Source for gnu.javax.net.ssl.provider.SessionImpl

   1: /* SessionImpl.java --
   2:    Copyright (C) 2006  Free Software Foundation, Inc.
   3: 
   4: This file is a part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2 of the License, or (at
   9: your option) any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; if not, write to the Free Software
  18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
  19: USA
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version.  */
  37: 
  38: 
  39: package gnu.javax.net.ssl.provider;
  40: 
  41: import gnu.javax.crypto.key.GnuPBEKey;
  42: import gnu.javax.net.ssl.Session;
  43: import gnu.javax.net.ssl.Session.ID;
  44: 
  45: import java.io.IOException;
  46: import java.io.Serializable;
  47: 
  48: import java.security.Certificate;
  49: import java.security.InvalidKeyException;
  50: import java.security.NoSuchAlgorithmException;
  51: import java.security.SecureRandom;
  52: import java.security.cert.X509Certificate;
  53: 
  54: import javax.crypto.Cipher;
  55: import javax.crypto.IllegalBlockSizeException;
  56: import javax.crypto.NoSuchPaddingException;
  57: import javax.crypto.SealedObject;
  58: import javax.crypto.spec.PBEKeySpec;
  59: import javax.net.ssl.SSLException;
  60: 
  61: public class SessionImpl extends Session
  62: {
  63:   static final long serialVersionUID = 8932976607588442485L;
  64:   CipherSuite suite;
  65:   ProtocolVersion version;
  66:   byte[] privateDataSalt;
  67:   SealedObject sealedPrivateData;
  68:   MaxFragmentLength maxLength;
  69:   
  70:   transient PrivateData privateData;
  71:   
  72:   public SessionImpl()
  73:   {
  74:     super();
  75:     privateData = new PrivateData();
  76:   }
  77:   
  78:   SecureRandom random ()
  79:   {
  80:     return random;
  81:   }
  82:   
  83:   public String getProtocol()
  84:   {
  85:     return version.toString();
  86:   }
  87:   
  88:   public void prepare(char[] passwd) throws SSLException
  89:   {
  90:     try
  91:       {
  92:         privateDataSalt = new byte[32];
  93:         random.nextBytes(privateDataSalt);
  94:         GnuPBEKey key = new GnuPBEKey(passwd, privateDataSalt, 1000);
  95:         Cipher cipher = Cipher.getInstance("PBEWithHMacSHA256AndAES/OFB/PKCS7Padding");
  96:         cipher.init(Cipher.ENCRYPT_MODE, key);
  97:         sealedPrivateData = new SealedObject(privateData, cipher);
  98:       }
  99:     catch (IllegalBlockSizeException ibse)
 100:       {
 101:         throw new SSLException(ibse);
 102:       }
 103:     catch (InvalidKeyException ike)
 104:       {
 105:         throw new SSLException(ike);
 106:       }
 107:     catch (IOException ioe)
 108:       {
 109:         throw new SSLException(ioe);
 110:       }
 111:     catch (NoSuchAlgorithmException nsae)
 112:       {
 113:         throw new SSLException(nsae);
 114:       }
 115:     catch (NoSuchPaddingException nspe)
 116:       {
 117:         throw new SSLException(nspe);
 118:       }
 119:   }
 120:   
 121:   public void repair(char[] passwd) throws SSLException
 122:   {
 123:     try
 124:       {
 125:         GnuPBEKey key = new GnuPBEKey(passwd, privateDataSalt, 1000);
 126:         privateData = (PrivateData) sealedPrivateData.getObject(key);
 127:       }
 128:     catch (ClassNotFoundException cnfe)
 129:       {
 130:         throw new SSLException(cnfe);
 131:       }
 132:     catch (InvalidKeyException ike)
 133:       {
 134:         throw new SSLException(ike);
 135:       }
 136:     catch (IOException ioe)
 137:       {
 138:         throw new SSLException(ioe);
 139:       }
 140:     catch (NoSuchAlgorithmException nsae)
 141:       {
 142:         throw new SSLException(nsae);
 143:       }
 144:   }
 145:   
 146:   public SealedObject privateData() throws SSLException
 147:   {
 148:     if (privateData == null)
 149:       throw new SSLException("this session has not been prepared");
 150:     return sealedPrivateData;
 151:   }
 152:   
 153:   public void setPrivateData(SealedObject so) throws SSLException
 154:   {
 155:     this.sealedPrivateData = so;
 156:   }
 157: 
 158:   void setApplicationBufferSize(int size)
 159:   {
 160:     applicationBufferSize = size;
 161:   }
 162:   
 163:   void setRandom(SecureRandom random)
 164:   {
 165:     this.random = random;
 166:   }
 167:   
 168:   void setTruncatedMac(boolean truncatedMac)
 169:   {
 170:     this.truncatedMac = truncatedMac;
 171:   }
 172:   
 173:   void setId(Session.ID id)
 174:   {
 175:     this.sessionId = id;
 176:   }
 177:   
 178:   void setLocalCertificates(java.security.cert.Certificate[] chain)
 179:   {
 180:     this.localCerts = chain;
 181:   }
 182:   
 183:   void setPeerCertificates(java.security.cert.Certificate[] chain)
 184:   {
 185:     this.peerCerts = chain;
 186:   }
 187:   
 188:   void setPeerVerified(boolean peerVerified)
 189:   {
 190:     this.peerVerified = peerVerified;
 191:   }
 192:   
 193:   static class PrivateData implements Serializable
 194:   {
 195:     static final long serialVersionUID = -8040597659545984581L;
 196:     byte[] masterSecret;
 197:   }
 198: }