private ISigner GetSigner(TSignatureAlgorithm signatureAlgorithm, THashAlgorithm hashAlgorithm, AsymmetricKeyParameter serverPrivateKey)
{
ISigner result = null;
switch (signatureAlgorithm)
{
case TSignatureAlgorithm.Anonymous:
break;
case TSignatureAlgorithm.RSA:
break;
case TSignatureAlgorithm.DSA:
break;
case TSignatureAlgorithm.ECDSA:
result = new DsaDigestSigner(new ECDsaSigner(), GetDigest(hashAlgorithm));
break;
default:
break;
}
result.Init(true, serverPrivateKey);
//result.Init(true, new ParametersWithRandom(serverPrivateKey, this.mContext.SecureRandom));
return(result);
}
public CipherSuite(TCipherSuite cipherSuite, TKeyExchangeAlgorithm keyExchangeAlgorithm, TSignatureAlgorithm signatureAlgorithm, Version minVersion, TPseudorandomFunction prf)
{
Suite = cipherSuite;
KeyExchangeAlgorithm = keyExchangeAlgorithm;
SignatureAlgorithm = signatureAlgorithm;
MinVersion = minVersion;
PRF = prf;
}
public CipherSuite(TCipherSuite cipherSuite, TKeyExchangeAlgorithm keyExchangeAlgorithm, TSignatureAlgorithm signatureAlgorithm, Version minVersion,TPseudorandomFunction prf)
{
Suite = cipherSuite;
KeyExchangeAlgorithm = keyExchangeAlgorithm;
SignatureAlgorithm = signatureAlgorithm;
MinVersion = minVersion;
PRF = prf;
}
public CipherSuite(TCipherSuite cipherSuite, TKeyExchangeAlgorithm keyExchangeAlgorithm,
TSignatureAlgorithm signatureAlgorithm, Version minVersion, TPseudorandomFunction prf)
{
this.Suite = cipherSuite;
this.KeyExchangeAlgorithm = keyExchangeAlgorithm;
this.SignatureAlgorithm = signatureAlgorithm;
this.MinVersion = minVersion ?? throw new ArgumentNullException(nameof(minVersion));
this.PRF = prf;
}
public static TSignatureAlgorithm GetSignatureAlgorithm(TCipherSuite cipherSuite)
{
TSignatureAlgorithm result = TSignatureAlgorithm.Anonymous;
CipherSuite suite;
if (_CipherSuites.TryGetValue(cipherSuite, out suite))
{
result = suite.SignatureAlgorithm;
}
return(result);
}
public static CertificateRequest Deserialise(Stream stream, Version version)
{
CertificateRequest result = new CertificateRequest();
int certificateTypeCount = stream.ReadByte();
if (certificateTypeCount > 0)
{
for (int index = 0; index < certificateTypeCount; index++)
{
result.CertificateTypes.Add((TClientCertificateType)stream.ReadByte());
}
}
if (version >= DTLSRecord.Version1_2)
{
ushort length = NetworkByteOrderConverter.ToUInt16(stream);
ushort supportedAlgorithmsLength = (ushort)(length / 2);
if (supportedAlgorithmsLength > 0)
{
for (uint index = 0; index < supportedAlgorithmsLength; index++)
{
THashAlgorithm hash = (THashAlgorithm)stream.ReadByte();
TSignatureAlgorithm signature = (TSignatureAlgorithm)stream.ReadByte();
result.SupportedAlgorithms.Add(new SignatureHashAlgorithm()
{
Hash = hash, Signature = signature
});
}
}
}
ushort certificateAuthoritiesLength = NetworkByteOrderConverter.ToUInt16(stream);
if (certificateAuthoritiesLength > 0)
{
int read = 0;
while (certificateAuthoritiesLength > read)
{
ushort distinguishedNameLength = NetworkByteOrderConverter.ToUInt16(stream);
read += (2 + distinguishedNameLength);
