iaik.security.ssl
Class IaikProvider

java.lang.Object
  extended by iaik.security.ssl.SecurityProvider
      extended by iaik.security.ssl.IaikProvider
Direct Known Subclasses:
IaikEccProvider

public class IaikProvider
extends SecurityProvider

This class implements the SecurityProvider interface for the provider IAIK. Note that the IAIK provider only uses implementations from the IAIK JCE and not from any other providers that may be installed.

See Also:
SecurityProvider

Field Summary
 
Fields inherited from class iaik.security.ssl.SecurityProvider
ALG_CIPHER_3DES, ALG_CIPHER_AES, ALG_CIPHER_AES_GCM, ALG_CIPHER_AES_PKCS5, ALG_CIPHER_CAMELLIA, ALG_CIPHER_CAMELLIA_GCM, ALG_CIPHER_DES, ALG_CIPHER_IDEA, ALG_CIPHER_RC2, ALG_CIPHER_RC4, ALG_CIPHER_RSA, ALG_CIPHER_RSA_DECRYPT, ALG_CIPHER_RSA_ENCRYPT, ALG_CIPHER_RSA_ENCRYPT_SSL2, ALG_CIPHER_RSA_SIGN, ALG_CIPHER_RSA_VERIFY, ALG_DIGEST_MD5, ALG_DIGEST_SHA, ALG_DIGEST_SHA1, ALG_DIGEST_SHA224, ALG_DIGEST_SHA256, ALG_DIGEST_SHA384, ALG_DIGEST_SHA512, ALG_HMAC_MD5, ALG_HMAC_SHA, ALG_HMAC_SHA256, ALG_HMAC_SHA384, ALG_HMAC_SHA512, ALG_KEYEX_DH, ALG_KEYEX_DSA, ALG_KEYEX_DSA_CLIENT, ALG_KEYEX_ECDH, ALG_KEYEX_ECDSA, ALG_KEYEX_ECDSA_CLIENT, ALG_KEYEX_RSA, ALG_KEYGEN_AES, ALG_KEYGEN_HMAC_SHA, ALG_KEYGEN_HMAC_SHA256, ALG_KEYGEN_PBKDF2, ALG_KEYPAIR_RSA, ALG_SIGNATURE_MD5RSA, ALG_SIGNATURE_RAWDSA, ALG_SIGNATURE_RAWECDSA, ALG_SIGNATURE_SHA1ECDSA, ALG_SIGNATURE_SHA1RSA, ALG_SIGNATURE_SHA224ECDSA, ALG_SIGNATURE_SHA224RSA, ALG_SIGNATURE_SHA256ECDSA, ALG_SIGNATURE_SHA256RSA, ALG_SIGNATURE_SHA384ECDSA, ALG_SIGNATURE_SHA384RSA, ALG_SIGNATURE_SHA512ECDSA, ALG_SIGNATURE_SHA512RSA, ALG_SIGNATURE_SHADSA, ALG_SIGNATURE_SHAECDSA, CIPHER_DECRYPT, CIPHER_ENCRYPT, CIPHER_NONE, configuration_, CONFIGURATION_PROPERTIES, KEYAGREEMENT_INIT, KEYAGREEMENT_NONE, providerName, SIGNATURE_NONE, SIGNATURE_SIGN, SIGNATURE_VERIFY
 
Constructor Summary
IaikProvider()
          Default Constructor.
 
