())) {
-                addKey(keyFile);
-            }
-        }
-    }
-
-    @SneakyThrows
-    public void addKey(File keyFile) {
-        if (!keyFile.exists()) {
-            throw new IllegalArgumentException("Key file does not exist");
-        }
-
-        try {
-            RSAPrivateKey privateKey = loadFromFile(keyFile);
-            keys.put(privateKey.getModulus(), privateKey);
-            String n = privateKey.getModulus().toString();
-            log.info("Loaded RSA key with N={}...", n.substring(0, Math.min(n.length(), 8)));
-        } catch (IOException | InvalidKeySpecException e) {
-            log.error("Error loading rsa key", e);
-        }
-    }
-
-    private RSAPrivateKey loadFromFile(File keyFile) throws IOException, InvalidKeySpecException, NoSuchAlgorithmException {
-        String content = Files.readString(keyFile.toPath());
-
-        content = content.replaceAll("-----BEGIN (RSA )?PRIVATE KEY-----", "")
-                .replaceAll("-----END (RSA )?PRIVATE KEY-----", "")
-                .replace("\n", "");
-
-        byte[] keyBytes = Base64.getDecoder().decode(content);
-
-        PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
-        KeyFactory kf = KeyFactory.getInstance("RSA");
-        return (RSAPrivateKey) kf.generatePrivate(spec);
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/StreamOptimizer.java

@@ -1,7 +1,6 @@
 package ru.serega6531.packmate.service.optimization;
 
 import lombok.AllArgsConstructor;
-import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import ru.serega6531.packmate.model.CtfService;
 import ru.serega6531.packmate.model.Packet;
@@ -12,116 +11,55 @@ import java.util.List;
 @Slf4j
 public class StreamOptimizer {
 
-    private final RsaKeysHolder keysHolder;
     private final CtfService service;
     private List<Packet> packets;
 
+    private final PacketsMerger merger = new PacketsMerger();
+    private final HttpUrldecodeProcessor urldecodeProcessor = new HttpUrldecodeProcessor();
+    private final HttpProcessor httpProcessor = new HttpProcessor();
+
+
     /**
      * Вызвать для выполнения оптимизаций на переданном списке пакетов.
      */
     public List<Packet> optimizeStream() {
-        if (service.isDecryptTls()) {
-            try {
-                decryptTls();
-            } catch (Exception e) {
-                log.warn("Error optimizing stream (tls)", e);
-                return packets;
-            }
-        }
-
-        if (service.isProcessChunkedEncoding()) {
-            try {
-                processChunkedEncoding();
-            } catch (Exception e) {
-                log.warn("Error optimizing stream (chunks)", e);
-                return packets;
-            }
-        }
-
-        if (service.isUngzipHttp()) {
-            try {
-                unpackGzip();
-            } catch (Exception e) {
-                log.warn("Error optimizing stream (gzip)", e);
-                return packets;
-            }
-        }
-
         if (service.isParseWebSockets()) {
             try {
                 parseWebSockets();
             } catch (Exception e) {
-                log.warn("Error optimizing stream (websocketss)", e);
+                log.warn("Error optimizing stream (websockets)", e);
                 return packets;
             }
         }
 
         if (service.isUrldecodeHttpRequests()) {
             try {
-                urldecodeRequests();
+                urldecodeProcessor.urldecodeRequests(packets);
             } catch (Exception e) {
                 log.warn("Error optimizing stream (urldecode)", e);
                 return packets;
             }
         }
 
-        if (service.isMergeAdjacentPackets()) {
+        if (service.isMergeAdjacentPackets() || service.isHttp()) {
             try {
-                mergeAdjacentPackets();
+                merger.mergeAdjacentPackets(packets);
             } catch (Exception e) {
                 log.warn("Error optimizing stream (adjacent)", e);
                 return packets;
             }
         }
 
+        if (service.isHttp()) {
+            try {
+                httpProcessor.process(packets);
+            } catch (Exception e) {
+                log.warn("Error optimizing stream (http)", e);
                 return packets;
             }
-
-    private void decryptTls() {
-        final TlsDecryptor tlsDecryptor = new TlsDecryptor(packets, keysHolder);
-        tlsDecryptor.decryptTls();
-
-        if (tlsDecryptor.isParsed()) {
-            packets = tlsDecryptor.getParsedPackets();
-        }
         }
 
-    /**
+        return packets;
-     * Сжать соседние пакеты в одном направлении в один.
-     * Выполняется после других оптимизаций чтобы правильно определять границы пакетов.
-     */
-    private void mergeAdjacentPackets() {
-        final PacketsMerger merger = new PacketsMerger(packets);
-        merger.mergeAdjacentPackets();
-    }
-
-    /**
-     * Декодирование urlencode с http пакета до смены стороны или окончания стрима
-     */
-    @SneakyThrows
-    private void urldecodeRequests() {
-        final HttpUrldecodeProcessor processor = new HttpUrldecodeProcessor(packets);
-        processor.urldecodeRequests();
-    }
-
-    /**
-     * <a href="https://ru.wikipedia.org/wiki/Chunked_transfer_encoding">Chunked transfer encoding</a>
-     */
-    private void processChunkedEncoding() {
-        HttpChunksProcessor processor = new HttpChunksProcessor(packets);
-        processor.processChunkedEncoding();
-    }
-
-    /**
-     * Попытаться распаковать GZIP из исходящих http пакетов. <br>
-     * GZIP поток начинается на найденном HTTP пакете с заголовком Content-Encoding: gzip
-     * (при этом заголовок HTTP может быть в другом пакете)<br>
-     * Поток заканчивается при обнаружении нового HTTP заголовка,
-     * при смене стороны передачи или при окончании всего стрима
-     */
-    private void unpackGzip() {
-        final HttpGzipProcessor processor = new HttpGzipProcessor(packets);
-        processor.unpackGzip();
     }
 
     private void parseWebSockets() {

src/main/java/ru/serega6531/packmate/service/optimization/TlsDecryptor.java

@@ -1,300 +0,0 @@
-package ru.serega6531.packmate.service.optimization;
-
-import com.google.common.collect.ArrayListMultimap;
-import com.google.common.collect.ListMultimap;
-import lombok.Getter;
-import lombok.RequiredArgsConstructor;
-import lombok.SneakyThrows;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.ArrayUtils;
-import org.bouncycastle.tls.ExporterLabel;
-import org.bouncycastle.tls.PRFAlgorithm;
-import org.bouncycastle.tls.crypto.TlsSecret;
-import org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto;
-import org.bouncycastle.tls.crypto.impl.bc.BcTlsSecret;
-import org.pcap4j.packet.IllegalRawDataException;
-import org.pcap4j.util.ByteArrays;
-import ru.serega6531.packmate.model.Packet;
-import ru.serega6531.packmate.service.optimization.tls.TlsPacket;
-import ru.serega6531.packmate.service.optimization.tls.keys.TlsKeyUtils;
-import ru.serega6531.packmate.service.optimization.tls.numbers.CipherSuite;
-import ru.serega6531.packmate.service.optimization.tls.numbers.ContentType;
-import ru.serega6531.packmate.service.optimization.tls.numbers.HandshakeType;
-import ru.serega6531.packmate.service.optimization.tls.records.ApplicationDataRecord;
-import ru.serega6531.packmate.service.optimization.tls.records.HandshakeRecord;
-import ru.serega6531.packmate.service.optimization.tls.records.handshakes.*;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-import java.io.ByteArrayInputStream;
-import java.nio.ByteBuffer;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Optional;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-@Slf4j
-@RequiredArgsConstructor
-public class TlsDecryptor {
-
-    private static final Pattern cipherSuitePattern = Pattern.compile("TLS_RSA_WITH_([A-Z0-9_]+)_[A-Z0-9]+");
-
-    private final List<Packet> packets;
-    private final RsaKeysHolder keysHolder;
-
-    @Getter
-    private boolean parsed = false;
-    private List<Packet> result;
-
-    private ListMultimap<Packet, TlsPacket.TlsHeader> tlsPackets;
-    private byte[] clientRandom;
-    private byte[] serverRandom;
-
-    public void decryptTls() {
-        tlsPackets = ArrayListMultimap.create(packets.size(), 1);
-
-        try {
-            for (Packet p : packets) {
-                tlsPackets.putAll(p, createTlsHeaders(p));
-            }
-        } catch (IllegalRawDataException e) {
-            log.warn("Failed to parse TLS packets", e);
-            return;
-        }
-
-        var clientHelloOpt = getHandshake(HandshakeType.CLIENT_HELLO);
-        var serverHelloOpt = getHandshake(HandshakeType.SERVER_HELLO);
-
-        if (clientHelloOpt.isEmpty() || serverHelloOpt.isEmpty()) {
-            return;
-        }
-
-        var clientHello = (ClientHelloHandshakeRecordContent) clientHelloOpt.get();
-        var serverHello = (ServerHelloHandshakeRecordContent) serverHelloOpt.get();
-
-        CipherSuite cipherSuite = serverHello.getCipherSuite();
-
-        if (cipherSuite.name().startsWith("TLS_RSA_WITH_")) {
-            Matcher matcher = cipherSuitePattern.matcher(cipherSuite.name());
-            //noinspection ResultOfMethodCallIgnored
-            matcher.find();
-            String blockCipher = matcher.group(1);
-
-            clientRandom = clientHello.getRandom();
-            serverRandom = serverHello.getRandom();
-
-            decryptTlsRsa(blockCipher);
-        }
-    }
-
-    @SneakyThrows
-    private void decryptTlsRsa(String blockCipher) {
-        String[] blockCipherParts = blockCipher.split("_");
-        String blockCipherAlgo = blockCipherParts[0];
-        int blockCipherSize = Integer.parseInt(blockCipherParts[1]);
-        String blockCipherMode = blockCipherParts[2];
-
-        if (!blockCipherAlgo.equals("AES")) {  //TODO использовать не только AES256
-            return;
-        }
-
-        int keyLength = blockCipherSize / 8;
-
-        Optional<RSAPublicKey> publicKeyOpt = getRsaPublicKey();
-
-        if (publicKeyOpt.isEmpty()) {
-            return;
-        }
-
-        RSAPublicKey publicKey = publicKeyOpt.get();
-        RSAPrivateKey privateKey = keysHolder.getKey(publicKey.getModulus());
-        if (privateKey == null) {
-            String n = publicKey.getModulus().toString();
-            log.warn("Key for modulus not found: {}...", n.substring(0, Math.min(n.length(), 8)));
-            return;
-        }
-
-        Optional<BcTlsSecret> preMasterOptional = getPreMaster(privateKey);
-        if (preMasterOptional.isEmpty()) {
-            return;
-        }
-
-        BcTlsSecret preMaster = preMasterOptional.get();
-
-        byte[] randomCS = ArrayUtils.addAll(clientRandom, serverRandom);
-        byte[] randomSC = ArrayUtils.addAll(serverRandom, clientRandom);
-
-        TlsSecret masterSecret = preMaster.deriveUsingPRF(
-                PRFAlgorithm.tls_prf_sha256, ExporterLabel.master_secret, randomCS, 48);
-        byte[] expanded = masterSecret.deriveUsingPRF(
-                PRFAlgorithm.tls_prf_sha256, ExporterLabel.key_expansion, randomSC, 72 + keyLength * 2).extract();
-
-        byte[] clientMacKey = new byte[20];
-        byte[] serverMacKey = new byte[20];
-        byte[] clientEncryptionKey = new byte[keyLength];
-        byte[] serverEncryptionKey = new byte[keyLength];
-        byte[] clientIV = new byte[16];
-        byte[] serverIV = new byte[16];
-
-        ByteBuffer bb = ByteBuffer.wrap(expanded);
-        bb.get(clientMacKey);
-        bb.get(serverMacKey);
-        bb.get(clientEncryptionKey);
-        bb.get(serverEncryptionKey);
-        bb.get(clientIV);
-        bb.get(serverIV);
-
-        Optional<Cipher> clientCipherOpt = createCipher(blockCipherMode, clientEncryptionKey, clientIV);
-        Optional<Cipher> serverCipherOpt = createCipher(blockCipherMode, serverEncryptionKey, serverIV);
-
-        if (clientCipherOpt.isEmpty() || serverCipherOpt.isEmpty()) {
-            return;
-        }
-
-        Cipher clientCipher = clientCipherOpt.get();
-        Cipher serverCipher = serverCipherOpt.get();
-
-        result = new ArrayList<>(packets.size());
-
-        for (Packet packet : packets) {
-            List<TlsPacket.TlsHeader> tlsData = tlsPackets.get(packet);
-
-            for (TlsPacket.TlsHeader tlsPacket : tlsData) {
-                if (tlsPacket.getContentType() == ContentType.APPLICATION_DATA) {
-                    byte[] data = ((ApplicationDataRecord) tlsPacket.getRecord()).getData();
-                    boolean client = packet.isIncoming();
-
-                    Cipher cipher = client ? clientCipher : serverCipher;
-                    byte[] decoded = cipher.doFinal(data);
-
-                    decoded = clearDecodedData(decoded);
-
-                    result.add(Packet.builder()
-                            .content(decoded)
-                            .incoming(packet.isIncoming())
-                            .timestamp(packet.getTimestamp())
-                            .ungzipped(false)
-                            .webSocketParsed(false)
-                            .tlsDecrypted(true)
-                            .ttl(packet.getTtl())
-                            .build());
-                }
-            }
-        }
-
-        parsed = true;
-    }
-
-    @SneakyThrows(value = {NoSuchAlgorithmException.class, NoSuchPaddingException.class})
-    private Optional<BcTlsSecret> getPreMaster(RSAPrivateKey privateKey) {
-        Optional<HandshakeRecordContent> opt = getHandshake(HandshakeType.CLIENT_KEY_EXCHANGE);
-
-        if (opt.isEmpty()) {
-            return Optional.empty();
-        }
-
-        var clientKeyExchange = (BasicHandshakeRecordContent) opt.get();
-
-        try {
-            byte[] encryptedPreMaster = TlsKeyUtils.getClientRsaPreMaster(clientKeyExchange.getContent(), 0);
-
-            Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding");
-            rsa.init(Cipher.DECRYPT_MODE, privateKey);
-            byte[] preMaster = rsa.doFinal(encryptedPreMaster);
-            return Optional.of(new BcTlsSecret(new BcTlsCrypto(null), preMaster));
-        } catch (InvalidKeyException | IllegalBlockSizeException | BadPaddingException e) {
-            log.warn("Failed do get pre-master key", e);
-            return Optional.empty();
-        }
-    }
-
-    private Optional<RSAPublicKey> getRsaPublicKey() {
-        var certificateHandshakeOpt = getHandshake(HandshakeType.CERTIFICATE);
-
-        if (certificateHandshakeOpt.isEmpty()) {
-            return Optional.empty();
-        }
-
-        var certificateHandshake = (CertificateHandshakeRecordContent) certificateHandshakeOpt.get();
-        List<byte[]> chain = certificateHandshake.getRawCertificates();
-        byte[] rawCertificate = chain.get(0);
-
-        try {
-            CertificateFactory cf = CertificateFactory.getInstance("X.509");
-            Certificate certificate = cf.generateCertificate(new ByteArrayInputStream(rawCertificate));
-            RSAPublicKey publicKey = (RSAPublicKey) certificate.getPublicKey();
-            return Optional.of(publicKey);
-        } catch (CertificateException e) {
-            log.warn("Error while getting certificate", e);
-            return Optional.empty();
-        }
-    }
-
-    @SneakyThrows(value = {NoSuchAlgorithmException.class, NoSuchPaddingException.class})
-    private Optional<Cipher> createCipher(String mode, byte[] key, byte[] iv) {
-        Cipher cipher = Cipher.getInstance("AES/" + mode + "/PKCS5Padding");
-        SecretKeySpec serverSkeySpec = new SecretKeySpec(key, "AES");
-        IvParameterSpec serverIvParameterSpec = new IvParameterSpec(iv);
-
-        try {
-            cipher.init(Cipher.DECRYPT_MODE, serverSkeySpec, serverIvParameterSpec);
-
-            return Optional.of(cipher);
-        } catch (InvalidKeyException | InvalidAlgorithmParameterException e) {
-            log.warn("Error decrypting TLS", e);
-            return Optional.empty();
-        }
-    }
-
-    private byte[] clearDecodedData(byte[] decoded) {
-        int start = 16;
-        int end = decoded.length - 21; // почему?)
-        decoded = ByteArrays.getSubArray(decoded, start, end - start);
-        return decoded;
-    }
-
-    private Optional<HandshakeRecordContent> getHandshake(HandshakeType handshakeType) {
-        return tlsPackets.values().stream()
-                .filter(p -> p.getContentType() == ContentType.HANDSHAKE)
-                .map(p -> ((HandshakeRecord) p.getRecord()))
-                .filter(r -> r.getHandshakeType() == handshakeType)
-                .map(HandshakeRecord::getContent)
-                .findFirst();
-    }
-
-    private List<TlsPacket.TlsHeader> createTlsHeaders(Packet p) throws IllegalRawDataException {
-        List<TlsPacket.TlsHeader> headers = new ArrayList<>();
-        TlsPacket tlsPacket = TlsPacket.newPacket(p.getContent(), 0, p.getContent().length);
-
-        headers.add(tlsPacket.getHeader());
-
-        while (tlsPacket.getPayload() != null) {
-            tlsPacket = (TlsPacket) tlsPacket.getPayload();
-            headers.add(tlsPacket.getHeader());
-        }
-
-        return headers;
-    }
-
-    public List<Packet> getParsedPackets() {
-        if (!parsed) {
-            throw new IllegalStateException("TLS is not parsed");
-        }
-
-        return result;
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/WebSocketsParser.java

