JDK8/Java8源码在线阅读

JDK8/Java8源码在线阅读 / sun / security / internal / spec / TlsKeyMaterialParameterSpec.java
/*
 * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package sun.security.internal.spec;

import java.security.spec.AlgorithmParameterSpec;

import javax.crypto.SecretKey;

/**
 * Parameters for SSL/TLS key material generation.
 * This class is used to initialize KeyGenerator of the type
 * "TlsKeyMaterial". The keys returned by such KeyGenerators will be
 * instances of {@link TlsKeyMaterialSpec}.
 *
 * <p>Instances of this class are immutable.
 *
 * @since   1.6
 * @author  Andreas Sterbenz
 * @deprecated Sun JDK internal use only --- WILL BE REMOVED in a future
 * release.
 */
@Deprecated
public class TlsKeyMaterialParameterSpec implements AlgorithmParameterSpec {

    private final SecretKey masterSecret;
    private final int majorVersion, minorVersion;
    private final byte[] clientRandom, serverRandom;
    private final String cipherAlgorithm;
    private final int cipherKeyLength, ivLength, macKeyLength;
    private final int expandedCipherKeyLength; // == 0 for domestic ciphersuites
    private final String prfHashAlg;
    private final int prfHashLength;
    private final int prfBlockSize;

    /**
     * Constructs a new TlsKeyMaterialParameterSpec.
     *
     * @param masterSecret the master secret
     * @param majorVersion the major number of the protocol version
     * @param minorVersion the minor number of the protocol version
     * @param clientRandom the client's random value
     * @param serverRandom the server's random value
     * @param cipherAlgorithm the algorithm name of the cipher keys to
     *    be generated
     * @param cipherKeyLength if 0, no cipher keys will be generated;
     *    otherwise, the length in bytes of cipher keys to be
     *    generated for domestic cipher suites; for cipher suites defined as
     *    exportable, the number of key material bytes to be generated;
     * @param expandedCipherKeyLength 0 for domestic cipher suites; for
     *    exportable cipher suites the length in bytes of the key to be
     *    generated.
     * @param ivLength the length in bytes of the initialization vector
     *    to be generated, or 0 if no initialization vector is required
     * @param macKeyLength the length in bytes of the MAC key to be generated
     * @param prfHashAlg the name of the TLS PRF hash algorithm to use.
     *        Used only for TLS 1.2+.  TLS1.1 and earlier use a fixed PRF.
     * @param prfHashLength the output length of the TLS PRF hash algorithm.
     *        Used only for TLS 1.2+.
     * @param prfBlockSize the input block size of the TLS PRF hash algorithm.
     *        Used only for TLS 1.2+.
     *
     * @throws NullPointerException if masterSecret, clientRandom,
     *   serverRandom, or cipherAlgorithm are null
     * @throws IllegalArgumentException if the algorithm of masterSecret is
     *   not TlsMasterSecret, or if majorVersion or minorVersion are
     *   negative or larger than 255; or if cipherKeyLength, expandedKeyLength,
     *   ivLength, or macKeyLength are negative
     */
    public TlsKeyMaterialParameterSpec(SecretKey masterSecret,
            int majorVersion, int minorVersion, byte[] clientRandom,
            byte[] serverRandom, String cipherAlgorithm, int cipherKeyLength,
            int expandedCipherKeyLength, int ivLength, int macKeyLength,
            String prfHashAlg, int prfHashLength, int prfBlockSize) {
        if (masterSecret.getAlgorithm().equals("TlsMasterSecret") == false) {
            throw new IllegalArgumentException("Not a TLS master secret");
        }
        if (cipherAlgorithm == null) {
            throw new NullPointerException();
        }
        this.masterSecret = masterSecret;
        this.majorVersion =
            TlsMasterSecretParameterSpec.checkVersion(majorVersion);
        this.minorVersion =
            TlsMasterSecretParameterSpec.checkVersion(minorVersion);
        this.clientRandom = clientRandom.clone();
        this.serverRandom = serverRandom.clone();
        this.cipherAlgorithm = cipherAlgorithm;
        this.cipherKeyLength = checkSign(cipherKeyLength);
        this.expandedCipherKeyLength = checkSign(expandedCipherKeyLength);
        this.ivLength = checkSign(ivLength);
        this.macKeyLength = checkSign(macKeyLength);
        this.prfHashAlg = prfHashAlg;
        this.prfHashLength = prfHashLength;
        this.prfBlockSize = prfBlockSize;
    }

    private static int checkSign(int k) {
        if (k < 0) {
            throw new IllegalArgumentException("Value must not be negative");
        }
        return k;
    }

    /**
     * Returns the master secret.
     *
     * @return the master secret.
     */
    public SecretKey getMasterSecret() {
        return masterSecret;
    }

    /**
     * Returns the major version number.
     *
     * @return the major version number.
     */
    public int getMajorVersion() {
        return majorVersion;
    }

    /**
     * Returns the minor version number.
     *
     * @return the minor version number.
     */
    public int getMinorVersion() {
        return minorVersion;
    }

    /**
     * Returns a copy of the client's random value.
     *
     * @return a copy of the client's random value.
     */
    public byte[] getClientRandom() {
        return clientRandom.clone();
    }

    /**
     * Returns a copy of the server's random value.
     *
     * @return a copy of the server's random value.
     */
    public byte[] getServerRandom() {
        return serverRandom.clone();
    }

    /**
     * Returns the cipher algorithm.
     *
     * @return the cipher algorithm.
     */
    public String getCipherAlgorithm() {
        return cipherAlgorithm;
    }

    /**
     * Returns the length in bytes of the encryption key to be generated.
     *
     * @return the length in bytes of the encryption key to be generated.
     */
    public int getCipherKeyLength() {
        return cipherKeyLength;
    }

    /**
     * Returns the length in bytes of the expanded encryption key to be
     * generated. Returns zero if the expanded encryption key is not
     * supposed to be generated.
     *
     * @return the length in bytes of the expanded encryption key to be
     *     generated.
     */
    public int getExpandedCipherKeyLength() {
        // TLS v1.1 disables the exportable weak cipher suites.
        if (majorVersion >= 0x03 && minorVersion >= 0x02) {
            return 0;
        }
        return expandedCipherKeyLength;
    }

    /**
     * Returns the length in bytes of the initialization vector to be
     * generated. Returns zero if the initialization vector is not
     * supposed to be generated.
     *
     * @return the length in bytes of the initialization vector to be
     *     generated.
     */

/**代码未完, 请加载全部代码(NowJava.com).**/
展开阅读全文

关注时代Java

关注时代Java