iaik.security.ssl

Class IaikProvider

java.lang.Object

iaik.security.ssl.SecurityProvider

iaik.security.ssl.IaikProvider

Direct Known Subclasses:

IaikEccProvider

public class IaikProvider
extends SecurityProvider

This class implements the SecurityProvider interface for the provider IAIK. Note that the IAIK provider only uses implementations from the IAIK JCE and not from any other providers that may be installed.

See Also:

SecurityProvider

Field Summary

Fields inherited from class iaik.security.ssl.SecurityProvider

ALG_CIPHER_3DES, ALG_CIPHER_AES, ALG_CIPHER_AES_CCM, ALG_CIPHER_AES_GCM, ALG_CIPHER_AES_PKCS5, ALG_CIPHER_CAMELLIA, ALG_CIPHER_CAMELLIA_GCM, ALG_CIPHER_CHACHA20_POLY1305, ALG_CIPHER_DES, ALG_CIPHER_IDEA, ALG_CIPHER_RC2, ALG_CIPHER_RC4, ALG_CIPHER_RSA, ALG_CIPHER_RSA_DECRYPT, ALG_CIPHER_RSA_ENCRYPT, ALG_CIPHER_RSA_ENCRYPT_SSL2, ALG_CIPHER_RSA_SIGN, ALG_CIPHER_RSA_VERIFY, ALG_DIGEST_MD5, ALG_DIGEST_SHA, ALG_DIGEST_SHA1, ALG_DIGEST_SHA224, ALG_DIGEST_SHA256, ALG_DIGEST_SHA384, ALG_DIGEST_SHA512, ALG_HMAC_MD5, ALG_HMAC_SHA, ALG_HMAC_SHA256, ALG_HMAC_SHA384, ALG_HMAC_SHA512, ALG_KEM_MLKEM1024, ALG_KEM_MLKEM512, ALG_KEM_MLKEM768, ALG_KEYEX_DH, ALG_KEYEX_DSA, ALG_KEYEX_DSA_CLIENT, ALG_KEYEX_ECDH, ALG_KEYEX_ECDSA, ALG_KEYEX_ECDSA_CLIENT, ALG_KEYEX_RSA, ALG_KEYGEN_AES, ALG_KEYGEN_HMAC_SHA, ALG_KEYGEN_HMAC_SHA256, ALG_KEYGEN_PBKDF2, ALG_KEYPAIR_RSA, ALG_SIGNATURE_MD5RSA, ALG_SIGNATURE_RAWDSA, ALG_SIGNATURE_RAWECDSA, ALG_SIGNATURE_RAWRSAPSS, ALG_SIGNATURE_SHA1ECDSA, ALG_SIGNATURE_SHA1RSA, ALG_SIGNATURE_SHA224ECDSA, ALG_SIGNATURE_SHA224RSA, ALG_SIGNATURE_SHA256ECDSA, ALG_SIGNATURE_SHA256RSA, ALG_SIGNATURE_SHA384ECDSA, ALG_SIGNATURE_SHA384RSA, ALG_SIGNATURE_SHA512ECDSA, ALG_SIGNATURE_SHA512RSA, ALG_SIGNATURE_SHADSA, ALG_SIGNATURE_SHAECDSA, CIPHER_DECRYPT, CIPHER_ENCRYPT, CIPHER_NONE, configuration_, CONFIGURATION_PROPERTIES, KEYAGREEMENT_INIT, KEYAGREEMENT_NONE, provider, providerName, SIGNATURE_NONE, SIGNATURE_SIGN, SIGNATURE_VERIFY

Constructor Summary

Constructors

Constructor and Description
IaikProvider() Default Constructor.
IaikProvider(boolean installIAIKProvider) Default Constructor.

