001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017:
018: /**
019: * @author Alexander Y. Kleymenov
020: * @version $Revision$
021: */package org.apache.harmony.xnet.provider.jsse;
022:
023: import org.apache.harmony.xnet.provider.jsse.Logger;
024:
025: import javax.crypto.Cipher;
026:
027: /**
028: * This abstract class is a base for Record Protocol operating environmet
029: * of different SSL protocol versions.
030: */
031: public abstract class ConnectionState {
032:
033: /**
034: * The cipher used for encode operations
035: */
036: protected Cipher encCipher;
037:
038: /**
039: * The cipher used for decode operations
040: */
041: protected Cipher decCipher;
042:
043: /**
044: * The cipher type
045: */
046: protected boolean is_block_cipher;
047:
048: /**
049: * The size of MAC used under this connection state
050: */
051: protected int hash_size;
052:
053: /**
054: * Write sequence number which is incremented after each
055: * encrypt call
056: */
057: protected final byte[] write_seq_num = { 0, 0, 0, 0, 0, 0, 0, 0 };
058:
059: /**
060: * Read sequence number which is incremented after each
061: * decrypt call
062: */
063: protected final byte[] read_seq_num = { 0, 0, 0, 0, 0, 0, 0, 0 };
064:
065: protected Logger.Stream logger = Logger.getStream("conn_state");
066:
067: /**
068: * Returns the minimal possible size of the
069: * Generic[Stream|Generic]Cipher structure under this
070: * connection state.
071: */
072: protected int getMinFragmentSize() {
073: // block ciphers return value with padding included
074: return encCipher.getOutputSize(1 + hash_size); // 1 byte for data
075: }
076:
077: /**
078: * Returns the size of the Generic[Stream|Generic]Cipher structure
079: * corresponding to the content data of specified size.
080: */
081: protected int getFragmentSize(int content_size) {
082: return encCipher.getOutputSize(content_size + hash_size);
083: }
084:
085: /**
086: * Returns the minimal upper bound of the content size enclosed
087: * into the Generic[Stream|Generic]Cipher structure of specified size.
088: * For stream ciphers the returned value will be exact value.
089: */
090: protected int getContentSize(int generic_cipher_size) {
091: //it does not take the padding of block ciphered structures
092: //into account (so returned value can be greater than actual)
093: return decCipher.getOutputSize(generic_cipher_size) - hash_size;
094: }
095:
096: /**
097: * Creates the GenericStreamCipher or GenericBlockCipher
098: * data structure for specified data of specified type.
099: * @param type - the ContentType of the provided data
100: * @param fragment - the byte array containing the
101: * data to be encrypted under the current connection state.
102: */
103: protected byte[] encrypt(byte type, byte[] fragment) {
104: return encrypt(type, fragment, 0, fragment.length);
105: }
106:
107: /**
108: * Creates the GenericStreamCipher or GenericBlockCipher
109: * data structure for specified data of specified type.
110: * @param type - the ContentType of the provided data
111: * @param fragment - the byte array containing the
112: * data to be encrypted under the current connection state.
113: * @param offset - the offset from which the data begins with.
114: * @param len - the length of the data.
115: */
116: protected abstract byte[] encrypt(byte type, byte[] fragment,
117: int offset, int len);
118:
119: /**
120: * Retrieves the fragment of the Plaintext structure of
121: * the specified type from the provided data.
122: * @param type - the ContentType of the data to be decrypted.
123: * @param fragment - the byte array containing the
124: * data to be encrypted under the current connection state.
125: */
126: protected byte[] decrypt(byte type, byte[] fragment) {
127: return decrypt(type, fragment, 0, fragment.length);
128: }
129:
130: /**
131: * Retrieves the fragment of the Plaintext structure of
132: * the specified type from the provided data.
133: * @param type - the ContentType of the data to be decrypted.
134: * @param fragment - the byte array containing the
135: * data to be encrypted under the current connection state.
136: * @param offset - the offset from which the data begins with.
137: * @param len - the length of the data.
138: */
139: protected abstract byte[] decrypt(byte type, byte[] fragment,
140: int offset, int len);
141:
142: /**
143: * Increments the sequence number.
144: */
145: protected static void incSequenceNumber(byte[] seq_num) {
146: int octet = 7;
147: while (octet >= 0) {
148: seq_num[octet]++;
149: if (seq_num[octet] == 0) {
150: // characteristic overflow, so
151: // carrying a number in adding
152: octet--;
153: } else {
154: return;
155: }
156: }
157: }
158:
159: /**
160: * Shutdownes the protocol. It will be impossiblke to use the instance
161: * after the calling of this method.
162: */
163: protected void shutdown() {
164: encCipher = null;
165: decCipher = null;
166: for (int i = 0; i < write_seq_num.length; i++) {
167: write_seq_num[i] = 0;
168: read_seq_num[i] = 0;
169: }
170: }
171: }
|