byte[] distinguishedName = new byte[distinguishedNameLength];
stream.Read(distinguishedName, 0, distinguishedNameLength);
result.CertificateAuthorities.Add(distinguishedName);
}
}
return(result);
}
public static CertificateVerify Deserialise(Stream stream, Version version)
{
CertificateVerify result = new CertificateVerify();
THashAlgorithm hash = (THashAlgorithm)stream.ReadByte();
TSignatureAlgorithm signature = (TSignatureAlgorithm)stream.ReadByte();
result.SignatureHashAlgorithm = new SignatureHashAlgorithm()
{
Hash = hash, Signature = signature
};
ushort length = NetworkByteOrderConverter.ToUInt16(stream);
if (length > 0)
{
result.Signature = new byte[length];
stream.Read(result.Signature, 0, length);
}
return(result);
}
public ECDHEServerKeyExchange(ECDHEKeyExchange keyExchange, THashAlgorithm hashAlgorithm, TSignatureAlgorithm signatureAlgorithm, AsymmetricKeyParameter serverPrivateKey)
{
_EllipticCurveType = TEllipticCurveType.NamedCurve;
_EllipticCurve = keyExchange.Curve;
_HashAlgorithm = hashAlgorithm;
_SignatureAlgorithm = signatureAlgorithm;
System.IO.MemoryStream stream = new System.IO.MemoryStream();
stream.WriteByte((byte)_EllipticCurveType);
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)_EllipticCurve);
byte[] pointEncoded = keyExchange.PublicKey.Q.GetEncoded(false);
stream.WriteByte((byte)pointEncoded.Length);
stream.Write(pointEncoded, 0, pointEncoded.Length);
_ServerParams = stream.ToArray();
//IDigest hashMD5 = GetDigest(THashAlgorithm.MD5);
//IDigest hashSHA = GetDigest(THashAlgorithm.SHA1);
//int size = hashMD5.GetDigestSize();
//byte[] hash = new byte[size + hashSHA.GetDigestSize()];
//hashMD5.BlockUpdate(clientRandom.RandomBytes, 0, clientRandom.RandomBytes.Length);
//hashMD5.BlockUpdate(serverRandom.RandomBytes, 0, serverRandom.RandomBytes.Length);
//hashMD5.BlockUpdate(_ServerParams, 0, _ServerParams.Length);
//hashMD5.DoFinal(hash, 0);
//hashSHA.BlockUpdate(clientRandom.RandomBytes, 0, clientRandom.RandomBytes.Length);
//hashSHA.BlockUpdate(serverRandom.RandomBytes, 0, serverRandom.RandomBytes.Length);
//hashSHA.BlockUpdate(_ServerParams, 0, _ServerParams.Length);
//hashSHA.DoFinal(hash, size);
//ISigner signer = GetSigner(signatureAlgorithm, THashAlgorithm.None, serverPrivateKey);
//signer.BlockUpdate(hash, 0, hash.Length);
//_Signature = signer.GenerateSignature();
ISigner signer = GetSigner(signatureAlgorithm, hashAlgorithm, serverPrivateKey);
byte[] clientRandomBytes = keyExchange.ClientRandom.Serialise();
byte[] serverRandomBytes = keyExchange.ServerRandom.Serialise();
signer.BlockUpdate(clientRandomBytes, 0, clientRandomBytes.Length);
signer.BlockUpdate(serverRandomBytes, 0, serverRandomBytes.Length);
signer.BlockUpdate(_ServerParams, 0, _ServerParams.Length);
_Signature = signer.GenerateSignature();
}
public static SignatureAlgorithmsExtension Deserialise(Stream stream)
{
SignatureAlgorithmsExtension result = new SignatureAlgorithmsExtension();
ushort length = NetworkByteOrderConverter.ToUInt16(stream);