Method Summary
protected  int aeadDecrypt(javax.crypto.Cipher cipher, javax.crypto.SecretKey key, byte[] in, int inOff, int inLen, byte[] out, int outOff, byte[] aad, byte[] nonce, int macSize)
          Uses the given cipher to AEAD decrypt the given encrypted data with the given key.
protected  int aeadEncrypt(javax.crypto.Cipher cipher, javax.crypto.SecretKey key, byte[] in, int inOff, int inLen, byte[] out, int outOff, byte[] aad, byte[] nonce, int macSize, java.security.SecureRandom random)
          Uses the given cipher to AEAD encrypt the given data with the given key.
 byte[] calculateTrustedAuthorityIdentifier(int type, java.security.cert.X509Certificate certificate)
          Calculates a TrustedAuthority identifier of the given type from the given certificate.
protected  boolean checkCreatedRSAServerKeyExchangeSignature()
          Asks whether to check an RSA ServerKeyExchange signature immediately after signature creation.
 boolean checkExtendedKeyUsage(java.security.cert.X509Certificate cert, boolean clientAuth)
          Checks if the ExtendedKeyUsage of the given client/server certificate enables the certificate for client/server authentication.
 byte[] createCertStatusRequest(int statusType)
          Creates a status request to be sent within a status_request extension.
 byte[] createPkiPath(java.security.cert.X509Certificate[] certificates)
          Creates a DER encoded PKI path from the given (client) certificate chain.
 javax.crypto.SecretKey deriveKey(java.lang.String algorithm, char[] password, byte[] salt, int iterationCount, int keyLen, java.lang.String keyName, java.security.SecureRandom random)
          Uses the specified key derivation function to derive a key from the given password.
protected  javax.crypto.Cipher getCipher(java.lang.String algorithm, int mode, java.security.Key key, java.security.spec.AlgorithmParameterSpec param, java.security.SecureRandom random)
          Return an implementation for the requested algorithm from the IAIK provider.
protected  javax.crypto.interfaces.DHPrivateKey getDHPrivateKey(java.math.BigInteger x, java.math.BigInteger p, java.math.BigInteger g)
          This method returns an IAIK DHPrivateKey instance created from the given values.
protected  javax.crypto.interfaces.DHPublicKey getDHPublicKey(java.math.BigInteger y, java.math.BigInteger p, java.math.BigInteger g)
          This method returns an IAIK DHPublicKey instance created from the given values.
protected  byte[] getEncodedPrincipal(java.security.Principal principal)
          This method returns a DER encoded Principal assuming it is an IAIK Name object.
protected  java.security.MessageDigest getMessageDigest(java.lang.String algorithm)
          This method returns the desired MessageDigest object.
protected  java.security.Principal getPrincipal(byte[] array)
          This method returns a Principal (IAIK Name object) created from a DER encoded byte array.
protected  java.security.interfaces.RSAPublicKey getRSAPublicKey(java.math.BigInteger modulus, java.math.BigInteger exponent)
          This method returns an IAIK RSAPublicKey instance created from the given values.
protected  java.security.SecureRandom getSecureRandom()
          Return an instance of the default SecureRandom class set in iaik.security.random.SecRandom.
protected  java.security.Signature getSignature(java.lang.String algorithm, int mode, java.security.Key key, java.security.SecureRandom random)
          Return an implementation for the requested algorithm from the IAIK provider.
 ServerName[] getTLSServerName(int nameType, java.security.cert.X509Certificate serverCert)
          Gets the TLS server name(s) from the given certificate.
protected  java.lang.String[] getTLSServerName(java.security.cert.X509Certificate cert)
          Return the TLS servername from the certificate.
protected  java.security.cert.X509Certificate getX509Certificate(byte[] array)
          This method returns an IAIK X509Certificate instance created from a DER encoded byte array.
 java.security.cert.X509Certificate getX509Certificate(java.io.InputStream is)
          This method parses a DER encoded X509Certificate from an input stream.
 java.security.cert.X509Certificate[] getX509Certificates(byte[] pkiPath)
          This method parses a certificate array from a DER encoded PKI path as used by the TLS extension Client Certificate URLs (RFC 4366).
 java.security.KeyStore loadKeyStore(java.lang.String keyStoreFile, char[] keyStorePassword, java.lang.String keyStoreType, java.lang.String keyStoreProvider)
          Loads a KeyStore from the given file protected with the given password.
 
