public byte[] decodeCiphertext(short type, byte[] ciphertext, int offset, int len)
throws IOException {
int blockSize = decryptCipher.getBlockSize();
int macSize = readMac.getSize();
/*
* TODO[TLS 1.1] Explicit IV implies minLen = blockSize + max(blockSize, macSize + 1),
* and will need further changes to offset and plen variables below.
*/
int minLen = Math.max(blockSize, macSize + 1);
if (len < minLen) {
throw new TlsFatalAlert(AlertDescription.decode_error);
}
if (len % blockSize != 0) {
throw new TlsFatalAlert(AlertDescription.decryption_failed);
}
for (int i = 0; i < len; i += blockSize) {
decryptCipher.processBlock(ciphertext, offset + i, ciphertext, offset + i);
}
int plen = len;
// If there's anything wrong with the padding, this will return zero
int totalPad = checkPaddingConstantTime(ciphertext, offset, plen, blockSize, macSize);
int macInputLen = plen - totalPad - macSize;
byte[] decryptedMac =
Arrays.copyOfRange(ciphertext, offset + macInputLen, offset + macInputLen + macSize);
byte[] calculatedMac =
readMac.calculateMacConstantTime(
type, ciphertext, offset, macInputLen, plen - macSize, randomData);
boolean badMac = !Arrays.constantTimeAreEqual(calculatedMac, decryptedMac);
if (badMac || totalPad == 0) {
throw new TlsFatalAlert(AlertDescription.bad_record_mac);
}
return Arrays.copyOfRange(ciphertext, offset, offset + macInputLen);
}
/** Karazuba multiplication */
private BigIntPolynomial multRecursive(BigIntPolynomial poly2) {
BigInteger[] a = coeffs;
BigInteger[] b = poly2.coeffs;
int n = poly2.coeffs.length;
if (n <= 1) {
BigInteger[] c = Arrays.clone(coeffs);
for (int i = 0; i < coeffs.length; i++) {
c[i] = c[i].multiply(poly2.coeffs[0]);
}
return new BigIntPolynomial(c);
} else {
int n1 = n / 2;
BigIntPolynomial a1 = new BigIntPolynomial(Arrays.copyOf(a, n1));
BigIntPolynomial a2 = new BigIntPolynomial(Arrays.copyOfRange(a, n1, n));
BigIntPolynomial b1 = new BigIntPolynomial(Arrays.copyOf(b, n1));
BigIntPolynomial b2 = new BigIntPolynomial(Arrays.copyOfRange(b, n1, n));
BigIntPolynomial A = (BigIntPolynomial) a1.clone();
A.add(a2);
BigIntPolynomial B = (BigIntPolynomial) b1.clone();
B.add(b2);
BigIntPolynomial c1 = a1.multRecursive(b1);
BigIntPolynomial c2 = a2.multRecursive(b2);
BigIntPolynomial c3 = A.multRecursive(B);
c3.sub(c1);
c3.sub(c2);
BigIntPolynomial c = new BigIntPolynomial(2 * n - 1);
for (int i = 0; i < c1.coeffs.length; i++) {
c.coeffs[i] = c1.coeffs[i];
}
for (int i = 0; i < c3.coeffs.length; i++) {
c.coeffs[n1 + i] = c.coeffs[n1 + i].add(c3.coeffs[i]);
}
for (int i = 0; i < c2.coeffs.length; i++) {
c.coeffs[2 * n1 + i] = c.coeffs[2 * n1 + i].add(c2.coeffs[i]);
}
return c;
}
}
private static ECField convertField(FiniteField field) {
if (ECAlgorithms.isFpField(field)) {
return new ECFieldFp(field.getCharacteristic());
} else // if (ECAlgorithms.isF2mField(curveField))
{
Polynomial poly = ((PolynomialExtensionField) field).getMinimalPolynomial();
int[] exponents = poly.getExponentsPresent();
int[] ks = Arrays.reverse(Arrays.copyOfRange(exponents, 1, exponents.length - 1));
return new ECFieldF2m(poly.getDegree(), ks);
}
}
private synchronized void newPacketReceived() {
byte[] bytes = new byte[1024];
bytes = Arrays.copyOfRange(bytes, 0, packet.getLength());
PieLogger.info(this.getClass(), String.format("Input Message: %s", new String(bytes)));
JsonObject input = processInput(bytes);
if (input.getString("type").equals("connection")) {
JsonObject newClient = input.getJsonObject("client");
callback.Handle(newClient);
}
if (input.getString("type").equals("msg")) {
System.out.println("Message Arrived: " + input.getString("msg"));
}
if (input.getString("type").equals("punch")) {
sendTask.send(ackMsg.getBytes(), packet.getAddress().getHostAddress(), packet.getPort());
}
if (input.getString("type").equals("ACK")) {
sendTask.setACK(true);
}
}
