rocket-js 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Rakefile +5 -52
- data/spec/ruby/spec_helper.rb +2 -1
- metadata +7 -129
- data/src/vendor/web-socket-js/FABridge.js +0 -604
- data/src/vendor/web-socket-js/README.txt +0 -109
- data/src/vendor/web-socket-js/WebSocketMain.swf +0 -0
- data/src/vendor/web-socket-js/WebSocketMainInsecure.zip +0 -0
- data/src/vendor/web-socket-js/flash-src/WebSocket.as +0 -473
- data/src/vendor/web-socket-js/flash-src/WebSocketMain.as +0 -88
- data/src/vendor/web-socket-js/flash-src/WebSocketMainInsecure.as +0 -19
- data/src/vendor/web-socket-js/flash-src/WebSocketStateEvent.as +0 -32
- data/src/vendor/web-socket-js/flash-src/bridge/FABridge.as +0 -943
- data/src/vendor/web-socket-js/flash-src/build.sh +0 -10
- data/src/vendor/web-socket-js/flash-src/com/adobe/net/proxies/RFC2817Socket.as +0 -204
- data/src/vendor/web-socket-js/flash-src/com/gsolo/encryption/MD5.as +0 -375
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/Crypto.as +0 -287
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/cert/MozillaRootCertificates.as +0 -3235
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/cert/X509Certificate.as +0 -218
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/cert/X509CertificateCollection.as +0 -57
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/hash/HMAC.as +0 -82
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/hash/IHMAC.as +0 -27
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/hash/IHash.as +0 -21
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/hash/MAC.as +0 -137
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/hash/MD2.as +0 -124
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/hash/MD5.as +0 -204
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/hash/SHA1.as +0 -106
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/hash/SHA224.as +0 -28
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/hash/SHA256.as +0 -115
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/hash/SHABase.as +0 -71
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/prng/ARC4.as +0 -90
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/prng/IPRNG.as +0 -20
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/prng/Random.as +0 -119
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/prng/TLSPRF.as +0 -142
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/rsa/RSAKey.as +0 -339
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/AESKey.as +0 -2797
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/BlowFishKey.as +0 -375
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/CBCMode.as +0 -55
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/CFB8Mode.as +0 -61
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/CFBMode.as +0 -64
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/CTRMode.as +0 -58
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/DESKey.as +0 -365
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/ECBMode.as +0 -86
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/ICipher.as +0 -21
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/IMode.as +0 -15
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/IPad.as +0 -32
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/IStreamCipher.as +0 -21
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/ISymmetricKey.as +0 -35
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/IVMode.as +0 -110
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/NullPad.as +0 -34
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/OFBMode.as +0 -52
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/PKCS5.as +0 -44
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/SSLPad.as +0 -44
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/SimpleIVMode.as +0 -60
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/TLSPad.as +0 -42
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/TripleDESKey.as +0 -88
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/XTeaKey.as +0 -94
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/aeskey.pl +0 -29
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/symmetric/dump.txt +0 -2304
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/AESKeyTest.as +0 -1220
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/ARC4Test.as +0 -58
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/BigIntegerTest.as +0 -39
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/BlowFishKeyTest.as +0 -148
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/CBCModeTest.as +0 -160
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/CFB8ModeTest.as +0 -71
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/CFBModeTest.as +0 -98
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/CTRModeTest.as +0 -109
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/DESKeyTest.as +0 -112
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/ECBModeTest.as +0 -151
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/HMACTest.as +0 -184
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/ITestHarness.as +0 -20
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/MD2Test.as +0 -56
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/MD5Test.as +0 -58
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/OFBModeTest.as +0 -101
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/RSAKeyTest.as +0 -92
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/SHA1Test.as +0 -198
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/SHA224Test.as +0 -58
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/SHA256Test.as +0 -60
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/TLSPRFTest.as +0 -51
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/TestCase.as +0 -42
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/TripleDESKeyTest.as +0 -59
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/XTeaKeyTest.as +0 -66
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/BulkCiphers.as +0 -102
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/CipherSuites.as +0 -117
