Package org.red5.server.net.rtmp

Class RTMPHandshake

java.lang.Object
org.red5.server.net.rtmp.RTMPHandshake
All Implemented Interfaces:
IHandshake
Direct Known Subclasses:
InboundHandshake, OutboundHandshake
public abstract class RTMPHandshake extends Object implements IHandshake
Generates and validates the RTMP handshake response for Flash Players. Client versions equal to or greater than Flash 9,0,124,0 require a nonzero value as the fifth byte of the handshake request.
Author:
Jacinto Shy II (jacinto.m.shy@ieee.org), Steven Zimmer (stevenlzimmer@gmail.com), Gavriloaie Eugen-Andrei, Ari-Pekka Viitanen, Paul Gregoire, Tiago Jacobs

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected int
    algorithm
     
    protected org.bouncycastle.crypto.engines.BlowfishEngine
    blowfish
     
    protected static final byte[][]
    BLOWFISH_KEYS
    Blowfish keys for RTMPE (RTMP type 0x09) - 16 x 24
    protected Cipher
    cipherIn
     
    protected Cipher
    cipherOut
     
    protected static final BigInteger
    DH_BASE
    Constant DH_BASE
    protected static final BigInteger
    DH_MODULUS
    Constant DH_MODULUS
    protected static final byte[]
    DH_MODULUS_BYTES
    "Second Oakley Default Group" from RFC2409, section 6.2.
    protected static final int
    DIGEST_LENGTH
    Constant DIGEST_LENGTH=32
    protected boolean
    fp9Handshake
     
    static final byte[]
    GENUINE_FMS_KEY
    Constant GENUINE_FMS_KEY
    static final byte[]
    GENUINE_FP_KEY
    Constant GENUINE_FP_KEY
    static final String[]
    HANDSHAKE_TYPES
    Constant HANDSHAKE_TYPES
    protected byte[]
    handshakeBytes
     
    protected byte
    handshakeType
     
    protected byte[]
    incomingPublicKey
     
    protected static final int
    KEY_LENGTH
    Constant KEY_LENGTH=128
    protected KeyAgreement
    keyAgreement
     
    protected org.slf4j.Logger
    log
     
    protected byte[]
    outgoingPublicKey
     
    protected static final Random
    random
    Constant random
    protected int
    swfSize
     
    protected byte[]
    swfVerificationBytes
     
    protected org.bouncycastle.crypto.engines.XTEAEngine
    xtea
     
    protected static final byte[][]
    XTEA_KEYS
    XTEA keys for RTMPE (RTMP type 0x08) - 16 x 16 (little endian)

  • Constructor Summary

    Constructors
    Constructor
    Description
    RTMPHandshake()
    Constructor for RTMPHandshake.
    RTMPHandshake(byte handshakeType)
    Constructor for RTMPHandshake.

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    calculateDigest(int digestPos, byte[] handshakeMessage, int handshakeOffset, byte[] key, int keyLen, byte[] digest, int digestOffset)
    Calculates the digest given the its offset in the handshake data.
    void
    calculateHMAC_SHA256(byte[] message, int messageOffset, int messageLen, byte[] key, int keyLen, byte[] digest, int digestOffset)
    Calculates an HMAC SHA256 hash into the digest at the given offset.
    void
    calculateSwfVerification(byte[] handshakeMessage, byte[] swfHash, int swfSize)
    Calculates the swf verification token.
    protected abstract void
    createHandshakeBytes()
    Create the initial bytes for a request / response.
    protected KeyPair
    generateKeyPair()
    Creates a Diffie-Hellman key pair.
    void
    getBlowfishSignature(byte[] array, int offset, int keyId)
    RTMPE type 9 uses Blowfish on the regular signature http://en.wikipedia.org/wiki/Blowfish_(cipher)
    Cipher
    getCipherIn()
    Returns the contained handshake bytes.
    Cipher
    getCipherOut()
    Gets the DH offset in the handshake bytes array based on validation scheme Generates DH keypair Adds public key to handshake bytes
    int
    getDHOffset(int algorithm, byte[] handshake, int bufferOffset)
    Returns the DH offset from an array of bytes.
    protected int
    getDHOffset1(byte[] handshake, int bufferOffset)
    Returns the DH byte offset.
    protected int
    getDHOffset2(byte[] handshake, int bufferOffset)
    Returns the DH byte offset.
    int
    getDigestOffset(int algorithm, byte[] handshake, int bufferOffset)
    Returns the digest offset using current validation scheme.
    protected int
    getDigestOffset1(byte[] handshake, int bufferOffset)
    Returns a digest byte offset.
    protected int
    getDigestOffset2(byte[] handshake, int bufferOffset)
    Returns a digest byte offset.
    byte
    getHandshakeType()
    Returns the handshake type.
    protected byte[]
    getPublicKey(KeyPair keyPair)
    Returns the public key for a given key pair.
    protected byte[]
    getSharedSecret(byte[] publicKeyBytes, KeyAgreement agreement)
    Determines the validation scheme for given input.
    byte[]
    getSwfVerificationBytes()
    Returns the SWF verification bytes.
    void
    getXteaSignature(byte[] array, int offset, int keyId)
    RTMPE type 8 uses XTEA on the regular signature http://en.wikipedia.org/wiki/XTEA
    protected void
    initBlowfishEncryption(int keyId)
    initBlowfishEncryption.
    protected void
    initRC4Encryption(byte[] sharedSecret)
    Prepare the ciphers.
    protected void
    initXteaEncryption(int keyId)
    initXteaEncryption.
    void
    setHandshakeType(byte handshakeType)
    Sets the handshake type.
    boolean
    useEncryption()
    Whether or not encryptions is in use.
    abstract boolean
    validate(byte[] handshake)
    Determines the validation scheme for given input.
    static final boolean
    validHandshakeType(byte handshakeType)
    Returns whether or not a given handshake type is valid.
    boolean
    verifyDigest(int digestPos, byte[] handshakeMessage, byte[] key, int keyLen)
    Verifies the digest.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    Methods inherited from interface org.red5.server.net.IHandshake