Method Summary

Modifier and Type	Method and Description
protected int	aeadDecrypt(javax.crypto.Cipher cipher, javax.crypto.SecretKey key, byte[] in, int inOff, int inLen, byte[] out, int outOff, byte[] aad, byte[] nonce, int macSize) Uses the given cipher to AEAD decrypt the given encrypted data with the given key.
protected int	aeadEncrypt(javax.crypto.Cipher cipher, javax.crypto.SecretKey key, byte[] in, int inOff, int inLen, byte[] out, int outOff, byte[] aad, byte[] nonce, int macSize, java.security.SecureRandom random) Uses the given cipher to AEAD encrypt the given data with the given key.
byte[]	calculateTrustedAuthorityIdentifier(int type, java.security.cert.X509Certificate certificate) Calculates a TrustedAuthority identifier of the given type from the given certificate.
boolean	canBeUsedWithKey(SignatureAndHashAlgorithm signatureAlgorithm, java.security.PublicKey publicKey) Checks if the given SignatureAndHashAlgorithm can be used with the given public key.
protected boolean	checkCreatedRSAServerKeyExchangeSignature() Asks whether to check an RSA ServerKeyExchange signature immediately after signature creation.
boolean	checkExtendedKeyUsage(java.security.cert.X509Certificate cert, boolean clientAuth) Checks if the ExtendedKeyUsage of the given client/server certificate enables the certificate for client/server authentication.
byte[]	createCertStatusRequest(int statusType) Creates a status request to be sent within a status_request extension.
byte[]	createPkiPath(java.security.cert.X509Certificate[] certificates) Creates a DER encoded PKI path from the given (client) certificate chain.
javax.crypto.SecretKey	deriveKey(java.lang.String algorithm, char[] password, byte[] salt, int iterationCount, int keyLen, java.lang.String keyName, java.security.SecureRandom random) Uses the specified key derivation function to derive a key from the given password.
protected javax.crypto.Cipher	getCipher(java.lang.String algorithm, int mode, java.security.Key key, java.security.spec.AlgorithmParameterSpec param, java.security.SecureRandom random) Return an implementation for the requested algorithm from the IAIK provider.
protected javax.crypto.interfaces.DHPrivateKey	getDHPrivateKey(java.math.BigInteger x, java.math.BigInteger p, java.math.BigInteger g) This method returns an IAIK DHPrivateKey instance created from the given values.
protected javax.crypto.interfaces.DHPublicKey	getDHPublicKey(java.math.BigInteger y, java.math.BigInteger p, java.math.BigInteger g) This method returns an IAIK DHPublicKey instance created from the given values.
protected byte[]	getEncodedPrincipal(java.security.Principal principal) This method returns a DER encoded Principal assuming it is an IAIK Name object.
protected java.security.MessageDigest	getMessageDigest(java.lang.String algorithm) This method returns the desired MessageDigest object.
protected java.security.Principal	getPrincipal(byte[] array) This method returns a Principal (IAIK Name object) created from a DER encoded byte array.
protected java.security.spec.AlgorithmParameterSpec	getRSAPssParameterSpec(java.lang.String hashAlgName) Creates a RSAPssParameterSpec from the given hash algorithm name.
protected java.security.interfaces.RSAPublicKey	getRSAPublicKey(java.math.BigInteger modulus, java.math.BigInteger exponent) This method returns an IAIK RSAPublicKey instance created from the given values.
protected java.security.SecureRandom	getSecureRandom() Return an instance of the default SecureRandom class set in iaik.security.random.SecRandom.
protected java.security.Signature	getSignature(java.lang.String algorithm, int mode, java.security.Key key, java.security.SecureRandom random) Return an implementation for the requested algorithm from the IAIK provider.
ServerName[]	getTLSServerName(int nameType, java.security.cert.X509Certificate serverCert) Gets the TLS server name(s) from the given certificate.
protected java.lang.String[]	getTLSServerName(java.security.cert.X509Certificate cert) Return the TLS servername from the certificate.
protected java.security.cert.X509Certificate	getX509Certificate(byte[] array) This method returns an IAIK X509Certificate instance created from a DER encoded byte array.
java.security.cert.X509Certificate	getX509Certificate(java.io.InputStream is) This method parses a DER encoded X509Certificate from an input stream.
java.security.cert.X509Certificate[]	getX509Certificates(byte[] pkiPath) This method parses a certificate array from a DER encoded PKI path as used by the TLS extension Client Certificate URLs (RFC 4366).
java.security.KeyStore	loadKeyStore(java.lang.String keyStoreFile, char[] keyStorePassword, java.lang.String keyStoreType, java.security.Provider keyStoreProvider) Loads a KeyStore from the given file protected with the given password.
java.security.KeyStore	loadKeyStore(java.lang.String keyStoreFile, char[] keyStorePassword, java.lang.String keyStoreType, java.lang.String keyStoreProvider) Loads a KeyStore from the given file protected with the given password.