Methods inherited from class iaik.security.ssl.SecurityProvider
calculateRawSignature, checkIfOnSameCurve, checkKeyECPointFormat, checkKeyEllipticCurve, checkKeyLength, continueIfPeerDoesNotSupportSecureRenegotiation, createSharedECDHSecret, decodeECPublicKey, decodeECPublicKey, decodeURL, encodeECPublicKey, encodeURL, generateECKeyPair, generateECKeyPair, generateExtendedMasterSecret, generateMasterSecret, generateMasterSecret, getAlgorithmParameterGenerator, getCurve, getCurveName, getDefaultCurve, getECPointFormat, getKeyAgreement, getKeyGenerator, getKeyLength, getKeyLength, getKeyLength, getKeyPairGenerator, getMac, getSecurityProvider, getTLSServerName, getTLSServerName, isBinary, isImplemented, isImplemented, isImplementedSignatureAlgorithm, isNamedCurveSupported, isPointFormatSupported, setSecurityProvider, validateDHPublicKey, verifyRawSignature
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

IaikProvider

public IaikProvider()
Default Constructor. Tries to add the provider IAIK.

Method Detail

getDHPublicKey

protected javax.crypto.interfaces.DHPublicKey getDHPublicKey(java.math.BigInteger y,
                                                             java.math.BigInteger p,
                                                             java.math.BigInteger g)
                                                      throws java.lang.Exception
This method returns an IAIK DHPublicKey instance created from the given values. For more documentation see the superclass SecurityProvider.

Overrides:
getDHPublicKey in class SecurityProvider
Parameters:
y - the public value y
p - the prime modulus p
g - the base generator g
Returns:
the new created DHPublicKey
Throws:
java.lang.Exception

getDHPrivateKey

protected javax.crypto.interfaces.DHPrivateKey getDHPrivateKey(java.math.BigInteger x,
                                                               java.math.BigInteger p,
                                                               java.math.BigInteger g)
This method returns an IAIK DHPrivateKey instance created from the given values. For more documentation see the superclass SecurityProvider.

Overrides:
getDHPrivateKey in class SecurityProvider
Parameters:
x - the private value x
p - the prime modulus p
g - the base generator g
Returns:
the new created DHPrivateKey

getRSAPublicKey

protected java.security.interfaces.RSAPublicKey getRSAPublicKey(java.math.BigInteger modulus,
                                                                java.math.BigInteger exponent)
This method returns an IAIK RSAPublicKey instance created from the given values. For more documentation see the superclass SecurityProvider.

Overrides:
getRSAPublicKey in class SecurityProvider
Parameters:
modulus - the modulus
exponent - the public exponent
Returns:
the new created RSAPublicKey

getX509Certificate

protected java.security.cert.X509Certificate getX509Certificate(byte[] array)
                                                         throws java.security.cert.CertificateException
This method returns an IAIK X509Certificate instance created from a DER encoded byte array. For more documentation see the superclass SecurityProvider.

Overrides:
getX509Certificate in class SecurityProvider
Parameters:
array - a X509Certificate as DER encoded byte array
Returns:
the created X509Certificate
Throws:
java.security.cert.CertificateException

getX509Certificate

public java.security.cert.X509Certificate getX509Certificate(java.io.InputStream is)
                                                      throws java.lang.Exception
This method parses a DER encoded X509Certificate from an input stream.

Overrides:
getX509Certificate in class SecurityProvider
Parameters:
is - the stream from which to read the certifictae
Returns:
the created X509Certificate
Throws:
java.lang.Exception

getX509Certificates

public java.security.cert.X509Certificate[] getX509Certificates(byte[] pkiPath)
                                                         throws java.lang.Exception
This method parses a certificate array from a DER encoded PKI path as used by the TLS extension Client Certificate URLs (RFC 4366). A PKI path is defined as ASN.1 sequence of certificates:
 PkiPath ::= SEQUENCE OF Certificate
 
Note that the certificates in a PKI path are ordered in a way that the client certificate is located at index (n-1). However TLS expects certificates in reverse order (client certificate at index 0). For that reason this method may have to reverse the order of the certificates parsed from the PKI path.

Overrides:
getX509Certificates in class SecurityProvider
Parameters:
pkiPath - the DER encoded PKI path holding a SEQUENCE of certificates
Returns:
an array holding the certificates parsed from the PKI path; the array has to be ordered according subject-issuer relationship and has to contain the client certificate at index 0
Throws:
java.lang.Exception - if the certificates cannot be parsed from the PKI path

createPkiPath

public byte[] createPkiPath(java.security.cert.X509Certificate[] certificates)
                     throws java.lang.Exception
Creates a DER encoded PKI path from the given (client) certificate chain.
A PKI path is defined as ASN.1 sequence of certificates:
 PkiPath ::= SEQUENCE OF Certificate
 
Note that the certificates in a PKI path are ordered in a way that the client certificate is located at index (n-1). However, TLS uses certificates in reverse order (client certificate at index 0). Thus, before creating the pki path, this method first may have to order the certificates in a way that the client certificate is located at index [n-1].