@@ -120,14 +120,9 @@ public class WebSocketsParser {
     }
 
     private Packet mimicPacket(Packet packet, byte[] content, boolean ws) {
-        return Packet.builder()
+        return packet.toBuilder()
                 .content(content)
-                .incoming(packet.isIncoming())
-                .timestamp(packet.getTimestamp())
-                .ttl(packet.getTtl())
-                .ungzipped(packet.isUngzipped())
                 .webSocketParsed(ws)
-                .tlsDecrypted(packet.isTlsDecrypted())
                 .build();
     }
 
@@ -138,8 +133,7 @@ public class WebSocketsParser {
         for (List<Packet> side : sides) {
             final Packet lastPacket = side.get(0);
 
-            //noinspection OptionalGetWithoutIsPresent
+            final byte[] wsContent = PacketUtils.mergePackets(side);
-            final byte[] wsContent = PacketUtils.mergePackets(side).get();
 
             final ByteBuffer buffer = ByteBuffer.wrap(wsContent);
             List<Framedata> frames;
@@ -153,14 +147,10 @@ public class WebSocketsParser {
 
             for (Framedata frame : frames) {
                 if (frame instanceof DataFrame) {
-                    parsedPackets.add(Packet.builder()
+                    parsedPackets.add(
+                            lastPacket.toBuilder()
                                     .content(frame.getPayloadData().array())
-                            .incoming(lastPacket.isIncoming())
-                            .timestamp(lastPacket.getTimestamp())
-                            .ttl(lastPacket.getTtl())
-                            .ungzipped(lastPacket.isUngzipped())
                                     .webSocketParsed(true)
-                            .tlsDecrypted(lastPacket.isTlsDecrypted())
                                     .build()
                     );
                 }
@@ -179,13 +169,10 @@ public class WebSocketsParser {
     }
 
     private String getHandshake(final List<Packet> packets) {
-        final String handshake = PacketUtils.mergePackets(packets)
+        final String handshake = new String(PacketUtils.mergePackets(packets));
-                .map(String::new)
-                .orElse(null);
 
-        if (handshake == null ||
+        if (!handshake.toLowerCase().contains(WEBSOCKET_CONNECTION_HEADER)
-                !handshake.toLowerCase().contains(WEBSOCKET_CONNECTION_HEADER) ||
+                || !handshake.toLowerCase().contains(WEBSOCKET_UPGRADE_HEADER)) {
-                !handshake.toLowerCase().contains(WEBSOCKET_UPGRADE_HEADER)) {
             return null;
         }
 

src/main/java/ru/serega6531/packmate/service/optimization/tls/TlsPacket.java

@@ -1,172 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls;
-
-import org.pcap4j.packet.AbstractPacket;
-import org.pcap4j.packet.IllegalRawDataException;
-import org.pcap4j.packet.Packet;
-import org.pcap4j.util.ByteArrays;
-import ru.serega6531.packmate.service.optimization.tls.numbers.ContentType;
-import ru.serega6531.packmate.service.optimization.tls.numbers.TlsVersion;
-import ru.serega6531.packmate.service.optimization.tls.records.*;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
-import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
-
-public class TlsPacket extends AbstractPacket {
-
-    private final TlsPacket.TlsHeader header;
-    private final Packet payload;
-
-    public static TlsPacket newPacket(byte[] rawData, int offset, int length) throws IllegalRawDataException {
-        ByteArrays.validateBounds(rawData, offset, length);
-        return new TlsPacket(rawData, offset, length);
-    }
-
-    private TlsPacket(byte[] rawData, int offset, int length) throws IllegalRawDataException {
-        this.header = new TlsPacket.TlsHeader(rawData, offset, length);
-
-        int payloadLength = length - header.length();
-        if (payloadLength > 0) {
-            this.payload = TlsPacket.newPacket(rawData, offset + header.length(), payloadLength);
-        } else {
-            this.payload = null;
-        }
-    }
-
-    private TlsPacket(TlsPacket.Builder builder) {
-        if (builder == null) {
-            throw new NullPointerException("builder: null");
-        }
-
-        this.payload = builder.payloadBuilder != null ? builder.payloadBuilder.build() : null;
-        this.header = new TlsPacket.TlsHeader(builder);
-    }
-
-    @Override
-    public TlsHeader getHeader() {
-        return header;
-    }
-
-    @Override
-    public Packet getPayload() {
-        return payload;
-    }
-
-    @Override
-    public Builder getBuilder() {
-        return new Builder(this);
-    }
-
-    @Override
-    protected String buildString() {
-        StringBuilder sb = new StringBuilder(getHeader().toString());
-
-        TlsPacket p = (TlsPacket) getPayload();
-
-        if (p != null) {
-            sb.append('\n');
-            sb.append(p.toString());
-        }
-
-        return sb.toString();
-    }
-
-    public static final class TlsHeader extends AbstractHeader {
-
-        /*
-        0x0 - Content Type
-        0x1 - Version
-        0x3 - Length
-        0x5 - Record content
-         */
-
-        private static final int CONTENT_TYPE_OFFSET = 0;
-        private static final int VERSION_OFFSET = CONTENT_TYPE_OFFSET + BYTE_SIZE_IN_BYTES;
-        private static final int LENGTH_OFFSET = VERSION_OFFSET + SHORT_SIZE_IN_BYTES;
-        private static final int RECORD_OFFSET = LENGTH_OFFSET + SHORT_SIZE_IN_BYTES;
-
-        private ContentType contentType;
-        private TlsVersion version;
-        private short recordLength;
-        private TlsRecord record;
-
-        private TlsHeader(Builder builder) {
-            //TODO
-        }
-
-        private TlsHeader(byte[] rawData, int offset, int length) throws IllegalRawDataException {
-            ByteArrays.validateBounds(rawData, offset, RECORD_OFFSET);
-            this.contentType = ContentType.getInstance(ByteArrays.getByte(rawData, CONTENT_TYPE_OFFSET + offset));
-            this.version = TlsVersion.getInstance(ByteArrays.getShort(rawData, VERSION_OFFSET + offset));
-            this.recordLength = ByteArrays.getShort(rawData, LENGTH_OFFSET + offset);
-
-            if (contentType == ContentType.HANDSHAKE) {
-                this.record = HandshakeRecord.newInstance(rawData, offset + RECORD_OFFSET, recordLength);
-            } else if (contentType == ContentType.CHANGE_CIPHER_SPEC) {
-                this.record = ChangeCipherSpecRecord.newInstance(rawData, offset + RECORD_OFFSET, recordLength);
-            } else if (contentType == ContentType.APPLICATION_DATA) {
-                this.record = ApplicationDataRecord.newInstance(rawData, offset + RECORD_OFFSET, recordLength);
-            } else if (contentType == ContentType.ALERT) {
-                this.record = AlertRecord.newInstance(rawData, offset + RECORD_OFFSET, recordLength);
-            } else if (contentType == ContentType.HEARTBEAT) {
-                this.record = HeartbeatRecord.newInstance(rawData, offset + RECORD_OFFSET, recordLength);
-            } else {
-                throw new IllegalArgumentException("Unknown content type: " + contentType);
-            }
-        }
-
-        public ContentType getContentType() {
-            return contentType;
-        }
-
-        public TlsVersion getVersion() {
-            return version;
-        }
-
-        public TlsRecord getRecord() {
-            return record;
-        }
-
-        @Override
-        protected List<byte[]> getRawFields() {
-            List<byte[]> rawFields = new ArrayList<>();
-            rawFields.add(new byte[]{contentType.value()});
-            rawFields.add(ByteArrays.toByteArray(version.value()));
-            rawFields.add(ByteArrays.toByteArray(recordLength));
-            //TODO
-            return rawFields;
-        }
-
-        @Override
-        public int length() {
-            return RECORD_OFFSET + recordLength;
-        }
-
-        @Override
-        protected String buildString() {
-            return "TLS Header [" + length() + " bytes]\n" +
-                    "  Version: " + version + "\n" +
-                    "  Type: " + contentType + "\n" +
-                    record.toString();
-        }
-    }
-
-    public static final class Builder extends AbstractBuilder {
-
-        private Packet.Builder payloadBuilder;
-
-        public Builder() {
-        }
-
-        public Builder(TlsPacket packet) {
-            this.payloadBuilder = packet.payload != null ? packet.payload.getBuilder() : null;
-        }
-
-        @Override
-        public Packet build() {
-            return new TlsPacket(this);
-        }
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/TlsExtension.java

@@ -1,49 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.extensions;
-
-import org.pcap4j.util.ByteArrays;
-import ru.serega6531.packmate.service.optimization.tls.extensions.keyshare.KeyShareExtension;
-import ru.serega6531.packmate.service.optimization.tls.numbers.ExtensionType;
-
-public abstract class TlsExtension {
-
-    /*
-    0x0        - Type
-    0x2        - Length
-    0x4        - Content
-    0x4+length - End
-     */
-
-    protected ExtensionType type;
-    protected short extensionLength;
-
-    public static TlsExtension newInstance(ExtensionType type, byte[] rawData, int offset,
-                                           short extensionLength, boolean client) {
-        if (extensionLength > 0) {
-            ByteArrays.validateBounds(rawData, offset, extensionLength);
-        }
-
-        if (type == ExtensionType.KEY_SHARE) {
-            return KeyShareExtension.newInstance(type, rawData, offset, extensionLength, client);
-        } else {
-            return new UnimplementedTlsExtension(type, rawData, offset, extensionLength);
-        }
-    }
-
-    public TlsExtension(ExtensionType type, short extensionLength) {
-        this.type = type;
-        this.extensionLength = extensionLength;
-    }
-
-    public ExtensionType getType() {
-        return type;
-    }
-
-    public short getLength() {
-        return extensionLength;
-    }
-
-    @Override
-    public String toString() {
-        return type.name();
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/UnimplementedTlsExtension.java

@@ -1,24 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.extensions;
-
-import ru.serega6531.packmate.service.optimization.tls.numbers.ExtensionType;
-
-public class UnimplementedTlsExtension extends TlsExtension {
-
-    private byte[] data;
-
-    public UnimplementedTlsExtension(ExtensionType type, byte[] rawData, int offset, short extensionLength) {
-        super(type, extensionLength);
-
-        data = new byte[extensionLength];
-        System.arraycopy(rawData, offset, data, 0, extensionLength);
-    }
-
-    @Override
-    public String toString() {
-        if(extensionLength > 0) {
-            return type.name() + " [" + extensionLength + " bytes]";
-        } else {
-            return type.name();
-        }
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/keyshare/ClientKeyShareExtension.java

