From 489ff7c058a566b1581dec6f9462030db3e6352e Mon Sep 17 00:00:00 2001 From: David Hook Date: Tue, 24 Dec 2024 17:45:40 +1100 Subject: [PATCH] added some additional work from TLS fips implementation to nonce setting - relates to github #1950 --- .../provider/GcmTls12NonceGeneratorUtil.java | 25 ------------------ .../provider/TlsNonceGeneratorFactory.java | 8 ------ .../tls/crypto/impl/AEADNonceGenerator.java | 9 +++++++ .../impl/AEADNonceGeneratorFactory.java | 8 ++++++ .../impl/GcmTls12NonceGeneratorUtil.java | 26 +++++++++++++++++++ .../tls/crypto/impl/TlsAEADCipher.java | 14 ++++------ .../org/bouncycastle/tls/test/AllTests.java | 4 +-- .../tls/test/TestAEADGeneratorFactory.java | 21 +++++++++++++++ ...rator.java => TestAEADNonceGenerator.java} | 14 +++++----- .../test/TestTlsNonceGeneratorFactory.java | 19 -------------- 10 files changed, 78 insertions(+), 70 deletions(-) delete mode 100644 tls/src/main/java/org/bouncycastle/jsse/provider/GcmTls12NonceGeneratorUtil.java delete mode 100644 tls/src/main/java/org/bouncycastle/jsse/provider/TlsNonceGeneratorFactory.java create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/impl/AEADNonceGenerator.java create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/impl/AEADNonceGeneratorFactory.java create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/impl/GcmTls12NonceGeneratorUtil.java create mode 100644 tls/src/test/java/org/bouncycastle/tls/test/TestAEADGeneratorFactory.java rename tls/src/test/java/org/bouncycastle/tls/test/{TestNonceGenerator.java => TestAEADNonceGenerator.java} (76%) delete mode 100644 tls/src/test/java/org/bouncycastle/tls/test/TestTlsNonceGeneratorFactory.java diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/GcmTls12NonceGeneratorUtil.java b/tls/src/main/java/org/bouncycastle/jsse/provider/GcmTls12NonceGeneratorUtil.java deleted file mode 100644 index 8504232b35..0000000000 --- a/tls/src/main/java/org/bouncycastle/jsse/provider/GcmTls12NonceGeneratorUtil.java +++ /dev/null @@ -1,25 +0,0 @@ -package org.bouncycastle.jsse.provider; - -import org.bouncycastle.tls.crypto.TlsNonceGenerator; - -final public class GcmTls12NonceGeneratorUtil -{ - private static TlsNonceGeneratorFactory tlsNonceGeneratorFactory = null; - - public static void setGcmTlsNonceGeneratorFactory(final TlsNonceGeneratorFactory factory) - { - tlsNonceGeneratorFactory = factory; - } - - public static boolean isGcmFipsNonceGeneratorFactorySet() - { - return tlsNonceGeneratorFactory != null; - } - - public static TlsNonceGenerator createGcmFipsNonceGenerator(final byte[] baseNonce, final int counterSizeInBits) - { - return tlsNonceGeneratorFactory != null - ? tlsNonceGeneratorFactory.create(baseNonce, counterSizeInBits) - : null; - } -} diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/TlsNonceGeneratorFactory.java b/tls/src/main/java/org/bouncycastle/jsse/provider/TlsNonceGeneratorFactory.java deleted file mode 100644 index 827bbd170b..0000000000 --- a/tls/src/main/java/org/bouncycastle/jsse/provider/TlsNonceGeneratorFactory.java +++ /dev/null @@ -1,8 +0,0 @@ -package org.bouncycastle.jsse.provider; - -import org.bouncycastle.tls.crypto.TlsNonceGenerator; - -public interface TlsNonceGeneratorFactory -{ - TlsNonceGenerator create(byte[] baseNonce, int counterSizeInBits); -} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/AEADNonceGenerator.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/AEADNonceGenerator.java new file mode 100644 index 0000000000..05992fc203 --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/AEADNonceGenerator.java @@ -0,0 +1,9 @@ +package org.bouncycastle.tls.crypto.impl; + +import org.bouncycastle.tls.TlsFatalAlert; + +public interface AEADNonceGenerator +{ + public void generateNonce(byte[] nonce) + throws TlsFatalAlert; +} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/AEADNonceGeneratorFactory.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/AEADNonceGeneratorFactory.java new file mode 100644 index 0000000000..6e12eb368d --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/AEADNonceGeneratorFactory.java @@ -0,0 +1,8 @@ +package org.bouncycastle.tls.crypto.impl; + +import org.bouncycastle.tls.crypto.TlsNonceGenerator; + +public interface AEADNonceGeneratorFactory +{ + AEADNonceGenerator create(byte[] baseNonce, int counterSizeInBits); +} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/GcmTls12NonceGeneratorUtil.