    doHandshake

  • Field Details

    • log

      protected org.slf4j.Logger log

    • HANDSHAKE_TYPES

      public static final String[] HANDSHAKE_TYPES
      Constant HANDSHAKE_TYPES

    • GENUINE_FMS_KEY

      public static final byte[] GENUINE_FMS_KEY
      Constant GENUINE_FMS_KEY

    • GENUINE_FP_KEY

      public static final byte[] GENUINE_FP_KEY
      Constant GENUINE_FP_KEY

    • DH_MODULUS_BYTES

      protected static final byte[] DH_MODULUS_BYTES
      "Second Oakley Default Group" from RFC2409, section 6.2.

    • XTEA_KEYS

      protected static final byte[][] XTEA_KEYS
      XTEA keys for RTMPE (RTMP type 0x08) - 16 x 16 (little endian)

    • BLOWFISH_KEYS

      protected static final byte[][] BLOWFISH_KEYS
      Blowfish keys for RTMPE (RTMP type 0x09) - 16 x 24

    • DH_MODULUS

      protected static final BigInteger DH_MODULUS
      Constant DH_MODULUS

    • DH_BASE

      protected static final BigInteger DH_BASE
      Constant DH_BASE

    • DIGEST_LENGTH

      protected static final int DIGEST_LENGTH
      Constant DIGEST_LENGTH=32
      See Also:

    • KEY_LENGTH

      protected static final int KEY_LENGTH
      Constant KEY_LENGTH=128
      See Also:

    • random

      protected static final Random random
      Constant random

    • keyAgreement

      protected KeyAgreement keyAgreement

    • cipherOut

      protected Cipher cipherOut

    • cipherIn

      protected Cipher cipherIn

    • xtea

      protected org.bouncycastle.crypto.engines.XTEAEngine xtea

    • blowfish

      protected org.bouncycastle.crypto.engines.BlowfishEngine blowfish

    • handshakeType

      protected byte handshakeType

    • handshakeBytes

      protected byte[] handshakeBytes

    • incomingPublicKey

      protected byte[] incomingPublicKey

    • outgoingPublicKey

      protected byte[] outgoingPublicKey

    • swfSize

      protected int swfSize

    • swfVerificationBytes

      protected byte[] swfVerificationBytes

    • algorithm

      protected int algorithm

    • fp9Handshake

      protected boolean fp9Handshake

  • Constructor Details

    • RTMPHandshake

      public RTMPHandshake()

      Constructor for RTMPHandshake.

    • RTMPHandshake

      public RTMPHandshake(byte handshakeType)

      Constructor for RTMPHandshake.

      Parameters:
      handshakeType - a byte

  • Method Details

    • initRC4Encryption

      protected void initRC4Encryption(byte[] sharedSecret)
      Prepare the ciphers.
      Parameters:
      sharedSecret - shared secret byte sequence

    • initXteaEncryption

      protected void initXteaEncryption(int keyId)

      initXteaEncryption.

      Parameters:
      keyId - a int

    • initBlowfishEncryption

      protected void initBlowfishEncryption(int keyId)

      initBlowfishEncryption.

      Parameters:
      keyId - a int

    • generateKeyPair

      protected KeyPair generateKeyPair()
      Creates a Diffie-Hellman key pair.
      Returns:
      dh keypair

    • getPublicKey

      protected byte[] getPublicKey(KeyPair keyPair)
      Returns the public key for a given key pair.
      Parameters:
      keyPair - key pair
      Returns:
      public key

    • getSharedSecret

      protected byte[] getSharedSecret(byte[] publicKeyBytes, KeyAgreement agreement)
      Determines the validation scheme for given input.
      Parameters:
      publicKeyBytes - public key bytes
      agreement - key agreement
      Returns:
      shared secret bytes if client used a supported validation scheme

    • createHandshakeBytes

      protected abstract void createHandshakeBytes()
      Create the initial bytes for a request / response.