@@ -1,23 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.extensions.keyshare;
-
-import org.pcap4j.util.ByteArrays;
-import ru.serega6531.packmate.service.optimization.tls.numbers.ExtensionType;
-
-import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
-
-public class ClientKeyShareExtension extends KeyShareExtension {
-
-    private static final int KEY_SHARE_LENGTH_OFFSET = 0;
-    private static final int KEY_SHARE_ENTRY_OFFSET = KEY_SHARE_LENGTH_OFFSET + SHORT_SIZE_IN_BYTES;
-
-    private short keyShareLength;
-
-    public ClientKeyShareExtension(ExtensionType type, byte[] rawData, int offset, short extensionLength) {
-        super(type, extensionLength);
-        this.keyShareLength = ByteArrays.getShort(rawData, KEY_SHARE_LENGTH_OFFSET + offset);  // the field is not always there
-        int cursor = KEY_SHARE_ENTRY_OFFSET + offset;
-        ByteArrays.validateBounds(rawData, cursor, keyShareLength);
-        readEntries(rawData, KEY_SHARE_ENTRY_OFFSET + offset, offset + keyShareLength);
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/keyshare/KeyShareEntry.java

@@ -1,33 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.extensions.keyshare;
-
-import org.pcap4j.util.ByteArrays;
-import ru.serega6531.packmate.service.optimization.tls.numbers.KeyGroup;
-
-import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
-
-public class KeyShareEntry {
-
-    private static final int GROUP_OFFSET = 0;
-    private static final int KEY_EXHANGE_LENGTH_OFFSET = GROUP_OFFSET + SHORT_SIZE_IN_BYTES;
-    private static final int KEY_EXCHANGE_OFFSET = KEY_EXHANGE_LENGTH_OFFSET + SHORT_SIZE_IN_BYTES;
-
-    private KeyGroup group;
-    private short keyExhangeLength;
-    private byte[] keyExchange;
-
-    public KeyShareEntry(byte[] rawData, int offset) {
-        this.group = KeyGroup.getInstance(ByteArrays.getShort(rawData, GROUP_OFFSET + offset));
-        this.keyExhangeLength = ByteArrays.getShort(rawData, KEY_EXHANGE_LENGTH_OFFSET + offset);
-        keyExchange = new byte[keyExhangeLength];
-        System.arraycopy(rawData, KEY_EXCHANGE_OFFSET + offset, keyExchange, 0, keyExhangeLength);
-    }
-
-    public int size() {
-        return SHORT_SIZE_IN_BYTES + SHORT_SIZE_IN_BYTES + keyExhangeLength;
-    }
-
-    @Override
-    public String toString() {
-        return group.name();
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/keyshare/KeyShareExtension.java

@@ -1,46 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.extensions.keyshare;
-
-import org.pcap4j.util.ByteArrays;
-import ru.serega6531.packmate.service.optimization.tls.extensions.TlsExtension;
-import ru.serega6531.packmate.service.optimization.tls.numbers.ExtensionType;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public abstract class KeyShareExtension extends TlsExtension {
-
-    private final List<KeyShareEntry> entries = new ArrayList<>();
-
-    public static KeyShareExtension newInstance(ExtensionType type, byte[] rawData, int offset,
-                                                short extensionLength, boolean client) {
-        ByteArrays.validateBounds(rawData, offset, extensionLength);
-
-        if(client) {
-            return new ClientKeyShareExtension(type, rawData, offset, extensionLength);
-        } else {
-            return new ServerKeyShareExtension(type, rawData, offset, extensionLength);
-        }
-    }
-
-    protected KeyShareExtension(ExtensionType type, short extensionLength) {
-        super(type, extensionLength);
-    }
-
-    protected void readEntries(byte[] rawData, int cursor, int end) {
-        while (cursor < end) {
-            KeyShareEntry entry = readEntry(rawData, cursor);
-            cursor += entry.size();
-        }
-    }
-
-    protected KeyShareEntry readEntry(byte[] rawData, int cursor) {
-        KeyShareEntry entry = new KeyShareEntry(rawData, cursor);
-        entries.add(entry);
-        return entry;
-    }
-
-    @Override
-    public String toString() {
-        return type.name() + " " + entries.toString();
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/extensions/keyshare/ServerKeyShareExtension.java

@@ -1,14 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.extensions.keyshare;
-
-import ru.serega6531.packmate.service.optimization.tls.numbers.ExtensionType;
-
-public class ServerKeyShareExtension extends KeyShareExtension {
-
-    private static final int KEY_SHARE_ENTRY_OFFSET = 0;
-
-    public ServerKeyShareExtension(ExtensionType type, byte[] rawData, int offset, short extensionLength) {
-        super(type, extensionLength);
-        readEntry(rawData, KEY_SHARE_ENTRY_OFFSET + offset);
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/DhClientParams.java

@@ -1,42 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.keys;
-
-import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureScheme;
-
-public class DhClientParams {
-
-    private final byte[] p;
-    private final byte[] g;
-    private final byte[] pubkey;
-    private final SignatureScheme signatureScheme;
-    private final byte[] signature;
-
-    public DhClientParams(byte[] p, byte[] g, byte[] pubkey,
-                          SignatureScheme signatureScheme,
-                          byte[] signature) {
-        this.p = p;
-        this.g = g;
-        this.pubkey = pubkey;
-        this.signatureScheme = signatureScheme;
-        this.signature = signature;
-    }
-
-    public byte[] getP() {
-        return p;
-    }
-
-    public byte[] getG() {
-        return g;
-    }
-
-    public byte[] getPubkey() {
-        return pubkey;
-    }
-
-    public SignatureScheme getSignatureScheme() {
-        return signatureScheme;
-    }
-
-    public byte[] getSignature() {
-        return signature;
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/EcdheServerParams.java

@@ -1,44 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.keys;
-
-import ru.serega6531.packmate.service.optimization.tls.keys.enums.CurveType;
-import ru.serega6531.packmate.service.optimization.tls.keys.enums.NamedCurve;
-import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureScheme;
-
-public class EcdheServerParams {
-
-    private final CurveType curveType;
-    private final NamedCurve namedCurve;
-    private final byte[] pubkey;
-    private final SignatureScheme signatureScheme;
-    private final byte[] signature;
-
-    public EcdheServerParams(CurveType curveType, NamedCurve namedCurve, byte[] pubkey,
-                             SignatureScheme signatureScheme,
-                             byte[] signature) {
-        this.curveType = curveType;
-        this.namedCurve = namedCurve;
-        this.pubkey = pubkey;
-        this.signatureScheme = signatureScheme;
-        this.signature = signature;
-    }
-
-    public CurveType getCurveType() {
-        return curveType;
-    }
-
-    public NamedCurve getNamedCurve() {
-        return namedCurve;
-    }
-
-    public byte[] getPubkey() {
-        return pubkey;
-    }
-
-    public SignatureScheme getSignatureScheme() {
-        return signatureScheme;
-    }
-
-    public byte[] getSignature() {
-        return signature;
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/TlsKeyUtils.java

@@ -1,108 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.keys;
-
-import ru.serega6531.packmate.service.optimization.tls.keys.enums.CurveType;
-import ru.serega6531.packmate.service.optimization.tls.keys.enums.NamedCurve;
-import ru.serega6531.packmate.service.optimization.tls.keys.enums.SignatureScheme;
-
-import java.nio.ByteBuffer;
-
-/**
- * It is impossible to determine key format just by KeyExchange record,
- * so you can use this class when analyzing tls traffic.
- */
-public final class TlsKeyUtils {
-
-    // https://wiki.osdev.org/TLS_Handshake
-
-    public static DhClientParams parseServerDH(byte[] rawData, int offset) {
-        ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
-
-        short pLength = bb.getShort();
-        byte[] p = new byte[pLength];
-        bb.get(p);
-
-        short gLength = bb.getShort();
-        byte[] g = new byte[gLength];
-        bb.get(g);
-
-        short pubKeyLength = bb.getShort();
-        byte[] pubKey = new byte[pubKeyLength];  // aka Ys
-        bb.get(pubKey);
-
-        SignatureScheme signatureScheme = SignatureScheme.findByValue(bb.getShort());
-
-        if (signatureScheme == null) {
-            throw new IllegalArgumentException("Unknown signature scheme");
-        }
-
-        short signatureLength = bb.getShort();
-        byte[] signature = new byte[signatureLength];
-
-        bb.get(signature);
-
-        return new DhClientParams(p, g, pubKey, signatureScheme, signature);
-    }
-
-    /**
-     * @param rawData Handshake record content
-     */
-    public static EcdheServerParams parseServerECDHE(byte[] rawData, int offset) {
-        ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
-
-        byte curveTypeId = bb.get();
-        if(curveTypeId != 0x03) {
-            throw new IllegalArgumentException("Unsupported curve type");
-        }
-
-        CurveType curveType = CurveType.NAMED;
-        NamedCurve namedCurve = NamedCurve.findByValue(bb.getShort());
-
-        if (namedCurve == null) {
-            throw new IllegalArgumentException("Unsupported named curve");
-        }
-
-        byte pubkeyLength = bb.get();
-        byte[] pubkey = new byte[pubkeyLength];
-        bb.get(pubkey);
-
-        SignatureScheme signatureScheme = SignatureScheme.findByValue(bb.getShort());
-
-        if (signatureScheme == null) {
-            throw new IllegalArgumentException("Unknown signature scheme");
-        }
-
-        short signatureLength = bb.getShort();
-        byte[] signature = new byte[signatureLength];
-
-        bb.get(signature);
-
-        return new EcdheServerParams(curveType, namedCurve, pubkey, signatureScheme, signature);
-    }
-
-    // https://ldapwiki.com/wiki/ClientKeyExchange
-
-    /**
-     * Suitable for both DH and ECDHE
-     * @param rawData Handshake record content
-     */
-    public static byte[] getClientDHPubkey(byte[] rawData, int offset) {
-        ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
-
-        byte length = bb.get();
-        byte[] pubkey = new byte[length];
-        bb.get(pubkey);
-
-        return pubkey;
-    }
-
-    public static byte[] getClientRsaPreMaster(byte[] rawData, int offset) {
-        ByteBuffer bb = ByteBuffer.wrap(rawData).position(offset);
-
-        int length = bb.getShort();
-        byte[] encryptedPreMaster = new byte[length];
-        bb.get(encryptedPreMaster);
-
-        return encryptedPreMaster;
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/CurveType.java

@@ -1,16 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.keys.enums;
-
-public enum CurveType {
-
-    NAMED((byte) 0x03);
-
-    private final byte value;
-
-    CurveType(byte value) {
-        this.value = value;
-    }
-
-    public byte getValue() {
-        return value;
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/NamedCurve.java

@@ -1,57 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.keys.enums;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public enum NamedCurve {
-
-    SECT163K1((short) 1),
-    SECT163R1((short) 2),
-    SECT163R2((short) 3),
-    SECT193R1((short) 4),
-    SECT193R2((short) 5),
-    SECT233K1((short) 6),
-    SECT233R1((short) 7),
-    SECT239K1((short) 8),
-    SECT283K1((short) 9),
-    SECT283R1((short) 10),
-    SECT409K1((short) 11),
-    SECT409R1((short) 12),
-    SECT571K1((short) 13),
-    SECT571R1((short) 14),
-    SECP160K1((short) 15),
-    SECP160R1((short) 16),
-    SECP160R2((short) 17),
-    SECP192K1((short) 18),
-    SECP192R1((short) 19),
-    SECP224K1((short) 20),
-    SECP224R1((short) 21),
-    SECP256K1((short) 22),
-    SECP256R1((short) 23),
-    SECP384R1((short) 24),
-    SECP521R1((short) 25),
-    X25519((short) 29),
-    X448((short) 30);
-
-    private final short value;
-
-    private static final Map<Short, NamedCurve> map = new HashMap<>();
-
-    NamedCurve(short value) {
-        this.value = value;
-    }
-
-    static {
-        for (NamedCurve curve : values()) {
-            map.put(curve.getValue(), curve);
-        }
-    }
-
-    public short getValue() {
-        return value;
-    }
-
-    public static NamedCurve findByValue(short value) {
-        return map.get(value);
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/keys/enums/SignatureScheme.java

@@ -1,58 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.keys.enums;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public enum SignatureScheme {
-
-    /* RSASSA-PKCS1-v1_5 algorithms */
-    RSA_PKCS1_SHA256((short) 0x0401),
-    RSA_PKCS1_SHA384((short) 0x0501),
-    RSA_PKCS1_SHA512((short) 0x0601),
-
-    /* ECDSA algorithms */
-    ECDSA_SECP256R1_SHA256((short) 0x0403),
-    ECDSA_SECP384R1_SHA384((short) 0x0503),
-    ECDSA_SECP521R1_SHA512((short) 0x0603),
-
-    /* RSASSA-PSS algorithms with public key OID RSAEncryption */
-    RSA_PSS_RSAE_SHA256((short) 0x0804),
-    RSA_PSS_RSAE_SHA384((short) 0x0805),
-    RSA_PSS_RSAE_SHA512((short) 0x0806),
-
-    /* EDDSA algorithms */
-    ED25519((short) 0x0807),
-    ED448((short) 0x0808),
-
-    /* RSASSA-PSS algorithms with public key OID RSASSA-PSS */
-    RSA_PSS_PSS_SHA256((short) 0x0809),
-    RSA_PSS_PSS_SHA384((short) 0x080a),
-    RSA_PSS_PSS_SHA512((short) 0x080b),
-
-    /* Legacy algorithms */
-    RSA_PKCS1_SHA1((short) 0x0201),
-    ECDSA_SHA1((short) 0x0203);
-
-    private final short value;
-
-    private static final Map<Short, SignatureScheme> map = new HashMap<>();
-
-    SignatureScheme(short value) {
-        this.value = value;
-    }
-
-    static {
-        for (SignatureScheme curve : values()) {
-            map.put(curve.getValue(), curve);
-        }
-    }
-
-    public short getValue() {
-        return value;
-    }
-
-    public static SignatureScheme findByValue(short value) {
-        return map.get(value);
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/AlertDescription.java