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/GcmTls12NonceGeneratorUtil.java new file mode 100644 index 0000000000..e90c0bf2c4 --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/GcmTls12NonceGeneratorUtil.java @@ -0,0 +1,26 @@ +package org.bouncycastle.tls.crypto.impl; + +import java.security.AccessController; +import java.security.PrivilegedAction; + +final public class GcmTls12NonceGeneratorUtil +{ + private static AEADNonceGeneratorFactory tlsNonceGeneratorFactory = null; + + public static void setGcmTlsNonceGeneratorFactory(final AEADNonceGeneratorFactory factory) + { + tlsNonceGeneratorFactory = factory; + } + + public static boolean isGcmFipsNonceGeneratorFactorySet() + { + return tlsNonceGeneratorFactory != null; + } + + public static AEADNonceGenerator createGcmFipsNonceGenerator(final byte[] baseNonce, final int counterSizeInBits) + { + return tlsNonceGeneratorFactory != null + ? tlsNonceGeneratorFactory.create(baseNonce, counterSizeInBits) + : null; + } +} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/TlsAEADCipher.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/TlsAEADCipher.java index 3b6148d50e..1afa08f4d1 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/TlsAEADCipher.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/TlsAEADCipher.java @@ -17,9 +17,6 @@ import org.bouncycastle.tls.crypto.TlsSecret; import org.bouncycastle.util.Arrays; -import static org.bouncycastle.jsse.provider.GcmTls12NonceGeneratorUtil.createGcmFipsNonceGenerator; -import static org.bouncycastle.jsse.provider.GcmTls12NonceGeneratorUtil.isGcmFipsNonceGeneratorFactorySet; - /** * A generic TLS 1.2 AEAD cipher. */ @@ -49,7 +46,7 @@ public final class TlsAEADCipher private final boolean isTLSv13; private final int nonceMode; - private final TlsNonceGenerator gcmFipsNonceGenerator; + private final AEADNonceGenerator gcmFipsNonceGenerator; public TlsAEADCipher(TlsCryptoParameters cryptoParams, TlsAEADCipherImpl encryptCipher, TlsAEADCipherImpl decryptCipher, int keySize, int macSize, int aeadType) throws IOException @@ -130,7 +127,7 @@ public TlsAEADCipher(TlsCryptoParameters cryptoParams, TlsAEADCipherImpl encrypt throw new TlsFatalAlert(AlertDescription.internal_error); } - if (AEAD_GCM == aeadType && isGcmFipsNonceGeneratorFactorySet()) + if (AEAD_GCM == aeadType && GcmTls12NonceGeneratorUtil.isGcmFipsNonceGeneratorFactorySet()) { final int nonceLength = fixed_iv_length + record_iv_length; final byte[] baseNonce = Arrays.copyOf(encryptNonce, nonceLength); @@ -145,7 +142,7 @@ public TlsAEADCipher(TlsCryptoParameters cryptoParams, TlsAEADCipherImpl encrypt { counterSizeInBits = record_iv_length * 8; // 64 } - gcmFipsNonceGenerator = createGcmFipsNonceGenerator(baseNonce, counterSizeInBits); + gcmFipsNonceGenerator = GcmTls12NonceGeneratorUtil.createGcmFipsNonceGenerator(baseNonce, counterSizeInBits); } else { @@ -185,15 +182,14 @@ public TlsEncodeResult encodePlaintext(long seqNo, short contentType, ProtocolVe int headerAllocation, byte[] plaintext, int plaintextOffset, int plaintextLength) throws IOException { final int nonceSize = encryptNonce.length + record_iv_length; - final byte[] nonce; + final byte[] nonce = new byte[nonceSize]; if (null != gcmFipsNonceGenerator) { - nonce = gcmFipsNonceGenerator.generateNonce(nonceSize); + gcmFipsNonceGenerator.generateNonce(nonce); } else { - nonce = new byte[nonceSize]; switch (nonceMode) { case NONCE_RFC5288: diff --git a/tls/src/test/java/org/bouncycastle/tls/test/AllTests.java b/tls/src/test/java/org/bouncycastle/tls/test/AllTests.java index 27d9035fdb..61098a7a4d 100644 --- a/tls/src/test/java/org/bouncycastle/tls/test/AllTests.java +++ b/tls/src/test/java/org/bouncycastle/tls/test/AllTests.java @@ -1,6 +1,6 @@ package org.bouncycastle.tls.test; -import org.bouncycastle.jsse.provider.GcmTls12NonceGeneratorUtil; +import org.bouncycastle.tls.crypto.impl.GcmTls12NonceGeneratorUtil; import org.bouncycastle.test.PrintTestResult; import junit.extensions.TestSetup; @@ -20,7 +20,7 @@ public static void main(String[] args) public