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/IConnectionState.as +0 -14
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/ISecurityParameters.as +0 -29
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/KeyExchanges.as +0 -24
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/MACs.as +0 -38
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/SSLConnectionState.as +0 -171
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/SSLEvent.as +0 -26
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/SSLSecurityParameters.as +0 -340
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/TLSConfig.as +0 -70
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/TLSConnectionState.as +0 -151
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/TLSEngine.as +0 -895
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/TLSError.as +0 -39
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/TLSEvent.as +0 -27
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/TLSSecurityParameters.as +0 -197
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/TLSSocket.as +0 -370
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/TLSSocketEvent.as +0 -26
- data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/TLSTest.as +0 -180
- data/src/vendor/web-socket-js/flash-src/com/hurlant/math/BarrettReduction.as +0 -90
- data/src/vendor/web-socket-js/flash-src/com/hurlant/math/BigInteger.as +0 -1543
- data/src/vendor/web-socket-js/flash-src/com/hurlant/math/ClassicReduction.as +0 -35
- data/src/vendor/web-socket-js/flash-src/com/hurlant/math/IReduction.as +0 -11
- data/src/vendor/web-socket-js/flash-src/com/hurlant/math/MontgomeryReduction.as +0 -85
- data/src/vendor/web-socket-js/flash-src/com/hurlant/math/NullReduction.as +0 -34
- data/src/vendor/web-socket-js/flash-src/com/hurlant/math/bi_internal.as +0 -11
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/ArrayUtil.as +0 -25
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/Base64.as +0 -189
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/Hex.as +0 -66
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/Memory.as +0 -28
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/ByteString.as +0 -43
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/DER.as +0 -210
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/IAsn1Type.as +0 -21
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/Integer.as +0 -44
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/OID.as +0 -35
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/ObjectIdentifier.as +0 -112
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/PEM.as +0 -118
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/PrintableString.as +0 -49
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/Sequence.as +0 -90
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/Set.as +0 -27
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/Type.as +0 -94
- data/src/vendor/web-socket-js/flash-src/com/hurlant/util/der/UTCTime.as +0 -60
- data/src/vendor/web-socket-js/sample.html +0 -76
- data/src/vendor/web-socket-js/swfobject.js +0 -4
- data/src/vendor/web-socket-js/web_socket.js +0 -388
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* SSLEvent
|
|
3
|
-
*
|
|
4
|
-
* This is used by TLSEngine to let the application layer know
|
|
5
|
-
* when we're ready for sending, or have received application data
|
|
6
|
-
* This Event was created by Bobby Parker to support SSL 3.0.
|
|
7
|
-
*
|
|
8
|
-
* See LICENSE.txt for full license information.
|
|
9
|
-
*/
|
|
10
|
-
package com.hurlant.crypto.tls {
|
|
11
|
-
import flash.events.Event;
|
|
12
|
-
import flash.utils.ByteArray;
|
|
13
|
-
|
|
14
|
-
public class SSLEvent extends Event {
|
|
15
|
-
|
|
16
|
-
static public const DATA:String = "data";
|
|
17
|
-
static public const READY:String = "ready";
|
|
18
|
-
|
|
19
|
-
public var data:ByteArray;
|
|
20
|
-
|
|
21
|
-
public function SSLEvent(type:String, data:ByteArray = null) {
|
|
22
|
-
this.data = data;
|
|
23
|
-
super(type, false, false);
|
|
24
|
-
}
|
|
25
|
-
}
|
|
26
|
-
}
|
|
@@ -1,340 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* TLSSecurityParameters
|
|
3
|
-
*
|
|
4
|
-
* This class encapsulates all the security parameters that get negotiated
|
|
5
|
-
* during the TLS handshake. It also holds all the key derivation methods.
|
|
6
|
-
* Copyright (c) 2007 Henri Torgemane
|
|
7
|
-
*
|
|
8
|
-
* See LICENSE.txt for full license information.
|
|
9
|
-
*/
|
|
10
|
-
package com.hurlant.crypto.tls {
|
|
11
|
-
import com.hurlant.crypto.hash.MD5;
|
|
12
|
-
import com.hurlant.crypto.hash.SHA1;
|
|
13
|
-
import com.hurlant.util.Hex;
|
|
14
|
-
|
|
15
|
-
import flash.utils.ByteArray;
|
|
16
|
-
|
|
17
|
-
public class SSLSecurityParameters implements ISecurityParameters {
|
|
18
|
-
|
|
19
|
-
// COMPRESSION
|
|
20
|
-
public static const COMPRESSION_NULL:uint = 0;
|
|
21
|
-
|
|
22
|
-
private var entity:uint; // SERVER | CLIENT
|
|
23
|
-
private var bulkCipher:uint; // BULK_CIPHER_*
|
|
24
|
-
private var cipherType:uint; // STREAM_CIPHER | BLOCK_CIPHER
|
|
25
|
-
private var keySize:uint;
|
|
26
|
-
private var keyMaterialLength:uint;
|
|
27
|
-
private var keyBlock:ByteArray;
|
|
28
|
-
private var IVSize:uint;
|
|
29
|
-
private var MAC_length:uint;
|
|
30
|
-
private var macAlgorithm:uint; // MAC_*
|
|
31
|
-
private var hashSize:uint;
|
|
32
|
-
private var compression:uint; // COMPRESSION_NULL
|
|
33
|
-
private var masterSecret:ByteArray; // 48 bytes
|
|
34
|
-
private var clientRandom:ByteArray; // 32 bytes
|
|
35
|
-
private var serverRandom:ByteArray; // 32 bytes
|
|
36
|
-
private var pad_1:ByteArray; // varies
|
|
37
|
-
private var pad_2:ByteArray; // varies
|
|
38
|
-
private var ignoreCNMismatch:Boolean = true;
|
|
39
|
-
private var trustAllCerts:Boolean = false;
|
|
40
|
-
private var trustSelfSigned:Boolean = false;
|
|
41
|
-
public static const PROTOCOL_VERSION:uint = 0x0300;
|
|
42
|
-
|
|
43
|
-
// not strictly speaking part of this, but yeah.