@@ -1,65 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.numbers;
-
-import org.pcap4j.packet.namednumber.NamedNumber;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class AlertDescription extends NamedNumber<Byte, AlertDescription> {
-
-    private static final Map<Byte, AlertDescription> registry = new HashMap<>();
-
-    public static AlertDescription close_notify = new AlertDescription((byte) 0, "close_notify");
-    public static AlertDescription unexpected_message = new AlertDescription((byte) 10, "unexpected_message");
-    public static AlertDescription bad_record_mac = new AlertDescription((byte) 20, "bad_record_mac");
-    public static AlertDescription decryption_failed_RESERVED = new AlertDescription((byte) 21, "decryption_failed_RESERVED");
-    public static AlertDescription record_overflow = new AlertDescription((byte) 22, "record_overflow");
-    public static AlertDescription decompression_failure_RESERVED = new AlertDescription((byte) 30, "decompression_failure_RESERVED");
-    public static AlertDescription handshake_failure = new AlertDescription((byte) 40, "handshake_failure");
-    public static AlertDescription no_certificate_RESERVED = new AlertDescription((byte) 41, "no_certificate_RESERVED");
-    public static AlertDescription bad_certificate = new AlertDescription((byte) 42, "bad_certificate");
-    public static AlertDescription unsupported_certificate = new AlertDescription((byte) 43, "unsupported_certificate");
-    public static AlertDescription certificate_revoked = new AlertDescription((byte) 44, "certificate_revoked");
-    public static AlertDescription certificate_expired = new AlertDescription((byte) 45, "certificate_expired");
-    public static AlertDescription certificate_unknown = new AlertDescription((byte) 46, "certificate_unknown");
-    public static AlertDescription illegal_parameter = new AlertDescription((byte) 47, "illegal_parameter");
-    public static AlertDescription unknown_ca = new AlertDescription((byte) 48, "unknown_ca");
-    public static AlertDescription access_denied = new AlertDescription((byte) 49, "access_denied");
-    public static AlertDescription decode_error = new AlertDescription((byte) 50, "decode_error");
-    public static AlertDescription decrypt_error = new AlertDescription((byte) 51, "decrypt_error");
-    public static AlertDescription export_restriction_RESERVED = new AlertDescription((byte) 60, "export_restriction_RESERVED");
-    public static AlertDescription protocol_version = new AlertDescription((byte) 70, "protocol_version");
-    public static AlertDescription insufficient_security = new AlertDescription((byte) 71, "insufficient_security");
-    public static AlertDescription internal_error = new AlertDescription((byte) 80, "internal_error");
-    public static AlertDescription inappropriate_fallback = new AlertDescription((byte) 86, "inappropriate_fallback");
-    public static AlertDescription user_canceled = new AlertDescription((byte) 90, "user_canceled");
-    public static AlertDescription no_renegotiation_RESERVED = new AlertDescription((byte) 100, "no_renegotiation_RESERVED");
-    public static AlertDescription missing_extension = new AlertDescription((byte) 109, "missing_extension");
-    public static AlertDescription unsupported_extension = new AlertDescription((byte) 110, "unsupported_extension");
-    public static AlertDescription certificate_unobtainable_RESERVED = new AlertDescription((byte) 111, "certificate_unobtainable_RESERVED");
-    public static AlertDescription unrecognized_name = new AlertDescription((byte) 112, "unrecognized_name");
-    public static AlertDescription bad_certificate_status_response = new AlertDescription((byte) 113, "bad_certificate_status_response");
-    public static AlertDescription bad_certificate_hash_value_RESERVED = new AlertDescription((byte) 114, "bad_certificate_hash_value_RESERVED");
-    public static AlertDescription unknown_psk_identity = new AlertDescription((byte) 115, "unknown_psk_identity");
-    public static AlertDescription certificate_required = new AlertDescription((byte) 116, "certificate_required");
-    public static AlertDescription no_application_protocol = new AlertDescription((byte) 120, "no_application_protocol");
-
-    public AlertDescription(Byte value, String name) {
-        super(value, name);
-        registry.put(value, this);
-    }
-
-    public static AlertDescription getInstance(Byte value) {
-        if (registry.containsKey(value)) {
-            return registry.get(value);
-        } else {
-            throw new IllegalArgumentException("Unknown alert description: " + value);
-        }
-    }
-
-    @Override
-    public int compareTo(AlertDescription o) {
-        return value().compareTo(o.value());
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/AlertLevel.java

@@ -1,32 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.numbers;
-
-import org.pcap4j.packet.namednumber.NamedNumber;
-
-import java.util.HashMap;
-import java.util.Map;
-
-@SuppressWarnings("unused")
-public class AlertLevel extends NamedNumber<Byte, AlertLevel> {
-
-    private static final Map<Byte, AlertLevel> registry = new HashMap<>();
-
-    public static final AlertLevel WARNING = new AlertLevel((byte) 1, "warning");
-    public static final AlertLevel FATAL = new AlertLevel((byte) 2, "fatal");
-
-    public static final AlertLevel ENCRYPTED_ALERT = new AlertLevel((byte) 0, "encrypted alert");
-
-    public AlertLevel(Byte value, String name) {
-        super(value, name);
-        registry.put(value, this);
-    }
-
-    public static AlertLevel getInstance(Byte value) {
-        return registry.getOrDefault(value, ENCRYPTED_ALERT);
-    }
-
-    @Override
-    public int compareTo(AlertLevel o) {
-        return value().compareTo(o.value());
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/CipherSuite.java

