luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerKeyExchange.java

/*
 *  Licensed to the Apache Software Foundation (ASF) under one or more
 *  contributor license agreements.  See the NOTICE file distributed with
 *  this work for additional information regarding copyright ownership.
 *  The ASF licenses this file to You under the Apache License, Version 2.0
 *  (the "License"); you may not use this file except in compliance with
 *  the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */

package org.apache.harmony.xnet.provider.jsse;

import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPublicKeySpec;

/**
 *
 * Represents server key exchange message.
 * @see <a href="http://www.ietf.org/rfc/rfc2246.txt">TLS 1.0 spec., 7.4.3.
 * Server key exchange message.</a>
 *
 */
public class ServerKeyExchange extends Message {

                           //          ServerRSAParams        ServerDHParams
    final BigInteger par1; //            rsa_modulus               dh_p
    final byte[] bytes1;

    final BigInteger par2; //            rsa_exponent              dh_g
    final byte[] bytes2;

    final BigInteger par3; //                                      dh_Ys
    final byte[] bytes3;

    /**
     * Signature
     */
    final byte[] hash;

    private RSAPublicKey key;

    /**
     * Creates outbound message
     * @param par1 rsa_modulus or dh_p
     * @param par2 rsa_exponent or dh_g
     * @param par3 dh_Ys for ServerDHParams; should be null for ServerRSAParams
     * @param hash should be null for anonymous SignatureAlgorithm
     */
    public ServerKeyExchange(BigInteger par1, BigInteger par2, BigInteger par3,
            byte[] hash) {
        this.par1 = par1;
        this.par2 = par2;
        this.par3 = par3;
        this.hash = hash;

        bytes1 = toUnsignedByteArray(this.par1);

        bytes2 = toUnsignedByteArray(this.par2);

        length = 4 + bytes1.length + bytes2.length;
        if (hash != null) {
            length += 2 + hash.length;
        }
        if (par3 == null) {
            bytes3 = null;
            return;
        }
        bytes3 = toUnsignedByteArray(this.par3);
        length += 2 + bytes3.length;
    }

    /**
     * Remove first byte if 0. Needed because BigInteger.toByteArray() sometimes
     * returns a zero prefix.
     */
    public static byte[] toUnsignedByteArray(BigInteger bi) {
        if (bi == null) {
            return null;
        }
        byte[] bb = bi.toByteArray();
        // bb is not null, and has at least 1 byte - ZERO is represented as [0]
        if (bb[0] == 0) {
            byte[] noZero = new byte[bb.length - 1];
            System.arraycopy(bb, 1, noZero, 0, noZero.length);
            return noZero;
        } else {
            return bb;
        }
    }

    /**
     * Creates inbound message
     * @param in
     * @param length
     * @param keyExchange
     * @throws IOException
     */
    public ServerKeyExchange(HandshakeIODataStream in, int length,
            int keyExchange) throws IOException {

        int size = in.readUint16();
        bytes1 = in.read(size);
        par1 = new BigInteger(1, bytes1);
        this.length = 2 + bytes1.length;
        size = in.readUint16();
        bytes2 = in.read(size);
        par2 = new BigInteger(1, bytes2);
        this.length += 2 + bytes2.length;
        if (keyExchange != CipherSuite.KEY_EXCHANGE_RSA_EXPORT) {
            size = in.readUint16();
            bytes3 = in.read(size);
            par3 = new BigInteger(1, bytes3);
            this.length += 2 + bytes3.length;
        } else {
            par3 = null;
            bytes3 = null;
        }
        if (keyExchange != CipherSuite.KEY_EXCHANGE_DH_anon_EXPORT
                && keyExchange != CipherSuite.KEY_EXCHANGE_DH_anon) {
            size = in.readUint16();
            hash = in.read(size);
            this.length += 2 + hash.length;
        } else {
            hash = null;
        }
        if (this.length != length) {
            fatalAlert(AlertProtocol.DECODE_ERROR,
                    "DECODE ERROR: incorrect ServerKeyExchange");
        }
    }

    /**
     * Sends message
     * @param out
     */
    @Override
    public void send(HandshakeIODataStream out) {
        out.writeUint16(bytes1.length);
        out.write(bytes1);
        out.writeUint16(bytes2.length);
        out.write(bytes2);
        if (bytes3 != null) {
            out.writeUint16(bytes3.length);
            out.write(bytes3);
        }
        if (hash != null) {
            out.writeUint16(hash.length);
            out.write(hash);
        }
    }

    /**
     * Returns RSAPublicKey generated using ServerRSAParams
     * (rsa_modulus and rsa_exponent).
     *
     * @return
     */
    public RSAPublicKey getRSAPublicKey() {
        if (key != null) {
            return key;
        }
        try {
            KeyFactory kf = KeyFactory.getInstance("RSA");
            key = (RSAPublicKey) kf.generatePublic(new RSAPublicKeySpec(par1,
                    par2));
        } catch (Exception e) {
            return null;
        }
        return key;
    }

    /**
     * Returns message type
     * @return
     */
    @Override
    public int getType() {
        return Handshake.SERVER_KEY_EXCHANGE;
    }

}