|
|
44
|
-
public var keyExchange:uint;
|
|
45
|
-
|
|
46
|
-
public function get version() : uint {
|
|
47
|
-
return PROTOCOL_VERSION;
|
|
48
|
-
}
|
|
49
|
-
public function SSLSecurityParameters(entity:uint, localCert:ByteArray = null, localKey:ByteArray = null) {
|
|
50
|
-
this.entity = entity;
|
|
51
|
-
reset();
|
|
52
|
-
}
|
|
53
|
-
|
|
54
|
-
public function reset():void {
|
|
55
|
-
bulkCipher = BulkCiphers.NULL;
|
|
56
|
-
cipherType = BulkCiphers.BLOCK_CIPHER;
|
|
57
|
-
macAlgorithm = MACs.NULL;
|
|
58
|
-
compression = COMPRESSION_NULL;
|
|
59
|
-
masterSecret = null;
|
|
60
|
-
}
|
|
61
|
-
|
|
62
|
-
public function getBulkCipher():uint {
|
|
63
|
-
return bulkCipher;
|
|
64
|
-
}
|
|
65
|
-
public function getCipherType():uint {
|
|
66
|
-
return cipherType;
|
|
67
|
-
}
|
|
68
|
-
public function getMacAlgorithm():uint {
|
|
69
|
-
return macAlgorithm;
|
|
70
|
-
}
|
|
71
|
-
|
|
72
|
-
public function setCipher(cipher:uint):void {
|
|
73
|
-
bulkCipher = CipherSuites.getBulkCipher(cipher);
|
|
74
|
-
cipherType = BulkCiphers.getType(bulkCipher);
|
|
75
|
-
keySize = BulkCiphers.getExpandedKeyBytes(bulkCipher); // 8
|
|
76
|
-
keyMaterialLength = BulkCiphers.getKeyBytes(bulkCipher); // 5
|
|
77
|
-
IVSize = BulkCiphers.getIVSize(bulkCipher);
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
keyExchange = CipherSuites.getKeyExchange(cipher);
|
|
81
|
-
|
|
82
|
-
macAlgorithm = CipherSuites.getMac(cipher);
|
|
83
|
-
hashSize = MACs.getHashSize(macAlgorithm);
|
|
84
|
-
pad_1 = new ByteArray();
|
|
85
|
-
pad_2 = new ByteArray();
|
|
86
|
-
for (var x:int = 0; x < 48; x++) {
|
|
87
|
-
pad_1.writeByte(0x36);
|
|
88
|
-
pad_2.writeByte(0x5c);
|
|
89
|
-
}
|
|
90
|
-
}
|
|
91
|
-
public function setCompression(algo:uint):void {
|
|
92
|
-
compression = algo;
|
|
93
|
-
}
|
|
94
|
-
|
|
95
|
-
public function setPreMasterSecret(secret:ByteArray):void {
|
|
96
|
-
/* Warning! Following code may cause madness
|
|
97
|
-
Tread not here, unless ye be men of valor.
|
|
98
|
-
|
|
99
|
-
***** Official Prophylactic Comment ******
|
|
100
|
-
(to protect the unwary...this code actually works, that's all you need to know)
|
|
101
|
-
|
|
102
|
-
This does two things, computes the master secret, and generates the keyBlock
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
To compute the master_secret, the following algorithm is used.