Methods inherited from class iaik.security.ssl.SecurityProvider

calculateRawSignature, calculateRawSignature, canBeUsedWithKey, canBeUsedWithKey, canBeUsedWithKey, canBeUsedWithVersion, checkCertSignatureAlgorithm, checkCertSignatureAlgorithm, checkCertSignatureAlgorithm, checkIfOnSameCurve, checkKeyECPointFormat, checkKeyEllipticCurve, checkKeyLength, checkKeyLength, continueIfPeerDoesNotSupportSecureRenegotiation, createSharedECDHSecret, decapsulate, decodeECPublicKey, decodeECPublicKey, decodePqcPublicKey, decodeURL, encapsulate, encodeECPublicKey, encodePqcPublicKey, encodeURL, generateECKeyPair, generateECKeyPair, generateECKeyPair, generateExtendedMasterSecret, generateMasterSecret, generateMasterSecret, generatePqcKeyPair, getAlgorithmParameterGenerator, getCurve, getCurve, getCurve, getCurveName, getCurveName, getDefaultCurve, getECPointFormat, getKeyAgreement, getKeyGenerator, getKeyLength, getKeyLength, getKeyLength, getKeyPairGenerator, getMac, getMacLength, getNamedCurve, getSecurityProvider, getSignature, getSignatureAlgorithms, getSignatureAlgorithms, getSignatureScheme, getTLSServerName, getTLSServerName, isBinary, isImplemented, isImplemented, isImplementedSignatureAlgorithm, isNamedCurveSupported, isNamedGroupSupported, isPointFormatSupported, setImplementationCheckDebugStream, setSecurityProvider, validateDHPublicKey, verifyRawSignature

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

IaikProvider

public IaikProvider()

Default Constructor. Tries to add the provider IAIK.

IaikProvider

public IaikProvider(boolean installIAIKProvider)

Default Constructor. Tries to add the provider IAIK.

Parameters:

installIAIKProvider - whether to install the IAIK provider within the JCA framework or not (from JDK 1.4 upwards it is possible to use JCA engines from a Provider without installing it within the JCA/JCE framework

Method Detail

getDHPublicKey

protected javax.crypto.interfaces.DHPublicKey getDHPublicKey(java.math.BigInteger y,
                                                             java.math.BigInteger p,
                                                             java.math.BigInteger g)
                                                      throws java.lang.Exception

This method returns an IAIK DHPublicKey instance created from the given values. For more documentation see the superclass SecurityProvider.

Overrides:

getDHPublicKey in class SecurityProvider

Parameters:

y - the public value y

p - the prime modulus p

g - the base generator g

Returns:

the new created DHPublicKey

Throws:

java.lang.Exception

getDHPrivateKey

protected javax.crypto.interfaces.DHPrivateKey getDHPrivateKey(java.math.BigInteger x,
                                                               java.math.BigInteger p,
                                                               java.math.BigInteger g)

This method returns an IAIK DHPrivateKey instance created from the given values. For more documentation see the superclass SecurityProvider.

Overrides:

getDHPrivateKey in class SecurityProvider

Parameters:

x - the private value x

p - the prime modulus p

g - the base generator g

Returns:

the new created DHPrivateKey

getRSAPublicKey

protected java.security.interfaces.RSAPublicKey getRSAPublicKey(java.math.BigInteger modulus,
                                                                java.math.BigInteger exponent)

This method returns an IAIK RSAPublicKey instance created from the given values. For more documentation see the superclass SecurityProvider.

Overrides:

getRSAPublicKey in class SecurityProvider

Parameters:

modulus - the modulus

exponent - the public exponent

Returns:

the new created RSAPublicKey

getX509Certificate

protected java.security.cert.X509Certificate getX509Certificate(byte[] array)
                                                         throws java.security.cert.CertificateException

This method returns an IAIK X509Certificate instance created from a DER encoded byte array. For more documentation see the superclass SecurityProvider.