    • validate

      public abstract boolean validate(byte[] handshake)
      Determines the validation scheme for given input.
      Specified by:
      validate in interface IHandshake
      Parameters:
      handshake - handshake byte sequence
      Returns:
      true if its a supported validation scheme, false if unsupported

    • calculateDigest

      public void calculateDigest(int digestPos, byte[] handshakeMessage, int handshakeOffset, byte[] key, int keyLen, byte[] digest, int digestOffset)
      Calculates the digest given the its offset in the handshake data.
      Parameters:
      digestPos - digest position
      handshakeMessage - handshake message
      handshakeOffset - handshake message offset
      key - contains the key
      keyLen - the length of the key
      digest - contains the calculated digest
      digestOffset - digest offset

    • verifyDigest

      public boolean verifyDigest(int digestPos, byte[] handshakeMessage, byte[] key, int keyLen)
      Verifies the digest.
      Parameters:
      digestPos - digest position
      handshakeMessage - handshake message
      key - contains the key
      keyLen - the length of the key
      Returns:
      true if valid and false otherwise

    • calculateHMAC_SHA256

      public void calculateHMAC_SHA256(byte[] message, int messageOffset, int messageLen, byte[] key, int keyLen, byte[] digest, int digestOffset)
      Calculates an HMAC SHA256 hash into the digest at the given offset.
      Parameters:
      message - incoming bytes
      messageOffset - message offset
      messageLen - message length
      key - incoming key bytes
      keyLen - the length of the key
      digest - contains the calculated digest
      digestOffset - digest offset

    • calculateSwfVerification

      public void calculateSwfVerification(byte[] handshakeMessage, byte[] swfHash, int swfSize)
      Calculates the swf verification token.
      Parameters:
      handshakeMessage - servers handshake bytes
      swfHash - hash of swf
      swfSize - size of swf

    • getDHOffset

      public int getDHOffset(int algorithm, byte[] handshake, int bufferOffset)
      Returns the DH offset from an array of bytes.
      Parameters:
      algorithm - validation algorithm
      handshake - handshake sequence
      bufferOffset - buffer offset
      Returns:
      DH offset

    • getDHOffset1

      protected int getDHOffset1(byte[] handshake, int bufferOffset)
      Returns the DH byte offset.
      Parameters:
      handshake - handshake sequence
      bufferOffset - buffer offset
      Returns:
      dh offset

    • getDHOffset2

      protected int getDHOffset2(byte[] handshake, int bufferOffset)
      Returns the DH byte offset.
      Parameters:
      handshake - handshake sequence
      bufferOffset - buffer offset
      Returns:
      dh offset

    • getDigestOffset

      public int getDigestOffset(int algorithm, byte[] handshake, int bufferOffset)
      Returns the digest offset using current validation scheme.
      Parameters:
      algorithm - validation algorithm
      handshake - handshake sequence
      bufferOffset - buffer offset
      Returns:
      digest offset

    • getDigestOffset1

      protected int getDigestOffset1(byte[] handshake, int bufferOffset)
      Returns a digest byte offset.
      Parameters:
      handshake - handshake sequence
      bufferOffset - buffer offset
      Returns:
      digest offset

    • getDigestOffset2

      protected int getDigestOffset2(byte[] handshake, int bufferOffset)
      Returns a digest byte offset.
      Parameters:
      handshake - handshake sequence
      bufferOffset - buffer offset
      Returns:
      digest offset

    • getXteaSignature

      public void getXteaSignature(byte[] array, int offset, int keyId)
      RTMPE type 8 uses XTEA on the regular signature http://en.wikipedia.org/wiki/XTEA
      Parameters:
      array - array to get signature
      offset - offset to start from
      keyId - a int

    • getBlowfishSignature

      public void getBlowfishSignature(byte[] array, int offset, int keyId)
      RTMPE type 9 uses Blowfish on the regular signature http://en.wikipedia.org/wiki/Blowfish_(cipher)
      Parameters:
      array - array to get signature
      offset - offset to start from
      keyId - index of Blowfish key

    • validHandshakeType

      public static final boolean validHandshakeType(byte handshakeType)
      Returns whether or not a given handshake type is valid.
      Parameters:
      handshakeType - the type of handshake
      Returns:
      true if valid and supported, false otherwise

    • useEncryption

      public boolean useEncryption()
      Whether or not encryptions is in use.
      Specified by:
      useEncryption in interface IHandshake
      Returns:
      true if handshake type is an encrypted type, false otherwise

    • setHandshakeType

      public void setHandshakeType(byte handshakeType)
      Sets the handshake type. Currently only two types are supported, plain and encrypted.
      Parameters:
      handshakeType - handshake type

    • getHandshakeType

      public byte getHandshakeType()
      Returns the handshake type.
      Returns:
      handshakeType

    • getCipherOut

      public Cipher getCipherOut()
      Gets the DH offset in the handshake bytes array based on validation scheme Generates DH keypair Adds public key to handshake bytes
      Returns:
      cipher

    • getCipherIn

      public Cipher getCipherIn()
      Returns the contained handshake bytes. These are just random bytes if the player is using an non-versioned player.
      Returns:
      cipher

    • getSwfVerificationBytes

      public byte[] getSwfVerificationBytes()
      Returns the SWF verification bytes.
      Returns:
      swf verification bytes