static Test suiteWithCustomNonceGeneratorForTls12() throws Exception { - GcmTls12NonceGeneratorUtil.setGcmTlsNonceGeneratorFactory(TestTlsNonceGeneratorFactory.INSTANCE); + GcmTls12NonceGeneratorUtil.setGcmTlsNonceGeneratorFactory(TestAEADGeneratorFactory.INSTANCE); return suite(); } diff --git a/tls/src/test/java/org/bouncycastle/tls/test/TestAEADGeneratorFactory.java b/tls/src/test/java/org/bouncycastle/tls/test/TestAEADGeneratorFactory.java new file mode 100644 index 0000000000..80e3fe4aba --- /dev/null +++ b/tls/src/test/java/org/bouncycastle/tls/test/TestAEADGeneratorFactory.java @@ -0,0 +1,21 @@ +package org.bouncycastle.tls.test; + +import org.bouncycastle.tls.crypto.impl.AEADNonceGenerator; +import org.bouncycastle.tls.crypto.impl.AEADNonceGeneratorFactory; + +class TestAEADGeneratorFactory + implements AEADNonceGeneratorFactory +{ + public static final AEADNonceGeneratorFactory INSTANCE = new TestAEADGeneratorFactory(); + + private TestAEADGeneratorFactory() + { + // no op + } + + @Override + public AEADNonceGenerator create(final byte[] baseNonce, final int counterSizeInBits) + { + return new TestAEADNonceGenerator(baseNonce, counterSizeInBits); + } +} diff --git a/tls/src/test/java/org/bouncycastle/tls/test/TestNonceGenerator.java b/tls/src/test/java/org/bouncycastle/tls/test/TestAEADNonceGenerator.java similarity index 76% rename from tls/src/test/java/org/bouncycastle/tls/test/TestNonceGenerator.java rename to tls/src/test/java/org/bouncycastle/tls/test/TestAEADNonceGenerator.java index 50bddfa3a5..1b4f805f23 100644 --- a/tls/src/test/java/org/bouncycastle/tls/test/TestNonceGenerator.java +++ b/tls/src/test/java/org/bouncycastle/tls/test/TestAEADNonceGenerator.java @@ -1,10 +1,12 @@ package org.bouncycastle.tls.test; import org.bouncycastle.tls.crypto.TlsNonceGenerator; +import org.bouncycastle.tls.crypto.impl.AEADNonceGenerator; import java.util.Arrays; -class TestNonceGenerator implements TlsNonceGenerator +class TestAEADNonceGenerator + implements AEADNonceGenerator { private final byte[] baseNonce; private final long counterMask; @@ -13,7 +15,7 @@ class TestNonceGenerator implements TlsNonceGenerator private long counterValue; private boolean counterExhausted; - TestNonceGenerator(final byte[] baseNonce, final int counterBits) + TestAEADNonceGenerator(final byte[] baseNonce, final int counterBits) { this.baseNonce = Arrays.copyOf(baseNonce, baseNonce.length); this.counterMask = -1L >>> (64 - counterBits); @@ -24,9 +26,9 @@ class TestNonceGenerator implements TlsNonceGenerator } @Override - public byte[] generateNonce(final int size) + public void generateNonce(byte[] nonce) { - if (size != baseNonce.length) + if (nonce.length != baseNonce.length) { throw new IllegalArgumentException("requested length is not equal to the length of the base nonce."); } @@ -36,7 +38,7 @@ public byte[] generateNonce(final int size) throw new IllegalStateException("TLS nonce generator exhausted"); } - final byte[] nonce = Arrays.copyOf(baseNonce, baseNonce.length); + System.arraycopy(baseNonce, 0, nonce, 0, baseNonce.length); final int offset = baseNonce.length - counterBytes; for (int i = 0; i < counterBytes; i++) @@ -45,7 +47,5 @@ public byte[] generateNonce(final int size) } counterExhausted |= ((++counterValue & counterMask) == 0); - - return nonce; } } diff --git a/tls/src/test/java/org/bouncycastle/tls/test/TestTlsNonceGeneratorFactory.java b/tls/src/test/java/org/bouncycastle/tls/test/TestTlsNonceGeneratorFactory.java deleted file mode 100644 index 1be9c760d1..0000000000 --- a/tls/src/test/java/org/bouncycastle/tls/test/TestTlsNonceGeneratorFactory.java +++ /dev/null @@ -1,19 +0,0 @@ -package org.bouncycastle.tls.test; - -import org.bouncycastle.jsse.provider.TlsNonceGeneratorFactory; -import org.bouncycastle.tls.crypto.TlsNonceGenerator; - -class TestTlsNonceGeneratorFactory implements TlsNonceGeneratorFactory { - public static final TlsNonceGeneratorFactory INSTANCE = new TestTlsNonceGeneratorFactory(); - - private TestTlsNonceGeneratorFactory() - { - // no op - } - - @Override - public TlsNonceGenerator create(final byte[] baseNonce, final int counterSizeInBits) - { - return new TestNonceGenerator(baseNonce, counterSizeInBits); - } -}