diff options
Diffstat (limited to 'src/org/noreply/fancydress/type3')
-rw-r--r-- | src/org/noreply/fancydress/type3/mmtp/MMTP.java | 61 |
1 files changed, 43 insertions, 18 deletions
diff --git a/src/org/noreply/fancydress/type3/mmtp/MMTP.java b/src/org/noreply/fancydress/type3/mmtp/MMTP.java index bc19e8e..63f1f6f 100644 --- a/src/org/noreply/fancydress/type3/mmtp/MMTP.java +++ b/src/org/noreply/fancydress/type3/mmtp/MMTP.java @@ -5,15 +5,18 @@ import org.noreply.fancydress.type3.routing.*; import org.noreply.fancydress.type3.*; import org.noreply.fancydress.crypto.*; import org.noreply.fancydress.misc.*; +import org.noreply.fancydress.status.*; import javax.net.ssl.*; import java.net.*; import java.io.*; +import java.util.*; import java.security.*; public class MMTP { - private static final String[] acceptableCipherSuits = {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA"}; - private static final String[] acceptableProtocols = {"TLSv1"}; - //private static final String[] acceptableCipherSuits = {"SSL3_RSA_DES_192_CBC3_SHA"}; + static final String TLS_PROTO = "TLSv1"; + static final String SSL_PROTO = "SSLv3"; + static final String TLS_DHE_RSA_WITH_AES_128_CBC_SHA = "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"; + static final String SSL3_RSA_DES_192_CBC3_SHA = "SSL_RSA_WITH_3DES_EDE_CBC_SHA"; public static void send(Packet packet) throws Exception { byte[] hash = CryptoPrimitives.hash(packet.asOctets(), Util.toOctets("SEND")); @@ -26,23 +29,47 @@ public class MMTP { context.init(null, trustManagers, null); SSLSocketFactory socketFactory = context.getSocketFactory(); - //SSLSocketFactory socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); SSLSocket socket = (SSLSocket) socketFactory.createSocket("127.0.0.1", 48099); - socket.setEnabledCipherSuites(acceptableCipherSuits); - socket.setEnabledProtocols(acceptableProtocols); - try { - socket.startHandshake(); - } catch (Exception e) {}; - OutputStream out = socket.getOutputStream(); - InputStream in = socket.getInputStream(); + String[] supportedProtocols = socket.getSupportedProtocols(); + boolean haveTLSv1 = false; + boolean haveSSLv3 = false; + for (int i=0; i<supportedProtocols.length; i++) { + if (supportedProtocols[i].equals(TLS_PROTO)) + haveTLSv1 = true; + else if (supportedProtocols[i].equals(SSL_PROTO)) + haveSSLv3 = true; + } + + String[] supportedCipherSuits = socket.getSupportedCipherSuites(); + boolean acceptableFound = false; + for (int i=0; i<supportedCipherSuits.length; i++) { + if (haveTLSv1 && supportedCipherSuits[i].equals(TLS_DHE_RSA_WITH_AES_128_CBC_SHA)) { + socket.setEnabledProtocols( new String[] { TLS_PROTO } ); + socket.setEnabledCipherSuites( new String[] { TLS_DHE_RSA_WITH_AES_128_CBC_SHA } ); + acceptableFound = true; + break; + } else if (haveSSLv3 && supportedCipherSuits[i].equals(SSL3_RSA_DES_192_CBC3_SHA)) { + socket.setEnabledProtocols( new String[] { SSL_PROTO } ); + socket.setEnabledCipherSuites( new String[] { SSL3_RSA_DES_192_CBC3_SHA } ); + acceptableFound = true; + break; + } + } + + if (!acceptableFound) + throw new Mix3Exception("Did not found an acceptable Cipher Suit."); + + socket.startHandshake(); + OutputStream out = socket.getOutputStream(); + InputStream in = socket.getInputStream(); out.write(Util.toOctets("MMTP 0.3\r\n")); out.flush(); byte[] foo = new byte[10]; int got = in.read(foo, 0, foo.length); - if ((got != 10) || (!Util.equal(foo, Util.toOctets("MMTP 0.3\r\n")))) { + if ((got != 10) || (!Util.equal(foo, Util.toOctets("MMTP 0.3\r\n")))) { // FIXME in.close(); socket.close(); throw new IOException("Do not agree on MMTP version."); @@ -52,14 +79,12 @@ public class MMTP { out.write(hash); out.flush(); got = in.read(ackRead, 0, ackRead.length); - if ((got != ackExpected.length) || - (!Util.equal(ackRead, ackExpected))) { - System.out.println("Got NAK"); - } else { - System.out.println("Got ACK"); - }; in.close(); out.close(); socket.close(); + + if ((got != ackExpected.length) || + (!Util.equal(ackRead, ackExpected))) + throw new Mix3Exception("got no valid ACK from server."); } } |