1/*
2 * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.  Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26package sun.security.internal.spec;
27
28import java.security.spec.AlgorithmParameterSpec;
29
30import javax.crypto.SecretKey;
31
32/**
33 * Parameters for SSL/TLS key material generation.
34 * This class is used to initialize KeyGenerator of the type
35 * "TlsKeyMaterial". The keys returned by such KeyGenerators will be
36 * instances of {@link TlsKeyMaterialSpec}.
37 *
38 * <p>Instances of this class are immutable.
39 *
40 * @since   1.6
41 * @author  Andreas Sterbenz
42 * @deprecated Sun JDK internal use only --- WILL BE REMOVED in a future
43 * release.
44 */
45@Deprecated
46public class TlsKeyMaterialParameterSpec implements AlgorithmParameterSpec {
47
48    private final SecretKey masterSecret;
49    private final int majorVersion, minorVersion;
50    private final byte[] clientRandom, serverRandom;
51    private final String cipherAlgorithm;
52    private final int cipherKeyLength, ivLength, macKeyLength;
53    private final int expandedCipherKeyLength; // == 0 for domestic ciphersuites
54    private final String prfHashAlg;
55    private final int prfHashLength;
56    private final int prfBlockSize;
57
58    /**
59     * Constructs a new TlsKeyMaterialParameterSpec.
60     *
61     * @param masterSecret the master secret
62     * @param majorVersion the major number of the protocol version
63     * @param minorVersion the minor number of the protocol version
64     * @param clientRandom the client's random value
65     * @param serverRandom the server's random value
66     * @param cipherAlgorithm the algorithm name of the cipher keys to
67     *    be generated
68     * @param cipherKeyLength if 0, no cipher keys will be generated;
69     *    otherwise, the length in bytes of cipher keys to be
70     *    generated for domestic cipher suites; for cipher suites defined as
71     *    exportable, the number of key material bytes to be generated;
72     * @param expandedCipherKeyLength 0 for domestic cipher suites; for
73     *    exportable cipher suites the length in bytes of the key to be
74     *    generated.
75     * @param ivLength the length in bytes of the initialization vector
76     *    to be generated, or 0 if no initialization vector is required
77     * @param macKeyLength the length in bytes of the MAC key to be generated
78     * @param prfHashAlg the name of the TLS PRF hash algorithm to use.
79     *        Used only for TLS 1.2+.  TLS1.1 and earlier use a fixed PRF.
80     * @param prfHashLength the output length of the TLS PRF hash algorithm.
81     *        Used only for TLS 1.2+.
82     * @param prfBlockSize the input block size of the TLS PRF hash algorithm.
83     *        Used only for TLS 1.2+.
84     *
85     * @throws NullPointerException if masterSecret, clientRandom,
86     *   serverRandom, or cipherAlgorithm are null
87     * @throws IllegalArgumentException if the algorithm of masterSecret is
88     *   not TlsMasterSecret, or if majorVersion or minorVersion are
89     *   negative or larger than 255; or if cipherKeyLength, expandedKeyLength,
90     *   ivLength, or macKeyLength are negative
91     */
92    public TlsKeyMaterialParameterSpec(SecretKey masterSecret,
93            int majorVersion, int minorVersion, byte[] clientRandom,
94            byte[] serverRandom, String cipherAlgorithm, int cipherKeyLength,
95            int expandedCipherKeyLength, int ivLength, int macKeyLength,
96            String prfHashAlg, int prfHashLength, int prfBlockSize) {
97        if (masterSecret.getAlgorithm().equals("TlsMasterSecret") == false) {
98            throw new IllegalArgumentException("Not a TLS master secret");
99        }
100        if (cipherAlgorithm == null) {
101            throw new NullPointerException();
102        }
103        this.masterSecret = masterSecret;
104        this.majorVersion =
105            TlsMasterSecretParameterSpec.checkVersion(majorVersion);
106        this.minorVersion =
107            TlsMasterSecretParameterSpec.checkVersion(minorVersion);
108        this.clientRandom = clientRandom.clone();
109        this.serverRandom = serverRandom.clone();
110        this.cipherAlgorithm = cipherAlgorithm;
111        this.cipherKeyLength = checkSign(cipherKeyLength);
112        this.expandedCipherKeyLength = checkSign(expandedCipherKeyLength);
113        this.ivLength = checkSign(ivLength);
114        this.macKeyLength = checkSign(macKeyLength);
115        this.prfHashAlg = prfHashAlg;
116        this.prfHashLength = prfHashLength;
117        this.prfBlockSize = prfBlockSize;
118    }
119
120    private static int checkSign(int k) {
121        if (k < 0) {
122            throw new IllegalArgumentException("Value must not be negative");
123        }
124        return k;
125    }
126
127    /**
128     * Returns the master secret.