Overrides:
createPkiPath in class SecurityProvider
Parameters:
certificates - the (client) certificate chain from which to create the pki path
Returns:
the DER encoded pki path containing the client certificate at index [n-1]
Throws:
java.lang.Exception - if the PKI path cannot be created

checkExtendedKeyUsage

public boolean checkExtendedKeyUsage(java.security.cert.X509Certificate cert,
                                     boolean clientAuth)
                              throws java.security.cert.CertificateException
Checks if the ExtendedKeyUsage of the given client/server certificate enables the certificate for client/server authentication.

Overrides:
checkExtendedKeyUsage in class SecurityProvider
Parameters:
cert - the certificate to be checked
clientAuth - true if the certificate shall be used for client authentication, false if it shall be used for server authentication
Returns:
true if the certificate has the anyExtendedKeyUsage or clientAuth purpose id set and shall be used for client authentication, or if the certificate has the anyExtendedKeyUsage or serverAuth purpose id set and shall be used for server authentication, or if the certificate does not contain the ExtendedKeyUsage at all; false in any other case
Throws:
java.security.cert.CertificateException - if an error occurs when parsing the ExtendedKeyUsage extension

getPrincipal

protected java.security.Principal getPrincipal(byte[] array)
                                        throws java.lang.Exception
This method returns a Principal (IAIK Name object) created from a DER encoded byte array. For more documentation see the superclass SecurityProvider.

Overrides:
getPrincipal in class SecurityProvider
Parameters:
array - a Distinguished Name (Principal) as DER encoded byte array
Returns:
the created Name (Principal)
Throws:
java.lang.Exception

getEncodedPrincipal

protected byte[] getEncodedPrincipal(java.security.Principal principal)
This method returns a DER encoded Principal assuming it is an IAIK Name object. For more documentation see the superclass SecurityProvider.

Overrides:
getEncodedPrincipal in class SecurityProvider
Parameters:
principal - the Distinguished Name (Principal) to encode
Returns:
the Name (Principal) as DER encoded byte array

getMessageDigest

protected java.security.MessageDigest getMessageDigest(java.lang.String algorithm)
                                                throws java.lang.Exception
This method returns the desired MessageDigest object. iSaSiLk makes use of the following algorithms:

Overrides:
getMessageDigest in class SecurityProvider
Parameters:
algorithm - the name of the algorithm
Throws:
java.lang.Exception

getSignature

protected java.security.Signature getSignature(java.lang.String algorithm,
                                               int mode,
                                               java.security.Key key,
                                               java.security.SecureRandom random)
                                        throws java.lang.Exception
Return an implementation for the requested algorithm from the IAIK provider. For more documentation see the superclass SecurityProvider.

Overrides:
getSignature in class SecurityProvider
Throws:
java.lang.Exception

getCipher

protected javax.crypto.Cipher getCipher(java.lang.String algorithm,
                                        int mode,
                                        java.security.Key key,
                                        java.security.spec.AlgorithmParameterSpec param,
                                        java.security.SecureRandom random)
                                 throws java.lang.Exception
Return an implementation for the requested algorithm from the IAIK provider. For more documentation see the superclass SecurityProvider.

Overrides:
getCipher in class SecurityProvider
Throws:
java.lang.Exception

aeadEncrypt

protected int aeadEncrypt(javax.crypto.Cipher cipher,
                          javax.crypto.SecretKey key,
                          byte[] in,
                          int inOff,
                          int inLen,
                          byte[] out,
                          int outOff,
                          byte[] aad,
                          byte[] nonce,
                          int macSize,
                          java.security.SecureRandom random)
                   throws java.lang.Exception
Uses the given cipher to AEAD encrypt the given data with the given key.