|
|
106
|
-
for SSL 3, this means
|
|
107
|
-
master = MD5( premaster + SHA1('A' + premaster + client_random + server_random ) ) +
|
|
108
|
-
MD5( premaster + SHA1('BB' + premaster + client_random + server_random ) ) +
|
|
109
|
-
MD5( premaster + SHA1('CCC' + premaster + client_random + server_random ) )
|
|
110
|
-
*/
|
|
111
|
-
var tempHashA:ByteArray = new ByteArray(); // temporary hash, gets reused a lot
|
|
112
|
-
var tempHashB:ByteArray = new ByteArray(); // temporary hash, gets reused a lot
|
|
113
|
-
|
|
114
|
-
var shaHash:ByteArray;
|
|
115
|
-
var mdHash:ByteArray;
|
|
116
|
-
|
|
117
|
-
var i:int;
|
|
118
|
-
var j:int;
|
|
119
|
-
|
|
120
|
-
var sha:SHA1 = new SHA1();
|
|
121
|
-
var md:MD5 = new MD5();
|
|
122
|
-
|
|
123
|
-
var k:ByteArray = new ByteArray();
|
|
124
|
-
|
|
125
|
-
k.writeBytes(secret);
|
|
126
|
-
k.writeBytes(clientRandom);
|
|
127
|
-
k.writeBytes(serverRandom);
|
|
128
|
-
|
|
129
|
-
masterSecret = new ByteArray();
|
|
130
|
-
var pad_char:uint = 0x41;
|
|
131
|
-
|
|
132
|
-
for ( i = 0; i < 3; i++) {
|
|
133
|
-
// SHA portion
|
|
134
|
-
tempHashA.position = 0;
|
|
135
|
-
|
|
136
|
-
for ( j = 0; j < i + 1; j++) {
|
|
137
|
-
tempHashA.writeByte(pad_char);
|
|
138
|
-
}
|
|
139
|
-
pad_char++;
|
|
140
|
-
|
|
141
|
-
tempHashA.writeBytes(k);
|
|
142
|
-
shaHash = sha.hash(tempHashA);
|
|
143
|
-
|
|
144
|
-
// MD5 portion
|
|
145
|
-
tempHashB.position = 0;
|
|
146
|
-
tempHashB.writeBytes(secret);
|
|
147
|
-
tempHashB.writeBytes(shaHash);
|
|
148
|
-
mdHash = md.hash(tempHashB);
|
|
149
|
-
|
|
150
|
-
// copy into my key
|
|
151
|
-
masterSecret.writeBytes(mdHash);
|
|
152
|
-
}
|
|
153
|
-
|
|
154
|
-
// *************** END MASTER SECRET **************
|
|
155
|
-
|
|
156
|
-
// More prophylactic comments
|
|
157
|
-
// *************** START KEY BLOCK ****************
|
|
158
|
-
|
|
159
|
-
// So here, I'm setting up the keyBlock array that I will derive MACs, keys, and IVs from.
|
|
160
|
-
// Rebuild k (hash seed)
|
|
161
|
-
|
|
162
|
-
k.position = 0;
|
|
163
|
-
k.writeBytes(masterSecret);
|
|
164
|
-
k.writeBytes(serverRandom);
|
|
165
|
-
k.writeBytes(clientRandom);
|
|
166
|
-
|
|
167
|
-
keyBlock = new ByteArray();
|
|
168
|
-
|
|
169
|
-
tempHashA = new ByteArray();
|
|
170
|
-
tempHashB = new ByteArray();
|
|
171
|
-
// now for 16 iterations to get 256 bytes (16 * 16), better to have more than not enough
|
|
172
|
-
pad_char = 0x41;
|
|
173
|
-
for ( i = 0; i < 16; i++) {
|
|
174
|
-
tempHashA.position = 0;
|
|
175
|
-
|
|
176
|
-
for ( j = 0; j < i + 1; j++) {
|
|
177
|
-
tempHashA.writeByte(pad_char);
|
|
178
|
-
}
|
|
179
|
-
pad_char++;
|
|
180
|
-
tempHashA.writeBytes(k);
|
|
181
|
-
shaHash = sha.hash(tempHashA);
|
|
182
|
-
|
|
183
|
-
tempHashB.position = 0;
|
|
184
|
-
tempHashB.writeBytes(masterSecret);
|
|
185
|
-
tempHashB.writeBytes(shaHash, 0);
|
|
186
|
-
mdHash = md.hash(tempHashB);
|
|
187
|
-
|
|
188
|
-
keyBlock.writeBytes(mdHash);
|
|
189
|
-
}
|
|
190
|
-
}
|
|
191
|
-
|
|
192
|
-
public function setClientRandom(secret:ByteArray):void {
|
|
193
|
-
clientRandom = secret;
|
|
194
|
-
}
|
|
195
|
-
public function setServerRandom(secret:ByteArray):void {
|
|
196
|
-
serverRandom = secret;
|
|
197
|
-
}
|
|
198
|
-
|
|
199
|
-
public function get useRSA():Boolean {
|
|
200
|
-
return KeyExchanges.useRSA(keyExchange);
|
|
201
|
-
}
|
|
202
|
-
|
|
203
|
-
// This is the Finished message
|
|
204
|
-
// if you value your sanity, stay away...far away
|
|
205
|
-
public function computeVerifyData(side:uint, handshakeMessages:ByteArray):ByteArray {
|
|
206
|
-
