1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 package org.apache.harmony.xnet.provider.jsse; 19 20 import org.apache.harmony.xnet.provider.jsse.Logger; 21 22 import javax.crypto.Cipher; 23 24 /** 25 * This abstract class is a base for Record Protocol operating environmet 26 * of different SSL protocol versions. 27 */ 28 public abstract class ConnectionState { 29 30 /** 31 * The cipher used for encode operations 32 */ 33 protected Cipher encCipher; 34 35 /** 36 * The cipher used for decode operations 37 */ 38 protected Cipher decCipher; 39 40 /** 41 * The cipher type 42 */ 43 protected boolean is_block_cipher; 44 45 /** 46 * The size of MAC used under this connection state 47 */ 48 protected int hash_size; 49 50 /** 51 * Write sequence number which is incremented after each 52 * encrypt call 53 */ 54 protected final byte[] write_seq_num = {0, 0, 0, 0, 0, 0, 0, 0}; 55 56 /** 57 * Read sequence number which is incremented after each 58 * decrypt call 59 */ 60 protected final byte[] read_seq_num = {0, 0, 0, 0, 0, 0, 0, 0}; 61 62 protected Logger.Stream logger = Logger.getStream("conn_state"); 63 64 /** 65 * Returns the minimal possible size of the 66 * Generic[Stream|Generic]Cipher structure under this 67 * connection state. 68 */ 69 protected int getMinFragmentSize() { 70 // block ciphers return value with padding included 71 return encCipher.getOutputSize(1+hash_size); // 1 byte for data 72 } 73 74 /** 75 * Returns the size of the Generic[Stream|Generic]Cipher structure 76 * corresponding to the content data of specified size. 77 */ 78 protected int getFragmentSize(int content_size) { 79 return encCipher.getOutputSize(content_size+hash_size); 80 } 81 82 /** 83 * Returns the minimal upper bound of the content size enclosed 84 * into the Generic[Stream|Generic]Cipher structure of specified size. 85 * For stream ciphers the returned value will be exact value. 86 */ 87 protected int getContentSize(int generic_cipher_size) { 88 //it does not take the padding of block ciphered structures 89 //into account (so returned value can be greater than actual) 90 return decCipher.getOutputSize(generic_cipher_size)-hash_size; 91 } 92 93 /** 94 * Creates the GenericStreamCipher or GenericBlockCipher 95 * data structure for specified data of specified type. 96 * @param type - the ContentType of the provided data 97 * @param fragment - the byte array containing the 98 * data to be encrypted under the current connection state. 99 */ 100 protected byte[] encrypt(byte type, byte[] fragment) { 101 return encrypt(type, fragment, 0, fragment.length); 102 } 103 104 /** 105 * Creates the GenericStreamCipher or GenericBlockCipher 106 * data structure for specified data of specified type. 107 * @param type - the ContentType of the provided data 108 * @param fragment - the byte array containing the 109 * data to be encrypted under the current connection state. 110 * @param offset - the offset from which the data begins with. 111 * @param len - the length of the data. 112 */ 113 protected abstract byte[] encrypt 114 (byte type, byte[] fragment, int offset, int len); 115 116 /** 117 * Retrieves the fragment of the Plaintext structure of 118 * the specified type from the provided data. 119 * @param type - the ContentType of the data to be decrypted. 120 * @param fragment - the byte array containing the 121 * data to be encrypted under the current connection state. 122 */ 123 protected byte[] decrypt(byte type, byte[] fragment) { 124 return decrypt(type, fragment, 0, fragment.length); 125 } 126 127 /** 128 * Retrieves the fragment of the Plaintext structure of 129 * the specified type from the provided data. 130 * @param type - the ContentType of the data to be decrypted. 131 * @param fragment - the byte array containing the 132 * data to be encrypted under the current connection state. 133 * @param offset - the offset from which the data begins with. 134 * @param len - the length of the data. 135 */ 136 protected abstract byte[] decrypt 137 (byte type, byte[] fragment, int offset, int len); 138 139 /** 140 * Increments the sequence number. 141 */ 142 protected static void incSequenceNumber(byte[] seq_num) { 143 int octet = 7; 144 while (octet >= 0) { 145 seq_num[octet] ++; 146 if (seq_num[octet] == 0) { 147 // characteristic overflow, so 148 // carrying a number in adding 149 octet --; 150 } else { 151 return; 152 } 153 } 154 } 155 156 /** 157 * Shutdownes the protocol. It will be impossiblke to use the instance 158 * after the calling of this method. 159 */ 160 protected void shutdown() { 161 encCipher = null; 162 decCipher = null; 163 for (int i=0; i<write_seq_num.length; i++) { 164 write_seq_num[i] = 0; 165 read_seq_num[i] = 0; 166 } 167 } 168 } 169 170