Overrides:

getX509Certificate in class SecurityProvider

Parameters:

array - a X509Certificate as DER encoded byte array

Returns:

the created X509Certificate

Throws:

java.security.cert.CertificateException

getX509Certificate

public java.security.cert.X509Certificate getX509Certificate(java.io.InputStream is)
                                                      throws java.lang.Exception

This method parses a DER encoded X509Certificate from an input stream.

Overrides:

getX509Certificate in class SecurityProvider

Parameters:

is - the stream from which to read the certifictae

Returns:

the created X509Certificate

Throws:

java.lang.Exception

getX509Certificates

public java.security.cert.X509Certificate[] getX509Certificates(byte[] pkiPath)
                                                         throws java.lang.Exception

This method parses a certificate array from a DER encoded PKI path as used by the TLS extension Client Certificate URLs (RFC 4366). A PKI path is defined as ASN.1 sequence of certificates:

 PkiPath ::= SEQUENCE OF Certificate
 

Note that the certificates in a PKI path are ordered in a way that the client certificate is located at index (n-1). However TLS expects certificates in reverse order (client certificate at index 0). For that reason this method may have to reverse the order of the certificates parsed from the PKI path.

Overrides:

getX509Certificates in class SecurityProvider

Parameters:

pkiPath - the DER encoded PKI path holding a SEQUENCE of certificates

Returns:

an array holding the certificates parsed from the PKI path; the array has to be ordered according subject-issuer relationship and has to contain the client certificate at index 0

Throws:

java.lang.Exception - if the certificates cannot be parsed from the PKI path

createPkiPath

public byte[] createPkiPath(java.security.cert.X509Certificate[] certificates)
                     throws java.lang.Exception

Creates a DER encoded PKI path from the given (client) certificate chain.
A PKI path is defined as ASN.1 sequence of certificates:

 PkiPath ::= SEQUENCE OF Certificate
 

Note that the certificates in a PKI path are ordered in a way that the client certificate is located at index (n-1). However, TLS uses certificates in reverse order (client certificate at index 0). Thus, before creating the pki path, this method first may have to order the certificates in a way that the client certificate is located at index [n-1].

Overrides:

createPkiPath in class SecurityProvider

Parameters:

certificates - the (client) certificate chain from which to create the pki path

Returns:

the DER encoded pki path containing the client certificate at index [n-1]

Throws:

java.lang.Exception - if the PKI path cannot be created

checkExtendedKeyUsage

public boolean checkExtendedKeyUsage(java.security.cert.X509Certificate cert,
                                     boolean clientAuth)
                              throws java.security.cert.CertificateException

Checks if the ExtendedKeyUsage of the given client/server certificate enables the certificate for client/server authentication.

Overrides:

checkExtendedKeyUsage in class SecurityProvider

Parameters:

cert - the certificate to be checked

clientAuth - true if the certificate shall be used for client authentication, false if it shall be used for server authentication

Returns:

true if the certificate has the anyExtendedKeyUsage or clientAuth purpose id set and shall be used for client authentication, or if the certificate has the anyExtendedKeyUsage or serverAuth purpose id set and shall be used for server authentication, or if the certificate does not contain the ExtendedKeyUsage at all; false in any other case

Throws:

java.security.cert.CertificateException - if an error occurs when parsing the ExtendedKeyUsage extension

getPrincipal

protected java.security.Principal getPrincipal(byte[] array)
                                        throws java.lang.Exception

This method returns a Principal (IAIK Name object) created from a DER encoded byte array. For more documentation see the superclass SecurityProvider.

Overrides:

getPrincipal in class SecurityProvider

Parameters:

array - a Distinguished Name (Principal) as DER encoded byte array

Returns:

the created Name (Principal)

Throws:

java.lang.Exception

getEncodedPrincipal

protected byte[] getEncodedPrincipal(java.security.Principal principal)

This method returns a DER encoded Principal assuming it is an IAIK Name object. For more documentation see the superclass SecurityProvider.