// for SSL 3.0, this consists of
|
|
207
|
-
// finished = md5( masterSecret + pad2 + md5( handshake + sender + masterSecret + pad1 ) ) +
|
|
208
|
-
// sha1( masterSecret + pad2 + sha1( handshake + sender + masterSecret + pad1 ) )
|
|
209
|
-
|
|
210
|
-
// trace("Handshake messages: " + Hex.fromArray(handshakeMessages));
|
|
211
|
-
var sha:SHA1 = new SHA1();
|
|
212
|
-
var md:MD5 = new MD5();
|
|
213
|
-
var k:ByteArray = new ByteArray(); // handshake + sender + masterSecret + pad1
|
|
214
|
-
var j:ByteArray = new ByteArray(); // masterSecret + pad2 + k
|
|
215
|
-
|
|
216
|
-
var innerKey:ByteArray;
|
|
217
|
-
var outerKey:ByteArray = new ByteArray();
|
|
218
|
-
|
|
219
|
-
var hashSha:ByteArray;
|
|
220
|
-
var hashMD:ByteArray;
|
|
221
|
-
|
|
222
|
-
var sideBytes:ByteArray = new ByteArray();
|
|
223
|
-
if (side == TLSEngine.CLIENT) {
|
|
224
|
-
sideBytes.writeUnsignedInt(0x434C4E54);
|
|
225
|
-
} else {
|
|
226
|
-
sideBytes.writeUnsignedInt(0x53525652);
|
|
227
|
-
}
|
|
228
|
-
|
|
229
|
-
// Do the SHA1 part of the routine first
|
|
230
|
-
masterSecret.position = 0;
|
|
231
|
-
k.writeBytes(handshakeMessages);
|
|
232
|
-
k.writeBytes(sideBytes);
|
|
233
|
-
k.writeBytes(masterSecret);
|
|
234
|
-
k.writeBytes(pad_1, 0, 40); // limited to 40 chars for SHA1
|
|
235
|
-
|
|
236
|
-
innerKey = sha.hash(k);
|
|
237
|
-
// trace("Inner SHA Key: " + Hex.fromArray(innerKey));
|
|
238
|
-
|
|
239
|
-
j.writeBytes(masterSecret);
|
|
240
|
-
j.writeBytes(pad_2, 0, 40); // limited to 40 chars for SHA1
|
|
241
|
-
j.writeBytes(innerKey);
|
|
242
|
-
|
|
243
|
-
hashSha = sha.hash(j);
|
|
244
|
-
// trace("Outer SHA Key: " + Hex.fromArray(hashSha));
|
|
245
|
-
|
|
246
|
-
// Rebuild k for MD5
|
|
247
|
-
k = new ByteArray();
|
|
248
|
-
|
|
249
|
-
k.writeBytes(handshakeMessages);
|
|
250
|
-
k.writeBytes(sideBytes);
|
|
251
|
-
k.writeBytes(masterSecret);
|
|
252
|
-
k.writeBytes(pad_1); // Take the whole length of pad_1 & pad_2 for MD5
|
|
253
|
-
|
|
254
|
-
innerKey = md.hash(k);
|
|
255
|
-
// trace("Inner MD5 Key: " + Hex.fromArray(innerKey));
|
|
256
|
-
|
|
257
|
-
j = new ByteArray();
|
|
258
|
-
j.writeBytes(masterSecret);
|
|
259
|
-
j.writeBytes(pad_2); // see above re: 48 byte pad
|
|
260
|
-
j.writeBytes(innerKey);
|
|
261
|
-
|
|
262
|
-
hashMD = md.hash(j);
|
|
263
|
-
// trace("Outer MD5 Key: " + Hex.fromArray(hashMD));
|
|
264
|
-
|
|
265
|
-
outerKey.writeBytes(hashMD, 0, hashMD.length);
|
|
266
|
-
outerKey.writeBytes(hashSha, 0, hashSha.length);
|
|
267
|
-
var out:String = Hex.fromArray(outerKey);
|
|
268
|
-
// trace("Finished Message: " + out);
|
|
269
|
-
outerKey.position = 0;
|
|
270
|
-
|
|
271
|
-
return outerKey;
|
|
272
|
-
|
|
273
|
-
}
|
|
274
|
-
|
|
275
|
-
public function computeCertificateVerify( side:uint, handshakeMessages:ByteArray ):ByteArray {
|
|
276
|
-
// TODO: Implement this, but I don't forsee it being necessary at this point in time, since for purposes
|
|
277
|
-
// of the override, I'm only going to use TLS
|
|
278
|
-
return null;
|
|
279
|
-
}
|
|
280
|
-
|
|
281
|
-
public function getConnectionStates():Object {
|
|
282
|
-
|
|
283
|
-
if (masterSecret != null) {
|
|
284
|
-
// so now, I have to derive the actual keys from the keyblock that I generated in setPremasterSecret.
|
|
285
|
-
// for MY purposes, I need RSA-AES 128/256 + SHA
|
|
286
|
-
// so I'm gonna have keylen = 32, minlen = 32, mac_length = 20, iv_length = 16
|
|
287
|
-
// but...I can get this data from the settings returned in the constructor when this object is
|
|
288
|
-
// It strikes me that TLS does this more elegantly...
