| /* |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. See the NOTICE file distributed with |
| * this work for additional information regarding copyright ownership. |
| * The ASF licenses this file to You under the Apache License, Version 2.0 |
| * (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package org.apache.harmony.xnet.provider.jsse; |
| |
| import javax.crypto.Cipher; |
| |
| /** |
| * This abstract class is a base for Record Protocol operating environmet |
| * of different SSL protocol versions. |
| */ |
| public abstract class ConnectionState { |
| |
| /** |
| * The cipher used for encode operations |
| */ |
| protected Cipher encCipher; |
| |
| /** |
| * The cipher used for decode operations |
| */ |
| protected Cipher decCipher; |
| |
| /** |
| * The block size, or zero if not a block cipher |
| */ |
| protected int block_size; |
| |
| /** |
| * The size of MAC used under this connection state |
| */ |
| protected int hash_size; |
| |
| /** |
| * Write sequence number which is incremented after each |
| * encrypt call |
| */ |
| protected final byte[] write_seq_num = {0, 0, 0, 0, 0, 0, 0, 0}; |
| |
| /** |
| * Read sequence number which is incremented after each |
| * decrypt call |
| */ |
| protected final byte[] read_seq_num = {0, 0, 0, 0, 0, 0, 0, 0}; |
| |
| protected Logger.Stream logger = Logger.getStream("conn_state"); |
| |
| /** |
| * Returns the minimal possible size of the |
| * Generic[Stream|Generic]Cipher structure under this |
| * connection state. |
| */ |
| protected int getMinFragmentSize() { |
| // block ciphers return value with padding included |
| return encCipher.getOutputSize(1+hash_size); // 1 byte for data |
| } |
| |
| /** |
| * Returns the size of the Generic[Stream|Generic]Cipher structure |
| * corresponding to the content data of specified size. |
| */ |
| protected int getFragmentSize(int content_size) { |
| return encCipher.getOutputSize(content_size+hash_size); |
| } |
| |
| /** |
| * Returns the minimal upper bound of the content size enclosed |
| * into the Generic[Stream|Generic]Cipher structure of specified size. |
| * For stream ciphers the returned value will be exact value. |
| */ |
| protected int getContentSize(int generic_cipher_size) { |
| //it does not take the padding of block ciphered structures |
| //into account (so returned value can be greater than actual) |
| return decCipher.getOutputSize(generic_cipher_size)-hash_size; |
| } |
| |
| /** |
| * Returns the number of bytes of padding required to round the |
| * content up to the required block size. Assumes power of two |
| * block size. |
| */ |
| protected int getPaddingSize(int content_size) { |
| int mask = block_size - 1; |
| return (block_size - (content_size & mask)); |
| } |
| |
| /** |
| * Creates the GenericStreamCipher or GenericBlockCipher |
| * data structure for specified data of specified type. |
| * @param type - the ContentType of the provided data |
| * @param fragment - the byte array containing the |
| * data to be encrypted under the current connection state. |
| */ |
| protected byte[] encrypt(byte type, byte[] fragment) { |
| return encrypt(type, fragment, 0, fragment.length); |
| } |
| |
| /** |
| * Creates the GenericStreamCipher or GenericBlockCipher |
| * data structure for specified data of specified type. |
| * @param type - the ContentType of the provided data |
| * @param fragment - the byte array containing the |
| * data to be encrypted under the current connection state. |
| * @param offset - the offset from which the data begins with. |
| * @param len - the length of the data. |
| */ |
| protected abstract byte[] encrypt |
| (byte type, byte[] fragment, int offset, int len); |
| |
| /** |
| * Retrieves the fragment of the Plaintext structure of |
| * the specified type from the provided data. |
| * @param type - the ContentType of the data to be decrypted. |
| * @param fragment - the byte array containing the |
| * data to be encrypted under the current connection state. |
| */ |
| protected byte[] decrypt(byte type, byte[] fragment) { |
| return decrypt(type, fragment, 0, fragment.length); |
| } |
| |
| /** |
| * Retrieves the fragment of the Plaintext structure of |
| * the specified type from the provided data. |
| * @param type - the ContentType of the data to be decrypted. |
| * @param fragment - the byte array containing the |
| * data to be encrypted under the current connection state. |
| * @param offset - the offset from which the data begins with. |
| * @param len - the length of the data. |
| */ |
| protected abstract byte[] decrypt |
| (byte type, byte[] fragment, int offset, int len); |
| |
| /** |
| * Increments the sequence number. |
| */ |
| protected static void incSequenceNumber(byte[] seq_num) { |
| int octet = 7; |
| while (octet >= 0) { |
| seq_num[octet] ++; |
| if (seq_num[octet] == 0) { |
| // characteristic overflow, so |
| // carrying a number in adding |
| octet --; |
| } else { |
| return; |
| } |
| } |
| } |
| |
| /** |
| * Shutdownes the protocol. It will be impossiblke to use the instance |
| * after the calling of this method. |
| */ |
| protected void shutdown() { |
| encCipher = null; |
| decCipher = null; |
| for (int i=0; i<write_seq_num.length; i++) { |
| write_seq_num[i] = 0; |
| read_seq_num[i] = 0; |
| } |
| } |
| } |
| |