Overrides:

getEncodedPrincipal in class SecurityProvider

Parameters:

principal - the Distinguished Name (Principal) to encode

Returns:

the Name (Principal) as DER encoded byte array

getMessageDigest

protected java.security.MessageDigest getMessageDigest(java.lang.String algorithm)
                                                throws java.lang.Exception

This method returns the desired MessageDigest object. iSaSiLk makes use of the following algorithms:

• "SHA" (i.e. "SHA1")
• "MD5"
• "SHA256"
• "SHA384"
• "SHA512"

Overrides:

getMessageDigest in class SecurityProvider

Parameters:

algorithm - the name of the algorithm

Throws:

java.lang.Exception

getSignature

protected java.security.Signature getSignature(java.lang.String algorithm,
                                               int mode,
                                               java.security.Key key,
                                               java.security.SecureRandom random)
                                        throws java.lang.Exception

Return an implementation for the requested algorithm from the IAIK provider. For more documentation see the superclass SecurityProvider.

Overrides:

getSignature in class SecurityProvider

Parameters:

algorithm - the name of the signature algorithm

mode - the initialization mode, either SIGNATURE_NONE, SIGNATURE_SIGN or SIGNATURE_VERIFY indicating whether to not initialize the signature engine at all, or to initialize it for signing or verifying with the given key

key - the key to be used to initialize the Signature engine

random - the SecureRandom to be set for the Signature engine

Returns:

the (maybe initialized) Signature engine

Throws:

java.lang.Exception

getRSAPssParameterSpec

protected java.security.spec.AlgorithmParameterSpec getRSAPssParameterSpec(java.lang.String hashAlgName)
                                                                    throws java.lang.Exception

Creates a RSAPssParameterSpec from the given hash algorithm name.

Overrides:

getRSAPssParameterSpec in class SecurityProvider

Parameters:

hashAlgName - the name of the hash algorithm

Returns:

the RSAPssParameterSpec

Throws:

java.lang.Exception - if the RSAPssParameterSpec cannot be created (e.g. no AlgorithmID is available for the given hash algorithm name)

canBeUsedWithKey

public boolean canBeUsedWithKey(SignatureAndHashAlgorithm signatureAlgorithm,
                                java.security.PublicKey publicKey)

Checks if the given SignatureAndHashAlgorithm can be used with the given public key.

Overrides:

canBeUsedWithKey in class SecurityProvider

Parameters:

signatureAlgorithm - the signature algorithm

publicKey - the public key

Returns:

true if the SignatureAndHashAlgorithm can be used with the given key, false otherwise

getCipher

protected javax.crypto.Cipher getCipher(java.lang.String algorithm,
                                        int mode,
                                        java.security.Key key,
                                        java.security.spec.AlgorithmParameterSpec param,
                                        java.security.SecureRandom random)
                                 throws java.lang.Exception

Return an implementation for the requested algorithm from the IAIK provider. For more documentation see the superclass SecurityProvider.

Overrides:

getCipher in class SecurityProvider

Throws:

java.lang.Exception

aeadEncrypt

protected int aeadEncrypt(javax.crypto.Cipher cipher,
                          javax.crypto.SecretKey key,
                          byte[] in,
                          int inOff,
                          int inLen,
                          byte[] out,
                          int outOff,
                          byte[] aad,
                          byte[] nonce,
                          int macSize,
                          java.security.SecureRandom random)
                   throws java.lang.Exception

Uses the given cipher to AEAD encrypt the given data with the given key.

AEAD (authenticated encryption with additional data) cipher suites have been introduced by TLS 1.2 (RFC 5246). They do not require a separate mac calculation because data integrity is already ensured during AEAD encryption.
AEAD is specified in RFC 5116, AES Galois Counter Mode (GCM) Cipher Suites for TLS are specified in RFC 5288, and Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM) are specified in RFC 5289.

The AEAD (write) Cipher object for this method has been created by a previous call to method getCipher and is used throughout the entire TLS session with some specific peer. However, with any call of this method the Cipher has to be initialized anew with the given key. This has to be done inside the method because the AEAD parameters built from given additional authentication data, nonce and mac size may depend on the JCA provider that is used for encryption. After initializing the Cipher the required update and/or doFinal calls have to be made to encrypt inLen data bytes from the in array and write the encrypted data to the out array, starting at offset outOff. The output data shall consist of the encrypted data and (followed by) the authentication tag: encrypted data || mac.