|
|
289
|
-
|
|
290
|
-
var mac_length:int = hashSize as Number;
|
|
291
|
-
var key_length:int = keySize as Number;
|
|
292
|
-
var iv_length:int = IVSize as Number;
|
|
293
|
-
|
|
294
|
-
var client_write_MAC:ByteArray = new ByteArray();
|
|
295
|
-
var server_write_MAC:ByteArray = new ByteArray();
|
|
296
|
-
var client_write_key:ByteArray = new ByteArray();
|
|
297
|
-
var server_write_key:ByteArray = new ByteArray();
|
|
298
|
-
var client_write_IV:ByteArray = new ByteArray();
|
|
299
|
-
var server_write_IV:ByteArray = new ByteArray();
|
|
300
|
-
|
|
301
|
-
// Derive the keys from the keyblock
|
|
302
|
-
// Get the MACs first
|
|
303
|
-
keyBlock.position = 0;
|
|
304
|
-
keyBlock.readBytes(client_write_MAC, 0, mac_length);
|
|
305
|
-
keyBlock.readBytes(server_write_MAC, 0, mac_length);
|
|
306
|
-
|
|
307
|
-
// keyBlock.position is now at MAC_length * 2
|
|
308
|
-
// then get the keys
|
|
309
|
-
keyBlock.readBytes(client_write_key, 0, key_length);
|
|
310
|
-
keyBlock.readBytes(server_write_key, 0, key_length);
|
|
311
|
-
|
|
312
|
-
// keyBlock.position is now at (MAC_length * 2) + (keySize * 2)
|
|
313
|
-
// and then the IVs
|
|
314
|
-
keyBlock.readBytes(client_write_IV, 0, iv_length);
|
|
315
|
-
keyBlock.readBytes(server_write_IV, 0, iv_length);
|
|
316
|
-
|
|
317
|
-
// reset this in case it's needed, for some reason or another, but I doubt it
|
|
318
|
-
keyBlock.position = 0;
|
|
319
|
-
|
|
320
|
-
var client_write:SSLConnectionState = new SSLConnectionState(
|
|
321
|
-
bulkCipher, cipherType, macAlgorithm,
|
|
322
|
-
client_write_MAC, client_write_key, client_write_IV);
|
|
323
|
-
var server_write:SSLConnectionState = new SSLConnectionState(
|
|
324
|
-
bulkCipher, cipherType, macAlgorithm,
|
|
325
|
-
server_write_MAC, server_write_key, server_write_IV);
|
|
326
|
-
|
|
327
|
-
if (entity == TLSEngine.CLIENT) {
|
|
328
|
-
return {read:server_write, write:client_write};
|
|
329
|
-
} else {
|
|
330
|
-
return {read:client_write, write:server_write};
|
|
331
|
-
}
|
|
332
|
-
|
|
333
|
-
|
|
334
|
-
} else {
|
|
335
|
-
return {read:new SSLConnectionState, write:new SSLConnectionState};
|
|
336
|
-
}
|
|
337
|
-
}
|
|
338
|
-
|
|
339
|
-
}
|
|
340
|
-
}
|
|
@@ -1,70 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* TLSConfig
|
|
3
|
-
*
|
|
4
|
-
* A set of configuration parameters for use by a TLSSocket or a TLSEngine.
|
|
5
|
-
* Most parameters are optional and will be set to appropriate default values for most use.
|
|
6
|
-
*
|
|
7
|
-
* Copyright (c) 2007 Henri Torgemane
|
|
8
|
-
*
|
|
9
|
-
* See LICENSE.txt for full license information.
|
|
10
|
-
*/
|
|
11
|
-
package com.hurlant.crypto.tls {
|
|
12
|
-
import flash.utils.ByteArray;
|
|
13
|
-
import com.hurlant.util.der.PEM;
|
|
14
|
-
import com.hurlant.crypto.rsa.RSAKey;
|
|
15
|
-
import com.hurlant.crypto.cert.X509CertificateCollection;
|
|
16
|
-
import com.hurlant.crypto.cert.MozillaRootCertificates;
|
|
17
|
-
|
|
18
|
-
public class TLSConfig {
|
|
19
|
-
public var entity:uint; // SERVER | CLIENT
|
|
20
|
-
|
|
21
|
-
public var certificate:ByteArray;
|
|
22
|
-
public var privateKey:RSAKey;
|
|
23
|
-
|
|
24
|
-
public var cipherSuites:Array;
|
|
25
|
-
|
|
26
|
-
public var compressions:Array;
|
|
27
|
-
public var ignoreCommonNameMismatch:Boolean = false;
|
|
28
|
-
public var trustAllCertificates:Boolean = false;
|
|
29
|
-
public var trustSelfSignedCertificates:Boolean = false;
|
|
30
|
-
public var promptUserForAcceptCert:Boolean = false;
|
|
31
|
-
public var CAStore:X509CertificateCollection;
|
|
32
|
-
public var localKeyStore:X509CertificateCollection;
|
|
33
|
-
public var version:uint;
|
|
34
|
-
|
|
35
|
-
public function TLSConfig( entity:uint, cipherSuites:Array = null, compressions:Array = null,
|
|
36
|
-
certificate:ByteArray = null, privateKey:RSAKey = null, CAStore:X509CertificateCollection = null, ver:uint = 0x00) {
|
|
37
|
-
this.entity = entity;
|
|
38
|
-
this.cipherSuites = cipherSuites;
|
|
39
|
-
this.compressions = compressions;
|
|
40
|
-
this.certificate = certificate;
|
|
41
|
-
this.privateKey = privateKey;
|
|
42
|
-
this.CAStore = CAStore;
|
|
43
|
-
this.version = ver;
|
|
44
|
-
// default settings.
