Class KeyUtil


  • final class KeyUtil
    extends java.lang.Object
    Utilidad para claves RSA.
    • Constructor Summary

      Constructors 
      Constructor Description
      KeyUtil()  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      (package private) static byte[] checkTlsPreMasterSecretKey​(int clientVersion, int serverVersion, java.security.SecureRandom random, byte[] encoded, boolean isFailOver)
      Check the format of TLS PreMasterSecret.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • KeyUtil

        KeyUtil()
    • Method Detail

      • checkTlsPreMasterSecretKey

        static byte[] checkTlsPreMasterSecretKey​(int clientVersion,
                                                 int serverVersion,
                                                 java.security.SecureRandom random,
                                                 byte[] encoded,
                                                 boolean isFailOver)
        Check the format of TLS PreMasterSecret.

        To avoid vulnerabilities described by section 7.4.7.1, RFC 5246, treating incorrectly formatted message blocks and/or mismatched version numbers in a manner indistinguishable from correctly formatted RSA blocks. RFC 5246 describes the approach as : 1. Generate a string R of 48 random bytes 2. Decrypt the message to recover the plaintext M 3. If the PKCS#1 padding is not correct, or the length of message M is not exactly 48 bytes: pre_master_secret = R else If ClientHello.client_version <= TLS 1.0, and version number check is explicitly disabled: premaster secret = M else If M[0..1] != ClientHello.client_version: premaster secret = R else: premaster secret = M Note that #2 should have completed before the call to this method.

        Parameters:
        clientVersion - the version of the TLS protocol by which the client wishes to communicate during this session
        serverVersion - the negotiated version of the TLS protocol which contains the lower of that suggested by the client in the client hello and the highest supported by the server.
        encoded - the encoded key in its "RAW" encoding format
        isFailOver - whether or not the previous decryption of the encrypted PreMasterSecret message run into problem
        Returns:
        the polished PreMasterSecret key in its "RAW" encoding format