diff options
| author | Brian Carlstrom <bdc@google.com> | 2012-03-27 23:25:01 -0700 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2012-03-27 23:25:01 -0700 |
| commit | 12b42fd0252d5423e167dbccd2e09b82018b7a5b (patch) | |
| tree | 84a4856a45bb0e634b3826b665cc08b1a03d0b87 /luni/src | |
| parent | 0c224360a4deec32eaf66e5420fbf01790ee2d13 (diff) | |
| parent | b9f9831a0800adbb6b67ab5bdc62292aa034992b (diff) | |
| download | libcore-12b42fd0252d5423e167dbccd2e09b82018b7a5b.zip libcore-12b42fd0252d5423e167dbccd2e09b82018b7a5b.tar.gz libcore-12b42fd0252d5423e167dbccd2e09b82018b7a5b.tar.bz2 | |
Merge "Use WRAP/UNWRAP for key exchange"
Diffstat (limited to 'luni/src')
| -rw-r--r-- | luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java | 7 | ||||
| -rw-r--r-- | luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java | 6 |
2 files changed, 8 insertions, 5 deletions
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java index d21aa2c..4b29363 100644 --- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java +++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java @@ -36,6 +36,7 @@ import javax.crypto.interfaces.DHKey; import javax.crypto.interfaces.DHPublicKey; import javax.crypto.spec.DHParameterSpec; import javax.crypto.spec.DHPublicKeySpec; +import javax.crypto.spec.SecretKeySpec; import javax.net.ssl.X509ExtendedKeyManager; import javax.net.ssl.X509KeyManager; import javax.security.auth.x500.X500Principal; @@ -416,10 +417,10 @@ public class ClientHandshakeImpl extends HandshakeProtocol { try { c = Cipher.getInstance("RSA/ECB/PKCS1Padding"); if (serverKeyExchange != null) { - c.init(Cipher.ENCRYPT_MODE, serverKeyExchange + c.init(Cipher.WRAP_MODE, serverKeyExchange .getRSAPublicKey()); } else { - c.init(Cipher.ENCRYPT_MODE, serverCert.certs[0]); + c.init(Cipher.WRAP_MODE, serverCert.certs[0]); } } catch (Exception e) { fatalAlert(AlertProtocol.INTERNAL_ERROR, @@ -431,7 +432,7 @@ public class ClientHandshakeImpl extends HandshakeProtocol { System.arraycopy(clientHello.client_version, 0, preMasterSecret, 0, 2); try { clientKeyExchange = new ClientKeyExchange(c - .doFinal(preMasterSecret), + .wrap(new SecretKeySpec(preMasterSecret, "preMasterSecret")), serverHello.server_version[1] == 1); } catch (Exception e) { fatalAlert(AlertProtocol.INTERNAL_ERROR, diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java index 613e671..c5e1838 100644 --- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java +++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java @@ -205,8 +205,10 @@ public class ServerHandshakeImpl extends HandshakeProtocol { Cipher c = null; try { c = Cipher.getInstance("RSA/ECB/PKCS1Padding"); - c.init(Cipher.DECRYPT_MODE, privKey); - preMasterSecret = c.doFinal(clientKeyExchange.exchange_keys); + c.init(Cipher.UNWRAP_MODE, privKey); + preMasterSecret = c.unwrap(clientKeyExchange.exchange_keys, + "preMasterSecret", + Cipher.SECRET_KEY).getEncoded(); // check preMasterSecret: if (preMasterSecret.length != 48 || preMasterSecret[0] != clientHello.client_version[0] |