@@ -1,741 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.numbers;
-
-import org.pcap4j.packet.namednumber.NamedNumber;
-
-import java.util.HashMap;
-import java.util.Map;
-
-@SuppressWarnings("unused")
-public class CipherSuite extends NamedNumber<Short, CipherSuite> {
-
-    private static final Map<Short, CipherSuite> registry = new HashMap<>();
-
-    // https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
-
-    public static final CipherSuite TLS_NULL_WITH_NULL_NULL =
-            new CipherSuite((short) 0x0000, "TLS_NULL_WITH_NULL_NULL");
-    public static final CipherSuite TLS_RSA_WITH_NULL_MD5 =
-            new CipherSuite((short) 0x0001, "TLS_RSA_WITH_NULL_MD5");
-    public static final CipherSuite TLS_RSA_WITH_NULL_SHA =
-            new CipherSuite((short) 0x0002, "TLS_RSA_WITH_NULL_SHA");
-    public static final CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 =
-            new CipherSuite((short) 0x0003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5");
-    public static final CipherSuite TLS_RSA_WITH_RC4_128_MD5 =
-            new CipherSuite((short) 0x0004, "TLS_RSA_WITH_RC4_128_MD5");
-    public static final CipherSuite TLS_RSA_WITH_RC4_128_SHA =
-            new CipherSuite((short) 0x0005, "TLS_RSA_WITH_RC4_128_SHA");
-    public static final CipherSuite TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 =
-            new CipherSuite((short) 0x0006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5");
-    public static final CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA =
-            new CipherSuite((short) 0x0007, "TLS_RSA_WITH_IDEA_CBC_SHA");
-    public static final CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA =
-            new CipherSuite((short) 0x0008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA");
-    public static final CipherSuite TLS_RSA_WITH_DES_CBC_SHA =
-            new CipherSuite((short) 0x0009, "TLS_RSA_WITH_DES_CBC_SHA");
-    public static final CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0x000A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA =
-            new CipherSuite((short) 0x000B, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA");
-    public static final CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA =
-            new CipherSuite((short) 0x000C, "TLS_DH_DSS_WITH_DES_CBC_SHA");
-    public static final CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0x000D, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA =
-            new CipherSuite((short) 0x000E, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA");
-    public static final CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA =
-            new CipherSuite((short) 0x000F, "TLS_DH_RSA_WITH_DES_CBC_SHA");
-    public static final CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0x0010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA =
-            new CipherSuite((short) 0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
-    public static final CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA =
-            new CipherSuite((short) 0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA");
-    public static final CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA =
-            new CipherSuite((short) 0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA");
-    public static final CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA =
-            new CipherSuite((short) 0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA");
-    public static final CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 =
-            new CipherSuite((short) 0x0017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5");
-    public static final CipherSuite TLS_DH_anon_WITH_RC4_128_MD5 =
-            new CipherSuite((short) 0x0018, "TLS_DH_anon_WITH_RC4_128_MD5");
-    public static final CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA =
-            new CipherSuite((short) 0x0019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA");
-    public static final CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA =
-            new CipherSuite((short) 0x001A, "TLS_DH_anon_WITH_DES_CBC_SHA");
-    public static final CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0x001B, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_KRB5_WITH_DES_CBC_SHA =
-            new CipherSuite((short) 0x001E, "TLS_KRB5_WITH_DES_CBC_SHA");
-    public static final CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0x001F, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_KRB5_WITH_RC4_128_SHA =
-            new CipherSuite((short) 0x0020, "TLS_KRB5_WITH_RC4_128_SHA");
-    public static final CipherSuite TLS_KRB5_WITH_IDEA_CBC_SHA =
-            new CipherSuite((short) 0x0021, "TLS_KRB5_WITH_IDEA_CBC_SHA");
-    public static final CipherSuite TLS_KRB5_WITH_DES_CBC_MD5 =
-            new CipherSuite((short) 0x0022, "TLS_KRB5_WITH_DES_CBC_MD5");
-    public static final CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_MD5 =
-            new CipherSuite((short) 0x0023, "TLS_KRB5_WITH_3DES_EDE_CBC_MD5");
-    public static final CipherSuite TLS_KRB5_WITH_RC4_128_MD5 =
-            new CipherSuite((short) 0x0024, "TLS_KRB5_WITH_RC4_128_MD5");
-    public static final CipherSuite TLS_KRB5_WITH_IDEA_CBC_MD5 =
-            new CipherSuite((short) 0x0025, "TLS_KRB5_WITH_IDEA_CBC_MD5");
-    public static final CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA =
-            new CipherSuite((short) 0x0026, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA");
-    public static final CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA =
-            new CipherSuite((short) 0x0027, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA");
-    public static final CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_SHA =
-            new CipherSuite((short) 0x0028, "TLS_KRB5_EXPORT_WITH_RC4_40_SHA");
-    public static final CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 =
-            new CipherSuite((short) 0x0029, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5");
-    public static final CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 =
-            new CipherSuite((short) 0x002A, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5");
-    public static final CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_MD5 =
-            new CipherSuite((short) 0x002B, "TLS_KRB5_EXPORT_WITH_RC4_40_MD5");
-    public static final CipherSuite TLS_PSK_WITH_NULL_SHA =
-            new CipherSuite((short) 0x002C, "TLS_PSK_WITH_NULL_SHA");
-    public static final CipherSuite TLS_DHE_PSK_WITH_NULL_SHA =
-            new CipherSuite((short) 0x002D, "TLS_DHE_PSK_WITH_NULL_SHA");
-    public static final CipherSuite TLS_RSA_PSK_WITH_NULL_SHA =
-            new CipherSuite((short) 0x002E, "TLS_RSA_PSK_WITH_NULL_SHA");
-    public static final CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0x002F, "TLS_RSA_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_RSA_WITH_NULL_SHA256 =
-            new CipherSuite((short) 0x003B, "TLS_RSA_WITH_NULL_SHA256");
-    public static final CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0x003C, "TLS_RSA_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA256 =
-            new CipherSuite((short) 0x003D, "TLS_RSA_WITH_AES_256_CBC_SHA256");
-    public static final CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0x003E, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0x003F, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0x0040, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA =
-            new CipherSuite((short) 0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA");
-    public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA =
-            new CipherSuite((short) 0x0042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA");
-    public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA =
-            new CipherSuite((short) 0x0043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA");
-    public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA =
-            new CipherSuite((short) 0x0044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA");
-    public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA =
-            new CipherSuite((short) 0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA");
-    public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA =
-            new CipherSuite((short) 0x0046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA");
-    public static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0x0067, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA256 =
-            new CipherSuite((short) 0x0068, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256");
-    public static final CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA256 =
-            new CipherSuite((short) 0x0069, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 =
-            new CipherSuite((short) 0x006A, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 =
-            new CipherSuite((short) 0x006B, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256");
-    public static final CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0x006C, "TLS_DH_anon_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA256 =
-            new CipherSuite((short) 0x006D, "TLS_DH_anon_WITH_AES_256_CBC_SHA256");
-    public static final CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA =
-            new CipherSuite((short) 0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA");
-    public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA =
-            new CipherSuite((short) 0x0085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA");
-    public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA =
-            new CipherSuite((short) 0x0086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA");
-    public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA =
-            new CipherSuite((short) 0x0087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA");
-    public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA =
-            new CipherSuite((short) 0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA");
-    public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA =
-            new CipherSuite((short) 0x0089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA");
-    public static final CipherSuite TLS_PSK_WITH_RC4_128_SHA =
-            new CipherSuite((short) 0x008A, "TLS_PSK_WITH_RC4_128_SHA");
-    public static final CipherSuite TLS_PSK_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0x008B, "TLS_PSK_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0x008C, "TLS_PSK_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0x008D, "TLS_PSK_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_DHE_PSK_WITH_RC4_128_SHA =
-            new CipherSuite((short) 0x008E, "TLS_DHE_PSK_WITH_RC4_128_SHA");
-    public static final CipherSuite TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0x008F, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0x0090, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0x0091, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_RSA_PSK_WITH_RC4_128_SHA =
-            new CipherSuite((short) 0x0092, "TLS_RSA_PSK_WITH_RC4_128_SHA");
-    public static final CipherSuite TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0x0093, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0x0094, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0x0095, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_RSA_WITH_SEED_CBC_SHA =
-            new CipherSuite((short) 0x0096, "TLS_RSA_WITH_SEED_CBC_SHA");
-    public static final CipherSuite TLS_DH_DSS_WITH_SEED_CBC_SHA =
-            new CipherSuite((short) 0x0097, "TLS_DH_DSS_WITH_SEED_CBC_SHA");
-    public static final CipherSuite TLS_DH_RSA_WITH_SEED_CBC_SHA =
-            new CipherSuite((short) 0x0098, "TLS_DH_RSA_WITH_SEED_CBC_SHA");
-    public static final CipherSuite TLS_DHE_DSS_WITH_SEED_CBC_SHA =
-            new CipherSuite((short) 0x0099, "TLS_DHE_DSS_WITH_SEED_CBC_SHA");
-    public static final CipherSuite TLS_DHE_RSA_WITH_SEED_CBC_SHA =
-            new CipherSuite((short) 0x009A, "TLS_DHE_RSA_WITH_SEED_CBC_SHA");
-    public static final CipherSuite TLS_DH_anon_WITH_SEED_CBC_SHA =
-            new CipherSuite((short) 0x009B, "TLS_DH_anon_WITH_SEED_CBC_SHA");
-    public static final CipherSuite TLS_RSA_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0x009C, "TLS_RSA_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_RSA_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0x009D, "TLS_RSA_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0x009E, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0x009F, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_DH_RSA_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0x00A0, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_DH_RSA_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0x00A1, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0x00A2, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0x00A3, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_DH_DSS_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0x00A4, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_DH_DSS_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0x00A5, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_DH_anon_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0x00A6, "TLS_DH_anon_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_DH_anon_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0x00A7, "TLS_DH_anon_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_PSK_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0x00A8, "TLS_PSK_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_PSK_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0x00A9, "TLS_PSK_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0x00AA, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0x00AB, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0x00AC, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0x00AD, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0x00AE, "TLS_PSK_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA384 =
-            new CipherSuite((short) 0x00AF, "TLS_PSK_WITH_AES_256_CBC_SHA384");
-    public static final CipherSuite TLS_PSK_WITH_NULL_SHA256 =
-            new CipherSuite((short) 0x00B0, "TLS_PSK_WITH_NULL_SHA256");
-    public static final CipherSuite TLS_PSK_WITH_NULL_SHA384 =
-            new CipherSuite((short) 0x00B1, "TLS_PSK_WITH_NULL_SHA384");
-    public static final CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0x00B2, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 =
-            new CipherSuite((short) 0x00B3, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384");
-    public static final CipherSuite TLS_DHE_PSK_WITH_NULL_SHA256 =
-            new CipherSuite((short) 0x00B4, "TLS_DHE_PSK_WITH_NULL_SHA256");
-    public static final CipherSuite TLS_DHE_PSK_WITH_NULL_SHA384 =
-            new CipherSuite((short) 0x00B5, "TLS_DHE_PSK_WITH_NULL_SHA384");
-    public static final CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0x00B6, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 =
-            new CipherSuite((short) 0x00B7, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384");
-    public static final CipherSuite TLS_RSA_PSK_WITH_NULL_SHA256 =
-            new CipherSuite((short) 0x00B8, "TLS_RSA_PSK_WITH_NULL_SHA256");
-    public static final CipherSuite TLS_RSA_PSK_WITH_NULL_SHA384 =
-            new CipherSuite((short) 0x00B9, "TLS_RSA_PSK_WITH_NULL_SHA384");
-    public static final CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0x00BA, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0x00BB, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0x00BC, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0x00BD, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0x00BE, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0x00BF, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 =
-            new CipherSuite((short) 0x00C0, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256");
-    public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 =
-            new CipherSuite((short) 0x00C1, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256");
-    public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 =
-            new CipherSuite((short) 0x00C2, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 =
-            new CipherSuite((short) 0x00C3, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 =
-            new CipherSuite((short) 0x00C4, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256");
-    public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 =
-            new CipherSuite((short) 0x00C5, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256");
-    public static final CipherSuite TLS_EMPTY_RENEGOTIATION_INFO_SCSV =
-            new CipherSuite((short) 0x00FF, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV");
-    public static final CipherSuite RESERVED_GREASE_0x0A0A =
-            new CipherSuite((short) 0x0A0A, "Reserved (GREASE)");
-    public static final CipherSuite TLS_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0x1301, "TLS_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0x1302, "TLS_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_CHACHA20_POLY1305_SHA256 =
-            new CipherSuite((short) 0x1303, "TLS_CHACHA20_POLY1305_SHA256");
-    public static final CipherSuite TLS_AES_128_CCM_SHA256 =
-            new CipherSuite((short) 0x1304, "TLS_AES_128_CCM_SHA256");
-    public static final CipherSuite RESERVED_GREASE_0x1A1A =
-            new CipherSuite((short) 0x1A1A, "Reserved (GREASE)");
-    public static final CipherSuite RESERVED_GREASE_0x2A2A =
-            new CipherSuite((short) 0x2A2A, "Reserved (GREASE)");
-    public static final CipherSuite RESERVED_GREASE_0x3A3A =
-            new CipherSuite((short) 0x3A3A, "Reserved (GREASE)");
-    public static final CipherSuite RESERVED_GREASE_0x4A4A =
-            new CipherSuite((short) 0x4A4A, "Reserved (GREASE)");
-    public static final CipherSuite TLS_FALLBACK_SCSV =
-            new CipherSuite((short) 0x5600, "TLS_FALLBACK_SCSV");
-    public static final CipherSuite RESERVED_GREASE_0x5A5A =
-            new CipherSuite((short) 0x5A5A, "Reserved (GREASE)");
-    public static final CipherSuite RESERVED_GREASE_0x6A6A =
-            new CipherSuite((short) 0x6A6A, "Reserved (GREASE)");
-    public static final CipherSuite RESERVED_GREASE_0x7A7A =
-            new CipherSuite((short) 0x7A7A, "Reserved (GREASE)");
-    public static final CipherSuite RESERVED_GREASE_0x8A8A =
-            new CipherSuite((short) 0x8A8A, "Reserved (GREASE)");
-    public static final CipherSuite RESERVED_GREASE_0x9A9A =
-            new CipherSuite((short) 0x9A9A, "Reserved (GREASE)");
-    public static final CipherSuite RESERVED_GREASE_0xAAAA =
-            new CipherSuite((short) 0xAAAA, "Reserved (GREASE)");
-    public static final CipherSuite RESERVED_GREASE_0xBABA =
-            new CipherSuite((short) 0xBABA, "Reserved (GREASE)");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_NULL_SHA =
-            new CipherSuite((short) 0xC001, "TLS_ECDH_ECDSA_WITH_NULL_SHA");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA =
-            new CipherSuite((short) 0xC002, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0xC003, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0xC004, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0xC005, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_NULL_SHA =
-            new CipherSuite((short) 0xC006, "TLS_ECDHE_ECDSA_WITH_NULL_SHA");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_RC4_128_SHA =
-            new CipherSuite((short) 0xC007, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0xC008, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0xC009, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0xC00A, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_NULL_SHA =
-            new CipherSuite((short) 0xC00B, "TLS_ECDH_RSA_WITH_NULL_SHA");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_RC4_128_SHA =
-            new CipherSuite((short) 0xC00C, "TLS_ECDH_RSA_WITH_RC4_128_SHA");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0xC00D, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0xC00E, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0xC00F, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_NULL_SHA =
-            new CipherSuite((short) 0xC010, "TLS_ECDHE_RSA_WITH_NULL_SHA");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_RC4_128_SHA =
-            new CipherSuite((short) 0xC011, "TLS_ECDHE_RSA_WITH_RC4_128_SHA");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0xC012, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0xC013, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0xC014, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_ECDH_anon_WITH_NULL_SHA =
-            new CipherSuite((short) 0xC015, "TLS_ECDH_anon_WITH_NULL_SHA");
-    public static final CipherSuite TLS_ECDH_anon_WITH_RC4_128_SHA =
-            new CipherSuite((short) 0xC016, "TLS_ECDH_anon_WITH_RC4_128_SHA");
-    public static final CipherSuite TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0xC017, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_ECDH_anon_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0xC018, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_ECDH_anon_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0xC019, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0xC01A, "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0xC01B, "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0xC01C, "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_SRP_SHA_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0xC01D, "TLS_SRP_SHA_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0xC01E, "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0xC01F, "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_SRP_SHA_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0xC020, "TLS_SRP_SHA_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0xC021, "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0xC022, "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC023, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC024, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC025, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC026, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC027, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC028, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC029, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC02A, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC02B, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC02C, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC02D, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC02E, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC02F, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC030, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC031, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC032, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_RC4_128_SHA =
-            new CipherSuite((short) 0xC033, "TLS_ECDHE_PSK_WITH_RC4_128_SHA");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA =
-            new CipherSuite((short) 0xC034, "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA =
-            new CipherSuite((short) 0xC035, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA =
-            new CipherSuite((short) 0xC036, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC037, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC038, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA =
-            new CipherSuite((short) 0xC039, "TLS_ECDHE_PSK_WITH_NULL_SHA");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA256 =
-            new CipherSuite((short) 0xC03A, "TLS_ECDHE_PSK_WITH_NULL_SHA256");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA384 =
-            new CipherSuite((short) 0xC03B, "TLS_ECDHE_PSK_WITH_NULL_SHA384");
-    public static final CipherSuite TLS_RSA_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC03C, "TLS_RSA_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_RSA_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC03D, "TLS_RSA_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC03E, "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC03F, "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC040, "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC041, "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC042, "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC043, "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC044, "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC045, "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC046, "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC047, "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC048, "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC049, "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC04A, "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC04B, "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC04C, "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC04D, "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC04E, "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC04F, "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_RSA_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC050, "TLS_RSA_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_RSA_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC051, "TLS_RSA_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC052, "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC053, "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC054, "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC055, "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC056, "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC057, "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC058, "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC059, "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC05A, "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC05B, "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC05C, "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC05D, "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC05E, "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC05F, "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC060, "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC061, "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC062, "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC063, "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_PSK_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC064, "TLS_PSK_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_PSK_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC065, "TLS_PSK_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC066, "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC067, "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC068, "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC069, "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_PSK_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC06A, "TLS_PSK_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_PSK_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC06B, "TLS_PSK_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC06C, "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC06D, "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC06E, "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC06F, "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC070, "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC071, "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC072, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC073, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC074, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC075, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC076, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC077, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC078, "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC079, "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC07A, "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC07B, "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC07C, "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC07D, "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC07E, "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC07F, "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC080, "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC081, "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC082, "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC083, "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC084, "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC085, "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC086, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC087, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC088, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC089, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC08A, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC08B, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC08C, "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC08D, "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC08E, "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC08F, "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC090, "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC091, "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC092, "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256");
-    public static final CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC093, "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384");
-    public static final CipherSuite TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC094, "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC095, "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC096, "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC097, "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC098, "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC099, "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 =
-            new CipherSuite((short) 0xC09A, "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 =
-            new CipherSuite((short) 0xC09B, "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384");
-    public static final CipherSuite TLS_RSA_WITH_AES_128_CCM =
-            new CipherSuite((short) 0xC09C, "TLS_RSA_WITH_AES_128_CCM");
-    public static final CipherSuite TLS_RSA_WITH_AES_256_CCM =
-            new CipherSuite((short) 0xC09D, "TLS_RSA_WITH_AES_256_CCM");
-    public static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM =
-            new CipherSuite((short) 0xC09E, "TLS_DHE_RSA_WITH_AES_128_CCM");
-    public static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM =
-            new CipherSuite((short) 0xC09F, "TLS_DHE_RSA_WITH_AES_256_CCM");
-    public static final CipherSuite TLS_RSA_WITH_AES_128_CCM_8 =
-            new CipherSuite((short) 0xC0A0, "TLS_RSA_WITH_AES_128_CCM_8");
-    public static final CipherSuite TLS_RSA_WITH_AES_256_CCM_8 =
-            new CipherSuite((short) 0xC0A1, "TLS_RSA_WITH_AES_256_CCM_8");
-    public static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM_8 =
-            new CipherSuite((short) 0xC0A2, "TLS_DHE_RSA_WITH_AES_128_CCM_8");
-    public static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM_8 =
-            new CipherSuite((short) 0xC0A3, "TLS_DHE_RSA_WITH_AES_256_CCM_8");
-    public static final CipherSuite TLS_PSK_WITH_AES_128_CCM =
-            new CipherSuite((short) 0xC0A4, "TLS_PSK_WITH_AES_128_CCM");
-    public static final CipherSuite TLS_PSK_WITH_AES_256_CCM =
-            new CipherSuite((short) 0xC0A5, "TLS_PSK_WITH_AES_256_CCM");
-    public static final CipherSuite TLS_DHE_PSK_WITH_AES_128_CCM =
-            new CipherSuite((short) 0xC0A6, "TLS_DHE_PSK_WITH_AES_128_CCM");
-    public static final CipherSuite TLS_DHE_PSK_WITH_AES_256_CCM =
-            new CipherSuite((short) 0xC0A7, "TLS_DHE_PSK_WITH_AES_256_CCM");
-    public static final CipherSuite TLS_PSK_WITH_AES_128_CCM_8 =
-            new CipherSuite((short) 0xC0A8, "TLS_PSK_WITH_AES_128_CCM_8");
-    public static final CipherSuite TLS_PSK_WITH_AES_256_CCM_8 =
-            new CipherSuite((short) 0xC0A9, "TLS_PSK_WITH_AES_256_CCM_8");
-    public static final CipherSuite TLS_PSK_DHE_WITH_AES_128_CCM_8 =
-            new CipherSuite((short) 0xC0AA, "TLS_PSK_DHE_WITH_AES_128_CCM_8");
-    public static final CipherSuite TLS_PSK_DHE_WITH_AES_256_CCM_8 =
-            new CipherSuite((short) 0xC0AB, "TLS_PSK_DHE_WITH_AES_256_CCM_8");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM =
-            new CipherSuite((short) 0xC0AC, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM =
-            new CipherSuite((short) 0xC0AD, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 =
-            new CipherSuite((short) 0xC0AE, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 =
-            new CipherSuite((short) 0xC0AF, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8");
-    public static final CipherSuite TLS_ECCPWD_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0xC0B0, "TLS_ECCPWD_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECCPWD_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0xC0B1, "TLS_ECCPWD_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECCPWD_WITH_AES_128_CCM_SHA256 =
-            new CipherSuite((short) 0xC0B2, "TLS_ECCPWD_WITH_AES_128_CCM_SHA256");
-    public static final CipherSuite TLS_ECCPWD_WITH_AES_256_CCM_SHA384 =
-            new CipherSuite((short) 0xC0B3, "TLS_ECCPWD_WITH_AES_256_CCM_SHA384");
-    public static final CipherSuite RESERVED_GREASE_0xCACA =
-            new CipherSuite((short) 0xCACA, "Reserved (GREASE)");
-    public static final CipherSuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 =
-            new CipherSuite((short) 0xCCA8, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256");
-    public static final CipherSuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 =
-            new CipherSuite((short) 0xCCA9, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256");
-    public static final CipherSuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 =
-            new CipherSuite((short) 0xCCAA, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256");
-    public static final CipherSuite TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 =
-            new CipherSuite((short) 0xCCAB, "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 =
-            new CipherSuite((short) 0xCCAC, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256");
-    public static final CipherSuite TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 =
-            new CipherSuite((short) 0xCCAD, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256");
-    public static final CipherSuite TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 =
-            new CipherSuite((short) 0xCCAE, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 =
-            new CipherSuite((short) 0xD001, "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 =
-            new CipherSuite((short) 0xD002, "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 =
-            new CipherSuite((short) 0xD003, "TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256");
-    public static final CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 =
-            new CipherSuite((short) 0xD005, "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256");
-    public static final CipherSuite RESERVED_GREASE_0xDADA =
-            new CipherSuite((short) 0xDADA, "Reserved (GREASE)");
-    public static final CipherSuite RESERVED_GREASE_0xEAEA =
-            new CipherSuite((short) 0xEAEA, "Reserved (GREASE)");
-    public static final CipherSuite RESERVED_GREASE_0xFAFA =
-            new CipherSuite((short) 0xFAFA, "Reserved (GREASE)");
-
-    public CipherSuite(Short value, String name) {
-        super(value, name);
-        registry.put(value, this);
-    }
-
-    public static CipherSuite getInstance(Short value) {
-        if (registry.containsKey(value)) {
-            return registry.get(value);
-        } else {
-            throw new IllegalArgumentException("Unknown cipher suite: " + value);
-        }
-    }
-
-    @Override
-    public int compareTo(CipherSuite o) {
-        return value().compareTo(o.value());
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/CompressionMethod.java