129     *
130     * @return the master secret.
131     */
132    public SecretKey getMasterSecret() {
133        return masterSecret;
134    }
135
136    /**
137     * Returns the major version number.
138     *
139     * @return the major version number.
140     */
141    public int getMajorVersion() {
142        return majorVersion;
143    }
144
145    /**
146     * Returns the minor version number.
147     *
148     * @return the minor version number.
149     */
150    public int getMinorVersion() {
151        return minorVersion;
152    }
153
154    /**
155     * Returns a copy of the client's random value.
156     *
157     * @return a copy of the client's random value.
158     */
159    public byte[] getClientRandom() {
160        return clientRandom.clone();
161    }
162
163    /**
164     * Returns a copy of the server's random value.
165     *
166     * @return a copy of the server's random value.
167     */
168    public byte[] getServerRandom() {
169        return serverRandom.clone();
170    }
171
172    /**
173     * Returns the cipher algorithm.
174     *
175     * @return the cipher algorithm.
176     */
177    public String getCipherAlgorithm() {
178        return cipherAlgorithm;
179    }
180
181    /**
182     * Returns the length in bytes of the encryption key to be generated.
183     *
184     * @return the length in bytes of the encryption key to be generated.
185     */
186    public int getCipherKeyLength() {
187        return cipherKeyLength;
188    }
189
190    /**
191     * Returns the length in bytes of the expanded encryption key to be
192     * generated. Returns zero if the expanded encryption key is not
193     * supposed to be generated.
194     *
195     * @return the length in bytes of the expanded encryption key to be
196     *     generated.
197     */
198    public int getExpandedCipherKeyLength() {
199        // TLS v1.1 disables the exportable weak cipher suites.
200        if (majorVersion >= 0x03 && minorVersion >= 0x02) {
201            return 0;
202        }
203        return expandedCipherKeyLength;
204    }
205
206    /**
207     * Returns the length in bytes of the initialization vector to be
208     * generated. Returns zero if the initialization vector is not
209     * supposed to be generated.
210     *
211     * @return the length in bytes of the initialization vector to be
212     *     generated.
213     */
214    public int getIvLength() {
215        return ivLength;
216    }
217
218    /**
219     * Returns the length in bytes of the MAC key to be generated.
220     *
221     * @return the length in bytes of the MAC key to be generated.
222     */
223    public int getMacKeyLength() {
224        return macKeyLength;
225    }
226
227    /**
228     * Obtains the PRF hash algorithm to use in the PRF calculation.
229     *
230     * @return the hash algorithm.
231     */
232    public String getPRFHashAlg() {
233        return prfHashAlg;
234    }
235
236    /**
237     * Obtains the length of the PRF hash algorithm.
238     *
239     * @return the hash algorithm length.
240     */
241    public int getPRFHashLength() {
242        return prfHashLength;
243    }
244
245    /**
246     * Obtains the block size of the PRF hash algorithm.
247     *
248     * @return the hash algorithm block size
249     */
250    public int getPRFBlockSize() {
251        return prfBlockSize;
252    }
253}
254