|
|
45
|
-
if (cipherSuites==null) {
|
|
46
|
-
this.cipherSuites = CipherSuites.getDefaultSuites();
|
|
47
|
-
}
|
|
48
|
-
if (compressions==null) {
|
|
49
|
-
this.compressions = [TLSSecurityParameters.COMPRESSION_NULL];
|
|
50
|
-
}
|
|
51
|
-
|
|
52
|
-
if (CAStore==null) {
|
|
53
|
-
this.CAStore = new MozillaRootCertificates;
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
if (ver==0x00) {
|
|
57
|
-
// Default to TLS
|
|
58
|
-
this.version = TLSSecurityParameters.PROTOCOL_VERSION;
|
|
59
|
-
}
|
|
60
|
-
}
|
|
61
|
-
|
|
62
|
-
public function setPEMCertificate(cert:String, key:String = null):void {
|
|
63
|
-
if (key == null) {
|
|
64
|
-
key = cert; // for folks who like to concat those two in one file.
|
|
65
|
-
}
|
|
66
|
-
certificate = PEM.readCertIntoArray(cert);
|
|
67
|
-
privateKey = PEM.readRSAPrivateKey(key);
|
|
68
|
-
}
|
|
69
|
-
}
|
|
70
|
-
}
|
|
@@ -1,151 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* TLSConnectionState
|
|
3
|
-
*
|
|
4
|
-
* This class encapsulates the read or write state of a TLS connection,
|
|
5
|
-
* and implementes the encrypting and hashing of packets.
|
|
6
|
-
* Copyright (c) 2007 Henri Torgemane
|
|
7
|
-
*
|
|
8
|
-
* See LICENSE.txt for full license information.
|
|
9
|
-
*/
|
|
10
|
-
package com.hurlant.crypto.tls {
|
|
11
|
-
import flash.utils.IDataInput;
|
|
12
|
-
import flash.utils.ByteArray;
|
|
13
|
-
import com.hurlant.crypto.hash.MD5;
|
|
14
|
-
import com.hurlant.crypto.hash.HMAC;
|
|
15
|
-
import com.hurlant.crypto.hash.IHash;
|
|
16
|
-
import com.hurlant.crypto.symmetric.ICipher;
|
|
17
|
-
import com.hurlant.crypto.symmetric.IVMode;
|
|
18
|
-
import com.hurlant.util.Hex;
|
|
19
|
-
import com.hurlant.util.ArrayUtil;
|
|
20
|
-
|
|
21
|
-
public class TLSConnectionState implements IConnectionState {
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
// compression state
|
|
25
|
-
|
|
26
|
-
// cipher state
|
|
27
|
-
private var bulkCipher:uint;
|
|
28
|
-
private var cipherType:uint;
|
|
29
|
-
private var CIPHER_key:ByteArray;
|
|
30
|
-
private var CIPHER_IV:ByteArray;
|
|
31
|
-
private var cipher:ICipher;
|
|
32
|
-
private var ivmode:IVMode;
|
|
33
|
-
|
|
34
|
-
// mac secret
|
|
35
|
-
private var macAlgorithm:uint;
|
|
36
|
-
private var MAC_write_secret:ByteArray;
|
|
37
|
-
private var hmac:HMAC;
|
|
38
|
-
|
|
39
|
-
// sequence number. uint64
|
|
40
|
-
private var seq_lo:uint;
|
|
41
|
-
private var seq_hi:uint;
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
public function TLSConnectionState(
|
|
46
|
-
bulkCipher:uint=0, cipherType:uint=0, macAlgorithm:uint=0,
|
|
47
|
-
mac:ByteArray=null, key:ByteArray=null, IV:ByteArray=null) {
|
|
48
|
-
this.bulkCipher = bulkCipher;
|
|
49
|
-
this.cipherType = cipherType;
|
|
50
|
-
this.macAlgorithm = macAlgorithm;
|
|
51
|
-
MAC_write_secret = mac;
|
|
52
|
-
hmac = MACs.getHMAC(macAlgorithm);
|
|
53
|
-
CIPHER_key = key;
|
|
54
|
-
CIPHER_IV = IV;
|
|
55
|
-
cipher = BulkCiphers.getCipher(bulkCipher, key, 0x0301);
|
|
56
|
-
if (cipher is IVMode) {
|
|
57
|
-
ivmode = cipher as IVMode;
|
|
58
|
-
ivmode.IV = IV;
|
|
59
|
-
}
|
|
60
|
-
}
|
|
61
|
-
|
|
62
|
-
public function decrypt(type:uint, length:uint, p:ByteArray):ByteArray {
|
|
63
|
-
// decompression is a nop.