@@ -1,38 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.numbers;
-
-import org.pcap4j.packet.namednumber.NamedNumber;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class CompressionMethod extends NamedNumber<Byte, CompressionMethod> {
-
-    // https://www.iana.org/assignments/comp-meth-ids/comp-meth-ids.xhtml
-
-    public static final CompressionMethod NULL = new CompressionMethod((byte) 0, "null");
-    public static final CompressionMethod DEFLATE = new CompressionMethod((byte) 1, "Deflate");
-    public static final CompressionMethod LZS = new CompressionMethod((byte) 64, "LZS");
-
-    private static final Map<Byte, CompressionMethod> registry = new HashMap<>();
-
-    static {
-        registry.put(NULL.value(), NULL);
-    }
-
-    public CompressionMethod(Byte value, String name) {
-        super(value, name);
-    }
-
-    public static CompressionMethod getInstance(Byte value) {
-        if (registry.containsKey(value)) {
-            return registry.get(value);
-        } else {
-            return new CompressionMethod(value, "Unknown");
-        }
-    }
-
-    @Override
-    public int compareTo(CompressionMethod o) {
-        return value().compareTo(o.value());
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/ContentType.java

@@ -1,44 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.numbers;
-
-import org.pcap4j.packet.namednumber.NamedNumber;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class ContentType extends NamedNumber<Byte, ContentType> {
-
-    // https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
-
-    public static final ContentType CHANGE_CIPHER_SPEC = new ContentType((byte) 20, "Change Cipher Spec");
-    public static final ContentType ALERT = new ContentType((byte) 21, "Alert");
-    public static final ContentType HANDSHAKE = new ContentType((byte) 22, "Handshake");
-    public static final ContentType APPLICATION_DATA = new ContentType((byte) 23, "Application Data");
-    public static final ContentType HEARTBEAT = new ContentType((byte) 24, "Heartbeat");
-
-    private static final Map<Byte, ContentType> registry = new HashMap<>();
-
-    static {
-        registry.put(CHANGE_CIPHER_SPEC.value(), CHANGE_CIPHER_SPEC);
-        registry.put(ALERT.value(), ALERT);
-        registry.put(HANDSHAKE.value(), HANDSHAKE);
-        registry.put(APPLICATION_DATA.value(), APPLICATION_DATA);
-        registry.put(HEARTBEAT.value(), HEARTBEAT);
-    }
-
-    public ContentType(Byte value, String name) {
-        super(value, name);
-    }
-
-    public static ContentType getInstance(Byte value) {
-        if (registry.containsKey(value)) {
-            return registry.get(value);
-        } else {
-            throw new IllegalArgumentException("Unknown record type " + value);
-        }
-    }
-
-    @Override
-    public int compareTo(ContentType o) {
-        return value().compareTo(o.value());
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/ExtensionType.java

@@ -1,98 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.numbers;
-
-import org.pcap4j.packet.namednumber.NamedNumber;
-
-import java.util.HashMap;
-import java.util.Map;
-
-@SuppressWarnings("unused")
-public class ExtensionType extends NamedNumber<Short, ExtensionType> {
-
-    private static final Map<Short, ExtensionType> registry = new HashMap<>();
-
-    public static final ExtensionType SERVER_NAME = new ExtensionType((short) 0, "server_name");
-    public static final ExtensionType MAX_FRAGMENT_LENGTH = new ExtensionType((short) 1, "max_fragment_length");
-    public static final ExtensionType CLIENT_CERTIFICATE_URL = new ExtensionType((short) 2, "client_certificate_url");
-    public static final ExtensionType TRUSTED_CA_KEYS = new ExtensionType((short) 3, "trusted_ca_keys");
-    public static final ExtensionType TRUNCATED_HMAC = new ExtensionType((short) 4, "truncated_hmac");
-    public static final ExtensionType STATUS_REQUEST = new ExtensionType((short) 5, "status_request");
-    public static final ExtensionType USER_MAPPING = new ExtensionType((short) 6, "user_mapping");
-    public static final ExtensionType CLIENT_AUTHZ = new ExtensionType((short) 7, "client_authz");
-    public static final ExtensionType SERVER_AUTHZ = new ExtensionType((short) 8, "server_authz");
-    public static final ExtensionType CERT_TYPE = new ExtensionType((short) 9, "cert_type");
-    public static final ExtensionType SUPPORTED_GROUPS = new ExtensionType((short) 10, "supported_groups");
-    public static final ExtensionType EC_POINT_FORMATS = new ExtensionType((short) 11, "ec_point_formats");
-    public static final ExtensionType SRP = new ExtensionType((short) 12, "srp");
-    public static final ExtensionType SIGNATURE_ALGORITHMS = new ExtensionType((short) 13, "signature_algorithms");
-    public static final ExtensionType USE_SRTP = new ExtensionType((short) 14, "use_srtp");
-    public static final ExtensionType HEARTBEAT = new ExtensionType((short) 15, "heartbeat");
-    public static final ExtensionType APPLICATION_LAYER_PROTOCOL_NEGOTIATION = new ExtensionType((short) 16, "application_layer_protocol_negotiation");
-    public static final ExtensionType STATUS_REQUEST_V2 = new ExtensionType((short) 17, "status_request_v2");
-    public static final ExtensionType SIGNED_CERTIFICATE_TIMESTAMP = new ExtensionType((short) 18, "signed_certificate_timestamp");
-    public static final ExtensionType CLIENT_CERTIFICATE_TYPE = new ExtensionType((short) 19, "client_certificate_type");
-    public static final ExtensionType SERVER_CERTIFICATE_TYPE = new ExtensionType((short) 20, "server_certificate_type");
-    public static final ExtensionType PADDING = new ExtensionType((short) 21, "padding");
-    public static final ExtensionType ENCRYPT_THEN_MAC = new ExtensionType((short) 22, "encrypt_then_mac");
-    public static final ExtensionType EXTENDED_MASTER_SECRET = new ExtensionType((short) 23, "extended_master_secret");
-    public static final ExtensionType TOKEN_BINDING = new ExtensionType((short) 24, "token_binding");
-    public static final ExtensionType CACHED_INFO = new ExtensionType((short) 25, "cached_info");
-    public static final ExtensionType TLS_LTS = new ExtensionType((short) 26, "tls_lts");
-    public static final ExtensionType COMPRESS_CERTIFICATE = new ExtensionType((short) 27, "compress_certificate");
-    public static final ExtensionType RECORD_SIZE_LIMIT = new ExtensionType((short) 28, "record_size_limit");
-    public static final ExtensionType PWD_PROTECT = new ExtensionType((short) 29, "pwd_protect");
-    public static final ExtensionType PWD_CLEAR = new ExtensionType((short) 30, "pwd_clear");
-    public static final ExtensionType PASSWORD_SALT = new ExtensionType((short) 31, "password_salt");
-    public static final ExtensionType TICKET_PINNING = new ExtensionType((short) 32, "ticket_pinning");
-    public static final ExtensionType TLS_CERT_WITH_EXTERN_PSK = new ExtensionType((short) 33, "tls_cert_with_extern_psk");
-    public static final ExtensionType DELEGATED_CREDENTIALS = new ExtensionType((short) 34, "delegated_credentials");
-    public static final ExtensionType SESSION_TICKET = new ExtensionType((short) 35, "session_ticket");
-    public static final ExtensionType PRE_SHARED_KEY = new ExtensionType((short) 41, "pre_shared_key");
-    public static final ExtensionType EARLY_DATA = new ExtensionType((short) 42, "early_data");
-    public static final ExtensionType SUPPORTED_VERSIONS = new ExtensionType((short) 43, "supported_versions");
-    public static final ExtensionType COOKIE = new ExtensionType((short) 44, "cookie");
-    public static final ExtensionType PSK_KEY_EXCHANGE_MODES = new ExtensionType((short) 45, "psk_key_exchange_modes");
-    public static final ExtensionType CERTIFICATE_AUTHORITIES = new ExtensionType((short) 47, "certificate_authorities");
-    public static final ExtensionType OID_FILTERS = new ExtensionType((short) 48, "oid_filters");
-    public static final ExtensionType POST_HANDSHAKE_AUTH = new ExtensionType((short) 49, "post_handshake_auth");
-    public static final ExtensionType SIGNATURE_ALGORITHMS_CERT = new ExtensionType((short) 50, "signature_algorithms_cert");
-    public static final ExtensionType KEY_SHARE = new ExtensionType((short) 51, "key_share");
-    public static final ExtensionType TRANSPARENCY_INFO = new ExtensionType((short) 52, "transparency_info");
-    public static final ExtensionType CONNECTION_ID = new ExtensionType((short) 53, "connection_id");
-    public static final ExtensionType EXTERNAL_ID_HASH = new ExtensionType((short) 55, "external_id_hash");
-    public static final ExtensionType EXTERNAL_SESSION_ID = new ExtensionType((short) 56, "external_session_id");
-    public static final ExtensionType RESERVED_GREASE_2570 = new ExtensionType((short) 2570, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_6682 = new ExtensionType((short) 6682, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_10794 = new ExtensionType((short) 10794, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_14906 = new ExtensionType((short) 14906, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_19018 = new ExtensionType((short) 19018, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_23130 = new ExtensionType((short) 23130, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_27242 = new ExtensionType((short) 27242, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_31354 = new ExtensionType((short) 31354, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_35466 = new ExtensionType((short) 35466, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_39578 = new ExtensionType((short) 39578, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_43690 = new ExtensionType((short) 43690, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_47802 = new ExtensionType((short) 47802, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_51914 = new ExtensionType((short) 51914, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_56026 = new ExtensionType((short) 56026, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_60138 = new ExtensionType((short) 60138, "Reserved (GREASE)");
-    public static final ExtensionType RESERVED_GREASE_64250 = new ExtensionType((short) 64250, "Reserved (GREASE)");
-    public static final ExtensionType RENEGOTIATION_INFO = new ExtensionType((short) 65281, "renegotiation_info");
-
-    public ExtensionType(Short value, String name) {
-        super(value, name);
-        registry.put(value, this);
-    }
-
-    public static ExtensionType getInstance(Short value) {
-        if (registry.containsKey(value)) {
-            return registry.get(value);
-        } else {
-            return new ExtensionType(value, "Unknown");
-        }
-    }
-
-    @Override
-    public int compareTo(ExtensionType o) {
-        return value().compareTo(o.value());
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/HandshakeType.java