Overrides:

aeadEncrypt in class SecurityProvider

Parameters:

cipher - the AEAD (GCM) Cipher object to be used for encryption

key - the cipher key to be used for initializing the Cipher

inOff - the offset indicating the start of the message data in the in byte array

inLen - the number of bytes to encrypt

out - the array to which to write the encrypted message

outOff - the offset indicating the start position in the out byte array

aad - the additional authentication data (not (!) cloned)

nonce - the nonce (not (!) cloned)

macSize - the size of the mac (authentication tag)

random - the SecureRandom that may be used when random numbers are required

Returns:

the number of bytes that are written to the out byte array

Throws:

java.lang.Exception - if an error occurs during encryption

aeadDecrypt

protected int aeadDecrypt(javax.crypto.Cipher cipher,
                          javax.crypto.SecretKey key,
                          byte[] in,
                          int inOff,
                          int inLen,
                          byte[] out,
                          int outOff,
                          byte[] aad,
                          byte[] nonce,
                          int macSize)
                   throws java.lang.Exception

Uses the given cipher to AEAD decrypt the given encrypted data with the given key.

AEAD (authenticated encryption with additional data) cipher suites have been introduced by TLS 1.2 (RFC 5246). They do not require a separate mac calculation because data integrity is already ensured during AEAD encryption.
AEAD is specified in RFC 5116, AES Galois Counter Mode (GCM) Cipher Suites for TLS are specified in RFC 5288, and Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM) are specified in RFC 5289.

The AEAD (read) Cipher object for this method has been created by a previous call to method getCipher and is used throughout the entire TLS session with some specific peer. However, with any call of this method the Cipher has to be initialized anew with the given key. This has to be done inside the method because the AEAD parameters built from given additional authentication data, nonce and mac size may depend on the JCA provider that is used for decryption. After initializing the Cipher the required update and/or doFinal calls have to be made to decrypt inLen data bytes from the in array and write the decrypted data to the out array, starting at offset outOff. The input data contains the encrypted data and the authentication tag: encrypted data || mac. For that reason an implementation of this method may first parse the authentication tag from the in array (if, e.g., required as parameter for Cipher initialization) or may pass the whole in data as it is to the Cipher update, doFinal calls (and let the Cipher take care from getting the authentication tag), depending on the specific JCA provider implementation.

The default implementation of this method throws an exception since a provider independent AEAD API (parameter classes) was not available before Java 7.

Overrides:

aeadDecrypt in class SecurityProvider

Parameters:

cipher - the AEAD (GCM) Cipher object to be used for encryption

key - the cipher key to be used for intializing the Cipher

inOff - the offset indicating the start of the message data in the in byte array

inLen - the number of bytes to encrypt

out - the array to which to write the encrypted message

outOff - the offset indicating the start position in the out byte array

aad - the additional authentication data (not (!) cloned)

nonce - the nonce (not (!) cloned)

macSize - the size of the mac (authentication tag)

Returns:

the number of bytes that are written to the out byte array

Throws:

java.lang.Exception - if an error occurs during encryption

getTLSServerName

protected java.lang.String[] getTLSServerName(java.security.cert.X509Certificate cert)

Return the TLS servername from the certificate. This implementation makes use of the IAIK JCE certificate API. It looks for the server name in this order in

1. the subject alternate name extension (as DNS name, iPAddress)
2. the Netscape SSLServerName extension
3. the subject's common name

Overrides:

getTLSServerName in class SecurityProvider

Parameters:

cert - the cert from which to get the server name(s)

Returns:

the commonName attribute of the subjectDN of the certificate or null if no commonName attribute is included

getTLSServerName

public ServerName[] getTLSServerName(int nameType,
                                     java.security.cert.X509Certificate serverCert)

