01: package org.bouncycastle.crypto.tls;
02:
03: import org.bouncycastle.crypto.digests.SHA1Digest;
04: import org.bouncycastle.crypto.engines.AESFastEngine;
05: import org.bouncycastle.crypto.engines.DESedeEngine;
06: import org.bouncycastle.crypto.modes.CBCBlockCipher;
07:
08: import java.io.IOException;
09: import java.io.OutputStream;
10:
11: /**
12: * A manager for ciphersuite. This class does manage all ciphersuites
13: * which are used by MicroTLS.
14: */
15: public class TlsCipherSuiteManager {
16: private static final int TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000a;
17: private static final int TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016;
18: private static final int TLS_RSA_WITH_AES_128_CBC_SHA = 0x002f;
19: private static final int TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033;
20: private static final int TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035;
21: private static final int TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039;
22:
23: protected static void writeCipherSuites(OutputStream os)
24: throws IOException {
25: TlsUtils.writeUint16(2 * 6, os);
26:
27: TlsUtils.writeUint16(TLS_DHE_RSA_WITH_AES_256_CBC_SHA, os);
28: TlsUtils.writeUint16(TLS_DHE_RSA_WITH_AES_128_CBC_SHA, os);
29: TlsUtils.writeUint16(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, os);
30:
31: TlsUtils.writeUint16(TLS_RSA_WITH_AES_256_CBC_SHA, os);
32: TlsUtils.writeUint16(TLS_RSA_WITH_AES_128_CBC_SHA, os);
33: TlsUtils.writeUint16(TLS_RSA_WITH_3DES_EDE_CBC_SHA, os);
34:
35: }
36:
37: protected static TlsCipherSuite getCipherSuite(int number,
38: TlsProtocolHandler handler) throws IOException {
39: switch (number) {
40: case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
41: return new TlsBlockCipherCipherSuite(new CBCBlockCipher(
42: new DESedeEngine()), new CBCBlockCipher(
43: new DESedeEngine()), new SHA1Digest(),
44: new SHA1Digest(), 24, TlsCipherSuite.KE_RSA);
45:
46: case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
47: return new TlsBlockCipherCipherSuite(new CBCBlockCipher(
48: new DESedeEngine()), new CBCBlockCipher(
49: new DESedeEngine()), new SHA1Digest(),
50: new SHA1Digest(), 24, TlsCipherSuite.KE_DHE_RSA);
51:
52: case TLS_RSA_WITH_AES_128_CBC_SHA:
53: return new TlsBlockCipherCipherSuite(new CBCBlockCipher(
54: new AESFastEngine()), new CBCBlockCipher(
55: new AESFastEngine()), new SHA1Digest(),
56: new SHA1Digest(), 16, TlsCipherSuite.KE_RSA);
57:
58: case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
59: return new TlsBlockCipherCipherSuite(new CBCBlockCipher(
60: new AESFastEngine()), new CBCBlockCipher(
61: new AESFastEngine()), new SHA1Digest(),
62: new SHA1Digest(), 16, TlsCipherSuite.KE_DHE_RSA);
63:
64: case TLS_RSA_WITH_AES_256_CBC_SHA:
65: return new TlsBlockCipherCipherSuite(new CBCBlockCipher(
66: new AESFastEngine()), new CBCBlockCipher(
67: new AESFastEngine()), new SHA1Digest(),
68: new SHA1Digest(), 32, TlsCipherSuite.KE_RSA);
69:
70: case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
71: return new TlsBlockCipherCipherSuite(new CBCBlockCipher(
72: new AESFastEngine()), new CBCBlockCipher(
73: new AESFastEngine()), new SHA1Digest(),
74: new SHA1Digest(), 32, TlsCipherSuite.KE_DHE_RSA);
75:
76: default:
77: handler.failWithError(TlsProtocolHandler.AL_fatal,
78: TlsProtocolHandler.AP_handshake_failure);
79:
80: /*
81: * Unreachable Code, failWithError will always throw an exception!
82: */
83: return null;
84:
85: }
86: }
87:
88: }
|