@@ -1,52 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.numbers;
-
-import org.pcap4j.packet.namednumber.NamedNumber;
-
-import java.util.HashMap;
-import java.util.Map;
-
-@SuppressWarnings("unused")
-public class HandshakeType extends NamedNumber<Byte, HandshakeType> {
-
-    private static final Map<Byte, HandshakeType> registry = new HashMap<>();
-
-    // https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
-
-    public static final HandshakeType HELLO_REQUEST = new HandshakeType((byte) 0, "Hello Request");
-    public static final HandshakeType CLIENT_HELLO = new HandshakeType((byte) 1, "Client Hello");
-    public static final HandshakeType SERVER_HELLO = new HandshakeType((byte) 2, "Server Hello");
-    public static final HandshakeType HELLO_VERIFY_REQUEST = new HandshakeType((byte) 3, "Hello Verify Request");
-    public static final HandshakeType NEW_SESSION_TICKET = new HandshakeType((byte) 4, "New Session Ticket");
-    public static final HandshakeType END_OF_EARLY_DATA = new HandshakeType((byte) 5, "End Of Early Data");
-    public static final HandshakeType HELLO_RETRY_REQUEST = new HandshakeType((byte) 6, "Hello Retry Request");
-    public static final HandshakeType ENCRYPTED_EXTENSIONS = new HandshakeType((byte) 8, "Encrypted Extensions");
-    public static final HandshakeType CERTIFICATE = new HandshakeType((byte) 11, "Certificate");
-    public static final HandshakeType SERVER_KEY_EXCHANGE = new HandshakeType((byte) 12, "Server Key Excange");
-    public static final HandshakeType CERTIFICATE_REQUEST = new HandshakeType((byte) 13, "Certificate Request");
-    public static final HandshakeType SERVER_HELLO_DONE = new HandshakeType((byte) 14, "Server Hello Done");
-    public static final HandshakeType CERTIFICATE_VERIFY = new HandshakeType((byte) 15, "Certificate Verify");
-    public static final HandshakeType CLIENT_KEY_EXCHANGE = new HandshakeType((byte) 16, "Client Key Exchange");
-    public static final HandshakeType FINISHED = new HandshakeType((byte) 20, "Finished");
-    public static final HandshakeType CERTIFICATE_URL = new HandshakeType((byte) 21, "Certificate URL");
-    public static final HandshakeType CERTIFICATE_STATUS = new HandshakeType((byte) 22, "Certificate Status");
-    public static final HandshakeType SUPPLEMENTAL_DATA = new HandshakeType((byte) 23, "Supplemental Data");
-    public static final HandshakeType KEY_UPDATE = new HandshakeType((byte) 24, "Key Update");
-    public static final HandshakeType COMPRESSED_CERTIFICATE = new HandshakeType((byte) 25, "Compressed Certificate");
-    public static final HandshakeType MESSAGE_HASH = new HandshakeType((byte) 254, "Message Hash");
-
-    public static final HandshakeType ENCRYPTED_HANDSHAKE_MESSAGE = new HandshakeType((byte) 255, "Encrypted Handshake Message");
-
-    public HandshakeType(Byte value, String name) {
-        super(value, name);
-        registry.put(value, this);
-    }
-
-    public static HandshakeType getInstance(Byte value) {
-        return registry.getOrDefault(value, ENCRYPTED_HANDSHAKE_MESSAGE);
-    }
-
-    @Override
-    public int compareTo(HandshakeType o) {
-        return value().compareTo(o.value());
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/HeartbeatMessageType.java

@@ -1,33 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.numbers;
-
-import org.pcap4j.packet.namednumber.NamedNumber;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class HeartbeatMessageType extends NamedNumber<Byte, HeartbeatMessageType> {
-
-    private static final Map<Byte, HeartbeatMessageType> registry = new HashMap<>();
-
-    public static final HeartbeatMessageType HEARTBEAT_REQUEST = new HeartbeatMessageType((byte) 1, "heartbeat_request");
-    public static final HeartbeatMessageType HEARTBEAT_RESPONSE = new HeartbeatMessageType((byte) 2, "heartbeat_response");
-
-    public HeartbeatMessageType(Byte value, String name) {
-        super(value, name);
-        registry.put(value, this);
-    }
-
-    public static HeartbeatMessageType getInstance(Byte value) {
-        if (registry.containsKey(value)) {
-            return registry.get(value);
-        } else {
-            throw new IllegalArgumentException("Unknown heartbeat message type: " + value);
-        }
-    }
-
-    @Override
-    public int compareTo(HeartbeatMessageType o) {
-        return value().compareTo(o.value());
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/KeyGroup.java

@@ -1,98 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.numbers;
-
-import org.pcap4j.packet.namednumber.NamedNumber;
-
-import java.util.HashMap;
-import java.util.Map;
-
-@SuppressWarnings("unused")
-public class KeyGroup extends NamedNumber<Short, KeyGroup> {
-
-    // https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
-
-    private static final Map<Short, KeyGroup> registry = new HashMap<>();
-
-    public static final KeyGroup RESERVED_GREASE_0 = new KeyGroup((short) 0, "Reserved (GREASE)");
-    public static final KeyGroup SECT163K1 = new KeyGroup((short) 1, "sect163k1");
-    public static final KeyGroup SECT163R1 = new KeyGroup((short) 2, "sect163r1");
-    public static final KeyGroup SECT163R2 = new KeyGroup((short) 3, "sect163r2");
-    public static final KeyGroup SECT193R1 = new KeyGroup((short) 4, "sect193r1");
-    public static final KeyGroup SECT193R2 = new KeyGroup((short) 5, "sect193r2");
-    public static final KeyGroup SECT233K1 = new KeyGroup((short) 6, "sect233k1");
-    public static final KeyGroup SECT233R1 = new KeyGroup((short) 7, "sect233r1");
-    public static final KeyGroup SECT239K1 = new KeyGroup((short) 8, "sect239k1");
-    public static final KeyGroup SECT283K1 = new KeyGroup((short) 9, "sect283k1");
-    public static final KeyGroup SECT283R1 = new KeyGroup((short) 10, "sect283r1");
-    public static final KeyGroup SECT409K1 = new KeyGroup((short) 11, "sect409k1");
-    public static final KeyGroup SECT409R1 = new KeyGroup((short) 12, "sect409r1");
-    public static final KeyGroup SECT571K1 = new KeyGroup((short) 13, "sect571k1");
-    public static final KeyGroup SECT571R1 = new KeyGroup((short) 14, "sect571r1");
-    public static final KeyGroup SECP160K1 = new KeyGroup((short) 15, "secp160k1");
-    public static final KeyGroup SECP160R1 = new KeyGroup((short) 16, "secp160r1");
-    public static final KeyGroup SECP160R2 = new KeyGroup((short) 17, "secp160r2");
-    public static final KeyGroup SECP192K1 = new KeyGroup((short) 18, "secp192k1");
-    public static final KeyGroup SECP192R1 = new KeyGroup((short) 19, "secp192r1");
-    public static final KeyGroup SECP224K1 = new KeyGroup((short) 20, "secp224k1");
-    public static final KeyGroup SECP224R1 = new KeyGroup((short) 21, "secp224r1");
-    public static final KeyGroup SECP256K1 = new KeyGroup((short) 22, "secp256k1");
-    public static final KeyGroup SECP256R1 = new KeyGroup((short) 23, "secp256r1");
-    public static final KeyGroup SECP384R1 = new KeyGroup((short) 24, "secp384r1");
-    public static final KeyGroup SECP521R1 = new KeyGroup((short) 25, "secp521r1");
-    public static final KeyGroup BRAINPOOLP256R1 = new KeyGroup((short) 26, "brainpoolP256r1");
-    public static final KeyGroup BRAINPOOLP384R1 = new KeyGroup((short) 27, "brainpoolP384r1");
-    public static final KeyGroup BRAINPOOLP512R1 = new KeyGroup((short) 28, "brainpoolP512r1");
-    public static final KeyGroup X25519 = new KeyGroup((short) 29, "x25519");
-    public static final KeyGroup X448 = new KeyGroup((short) 30, "x448");
-    public static final KeyGroup BRAINPOOLP256R1TLS13 = new KeyGroup((short) 31, "brainpoolP256r1tls13");
-    public static final KeyGroup BRAINPOOLP384R1TLS13 = new KeyGroup((short) 32, "brainpoolP384r1tls13");
-    public static final KeyGroup BRAINPOOLP512R1TLS13 = new KeyGroup((short) 33, "brainpoolP512r1tls13");
-    public static final KeyGroup GC256A = new KeyGroup((short) 34, "GC256A");
-    public static final KeyGroup GC256B = new KeyGroup((short) 35, "GC256B");
-    public static final KeyGroup GC256C = new KeyGroup((short) 36, "GC256C");
-    public static final KeyGroup GC256D = new KeyGroup((short) 37, "GC256D");
-    public static final KeyGroup GC512A = new KeyGroup((short) 38, "GC512A");
-    public static final KeyGroup GC512B = new KeyGroup((short) 39, "GC512B");
-    public static final KeyGroup GC512C = new KeyGroup((short) 40, "GC512C");
-    public static final KeyGroup CURVESM2 = new KeyGroup((short) 41, "curveSM2");
-    public static final KeyGroup FFDHE2048 = new KeyGroup((short) 256, "ffdhe2048");
-    public static final KeyGroup FFDHE3072 = new KeyGroup((short) 257, "ffdhe3072");
-    public static final KeyGroup FFDHE4096 = new KeyGroup((short) 258, "ffdhe4096");
-    public static final KeyGroup FFDHE6144 = new KeyGroup((short) 259, "ffdhe6144");
-    public static final KeyGroup FFDHE8192 = new KeyGroup((short) 260, "ffdhe8192");
-    public static final KeyGroup RESERVED_GREASE_2570 = new KeyGroup((short) 2570, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_6682 = new KeyGroup((short) 6682, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_10794 = new KeyGroup((short) 10794, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_14906 = new KeyGroup((short) 14906, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_19018 = new KeyGroup((short) 19018, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_23130 = new KeyGroup((short) 23130, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_27242 = new KeyGroup((short) 27242, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_31354 = new KeyGroup((short) 31354, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_35466 = new KeyGroup((short) 35466, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_39578 = new KeyGroup((short) 39578, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_43690 = new KeyGroup((short) 43690, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_47802 = new KeyGroup((short) 47802, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_51914 = new KeyGroup((short) 51914, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_56026 = new KeyGroup((short) 56026, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_60138 = new KeyGroup((short) 60138, "Reserved (GREASE)");
-    public static final KeyGroup RESERVED_GREASE_64250 = new KeyGroup((short) 64250, "Reserved (GREASE)");
-    public static final KeyGroup ARBITRARY_EXPLICIT_PRIME_CURVES = new KeyGroup((short) 65281, "arbitrary_explicit_prime_curves");
-    public static final KeyGroup ARBITRARY_EXPLICIT_CHAR2_CURVES = new KeyGroup((short) 65282, "arbitrary_explicit_char2_curves");
-
-    public KeyGroup(Short value, String name) {
-        super(value, name);
-        registry.put(value, this);
-    }
-
-    public static KeyGroup getInstance(Short value) {
-        if (registry.containsKey(value)) {
-            return registry.get(value);
-        } else {
-            return new KeyGroup(value, "Unknown");
-        }
-    }
-
-    @Override
-    public int compareTo(KeyGroup o) {
-        return value().compareTo(o.value());
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/numbers/TlsVersion.java

@@ -1,41 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.numbers;
-
-import org.pcap4j.packet.namednumber.NamedNumber;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class TlsVersion extends NamedNumber<Short, TlsVersion> {
-
-    public static final TlsVersion TLS_1_0 = new TlsVersion((short) 0x0301, "TLS 1.0");
-    public static final TlsVersion TLS_1_1 = new TlsVersion((short) 0x0302, "TLS 1.1");
-    public static final TlsVersion TLS_1_2 = new TlsVersion((short) 0x0303, "TLS 1.2");
-    public static final TlsVersion TLS_1_3 = new TlsVersion((short) 0x0304, "TLS 1.3");
-
-    private static final Map<Short, TlsVersion> registry = new HashMap<>();
-
-    static {
-        registry.put(TLS_1_0.value(), TLS_1_0);
-        registry.put(TLS_1_1.value(), TLS_1_1);
-        registry.put(TLS_1_2.value(), TLS_1_2);
-        registry.put(TLS_1_3.value(), TLS_1_3);
-    }
-
-    public TlsVersion(Short value, String name) {
-        super(value, name);
-    }
-
-    public static TlsVersion getInstance(Short value) {
-        if (registry.containsKey(value)) {
-            return registry.get(value);
-        } else {
-            return new TlsVersion(value, "unknown");
-        }
-    }
-
-    @Override
-    public int compareTo(TlsVersion o) {
-        return value().compareTo(o.value());
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/records/AlertRecord.java

@@ -1,40 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.records;
-
-import org.pcap4j.util.ByteArrays;
-import ru.serega6531.packmate.service.optimization.tls.numbers.AlertDescription;
-import ru.serega6531.packmate.service.optimization.tls.numbers.AlertLevel;
-
-import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
-
-public class AlertRecord implements TlsRecord {
-
-    private static final int LEVEL_OFFSET = 0;
-    private static final int DESCRIPTION_OFFSET = LEVEL_OFFSET + BYTE_SIZE_IN_BYTES;
-
-    private int length;
-    private AlertLevel level;
-    private AlertDescription description;
-
-    public static AlertRecord newInstance(byte[] rawData, int offset, int length) {
-        ByteArrays.validateBounds(rawData, offset, length);
-        return new AlertRecord(rawData, offset, length);
-    }
-
-    public AlertRecord(byte[] rawData, int offset, int length) {
-        this.length = length;
-        this.level = AlertLevel.getInstance(ByteArrays.getByte(rawData, LEVEL_OFFSET + offset));
-
-        if (level != AlertLevel.ENCRYPTED_ALERT) {
-            this.description = AlertDescription.getInstance(ByteArrays.getByte(rawData, DESCRIPTION_OFFSET + offset));
-        }
-    }
-
-    @Override
-    public String toString() {
-        if (level != AlertLevel.ENCRYPTED_ALERT) {
-            return "  Alert [level: " + level.name() + ", description: " + description.name() + "]";
-        } else {
-            return "  Encrypted Alert [" + length + " bytes]";
-        }
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/records/ApplicationDataRecord.java

@@ -1,33 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.records;
-
-import org.pcap4j.util.ByteArrays;
-
-public class ApplicationDataRecord implements TlsRecord {
-
-    /**
-     * 0x0          - Encrypted Application Data
-     * 0x0 + length - End
-     */
-
-    private byte[] data;
-
-    public static ApplicationDataRecord newInstance(byte[] rawData, int offset, int length) {
-        ByteArrays.validateBounds(rawData, offset, length);
-        return new ApplicationDataRecord(rawData, offset, length);
-    }
-
-    public ApplicationDataRecord(byte[] rawData, int offset, int length) {
-        data = new byte[length];
-        System.arraycopy(rawData, offset, data, 0, length);
-    }
-
-    public byte[] getData() {
-        return data;
-    }
-
-    @Override
-    public String toString() {
-        return "  Encrypted data: [" + data.length + " bytes]";
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/records/ChangeCipherSpecRecord.java