Gets the TLS server name(s) from the given certificate. In contrast to method getTLSServerName(X509Certificate) which returns the server name(s) as String(s), this method return(s) the server name(s) as instances of class ServerName.
The ServerName structure has been introduced by RFC 4366 (TLS Extensions). It maybe sent within a Server Name Indication extension from the client to the server to help the server to select a certificate in accordance with the server name(s) received from the client (see RFC 4366):

   struct {
       NameType name_type;
       select (name_type) {
           case host_name: HostName;
       } name;
   } ServerName;
 
   enum {
       host_name(0), (255)
   } NameType;
 
   opaque HostName<1..2^16-1>;
   
   struct {
       ServerName server_name_list<1..2^16-1>
   } ServerNameList;
 

Each ServerName in the list consists of a type and a name. Currently only one type HostName is defined by RFC 4366. It represents the UTF-8 encoded DNS host name of the server. Other name types may be added in the future.
The iSaSiLk default ServerName implementation generally does not interpret the name type and expects that a name is encoded according to the UTF-8 syntax. If you want to support (or especially interpret) other name types, or if you want to implement full IDNA naming comparison, you may write your own ServerName class and override the corresponding getTLSServerName SecurityProvider methods to use your ServerName implementation.

This method tries to build TLS ServerNames from name information that may be included in a X.509 certificate. It is used by iSaSiLk for mapping server credentials to server names.

Overrides:

getTLSServerName in class SecurityProvider

Parameters:

nameType - the type of the server name (currently only HostName) is specified

serverCert - the certificate of the server

Returns:

the server name(s) contained in the server certificate; an empty array indicates that no server name was found in the certificate; null signals to the ChainVerifier that this operation is not supported.

calculateTrustedAuthorityIdentifier

public byte[] calculateTrustedAuthorityIdentifier(int type,
                                                  java.security.cert.X509Certificate certificate)
                                           throws java.lang.Exception

Calculates a TrustedAuthority identifier of the given type from the given certificate.

The identifier type has to be one of the following (see RFC 4366):

1. pre_agreed: does not provide any identification information about the CA root key
2. key_sha1_hash: the CA root key is identified by a SHA-1 hash of the public key. For DSA and ECDSA keys the hash is calculated from the subjectPublicKey field, for RSA keys the hash is calculated from the big-endian byte representation of the modulus (without leading 0-bytes) (see RFC 4366).
3. x509_name: the CA root key is identified by the DER encoded distinguished name of the CA
4. cert_sha1_hash: the CA root key is identified by the SHA-1 hash of the DER encoded CA certificate

Overrides:

calculateTrustedAuthorityIdentifier in class SecurityProvider

Parameters:

type - the identifier type; PRE_AGREED (0), KEY_SHA1_HASH (1), KEY_X509_NAME (2), or CERT_SHA1_HASH (3)

certificate - the certificate from which to calculate the identifier

Returns:

the identifier

Throws:

java.lang.IllegalArgumentException - if identifierType is invalid (not PRE_AGREED (0), KEY_SHA1_HASH (1), KEY_X509_NAME (2), or CERT_SHA1_HASH (3) ), or the given certificate is null

java.lang.Exception - if an error occurs while calculating the identifier

createCertStatusRequest

public byte[] createCertStatusRequest(int statusType)
                               throws java.lang.Exception

Creates a status request to be sent within a status_request extension.
This method is called if the application does not specify a status request when creating a CertificateStatusRequest extension. This may be suitable when, for instance, using ocsp status requests and let iSaSiLk calculate a fresh Nonce extension anytime a status request is sent.

The byte array returned by this method must contain the TLS encoded request field of the CertificateStatusRequest structure (see RFC 4366):

  struct {
    CertificateStatusType status_type;
        select (status_type) {
            case ocsp: OCSPStatusRequest;
        } request;
    } CertificateStatusRequest;
 
    enum { ocsp(1), (255) } CertificateStatusType;
 
    struct {
        ResponderID responder_id_list<0..2^16-1>;
        Extensions  request_extensions;
    } OCSPStatusRequest;
 
    opaque ResponderID<1..2^16-1>;
    opaque Extensions<0..2^16-1>;
 

Currently only one status type, ocsp is specified (see RFC 4366). This also is the only status type supported by this method. It creates an OCSPStatusRequest with no responder ids and no request extension. iSaSiLk versions prior 6.0 will include the Nonce extension with a random nonce value in the OCSPStatusRequest. However, since the peer may use cached responses it might not be able to respond with a valid nonce.

