java.lang.Object
es.gob.jmulticard.jse.provider.rsacipher.KeyUtil

final class KeyUtil extends Object
Utilidad para claves RSA.
  • Constructor Details

    • KeyUtil

      KeyUtil()
  • Method Details

    • checkTlsPreMasterSecretKey

      static byte[] checkTlsPreMasterSecretKey(int clientVersion, int serverVersion, SecureRandom random, byte[] encoded, boolean isFailOver)
      Check the format of TLS PreMasterSecret.

      To avoid vulnerabilities described by section 7.4.7.1, RFC 5246, treating incorrectly formatted message blocks and/or mismatched version numbers in a manner indistinguishable from correctly formatted RSA blocks. RFC 5246 describes the approach as : 1. Generate a string R of 48 random bytes 2. Decrypt the message to recover the plaintext M 3. If the PKCS#1 padding is not correct, or the length of message M is not exactly 48 bytes: pre_master_secret = R else If ClientHello.client_version <= TLS 1.0, and version number check is explicitly disabled: premaster secret = M else If M[0..1] != ClientHello.client_version: premaster secret = R else: premaster secret = M Note that #2 should have completed before the call to this method.

      Parameters:
      clientVersion - the version of the TLS protocol by which the client wishes to communicate during this session
      serverVersion - the negotiated version of the TLS protocol which contains the lower of that suggested by the client in the client hello and the highest supported by the server.
      encoded - the encoded key in its "RAW" encoding format
      isFailOver - whether or not the previous decryption of the encrypted PreMasterSecret message run into problem
      Returns:
      the polished PreMasterSecret key in its "RAW" encoding format