@@ -1,27 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.records;
-
-import org.pcap4j.util.ByteArrays;
-
-public class ChangeCipherSpecRecord implements TlsRecord {
-
-    /**
-    0x0 - Change Cipher Spec Message
-    0x1 - End
-     */
-
-    private byte changeCipherSpecMessage;
-
-    public static ChangeCipherSpecRecord newInstance(byte[] rawData, int offset, int length) {
-        ByteArrays.validateBounds(rawData, offset, length);
-        return new ChangeCipherSpecRecord(rawData, offset);
-    }
-
-    private ChangeCipherSpecRecord(byte[] rawData, int offset) {
-        this.changeCipherSpecMessage = ByteArrays.getByte(rawData, offset);
-    }
-
-    @Override
-    public String toString() {
-        return "  Change Cipher Spec Message: " + changeCipherSpecMessage;
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/records/HandshakeRecord.java

@@ -1,73 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.records;
-
-import org.pcap4j.util.ByteArrays;
-import ru.serega6531.packmate.service.optimization.tls.numbers.HandshakeType;
-import ru.serega6531.packmate.service.optimization.tls.records.handshakes.*;
-import ru.serega6531.packmate.utils.BytesUtils;
-
-import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
-
-public class HandshakeRecord implements TlsRecord {
-
-    /*
-    0x0 - Handshake type
-    0x1 - Handshake length
-    0x4 - Handshake version
-    0x6 - Handshake content
-     */
-
-    private static final int HANDSHAKE_TYPE_OFFSET = 0;
-    private static final int LENGTH_OFFSET = HANDSHAKE_TYPE_OFFSET + BYTE_SIZE_IN_BYTES;
-    private static final int CONTENT_OFFSET = LENGTH_OFFSET + 3;
-
-    private HandshakeType handshakeType;
-    private int handshakeLength;  // 3 bytes
-    private HandshakeRecordContent content;
-
-    public static HandshakeRecord newInstance(byte[] rawData, int offset, int length) {
-        ByteArrays.validateBounds(rawData, offset, length);
-        return new HandshakeRecord(rawData, offset, length);
-    }
-
-    private HandshakeRecord(byte[] rawData, int offset, int length) {
-        this.handshakeType = HandshakeType.getInstance(ByteArrays.getByte(rawData, HANDSHAKE_TYPE_OFFSET + offset));
-
-        if (handshakeType == HandshakeType.ENCRYPTED_HANDSHAKE_MESSAGE) {
-            this.handshakeLength = length;
-            this.content = BasicHandshakeRecordContent.newInstance(
-                    rawData, offset, handshakeLength);
-            return;
-        }
-
-        this.handshakeLength = BytesUtils.getThreeBytesInt(rawData, LENGTH_OFFSET + offset);
-
-        if (handshakeType == HandshakeType.CLIENT_HELLO) {
-            this.content = ClientHelloHandshakeRecordContent.newInstance(
-                    rawData, offset + CONTENT_OFFSET, handshakeLength);
-        } else if (handshakeType == HandshakeType.SERVER_HELLO) {
-            this.content = ServerHelloHandshakeRecordContent.newInstance(
-                    rawData, offset + CONTENT_OFFSET, handshakeLength);
-        } else if (handshakeType == HandshakeType.CERTIFICATE) {
-            this.content = CertificateHandshakeRecordContent.newInstance(
-                    rawData, offset + CONTENT_OFFSET, handshakeLength);
-        } else {
-            this.content = BasicHandshakeRecordContent.newInstance(
-                    rawData, offset + CONTENT_OFFSET, handshakeLength);
-        }
-    }
-
-    public HandshakeType getHandshakeType() {
-        return handshakeType;
-    }
-
-    public HandshakeRecordContent getContent() {
-        return content;
-    }
-
-    @Override
-    public String toString() {
-        return "    Handshake length: " + handshakeLength + "\n" +
-                "    Handshake type: " + handshakeType + "\n" +
-                content.toString();
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/records/HeartbeatRecord.java

@@ -1,53 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.records;
-
-import org.pcap4j.util.ByteArrays;
-import ru.serega6531.packmate.service.optimization.tls.numbers.HeartbeatMessageType;
-
-import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
-import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
-
-public class HeartbeatRecord implements TlsRecord {
-
-    //https://tools.ietf.org/html/rfc6520
-
-    private static final int TYPE_OFFSET = 0;
-    private static final int PAYLOAD_LENGTH_OFFSET = TYPE_OFFSET + BYTE_SIZE_IN_BYTES;
-    private static final int PAYLOAD_OFFSET = PAYLOAD_LENGTH_OFFSET + SHORT_SIZE_IN_BYTES;
-
-    private HeartbeatMessageType type;
-    private short payloadLength;
-    private byte[] payload;
-    private byte[] padding;
-
-    public static HeartbeatRecord newInstance(byte[] rawData, int offset, int length) {
-        ByteArrays.validateBounds(rawData, offset, length);
-        return new HeartbeatRecord(rawData, offset, length);
-    }
-
-    public HeartbeatRecord(byte[] rawData, int offset, int length) {
-        this.type = HeartbeatMessageType.getInstance(ByteArrays.getByte(rawData, TYPE_OFFSET + offset));
-        this.payloadLength = ByteArrays.getShort(rawData, PAYLOAD_LENGTH_OFFSET + offset);
-        this.payload = ByteArrays.getSubArray(rawData, PAYLOAD_OFFSET + offset, payloadLength);
-        this.padding = ByteArrays.getSubArray(rawData, PAYLOAD_OFFSET + payloadLength + offset);
-    }
-
-    public HeartbeatMessageType getType() {
-        return type;
-    }
-
-    public byte[] getPayload() {
-        return payload;
-    }
-
-    public byte[] getPadding() {
-        return padding;
-    }
-
-    @Override
-    public String toString() {
-        return "  Heartbeat (" + type.name() +
-                ") [" + payloadLength + " bytes payload, " +
-                padding.length + " bytes padding]";
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/records/TlsRecord.java

@@ -1,7 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.records;
-
-import java.io.Serializable;
-
-public interface TlsRecord extends Serializable {
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/BasicHandshakeRecordContent.java

@@ -1,36 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.records.handshakes;
-
-import org.pcap4j.util.ByteArrays;
-
-public class BasicHandshakeRecordContent implements HandshakeRecordContent {
-
-    /**
-     * 0x0          - Content
-     * 0x0 + length - End
-     */
-
-    private byte[] content;
-
-    public static BasicHandshakeRecordContent newInstance(byte[] rawData, int offset, int length) {
-        if(length > 0) {
-            ByteArrays.validateBounds(rawData, offset, length);
-        }
-        return new BasicHandshakeRecordContent(rawData, offset, length);
-    }
-
-    public BasicHandshakeRecordContent(byte[] rawData, int offset, int length) {
-        content = new byte[length];
-        if (length > 0) {
-            System.arraycopy(rawData, offset, content, 0, length);
-        }
-    }
-
-    public byte[] getContent() {
-        return content;
-    }
-
-    @Override
-    public String toString() {
-        return "    [" + content.length + " bytes]";
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/CertificateHandshakeRecordContent.java

@@ -1,52 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.records.handshakes;
-
-import org.pcap4j.util.ByteArrays;
-import ru.serega6531.packmate.utils.BytesUtils;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class CertificateHandshakeRecordContent implements HandshakeRecordContent {
-
-    private static final int CERTIFICATES_LENGTH_OFFSET = 0;
-    private static final int CERTIFICATES_OFFSET = 3;
-
-    private int certificatesLength;
-    private List<byte[]> rawCertificates = new ArrayList<>();
-
-    public static CertificateHandshakeRecordContent newInstance(byte[] rawData, int offset, int length) {
-        return new CertificateHandshakeRecordContent(rawData, offset, length);
-    }
-
-    public CertificateHandshakeRecordContent(byte[] rawData, int offset, int length) {
-        this.certificatesLength = BytesUtils.getThreeBytesInt(rawData, CERTIFICATES_LENGTH_OFFSET + offset);
-
-        int cursor = CERTIFICATES_OFFSET + offset;
-        while (cursor < offset + length) {
-            int certificateLength = BytesUtils.getThreeBytesInt(rawData, cursor);
-            cursor += 3;
-
-            ByteArrays.validateBounds(rawData, cursor, certificateLength);
-            byte[] certData = ByteArrays.getSubArray(rawData, cursor, certificateLength);
-            rawCertificates.add(certData);
-            cursor += certificateLength;
-        }
-    }
-
-    public List<byte[]> getRawCertificates() {
-        return rawCertificates;
-    }
-
-    @Override
-    public String toString() {
-        StringBuilder sb = new StringBuilder("    Chain length: " + rawCertificates.size());
-
-        for (byte[] cert : rawCertificates) {
-            sb.append('\n');
-            sb.append("    [").append(cert.length).append(" bytes]");
-        }
-
-        return sb.toString();
-    }
-
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/ClientHelloHandshakeRecordContent.java

@@ -1,82 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.records.handshakes;
-
-import org.pcap4j.util.ByteArrays;
-import ru.serega6531.packmate.service.optimization.tls.numbers.CipherSuite;
-import ru.serega6531.packmate.service.optimization.tls.numbers.CompressionMethod;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import static org.pcap4j.util.ByteArrays.BYTE_SIZE_IN_BYTES;
-import static org.pcap4j.util.ByteArrays.SHORT_SIZE_IN_BYTES;
-
-public class ClientHelloHandshakeRecordContent extends HelloHandshakeRecordContent {
-
-    /*
-    0x0                  - Client random
-    0x20                 - Session id length (sidl)
-    0x21                 - Session id
-    0x21+sidl            - Cipher suites length (csl)
-    0x23+sidl            - Cipher suite 1..(csl/2)
-    0x23+sidl+csl        - Compression methods length (cml)
-    0x24+sidl+csl        - Compression method 1..cml
-    0x24+sidl+csl+cml    - Extensions Length (el)
-    0x26+sidl+csl+cml    - Extension 1..N
-    0x26+sidl+csl+cml+el - End
-     */
-
-    private static final int CIPHER_SUITES_LENGTH_OFFSET = HelloHandshakeRecordContent.SESSION_ID_OFFSET;  // + sessionIdLength
-    private static final int CIPHER_SUITE_OFFSET =
-            CIPHER_SUITES_LENGTH_OFFSET + SHORT_SIZE_IN_BYTES; // + sessionIdLength + SHORT_SIZE_IN_BYTES*i
-    private static final int COMPRESSION_METHODS_LENGTH_OFFSET = CIPHER_SUITE_OFFSET; // + sessionIdLength + cipherSuitesLength
-    private static final int COMPRESSION_METHOD_OFFSET =
-            COMPRESSION_METHODS_LENGTH_OFFSET + BYTE_SIZE_IN_BYTES; // + sessionIdLength + cipherSuitesLength + BYTE_SIZE_IN_BYTES*i
-    private static final int EXTENSIONS_LENGTH_OFFSET =
-            COMPRESSION_METHOD_OFFSET; // + sessionIdLength + cipherSuitesLength + compressionMethodsLength
-    private static final int EXTENSIONS_OFFSET = COMPRESSION_METHOD_OFFSET + SHORT_SIZE_IN_BYTES;
-
-    private short cipherSuitesLength;
-    private List<CipherSuite> cipherSuites;
-    private byte compressionMethodsLength;
-    private List<CompressionMethod> compressionMethods;
-
-    public static ClientHelloHandshakeRecordContent newInstance(byte[] rawData, int offset, int length) {
-        ByteArrays.validateBounds(rawData, offset, length);
-        return new ClientHelloHandshakeRecordContent(rawData, offset);
-    }
-
-    private ClientHelloHandshakeRecordContent(byte[] rawData, int offset) {
-        readCommonPart(rawData, offset);
-
-        this.cipherSuitesLength = ByteArrays.getShort(rawData, CIPHER_SUITES_LENGTH_OFFSET + sessionIdLength + offset);
-        int cipherSuitesAmount = cipherSuitesLength / SHORT_SIZE_IN_BYTES;
-        this.cipherSuites = new ArrayList<>(cipherSuitesAmount);
-
-        for (int i = 0; i < cipherSuitesAmount; i++) {
-            this.cipherSuites.add(CipherSuite.getInstance(ByteArrays.getShort(rawData,
-                    CIPHER_SUITE_OFFSET + SHORT_SIZE_IN_BYTES * i + sessionIdLength + offset)));
-        }
-
-        this.compressionMethodsLength = ByteArrays.getByte(rawData,
-                COMPRESSION_METHODS_LENGTH_OFFSET + cipherSuitesLength + sessionIdLength + offset);
-        this.compressionMethods = new ArrayList<>(compressionMethodsLength);
-
-        for (byte i = 0; i < compressionMethodsLength; i++) {
-            this.compressionMethods.add(CompressionMethod.getInstance(ByteArrays.getByte(rawData,
-                    COMPRESSION_METHOD_OFFSET + BYTE_SIZE_IN_BYTES * i + sessionIdLength + cipherSuitesLength + offset)));
-        }
-
-        this.extensionsLength = ByteArrays.getShort(rawData,
-                EXTENSIONS_LENGTH_OFFSET + compressionMethodsLength + sessionIdLength + cipherSuitesLength + offset);
-
-        readExtensions(rawData, EXTENSIONS_OFFSET + compressionMethodsLength +
-                sessionIdLength + cipherSuitesLength + offset, true);
-    }
-
-    @Override
-    public String toString() {
-        return super.toString() + "\n" +
-                "    Cipher suites: " + cipherSuites.toString() + "\n" +
-                "    Compression methods: " + compressionMethods.toString();
-    }
-}

src/main/java/ru/serega6531/packmate/service/optimization/tls/records/handshakes/HandshakeRecordContent.java

@@ -1,4 +0,0 @@
-package ru.serega6531.packmate.service.optimization.tls.records.handshakes;
-
-public interface HandshakeRecordContent {
-}