PageRenderTime 37ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 0ms

/js/lib/Socket.IO-node/support/socket.io-client/lib/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/TLSConnectionState.as

http://github.com/onedayitwillmake/RealtimeMultiplayerNodeJs
ActionScript | 151 lines | 111 code | 15 blank | 25 comment | 21 complexity | fb6374e292af96fc7348847809405b94 MD5 | raw file
Possible License(s): GPL-2.0, LGPL-2.1, MPL-2.0-no-copyleft-exception, BSD-3-Clause 
    

  1. /**
    2. 

  2.  * TLSConnectionState
    3. 

  3.  * 
    4. 

  4.  * This class encapsulates the read or write state of a TLS connection,
    5. 

  5.  * and implementes the encrypting and hashing of packets. 
    6. 

  6.  * Copyright (c) 2007 Henri Torgemane
    7. 

  7.  * 
    8. 

  8.  * See LICENSE.txt for full license information.
    9. 

  9.  */
    10. 

  10. package com.hurlant.crypto.tls {
    11. 

  11. 	import flash.utils.IDataInput;
    12. 

  12. 	import flash.utils.ByteArray;
    13. 

  13. 	import com.hurlant.crypto.hash.MD5;
    14. 

  14. 	import com.hurlant.crypto.hash.HMAC;
    15. 

  15. 	import com.hurlant.crypto.hash.IHash;
    16. 

  16. 	import com.hurlant.crypto.symmetric.ICipher;
    17. 

  17. 	import com.hurlant.crypto.symmetric.IVMode;
    18. 

  18. 	import com.hurlant.util.Hex;
    19. 

  19. 	import com.hurlant.util.ArrayUtil;
    20. 

  20. 	
    21. 

  21. 	public class TLSConnectionState implements IConnectionState {
    22. 

  22. 

  23. 

  24. 		// compression state
    25. 

  25. 		
    26. 

  26. 		// cipher state
    27. 

  27. 		private var bulkCipher:uint;
    28. 

  28. 		private var cipherType:uint;
    29. 

  29. 		private var CIPHER_key:ByteArray;
    30. 

  30. 		private var CIPHER_IV:ByteArray;
    31. 

  31. 		private var cipher:ICipher;
    32. 

  32. 		private var ivmode:IVMode;
    33. 

  33. 		
    34. 

  34. 		// mac secret
    35. 

  35. 		private var macAlgorithm:uint;
    36. 

  36. 		private var MAC_write_secret:ByteArray;
    37. 

  37. 		private var hmac:HMAC;
    38. 

  38. 		
    39. 

  39. 		// sequence number. uint64
    40. 

  40. 		private var seq_lo:uint;
    41. 

  41. 		private var seq_hi:uint;
    42. 

  42. 		
    43. 

  43. 

  44. 

  45. 		public function TLSConnectionState(
    46. 

  46. 				bulkCipher:uint=0, cipherType:uint=0, macAlgorithm:uint=0,
    47. 

  47. 				mac:ByteArray=null, key:ByteArray=null, IV:ByteArray=null) {
    48. 

  48. 			this.bulkCipher = bulkCipher;
    49. 

  49. 			this.cipherType = cipherType;
    50. 

  50. 			this.macAlgorithm = macAlgorithm;
    51. 

  51. 			MAC_write_secret = mac;
    52. 

  52. 			hmac = MACs.getHMAC(macAlgorithm);
    53. 

  53. 			CIPHER_key = key;
    54. 

  54. 			CIPHER_IV = IV;
    55. 

  55. 			cipher = BulkCiphers.getCipher(bulkCipher, key, 0x0301);
    56. 

  56. 			if (cipher is IVMode) {
    57. 

  57. 				ivmode = cipher as IVMode;
    58. 

  58. 				ivmode.IV = IV;
    59. 

  59. 			}
    60. 

  60. 		}
    61. 

  61. 		
    62. 

  62. 		public function decrypt(type:uint, length:uint, p:ByteArray):ByteArray {
    63. 

  63. 			// decompression is a nop.
    64. 

  64. 			
    65. 

  65. 			if (cipherType == BulkCiphers.STREAM_CIPHER) {
    66. 

  66. 				if (bulkCipher == BulkCiphers.NULL) {
    67. 

  67. 					// no-op
    68. 

  68. 				} else {
    69. 

  69. 					cipher.decrypt(p);
    70. 

  70. 				}
    71. 

  71. 			} else {
    72. 

  72. 				// block cipher
    73. 