AEAD (authenticated encryption with additional data) cipher suites have been introduced by TLS 1.2 (RFC 5246). They do not require a separate mac calculation because data integrity is already ensured during AEAD encryption.
AEAD is specified in RFC 5116, AES Galois Counter Mode (GCM) Cipher Suites for TLS are specified in RFC 5288, and Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM) are specified in RFC 5289.

The AEAD (write) Cipher object for this method has been created by a previous call to method getCipher and is used throughout the entire TLS session with some specific peer. However, with any call of this method the Cipher has to be initialized anew with the given key. This has to be done inside the method because the AEAD parameters built from given additional authentication data, nonce and mac size may depend on the JCA provider that is used for encryption. After initializing the Cipher the required update and/or doFinal calls have to be made to encrypt inLen data bytes from the in array and write the encrypted data to the out array, starting at offset outOff. The output data shall consist of the encrypted data and (followed by) the authentication tag: encrypted data || mac.

The default implementation of this method throws an exception since a provider independent AEAD API (parameter classes) was not available before Java 7.

Overrides:
aeadEncrypt in class SecurityProvider
Parameters:
cipher - the AEAD (GCM) Cipher object to be used for encryption
key - the cipher key to be used for intializing the Cipher
inOff - the offset indicating the start of the message data in the in byte array
inLen - the number of bytes to encrypt
out - the array to which to write the encrypted message
outOff - the offset indicating the start position in the out byte array
aad - the additional authentication data (not (!) cloned)
nonce - the nonce (not (!) cloned)
macSize - the size of the mac (authentication tag)
random - the SecureRandom that may be used when random numbers are required
Returns:
the number of bytes that are written to the out byte array
Throws:
java.lang.Exception - if an error occurs during encryption

aeadDecrypt

protected int aeadDecrypt(javax.crypto.Cipher cipher,
                          javax.crypto.SecretKey key,
                          byte[] in,
                          int inOff,
                          int inLen,
                          byte[] out,
                          int outOff,
                          byte[] aad,
                          byte[] nonce,
                          int macSize)
                   throws java.lang.Exception
Uses the given cipher to AEAD decrypt the given encrypted data with the given key.

AEAD (authenticated encryption with additional data) cipher suites have been introduced by TLS 1.2 (RFC 5246). They do not require a separate mac calculation because data integrity is already ensured during AEAD encryption.
AEAD is specified in RFC 5116, AES Galois Counter Mode (GCM) Cipher Suites for TLS are specified in RFC 5288, and Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM) are specified in RFC 5289.

The AEAD (read) Cipher object for this method has been created by a previous call to method getCipher and is used throughout the entire TLS session with some specific peer. However, with any call of this method the Cipher has to be initialized anew with the given key. This has to be done inside the method because the AEAD parameters built from given additional authentication data, nonce and mac size may depend on the JCA provider that is used for decryption. After initializing the Cipher the required update and/or doFinal calls have to be made to decrypt inLen data bytes from the in array and write the decrypted data to the out array, starting at offset outOff. The input data contains the encrypted data and the authentication tag: encrypted data || mac. For that reason an implementation of this method may first parse the authentication tag from the in array (if, e.g., required as parameter for Cipher initialization) or may pass the whole in data as it is to the Cipher update, doFinal calls (and let the Cipher take care from getting the authentication tag), depending on the specific JCA provider implementation.

The default implementation of this method throws an exception since a provider independent AEAD API (parameter classes) was not available before Java 7.

Overrides:
aeadDecrypt in class SecurityProvider
Parameters:
cipher - the AEAD (GCM) Cipher object to be used for encryption
key - the cipher key to be used for intializing the Cipher
inOff - the offset indicating the start of the message data in the in byte array
inLen - the number of bytes to encrypt
out - the array to which to write the encrypted message
outOff - the offset indicating the start position in the out byte array
aad - the additional authentication data (not (!) cloned)
nonce - the nonce (not (!) cloned)
macSize - the size of the mac (authentication tag)
Returns:
the number of bytes that are written to the out byte array
Throws:
java.lang.Exception - if an error occurs during encryption

getTLSServerName

protected java.lang.String[] getTLSServerName(java.security.cert.X509Certificate cert)
Return the TLS servername from the certificate. This implementation makes use of the IAIK JCE certificate API. It looks for the server name in this order in
  1. the subject alternate name extension (as DNS name, iPAddress)
  2. the Netscape SSLServerName extension
  3. the subject's common name

