while(true) {
String s2 = br.readLine();
if (s2 == null) return;
- Log.log(SSL.class, s2);
+ Log.info(SSL.class, s2);
}
} catch (Exception e) {
byte type;
try { type = raw.readByte();
} catch (EOFException e) {
- if (Log.on) Log.log(this, "got EOFException reading packet type");
+ if (Log.on) Log.info(this, "got EOFException reading packet type");
return null;
}
byte ver_major = raw.readByte();
byte ver_minor = raw.readByte();
short len = raw.readShort();
- if (Log.on) Log.log(this, "got record of type " + type + ", SSLv" + ver_major + "." + ver_minor + ", length=" + len);
+ if (Log.on) Log.info(this, "got record of type " + type + ", SSLv" + ver_major + "." + ver_minor + ", length=" + len);
byte[] ret = new byte[len];
raw.readFully(ret);
// simply ignore ChangeCipherSpec messages -- we change as soon as we send ours
if (type == 20) {
- if (Log.on) Log.log(this, "got ChangeCipherSpec; ignoring");
+ if (Log.on) Log.info(this, "got ChangeCipherSpec; ignoring");
seq_num = 0;
return readRecord();
}
if (decrypted_payload[1] > 1) {
throw new SSLException("got SSL ALERT message, level=" + decrypted_payload[0] + " code=" + decrypted_payload[1]);
} else if (decrypted_payload[1] == 0) {
- if (Log.on) Log.log(this, "server requested connection closure; returning null");
+ if (Log.on) Log.info(this, "server requested connection closure; returning null");
return null;
} else {
- if (Log.on) Log.log(this, "got SSL ALERT message, level=" + decrypted_payload[0] + " code=" + decrypted_payload[1]);
+ if (Log.on) Log.info(this, "got SSL ALERT message, level=" + decrypted_payload[0] + " code=" + decrypted_payload[1]);
return readRecord();
}
} else if (type == 22) {
- if (Log.on) Log.log(this, "read a handshake");
+ if (Log.on) Log.info(this, "read a handshake");
} else if (type != 23) {
- if (Log.on) Log.log(this, "unexpected record type: " + type + "; skipping");
+ if (Log.on) Log.info(this, "unexpected record type: " + type + "; skipping");
return readRecord();
}
- if (Log.on) Log.log(this, " returning " + decrypted_payload.length + " byte record payload");
+ if (Log.on) Log.info(this, " returning " + decrypted_payload.length + " byte record payload");
return decrypted_payload;
}
switch(rec[0]) {
case 2: // ServerHello
- if (Log.on) Log.log(this, "got ServerHello");
+ if (Log.on) Log.info(this, "got ServerHello");
byte ver_major = rec[4];
byte ver_minor = rec[5];
System.arraycopy(rec, 6, server_random, 0, server_random.length);
if (cipher_low == 0x04 || cipher_high != 0x00) {
export = false;
- if (Log.on) Log.log(this, "using SSL_RSA_WITH_RC4_128_MD5");
+ if (Log.on) Log.info(this, "using SSL_RSA_WITH_RC4_128_MD5");
} else if (cipher_low == 0x03 || cipher_high != 0x00) {
export = true;
- if (Log.on) Log.log(this, "using SSL_RSA_EXPORT_WITH_RC4_40_MD5");
+ if (Log.on) Log.info(this, "using SSL_RSA_EXPORT_WITH_RC4_40_MD5");
} else throw new SSLException("server asked for cipher " + ((cipher_high << 8) | cipher_low) +
" but we only do SSL_RSA_WITH_RC4_128_MD5 (0x0004) and " +
break;
case 11: // Server's certificate(s)
- if (Log.on) Log.log(this, "got Server Certificate(s)");
+ if (Log.on) Log.info(this, "got Server Certificate(s)");
int numcertbytes = ((rec[4] & 0xff) << 16) | ((rec[5] & 0xff) << 8) | (rec[6] & 0xff);
int numcerts = 0;
X509CertificateStructure last_cert = null;
if (!ignoreUntrustedCert && now.before(startDate))
throw new SSLException("server certificate will not be valid until " + startDate);
- Log.log(this, "server cert (name, validity dates) checks out okay");
+ Log.info(this, "server cert (name, validity dates) checks out okay");
} else {
i += certlen + 3;
numcerts++;
}
- if (Log.on) Log.log(this, " Certificate (" + numcerts + " certificates)");
+ if (Log.on) Log.info(this, " Certificate (" + numcerts + " certificates)");
if (ignoreUntrustedCert) break;
String subject = this_cert.getSubject().toString();