  73. 				var nextIV:ByteArray = new ByteArray;
    74. 

  74. 				nextIV.writeBytes(p, p.length-CIPHER_IV.length, CIPHER_IV.length);
    75. 

  75. 				
    76. 

  76. 				cipher.decrypt(p);
    77. 

  77. 

  78. 

  79. 				CIPHER_IV = nextIV;
    80. 

  80. 				ivmode.IV = nextIV;
    81. 

  81. 			}
    82. 

  82. 			if (macAlgorithm!=MACs.NULL) {
    83. 

  83. 				var data:ByteArray = new ByteArray;
    84. 

  84. 				var len:uint = p.length - hmac.getHashSize();
    85. 

  85. 				data.writeUnsignedInt(seq_hi);
    86. 

  86. 				data.writeUnsignedInt(seq_lo);
    87. 

  87. 				data.writeByte(type);
    88. 

  88. 				data.writeShort(TLSSecurityParameters.PROTOCOL_VERSION);
    89. 

  89. 				data.writeShort(len);
    90. 

  90. 				if (len!=0) {
    91. 

  91. 					data.writeBytes(p, 0, len);
    92. 

  92. 				}
    93. 

  93. 				var mac:ByteArray = hmac.compute(MAC_write_secret, data);
    94. 

  94. 				// compare "mac" with the last X bytes of p.
    95. 

  95. 				var mac_received:ByteArray = new ByteArray;
    96. 

  96. 				mac_received.writeBytes(p, len, hmac.getHashSize());
    97. 

  97. 				if (ArrayUtil.equals(mac, mac_received)) {
    98. 

  98. 					// happy happy joy joy
    99. 

  99. 				} else {
    100. 

  100. 					throw new TLSError("Bad Mac Data", TLSError.bad_record_mac);
    101. 

  101. 				}
    102. 

  102. 				p.length = len;
    103. 

  103. 				p.position = 0;
    104. 

  104. 			}
    105. 

  105. 			// increment seq
    106. 

  106. 			seq_lo++;
    107. 

  107. 			if (seq_lo==0) seq_hi++;
    108. 

  108. 			return p;
    109. 

  109. 		}
    110. 

  110. 		public function encrypt(type:uint, p:ByteArray):ByteArray {
    111. 

  111. 			var mac:ByteArray = null;
    112. 

  112. 			if (macAlgorithm!=MACs.NULL) {
    113. 

  113. 				var data:ByteArray = new ByteArray;
    114. 

  114. 				data.writeUnsignedInt(seq_hi);
    115. 

  115. 				data.writeUnsignedInt(seq_lo);
    116. 

  116. 				data.writeByte(type);
    117. 

  117. 				data.writeShort(TLSSecurityParameters.PROTOCOL_VERSION);
    118. 

  118. 				data.writeShort(p.length);
    119. 

  119. 				if (p.length!=0) {
    120. 

  120. 					data.writeBytes(p, 0, p.length);
    121. 

  121. 				}
    122. 

  122. 				mac = hmac.compute(MAC_write_secret, data);
    123. 

  123. 				p.position = p.length;
    124. 

  124. 				p.writeBytes(mac);
    125. 

  125. 			}
    126. 

  126. 			p.position = 0;
    127. 

  127. 			if (cipherType == BulkCiphers.STREAM_CIPHER) {
    128. 

  128. 				// stream cipher
    129. 

  129. 				if (bulkCipher == BulkCiphers.NULL) {
    130. 

  130. 					// no-op
    131. 

  131. 				} else {
    132. 

  132. 					cipher.encrypt(p);
    133. 

  133. 				}
    134. 

  134. 			} else {
    135. 

  135. 				// block cipher
    136. 

  136. 				cipher.encrypt(p);
    137. 

  137. 				// adjust IV
    138. 

  138. 				var nextIV:ByteArray = new ByteArray;
    139. 

  139. 				nextIV.writeBytes(p, p.length-CIPHER_IV.length, CIPHER_IV.length);
    140. 

  140. 				CIPHER_IV = nextIV;
    141. 

  141. 				ivmode.IV = nextIV;
    142. 

  142. 			}
    143. 

  143. 			// increment seq
    144. 

  144. 			seq_lo++;
    145. 

  145. 			if (seq_lo==0) seq_hi++;
    146. 

  146. 			// compression is a nop.
    147. 

  147. 			return p;
    148. 

  148. 		}
    149. 

  149. 		
    150. 

  150. 	}
    151. 

  151. }
    152.