Overrides:
getTLSServerName in class SecurityProvider
Parameters:
cert - the cert from which to get the server name(s)
Returns:
null since this operation cannot be supported by the general SecurityProvider implementation

getTLSServerName

public ServerName[] getTLSServerName(int nameType,
                                     java.security.cert.X509Certificate serverCert)
Gets the TLS server name(s) from the given certificate. In contrast to method getTLSServerName(X509Certificate) which returns the server name(s) as String(s), this method return(s) the server name(s) as instances of class ServerName.
The ServerName structure has been introduced by RFC 4366 (TLS Extensions). It maybe sent within a Server Name Indication extension from the client to the server to help the server to select a certificate in accordance with the server name(s) received from the client (see RFC 4366):
   struct {
       NameType name_type;
       select (name_type) {
           case host_name: HostName;
       } name;
   } ServerName;
 
   enum {
       host_name(0), (255)
   } NameType;
 
   opaque HostName<1..2^16-1>;
   
   struct {
       ServerName server_name_list<1..2^16-1>
   } ServerNameList;
 
Each ServerName in the list consists of a type and a name. Currently only one type HostName is defined by RFC 4366. It represents the UTF-8 encoded DNS host name of the server. Other name types may be added in the future.
The iSaSiLk default ServerName implementation generally does not interpret the name type and expects that a name is encoded according to the UTF-8 syntax. If you want to support (or especially interpret) other name types, or if you want to implement full IDNA naming comparison, you may write your own ServerName class and override the corresponding getTLSServerName SecurityProvider methods to use your ServerName implementation.

This method tries to build TLS ServerNames from name information that may be included in a X.509 certificate. It is used by iSaSiLk for mapping server credentials to server names.

Overrides:
getTLSServerName in class SecurityProvider
Parameters:
nameType - the type of the server name (currently only HostName) is specified
serverCert - the certificate of the server
Returns:
the server name(s) contained in the server certificate; an empty array indicates that no server name was found in the certificate; null signals to the ChainVerifier that this operation is not supported.

calculateTrustedAuthorityIdentifier

public byte[] calculateTrustedAuthorityIdentifier(int type,
                                                  java.security.cert.X509Certificate certificate)
                                           throws java.lang.Exception
Calculates a TrustedAuthority identifier of the given type from the given certificate.

The identifier type has to be one of the following (see RFC 4366):

  1. pre_agreed: does not provide any identification information about the CA root key
  2. key_sha1_hash: the CA root key is identified by a SHA-1 hash of the public key. For DSA and ECDSA keys the hash is calculated from the subjectPublicKey field, for RSA keys the hash is calculated from the big-endian byte representation of the modulus (without leading 0-bytes) (see RFC 4366).
  3. x509_name: the CA root key is identified by the DER encoded distinguished name of the CA
  4. cert_sha1_hash: the CA root key is identified by the SHA-1 hash of the DER encoded CA certificate

Overrides:
calculateTrustedAuthorityIdentifier in class SecurityProvider
Parameters:
type - the identifier type; PRE_AGREED (0), KEY_SHA1_HASH (1), KEY_X509_NAME (2), or CERT_SHA1_HASH (3)
certificate - the certificate from which to calculate the identifier
Returns:
the identifier
Throws:
java.lang.IllegalArgumentException - if identifierType is invalid (not PRE_AGREED (0), KEY_SHA1_HASH (1), KEY_X509_NAME (2), or CERT_SHA1_HASH (3)), or the given certificate is null
java.lang.Exception - if an error occurs while calculating the identifier

createCertStatusRequest

public byte[] createCertStatusRequest(int statusType)
                               throws java.lang.Exception
Creates a status request to be sent within a status_request extension.
This method is called if the application does not specify a status request when creating a CertificateStatusRequest extension. This may be suitable when, for instance, using ocsp status requests and let iSaSiLk calculate a fresh Nonce extension anytime a status request is sent.

