PageRenderTime 58ms CodeModel.GetById 34ms RepoModel.GetById 1ms app.codeStats 0ms

/js/lib/Socket.IO-node/support/socket.io-client/lib/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/SSLConnectionState.as

http://github.com/onedayitwillmake/RealtimeMultiplayerNodeJs
ActionScript | 171 lines | 114 code | 23 blank | 34 comment | 24 complexity | 02301bb3725990f16ecb8c67e1fb5693 MD5 | raw file
Possible License(s): GPL-2.0, LGPL-2.1, MPL-2.0-no-copyleft-exception, BSD-3-Clause
  1. /**
  2. * TLSConnectionState
  3. *
  4. * This class encapsulates the read or write state of a TLS connection,
  5. * and implementes the encrypting and hashing of packets.
  6. * Copyright (c) 2007 Henri Torgemane
  7. *
  8. * See LICENSE.txt for full license information.
  9. */
  10. package com.hurlant.crypto.tls {
  11. import flash.utils.IDataInput;
  12. import flash.utils.ByteArray;
  13. import com.hurlant.crypto.hash.MD5;
  14. import com.hurlant.crypto.hash.MAC;
  15. import com.hurlant.crypto.hash.IHash;
  16. import com.hurlant.crypto.symmetric.ICipher;
  17. import com.hurlant.crypto.symmetric.IVMode;
  18. import com.hurlant.util.Hex;
  19. import com.hurlant.util.ArrayUtil;
  20. public class SSLConnectionState implements IConnectionState {
  21. // compression state
  22. // cipher state
  23. private var bulkCipher:uint;
  24. private var cipherType:uint;
  25. private var CIPHER_key:ByteArray;
  26. private var CIPHER_IV:ByteArray;
  27. private var cipher:ICipher;
  28. private var ivmode:IVMode;
  29. // mac secret
  30. private var macAlgorithm:uint;
  31. private var MAC_write_secret:ByteArray;
  32. private var mac:MAC;
  33. // sequence number. uint64
  34. private var seq_lo:uint = 0x0;
  35. private var seq_hi:uint = 0x0;
  36. public function SSLConnectionState(
  37. bulkCipher:uint=0, cipherType:uint=0, macAlgorithm:uint=0,
  38. mac_enc:ByteArray=null, key:ByteArray=null, IV:ByteArray=null) {
  39. this.bulkCipher = bulkCipher;
  40. this.cipherType = cipherType;
  41. this.macAlgorithm = macAlgorithm;
  42. MAC_write_secret = mac_enc;
  43. mac = MACs.getMAC(macAlgorithm);
  44. CIPHER_key = key;
  45. CIPHER_IV = IV;
  46. cipher = BulkCiphers.getCipher(bulkCipher, key, 0x0300);
  47. if (cipher is IVMode) {
  48. ivmode = cipher as IVMode;
  49. ivmode.IV = IV;
  50. }
  51. }
  52. public function decrypt(type:uint, length:uint, p:ByteArray):ByteArray {
  53. // decompression is a nop.
  54. if (cipherType == BulkCiphers.STREAM_CIPHER) {
  55. if (bulkCipher == BulkCiphers.NULL) {
  56. // no-op
  57. } else {
  58. cipher.decrypt(p);
  59. }
  60. } else {
  61. p.position = 0;
  62. // block cipher
  63. if (bulkCipher == BulkCiphers.NULL) {
  64. } else {
  65. var nextIV:ByteArray = new ByteArray;
  66. nextIV.writeBytes(p, p.length-CIPHER_IV.length, CIPHER_IV.length);
  67. p.position = 0;
  68. cipher.decrypt(p);
  69. CIPHER_IV = nextIV;
  70. ivmode.IV = nextIV;
  71. }
  72. }
  73. if (macAlgorithm!=MACs.NULL) {
  74. // there will be CTX delay here as well,
  75. // I should probably optmize the hell out of it
  76. var data:ByteArray = new ByteArray;
  77. var len:uint = p.length - mac.getHashSize();
  78. data.writeUnsignedInt(seq_hi);
  79. data.writeUnsignedInt(seq_lo);
  80. data.writeByte(type);
  81. data.writeShort(len);
  82. if (len!=0) {
  83. data.writeBytes(p, 0, len);
  84. }
  85. var mac_enc:ByteArray = mac.compute(MAC_write_secret, data);
  86. // compare "mac" with the last X bytes of p.
  87. var mac_received:ByteArray = new ByteArray;
  88. mac_received.writeBytes(p, len, mac.getHashSize());
  89. if (ArrayUtil.equals(mac_enc, mac_received)) {
  90. // happy happy joy joy
  91. } else {
  92. throw new TLSError("Bad Mac Data", TLSError.bad_record_mac);
  93. }
  94. p.length = len;
  95. p.position = 0;
  96. }
  97. // increment seq
  98. seq_lo++;
  99. if (seq_lo==0) seq_hi++;
  100. return p;
  101. }
  102. public function encrypt(type:uint, p:ByteArray):ByteArray {
  103. var mac_enc:ByteArray = null;
  104. if (macAlgorithm!=MACs.NULL) {
  105. var data:ByteArray = new ByteArray;
  106. // data.writeUnsignedInt(seq);
  107. // Sequence
  108. data.writeUnsignedInt(seq_hi);
  109. data.writeUnsignedInt(seq_lo);
  110. // Type
  111. data.writeByte(type);
  112. // Length
  113. data.writeShort(p.length);
  114. // The data
  115. if (p.length!=0) {
  116. data.writeBytes(p);
  117. }
  118. // trace("data for the MAC: " + Hex.fromArray(data));
  119. mac_enc = mac.compute(MAC_write_secret, data);
  120. // trace("MAC: " + Hex.fromArray( mac_enc ));
  121. p.position = p.length;
  122. p.writeBytes(mac_enc);
  123. }
  124. // trace("Record to encrypt: " + Hex.fromArray(p));
  125. p.position = 0;
  126. if (cipherType == BulkCiphers.STREAM_CIPHER) {
  127. // stream cipher
  128. if (bulkCipher == BulkCiphers.NULL) {
  129. // no-op
  130. } else {
  131. cipher.encrypt(p);
  132. }
  133. } else {
  134. // block cipher
  135. cipher.encrypt(p);
  136. // adjust IV
  137. var nextIV:ByteArray = new ByteArray;
  138. nextIV.writeBytes(p, p.length-CIPHER_IV.length, CIPHER_IV.length);
  139. CIPHER_IV = nextIV;
  140. ivmode.IV = nextIV;
  141. }
  142. // increment seq
  143. seq_lo++;
  144. if (seq_lo==0) seq_hi++;
  145. return p;
  146. }
  147. }
  148. }