ushort supportedAlgorithmsLength = (ushort)(length / 2);
if (supportedAlgorithmsLength > 0)
{
for (uint index = 0; index < supportedAlgorithmsLength; index++)
{
THashAlgorithm hash = (THashAlgorithm)stream.ReadByte();
TSignatureAlgorithm signature = (TSignatureAlgorithm)stream.ReadByte();
result.SupportedAlgorithms.Add(new SignatureHashAlgorithm()
{
Hash = hash, Signature = signature
});
}
}
return(result);
}
private ISigner GetSigner(TSignatureAlgorithm signatureAlgorithm, THashAlgorithm hashAlgorithm, AsymmetricKeyParameter serverPrivateKey)
{
ISigner result = null;
switch (signatureAlgorithm)
{
case TSignatureAlgorithm.Anonymous:
break;
case TSignatureAlgorithm.RSA:
break;
case TSignatureAlgorithm.DSA:
break;
case TSignatureAlgorithm.ECDSA:
result = new DsaDigestSigner(new ECDsaSigner(), GetDigest(hashAlgorithm));
break;
default:
break;
}
result.Init(true, serverPrivateKey);
//result.Init(true, new ParametersWithRandom(serverPrivateKey, this.mContext.SecureRandom));
return result;
}
public ECDHEServerKeyExchange(ECDHEKeyExchange keyExchange, THashAlgorithm hashAlgorithm, TSignatureAlgorithm signatureAlgorithm, AsymmetricKeyParameter serverPrivateKey)
{
_EllipticCurveType = TEllipticCurveType.NamedCurve;
_EllipticCurve = keyExchange.Curve;
_HashAlgorithm = hashAlgorithm;
_SignatureAlgorithm = signatureAlgorithm;
System.IO.MemoryStream stream = new System.IO.MemoryStream();
stream.WriteByte((byte)_EllipticCurveType);
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)_EllipticCurve);
byte[] pointEncoded = keyExchange.PublicKey.Q.GetEncoded(false);
stream.WriteByte((byte)pointEncoded.Length);
stream.Write(pointEncoded, 0, pointEncoded.Length);
_ServerParams = stream.ToArray();
//IDigest hashMD5 = GetDigest(THashAlgorithm.MD5);
//IDigest hashSHA = GetDigest(THashAlgorithm.SHA1);
//int size = hashMD5.GetDigestSize();
//byte[] hash = new byte[size + hashSHA.GetDigestSize()];
//hashMD5.BlockUpdate(clientRandom.RandomBytes, 0, clientRandom.RandomBytes.Length);
//hashMD5.BlockUpdate(serverRandom.RandomBytes, 0, serverRandom.RandomBytes.Length);
//hashMD5.BlockUpdate(_ServerParams, 0, _ServerParams.Length);
//hashMD5.DoFinal(hash, 0);
//hashSHA.BlockUpdate(clientRandom.RandomBytes, 0, clientRandom.RandomBytes.Length);
//hashSHA.BlockUpdate(serverRandom.RandomBytes, 0, serverRandom.RandomBytes.Length);
//hashSHA.BlockUpdate(_ServerParams, 0, _ServerParams.Length);
//hashSHA.DoFinal(hash, size);
//ISigner signer = GetSigner(signatureAlgorithm, THashAlgorithm.None, serverPrivateKey);
//signer.BlockUpdate(hash, 0, hash.Length);
//_Signature = signer.GenerateSignature();
ISigner signer = GetSigner(signatureAlgorithm, hashAlgorithm, serverPrivateKey);
byte[] clientRandomBytes = keyExchange.ClientRandom.Serialise();
byte[] serverRandomBytes = keyExchange.ServerRandom.Serialise();
signer.BlockUpdate(clientRandomBytes, 0, clientRandomBytes.Length);
signer.BlockUpdate(serverRandomBytes, 0, serverRandomBytes.Length);
signer.BlockUpdate(_ServerParams, 0, _ServerParams.Length);
_Signature = signer.GenerateSignature();
}