The byte array returned by this method must contain the TLS encoded request field of the CertificateStatusRequest structure (see RFC 4366):

  struct {
    CertificateStatusType status_type;
        select (status_type) {
            case ocsp: OCSPStatusRequest;
        } request;
    } CertificateStatusRequest;

    enum { ocsp(1), (255) } CertificateStatusType;

    struct {
        ResponderID responder_id_list<0..2^16-1>;
        Extensions  request_extensions;
    } OCSPStatusRequest;

    opaque ResponderID<1..2^16-1>;
    opaque Extensions<0..2^16-1>;
 

Currently only one status type, ocsp is specified (see RFC 4366). This also is the only status type supported by this method. It creates an OCSPStatusRequest with no responder ids and one request extension, Nonce with a random nonce value.

Overrides:
createCertStatusRequest in class SecurityProvider
Parameters:
statusType - the certificate status type
Returns:
the TLS encoded status request (OCSPStatusRequest)
Throws:
java.lang.Exception - if an error occurs when creating the ocsp status request or the requested status type is not ocsp

getSecureRandom

protected java.security.SecureRandom getSecureRandom()
Return an instance of the default SecureRandom class set in iaik.security.random.SecRandom. For more documentation see the superclass SecurityProvider.

Overrides:
getSecureRandom in class SecurityProvider

deriveKey

public javax.crypto.SecretKey deriveKey(java.lang.String algorithm,
                                        char[] password,
                                        byte[] salt,
                                        int iterationCount,
                                        int keyLen,
                                        java.lang.String keyName,
                                        java.security.SecureRandom random)
                                 throws java.lang.Exception
Uses the specified key derivation function to derive a key from the given password. This method only is used by the DefaultPSKManager to derive a key from a password for pbe protected storing the contents of the psk manager. You may override this method if you want to use your self-designed SecurityProvider. However, note that this method is NOT required for the normal SSL/TLS protocol working, even if PSK cipher suites are used. It is only required if you are using the DefaultPSKManager and want to pbe protected store/ read the contents of the manager.

Overrides:
deriveKey in class SecurityProvider
Parameters:
algorithm - the name of key derivation function to be used ("PBKDF2")
password - the password to be used
salt - the salt value for the key derivation function
iterationCount - the iteration count value for the key derivation function
keyLen - the length of the key to be derived from the password
keyName - the (algorithm) name of the derived key
random - SecureRandom for providing random numbers if required by the key derivation function in use
Returns:
the derived key
Throws:
if - an error occurs when generating the key
java.lang.Exception

loadKeyStore

public java.security.KeyStore loadKeyStore(java.lang.String keyStoreFile,
                                           char[] keyStorePassword,
                                           java.lang.String keyStoreType,
                                           java.lang.String keyStoreProvider)
                                    throws java.lang.Exception
Loads a KeyStore from the given file protected with the given password.

Overrides:
loadKeyStore in class SecurityProvider
Parameters:
keyStoreFile - the name of the KeyStore file
keyStorePassword - the KeyStore password
keyStoreType - the KeyStore type; default: IAIKKeyStore
keyStoreProvider - the KeyStore provider; default: IAIK
Returns:
the KeyStore just loaded
Throws:
java.lang.Exception - if an error occurs when loading the KeyStore

checkCreatedRSAServerKeyExchangeSignature

protected boolean checkCreatedRSAServerKeyExchangeSignature()
Asks whether to check an RSA ServerKeyExchange signature immediately after signature creation.
Verification of the RSA signature maybe appropriate as countermeasure against against RSA CRT key leaks (Florian Weimer sept 2015: "Factoring RSA Keys With TLS Perfect Forward Secrecy"). This method returns true for IAIK provider versions <= 5.25. IAIK provider versions > 5.25 already include the verification step.

Overrides:
checkCreatedRSAServerKeyExchangeSignature in class SecurityProvider
Returns:
true for IAIK provider versions <= 5.25, false otherwise

This Javadoc may contain text parts from text parts from IETF Internet Standard specifications (see copyright note).

iSaSiLk 5.104, (c) 2002 IAIK, (c) 2003 - 2015 SIC