for(int i=0; i<trusted_CA_public_keys.length; i++) {
if (subject.indexOf(trusted_CA_public_key_identifiers[i]) != -1 && isSignedBy(this_cert, trusted_CA_public_keys[i])) {
- if (Log.on) Log.log(this, "pass 1: server cert was signed by trusted CA " + i);
+ if (Log.on) Log.info(this, "pass 1: server cert was signed by trusted CA " + i);
good = true;
break;
}
if (!good)
for(int i=0; i<trusted_CA_public_keys.length; i++) {
if (isSignedBy(this_cert, trusted_CA_public_keys[i])) {
- if (Log.on) Log.log(this, "pass 2: server cert was signed by trusted CA " + i);
+ if (Log.on) Log.info(this, "pass 2: server cert was signed by trusted CA " + i);
good = true;
break;
}
break;
case 12:
- if (Log.on) Log.log(this, "got ServerKeyExchange");
+ if (Log.on) Log.info(this, "got ServerKeyExchange");
serverKeyExchange = rec;
break;
case 13:
- if (Log.on) Log.log(this, "got Request for Client Certificates");
+ if (Log.on) Log.info(this, "got Request for Client Certificates");
cert_requested = true;
break;
- case 14: if (Log.on) Log.log(this, " ServerHelloDone"); return;
+ case 14: if (Log.on) Log.info(this, " ServerHelloDone"); return;
default: throw new SSLException("unknown handshake of type " + rec[0]);
}
}
if (expectedFinished[i] != rec[i + 4])
throw new SSLException("server Finished message mismatch!");
- if (Log.on) Log.log(this, "server finished message checked out okay!");
+ if (Log.on) Log.info(this, "server finished message checked out okay!");
}
}
public void sendClientHandshakes() throws IOException {
- if (Log.on) Log.log(this, "shaking hands");
+ if (Log.on) Log.info(this, "shaking hands");
if (cert_requested) {
- if (Log.on) Log.log(this, "telling the server we have no certificates");
+ if (Log.on) Log.info(this, "telling the server we have no certificates");
writeHandshake(11, new byte[] { 0x0, 0x0, 0x0 });
}
if (expectedSignature[i] != recievedSignature[i])
throw new SSLException("ServerKeyExchange message had invalid signature " + i);
- if (Log.on) Log.log(this, "ServerKeyExchange successfully processed");
+ if (Log.on) Log.info(this, "ServerKeyExchange successfully processed");
}
AsymmetricBlockCipher rsa = new PKCS1(new RSAEngine());
}
// ChangeCipherSpec
- if (Log.on) Log.log(this, "Handshake complete; sending ChangeCipherSpec");
+ if (Log.on) Log.info(this, "Handshake complete; sending ChangeCipherSpec");
write(new byte[] { 0x01 }, 0, 1, (byte)20);
seq_num = 0;
master_secret, pad1_sha } ) })
}));
raw.flush();
- if (Log.on) Log.log(this, "wrote Finished message");
+ if (Log.on) Log.info(this, "wrote Finished message");
}
public void writeClientHello() throws IOException {
- if (Log.on) Log.log(this, "sending ClientHello");
+ if (Log.on) Log.info(this, "sending ClientHello");
int unixtime = (int)(System.currentTimeMillis() / (long)1000);
byte[] out = new byte[] {
for(int i=0; i<pad2_sha.length; i++) pad2_sha[i] = (byte)0x5C;
try {
- if (Log.on) Log.log(SSL.class, "reading in trusted root public keys...");
+ if (Log.on) Log.info(SSL.class, "reading in trusted root public keys...");
trusted_CA_public_keys = new SubjectPublicKeyInfo[base64_encoded_trusted_CA_public_keys.length / 2];
trusted_CA_public_key_identifiers = new String[base64_encoded_trusted_CA_public_keys.length / 2];
for(int i=0; i<base64_encoded_trusted_CA_public_keys.length; i+=2) {
}
} catch (Exception e) {
- if (Log.on) Log.log(SSL.class, e);
+ if (Log.on) Log.info(SSL.class, e);
}
- if (Log.on) Log.log(SSL.class, "generating entropy...");
+ if (Log.on) Log.info(SSL.class, "generating entropy...");
randpool = new byte[10];
try { Thread.sleep(100); } catch (Exception e) { }
for(int i=0; i<spinners.length; i++) {
randpool = new byte[md5.getDigestSize()];
md5.doFinal(randpool, 0);
- if (Log.on) Log.log(SSL.class, "SSL is initialized.");
+ if (Log.on) Log.info(SSL.class, "SSL is initialized.");
initializationFinished = true;
SSL.class.notifyAll();
}
projects / org.ibex.core.git / blobdiff