Overrides:

createCertStatusRequest in class SecurityProvider

Parameters:

statusType - the certificate status type

Returns:

the TLS encoded status request (OCSPStatusRequest)

Throws:

java.lang.Exception - if an error occurs when creating the ocsp status request or the requested status type is not ocsp

getSecureRandom

protected java.security.SecureRandom getSecureRandom()

Return an instance of the default SecureRandom class set in iaik.security.random.SecRandom. For more documentation see the superclass SecurityProvider.

Overrides:

getSecureRandom in class SecurityProvider

deriveKey

public javax.crypto.SecretKey deriveKey(java.lang.String algorithm,
                                        char[] password,
                                        byte[] salt,
                                        int iterationCount,
                                        int keyLen,
                                        java.lang.String keyName,
                                        java.security.SecureRandom random)
                                 throws java.lang.Exception

Uses the specified key derivation function to derive a key from the given password. This method only is used by the DefaultPSKManager to derive a key from a password for pbe protected storing the contents of the psk manager. You may override this method if you want to use your self-designed SecurityProvider. However, note that this method is NOT required for the normal SSL/TLS protocol working, even if PSK cipher suites are used. It is only required if you are using the DefaultPSKManager and want to pbe protected store/ read the contents of the manager.

Overrides:

deriveKey in class SecurityProvider

Parameters:

algorithm - the name of key derivation function to be used ("PBKDF2")

password - the password to be used

salt - the salt value for the key derivation function

iterationCount - the iteration count value for the key derivation function

keyLen - the length of the key to be derived from the password

keyName - the (algorithm) name of the derived key

random - SecureRandom for providing random numbers if required by the key derivation function in use

Returns:

the derived key

Throws:

if - an error occurs when generating the key

java.lang.Exception

loadKeyStore

public java.security.KeyStore loadKeyStore(java.lang.String keyStoreFile,
                                           char[] keyStorePassword,
                                           java.lang.String keyStoreType,
                                           java.lang.String keyStoreProvider)
                                    throws java.lang.Exception

Loads a KeyStore from the given file protected with the given password.

Overrides:

loadKeyStore in class SecurityProvider

Parameters:

keyStoreFile - the name of the KeyStore file

keyStorePassword - the KeyStore password

keyStoreType - the KeyStore type; default: IAIKKeyStore

keyStoreProvider - the KeyStore provider; default: IAIK

Returns:

the KeyStore just loaded

Throws:

java.lang.Exception - if an error occurs when loading the KeyStore

loadKeyStore

public java.security.KeyStore loadKeyStore(java.lang.String keyStoreFile,
                                           char[] keyStorePassword,
                                           java.lang.String keyStoreType,
                                           java.security.Provider keyStoreProvider)
                                    throws java.lang.Exception

Loads a KeyStore from the given file protected with the given password.

Overrides:

loadKeyStore in class SecurityProvider

Parameters:

keyStoreFile - the name of the KeyStore file

keyStorePassword - the KeyStore password

keyStoreType - the KeyStore type; default: IAIKKeyStore

keyStoreProvider - the KeyStore provider; default: IAIK

Returns:

the KeyStore just loaded

Throws:

java.lang.Exception - if an error occurs when loading the KeyStore

checkCreatedRSAServerKeyExchangeSignature

protected boolean checkCreatedRSAServerKeyExchangeSignature()

Asks whether to check an RSA ServerKeyExchange signature immediately after signature creation.
Verification of the RSA signature maybe appropriate as countermeasure against against RSA CRT key leaks (Florian Weimer sept 2015: "Factoring RSA Keys With TLS Perfect Forward Secrecy"). This method returns true for IAIK provider versions <= 5.25. IAIK provider versions > 5.25 already include the verification step.

Overrides:

checkCreatedRSAServerKeyExchangeSignature in class SecurityProvider

Returns:

true for IAIK provider versions <= 5.25, false otherwise