org.bouncycastle.tls.SessionParameters Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of impersonator Show documentation
Show all versions of impersonator Show documentation
Spoof TLS/JA3/JA4 and HTTP/2 fingerprints in Java
package org.bouncycastle.tls;
import org.bouncycastle.tls.crypto.TlsSecret;
import org.bouncycastle.util.Arrays;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Map;
public final class SessionParameters
{
public static final class Builder
{
private int cipherSuite = -1;
private Certificate localCertificate = null;
private TlsSecret masterSecret = null;
private ProtocolVersion negotiatedVersion;
private Certificate peerCertificate = null;
private byte[] pskIdentity = null;
private byte[] srpIdentity = null;
private byte[] encodedServerExtensions = null;
private boolean extendedMasterSecret = false;
public Builder()
{
}
public SessionParameters build()
{
validate(this.cipherSuite >= 0, "cipherSuite");
validate(this.masterSecret != null, "masterSecret");
return new SessionParameters(cipherSuite, localCertificate, masterSecret, negotiatedVersion,
peerCertificate, pskIdentity, srpIdentity, encodedServerExtensions, extendedMasterSecret);
}
public Builder setCipherSuite(int cipherSuite)
{
this.cipherSuite = cipherSuite;
return this;
}
public Builder setExtendedMasterSecret(boolean extendedMasterSecret)
{
this.extendedMasterSecret = extendedMasterSecret;
return this;
}
public Builder setLocalCertificate(Certificate localCertificate)
{
this.localCertificate = localCertificate;
return this;
}
public Builder setMasterSecret(TlsSecret masterSecret)
{
this.masterSecret = masterSecret;
return this;
}
public Builder setNegotiatedVersion(ProtocolVersion negotiatedVersion)
{
this.negotiatedVersion = negotiatedVersion;
return this;
}
public Builder setPeerCertificate(Certificate peerCertificate)
{
this.peerCertificate = peerCertificate;
return this;
}
public Builder setPSKIdentity(byte[] pskIdentity)
{
this.pskIdentity = pskIdentity;
return this;
}
public Builder setSRPIdentity(byte[] srpIdentity)
{
this.srpIdentity = srpIdentity;
return this;
}
public Builder setServerExtensions(Map serverExtensions) throws IOException
{
if (serverExtensions == null || serverExtensions.isEmpty())
{
encodedServerExtensions = null;
}
else
{
ByteArrayOutputStream buf = new ByteArrayOutputStream();
TlsProtocol.writeExtensions(buf, serverExtensions);
encodedServerExtensions = buf.toByteArray();
}
return this;
}
private void validate(boolean condition, String parameter)
{
if (!condition)
{
throw new IllegalStateException("Required session parameter '" + parameter + "' not configured");
}
}
}
private int cipherSuite;
private Certificate localCertificate;
private TlsSecret masterSecret;
private ProtocolVersion negotiatedVersion;
private Certificate peerCertificate;
private byte[] pskIdentity = null;
private byte[] srpIdentity = null;
private byte[] encodedServerExtensions;
private boolean extendedMasterSecret;
private SessionParameters(int cipherSuite, Certificate localCertificate, TlsSecret masterSecret,
ProtocolVersion negotiatedVersion, Certificate peerCertificate, byte[] pskIdentity, byte[] srpIdentity,
byte[] encodedServerExtensions, boolean extendedMasterSecret)
{
this.cipherSuite = cipherSuite;
this.localCertificate = localCertificate;
this.masterSecret = masterSecret;
this.negotiatedVersion = negotiatedVersion;
this.peerCertificate = peerCertificate;
this.pskIdentity = Arrays.clone(pskIdentity);
this.srpIdentity = Arrays.clone(srpIdentity);
this.encodedServerExtensions = encodedServerExtensions;
this.extendedMasterSecret = extendedMasterSecret;
}
public void clear()
{
if (this.masterSecret != null)
{
this.masterSecret.destroy();
}
}
public SessionParameters copy()
{
return new SessionParameters(cipherSuite, localCertificate, masterSecret, negotiatedVersion, peerCertificate,
pskIdentity, srpIdentity, encodedServerExtensions, extendedMasterSecret);
}
public int getCipherSuite()
{
return cipherSuite;
}
public Certificate getLocalCertificate()
{
return localCertificate;
}
public TlsSecret getMasterSecret()
{
return masterSecret;
}
public ProtocolVersion getNegotiatedVersion()
{
return negotiatedVersion;
}
public Certificate getPeerCertificate()
{
return peerCertificate;
}
public byte[] getPSKIdentity()
{
return pskIdentity;
}
public byte[] getSRPIdentity()
{
return srpIdentity;
}
public boolean isExtendedMasterSecret()
{
return extendedMasterSecret;
}
public Map readServerExtensions() throws IOException
{
if (encodedServerExtensions == null)
{
return null;
}
ByteArrayInputStream buf = new ByteArrayInputStream(encodedServerExtensions);
return TlsProtocol.readExtensions(buf);
}
}