|
|
64
|
-
|
|
65
|
-
if (cipherType == BulkCiphers.STREAM_CIPHER) {
|
|
66
|
-
if (bulkCipher == BulkCiphers.NULL) {
|
|
67
|
-
// no-op
|
|
68
|
-
} else {
|
|
69
|
-
cipher.decrypt(p);
|
|
70
|
-
}
|
|
71
|
-
} else {
|
|
72
|
-
// block cipher
|
|
73
|
-
var nextIV:ByteArray = new ByteArray;
|
|
74
|
-
nextIV.writeBytes(p, p.length-CIPHER_IV.length, CIPHER_IV.length);
|
|
75
|
-
|
|
76
|
-
cipher.decrypt(p);
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
CIPHER_IV = nextIV;
|
|
80
|
-
ivmode.IV = nextIV;
|
|
81
|
-
}
|
|
82
|
-
if (macAlgorithm!=MACs.NULL) {
|
|
83
|
-
var data:ByteArray = new ByteArray;
|
|
84
|
-
var len:uint = p.length - hmac.getHashSize();
|
|
85
|
-
data.writeUnsignedInt(seq_hi);
|
|
86
|
-
data.writeUnsignedInt(seq_lo);
|
|
87
|
-
data.writeByte(type);
|
|
88
|
-
data.writeShort(TLSSecurityParameters.PROTOCOL_VERSION);
|
|
89
|
-
data.writeShort(len);
|
|
90
|
-
if (len!=0) {
|
|
91
|
-
data.writeBytes(p, 0, len);
|
|
92
|
-
}
|
|
93
|
-
var mac:ByteArray = hmac.compute(MAC_write_secret, data);
|
|
94
|
-
// compare "mac" with the last X bytes of p.
|
|
95
|
-
var mac_received:ByteArray = new ByteArray;
|
|
96
|
-
mac_received.writeBytes(p, len, hmac.getHashSize());
|
|
97
|
-
if (ArrayUtil.equals(mac, mac_received)) {
|
|
98
|
-
// happy happy joy joy
|
|
99
|
-
} else {
|
|
100
|
-
throw new TLSError("Bad Mac Data", TLSError.bad_record_mac);
|
|
101
|
-
}
|
|
102
|
-
p.length = len;
|
|
103
|
-
p.position = 0;
|
|
104
|
-
}
|
|
105
|
-
// increment seq
|
|
106
|
-
seq_lo++;
|
|
107
|
-
if (seq_lo==0) seq_hi++;
|
|
108
|
-
return p;
|
|
109
|
-
}
|
|
110
|
-
public function encrypt(type:uint, p:ByteArray):ByteArray {
|
|
111
|
-
var mac:ByteArray = null;
|
|
112
|
-
if (macAlgorithm!=MACs.NULL) {
|
|
113
|
-
var data:ByteArray = new ByteArray;
|
|
114
|
-
data.writeUnsignedInt(seq_hi);
|
|
115
|
-
data.writeUnsignedInt(seq_lo);
|
|
116
|
-
data.writeByte(type);
|
|
117
|
-
data.writeShort(TLSSecurityParameters.PROTOCOL_VERSION);
|
|
118
|
-
data.writeShort(p.length);
|
|
119
|
-
if (p.length!=0) {
|
|
120
|
-
data.writeBytes(p, 0, p.length);
|
|
121
|
-
}
|
|
122
|
-
mac = hmac.compute(MAC_write_secret, data);
|
|
123
|
-
p.position = p.length;
|
|
124
|
-
p.writeBytes(mac);
|
|
125
|
-
}
|
|
126
|
-
p.position = 0;
|
|
127
|
-
if (cipherType == BulkCiphers.STREAM_CIPHER) {
|
|
128
|
-
// stream cipher
|
|
129
|
-
if (bulkCipher == BulkCiphers.NULL) {
|
|
130
|
-
// no-op
|
|
131
|
-
} else {
|
|
132
|
-
cipher.encrypt(p);
|
|
133
|
-
}
|
|
134
|
-
} else {
|
|
135
|
-
// block cipher
|
|
136
|
-
cipher.encrypt(p);
|
|
137
|
-
// adjust IV
|
|
138
|
-
var nextIV:ByteArray = new ByteArray;
|
|
139
|
-
nextIV.writeBytes(p, p.length-CIPHER_IV.length, CIPHER_IV.length);
|
|
140
|
-
CIPHER_IV = nextIV;
|
|
141
|
-
ivmode.IV = nextIV;
|
|
142
|
-
}
|
|
143
|
-
// increment seq
|
|
144
|
-
seq_lo++;
|
|
145
|
-
if (seq_lo==0) seq_hi++;
|
|
146
|
-
// compression is a nop.
|
|
147
|
-
return p;
|
|
148
|
-
}
|
|
149
|
-
|
|
150
|
-
}
|
|
151
|
-
}
|